WO2010051716A1 - Method, system and mobile terminal for updating and distributing the secondary security domain key of smart card - Google Patents

Method, system and mobile terminal for updating and distributing the secondary security domain key of smart card Download PDF

Info

Publication number
WO2010051716A1
WO2010051716A1 PCT/CN2009/073492 CN2009073492W WO2010051716A1 WO 2010051716 A1 WO2010051716 A1 WO 2010051716A1 CN 2009073492 W CN2009073492 W CN 2009073492W WO 2010051716 A1 WO2010051716 A1 WO 2010051716A1
Authority
WO
WIPO (PCT)
Prior art keywords
smart card
management platform
security domain
service terminal
key
Prior art date
Application number
PCT/CN2009/073492
Other languages
French (fr)
Chinese (zh)
Inventor
余万涛
马景旺
贾倩
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to CN200810177014.5 priority Critical
Priority to CN200810177014A priority patent/CN101742479A/en
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2010051716A1 publication Critical patent/WO2010051716A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0853Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/04Key management, e.g. by generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/08Access security
    • H04W12/0806Access security using security domains, e.g. separating enterprise and private data domains, building machine-to-machine [M2M] domains or global platform domains

Abstract

A method for updating and distributing the secondary security domain key of a smart card, corresponding system and mobile terminal are provided by the invention. Therein, the system includes a smart card which has electronic payment application function, a service terminal, a management platform. The smart card is an unattached equipment or installed into a mobile terminal, the smart card communicates to the management platform by the service terminal, the management platform distributes the secondary security domain key of the smart card to the smart card by the service terminal. The method can achieve that the secondary security domain key of the smart card is updated and distributed safely, by the communication between the smart card and the management platform which is established by the service terminal.

Description

 Smart card from security domain key update distribution method, system and mobile terminal

Technical field

 The present invention relates to mobile terminal electronic payment technology based on NFC (Near Field Communication Technology), and in particular to a smart card slave security key update distribution method, system and mobile terminal.

Background technique

 Near Field Communication (NFC) is a short-range wireless communication technology operating at 13.56MHz, which is a fusion of RFID technology and interconnection technology. After integrating NFC technology, mobile communication terminals such as mobile phones can simulate contactless IC cards for related applications of electronic payment. Implementing this solution on a mobile communication terminal requires adding an NFC analog front end chip and an NFC antenna to the terminal, and using a smart card that supports electronic payment.

 IC cards, especially non-contact IC cards, have been widely used in public transportation, access control, and small-scale electronic payment after more than ten years of development. At the same time, mobile phones have experienced rapid development for more than 20 years, and have been widely popular among residents, bringing great convenience to people's work and life. The capabilities of mobile phones are becoming more powerful and there is a tendency to integrate more features. Combining mobile phones with non-contact IC card technology, mobile phones used in the field of electronic payment will further expand the use of mobile phones, bring convenience to people's lives, and have broad application prospects.

 In order to realize mobile electronic payment based on NFC technology, it is necessary to establish a mobile payment electronic payment system, and implement management of electronic payment for NFC-based mobile terminals, including: distribution of smart cards, downloading, installation and personalization of electronic payment applications, Use related technologies and management strategies to achieve security of electronic payment applications.

The business framework of the mobile payment system for mobile terminals based on NFC technology usually adopts the multi-application framework of the Global Platform (Global Platform) specification. Under this framework, the smart card supporting the Global Platform specification refers to the Global Platform Card Specification V2.1.1/ The IC chip or smart card specified by V2.2 (Global Platform Card Specification Version 2.1.1/2.2, GP2.1.1 or GP2.2) can be SIM/USIM card in physical form, ie Customer Identity Model ( Subscriber Identity Model) / Universal Mobile Telecommunications System Customer Identification Module (UMTS), a pluggable smart memory card or an IC chip integrated on a mobile terminal.

 If the mobile terminal electronic payment system based on Near Field Communication (NFC) technology supports the GP2丄1 specification, the secure channel protocol needs to support SCP02 (based on symmetric key), if the mobile terminal electronic payment system based on near field communication technology supports GP2.2 The specification, secure channel protocol needs to support SCP02 (based on symmetric key) and SCP10 (based on asymmetric key), card issuers, application providers can choose according to security policy requirements.

