TW201933171A - Card reading transaction system and method for operating a card reading transaction system - Google Patents

Card reading transaction system and method for operating a card reading transaction system Download PDF

Info

Publication number
TW201933171A
TW201933171A TW107140498A TW107140498A TW201933171A TW 201933171 A TW201933171 A TW 201933171A TW 107140498 A TW107140498 A TW 107140498A TW 107140498 A TW107140498 A TW 107140498A TW 201933171 A TW201933171 A TW 201933171A
Authority
TW
Taiwan
Prior art keywords
transaction
message
card reader
card
confirmation message
Prior art date
Application number
TW107140498A
Other languages
Chinese (zh)
Other versions
TWI722333B (en
Inventor
王鏗又
Original Assignee
澧達科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 澧達科技股份有限公司 filed Critical 澧達科技股份有限公司
Priority to US16/244,053 priority Critical patent/US10685192B2/en
Priority to CN201910029081.0A priority patent/CN110070356B/en
Priority to JP2019004245A priority patent/JP6748239B2/en
Publication of TW201933171A publication Critical patent/TW201933171A/en
Application granted granted Critical
Publication of TWI722333B publication Critical patent/TWI722333B/en

Links

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A card reading transaction system includes a transaction control device, an intermediate server, a smart card server, an internet dongle, and a card reader. The transaction control device transmits a first transaction message according to a transaction type and a transaction amount. The intermediate server generates a transaction request message according to the first transaction message. The smart card server generates a transaction confirmation message according to the transaction request message. A smart card transaction application interface of the intermediate server generates a first card reader operation message according to the transaction confirmation message. An intermediate application interface of the intermediate server converts a transmission format of the first card reader operation message to generate a second card reader operation message. The internet dongle receives the second card reader operation message through internet and converts a transmission format of the second card reader operation message to generate a third card reader operation message for the card reader to debit or credit the transaction amount.

Description

讀卡交易系統及操作讀卡交易系統的方法Card reading transaction system and method of operating card reading transaction system

本發明是有關於一種讀卡交易系統,特別是指一種能夠利用中介伺服器來簡化用戶端所需硬體的讀卡交易系統。The present invention relates to a card reading transaction system, and more particularly to a card reading transaction system capable of utilizing an intermediary server to simplify the hardware required by the client.

無紙化的交易模式雖然為消費者提供了方便的選擇,然而對於許多商家而言,為了提供各種不同的無紙化交易,諸如信用卡、智慧卡(悠遊卡)或行動支付…等等,常需要透過不同的電子設備來與提供服務的金融業者連線。由於設備裝置需要負擔額外的成本,並且需要向金融業者提出申請,因此造成商家的不便。The paperless trading model provides consumers with convenient choices, but for many merchants, in order to provide a variety of different paperless transactions, such as credit cards, smart cards (free cards) or mobile payments, etc., often There is a need to connect to financial services providers who provide services through different electronic devices. Since the equipment device needs to bear additional costs and needs to apply to the financial industry, it is inconvenient for the merchant.

舉例來說,在先前技術中,為了提供智慧卡,例如悠遊卡或一卡通的交易服務,商家除了需設置讀卡機之外,還需要向提供金融服務的業者申請能夠與其交易伺服器連線的銷售裝置。銷售裝置可與遠端的金融伺服器提出交易請求,並在交易請求確認後,控制讀卡機來對智慧卡進行扣款或加值。也就是說,商家必須透過金融業者所提供的銷售裝置來連線到交易伺服器,以完成交易,因此在使用上較無彈性。For example, in the prior art, in order to provide a smart card, such as a leisure card or a card transaction service, in addition to setting a card reader, a merchant needs to apply to a provider providing financial services to connect with a transaction server. Sales device. The sales device can make a transaction request with the remote financial server, and after the transaction request is confirmed, control the card reader to debit or add value to the smart card. That is to say, the merchant must connect to the transaction server through the sales device provided by the financial industry to complete the transaction, so it is less flexible in use.

本發明之一實施例提供一種讀卡交易系統,讀卡交易系統包含交易控制裝置、一中介伺服器、一智慧卡伺服器、一連網轉換器及一讀卡機。An embodiment of the present invention provides a card reading transaction system, which includes a transaction control device, an intermediary server, a smart card server, a network converter, and a card reader.

交易控制裝置根據指定交易類型及指定交易金額傳送對應之第一交易訊息。中介伺服器包含智慧卡交易程式介面及中介程式介面。智慧卡交易程式介面根據第一交易訊息產生交易請求訊息。The transaction control device transmits the corresponding first transaction message according to the specified transaction type and the specified transaction amount. The mediation server includes a smart card transaction program interface and an intermediary program interface. The smart card transaction program interface generates a transaction request message based on the first transaction message.

在進行驗證後,智慧卡伺服器根據交易請求訊息產生交易確認訊息至中介伺服器。智慧卡交易程式介面在接收到交易確認訊息後,根據交易確認訊息產生第一讀卡機操作訊息,中介程式介面轉換第一讀卡機操作訊息之傳輸格式以產生第二讀卡機操作訊息,並經由網際網路傳送第二讀卡機操作訊息。After verification, the smart card server generates a transaction confirmation message to the mediation server based on the transaction request message. After receiving the transaction confirmation message, the smart card transaction program interface generates a first card reader operation message according to the transaction confirmation message, and the intermediary program interface converts the transmission format of the first card reader operation message to generate a second card reader operation message. And transmitting the second card reader operation message via the Internet.

