WO2010051714A1 - Procédé, système et terminal mobile de mise à jour et distribution de clé d’un domaine de sécurité d’une carte à puce - Google Patents

Procédé, système et terminal mobile de mise à jour et distribution de clé d’un domaine de sécurité d’une carte à puce Download PDF

Info

Publication number
WO2010051714A1
WO2010051714A1 PCT/CN2009/073487 CN2009073487W WO2010051714A1 WO 2010051714 A1 WO2010051714 A1 WO 2010051714A1 CN 2009073487 W CN2009073487 W CN 2009073487W WO 2010051714 A1 WO2010051714 A1 WO 2010051714A1
Authority
WO
WIPO (PCT)
Prior art keywords
card
management platform
smart card
mobile terminal
security domain
Prior art date
Application number
PCT/CN2009/073487
Other languages
English (en)
Chinese (zh)
Inventor
余万涛
马景旺
贾倩
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2010051714A1 publication Critical patent/WO2010051714A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Definitions

  • the present invention relates to an NFC-based mobile terminal electronic payment technology, and in particular to a smart card slave security domain key update distribution method, system and mobile terminal.
  • NFC Near Field Communication
  • 1356MHz a short-range wireless communication technology operating at 13.56MHz
  • mobile communication terminals such as mobile phones can simulate contactless IC cards for related applications of electronic payment.
  • Implementing this solution on a mobile communication terminal requires adding an NFC analog front end chip and an NFC antenna to the terminal, and using a smart card that supports electronic payment.
  • IC cards especially non-contact IC cards
  • mobile phones have experienced rapid development for more than 20 years, and have been widely popular among residents, bringing great convenience to people's work and life.
  • the capabilities of mobile phones are becoming more powerful and there is a tendency to integrate more features.
  • Combining mobile phones with non-contact IC card technology mobile phones used in the field of electronic payment will further expand the use of mobile phones, bring convenience to people's lives, and have broad application prospects.
  • the business framework of the mobile payment system for mobile terminals based on NFC technology usually adopts the multi-application framework of the Global Platform specification.
  • the smart card supporting the Global Platform specification refers to the Global Platform Card Specification V2.1.1/V2.2 specification.
  • the IC chip or smart card can be physically a SIM/USIM card, a pluggable smart memory card or an IC chip integrated on the mobile terminal.
  • NFC Near Field Communication
  • secure channel protocol needs to support SCP02 (based on symmetric key); if the mobile terminal electronic payment system based on near field communication technology supports GP2.2 specification, the secure channel protocol needs to support SCP02 (based on symmetric key) and SCP10 (based on non- Symmetric keys), card issuers, application providers can choose based on security policy requirements.
  • an NFC-based mobile terminal short-range electronic payment system mainly consists of a card issuer management platform, an application provider management platform, and a mobile terminal supporting a smart card with an electronic payment application function, and multiple application providers may exist in the system. Management platform.
  • multiple applications can be installed on the smart card supporting the Global Platform specification.
  • the smart card is divided into several independent security domains to ensure the isolation and independence of multiple applications. Manage their respective security domains as well as applications, application data, and more.
  • Security domains include primary and secondary security domains.
  • the primary security domain is the card issuer's mandatory card representation on the smart card.
  • the security domain is represented by a card issuer or application provider on an additional optional card on the smart card.
  • the key generation, distribution, and update of the security domain is the responsibility of the card issuer or application provider that manages the security domain, which ensures that applications and data from different application providers can coexist on the same card.
  • the keys for the security domain include the primary security domain key, the security domain initial key, and the secondary security domain key.
  • the primary security domain key and the slave security domain initial key are generated by the card issuer management platform, from the security domain key by the pipe
  • the update distribution process from the secure domain key used by the electronic payment application is related to the specific implementation of the system network architecture.
  • the smart card In order to realize the security management of the smart card and the downloading and installation of the electronic payment application, the smart card needs to establish communication with the card issuer management platform and the application provider management platform. How to realize the security update distribution of the smart card from the security domain key while establishing communication is a problem that needs to be solved by the mobile terminal electronic payment.
  • the present invention provides a smart card slave security key update distribution method, system and mobile terminal for secure key update and distribution of a smart card from a security domain.
  • the present invention provides a mobile terminal electronic payment system, which includes a smart card having an electronic payment application function, a mobile terminal, an over-the-air OTA (Over The Air) server, and an out-of-card entity management platform, wherein
  • OTA Over The Air
  • the smart card is installed on the mobile terminal
  • the smart card is configured to communicate with the card external entity management platform by the mobile terminal and the over-the-air server;
