TWM504286U - Security digital memory card with embedded smart chip and card reader terminal - Google Patents

Security digital memory card with embedded smart chip and card reader terminal Download PDF

Info

Publication number
TWM504286U
TWM504286U TW104204481U TW104204481U TWM504286U TW M504286 U TWM504286 U TW M504286U TW 104204481 U TW104204481 U TW 104204481U TW 104204481 U TW104204481 U TW 104204481U TW M504286 U TWM504286 U TW M504286U
Authority
TW
Taiwan
Prior art keywords
memory card
smart chip
application
interface
unit
Prior art date
Application number
TW104204481U
Other languages
Chinese (zh)
Inventor
Chih-Kuan Hung
I-Shu Kuo
Original Assignee
Glory Tech Service Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Glory Tech Service Co Ltd filed Critical Glory Tech Service Co Ltd
Priority to TW104204481U priority Critical patent/TWM504286U/en
Priority to CN201520294774.XU priority patent/CN204576569U/en
Publication of TWM504286U publication Critical patent/TWM504286U/en

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

An invention provides a security digital memory card with embedded smart chip, a card reader terminal and a controlling method thereof, wherein a high security smart chip and an antenna is set in the security digital memory card, thereby the general electric device with the security digital memory card slut and the antenna reader can be used as a credit card machine in the transaction.

Description

內嵌智能晶片之安全數位記憶卡及行 動讀卡終端機Secure digital memory card and line embedded with smart chip Dynamic card reader

本新型是一種安全數位記憶卡及行動讀卡終端機,特別是有關於一種內嵌智能晶片之安全數位記憶卡及行動讀卡終端機。The utility model relates to a safe digital memory card and a mobile card reading terminal, in particular to a secure digital memory card and a mobile card reading terminal embedded with a smart chip.

目前消費者越來越趨向於便利化且多功能的需求,導致以往攜帶大量現金及零錢的習慣已經改變。現今的消費者往往僅需攜帶具有非接觸感應功能之智能卡片,便可進行搭乘公共客運或於店家內進行刷卡消費等交易行為。At present, consumers are increasingly turning to the need for convenience and versatility, which has led to changes in the habit of carrying large amounts of cash and change in the past. Today's consumers often only need to carry smart cards with non-contact sensing capabilities, and can conduct transactions such as taking public passenger transport or swiping in the store.

發卡行號競相推出不同類型的智能卡,故而導致智能卡的相關讀取設備不斷推陳出新。然而,智能卡雖然已經讓消費者更加輕鬆便利,但對於市面上絕大部分之店家而言,以內建收單軟體之電腦、收銀機及刷卡感應機等建構的銷售時點終端仍不完善,其不僅體積厚重而導致架設困難、搬遷不易,更必須花費高昂的成本。The card issuer is competing to launch different types of smart cards, which leads to the continuous innovation of the relevant reading devices of the smart card. However, although smart cards have made consumers more convenient and convenient, for most of the stores on the market, the time-of-sale terminals built with built-in software, cash registers and credit card sensors are still not perfect. Not only is the volume heavy, it is difficult to erect, the relocation is difficult, and it is also costly.

由於交易行為須有高度的安全機制管控,一般的刷卡感應機係於內部直接安裝安全模組(Security Access Module,SAM)或者僅設置安全模組卡槽,店家必須額外申辦安全模組卡插入,於讀取或傳輸卡片資料時皆須利用此安全模組,方能為其提供安全控制管理。因此,店家必須自行額外購買或客制化所需之刷卡感應機。Since the transaction behavior must be controlled by a high degree of security mechanism, the general credit card sensor is installed directly inside the Security Access Module (SAM) or only the security module card slot. The store must additionally apply for the security module card insertion. This security module is required to read or transmit card data in order to provide security control management. Therefore, the store must purchase or customize the card-sensing machine required by the store.

本新型之目的在於提供一種內嵌智能晶片之安全數位記憶卡及行動讀卡終端機,使一般具有安全數位記憶卡槽的電子設備可當作刷卡感應機使用。The purpose of the present invention is to provide a secure digital memory card and a mobile card reader terminal with embedded smart chips, so that an electronic device generally having a secure digital memory card slot can be used as a card sensor.

因此,本新型之一實施方式在於提供一種內嵌智能晶片之安全數位記憶卡,包含一記憶卡接口介面、一記憶卡控制器、一智能晶片接口介面以及一智能晶片。記憶卡接口介面用以電性連接外部一終端應用程序並根據終端應用程序傳輸一應用協議數據命令(Application Protocol Data Unit)、一身分驗證資料及一交易數據。記憶卡控制器電性連接記憶卡接口介面並轉發應用協議數據命令。智能晶片接口介面電性連接記憶卡控制器。智能晶片包含一傳輸單元、一文件單元、一安全單元以及一應用單元,傳輸單元電性連接智能晶片接口介面而傳輸應用協議數據命令、身分驗證資料及交易數據。文件單元內包含一根目錄文件以及複數應用目錄文件。安全單元內設有一安全機制,此安全機制用以校驗應用協議數據命令且加解密交易數據及身分驗證資料。應用 單元用以對根目錄文件及應用目錄文件執行應用協議數據命令並回傳一響應信息,且應用單元監控管理傳輸單元、文件單元及安全單元。Therefore, an embodiment of the present invention provides a secure digital memory card embedded with a smart chip, including a memory card interface, a memory card controller, a smart chip interface, and a smart chip. The memory card interface is used to electrically connect to an external terminal application and transmit an Application Protocol Data Unit, an identity verification data, and a transaction data according to the terminal application. The memory card controller electrically connects to the memory card interface and forwards application protocol data commands. The smart chip interface interface is electrically connected to the memory card controller. The smart chip comprises a transmission unit, a file unit, a security unit and an application unit. The transmission unit is electrically connected to the smart chip interface interface to transmit application protocol data commands, identity verification data and transaction data. The file unit contains a directory file and a plurality of application directory files. The security unit is provided with a security mechanism for verifying application protocol data commands and encrypting and decrypting transaction data and identity verification data. application The unit is configured to execute an application protocol data command on the root directory file and the application directory file and return a response message, and the application unit monitors the management transmission unit, the file unit, and the security unit.