 In general, an NFC-based mobile terminal short-range electronic payment system mainly consists of a card issuer management platform, an application provider management platform, and a mobile terminal supporting a smart card with an electronic payment application function, and multiple application providers may exist in the system. Management platform.

 Multiple applications can be installed on the smart card supporting the Global Platform specification. In order to realize the security of the electronic payment application, the smart card is divided into several independent security domains to ensure the isolation and independence of multiple applications. Manage their respective security domains as well as applications, application data, and more.

A key used to support secure channel protocol operation and smart card content management. Security domains include primary and secondary security domains. The primary security domain is the card issuer's mandatory card representation on the smart card. The security domain is represented by a card issuer or application provider on an additional optional card on the smart card.

 The generation, distribution, and update of the security domain key is the responsibility of the card issuer or application provider that manages the security domain, which ensures that applications and data from different application providers can coexist on the same card. The keys for the security domain include the primary security domain key, the security domain initial key, and the secondary security domain key. The primary security domain key and the slave security domain initial key are generated by the card issuer management platform, from the security domain key by the pipe

Before downloading and installing an electronic payment application to a smart card, you need to create a secondary security domain for the application on the smart card. The creation of a smart card from a secure domain is done by the card issuer management platform. After the smart card is issued, when the smart card is created from the secure domain, the initial key from the secure domain must be imported by the card issuer management platform to the secure domain on the smart card.

After the security domain is created, when you download the electronic payment application, you need to initialize the security domain from the security domain. The key is updated to the key used by the electronic payment application, ie updated from the secure domain key used by the electronic payment application. When the secure domain key used by the electronic payment application has a certain life cycle, the update from the secure domain key must be completed before the end of the secure domain key life cycle. In addition, it may be necessary to forcibly update the slave security domain key used by the electronic payment application for security reasons. From the security domain key as confidential data, in the key update process, it is necessary to take a reliable and secure method to import the relevant key into the smart card from the security domain to implement security update distribution from the security domain key.

 The update distribution process from the secure domain key used by the electronic payment application is related to the specific implementation of the system network architecture. In order to realize the security management of the smart card and the downloading and installation of the electronic payment application, the smart card needs to establish communication with the card issuer management platform and the application provider management platform. While establishing communication, how to realize the security update distribution of the smart card from the security domain key is a problem that needs to be solved for the electronic payment of the mobile terminal.

Summary of the invention

 In order to solve the prior art problem, the present invention provides a smart card slave security key update distribution method, system and mobile terminal for secure key update and distribution of a smart card from a security domain.

 The present invention provides a mobile terminal electronic payment system, the system comprising a smart card, a service terminal and a management platform having an electronic payment application function, wherein

 The smart card is configured to communicate with the management platform through a service terminal;

 The management platform is configured to distribute the updated smart card slave security domain key to the smart card via the service terminal.

 Further, in the system,

 The management platform is further configured to establish a secure communication channel with the smart card, perform mutual authentication with the smart card by the service terminal, establish a temporary session key, and generate a new smart card slave security domain key;

 The service terminal is configured to transmit communication data of the smart card and the management platform;

The smart card is further configured to establish a connection with the service terminal, perform mutual authentication with the management platform by the service terminal, receive a smart card key from the security domain distributed by the management platform, and update the smart card from the security domain key. ; The management platform and the service terminal are respectively a card issuer management platform and a card issuer service terminal, or are respectively an application provider management platform and an application provider service terminal.

 Further, in the system, the smart card is a standalone device or is installed on the mobile terminal. Further, in the system, the management platform distributes the updated smart card from the security domain to the smart card through the service terminal when the smart card expires from the security domain or needs to be forced to update or the smart card user downloads the application. key.

 The present invention also provides a method for updating and distributing a smart card from a security domain key. The method establishes a communication between the smart card and the management platform by the service terminal to implement the update distribution of the smart card from the security domain key. The method includes:

 (a) The management platform establishes a secure communication channel with the smart card through the service terminal;

 (b) the management platform generates a new smart card slave security domain key;

 (c) said management platform distributing said new smart card from said secure domain key to said smart card via said secure communication channel;

 (d) The smart card completes the update from the secure domain key.