連網轉換器接收第二讀卡機操作訊息,並轉換第二讀卡機操作訊息之傳輸格式以產生第三讀卡機操作訊息。讀卡機根據第三讀卡機操作訊息對位於讀卡機之有效距離內之智慧卡執行扣款操作或加值操作。The network converter receives the second card reader operation message and converts the transmission format of the second card reader operation message to generate a third card reader operation message. The card reader performs a deduction operation or a value-adding operation on the smart card located within the effective distance of the card reader according to the third card reader operation message.

本發明之另一實施例提供一種操作讀卡交易系統的方法,讀卡交易系統包含交易控制裝置、中介伺服器、智慧卡伺服器、連網轉換器及讀卡機,中介伺服器包含中介程式介面及智慧卡交易程式介面。Another embodiment of the present invention provides a method for operating a card reading transaction system. The card reading transaction system includes a transaction control device, an intermediary server, a smart card server, a network converter, and a card reader. The mediation server includes an intermediary program. Interface and smart card trading program interface.

操作讀卡交易系統的方法包含交易控制裝置根據指定交易類型及指定交易金額傳送對應之第一交易訊息,智慧卡交易程式介面根據第一交易訊息產生交易請求訊息,在進行驗證後,智慧卡伺服器根據交易請求訊息產生交易確認訊息至中介伺服器,在接收到交易確認訊息後,智慧卡交易程式介面根據交易確認訊息產生第一讀卡機操作訊息,中介程式介面轉換第一讀卡機操作訊息之傳輸格式以產生第二讀卡機操作訊息,中介程式介面經由網際網路傳送第二讀卡機操作訊息,接收第二讀卡機操作訊息後,連網轉換器轉換第二讀卡機操作訊息之傳輸格式以產生第三讀卡機操作訊息,及讀卡機根據第三讀卡機操作訊息對位於讀卡機之有效距離內的智慧卡執行扣款操作或加值操作。The method for operating the card reading transaction system comprises the transaction control device transmitting the corresponding first transaction message according to the specified transaction type and the specified transaction amount, and the smart card transaction program interface generates the transaction request message according to the first transaction message, and after the verification, the smart card servo The device generates a transaction confirmation message according to the transaction request message to the mediation server. After receiving the transaction confirmation message, the smart card transaction program interface generates the first card reader operation message according to the transaction confirmation message, and the intermediary program interface converts the first card reader operation. The transmission format of the message is to generate a second card reader operation message, the intermediary program interface transmits the second card reader operation message via the Internet, and after receiving the second card reader operation message, the network converter converts the second card reader The transmission format of the operation message is to generate a third card reader operation message, and the card reader performs a deduction operation or a value-adding operation on the smart card located within the effective distance of the card reader according to the third card reader operation message.

第1圖為本發明一實施例之讀卡交易系統100的示意圖。讀卡交易系統100包含交易控制裝置110、連網轉換器120、讀卡機130、中介伺服器140及智慧卡伺服器150。1 is a schematic diagram of a card reading transaction system 100 in accordance with an embodiment of the present invention. The card reading transaction system 100 includes a transaction control device 110, a network converter 120, a card reader 130, an intermediary server 140, and a smart card server 150.

交易控制裝置110可例如為智慧型手機、平板電腦或銷售時點情報系統(point of sale,POS)。使用者可以透過交易控制裝置110來指定交易類型和交易金額,而交易控制裝置110則可根據使用者所選擇的指定交易類型及指定交易金額傳送對應之第一交易訊息A1。The transaction control device 110 can be, for example, a smart phone, a tablet, or a point of sale (POS). The user can specify the transaction type and the transaction amount through the transaction control device 110, and the transaction control device 110 can transmit the corresponding first transaction message A1 according to the specified transaction type selected by the user and the specified transaction amount.

中介伺服器140包含智慧卡交易程式介面142及中介程式介面144。智慧卡交易程式介面142可根據第一交易訊息A1產生交易請求訊息B1並傳送至智慧卡伺服器150。在本發明的部分實施例中,交易控制裝置110可事先在中介伺服器140上進行登記,並透過與中介伺服器140相容的介面及傳輸格式傳送第一交易訊息A1。舉例來說,交易控制裝置110可以透過開啟對應的交易應用程式頁面來連線到中介伺服器140,並可透過事先登記註冊的帳號密碼進行登入,以確保交易訊息的真實性及安全性。在本發明的部分實施例中,中介伺服器140還可包含其他的安全機制來濾除網路上的雜訊和攻擊,例如中介伺服器140可設置非軍事區(Demilitarized Zone,DMZ),並可利用錯誤檢測碼(Error Detection Code,EDC)及錯誤修正碼(Error Correction Code,ECC)來確保網路通訊的安全性及穩定性。The mediation server 140 includes a smart card transaction program interface 142 and an intermediary interface 144. The smart card transaction program interface 142 can generate a transaction request message B1 according to the first transaction message A1 and transmit it to the smart card server 150. In some embodiments of the present invention, the transaction control device 110 may register on the mediation server 140 in advance and transmit the first transaction message A1 through an interface and transmission format compatible with the mediation server 140. For example, the transaction control device 110 can connect to the mediation server 140 by opening the corresponding transaction application page, and can log in through the previously registered account password to ensure the authenticity and security of the transaction message. In some embodiments of the present invention, the mediation server 140 may also include other security mechanisms to filter out noise and attacks on the network. For example, the mediation server 140 may be configured with a demilitarized zone (DMZ). Use Error Detection Code (EDC) and Error Correction Code (ECC) to ensure the security and stability of network communication.