此外,前述實施方式之一實施例的內嵌智能晶片之安全數位記憶卡,其中根目錄文件更具有一卡片金鑰。且各應用目錄文件更分別具有一應用金鑰。安全機制更包含一個人識別碼(Personal Identification Number,PIN)、一數字簽章集合以及一加解密金鑰集合。而加解密金鑰集合更包含一交易授權碼(Transaction Authentication Code,TAC)、一信息摘要(Massage Degist,MD)及一信息鑑別碼(Massage Authentication Code,MAC)。交易授權碼、信息摘要及信息鑑別碼係可採一MD5演算法、一SHA演算法、一DES演算法及一RSA演算法。智能晶片更包含一硬件隨機數發生器,用以產生一隨機金鑰而加密交易數據及身分驗證資料。安全數位記憶卡更包含一無線收發模組,用以無線傳輸交易數據。安全數位記憶卡更包含一記憶體,用以儲存交易數據。In addition, the secure digital chip embedded smart memory card of one embodiment of the foregoing embodiment, wherein the root directory file further has a card key. And each application directory file has an application key respectively. The security mechanism further includes a Personal Identification Number (PIN), a digital signature set, and a set of encryption and decryption keys. The encryption and decryption key set further includes a Transaction Authentication Code (TAC), a Message Degist (MD), and a Mass Authentication Code (MAC). The transaction authorization code, the message digest and the information authentication code may adopt an MD5 algorithm, a SHA algorithm, a DES algorithm and an RSA algorithm. The smart chip further includes a hardware random number generator for generating a random key to encrypt the transaction data and the identity verification data. The secure digital memory card further includes a wireless transceiver module for wirelessly transmitting transaction data. The secure digital memory card also contains a memory for storing transaction data.

本新型之再一實施方式在於提供一種行動讀卡終端機,其係應用於讀取前述之內嵌智能晶片之安全數位記憶卡,行動讀卡終端機包含一傳輸介面、一控制模組、一天線讀取模組以及一網路模組,傳輸介面電性連接記憶卡接口介面而符合一有線傳輸協定。控制模組電性連接傳輸介面,控制模組內建一終端應用程序以配合內嵌智能晶片之安全數位記憶卡進行交易,控制模組發出應用協議數據命令控制智能 晶片並接收響應信息,且控制模組存取智能晶片。天線讀取模組電性連接控制模組,天線讀取模組符合一無線傳輸協定,用以從一交易卡無線接收交易數據及身分驗證資料。網路模組電性連接控制模組且根據交易數據及身分驗證資料網路連接一交易單位。A further embodiment of the present invention provides a mobile card reader terminal for reading a secure digital memory card embedded with the smart chip. The mobile card reader terminal includes a transmission interface, a control module, and a day. The line reading module and a network module, the transmission interface is electrically connected to the memory card interface interface and conforms to a wired transmission protocol. The control module is electrically connected to the transmission interface, and the control module has a built-in terminal application for transaction with the secure digital memory card embedded with the smart chip, and the control module issues an application protocol data command to control the intelligence. The chip receives the response information and the control module accesses the smart chip. The antenna reading module is electrically connected to the control module, and the antenna reading module conforms to a wireless transmission protocol for wirelessly receiving transaction data and identity verification data from a transaction card. The network module is electrically connected to the control module and is connected to a transaction unit according to the transaction data and the identity verification data network.

根據前述實施方式之一實施例的行動讀卡終端機,其中有線傳輸協定可為一ISO7816協定。無線傳輸協定可為一ISO14443協定。The mobile card reader terminal according to one of the preceding embodiments, wherein the cable transmission protocol can be an ISO7816 protocol. The wireless transmission protocol can be an ISO 14443 agreement.

由此可知,前述實施方式及實施例之內嵌智能晶片之安全數位記憶卡及行動讀卡終端機,其硬體上利用安全數位卡已內嵌智能晶片的結構並配合可讀取安全數位記憶卡之行動讀卡終端機,如此一來便可取代以往內建安全模組之讀卡機。而軟體的操作上,行動讀卡終端機可讀取內嵌智能晶片之安全數位記憶卡內部資料,內嵌智能晶片之安全數位記憶卡則可執行行動讀卡終端機所發出的命令。藉此,前述兩者結合可達成安全且便利的行動刷卡功能。Therefore, it can be seen that the secure digital memory card and the mobile card reader terminal embedded with the smart chip in the foregoing embodiments and embodiments have a structure in which the smart digital chip has embedded the smart chip and cooperates with the readable security digital memory. The card's mobile card reader terminal can replace the previous built-in security module card reader. In the operation of the software, the mobile card reading terminal can read the internal data of the secure digital memory card embedded with the smart chip, and the secure digital memory card embedded with the smart chip can execute the command issued by the mobile card reading terminal. Thereby, the combination of the foregoing can achieve a safe and convenient action card swipe function.