 Further, in the method, the step (a) includes:

 (al) the management platform initiates mutual authentication with the smart card from the security domain, and the service terminal completes mutual authentication between the management platform and the smart card from the security domain;

 (a2) The management platform establishes a temporary session key with the smart card from the security domain to establish a secure communication channel.

 Further, the method further includes: when the smart card expires from the security domain key or needs to be forced to update or the smart card user downloads the application, the management platform initiates the smart card from the security domain key update distribution process.

 Further, in the method, the management platform and the service terminal respectively refer to a card issuer management platform and a card issuer service terminal, or an application provider management platform and an application provider service terminal,

Further, in the method, when the management platform refers to an application provider management platform, the method further includes: before the step (a): The card issuer management platform creates a slave security domain and generates a slave security domain initial key on the smart card; the card issuer management platform sends the created basic information and the initial key of the security domain to the application provider management platform .

 The present invention also provides a mobile terminal, the mobile terminal comprising a smart card having an electronic payment application function, the smart card is distributed from a security domain key by an application provider management platform through an application provider service terminal, or by a card issuer The management platform is distributed through the card issuer business terminal.

 The smart card slave security key update method, system and mobile terminal provided by the invention can solve the situation that after the card is issued, for the symmetric key, the user downloads the update or needs to be forced to update due to security reasons or due to the security domain key When the period needs to be updated, a new slave security domain key is generated, and the new slave security domain key is sent to the smart card from the secure domain through the secure communication channel to update the security domain key.

BRIEF abstract

 1 is a schematic diagram of an architecture of a mobile terminal electronic payment system based on the near field communication technology of the present invention; FIG. 2 is a slave security domain managed by a card issuer, and the present invention is based on a card issuer service terminal. Schematic diagram

 3 is a schematic diagram of a slave security domain initial key update distribution process based on an application provider service terminal for a slave security domain managed by an application provider;

 4 is a schematic diagram of a process for updating and distributing a security domain key based on a card issuer service terminal caused by a card expiration or forced update for a slave security zone managed by a card issuer;

 FIG. 5 is a schematic diagram of a process for updating and distributing a secure domain key based on an application provider service terminal due to key expiration or forced update for the slave security zone managed by the application provider.

Preferred embodiment of the invention

 The present invention will be further described in detail below with reference to the accompanying drawings and preferred embodiments.

The present invention is described by taking the architecture of the mobile terminal electronic payment system shown in FIG. 1 as an example, but It is not limited to the mobile terminal electronic payment system architecture shown in FIG.

 1 shows an electronic payment system for a mobile terminal of the present invention, including an application provider management platform, a card issuer management platform, an application provider service terminal, a card issuer service terminal, a mobile terminal, and a smart card, and the smart card is installed on the mobile terminal. The system may also not include a mobile terminal, and the smart card is a separate device. The application provider management platform and the card issuer management platform are collectively referred to as a management platform, and the application provider service terminal and the card issuer service terminal are collectively referred to as a service terminal.

 The smart card supports the Global Platform Card Specification V2.1.1/V2.2 specification; the smart card having the electronic payment application function can be directly installed on the mobile terminal through the card issuer service terminal and the smart card of the application provider payment application function, the mobile terminal The utility model may be connected through a card issuing commercial station for mutual authentication with the management smart card from the management platform of the security domain, and receiving the slave security domain key distributed by the management platform, updating the security domain key, the mutual authentication process and The security domain key distribution is implemented by the application provider service terminal or the card issuer service terminal.

 The card issuer business terminal is managed by the card issuer management platform, and the smart card communicates with the card issuer management platform through the mobile terminal and the card issuer service terminal or directly through the card issuer service terminal; the application provider service terminal, by the application provider Management platform management, the smart card communicates with the application provider management platform through the mobile terminal and the application provider service terminal or directly through the application provider service terminal;

