WO2008154872A1 - Terminal mobile, procédé et système pour télécharger des informations de carte de banque ou des informations d'application de paiement - Google Patents

Terminal mobile, procédé et système pour télécharger des informations de carte de banque ou des informations d'application de paiement Download PDF

Info

Publication number
WO2008154872A1
WO2008154872A1 PCT/CN2008/071358 CN2008071358W WO2008154872A1 WO 2008154872 A1 WO2008154872 A1 WO 2008154872A1 CN 2008071358 W CN2008071358 W CN 2008071358W WO 2008154872 A1 WO2008154872 A1 WO 2008154872A1
Authority
WO
WIPO (PCT)
Prior art keywords
card
information
mobile terminal
middleware
bank
Prior art date
Application number
PCT/CN2008/071358
Other languages
English (en)
Chinese (zh)
Inventor
Shuo He
Hongwen Meng
Jia Hu
Original Assignee
China Unionpay Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN2007100426150A external-priority patent/CN101329786B/zh
Priority claimed from CN 200710042616 external-priority patent/CN101330675B/zh
Application filed by China Unionpay Co., Ltd. filed Critical China Unionpay Co., Ltd.
Publication of WO2008154872A1 publication Critical patent/WO2008154872A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/04Protocols specially adapted for terminals or networks with limited capabilities; specially adapted for terminal portability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications

Definitions

  • the invention relates to a mobile terminal and a method for downloading a bank card information or a payment application.
  • the application is submitted to the Chinese Patent Office on June 20, 2007, and the application number is 200710042615.0, and the invention name is "mobile terminal obtains bank card track information or
  • the priority of the Chinese patent application for the method and system of payment application and the priority of the Chinese patent application filed on June 20, 2007, the Chinese Patent Office, application number 200710042616.5, and the invention name "a mobile payment terminal device" The entire contents of which are incorporated herein by reference.
  • the present invention relates to a method for issuing a bank card, and more particularly to a mobile terminal and a method and system for downloading bank card information or payment applications.
  • the bank card includes a magnetic stripe card, a smart card, and the like, wherein the magnetic stripe card, such as a debit card or a cargo card, records information such as a bank card track for payment (referred to as bank card information) on the magnetic strip.
  • the bank card information paid includes the card number, the cardholder name, the card expiration date, and the card check code.
  • Smart cards are usually used to implement payment applications. Payment applications refer to a set of payment rules and data storage defined by banks according to different storage media, security and convenience, such as smart card applications such as electronic wallets, foreign payment card organizations such as VISA or MasterCard also defines a number of similar applications. In essence, the borrowing function implemented by the magnetic stripe card is also a payment application.
  • FIG. 1 it is a schematic diagram of issuing a bank card through a card punching machine, and the specific process is as follows:
  • the bank collects cardholder information
  • the second step is to open an account in the bank account system
  • the third step is to transfer the data of the cardholder information and the account information to the host of the card issuing system;
  • the main transmission mode is the file mode, and the data is transmitted through the network, and the card issuing system stores the file in the form of a file;
  • the card issuing machine is driven by the card issuing software on the host of the card issuing system to read all the information of each card holder one by one, and the personal information is embossed or printed on the card surface by the punching machine. Then, if it is a magnetic stripe card, the information such as the bank card track for payment is output to the magnetic strip of the bank card; if it is a smart card, the smart card interface on the punching machine and the chip communication on the smart card are used to establish a branch. Paying for an application and completing personalization, the personalization refers to the process of writing personal information to a payment application.
  • the above method of issuing a bank card through a punch card machine has the following characteristics:
  • the card issuance process is carried out in a very closed environment
  • the track data is written to the bank card in clear text
  • the bank card issued by one bank is single, and the bank card of other institutions cannot be issued. Moreover, the card issuance lacks sufficient security.
  • the technical problem to be solved by the present invention is to provide a method and system for downloading bank card information or payment application by a mobile terminal, so as to solve the problem of security and single card issuing in the existing card issuing mode.
  • Another object of the present invention is to provide a mobile terminal for downloading bank card information and payment applications, and implementing a payment function.
  • the present invention discloses the following technical solutions:
  • a system for a mobile terminal to download bank card information or a payment application including a mobile terminal device and a card issuance system, wherein:
  • the mobile terminal device includes a smart card and a middleware, wherein the smart card is configured to store the downloaded payment application and bank card information; the middleware is configured to collect authentication information input by the user, send to the card issuing system, and receive from the card issuing system The encrypted payment application or bank card information is forwarded to the smart card storage; the card issuing system is configured to receive the authentication information from the middleware of the mobile terminal device, and after the authentication, encrypt the corresponding payment application or bank card information and return to the Middleware for mobile terminal devices.
  • the authentication information input by the user is the identity authentication information. If the mobile terminal device downloads the payment application, the authentication information input by the user is the authority authentication information.
  • the middleware of the mobile terminal device sends the identity authentication information input by the user to the smart card for encryption, and then sends the authentication information to the card issuing system; and the authority authentication information is directly sent to the card issuing system.
  • the card issuance system includes a card issuing machine and a card issuance data collection system, wherein the bank card letter
  • the information is stored in the card issuing data collection system, and the card issuing front machine obtains the bank card information from the card issuing data collecting system, and sends the middleware to the mobile terminal device after being encrypted; or the bank card information is directly stored in the card issuing front end machine.
  • the card issuing data collection system and the card issuing front end are connected through a dedicated communication network; the mobile terminal device and the card issuing system are connected by a wireless communication network, and the wireless communication manner includes a short message, USSD or wireless internet.
  • a method for a mobile terminal to download bank card information or pay for an application including:
  • the mobile terminal receives the authentication information input by the user, and sends the authentication information to the card issuing system through the middleware; after the card issuing system performs the authentication, the corresponding payment application or the bank card information is encrypted and returned to the middleware of the mobile terminal;
  • the middleware writes the encrypted result to the smart card storage.
  • the user inputs the authority authentication information and performs the authentication of the download authority. If the bank card information is downloaded, the user inputs the identity authentication information to authenticate the user identity.
  • the method further includes: the mobile terminal middleware sends the identity authentication information input by the user to the smart card for encryption, and then sends the information to the card issuing system.