  • the out-of-card entity management platform is configured to distribute the updated smart card slave security domain key to the smart card via the over-the-air server and the mobile terminal.
  • the card external entity management platform is further configured to establish a secure channel with the smart card, perform mutual authentication with the smart card by using the over-the-air server and the mobile terminal, establish a temporary session key, and generate a new one. Smart card from the security domain key;
  • the over-the-air download server is configured to communicate with the out-of-card entity management platform through a secure connection, and transmit communication data between the smart card and the external card management platform through an over-the-air connection;
  • the smart card is further configured to establish an over-the-air connection with the over-the-air server through the mobile terminal, and perform mutual authentication with the out-of-card entity management platform by the mobile terminal and the over-the-air server, by using the mobile terminal Receiving the card external entity with the over-the-air server
  • the management platform distributes the smart card from the secure domain key, as well as updates from the secure domain key. Further, the card external entity management platform distributes the update to the smart card through the over-the-air server and the mobile terminal when the smart card expires from the security domain key or needs to be forced to update or the mobile terminal user downloads the application. Smart card from the secure domain key.
  • the out-of-card entity management platform refers to a card issuer management platform or an application provider management platform.
  • the present invention also provides a smart card key distribution and distribution method from a security domain.
  • the method establishes a communication between a smart card and an external card management platform through an over-the-air server and a mobile terminal, so as to implement a smart card from a secure domain.
  • Update distribution of keys the method includes:
  • the out-of-card entity management platform establishes a secure channel with the smart card through the over-the-air server and the mobile terminal;
  • step (a) includes:
  • the method further includes: before the step (a):
  • the out-of-card entity management platform initiates the smart card to update the distribution process from the secure domain key.
  • out-of-card entity management platform refers to a card issuer management platform or an application provider management platform.
  • the method further includes: before the step (a): the card issuer management platform creates a slave security domain and generates a slave security domain on the smart card. Initial key; the card issuer management platform will create the basic from the security domain Information and initial key information is sent to the application provider management platform.
  • the present invention further provides a mobile terminal, the mobile terminal comprising a smart card having an electronic payment application function, the smart card downloading an OTA server over the air from a key of the security domain by an external card management platform Mobile terminal distribution.
  • the smart card from the security domain key update distribution method, system and mobile terminal, based on the OTA technology, can solve the security key update and distribution of the smart card from the security domain after the card is issued, for the case of the symmetric key.
  • 1 is a schematic diagram of the architecture of an electronic payment system for a mobile terminal based on the near field communication technology of the present invention.
  • 2 is a schematic diagram of a process for distributing an initial key update from a secure domain for a slave security zone managed by a card issuer.
  • FIG. 3 is a schematic diagram of a process for distributing an initial key update from a security domain for a slave security domain managed by an application provider.
  • FIG. 4 is a schematic diagram of the process of updating and distributing the security key from the security domain, when the key expires or forced update is managed by the card issuer.
  • FIG. 5 is a schematic diagram of the process of updating and distributing the security key from the security domain, when the key expires or the forced update is managed for the application provider.
  • the mobile payment electronic payment system of the present invention includes an application provider management platform, a card issuer management platform, an OTA server, and a mobile terminal and a smart card.
  • the smart card has an electronic payment application function, is installed on the mobile terminal, and the mobile terminal supports the OTA function, and the smart card also supports the Global Platform Card Specification V2.1.1/V2.2 specification; when the user downloads the application, the The smart card establishes an OTA connection between the mobile terminal and the OTA server, and the OTA connection supports a transmission mode such as a short message and a BIP.
  • the platform communication is used for mutual authentication with the management smart card from the management platform of the security domain, and receiving the slave security domain key distributed by the management platform, updating the security domain key, the mutual authentication process, and the security domain secret Key distribution is implemented by the OTA server and the mobile terminal.
  • the connection may also be connected to the card issuer management platform or the application provider management platform through the card issuer service terminal or the application provider service terminal, respectively.
  • the card issuer service terminal is managed by the card issuer management platform; the application provider service terminal is managed by the application provider management platform.