The card issuer management platform is responsible for the issuance and management of smart cards, manages the resources and lifecycles of the smart cards, keys, and certificates, and is responsible for creating security domains and interacting with other security domains, including creating secure domains. Mutual authentication with the smart card and establishment of a temporary session key, and generation of a security domain initial key and a new slave security domain key. For specific implementation, the card issuer management platform may include a card management system, an application management system, a key management system, a certificate management system, an application provider management system, etc., wherein the certificate management system supports an asymmetric key. Use, certificate management system and card issuer certification authority (CA) system connection; application provider management platform, responsible for the provision and management functions of electronic payment applications, provide various business applications, and carry out the corresponding security domain on the smart card Security management, controlling the application key, certificate, data, and the like of the security domain, and providing functions such as secure downloading and installation of the application. This includes mutual authentication with the smart card and establishment of a temporary session key, and generation of a new slave security domain key. For specific implementation, the application provider management platform may include an application management system, a key management system, and a certificate management system, wherein the certificate management system is used in the case of supporting asymmetric keys, a certificate management system, and an application provider certification authority. (CA) System connection.

 The card issuer management platform and the application provider management platform can provide electronic payment related services through their respective service terminals: participate in the management of electronic payment user information management, participate in the creation of secure domains and key distribution, download of electronic payment applications, and electronic Personalization of payment applications, etc. Communication between the application provider management platform and the card issuer management platform can be via a secure channel such as a dedicated line connection.

 The following describes the mobile terminal electronic payment system architecture shown in FIG. 1 as an example, but is not limited to the mobile terminal electronic payment system architecture shown in FIG. 1, and illustrates the smart card key update distribution method of the smart card of the present invention:

 There are two main types of key updates from the security domain:

 1. When the user downloads the electronic payment application, the smart card associated with the electronic payment application needs to be updated from the initial key of the security domain to the secondary security key.

 Step si, the card issuer management platform creates a smart card from the security domain.

 The card issuer management platform can create a security domain based on the application information related to the application download. The application information related to the application download can include the smart card ICCID information, the application identifier, and the application provider identity information. The application information is sent by the user to the card issuer management platform through the card issuer service terminal, or sent by the user to the application provider provider management platform through the application provider service terminal, and submitted to the card issuer management platform according to the application information. Domain creation request.

 Step s2, according to the smart card, different initial key update methods are obtained from different security platform management platforms.

After the smart card is created from the security domain, if it is managed by the application provider management platform from the security domain, the card issuer management platform will base information from the security domain (the security domain includes the smart card from the security domain identification information) and the initial The key is sent to the application provider management platform, which will The vendor management platform updates the initial key from the security domain;

 If the smart card is managed from the secure domain by the card issuer management platform, the card issuer management platform updates the initial key from the secure domain for the specifically downloaded electronic payment application.

 When the update is performed, the following steps are included: According to the smart card from the security domain initial key and the like, the card issuer management platform or the application provider management platform and the smart card are mutually authenticated from the security domain and a secure communication channel is established. A smart card slave security zone managed by the card issuer management platform, the mutual authentication process being completed between the card issuer management platform and the smart card via the card issuer service terminal. A smart card slave security zone managed by the application provider management platform, the mutual authentication process being completed between the application provider management platform and the smart card via the application provider service terminal. After the mutual authentication is completed, the card issuer management platform or the application provider management platform establishes a temporary session key with the smart card from the security domain, and the temporary session key may follow the Global Platform Card Specification V2.1.1/ The V2.2 specification is established and can also be established by other methods; the temporary session key is used for communication encryption between the card issuer management platform or the application provider management platform and the smart card from the security domain.

The secure communication channel established between the smart cards, and the new slave security domain key generated by the card issuer management platform or the application provider management platform is imported to the smart card via the card issuer service terminal or the application provider service terminal. The domain that completes the security update distribution from the security domain key.

 Second, due to key expiration or forced update to perform a specified lifecycle from the security domain key update distribution, it must be managed by the smart card from the security domain of the card issuer management platform or the application provider management platform in the current use of the slave The currently used slave security domain key is updated before the end of the life cycle of the security domain key;

When it is necessary to update the smart domain key currently used by the smart card associated with the smart card for security reasons, the card issuer management platform may be managed by the smart card from the secure domain. Forced update of the currently used slave security domain key with the provider management platform.