100‧‧‧安全數位記憶卡100‧‧‧Safe Digital Memory Card

110‧‧‧記憶卡接口介面110‧‧‧ memory card interface

120‧‧‧記憶卡控制器120‧‧‧ Memory Card Controller

130‧‧‧記憶體130‧‧‧ memory

140‧‧‧智能晶片接口介面140‧‧‧Smart Chip Interface

150‧‧‧智能晶片150‧‧‧Smart Wafer

151‧‧‧傳輸單元151‧‧‧Transportation unit

152‧‧‧文件單元152‧‧‧ file unit

153‧‧‧安全單元153‧‧‧Safety unit

154‧‧‧應用單元154‧‧‧ Application Unit

200‧‧‧行動讀卡終端機200‧‧‧ mobile card reader terminal

200A‧‧‧智慧型手機200A‧‧‧Smart Phone

200B‧‧‧平板電腦200B‧‧‧ tablet

200C‧‧‧筆記型電腦200C‧‧‧Note Computer

210‧‧‧傳輸介面210‧‧‧Transport interface

220‧‧‧控制模組220‧‧‧Control Module

230‧‧‧天線讀取模組230‧‧‧Antenna reading module

240‧‧‧網路模組240‧‧‧Network Module

310~320、410~480‧‧‧步驟310~320, 410~480‧‧‧ steps

500‧‧‧交易卡500‧‧ trading card

600‧‧‧交易單位600‧‧‧ trading unit

TA‧‧‧終端應用程序TA‧‧‧ terminal application

APDU‧‧‧應用協議數據命令APDU‧‧‧Application Protocol Data Command

TD‧‧‧交易數據TD‧‧‧ transaction data

MF‧‧‧根目錄文件MF‧‧‧ root directory file

AF‧‧‧應用目錄文件AF‧‧‧Application Catalog File

SM‧‧‧安全機制SM‧‧‧Security Mechanism

ATR‧‧‧響應信息ATR‧‧‧Response information

ID‧‧‧身分驗證資料ID‧‧‧identification data

為讓本新型之上述和其他目的、特徵、優點與實施例能更明顯易懂,所附圖式之說明如下:第1圖係繪示依照本新型一實施方式之內嵌智能晶片之安全數位記憶卡之方塊示意圖。The above and other objects, features, advantages and embodiments of the present invention will be more apparent and understood. The description of the drawings is as follows: FIG. 1 is a diagram showing a secure digital embedded embedded smart chip according to an embodiment of the present invention. The block diagram of the memory card.

第2圖係繪示依照本新型一實施方式之行動讀卡終端機之方塊示意圖。2 is a block diagram showing an action card reading terminal according to an embodiment of the present invention.

第3圖係繪示依照本新型一實施方式之內嵌智能晶片之安全數位記憶卡之控制流程圖。FIG. 3 is a flow chart showing the control of a secure digital memory card embedded with a smart chip according to an embodiment of the present invention.

第4圖係繪示依照本新型一實施方式之內嵌智能晶片之安全數位記憶卡配合行動讀卡終端機之控制流程圖。FIG. 4 is a flow chart showing control of a secure digital memory card embedded with a smart chip in conjunction with an action card reader terminal according to an embodiment of the present invention.

第5圖係繪示依照本新型一實施方式之內嵌智能晶片之安全數位記憶卡配合行動讀卡終端機之應用示意圖。FIG. 5 is a schematic diagram showing the application of a secure digital memory card embedded with a smart chip in conjunction with an action card reader terminal according to an embodiment of the present invention.

請參閱第1圖,其係繪示依照本新型一實施方式之內嵌智能晶片之安全數位記憶卡之方塊示意圖。安全數位記憶卡100,包含一記憶卡接口介面110、一記憶卡控制器120、一記憶體130、一智能晶片接口介面140以及一智能晶片150。Please refer to FIG. 1 , which is a block diagram of a secure digital memory card embedded with a smart chip according to an embodiment of the present invention. The secure digital memory card 100 includes a memory card interface 110, a memory card controller 120, a memory 130, a smart chip interface interface 140, and a smart chip 150.

記憶卡接口介面110用以電性連接外部一終端應用程序TA,並根據終端應用程序TA傳輸一應用協議數據命令APDU、一身分驗證資料ID及一交易數據TD。The memory card interface interface 110 is configured to electrically connect to an external terminal application program TA, and transmit an application protocol data command APDU, an identity verification data ID, and a transaction data TD according to the terminal application program TA.

記憶卡控制器120電性連接記憶卡接口介面110並轉發應用協議數據命令APDU、身分驗證資料ID及交易數據TD。The memory card controller 120 is electrically connected to the memory card interface interface 110 and forwards the application protocol data command APDU, the identity verification data ID, and the transaction data TD.

記憶體130電性連接於記憶卡控制器120,記憶體130用以儲存交易數據TD。第1圖上雖繪示一記憶體130,但其數量在此並不限定。The memory 130 is electrically connected to the memory card controller 120, and the memory 130 is used to store the transaction data TD. Although a memory 130 is illustrated in FIG. 1, the number is not limited herein.

智能晶片接口介面140電性連接記憶卡控制器120,藉此傳輸應用協議數據命令APDU、身分驗證資料ID及交易數據TD。The smart chip interface interface 140 is electrically connected to the memory card controller 120, thereby transmitting an application protocol data command APDU, an identity verification data ID, and transaction data TD.