  • the smart card encrypts the identity authentication information input by the user by using a key negotiated with the card issuing system, and the card issuing system directly decrypts when verifying the identity of the user.
  • the card issuing system encrypts the payment application or the bank card information by using a key unknown to the mobile terminal.
  • the method further comprises: performing process key encryption transmission on the transmission data between the middleware and the card issuance system, the transmission data including the authentication information and the encrypted payment application or bank card information.
  • the payment application is downloaded, the payment application is decomposed into a packet transmission.
  • a mobile payment terminal device comprising:
  • a smart card for storing downloaded payment applications and bank card information
  • the middleware is configured to collect authentication information input by the user, and send the information to the card issuing system; and receive the returned payment application or bank card information from the card issuing system, and forward it to the smart card storage;
  • Communication interface used to input or output bank card information stored by smart card.
  • the smart card has an encryption function. If the card information is downloaded, the middleware sends the authentication information input by the user to the smart card for encryption, and then sends the information to the card issuing system.
  • the payment application and the card information stored by the smart card are encrypted information.
  • the communication interface includes a remote wireless communication interface and/or a proximity contactless communication connection.
  • the communication interface is disposed on the smart card or provided by the mobile payment terminal device.
  • the smart card is a SIM card; or a smart card separately embedded in the device separately from the SIM card.
  • the wireless communication mode between the mobile payment terminal device and the card issuance system includes a short message, USSD or wireless internet.
  • the present invention discloses the following technical effects: securely transmitting and storing from a card issuing host to a smart card embedded in the mobile terminal device through a wireless communication network, which is convenient for the card holder to use. Compared with the traditional card issuance method, it has the following advantages:
  • payment information such as payment applications and tracks are cryptographically shaped at any point on the mobile device side, providing greater security than traditional bank card issuance;
  • the information such as the payment application and the bank card track is downloaded to the smart card of the mobile terminal device by means of wireless communication;
  • a mobile payment terminal device is provided to implement a mobile payment function.
  • the mobile terminal device is embedded with a middleware and a smart card, and the middleware is responsible for a communication connection between the smart card and the card issuance system, and the smart card is responsible for storing information such as a payment application and a bank card track downloaded from the card issuing system;
  • the communication interface provided by the device or smart card outputs information such as the bank card track, and the payment can be completed.
  • the mobile payment has the following advantages:
  • the information such as the bank card track is stored in the smart card of the mobile terminal device, it is not easy to wear and can be effective for a long time;
  • the mobile terminal device can have multiple bank cards built in;
  • remote real-time transactions can be realized by the wireless communication interface provided by the mobile terminal device or the smart card.
  • the communication interface for inputting and outputting information such as bank card tracks may be a remote wireless communication interface for remote downloading and payment; or a short-range contactless communication interface for non-contact on-site download and payment.
  • Two interfaces can be set in the mobile terminal device, and remote and close-range wireless download and payment functions are available.
  • FIG. 1 is a schematic diagram of a bank card issued by a punch card machine in the prior art
  • FIG. 2 is a schematic diagram of downloading information such as a bank card track or a payment application to a mobile terminal according to an embodiment of the present invention
  • FIG. 3 is a flow chart showing the steps of downloading a payment application to a mobile terminal according to an embodiment of the present invention
  • FIG. 4 is a flow chart showing the steps of downloading information such as a bank card track to a mobile terminal according to an embodiment of the present invention
  • Figure 5 is a structural diagram of a response message in the embodiment of Figure 4.
  • FIG. 6 is a structural diagram of an interaction message between a card-issuing front-end machine and a middleware according to an embodiment of the present invention
  • FIG. 7 is a flow chart of steps for completing payment by a mobile terminal according to an embodiment of the present invention.
  • the embodiment of the present invention provides a more secure method for downloading information such as a payment application and a bank card track stored in a traditional bank card from a card issuing system to a smart card built in the mobile terminal, so that the smart card has a bank. Card function.
  • FIG. 2 it is a schematic diagram of downloading information such as a bank card track or a payment application to a mobile terminal.
  • the mobile device 1 and the card-issuing front-end machine 2 are connected through the wireless communication network 3, and the card-issuing front-end machine 2 will be moved.
  • the data to be downloaded is transmitted to the mobile device 1 by wireless communication.
  • the wireless communication network may be a short message, a USSD (Unstructured Supplementary Service Data, which is a new interactive data service based on a GSM network), or a wireless Internet communication method.
  • USSD Unstructured Supplementary Service Data
  • the mobile device 1 refers to a mobile device in which a smart card chip 11 (hereinafter referred to as a smart card 11) is embedded, such as a mobile phone with a built-in SIM card, and the SIM card is a smart card 11.
  • the mobile device 1 stores information such as the downloaded payment application and bank card track on the smart card 11, so that the smart card 11 has the function of a bank card.
  • the middleware 12 in the mobile device 1 is a software for interacting with the user's card front-end machine 2, providing information input, function selection, and communication channels for the card-issuing front-end machine 2 and the built-in smart card 11.
  • the card issuing machine 2 is configured to encrypt and transmit information such as a payment application and a bank card track to the middleware 12 of the mobile device 1.