 The specific update method includes:

 When the security domain key expires or the security domain key is forced to be updated, the card issuer management platform or the application provider management platform and the smart card from the security domain are activated according to the slave security domain key currently being used. Mutual authentication and establishment of a secure communication channel. For the slave security domain managed by the card issuer, the mutual authentication process is completed between the card issuer management platform and the smart card via the card issuer service terminal. For a secondary security zone managed by an application provider, the mutual authentication process can be completed between the application provider management platform and the smart card via the application provider service terminal. The smart card establishes a temporary session key from the security domain. The temporary session key can be established according to the Global Platform Card Specification V2.1.1/V2.2 specification, or can be established by other methods. Encryption of all i or between communications.

The new slave security domain key is imported to the smart card from the security domain via the card issuer service terminal or the application provider service terminal, and the security update distribution from the security domain key is completed.

 The smart card slave security key update method of the present invention is further illustrated by an example. FIG. 2 and FIG. 3 relate to the update distribution of the security domain initial key, FIG. 4, FIG. 5 relates to the key expiration or forced update. Distribute from the update of the security domain key.

 2 is a flow diagram of a slave domain security key initial key update distribution process for a security-based card-issued business terminal managed by a card issuer in accordance with the present invention. As shown in FIG. 2, the steps of the slave security issuer based on the card issuer service terminal based on the security issue initial key update distribution process include:

Step 201: The card issuer management platform sends a SELECT command message to the smart card via the card issuer service end according to the initial key from the security domain, and selects the slave security domain; Step 202: The smart card submits a SELECT command response message to the card issuer management platform via the card issuer service terminal.

 Step 203: The card issuer management platform establishes a secure communication channel from the security domain via the card issuer service terminal and the smart card, for example, establishing a SCP02 secure channel;

 The method for establishing a secure communication channel is as follows: The card issuer management platform and the smart card perform mutual authentication from the security domain, and after mutual authentication, establish a temporary session key for communication encryption between the two, the temporary session secret The key may be established according to the Global Platform Card Specification V2.1.1/V2.2 specification, or may be established by other methods; the mutual authentication process is performed by the card issuer service terminal on the card issuer management platform and the smart card from the security domain Completed between.

 Step 204: The card issuer management platform generates a new slave security domain key.

 Step 205: The card issuer management platform sends a new slave security domain key to the smart card from the security domain via the card issuer service terminal through the PUTKEY command.

 Step 206: After receiving the new slave security domain key from the security domain, the smart card completes the update operation of the slave domain initial key.

 Step 207: The smart card sends a PUTKEY command response from the security domain to the card issuer management platform via the card issuer service terminal, and ends the update process of the slave security initial key.

 Before the foregoing step 201, the card issuer management platform further includes the step of creating a smart card from the security domain according to the user application downloading request, and issuing the smart card from the security domain initial key to the slave smart card from the security domain.

 3 is a schematic diagram of a slave security provider initial key update distribution process for a secure domain based application provider service terminal managed by an application provider according to the present invention. As shown in FIG. 3, the process of updating the initial key update process of the security domain based on the application provider service terminal managed by the application provider includes:

Step 301: The user triggers an application download application through an application provider service terminal client program or a card program, and submits an application download application to the application provider management platform, where the application download application includes smart card identification information (ICCID), etc.; request information, in the request The message includes application provider identity information (ASP-ID) and smart card identification. Information (ICCID), etc.;

 Step 303: The card issuer management platform verifies the slave security domain creation request information and determines whether the request is allowed. The card issuer management platform determines whether the slave security zone is created through the application provider management platform.

 If the card issuer management platform determines that the slave security domain does not need to be created according to the smart card identification information and the application provider identity in the creation request information, the slave security domain creation process is terminated; otherwise, the subsequent steps are continued;

 Step 304: The card issuer management platform sends a SELECT command message to the smart card via the application provider management platform and the application providing business terminal to select the primary security domain.

 Step 305: The smart card submits a SELECT command response message to the card issuer management platform via the application provider service terminal and the application provider management platform;

 Step 306: The card issuer management platform establishes a secure communication channel with the smart card master security domain via the application provider management platform and the application provider service terminal, such as establishing a SCP02 secure channel;

 The method for establishing a secure communication channel is: mutual authentication between the card issuer management platform and the smart card primary security domain, and after mutual authentication, a temporary session key is established for communication encryption between the two, the temporary session is dense. The key may be established in accordance with the Global Platform Card Specification V2.1.1/V2.2 specification, or may be established by other methods; the mutual authentication process is performed on the card issuer management platform via an application provider management platform, an application provider service terminal, and The smart card is completed from between security domains.