智能晶片150藉由智能晶片接口介面140連接記憶卡控制器120,故智能晶片接口介面140係符合一般讀卡機之傳輸協議,而實現智能晶片150及記憶卡控制器120兩者間之物理、電氣及驅動連接。智能晶片150包含一傳輸單元151、一文件單元152、一安全單元153以及一應用單元154。傳輸單元151電性連接智能晶片接口介面140而傳輸應用協議數據命令APDU及交易數據TD。文件單元152內包含一根目錄文件MF以及複數應用目錄文件AF。安全單元153內設有一安全機制SM,此安全機制SM用以校驗應用協議數據命令APDU且加解密交易數據TD及身分驗證資料ID。應用單元154用以對根目錄文件MF及應用目錄文件AF執行應用協議數據命令APDU並回傳一響應信息ATR,且應用單元154監控管理傳輸單元151、文件單元152及安全單元153。The smart chip 150 is connected to the memory card controller 120 through the smart chip interface interface 140. Therefore, the smart chip interface interface 140 conforms to the transmission protocol of the general card reader, and realizes the physicality between the smart chip 150 and the memory card controller 120. Electrical and drive connections. The smart chip 150 includes a transmission unit 151, a file unit 152, a security unit 153, and an application unit 154. The transmission unit 151 is electrically connected to the smart chip interface interface 140 to transmit the application protocol data command APDU and the transaction data TD. The file unit 152 contains a directory file MF and a plurality of application directory files AF. The security unit 153 is provided with a security mechanism SM for verifying the application protocol data command APDU and encrypting and decrypting the transaction data TD and the identity verification data ID. The application unit 154 is configured to execute an application protocol data command APDU on the root directory file MF and the application directory file AF and return a response information ATR, and the application unit 154 monitors the management transmission unit 151, the file unit 152, and the security unit 153.

前述的應用協議數據命令APDU係指執行智能晶片150與外部終端通訊的媒介,意即Application Protocol Data Unit。而終端應用程序TA為外部終端的控制程序,可對內嵌智能晶片150之安全數位記憶卡100下應用協議數據命令APDU。The aforementioned application protocol data command APDU refers to a medium that executes the smart chip 150 to communicate with an external terminal, that is, an Application Protocol Data Unit. The terminal application TA is a control program of the external terminal, and the protocol data command APDU can be applied to the secure digital memory card 100 embedded with the smart chip 150.

此外在其餘實施方式當中,智能晶片更可包含一硬件隨機數發生器(未圖示),用以產生一隨機金鑰而加密交易數據。安全數位記憶卡更可包含一無線收發模組(未圖 示),用以不透過記憶卡接口介面而無線傳輸交易數據。此外,內嵌智能晶片之安全數位記憶卡亦可不具有記憶體(None Nand Flash),而將交易數據儲存於智能晶片具有之電子抹除式可複寫唯讀記憶體(EEPROM)當中。In addition, in other embodiments, the smart chip may further include a hardware random number generator (not shown) for generating a random key to encrypt the transaction data. The secure digital memory card can also include a wireless transceiver module (not shown). Show) for wirelessly transmitting transaction data without passing through the memory card interface. In addition, the secure digital memory card with embedded smart chip can also have no memory (None Nand Flash), and the transaction data is stored in the electronic erasable rewritable read-only memory (EEPROM) of the smart chip.

由於智能晶片150不允許外部終端直接訪問其內部,故必須將文件單元152內之存儲區劃分為根目錄文件MF以及複數應用目錄文件AF,並配合安全單元153內之安全機制SM來加解密及驗證。更詳細地解釋,根目錄文件MF更具有一卡片金鑰,用於個人化及預個人化時驗證安全數位記憶卡100。各應用目錄文件AF更分別具有一應用金鑰。而安全機制SM更可包含一個人識別碼、一數字簽章集合以及一加解密金鑰集合。而加解密金鑰集合更可包含一交易授權碼、一信息摘要及一信息鑑別碼。交易授權碼、信息摘要及信息鑑別碼係可採一MD5演算法、一SHA演算法、一DES演算法及一RSA演算法,而各演算法已為通常知識,於此不再贅述。也就是說,外部終端發出之應用協議數據命令APDU需驗證通過前述安全機制SM以及根目錄文件MF、應用目錄文件AF下金鑰及密碼的認證。Since the smart chip 150 does not allow the external terminal to directly access the internal portion thereof, the storage area in the file unit 152 must be divided into the root directory file MF and the plurality of application directory files AF, and the security mechanism SM in the security unit 153 is used for encryption and decryption. verification. Explaining in more detail, the root directory file MF has a card key for verifying the secure digital memory card 100 for personalization and pre-personalization. Each application directory file AF has an application key respectively. The security mechanism SM can further include a person identification code, a digital signature set, and a set of encryption and decryption keys. The encryption and decryption key set may further include a transaction authorization code, a message digest and an information authentication code. The transaction authorization code, the message digest and the information authentication code may adopt an MD5 algorithm, a SHA algorithm, a DES algorithm and an RSA algorithm, and each algorithm is a common knowledge, and will not be described here. That is to say, the application protocol data command APDU sent by the external terminal needs to be authenticated by the foregoing security mechanism SM and the root directory file MF, the application directory file AF key and the password.

在這裡要注意的是,安全數位記憶卡100內除了智能晶片150外,另外還具有加解密元件(未圖示),其提供記憶體130加解密功能,但安全性較智能晶片150低。It should be noted here that the secure digital memory card 100 has an encryption and decryption component (not shown) in addition to the smart chip 150, which provides the memory 130 encryption and decryption function, but the security is lower than that of the smart chip 150.

請再參閱第2圖,其係係繪示依照本新型一實施方式之行動讀卡終端機之方塊示意圖。行動讀卡終端機200係應用於讀取前述之內嵌智能晶片150之安全數位記憶卡100。 行動讀卡終端機200包含一傳輸介面210、一控制模組220、一天線讀取模組230以及一網路模組240。Please refer to FIG. 2 again, which is a block diagram showing an action card reading terminal according to an embodiment of the present invention. The mobile card reader terminal 200 is applied to the secure digital memory card 100 that reads the aforementioned embedded smart chip 150. The mobile card reader terminal 200 includes a transmission interface 210, a control module 220, an antenna reading module 230, and a network module 240.