智慧卡伺服器150為提供智慧卡金融服務的伺服器。智慧卡伺服器150在進行驗證後,便可根據交易請求訊息B1產生交易確認訊息C1至中介伺服器140。也就是說,在先前技術中,須由店家向金融業者申請取得連線裝置之後才能夠連線到智慧卡伺服器150以確認交易進行,然而在讀卡交易系統100中,店家僅需在線上向中介伺服器140進行註冊登入,就能夠透過中介伺服器140中的智慧卡交易程式介面142連線到智慧卡伺服器150來進行交易,而無須額外設置硬體。The smart card server 150 is a server that provides smart card financial services. After the smart card server 150 performs verification, the transaction confirmation message C1 can be generated based on the transaction request message B1 to the mediation server 140. That is to say, in the prior art, the store owner must apply to obtain the connection device from the financial institution before being able to connect to the smart card server 150 to confirm the transaction proceeding. However, in the card reading transaction system 100, the store only needs to go online. When the intermediary server 140 performs registration and login, the smart card transaction program interface 142 in the mediation server 140 can be connected to the smart card server 150 for transaction without additional hardware.

當智慧卡交易程式介面142接收到交易確認訊息C1後,便可根據交易確認訊息C1產生第一讀卡機操作訊息D1,以使讀卡機130能夠執行對應的扣款或加值操作。在本發明的部分實施例中,由於智慧卡交易程式介面142須與智慧卡伺服器150相容,因此其輸入資訊及輸出資訊的格式有所限制。為了能夠以網際網路傳輸讀卡機的操作訊息,中介程式介面144可轉換第一讀卡機操作訊息D1的傳輸格式以產生第二讀卡機操作訊息D2,並經由網際網路傳送第二讀卡機操作訊息D2。After the smart card transaction program interface 142 receives the transaction confirmation message C1, the first card reader operation message D1 can be generated according to the transaction confirmation message C1, so that the card reader 130 can perform the corresponding deduction or value-adding operation. In some embodiments of the present invention, since the smart card transaction program interface 142 is compatible with the smart card server 150, the format of the input information and the output information is limited. In order to transmit the operation information of the card reader through the Internet, the mediation interface 144 can convert the transmission format of the first card reader operation message D1 to generate the second card reader operation message D2, and transmit the second message via the Internet. The card reader operates message D2.

連網轉換器120可接收第二讀卡機操作訊息D2,並轉換第二讀卡機操作訊息D2之傳輸格式以產生第三讀卡機操作訊息D3,使得讀卡機130能夠根據第三讀卡機操作訊息D3對位於讀卡機130之一有效距離內的智慧卡S1執行扣款操作或加值操作。在本發明的部分實施例中,智慧卡S1可包含電子標籤及對應線路,讀卡機130能夠以非接觸式的方式,例如近場通訊(Near Field Communication,NFC)的通訊標準對智慧卡S1進行讀寫操作,舉例來說,智慧卡S1可例如悠遊卡及一卡通。The network converter 120 can receive the second card reader operation message D2 and convert the transmission format of the second card reader operation message D2 to generate a third card reader operation message D3, so that the card reader 130 can be read according to the third reading. The card machine operation message D3 performs a deduction operation or a value-adding operation on the smart card S1 located within an effective distance of one of the card readers 130. In some embodiments of the present invention, the smart card S1 may include an electronic tag and a corresponding line, and the card reader 130 can contact the smart card S1 in a contactless manner, such as a near field communication (NFC) communication standard. For reading and writing operations, for example, the smart card S1 can be, for example, a leisure card and a card.

也就是說,連網轉換器120可例如為物聯網(Internet of thing,IoT)系統中,使電器具有連網功能的無線網路模組(Wi-Fi dongle)。如此一來,透過連網轉換器120就能夠讓中介伺服器140以遠端的方式控制讀卡機130。在本發明的部分實施例中,讀卡機130與連網轉換器120之間可利用美國電子工業聯盟的推薦標準RS232來進行傳輸訊息,在此情況下,連網轉換器120便須將以封包格式傳輸的第二讀卡機操作訊息D2轉換為支援RS232傳輸標準的第三讀卡機操作訊息D3。That is to say, the network converter 120 can be, for example, an Internet of Things (IoT) system, and a wireless network module (Wi-Fi dongle) that enables the appliance to have a networking function. In this way, the mediation server 140 can be used to control the card reader 130 in a remote manner. In some embodiments of the present invention, the card reader 130 and the network converter 120 can transmit information using the recommended standard RS232 of the American Electronics Industry Association. In this case, the network converter 120 must be The second card reader operation message D2 transmitted in the packet format is converted into a third card reader operation message D3 supporting the RS232 transmission standard.

在執行扣款操作或加值操作完成後,讀卡機130可傳送第一操作確認訊息E1。連網轉換器120在接收第一操作確認訊息E1後,可轉換第一操作確認訊息E1之傳輸格式以產生第二操作確認訊息E2,並經由網際網路傳送第二操作確認訊息E2。中介程式介面144在接收第二操作確認訊息E2後,可轉換第二操作確認訊息E2之傳輸格式以產生第三操作確認訊息E3,使得智慧卡交易程式介面142得以解析第三操作確認訊息,並確認交易完成。After the execution of the deduction operation or the value-adding operation is completed, the card reader 130 may transmit the first operation confirmation message E1. After receiving the first operation confirmation message E1, the network converter 120 may convert the transmission format of the first operation confirmation message E1 to generate a second operation confirmation message E2, and transmit the second operation confirmation message E2 via the Internet. After receiving the second operation confirmation message E2, the mediation interface 144 can convert the transmission format of the second operation confirmation message E2 to generate a third operation confirmation message E3, so that the smart card transaction program interface 142 can parse the third operation confirmation message, and Confirm that the transaction is complete.