  • the OTA server communicates with the application provider management platform and the card issuer management platform through a secure connection, and transmits communication data between the smart card and the card issuer management platform and the application provider management platform through the OTA connection;
  • the application provider management platform and the card issuer management platform can perform a payment-related service through a secure connection: providing a list of downloadable electronic payment applications, participation in creation of security domains and key distribution, downloading of electronic payment applications, and Personalization of electronic payment applications; specifically, the card issuer management platform is responsible for card issuance and management, manages card resources and lifecycles, keys, certificates, is responsible for the creation of security domains, and other security
  • the domain interacts with application data, including creating a slave security domain, performing mutual authentication with the smart card and establishing a temporary session key, and generating a secret key from the security domain and a new slave security domain key.
  • the card issuer management platform may include a card management system, an application management system, a key management system, a certificate management system, an application provider management system, etc., wherein the certificate management system supports an asymmetric key.
  • a card management system an application management system, a key management system, a certificate management system, an application provider management system, etc.
  • the certificate management system supports an asymmetric key.
  • CA card issuer certification authority
  • the application provider management platform is responsible for the provision and management functions of the electronic payment application, provides various business applications, and performs security management on the card with its corresponding slave security domain, and applies the key, certificate, and data to the slave security domain. Controlling, providing functions such as secure downloading and installation of the application, including mutual authentication with the smart card and establishing a temporary session key, and generating a new slave security domain key.
  • the application provider management platform may include an application management system and a key management system.
  • Management system certificate management system, where the certificate management system is used in the case of supporting asymmetric keys, and the certificate management system and the application provider certification authority (CA) system are connected.
  • CA application provider certification authority
  • the following describes the mobile terminal electronic payment system architecture shown in FIG. 1 as an example, but is not limited to the mobile terminal electronic payment system architecture shown in FIG. 1, and illustrates the smart card key update distribution method of the smart card of the present invention:
  • the OTA-based security domain initial key update distribution process diagram is shown in Figure 2.
  • the OTA-based security key initial key update distribution process step includes:
  • Step 201 The card issuer management platform selects the slave security domain according to the slave domain from the security domain initial key, and sends a SELECT command message to the smart card via the OTA server and the mobile terminal.
  • Step 202 The smart card submits a SELECT command response to the card issuer management platform via the mobile terminal and the OTA server;
  • Step 203 The card issuer management platform establishes an SCP02 secure channel with the smart card via the OTA server and the mobile terminal;
  • the mobile card issuer management platform and the smart card are mutually authenticated from the security domain, and after the mutual authentication is completed, the card issuer management platform and the smart card establish a temporary session key from the security domain to establish a secure channel.
  • the temporary session key can be established in accordance with the Global Platform Card Specification V2.1.1/V2.2 specification, or it can be established by other methods.
  • the mutual authentication process is completed between the card issuer management platform and the smart card from the security domain via the OTA server and the mobile terminal.
  • Step 204 The card issuer management platform generates a new slave security domain key.
  • Step 205 The card issuer management platform sends a new slave security domain key from the security domain to the smart card via the OTA server and the mobile terminal through the PUTKEY command.
  • Step 206 After receiving the new slave security domain key from the security domain, the smart card completes the update operation of the slave domain initial key.
  • Step 207 The smart card is managed from the security domain to the card issuer via the mobile terminal and the OTA server.
  • the platform sends a PUTKEY command response, ending the security domain key update process.
  • the card issuer management platform can create a security domain based on the application information related to the application download.
  • the application information related to the application download can include the smart card ICCID information, the application identifier, and the application provider identity information.
  • the card issuer management platform sends the basic information and initial key information of the security domain to the application provider management platform for the slave security zone managed by the application provider, so that the security zone will be controlled. It is forwarded to the application provider management platform that manages the security domain, and then the application provider management platform updates the initial key from the security domain. If the security domain is managed by the card issuer, the card issuer updates the security domain initial key for the specifically downloaded application.