  • the bank card track and the like may be stored in the card issuing machine 2 or may be stored in the card issuing machine 2 Card issuer 4 or other place in the card issuance data collection system. If it is stored in the card issuing mechanism 4, the card issuing machine 2 and the card issuing mechanism 4 are connected through the dedicated communication network 5, and the card issuing machine 2 needs to acquire the download data such as the track from the card issuing unit 4.
  • the bank card is issued in the manner shown in Figure 2.
  • "Bank Card Application” is a dedicated application for providing secure storage of track information and therefore using interfaces.
  • the "bank card application” is the above-mentioned application for payment, which can be downloaded to the smart card by wireless communication, or can be written into the smart card in advance. Therefore, the card issuing method according to the embodiment of the present invention needs to download the application for payment to the mobile terminal first, and provide a storage space and a use interface for the payment information such as the track, and then download the information such as the bank card track for payment. .
  • the following describes the process of downloading the payment application and downloading information such as tracks.
  • the download of the payment application is usually called application download.
  • the application download means that the card front-end machine uses middleware to securely download an application to a smart card (such as a SIM card).
  • the download process is as follows:
  • Step 301 The user opens a function selection interface provided by the mobile device middleware, and selects a payment application download.
  • step 302 the user inputs the authorization code through the middleware input.
  • the download authorization code is a verification code provided by the card front-end machine to the user to download the payment application, and is mainly used to verify whether the user has the right to download. Lee. If the user downloads the payment application, the registration authorization is required to obtain a unique download authorization code, which can be in the form of short message, email, or telephone notification.
  • Step 303 The middleware sends the download authorization code input by the user to the card issuing front end through a wireless communication network.
  • Step 304 After receiving the request for downloading the application, the card front-end machine confirms whether the user has the download right according to the download authorization code included in the request.
  • Step 305 After the right authentication, the card-issuing front-end machine sends a response message, decomposes the corresponding payment application to be downloaded by the user into a certain number of data packets, encrypts the data packet with a unique key, and then uses the wireless network to encrypt the data packet. Middleware sent to mobile devices.
  • the encryption may also adopt various encryption methods, such as a symmetric key or an asymmetric key.
  • the encryption key of this step can only be used by the card-issuing front-end machine, and the mobile device cannot know the key.
  • Step 306 After receiving the download information, the middleware does not process the encrypted application information in the data packet, and directly writes the information to the smart card (such as a SIM card), and the smart card saves the information in the controlled storage area. If the response message is unsuccessful, the application download fails.
  • the smart card such as a SIM card
  • Step 307 The middleware confirms whether there is a subsequent data packet according to the indication information of the response message, and if yes, continues to receive the subsequent data packet, and the encrypted application information in the data packet is not processed, and is directly written to the smart card (eg, In the SIM card, until all packets are received.
  • the smart card eg, In the SIM card
  • Step 308 the middleware prompts the user to download successfully.
  • Step 401 The user selects to download information such as a bank card track on the mobile device middleware.
  • Step 402 The user confirms by inputting the bank card information through the middleware.
  • the bank card information includes a bank card number and a password, and is mainly used for issuing the card front-end machine to verify the identity of the user.
  • Step 403 After the middleware encrypts the identity authentication information input by the user to the smart card (such as a SIM card) built in the mobile device, the middleware continues to read the feature information of the mobile device, such as the smart card serial number and the static authentication data on the smart card. It is then sent to the card issuer through the wireless communication network.
  • the smart card such as a SIM card
  • the encryption process may use a symmetric key or an asymmetric key, or may be other encryption means.
  • the key used for encryption is negotiated in advance with the card-issuing front-end machine through a certain mechanism, otherwise the card-fronting machine cannot be decrypted.
  • the keys are stored in the smart card, and the middleware can be used. But don't know the key.
  • Step 404 After receiving the request for downloading information such as the bank card track, the card front-end machine first verifies the static authentication data included in the request, and confirms that the bank card application built in the mobile device is legal and has not been tampered with, and the verification failure will terminate the download process; After the verification is successful, the encrypted identity authentication information is decrypted by using the negotiation key, and then the identity authentication information is sent to the corresponding organization to verify the identity of the user.
  • Step 405 After the identity verification, the card-issuing front-end machine sends a response message, compresses the corresponding track and the like information, and encrypts the encrypted information, and the encrypted result is sent to the middleware of the mobile device as part of the text.
  • the structure of the response message is as shown in FIG. 5: mainly includes the message type, cardholder information, encryption result, and other ancillary information.
  • the encryption key can only be used by the card-issuing front-end machine, and the mobile device cannot know the key.
  • Step 406 After receiving the response information, the middleware parses the cardholder information and the encryption result according to the message header information, and does not process the payment information such as the encrypted track, and directly writes the information to the smart card (such as a SIM card), and the smart card will Information is stored in a controlled storage area. If the response message is unsuccessful, the application download fails.
  • the middleware parses the cardholder information and the encryption result according to the message header information, and does not process the payment information such as the encrypted track, and directly writes the information to the smart card (such as a SIM card), and the smart card will Information is stored in a controlled storage area. If the response message is unsuccessful, the application download fails.