在本發明的部分實施例中,中介伺服器140還可包含記憶體146。中介伺服器140可將交易紀錄儲存於記憶體146中,以供日後查詢。舉例來說,中介伺服器140可將第一交易訊息A1所對應之指定交易類型及指定交易金額以可擴展標記語言(Extensible Markup Language,XML)的格式儲存於記憶體146。此外,中介伺服器140還可在確認交易完成後,將交易結果及明細傳送至交易控制裝置110以供使用者確認。In some embodiments of the invention, the mediation server 140 may also include a memory 146. The mediation server 140 can store the transaction record in the memory 146 for later query. For example, the mediation server 140 may store the specified transaction type and the specified transaction amount corresponding to the first transaction message A1 in the memory 146 in an Extensible Markup Language (XML) format. In addition, the mediation server 140 may also transmit the transaction result and details to the transaction control device 110 for confirmation by the user after the confirmation transaction is completed.

再者,為確保交易進行的安全性,在本發明的部分實施例中,中介伺服器140及連網轉換器120可透過傳輸層安全性 (Transport Layer Security,TLS) 協定、安全通訊端層(Secure Sockets Layer,SSL)協定、AES加密演算法及RSA加密演算法中至少一者對傳輸的訊息進行加密及解密以確保網路傳輸之安全。舉例來說,在上述的實施例中,第一交易訊息A1、第二讀卡機操作訊息D2及第二操作確認訊息E2皆可經過上述的方式進行加密。In addition, in order to ensure the security of the transaction, in some embodiments of the present invention, the mediation server 140 and the network switch 120 can pass the Transport Layer Security (TLS) protocol and the secure communication end layer ( At least one of the Secure Sockets Layer (SSL) protocol, the AES encryption algorithm, and the RSA encryption algorithm encrypts and decrypts the transmitted message to ensure network transmission security. For example, in the above embodiment, the first transaction message A1, the second card reader operation message D2, and the second operation confirmation message E2 can be encrypted in the above manner.

舉例來說,聯網轉換器120也可在事先於中介伺服器140進行認證登錄,並可在開機時便與中介伺服器140進行連線並在驗證後取得對應的加密金鑰,以使網路傳輸更具安全性。For example, the network converter 120 can also perform authentication login in the mediation server 140 beforehand, and can connect with the mediation server 140 when booting up and obtain the corresponding encryption key after verification to make the network The transmission is more secure.

此外,在本發明的部分實施例中,讀卡機130可具有智慧卡伺服器150所提供的實體安全存取模組(Security Access Module,SAM)以確保讀卡機130能夠取得驗證,並對智慧卡S1進行操作。然而本發明並不以此為限。在本發明的其他實施例中,讀卡交易系統100也可包含虛擬安全存取模組160,透過向智慧卡伺服器150取得操作讀卡機130所需之限時金鑰,就能夠取代實體的安全存取模組。在第1圖的實施例中,虛擬安全存取模組160可設置於中介伺服器140。然而在其他實施例中,虛擬安全存取模組160也可設置於其他裝置中,例如連網轉換器120或交易控制裝置110中。如此一來,商家僅需要一般的讀卡機130就能夠提供智慧卡的交易服務,而無須個別向金融業者申請硬體裝置及實體安全存取模組,大大提升了使用上的彈性。In addition, in some embodiments of the present invention, the card reader 130 may have a physical security access module (SAM) provided by the smart card server 150 to ensure that the card reader 130 can obtain verification and The smart card S1 operates. However, the invention is not limited thereto. In other embodiments of the present invention, the card reading transaction system 100 may also include a virtual security access module 160, which can replace the entity by obtaining the time-limited key required to operate the card reader 130 to the smart card server 150. Secure access module. In the embodiment of FIG. 1, the virtual secure access module 160 can be disposed in the mediation server 140. However, in other embodiments, the virtual secure access module 160 can also be disposed in other devices, such as the network switch 120 or the transaction control device 110. In this way, the merchant only needs the general card reader 130 to provide the smart card transaction service, and does not need to apply for the hardware device and the physical security access module to the financial industry individually, thereby greatly improving the flexibility of use.

第2圖為操作讀卡交易系統100之方法200的流程圖,方法200包含步驟S210至S284。2 is a flow diagram of a method 200 of operating a card reading transaction system 100, the method 200 including steps S210 through S284.

S210: 交易控制裝置110根據指定交易類型及指定交易金額傳送對應之第一交易訊息A1;S210: The transaction control device 110 transmits the corresponding first transaction message A1 according to the specified transaction type and the specified transaction amount;

S220: 智慧卡交易程式介面142根據第一交易訊息A1產生交易請求訊息B1;S220: The smart card transaction program interface 142 generates a transaction request message B1 according to the first transaction message A1;

S230: 在進行驗證後,智慧卡伺服器150根據交易請求訊息B1產生交易確認訊息C1至中介伺服器140;S230: After performing verification, the smart card server 150 generates a transaction confirmation message C1 to the mediation server 140 according to the transaction request message B1;

S240: 在接收到交易確認訊息C1後,智慧卡交易程式介面142根據交易確認訊息C1產生第一讀卡機操作訊息D1;S240: After receiving the transaction confirmation message C1, the smart card transaction program interface 142 generates a first card reader operation message D1 according to the transaction confirmation message C1;

S242: 中介程式介面144轉換第一讀卡機操作訊息D1之傳輸格式以產生第二讀卡機操作訊息D2;S242: The mediation program interface 144 converts the transmission format of the first card reader operation message D1 to generate a second card reader operation message D2;