  • the OTA-based security domain initial key update distribution process diagram is shown in Figure 3.
  • the OTA-based security domain initial key update distribution process step includes:
  • Step 301 The user triggers an application downloading application by using a mobile terminal client program or a card program, and submits an application downloading application to the application provider management platform via the OTA server, where the application downloading application includes the smart card identification information ICCID information, and the like;
  • Request information including application provider identity information (ASP-ID) and smart card identification information ICCID, etc. in the request message;
  • ASP-ID application provider identity information
  • ICCID smart card identification information
  • Step 303 The card issuer management platform verifies that the request information is created from the security domain, and determines whether the slave security domain is created through the application provider management platform.
  • Step 304 The card issuer management platform sends a SELECT command message to the smart card via the application provider management platform, the OTA server, and the mobile terminal, and selects the primary security domain.
  • Step 305 The smart card submits a SELECT command response to the card issuer management platform via the mobile terminal, the OTA server, and the application provider management platform;
  • Step 306 The card issuer management platform and the smart card master security domain establish an SCP02 secure channel via the application provider management platform, the OTA server, and the mobile terminal;
  • Step 307 The card issuer management platform sends an INSTALL command to the smart card via the application provider management platform, the OTA server, and the mobile terminal.
  • Step 309 The card issuer management platform generates an initial key from the security domain
  • Step 310 The card issuer management platform sends the slave security domain initial key to the card master security domain via the application provider management platform, the OTA server, and the mobile terminal through the PUTKEY command.
  • Step 311 After receiving the initial key from the security domain, the card master security domain initializes the slave security domain with the received slave security domain initial key.
  • Step 312 The card master security domain sends a PUTKEY command response to the card issuer management platform via the mobile terminal, the OTA server, and the application provider management platform; the information and the security domain initial key;
  • Step 314 The application provider management platform adds the slave security domain related information to the database.
  • Step 315 The application provider management platform sends a SELECT command message to the smart card via the OTA server and the mobile terminal, and selects the slave security domain.
  • Step 316 The smart card submits a SELECT command response to the application provider management platform via the mobile terminal and the OTA server;
  • Step 317 The application provider management platform establishes an SCP02 security channel from the security domain via the OTA server and the mobile terminal and the smart card; initiates mutual authentication between the application provider management platform and the smart card from the security domain, and after the mutual authentication is completed, the application provider manages The platform establishes a temporary session key with the smart card from the security domain to establish a secure channel.
  • the temporary session key can be established in accordance with the Global Platform Card Specification V2.1.1/V2.2 specification, or it can be established by other methods.
  • the mutual authentication process may be completed between the application provider management platform and the smart card via the OTA server and the mobile terminal;
  • Step 318 Application Provider Management Platform Generate a key from a secure domain;
  • Step 319 The application provider management platform sends the slave security domain key from the security domain to the smart card via the OTA server and the mobile terminal through the PUTKEY command.
  • Step 320 After receiving the slave security domain key from the security domain, the smart card completes the update operation of the initial key from the security domain.
  • Step 321 The smart card sends a PUTKEY command response from the security domain to the application provider management platform via the mobile terminal and the OTA server, and ends the slave domain security distribution process;
  • the update of the security domain key is completed before the end of the security domain key life cycle; when the security domain key used by the electronic payment application needs to be updated for security reasons, the card issuer management platform of the slave security domain is managed or The application provider management platform requires a mandatory update of the slave security domain key.
  • the OTA-based security domain key update distribution process step includes:
  • Step 401 The card issuer management platform sends a SELECT command message to the smart card via the OTA server and the mobile terminal, and selects the slave security domain;
  • Step 402 The smart card submits a SELECT command response to the card issuer management platform via the mobile terminal and the OTA server;
  • Step 403 The card issuer management platform establishes a SCP02 secure channel from the security domain via the OTA server and the mobile terminal and the smart card;
  • the mutual authentication between the card issuer management platform and the smart card from the security domain is initiated according to the slave security domain key currently in use, and mutual authentication is completed. Thereafter, the card issuer management platform establishes a temporary session key with the smart card from the security domain, thereby establishing a secure channel.