  • Step 407 the middleware prompts the user to download successfully.
  • the card front-end machine authenticates the user download authority by downloading the authorization code; and in the track information downloading process, the card-issuing front-end machine passes the static authentication data and the card number, The password information identifies the user's identity;
  • the middleware in the process of downloading track information, the middleware must distinguish which information is sensitive (such as passwords, track information, etc.), which information can be ignored (such as card name, card number, etc.), and send the sensitive information.
  • the smart card is encrypted and then sent; in the payment application download, the middleware does not need to know whether the information sent or received is ciphertext or plaintext, so the information input by the user is directly sent;
  • re-encryption is performed in the data transmission process to ensure the security of the transmission process.
  • the following structure is defined for the interaction message between the middleware and the card-issuing front-end machine: including the message class Type, action description, process key algorithm and seed, send sequence counter (ssc), message data, etc.
  • the difference between the message shown in FIG. 6 and the message shown in FIG. 5 is that the message in FIG. 6 is a package for all transmission data in the transmission process, that is, the message in FIG. 5 is only a part of the message in FIG. 6.
  • the message initiator is defined as Sender and the receiver is defined as Receiver.
  • the interaction process is: Sender uses the process key algorithm and the seed generation process key, and uses the process key to encrypt the message data, and sets the transmission sequence counter (SSC) to an initial value of 1;
  • SSC transmission sequence counter
  • the key algorithm, the SSC and the encrypted message data are combined to form a message and sent to the Receiver; after receiving the message, the Receiver recovers the process key according to the process key algorithm and the process key seed, and decrypts the message data by using the process key.
  • the original text of the sent message (which may also be ciphertext) is obtained, and the decrypted data is determined according to the action description.
  • the mobile terminal stores information such as a certain payment application that has been encrypted and a bank card track of the individual user, and the mobile terminal user can directly use the smart card (such as a SIM card) in the mobile device to complete the bank payment function.
  • the smart card such as a SIM card
  • Step 701 The user performs a card swiping operation on the mobile device carried by the user (such as an ATM, a POS terminal, a bank self-service device, a bank pre-rejection station, etc.), and the mobile device is embedded with a smart card loaded with the bank card application.
  • the mobile device carried by the user (such as an ATM, a POS terminal, a bank self-service device, a bank pre-rejection station, etc.), and the mobile device is embedded with a smart card loaded with the bank card application.
  • Step 702 The smart card provides an interface for outputting the stored download information.
  • a process key SK is automatically generated in the card, and the encrypted download data is encrypted again by using the SK. , get the encrypted result (PI) SK.
  • Step 703 Output the encryption result (PI) SK, the seed data of the generated process key SK, and the process key algorithm through the interface.
  • Step 704 After receiving the encryption result (PI)SK, the seed data of the process key SK, and the process key algorithm, the receiving terminal forms a message together with the transaction data, and sends the message to the transaction processing system.
  • Step 705 The transaction processing system returns the process key SK according to the seed data of the generated process key SK and the process key algorithm, and performs decryption processing to obtain encrypted download data. Since the transaction processing system and the card-issuing front-end machine are the same institution or different institutions negotiated in advance, the transaction processing system can obtain a key for decrypting the downloaded data. The transaction processing system solves the encrypted download data Once the data is downloaded, the transaction can be processed directly.
  • the user can download the payment information such as the payment application and the track to the mobile device anytime and anywhere, and the use is very convenient, and is safer and faster than the traditional bank card issuance method.
  • the present invention also provides a corresponding downloading system for the downloading method.
  • a card issuing machine 2 the card issuing mechanism 4 (possibly storing information such as bank card tracks), and the dedicated communication network 5 are collectively referred to as a card issuing system, so the downloading system includes the mobile device 1, the card issuing system and the wireless communication network 3 .
  • the various components of the system are as described above and will not be described in detail herein.
  • the embodiment of the invention further provides a mobile terminal device for downloading information such as a payment application and a bank card track.
  • the mobile terminal device is different from a commonly used mobile device, and requires a built-in middleware and a smart card chip that provides a download data output interface.
  • the mobile terminal device may be a mobile phone, a PDA, a mobile PC or the like.
  • the middleware is responsible for establishing and maintaining data communication between the smart card and the card issuance system, and the specific functions include: for the payment application download, collecting the authority authentication information input by the user on the mobile device (such as downloading the authorization code); for the bank card track, etc.
  • Downloading information collecting identity authentication information such as the bank card number or password entered by the user, sending sensitive information such as the bank card password entered by the user to the embedded smart card for encryption, and obtaining the encrypted result; establishing a communication link with the card issuing system;
  • the authority authentication information, or the ciphertext of the sensitive information and other collected information, are combined to form a message and sent to the card issuing system; the return information is received from the card issuing system, and the encrypted payment application or track information is parsed and directly forwarded to the Stored in a smart card embedded in the mobile device.
  • the smart card provides storage and encryption functions, such as a SIM card built in the mobile phone, which is a specific application of the smart card in the field of telecommunications, similar to a computer without a display and a keyboard, and has an internal operating system, a memory, and an EEPROM (similar to a hard disk). Store information), CPU and other components.
  • SIM card built in the mobile phone
  • EEPROM electrically erasable programmable read-only memory