傳輸介面210電性連接記憶卡接口介面110而符合全球SD協會所制定的SDIO協議中之一有線傳輸協定,而有線傳輸協定係為ISO7816協定,使行動讀卡終端機200藉由傳輸介面210來讀取安全數位記憶卡100。The transmission interface 210 is electrically connected to the memory card interface interface 110 and conforms to one of the SDIO protocols defined by the Global SD Association, and the wired transmission protocol is the ISO7816 protocol, so that the mobile card reader terminal 200 transmits through the transmission interface 210. The secure digital memory card 100 is read.

控制模組220電性連接傳輸介面210,控制模組220內建終端應用程序TA以配合內嵌智能晶片150之安全數位記憶卡100進行交易,控制模組220發出應用協議數據命令APDU控制智能晶片150並接收響應信息ATR,且控制模組220存取安全數位記憶卡100內之記憶體130。The control module 220 is electrically connected to the transmission interface 210. The control module 220 has a built-in terminal application program TA for cooperation with the secure digital memory card 100 embedded with the smart chip 150. The control module 220 issues an application protocol data command APDU to control the smart chip. 150 and receiving the response information ATR, and the control module 220 accesses the memory 130 in the secure digital memory card 100.

天線讀取模組230電性連接控制模組220,天線讀取模組230符合全球SD協會所制定的SDIO協議中之一無線傳輸協定,用以從一交易卡無線接收交易數據及身分驗證資料,無線傳輸協定為ISO14443協定。交易卡意指所有可進行非接觸感應功能之卡片,例如Pay wave、Pay pass、qPBOC、Express Way或Mifare card等。The antenna reading module 230 is electrically connected to the control module 220. The antenna reading module 230 conforms to one of the SDIO protocols defined by the Global SD Association for wirelessly receiving transaction data and identity verification data from a transaction card. The wireless transmission protocol is the ISO14443 agreement. A transaction card means all cards that can perform non-contact sensing, such as Pay wave, Pay pass, qPBOC, Express Way or Mifare card.

網路模組240電性連接控制模組220且根據交易卡傳來之身分驗證資料ID及交易數據TD網路連接外部一交易單位,且透過智能晶片150進行交易確認。The network module 240 is electrically connected to the control module 220 and connected to an external transaction unit according to the identity verification data ID and the transaction data TD network transmitted from the transaction card, and the transaction confirmation is performed through the smart chip 150.

藉此,使用者可利用行動讀卡終端機200連接安全數位記憶卡100,並利用內部嵌設之智能晶片150來保證傳輸資料的安全性。Thereby, the user can connect the secure digital memory card 100 by using the mobile card reader terminal 200, and use the embedded smart chip 150 to ensure the security of the transmitted data.

再請參照第3圖及第4圖之流程後並配合第1圖及第2圖之元件說明,其中第3圖係繪示依照前述內嵌智能晶片150之安全數位記憶卡100之控制流程圖,第4圖係繪示依照前述內嵌智能晶片150之安全數位記憶卡100配合行動讀卡終端機200之控制流程圖。Please refer to the processes of FIG. 3 and FIG. 4 together with the components of FIG. 1 and FIG. 2 , wherein FIG. 3 is a control flow chart of the secure digital memory card 100 according to the embedded smart chip 150 described above. 4 is a control flow chart of the secure digital memory card 100 in accordance with the aforementioned embedded smart chip 150 in conjunction with the mobile card reading terminal 200.

如第3圖所繪示,內嵌智能晶片150之安全數位記憶卡100之控制步驟如下:步驟310,使記憶卡控制器檢測應用協議數據命令是否合法。以及步驟320,使記憶卡控制器識別解析應用協議數據命令並轉發給智能晶片。As shown in FIG. 3, the control steps of the secure digital memory card 100 embedding the smart chip 150 are as follows: Step 310, the memory card controller detects whether the application protocol data command is legal. And in step 320, the memory card controller recognizes the parsing application protocol data command and forwards it to the smart chip.

如第4圖所繪示,內嵌智能晶片150之安全數位記憶卡100配合行動讀卡終端機200之控制步驟包含如下:步驟410,使行動讀卡終端機發出一查詢版本命令至記憶卡控制器。步驟420,使記憶卡控制器回傳一版本信息。步驟430,使行動讀卡終端機獲取版本信息後發出一連接信息,藉由記憶卡控制器轉發至智能晶片。步驟440,使智能晶片自動重置並回傳一回覆重置信息,藉由記憶卡控制器轉發至行動讀卡終端機。步驟450,使行動讀卡終端機獲取回覆重置信息後發出應用協議數據命令,藉由記憶卡控制器轉發至智能晶片。步驟460,使智能晶片確認應用協議數據命令並回傳響應信息,藉由記憶卡控制器轉發至行動讀卡終端機。步驟470,使行動讀卡終端機發出一斷接信息,藉由記憶卡控制器轉發至智能晶片。以及步驟480,使智能晶片執行斷接信息,且記憶卡控制器確認智能晶片執行斷接信息後回覆行動讀卡終端機。As shown in FIG. 4, the control steps of the secure digital memory card 100 embedded with the smart chip 150 in conjunction with the mobile card reader terminal 200 include the following steps: Step 410, causing the mobile card reader terminal to issue a query version command to the memory card control. Device. In step 420, the memory card controller returns a version information. Step 430, after the action card reader terminal obtains the version information, sends a connection information, and the memory card controller forwards to the smart chip. Step 440, the smart chip is automatically reset and a reply reset message is returned, and is forwarded to the mobile card reader terminal by the memory card controller. Step 450, after the action card reader terminal obtains the reply reset information, issues an application protocol data command, and the memory card controller forwards to the smart chip. Step 460, the smart chip confirms the application protocol data command and returns the response information, and the memory card controller forwards to the mobile card reader terminal. In step 470, the mobile card reader terminal sends a disconnect message to the smart chip by the memory card controller. And in step 480, the smart chip performs the disconnection information, and the memory card controller confirms that the smart chip performs the disconnection information and then responds to the mobile card reading terminal.