  • the temporary session key can be established in accordance with the Global Platform Card Specification V2.1.1/V2.2 specification, or can be established by other methods.
  • the mutual authentication process is completed between the card issuer management platform and the smart card via the OTA server and the mobile terminal.
  • Step 404 The card issuer management platform generates a new slave security domain key.
  • Step 405 The card issuer management platform sends a new slave security domain key from the security domain to the smart card via the OTA server and the mobile terminal through the PUTKEY command.
  • Step 406 After receiving the new slave security domain key from the security domain, the smart card completes the update operation from the security domain key.
  • Step 407 The smart card sends a PUTKEY command response from the security domain to the card issuer management platform via the mobile terminal and the OTA server, and ends the security domain key update process.
  • the OTA-based security domain key update distribution process diagram is shown in Figure 5.
  • the OTA-based security domain key update distribution process step of the present invention includes:
  • Step 501 The application provider management platform sends a SELECT command message to the smart card via the OTA server and the mobile terminal, and selects the slave security domain.
  • Step 502 The smart card submits a SELECT command response to the application provider management platform via the mobile terminal and the OTA server.
  • Step 503 The application provider management platform establishes an SCP02 secure channel from the security domain via the OTA server and the mobile terminal and the smart card;
  • the mutual authentication of the application provider management platform and the smart card from the security domain is initiated according to the security domain key currently being used, and the mutual authentication is completed. Thereafter, the application provider management platform establishes a temporary session key with the smart card from the security domain, thereby establishing a secure channel.
  • the temporary session key can be established in accordance with the Global Platform Card Specification V2.1.1/V2.2 specification, or it can be established by other methods.
  • the secondary authentication process may be performed between the application provider management platform and the smart card from the security domain via the OTA server and the mobile terminal for a secondary security zone managed by an application provider;
  • Step 504 The application provider management platform generates a new slave security domain key.
  • Step 505 The application provider management platform sends a new slave security domain key from the security domain to the smart card via the OTA server and the mobile terminal through the PUTKEY command.
  • Step 506 After receiving the new slave security domain key from the security domain, the smart card completes the update operation from the security domain key.
  • Step 507 The smart card sends a PUTKEY command response from the security domain to the application provider management platform via the mobile terminal and the OTA server, and ends the security domain key update process.
  • the main idea of the smart card from the secure domain key update distribution method and the mobile terminal electronic payment system implementing the method is that, based on the OTA technology, the card external entity management platform distributes the slave security domain key to the smart card through the OTA server and the mobile terminal.
  • the smart cards in the mobile terminal of the present invention are all based on OTA technology, and the keys of the smart card from the security domain are distributed by the card external entity management platform through the OTA server and the mobile terminal.
  • the card external entity management platform of the present invention has the right to manage the smart card from the security domain.
  • the smart card key distribution update method, system and mobile terminal of the present invention can be solved based on the OTA technology after the card is issued. In the case of a key, the smart card is securely updated and distributed from the secure domain.
  • the smart card from the security domain key update distribution method, system and mobile terminal, based on the OTA technology, can solve the problem of secure key update and distribution of the smart card from the security domain after the card is issued, for the symmetric key situation. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L’invention concerne un procédé, un système et un terminal mobile de mise à jour et distribution de clé d’un domaine de sécurité d’une carte à puce. Ledit système comprend une carte à puce munie d’une fonction d’application de paiement électronique, un terminal mobile, un serveur radio (OTA) et une plate-forme de gestion d’entité extérieure à la carte. Ladite carte à puce est installée sur ledit terminal mobile. Ladite carte à puce est configurée pour communiquer avec ladite plate-forme de gestion d’entité extérieure à la carte via ledit terminal mobile et le dit serveur OTA. Ladite plate-forme de gestion d’entité extérieure à la carte est configurée pour distribuer une clé d’un domaine de sécurité d’une carte à puce mise à jour à ladite carte à puce via ledit serveur OTA et ledit terminal mobile. L’établissement d’une communication entre la carte à puce et la plate-forme de gestion d’entité extérieure à la carte via le serveur OTA et le terminal mobile permet une distribution et une mise à jour sécurisées de clé de domaine de sécurité d’une carte à puce.
PCT/CN2009/073487 2008-11-10 2009-08-25 Procédé, système et terminal mobile de mise à jour et distribution de clé d’un domaine de sécurité d’une carte à puce WO2010051714A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200810172459.4 2008-11-10
CN200810172459.4A CN101742478B (zh) 2008-11-10 2008-11-10 智能卡从安全域密钥更新分发方法、系统及移动终端