  • EEPROM electrically erasable programmable read-only memory
  • CPU electrically erasable programmable read-only memory
  • the reason why a smart card is called a "smart" card is because it has an operating system and a CPU that can flexibly set application logic.
  • a smart card can store many applications. If a telecom application is stored, it is called a SIM card. Of course, smart cards can also save applications such as bank cards. Each application contains two types of data: a key and data necessary for the application; the key defines the logic of the application, and the application data is protected by the logic. Smart cards for various applications can also be separated from the SIM card and built into the mobile device.
  • the encryption function of the smart card is to store a set of keys in the card in advance, and define the encrypted interface of the key for external use. For example, the following interface defines the encrypted function call:
  • Table 1 is a function call table that defines encryption.
  • KID defines the identifier of the calling key
  • 0P defines the encryption or decryption operation
  • DATA defines the input information of the encryption/decryption.
  • the smart card that defines the above interface can encrypt the user input information sent from the middleware.
  • the mobile terminal device has built-in smart cards and middleware to download information such as various payment applications and bank card tracks. If the mobile device with the payment function implements the payment function, it also needs to use the built-in communication interface to output the bank card track information during the payment operation to complete the payment.
  • the communication interface has an information input and output function, and is used for receiving information such as a payment application or a bank card track downloaded through the middleware during the downloading process; and outputting the stored track information to the external device during the payment process; .
  • the communication interface may be provided by a smart card or by a mobile terminal device.
  • a smart card application uses an interface called APDU (see Table 1) to communicate with or provide services to an external device.
  • the APDU interface is a communication interface, and the downloaded bank card track information can be input to the smart card through the APDU interface. Or output to the receiving terminal, and then transmitted to the transaction processing system through the receiving terminal for transaction processing to realize the payment function of the smart card.
  • the communication interface can also be set in the mobile device, and the input and output of the stored data can be performed on multiple smart cards embedded in the mobile terminal.
  • the communication interface can be a remote wireless communication interface, which can realize remote downloading and remote real-time payment transactions; and can also be a close-range contactless communication interface, enabling non-contact close-range downloading and on-site payment transactions.
  • the proximity contactless communication interface is provided by a built-in NFC chip for implementing a contactless function. Two interfaces can be set in the mobile terminal device, and at the same time, remote and close-range wireless download and payment functions are available. For example, after remote or close downloading with payment function, if it can be paid on site, the track information is output through the proximity contactless communication interface; Cheng pays, the track information is output through the remote wireless communication interface, so that the user is very convenient to use.
  • the above NFC technology (close-range non-contact technology) is born out of "contactless radio frequency identification” (RFID) and interconnection technology between wireless devices, which can meet the information exchange, content access and service exchange between any two wireless devices. And to make it more simple - as long as any two devices are close without the need for cable plug-in, you can achieve mutual communication.
  • RFID radio frequency identification
  • the communication method greatly shortens the "communication distance" between any two wireless devices. For example, holding a mobile phone in front of a concert advertisement poster, you can connect the mobile phone to the poster website, and you can connect the mobile phone to the poster website. To buy tickets, you can use the smart card embedded in the mobile phone to pay for the ticket. This is the application of NFC technology.
  • the present invention provides a mobile terminal and a method and system for downloading bank card information or payment application.
  • the principles and embodiments of the present invention are described in the following. The description is only for helping to understand the method of the present invention and its core idea; at the same time, there will be changes in the specific embodiments and application scopes according to the idea of the present invention to those skilled in the art. In conclusion, the content of the present specification should not be construed as limiting the invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention porte sur un terminal mobile, sur un procédé et sur un système pour télécharger des informations de carte de banque ou des informations d'application de paiement, qui peuvent résoudre certains problèmes concernant la sécurité et le caractère unique dans le procédé existant pour lancer des cartes. Ledit terminal mobile comprend un intergiciel et une carte intelligente. Ledit procédé pour télécharger des informations comprend les étapes suivantes : le terminal mobile reçoit des informations d'authentification mises en entrée par des utilisateurs et envoie les informations à un système pour lancer des cartes à travers l'intergiciel. Le système pour lancer des cartes crypte des informations d'application de paiement correspondantes ou des informations de carte de banque correspondantes et envoie les informations à nouveau à l'intergiciel dans le terminal mobile, après que le système authentifie les informations mises en entrée par les utilisateurs. L'intergiciel écrit lesdites informations cryptées reçues dans la carte intelligente. Les informations concernant la piste magnétique utilisée pour une application de paiement ou autres paiements, sont transmises de façon sûre et stockées du serveur de lancement de carte principal à la carte intelligente incorporée dans le dispositif de terminal mobile par un réseau de communication sans fil. L'utilisateur tenant la carte peut utiliser le terminal mobile et le système de façon commode. Et le procédé est plus sûr qu'un procédé traditionnel pour lancer des cartes de banque.
PCT/CN2008/071358 2007-06-20 2008-06-19 Terminal mobile, procédé et système pour télécharger des informations de carte de banque ou des informations d'application de paiement WO2008154872A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN200710042615.0 2007-06-20
CN200710042616.5 2007-06-20
CN2007100426150A CN101329786B (zh) 2007-06-20 2007-06-20 移动终端获取银行卡磁道信息或支付应用的方法及系统
CN 200710042616 CN101330675B (zh) 2007-06-20 2007-06-20 一种移动支付终端设备