 Step 307: The card issuer management platform sends an INSTALL command to the smart card via the application provider management platform and the application providing business terminal;

 Step 308: The smart card submits an INSTALL command response to the card issuer management platform via the application provider service terminal and the application provider management platform;

 Step 309: The card issuer management platform generates an initial key from the security domain;

 Step 310: The card issuer management platform sends the slave security domain initial key to the smart card primary security domain via the application provider management platform and the application provider service terminal through the PUTKEY command.

Step 311: After receiving the slave security key, the smart card primary security domain initializes the slave security domain with the received slave security domain initial key. Step 312: The smart card master security domain sends a PUTKEY command response to the card issuer management platform via the application provider service terminal and the application provider management platform; the information and the slave security domain initial key;

 The slave security domain basic information includes a smart card identification information from the security domain.

 Step 314: The application provider management platform adds the slave security domain related information to the database. Step 315: The application provider management platform sends the SELECT command message to the smart card via the application provider service terminal, and selects the slave security domain.

 Step 316: The smart card submits a SELECT command response to the application provider key management system via the application provider service terminal.

 Step 317: The application provider management platform establishes a secure communication channel from the security domain via the application provider service terminal and the smart card, such as establishing a SCP02 secure channel;

 The method for establishing a secure communication channel is as follows: The application provider management platform and the smart card perform mutual authentication from the security domain, and after mutual authentication, establish a temporary session key for communication encryption between the two, the temporary session is dense. The key may be established according to the Global Platform Card Specification V2.1.1/V2.2 specification, or may be established by other methods; the mutual authentication process is performed on the application provider management platform and the smart card from the security domain via the application provider service terminal Completed between.

 Step 318: The application provider management platform generates a new slave security domain key.

 Step 319: The application provider management platform sends a new slave security domain key from the security domain to the smart card via the application providing the business terminal through the PUTKEY command.

 Step 320: After receiving the new slave security domain key from the security domain, the smart card completes the update operation of the slave domain initial key.

 Step 321: The smart card sends a PUTKEY command response from the security domain to the application provider management platform via the application provider service terminal, and ends the slave domain security distribution process.

 4 is a schematic diagram of a slave security issuer key-based update distribution process based on a card issuer service terminal due to key expiration or forced update for a card issuer managed in accordance with the present invention. As shown in FIG. 4, for the slave security layer managed by the card issuer, the step of updating the distribution process of the slave security issuer key based on the card issuer service terminal due to the key expiration or forced update includes:

Step 401: The card issuer management platform sends the smart card to the smart card via the card issuer service terminal. SELECT command message, select from the security domain;

 Step 402: The smart card submits a SELECT command response to the card issuer management platform via the card issuer service terminal.

 Step 403: The card issuer management platform establishes a secure communication channel from the security domain via the card issuer service terminal and the smart card, for example, establishing a SCP02 secure channel;

 The method for establishing a secure communication channel is as follows: The card issuer management platform and the smart card perform mutual authentication from the security domain, and after mutual authentication, establish a temporary session key for communication encryption between the two, the temporary session secret The key may be established according to the Global Platform Card Specification V2.1.1/V2.2 specification, or may be established by other methods; the mutual authentication process is performed by the card issuer service terminal on the card issuer management platform and the smart card from the security domain Completed between.

 Step 404: The card issuer management platform generates a new slave security domain key.

 Step 405: The card issuer management platform sends a new slave security domain key from the security domain to the smart card via the card issuer service terminal by using the PUTKEY command.

 Step 406: After receiving the new slave security domain key from the security domain, the smart card completes the update operation of the smart card from the security domain key.

 Step 407: The smart card sends a PUTKEY command response from the security domain to the card issuer management platform via the card issuer service terminal, and ends the security domain key update process.

 Figure 5 is a diagram showing the process of updating a distribution process from a secure domain key based on an application provider service terminal due to key expiration or forced update for a secure domain managed by an application provider in accordance with the present invention. As shown in FIG. 5, for the slave security zone managed by the application provider, the process of updating the distribution process from the secure domain key based on the application provider service terminal due to key expiration or forced update includes:

 Step 501: The application provider management platform sends a SELECT command message to the smart card via the application provider service terminal, and selects a secondary security domain.