Publications (1)

Publication Number Publication Date
WO2010051714A1 true WO2010051714A1 (fr) 2010-05-14

Family

ID=42152477

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/073487 WO2010051714A1 (fr) 2008-11-10 2009-08-25 Procédé, système et terminal mobile de mise à jour et distribution de clé d’un domaine de sécurité d’une carte à puce

Country Status (2)

Country Link
CN (1) CN101742478B (fr)
WO (1) WO2010051714A1 (fr)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102123146A (zh) * 2011-03-02 2011-07-13 成都四方信息技术有限公司 移动支付交易密钥远程下载工作方法
CN103138932B (zh) * 2011-12-05 2016-01-20 中兴通讯股份有限公司 一种Mifare卡扇区密钥的配置方法及系统
CN103188206A (zh) * 2011-12-27 2013-07-03 中兴通讯股份有限公司 密钥的交互方法、装置及系统
CN102831468A (zh) * 2012-08-06 2012-12-19 中国移动通信集团江苏有限公司 一种移动终端的智能卡芯片及其初始化和使用方法
CN106685931B (zh) * 2016-12-07 2020-01-14 深圳市久和久科技有限公司 智能卡应用管理方法和系统、终端和智能卡
CN108664820B (zh) * 2017-03-29 2021-06-18 中移(杭州)信息技术有限公司 一种非接触式ic卡的电子化方法、相关设备及系统
CN107395365B (zh) * 2017-08-04 2020-07-31 中国信息安全测评中心 一种卡片片上系统及安全认证方法
CN109257332B (zh) * 2018-08-15 2020-06-02 飞天诚信科技股份有限公司 数字货币硬件钱包应用更新的安全通道的创建方法及装置
CN113766498B (zh) * 2020-06-01 2023-03-21 中国电信股份有限公司 密钥分发方法、装置、计算机可读存储介质及基站