Publications (1)

Publication Number Publication Date
WO2008154872A1 true WO2008154872A1 (fr) 2008-12-24

Family

ID=40155918

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/071358 WO2008154872A1 (fr) 2007-06-20 2008-06-19 Terminal mobile, procédé et système pour télécharger des informations de carte de banque ou des informations d'application de paiement

Country Status (1)

Country Link
WO (1) WO2008154872A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104348952A (zh) * 2013-07-24 2015-02-11 北京握奇数据系统有限公司 一种卡片应用管理系统的控制方法
CN111652612A (zh) * 2020-06-03 2020-09-11 中国银行股份有限公司 移动支付方法及装置
CN114221784A (zh) * 2021-11-12 2022-03-22 招银云创信息技术有限公司 数据传输方法和计算机设备
CN116170794A (zh) * 2023-04-25 2023-05-26 深圳市微付充科技有限公司 一种用于智能卡在线空发系统及其方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002021767A1 (fr) * 2000-09-04 2002-03-14 Sonera Smarttrust Ltd Carte de paiement virtuelle
CN1437373A (zh) * 2002-02-09 2003-08-20 英业达股份有限公司 自动发送和管理留言的系统与方法
CN1581183A (zh) * 2003-07-31 2005-02-16 上海贝尔阿尔卡特股份有限公司 移动环境中匿名微支付及其认证的方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002021767A1 (fr) * 2000-09-04 2002-03-14 Sonera Smarttrust Ltd Carte de paiement virtuelle
CN1437373A (zh) * 2002-02-09 2003-08-20 英业达股份有限公司 自动发送和管理留言的系统与方法
CN1581183A (zh) * 2003-07-31 2005-02-16 上海贝尔阿尔卡特股份有限公司 移动环境中匿名微支付及其认证的方法