S244: 中介程式介面144經由網際網路傳送第二讀卡機操作訊息D2;S244: The mediation program interface 144 transmits the second card reader operation message D2 via the Internet;

S246: 在接收第二讀卡機操作訊息D2後,連網轉換器120轉換第二讀卡機操作訊息D2之傳輸格式以產生第三讀卡機操作訊息D3;S246: After receiving the second card reader operation message D2, the network converter 120 converts the transmission format of the second card reader operation message D2 to generate a third card reader operation message D3;

S250: 讀卡機130根據第三讀卡機操作訊息D3對位於讀卡機130之有效距離內的智慧卡S1執行扣款操作或加值操作;S250: The card reader 130 performs a deduction operation or an adding operation on the smart card S1 located within the effective distance of the card reader 130 according to the third card reader operation message D3;

S260: 在執行扣款操作或加值操作完成後,讀卡機130傳送第一操作確認訊息E1;S260: After performing the deduction operation or the value-adding operation is completed, the card reader 130 transmits a first operation confirmation message E1;

S270: 連網轉換器120接收第一操作確認訊息E1;S270: The network converter 120 receives the first operation confirmation message E1;

S280: 連網轉換器120轉換第一操作確認訊息E1之傳輸格式以產生第二操作確認訊息E2;S280: The network converter 120 converts the transmission format of the first operation confirmation message E1 to generate a second operation confirmation message E2;

S282: 連網轉換器120經由網際網路傳送第二操作確認訊息E2;S282: The network converter 120 transmits a second operation confirmation message E2 via the Internet;

S284: 在接收第二操作確認訊息E2後,中介程式介面E2轉換第二操作確認訊息E2之傳輸格式以產生第三操作確認訊息E3,以使智慧卡交易程式介面142解析第三操作確認訊息E3。S284: After receiving the second operation confirmation message E2, the mediation interface E2 converts the transmission format of the second operation confirmation message E2 to generate a third operation confirmation message E3, so that the smart card transaction program interface 142 parses the third operation confirmation message E3. .

在本發明的部分實施例中,中介伺服器140還可包含記憶體146,此時方法200還可包含將第一交易訊息A1所對應之指定交易類型及指定交易金額儲存於記憶體146作為交易紀錄以供使用者日後查詢。In some embodiments of the present invention, the mediation server 140 may further include a memory 146. The method 200 may further include storing the specified transaction type corresponding to the first transaction message A1 and the specified transaction amount in the memory 146 as a transaction. The record is for the user to check in later.

此外,為增加網路傳輸的安全性,在本發明的部分實施例中,方法200還可包含利用傳輸層安全性協定、安全通訊端層協定、AES加密演算法及RSA加密演算法中至少一者對第一交易訊息A1及第二讀卡機操作訊息D2進行加密的步驟。也就是說,讀卡交易系統100可以根據實際的需求使用一種或多種加密方法來對網路傳輸的資料進行加密,以確保交易過程的安全及穩定性。在本發明的部分實施例中,中介伺服器140還可在每次交易完成後都更新加密所需的金鑰,如此一來,就能夠維持中介伺服器140與連網轉換器120之間的網路傳輸安全。In addition, in order to increase the security of the network transmission, in some embodiments of the present invention, the method 200 may further include using at least one of a transport layer security protocol, a secure communication end layer protocol, an AES encryption algorithm, and an RSA encryption algorithm. The step of encrypting the first transaction message A1 and the second card reader operation message D2. That is to say, the card reading transaction system 100 can use one or more encryption methods to encrypt the data transmitted by the network according to actual needs, so as to ensure the security and stability of the transaction process. In some embodiments of the present invention, the mediation server 140 may also update the key required for encryption after each transaction is completed, so that the intermediary server 140 and the network converter 120 can be maintained. Network transmission security.

再者,方法200還可包含使虛擬安全存取模組160向智慧卡伺服器150註冊以取得操作讀卡機130所需之限時金鑰。也就是說,讀卡交易系統100可以透過虛擬安全存取模組160取得有時效性的金鑰,並可據以在時效內利用讀卡機130來對智慧卡S1進行操作。如此一來,不僅能夠維持交易的安全,也可以簡化使用者所需的硬體設備,大大提升了使用上的彈性。Moreover, the method 200 can also include causing the virtual secure access module 160 to register with the smart card server 150 to obtain the time-limited key required to operate the card reader 130. That is to say, the card reading transaction system 100 can obtain the time-sensitive key through the virtual security access module 160, and can use the card reader 130 to operate the smart card S1 within the aging period. In this way, not only can the security of the transaction be maintained, but also the hardware devices required by the user can be simplified, and the flexibility of use is greatly improved.

綜上所述,本發明之實施例所提供的讀卡交易系統及操作讀卡交易系統的方法能夠利用透過連網轉換器將讀卡機連線至中介伺服器,並透過中介伺服器連線至提供交易服務的智慧卡伺服器。因此使用者僅需在中介伺服器上完成註冊,就能夠提供智慧卡的交易服務,而無需再額外申請或設置與智慧卡伺服器相容的硬體裝置,大大提升了便利性及使用上的彈性。 以上所述僅為本發明之較佳實施例,凡依本發明申請專利範圍所做之均等變化與修飾,皆應屬本發明之涵蓋範圍。In summary, the card reading transaction system and the method for operating the card reading transaction system provided by the embodiments of the present invention can connect the card reader to the mediation server through the network converter and connect through the mediation server. To the smart card server that provides trading services. Therefore, the user only needs to complete the registration on the mediation server, and can provide the smart card transaction service without having to apply for or set up a hardware device compatible with the smart card server, which greatly improves the convenience and the use. elasticity. The above are only the preferred embodiments of the present invention, and all changes and modifications made to the scope of the present invention should be within the scope of the present invention.