在解釋前述之內嵌智能晶片150之安全數位記憶卡100配合行動讀卡終端機200之控制步驟前,則須先說明安全數位記憶卡100之控制步驟。步驟310及步驟320中,當行動讀卡終端機200之終端應用程序TA發出應用協議數據命令APDU或者其他命令,須先經由安全數位記憶卡100內之記憶卡控制器120檢測並解析,如果出現命令異常則返回異常狀態給終端應用程序TA。這裡的異常狀態包含命令的流水號不符或者校驗不正確。Before explaining the control steps of the secure digital memory card 100 embedded with the smart chip 150 in conjunction with the mobile card reader terminal 200, the control steps of the secure digital memory card 100 must be described. In step 310 and step 320, when the terminal application TA of the mobile card reading terminal 200 issues an application protocol data command APDU or other command, it must first detect and parse through the memory card controller 120 in the secure digital memory card 100, if present. The command exception returns an exception status to the terminal application TA. The exception status here contains the serial number of the command does not match or the verification is incorrect.

當命令符合驗證且並無異常狀態時,則行動讀卡終端機200必須先向記憶卡控制器120要求其版本信息。而記憶卡控制器120回復查詢版本命令之要求後,則行動讀卡終端機200接著要求智能晶片150重置,透過記憶卡控制器120轉發至智能晶片150,使智能晶片150重置後再轉發回覆重置信息至行動讀卡終端機200。最後,便是行動讀卡終端機200針對智能晶片150所發出之應用協議數據命令APDU,記憶卡控制器120會記錄內部通訊狀態,如果通訊正常則返回智能晶片150回覆之響應信息ATR,將內部通訊狀態、響應信息ATR及其數據按一定格式寫入到記憶體130當中,而等待行動讀卡終端機200讀取。如果行動讀卡終端機200發出斷接信息,則記憶卡控制器120控制智能晶片150斷開,並回覆其斷接信息。When the command conforms to the verification and there is no abnormal state, the mobile card reader terminal 200 must first request its version information from the memory card controller 120. After the memory card controller 120 responds to the request for querying the version command, the mobile card reader terminal 200 then requests the smart chip 150 to be reset, forwarded to the smart chip 150 through the memory card controller 120, and the smart chip 150 is reset and then forwarded. The reset information is replied to the mobile card reader terminal 200. Finally, the action card reader terminal 200 issues an APDU for the application protocol data issued by the smart chip 150. The memory card controller 120 records the internal communication status, and if the communication is normal, returns the response information ATR of the smart chip 150, which will be internal. The communication status, response information ATR and its data are written into the memory 130 in a certain format, and are awaiting reading by the mobile card reading terminal 200. If the mobile card reader terminal 200 issues a disconnect message, the memory card controller 120 controls the smart chip 150 to disconnect and replies its disconnect information.

請參照第1圖、第2圖及第5圖,其係繪示依照前述內嵌智能晶片150之安全數位記憶卡100配合行動讀卡終端機200之應用示意圖。前述所提及之行動讀卡終端機200可以 為智慧型手機200A、平板電腦200B、筆記型電腦200C或任何具有安全數位記憶卡槽之電子裝置,可對前述內嵌智能晶片150之安全數位記憶卡100下命令並讀取其內部資料。藉此,利用裝載有安全數位記憶卡100之智慧型手機200A、平板電腦200B或筆記型電腦200C感應交易卡500之數據資料並網路連接外部的交易單位600,協同內部之智能晶片150進行驗證。Please refer to FIG. 1 , FIG. 2 and FIG. 5 , which are schematic diagrams showing the application of the secure digital memory card 100 in accordance with the embedded smart chip 150 in conjunction with the mobile card reader terminal 200 . The aforementioned action card reader terminal 200 can For the smart phone 200A, the tablet 200B, the notebook computer 200C or any electronic device having a secure digital memory card slot, the secure digital memory card 100 embedded with the smart chip 150 can be commanded and read its internal data. Thereby, the data of the transaction card 500 is sensed by using the smart phone 200A, the tablet 200B or the notebook computer 200C loaded with the secure digital memory card 100, and the external transaction unit 600 is connected to the network, and the internal smart chip 150 is used for verification. .

由此可知,前述內嵌智能晶片之安全數位記憶卡、行動讀卡終端機及其控制方法具有以下功效:It can be seen that the foregoing secure digital memory card, mobile card reader terminal and control method thereof have the following effects:

1.利用安全數位卡已內嵌智能晶片的結構並配合可讀取安全數位記憶卡之行動讀卡終端機,可節省以往還須額外客制化內建安全模組之讀卡機所花費之成本及時間。1. The use of a secure digital chip with a secure digital chip and an action card reader that can read a secure digital memory card can save the cost of a card reader that requires additional custom built-in security modules. Cost and time.