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005202497A (ja) * 2004-01-13 2005-07-28 Ntt Data Corp アプリケーションパーソナライズシステム、サーバ装置、icカード及び携帯端末
CN101083792A (zh) * 2007-06-27 2007-12-05 浙江省电信有限公司 应用于公交系统的小灵通非接触式卡小额支付系统
CN101164086A (zh) * 2005-03-07 2008-04-16 诺基亚公司 能够使用无线网络实现信用卡个人化的方法、系统和移动设备
CN101282524A (zh) * 2007-04-03 2008-10-08 华为技术有限公司 对智能卡进行管理的方法、系统及相关装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005202497A (ja) * 2004-01-13 2005-07-28 Ntt Data Corp アプリケーションパーソナライズシステム、サーバ装置、icカード及び携帯端末
CN101164086A (zh) * 2005-03-07 2008-04-16 诺基亚公司 能够使用无线网络实现信用卡个人化的方法、系统和移动设备
CN101282524A (zh) * 2007-04-03 2008-10-08 华为技术有限公司 对智能卡进行管理的方法、系统及相关装置
CN101083792A (zh) * 2007-06-27 2007-12-05 浙江省电信有限公司 应用于公交系统的小灵通非接触式卡小额支付系统

Also Published As

Publication number Publication date
CN101742478B (zh) 2013-06-05
CN101742478A (zh) 2010-06-16

Similar Documents

Publication Publication Date Title
WO2010051715A1 (fr) Procédé, système et terminal mobile de distribution de clé initiale d’un domaine de sécurité d’une carte à puce
WO2010051714A1 (fr) Procédé, système et terminal mobile de mise à jour et distribution de clé d’un domaine de sécurité d’une carte à puce
CN107079058B (zh) 区块链节点的业务执行方法、装置及节点设备
JP5508428B2 (ja) 鍵の配布方法及びシステム
JP5513527B2 (ja) アプリケーションダウンロードシステム及びアプリケーションダウンロード方法
US8781131B2 (en) Key distribution method and system
EP1856671B1 (fr) Procedes, systeme et dispositif mobile permettant une personnalisation de carte de credit au moyen d'un reseau sans fil
JP6185152B2 (ja) サービスにアクセスする方法、アクセスするためのデバイスおよびシステム
WO2010045807A1 (fr) Procédé et système de distribution de clés
CN110855791A (zh) 一种区块链节点部署方法及相关设备
WO2010096991A1 (fr) Système et procédé de téléchargement d'application
CN112533211B (zh) eSIM卡的证书更新方法和系统以及存储介质
CN202696901U (zh) 基于数字证书的移动终端身份认证系统
WO2010045823A1 (fr) Procédé et système de mise à jour de clé cryptographique
WO2010051710A1 (fr) Procédé pour générer une clé secrète de carte à puce
WO2010051713A1 (fr) Procédé, système et terminal mobile de distribution de clé initiale d’un domaine de sécurité d’une carte à puce
WO2018209986A1 (fr) Procédé et dispositif de téléchargement de données d'abonnement d'euicc
CN103138790A (zh) 提供安全单元数据擦除特征的移动通信设备及相关方法
WO2010045824A1 (fr) Procédé et système de distribution de clés
WO2018107723A1 (fr) Procédé et dispositif de commutation de plateforme de gestion d'abonnement à distance pour carte à puce intelligente, carte à puce intelligente, et sm-sr
WO2010051716A1 (fr) Procédé, système et terminal mobile de mise à jour et distribution de clé d’un domaine de sécurité d’une carte à puce
KR20170140824A (ko) 페이지를 통해 연동하는 뱅킹앱을 이용한 간편 가입 방법
US11950320B2 (en) Apparatus and methods for linkage of or profile transfer between devices
WO2010045825A1 (fr) Procédé et système pour la distribution de clés
KR20130102642A (ko) 프로파일 사용과 데이터 준비를 통한 어플리케이션 ota 프로비저닝 관리 시스템 및 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09824369

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09824369

Country of ref document: EP

Kind code of ref document: A1