100‧‧‧讀卡交易系統100‧‧‧Reading Card Trading System

110‧‧‧交易控制裝置110‧‧‧Transaction control device

120‧‧‧連網轉換器120‧‧‧Network converter

130‧‧‧讀卡機130‧‧‧ card reader

140‧‧‧中介伺服器140‧‧‧Intermediary server

142‧‧‧智慧卡交易程式介面142‧‧‧Smart Card Trading Program Interface

144‧‧‧中介程式介面144‧‧‧Intermediary interface

146‧‧‧記憶體146‧‧‧ memory

150‧‧‧智慧卡伺服器150‧‧‧Smart Card Server

160‧‧‧虛擬安全存取模組160‧‧‧Virtual Security Access Module

A1‧‧‧第一交易訊息A1‧‧‧First trading message

B1‧‧‧交易請求訊息B1‧‧‧Transaction request message

C1‧‧‧交易確認訊息C1‧‧‧Transaction Confirmation Message

D1‧‧‧第一讀卡機操作訊息D1‧‧‧First card reader operation message

D2‧‧‧第二讀卡機操作訊息D2‧‧‧Second card reader operation message

D3‧‧‧第三讀卡機操作訊息D3‧‧‧ Third card reader operation message

E1‧‧‧第一操作確認訊息E1‧‧‧First operation confirmation message

E2‧‧‧第二操作確認訊息E2‧‧‧Second operation confirmation message

E3‧‧‧第三操作確認訊息E3‧‧‧ Third operation confirmation message

S1‧‧‧智慧卡S1‧‧‧Smart Card

200‧‧‧方法200‧‧‧ method

S210至S284‧‧‧步驟Steps S210 to S284‧‧

第1圖為本發明一實施例之讀卡交易系統的示意圖。 第2圖為操作第1圖之讀卡交易系統的方法流程圖。FIG. 1 is a schematic diagram of a card reading transaction system according to an embodiment of the present invention. Figure 2 is a flow chart showing the method of operating the card reading transaction system of Figure 1.

Claims (12)