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104348952A (zh) * 2013-07-24 2015-02-11 北京握奇数据系统有限公司 一种卡片应用管理系统的控制方法
CN104348952B (zh) * 2013-07-24 2017-03-29 北京握奇数据系统有限公司 一种卡片应用管理系统的控制方法
CN111652612A (zh) * 2020-06-03 2020-09-11 中国银行股份有限公司 移动支付方法及装置
CN111652612B (zh) * 2020-06-03 2023-08-29 中国银行股份有限公司 移动支付方法及装置
CN114221784A (zh) * 2021-11-12 2022-03-22 招银云创信息技术有限公司 数据传输方法和计算机设备
CN114221784B (zh) * 2021-11-12 2024-04-09 招银云创信息技术有限公司 数据传输方法和计算机设备
CN116170794A (zh) * 2023-04-25 2023-05-26 深圳市微付充科技有限公司 一种用于智能卡在线空发系统及其方法
CN116170794B (zh) * 2023-04-25 2023-08-08 深圳市微付充科技有限公司 一种用于智能卡在线空发系统及其方法

Similar Documents

Publication Publication Date Title
US7357309B2 (en) EMV transactions in mobile terminals
CN1344396B (zh) 便携式电子的付费与授权装置及其方法
US7870998B2 (en) Private information exchange in smart card commerce
KR20210069055A (ko) 비접촉식 카드의 암호화 인증을 위한 시스템 및 방법
CN101329786B (zh) 移动终端获取银行卡磁道信息或支付应用的方法及系统
CN101098225A (zh) 安全数据传输方法及支付方法、支付终端和支付服务器
JP2012503242A (ja) 決済に用いる非接触認証システムおよび方法
WO2001086599A2 (fr) Communication intelligente
WO2009137076A2 (fr) Système à une seule carte
CN105593886A (zh) 用于执行本地交易的方法和设备
CN101330675B (zh) 一种移动支付终端设备
US9792592B2 (en) Portable electronic device for exchanging values and method of using such a device
HU231086B1 (hu) Eljárás azonosított bankkártyás fizetési tranzakció bonyolításának biztosítására, kezdeményezésére, valamint erre szolgáló szoftver, és ilyen szoftvert tartalmazó kommunikációs eszköz
CN101223729B (zh) 对移动支付设备进行更新
WO2008154872A1 (fr) Terminal mobile, procédé et système pour télécharger des informations de carte de banque ou des informations d'application de paiement
US8290870B2 (en) Method and device for exchanging values between personal portable electronic entities
CN114424202A (zh) 用于使用动态标签内容的系统和方法
KR100901297B1 (ko) 가상 가맹점 망 운용 시스템
KR100928412B1 (ko) 가상 가맹점 망을 이용한 결제처리 시스템
KR101212237B1 (ko) 브이오아이피 단말을 통한 입력납부 방법 및 시스템과 이를 위한 브이오아이피 단말 및 기록매체
CN104881782B (zh) 一种基于安全交易的方法、系统
KR101145832B1 (ko) 결제단말 및 결제단말의 가상 가맹점 망을 통한 카드 결제 방법
KR20090016618A (ko) 가상 가맹점 망을 이용한 결제처리 방법 및 기록매체
KR20090093234A (ko) 가상 금융단말 기능을 구비한 브이오아이피 단말과 이를위한 금융거래 방법 및 기록매체
KR20090000585A (ko) 무선 통신망을 이용한 분산 결제용 트랜잭션 포인트단말장치와 이를 이용한 분산 결제 방법, 시스템, 기록매체

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08757767

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08757767

Country of ref document: EP

Kind code of ref document: A1