2.同時搭配軟體上的應用,使行動讀卡終端機不僅可讀取內嵌智能晶片之安全數位記憶卡內部資料,且內嵌智能晶片之安全數位記憶卡可相對應執行行動讀卡終端機所發出的命令,讓整個交易過程中受高安全性的金鑰及密碼保護。2. Simultaneously with the application on the software, the action card reader can not only read the internal data of the secure digital memory card embedded with the smart chip, but also the secure digital memory card embedded with the smart chip can execute the action card reader terminal. The commands issued are protected by high security keys and passwords throughout the transaction.

雖然本新型已以實施方式揭露如上,然其並非用以限定本新型,任何熟習此技藝者,在不脫離本新型之精神和範圍內,當可作各種之更動與潤飾,因此本新型之保護範圍當視後附之申請專利範圍所界定者為準。Although the present invention has been disclosed in the above embodiments, it is not intended to limit the present invention. Any one skilled in the art can make various changes and retouchings without departing from the spirit and scope of the present invention. The scope is subject to the definition of the scope of the patent application attached.

100‧‧‧安全數位記憶卡100‧‧‧Safe Digital Memory Card

110‧‧‧記憶卡接口介面110‧‧‧ memory card interface

120‧‧‧記憶卡控制器120‧‧‧ Memory Card Controller

130‧‧‧記憶體130‧‧‧ memory

140‧‧‧智能晶片接口介面140‧‧‧Smart Chip Interface

150‧‧‧智能晶片150‧‧‧Smart Wafer

151‧‧‧傳輸單元151‧‧‧Transportation unit

152‧‧‧文件單元152‧‧‧ file unit

153‧‧‧安全單元153‧‧‧Safety unit

154‧‧‧應用單元154‧‧‧ Application Unit

APDU‧‧‧應用協議數據命令APDU‧‧‧Application Protocol Data Command

TD‧‧‧交易數據TD‧‧‧ transaction data

MF‧‧‧根目錄文件MF‧‧‧ root directory file

AF‧‧‧應用目錄文件AF‧‧‧Application Catalog File

SM‧‧‧安全機制SM‧‧‧Security Mechanism

ATR‧‧‧響應信息ATR‧‧‧Response information

ID‧‧‧身分驗證資料ID‧‧‧identification data

Claims (7)

一種內嵌智能晶片之安全數位記憶卡,包含:一記憶卡接口介面,用以電性連接外部一終端應用程序並根據該終端應用程序傳輸一應用協議數據命令、一身分驗證資料及一交易數據;一記憶卡控制器,其電性連接該記憶卡接口介面並轉發該應用協議數據命令、該身分驗證資料及該交易數據;一智能晶片接口介面,其電性連接該記憶卡控制器;以及一智能晶片,包含:一傳輸單元,其電性連接該智能晶片接口介面而傳輸該應用協議數據命令、該身分驗證資料及該交易數據;一文件單元,該文件單元內包含一根目錄文件以及複數應用目錄文件;一安全單元,該安全管理單元內設有一安全機制,該安全機制用以校驗該應用協議數據命令且加解密該交易數據及該身分驗證資料;以及一應用單元,用以對該根目錄文件及該些應用目錄文件執行該應用協議數據命令並回傳一響應信息,且該應用單元監控管理該傳輸單元、該文件單元及該安全單元。A secure digital memory card embedded with a smart chip, comprising: a memory card interface for electrically connecting an external terminal application and transmitting an application protocol data command, an identity verification data and a transaction data according to the terminal application a memory card controller electrically connected to the memory card interface and forwarding the application protocol data command, the identity verification data and the transaction data; an intelligent chip interface interface electrically connected to the memory card controller; a smart chip, comprising: a transmission unit electrically connected to the smart chip interface interface to transmit the application protocol data command, the identity verification data and the transaction data; a file unit, the file unit includes a directory file and a plurality of application directory files; a security unit, wherein the security management unit is provided with a security mechanism for verifying the application protocol data command and encrypting and decrypting the transaction data and the identity verification data; and an application unit for Executing the application protocol data for the root directory file and the application directory files Order and return a response message, and the application unit monitoring and management of the transmission unit, the file unit and the security unit. 如申請專利範圍第1項所述之內嵌智能晶片之安全數位記憶卡,其中該根目錄文件更具有一卡片金鑰,各 該應用目錄文件更分別具有一應用金鑰,該安全機制更包含一個人識別碼、一數字簽章集合以及一加解密金鑰集合,該加解密金鑰集合更包含一交易授權碼、一信息摘要及一信息鑑別碼,該交易授權碼、該信息摘要及該信息鑑別碼係採一MD5演算法、一SHA演算法、一DES演算法及一RSA演算法。The secure digital memory card embedded with the smart chip, as described in claim 1, wherein the root directory file further has a card key, each The application directory file further has an application key, and the security mechanism further comprises a person identification code, a digital signature set and an encryption and decryption key set, the encryption and decryption key set further comprises a transaction authorization code and a message digest. And an information authentication code, the transaction authorization code, the information digest and the information authentication code adopt an MD5 algorithm, a SHA algorithm, a DES algorithm and an RSA algorithm. 如申請專利範圍第1項所述之內嵌智能晶片之安全數位記憶卡,其中智能晶片更包含一硬件隨機數發生器,用以產生一隨機金鑰而加密該交易數據及該身分驗證資料。The secure digital memory card embedded with the smart chip according to claim 1, wherein the smart chip further comprises a hardware random number generator for generating a random key to encrypt the transaction data and the identity verification data. 如申請專利範圍第1項所述之內嵌智能晶片之安全數位記憶卡,更包含一無線收發模組,用以無線傳輸該交易數據。The secure digital memory card embedded with the smart chip as described in claim 1 further includes a wireless transceiver module for wirelessly transmitting the transaction data. 如申請專利範圍第1項所述之內嵌智能晶片之安全數位記憶卡,更包含一記憶體,用以儲存該交易數據。The secure digital memory card embedded with the smart chip as described in claim 1 further includes a memory for storing the transaction data. 一種行動讀卡終端機,其係應用於讀取如申請專利範圍第1項所述之內嵌智能晶片之安全數位記憶卡,該行動讀卡終端機包含:一傳輸介面,其電性連接該記憶卡接口介面而符合一有線傳輸協定; 一控制模組,其電性連接該傳輸介面,該控制模組內建一終端應用程序以配合該內嵌智能晶片之安全數位記憶卡進行交易,該控制模組發出該應用協議數據命令控制該智能晶片並接收該響應信息,且該控制模組存取該智能晶片;一天線讀取模組,其電性連接該控制模組,該天線讀取模組符合一無線傳輸協定用以從一交易卡無線接收該交易數據及該身分驗證資料;以及一網路模組,其電性連接該控制模組且根據該交易數據及該身分驗證資料連接一交易單位。An action card reader terminal for reading a secure digital memory card embedded in a smart chip according to claim 1, wherein the action card reader terminal comprises: a transmission interface electrically connected to the The memory card interface interface conforms to a wired transmission protocol; a control module electrically connected to the transmission interface, the control module has a terminal application built in cooperation with the secure digital memory card embedded in the smart chip, and the control module issues the application protocol data command to control the The smart chip receives the response information, and the control module accesses the smart chip; an antenna reading module electrically connected to the control module, the antenna reading module conforms to a wireless transmission protocol for use from a The transaction card wirelessly receives the transaction data and the identity verification data; and a network module electrically connected to the control module and connected to a transaction unit according to the transaction data and the identity verification data. 如申請專利範圍第6項所述之行動讀卡終端機,該有線傳輸協定為一ISO7816協定,該無線傳輸協定為一ISO14443協定。For example, in the mobile card reader terminal described in claim 6, the cable transmission protocol is an ISO7816 agreement, and the wireless transmission protocol is an ISO 14443 agreement.
TW104204481U 2015-03-25 2015-03-25 Security digital memory card with embedded smart chip and card reader terminal TWM504286U (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
TW104204481U TWM504286U (en) 2015-03-25 2015-03-25 Security digital memory card with embedded smart chip and card reader terminal
CN201520294774.XU CN204576569U (en) 2015-03-25 2015-05-08 Safety digital storage card embedded with intelligent chip and mobile card reading terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW104204481U TWM504286U (en) 2015-03-25 2015-03-25 Security digital memory card with embedded smart chip and card reader terminal