一種讀卡交易系統,包含: 一交易控制裝置,用以根據一指定交易類型及一指定交易金額傳送對應之一第一交易訊息; 一中介伺服器,包含: 一智慧卡交易程式介面,用以根據該第一交易訊息產生一交易請求訊息;及 一中介程式介面; 一智慧卡伺服器,用以在進行驗證後,根據該交易請求訊息產生一交易確認訊息至該中介伺服器,其中: 該智慧卡交易程式介面另用以在接收到該交易確認訊息後,根據該交易確認訊息產生一第一讀卡機操作訊息; 該中介程式介面用以轉換該第一讀卡機操作訊息之一傳輸格式以產生一第二讀卡機操作訊息,並經由一網際網路傳送該第二讀卡機操作訊息; 一連網轉換器,用以接收該第二讀卡機操作訊息,並轉換該第二讀卡機操作訊息之一傳輸格式以產生一第三讀卡機操作訊息;及 一讀卡機,用以根據該第三讀卡機操作訊息對位於該讀卡機之一有效距離內的一智慧卡執行一扣款操作或一加值操作。A card reading transaction system, comprising: a transaction control device, configured to transmit a corresponding one of the first transaction messages according to a specified transaction type and a specified transaction amount; and an intermediary server, comprising: a smart card transaction program interface, Generating a transaction request message according to the first transaction message; and an intermediary program interface; a smart card server, configured to generate a transaction confirmation message to the mediation server according to the transaction request message after verification, wherein: The smart card transaction program interface is further configured to generate a first card reader operation message according to the transaction confirmation message after receiving the transaction confirmation message; the intermediary program interface is configured to convert one of the first card reader operation messages Formatting to generate a second card reader operation message, and transmitting the second card reader operation message via an internet; a network converter for receiving the second card reader operation message and converting the second a card reader operation message transmission format to generate a third card reader operation message; and a card reader for use according to the third card reader For performing a post-debit operation or a value located within a smart card reader that one effective distance. 如請求項1所述之讀卡交易系統,其中該交易控制裝置係為一智慧型手機、一平板電腦或一銷售時點情報系統(point of sale,POS)。The card reading transaction system of claim 1, wherein the transaction control device is a smart phone, a tablet computer or a point of sale (POS). 如請求項1所述之讀卡交易系統,其中該中介伺服器另包含一記憶體,用以儲存該第一交易訊息所對應之該指定交易類型及該指定交易金額。The card reading transaction system of claim 1, wherein the mediation server further comprises a memory for storing the specified transaction type corresponding to the first transaction message and the specified transaction amount. 如請求項1所述之讀卡交易系統,其中: 該讀卡機另用以在執行該扣款操作或該加值操作完成後,傳送一第一操作確認訊息; 該連網轉換器另用以接收該第一操作確認訊息,轉換該第一操作確認訊息之一傳輸格式以產生一第二操作確認訊息,並經由該網際網路傳送該第二操作確認訊息;及 該中介程式介面另用以接收該第二操作確認訊息,並轉換該第二操作確認訊息之一傳輸格式以產生一第三操作確認訊息,以使該智慧卡交易程式介面解析該第三操作確認訊息。The card reading transaction system of claim 1, wherein: the card reader is further configured to transmit a first operation confirmation message after performing the deduction operation or the value-adding operation is completed; the network converter is additionally used Receiving the first operation confirmation message, converting a transmission format of the first operation confirmation message to generate a second operation confirmation message, and transmitting the second operation confirmation message via the Internet; and the intermediary program interface is additionally used Receiving the second operation confirmation message, and converting one of the second operation confirmation message transmission formats to generate a third operation confirmation message, so that the smart card transaction program interface parses the third operation confirmation message. 如請求項1所述之讀卡交易系統,其中該第一交易訊息及該第二讀卡機操作訊息係利用傳輸層安全性 (Transport Layer Security,TLS) 協定、安全通訊端層(Secure Sockets Layer,SSL)協定、AES加密演算法及RSA加密演算法中至少一者進行加密以確保網路傳輸之安全。The card reading transaction system of claim 1, wherein the first transaction message and the second card reader operation message utilize a Transport Layer Security (TLS) protocol and a secure communication layer (Secure Sockets Layer). At least one of the SSL) protocol, the AES encryption algorithm, and the RSA encryption algorithm are encrypted to ensure the security of the network transmission. 如請求項1所述之讀卡交易系統,另包含一虛擬安全存取模組(Security Access Module,SAM),用以向該智慧卡伺服器取得操作該讀卡機所需之一限時金鑰。The card reading transaction system of claim 1, further comprising a virtual security access module (SAM) for obtaining, from the smart card server, a time-limited key required for operating the card reader . 如請求項6所述之讀卡交易系統,其中該虛擬安全存取模組係設置於該中介伺服器、該連網轉換器或該交易控制裝置。The card reading transaction system of claim 6, wherein the virtual security access module is disposed in the mediation server, the network converter, or the transaction control device. 一種操作讀卡交易系統的方法,該讀卡交易系統包含一交易控制裝置、一中介伺服器、一智慧卡伺服器、一連網轉換器及一讀卡機,該中介伺服器包含一中介程式介面及一智慧卡交易程式介面該方法包含: 該交易控制裝置根據一指定交易類型及一指定交易金額傳送對應之一第一交易訊息; 該智慧卡交易程式介面根據該第一交易訊息產生一交易請求訊息; 在進行驗證後,該智慧卡伺服器根據該交易請求訊息產生一交易確認訊息至該中介伺服器; 在接收到該交易確認訊息後,該智慧卡交易程式介面根據該交易確認訊息產生一第一讀卡機操作訊息; 該中介程式介面轉換該第一讀卡機操作訊息之一傳輸格式以產生一第二讀卡機操作訊息; 該中介程式介面經由一網際網路傳送該第二讀卡機操作訊息; 接收該第二讀卡機操作訊息後,該連網轉換器轉換該第二讀卡機操作訊息之一傳輸格式以產生一第三讀卡機操作訊息;及 該讀卡機根據該第三讀卡機操作訊息對位於該讀卡機之一有效距離內的一智慧卡執行一扣款操作或一加值操作。A method for operating a card reading transaction system, the card reading transaction system comprising a transaction control device, an intermediary server, a smart card server, a network converter and a card reader, the mediation server including a mediation interface And a smart card transaction program interface, the method comprising: the transaction control device transmitting a corresponding one of the first transaction messages according to a specified transaction type and a specified transaction amount; the smart card transaction program interface generates a transaction request according to the first transaction message After the verification, the smart card server generates a transaction confirmation message to the mediation server according to the transaction request message; after receiving the transaction confirmation message, the smart card transaction program interface generates a message according to the transaction confirmation message. a first card reader operation message; the mediation interface converts a transmission format of the first card reader operation message to generate a second card reader operation message; the mediation interface transmits the second read via an internet network Card machine operation message; after receiving the second card reader operation message, the network converter converts the first a second card reader operation message transmission format to generate a third card reader operation message; and the card reader according to the third card reader operation message to a smart card located within an effective distance of the card reader Perform a chargeback operation or a bonus operation. 如請求項8所述之方法,其中該中介伺服器另包含一記憶體,且該方法另包含該中介伺服器將該第一交易訊息所對應之該指定交易類型及該指定交易金額儲存於該記憶體。The method of claim 8, wherein the mediation server further comprises a memory, and the method further comprises the mediation server storing the specified transaction type corresponding to the first transaction message and the specified transaction amount in the Memory. 如請求項8所述之方法,另包含: 在執行該扣款操作或該加值操作完成後,該讀卡機傳送一第一操作確認訊息; 在接收該第一操作確認訊息後,該連網轉換器轉換該第一操作確認訊息之一傳輸格式以產生一第二操作確認訊息; 該連網轉換器經由網際網路傳送該第二操作確認訊息;及 在接收該第二操作確認訊息後,該中介程式介面轉換該第二操作確認訊息之一傳輸格式以產生一第三操作確認訊息,以使該智慧卡交易程式介面解析該第三操作確認訊息。The method of claim 8, further comprising: after performing the deduction operation or the value-adding operation is completed, the card reader transmits a first operation confirmation message; after receiving the first operation confirmation message, the connection The network converter converts one of the first operation confirmation messages to generate a second operation confirmation message; the network converter transmits the second operation confirmation message via the Internet; and after receiving the second operation confirmation message The mediation interface converts one of the second operation confirmation messages to generate a third operation confirmation message for the smart card transaction program interface to parse the third operation confirmation message. 如請求項1所述之方法,另包含: 利用傳輸層安全性 (Transport Layer Security,TLS) 協定、安全通訊端層(Secure Sockets Layer,SSL)協定、AES加密演算法及RSA加密演算法中至少一者對該第一交易訊息進行加密;及 利用傳輸層安全性 (Transport Layer Security,TLS) 協定、安全通訊端層(Secure Sockets Layer,SSL)協定、AES加密演算法及RSA加密演算法中至少一者對該第二讀卡機操作訊息進行加密。The method of claim 1, further comprising: utilizing at least a Transport Layer Security (TLS) protocol, a Secure Sockets Layer (SSL) protocol, an AES encryption algorithm, and an RSA encryption algorithm. The first transaction message is encrypted; and at least the Transport Layer Security (TLS) protocol, the Secure Sockets Layer (SSL) protocol, the AES encryption algorithm, and the RSA encryption algorithm are used. One encrypts the second card reader operation message. 如請求項1所述之方法,其中該讀卡交易系統另包含一虛擬安全存取模組(Security Access Module,SAM),該方法另包含虛擬安全存取模組向該智慧卡伺服器註冊以取得操作該讀卡機所需之一限時金鑰。The method of claim 1, wherein the card reading transaction system further comprises a virtual security access module (SAM), the method further comprising: the virtual security access module registering with the smart card server Get one of the time-limited keys needed to operate the card reader.
TW107140498A 2018-01-19 2018-11-15 Card reading transaction system and method for operating a card reading transaction system TWI722333B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US16/244,053 US10685192B2 (en) 2018-01-19 2019-01-09 Card reading transaction system with an intermediate server
CN201910029081.0A CN110070356B (en) 2018-01-19 2019-01-12 Card reading transaction system and method for operating card reading transaction system
JP2019004245A JP6748239B2 (en) 2018-01-19 2019-01-15 Card reading transaction system having an intermediate server

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201862619128P 2018-01-19 2018-01-19
US62/619,128 2018-01-19

Publications (2)

Publication Number Publication Date
TW201933171A true TW201933171A (en) 2019-08-16
TWI722333B TWI722333B (en) 2021-03-21

Family

ID=68315758

Family Applications (2)

Application Number Title Priority Date Filing Date
TW107140498A TWI722333B (en) 2018-01-19 2018-11-15 Card reading transaction system and method for operating a card reading transaction system
TW108100544A TWI730282B (en) 2018-01-19 2019-01-07 Transaction system without card readers and method for operating transaction system without card readers

Family Applications After (1)

Application Number Title Priority Date Filing Date
TW108100544A TWI730282B (en) 2018-01-19 2019-01-07 Transaction system without card readers and method for operating transaction system without card readers

Country Status (1)

Country Link
TW (2) TWI722333B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11556264B1 (en) 2021-07-26 2023-01-17 Bank Of America Corporation Offline data transfer between devices using gestures

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070194752A1 (en) * 2006-02-22 2007-08-23 Mcburney A Scott Methods and Systems for a Wall Mounted Universal Power Supply
US20080272188A1 (en) * 2007-05-02 2008-11-06 I4 Commerce Inc. Distributed system for commerce
EP2728528A1 (en) * 2008-05-30 2014-05-07 MR.QR10 GmbH & Co. KG Server device for controlling a transaction, first entity and second entity
US9886693B2 (en) * 2009-03-30 2018-02-06 Yuh-Shen Song Privacy protected anti identity theft and payment network
US10586227B2 (en) * 2011-02-16 2020-03-10 Visa International Service Association Snap mobile payment apparatuses, methods and systems
GB2509282A (en) * 2011-09-22 2014-06-25 Securekey Technologies Inc Systems and methods for contactless transaction processing
CA2799055A1 (en) * 2012-12-14 2014-06-14 Caledon Computer Systems Inc. Apparatus configured to facilitate secure financial transactions
TWI614636B (en) * 2013-06-10 2018-02-11 Jie Chen Content verification method based on digital signature code
TWI529638B (en) * 2014-05-26 2016-04-11 國立成功大學 System and method for electronic ticket peer to peer secure transfer on mobile devices by near field communication (nfc) technology
US11068895B2 (en) * 2015-02-17 2021-07-20 Visa International Service Association Token and cryptogram using transaction specific information
TWM514064U (en) * 2015-09-24 2015-12-11 Mercuries Data Systems Ltd Card-less transaction system via wireless device
TWM524959U (en) * 2016-01-22 2016-07-01 蓋特資訊系統股份有限公司 Transaction system for conducting transaction using a mobile device
TWM532613U (en) * 2016-04-28 2016-11-21 台新國際商業銀行股份有限公司 System for card-less automated teller transactions

Also Published As

Publication number Publication date
TW201933258A (en) 2019-08-16
TWI730282B (en) 2021-06-11
TWI722333B (en) 2021-03-21

Similar Documents

Publication Publication Date Title
JP7407254B2 (en) Authentication system and method using location matching
US10826702B2 (en) Secure authentication of user and mobile device
US11080696B2 (en) Systems and methods for code display and use
US10248952B2 (en) Automated account provisioning
CN108027926B (en) Authentication system and method for service-based payment
US11777934B2 (en) Method and system for token provisioning and processing
KR20140125449A (en) Transaction processing system and method
US20210209594A1 (en) System and methods for using limit-use encrypted code to transfer values securely among users
KR20220122697A (en) Issuing a card with a limited virtual number
US20240127204A1 (en) Instant digital issuance
TWI722333B (en) Card reading transaction system and method for operating a card reading transaction system
US11823140B2 (en) Server and method for sending a transaction receipt via a push notification
CN110070356B (en) Card reading transaction system and method for operating card reading transaction system
CN113508413A (en) Cross-border Quick Response (QR) payment flow for encrypting Primary Account Number (PAN) payment flow
CN113014400B (en) Secure authentication of users and mobile devices
WO2022245343A1 (en) Instant digital issuance
WO2019171288A1 (en) Contactless communication-based financial transactions