Publications (1)

Publication Number Publication Date
TWM504286U true TWM504286U (en) 2015-07-01

Family

ID=53869175

Family Applications (1)

Application Number Title Priority Date Filing Date
TW104204481U TWM504286U (en) 2015-03-25 2015-03-25 Security digital memory card with embedded smart chip and card reader terminal

Country Status (2)

Country Link
CN (1) CN204576569U (en)
TW (1) TWM504286U (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201635205A (en) * 2015-03-25 2016-10-01 格宇科技股份有限公司 Security digital memory card with embedded smart chip, card reader terminal and controlling method thereof
CN106055993A (en) * 2016-08-13 2016-10-26 深圳市樊溪电子有限公司 Encryption storage system for block chains and method for applying encryption storage system

Also Published As

Publication number Publication date
CN204576569U (en) 2015-08-19

Similar Documents

Publication Publication Date Title
TWI524275B (en) Storage device and method of operating a storage device
US9813116B2 (en) Secure near field communication solutions and circuits
US20170357960A1 (en) Method for processing a transaction from a communications terminal
US20080040615A1 (en) Biometric embedded device
CN103069384A (en) Host device and method for securely booting the host device with operating system code loaded from a storage device
TW200928740A (en) Intelligent controller system and method for smart card memory modules
TW200928997A (en) Critical security parameter generation and exchange system and method for smart-card memory modules
AU2020414358B2 (en) Secure authentication based on identity data stored in a contactless card
KR101824249B1 (en) Method for managing electronic devices, for example, of integrated circuits type, having internal generation of a personal authetication key
US12041172B2 (en) Cryptographic authentication to control access to storage devices
EP2663106B1 (en) Secure near field communication solutions and circuits
US11651361B2 (en) Secure authentication based on passport data stored in a contactless card
CN102999839A (en) Cloud platform and virtual SE (security element) based electronic currency security payment system and cloud platform and virtual SE based electronic currency security payment method
TWM504286U (en) Security digital memory card with embedded smart chip and card reader terminal
US8276188B2 (en) Systems and methods for managing storage devices
TW201635205A (en) Security digital memory card with embedded smart chip, card reader terminal and controlling method thereof
CN116848833A (en) Secure generation of one-time passwords using contactless cards
KR20160141692A (en) Method for Settlement by using Contactless IC Chip
KR20110062621A (en) Openmarket contents download system using storage apparatus of smartcard and contents download offer method thereby
KR100727866B1 (en) Smart Card leader system for the one time password creation
KR101554621B1 (en) Method for Operating Payment by using Contactless Integrated Circuit Chip
KR20200086251A (en) Method for Security Processing based on Contactless IC Chip by using Non-secure Terminal
TW202013292A (en) System and method for verifying online banking service by using mobile device combined with inductive financial card
KR20150042172A (en) Method for Operating Contactless Integrated Circuit Chip Corresponding Certification Level
KR20150042762A (en) Method for Operating Contactless Integrated Circuit Chip

Legal Events

Date Code Title Description
MM4K Annulment or lapse of a utility model due to non-payment of fees