 Step 502: The smart card submits to the application provider management platform via the application provider service terminal.

SELECT command response;

 Step 503: The application provider management platform establishes an SCP02 secure channel from the security domain via the application provider service terminal and the smart card;

The method for establishing a secure communication channel is: application provider management platform and smart card from security domain After mutual authentication, mutual authentication is established, and a temporary session key is established for communication encryption between the two. The temporary session key can be established according to the Global Platform Card Specification V2.1.1/V2.2 specification, or Established by other methods; the mutual authentication process is completed between the application provider management platform and the smart card from the security domain via an application provider service terminal.

 Step 504: The application provider management platform generates a new slave security domain key.

 Step 505: The application provider management platform sends a new slave security domain key to the smart card from the security domain by using the PUTKEY command, the command carrying the new slave security domain key, and the application provider service terminal;

 Step 506: After receiving the new slave security domain key from the security domain, the smart card completes the update operation from the security domain key.

 Step 507: The smart card sends a PUTKEY command response from the security domain to the application provider management platform via the application provider service terminal, and ends the security domain key update process.

 The smart card from the security domain key update method, system and mobile terminal can solve the situation for the symmetric key, the card issuer management platform via the card issuer service terminal, or the application provider management platform via the application provider service terminal The security key is securely imported from the security card from the security domain, and the smart card is distributed from the security domain key security update.

 The invention may be embodied in a variety of other embodiments without departing from the spirit and scope of the invention.

Industrial applicability

 The smart card slave security key update method, system and mobile terminal provided by the invention can solve the situation that after the card is issued, for the symmetric key, when the security update is required for security reasons or because the security domain key expires and needs to be updated , generating a new slave security domain key, and sending the new slave security domain key to the smart card from the secure domain through a secure communication channel to update the security domain key.

Claims

Claim
 A mobile terminal electronic payment system, the system comprising: a smart card, a service terminal and a management platform having an electronic payment application function, wherein
 The smart card is configured to communicate with the management platform through the service terminal; the management platform is configured to distribute the updated smart card slave security domain key to the smart card through the service terminal.
 2. The system of claim 1 wherein
 The management platform is further configured to establish a secure communication channel with the smart card, perform mutual authentication with the smart card by the service terminal, establish a temporary session key, and generate a new smart card slave security domain key;
 The service terminal is configured to transmit communication data of the smart card and the management platform;
 The smart card is further configured to establish a connection with the service terminal, perform mutual authentication with the management platform by using the service terminal, and receive, by the service terminal, a smart card distributed by the management platform from a security domain key, and update Security domain key;
 The management platform and the service terminal are respectively a card issuer management platform and a card issuer service terminal, or the management platform and the service terminal are an application provider management platform and an application provider service terminal, respectively.
 3. The system of claim 1 or 2, wherein the smart card is a standalone device or is installed on the mobile terminal.
 The system according to claim 1 or 2, wherein the management platform distributes to the smart card through the service terminal when the smart card expires from the security domain key or needs to be forced to update or the smart card user downloads the application. Update the smart card from the secure domain key.
 A method for updating and distributing a smart card from a security domain key, wherein the method establishes communication between the smart card and the management platform through the service terminal, so as to implement update distribution of the smart card from the security domain key, the method includes:
 (a) The management platform establishes a secure communication channel with the smart card through the service terminal;
(b) the management platform generates a new smart card slave security domain key; (C) said management platform distributing said new smart card from said secure domain key to said smart card over said secure communication channel;
 (d) The smart card completes the update from the secure domain key.
 6. The method according to claim 5, wherein the step (a) comprises:
 (al) initiating mutual authentication between the management platform and the smart card from the security domain, and completing mutual authentication between the management platform and the smart card from the security domain by using the service terminal;
 (a2) The management platform establishes a temporary session key with the smart card from the security domain to establish a secure communication channel.
 7. The method according to claim 5, wherein the method further comprises: before the step (a):
 When the smart card expires from the security domain key or needs to be forced to update or the smart card user downloads the application, the management platform initiates the smart card to update the distribution process from the secure domain key.
 8. The method according to any one of claims 5 to 7, wherein
 The management platform and the service terminal respectively refer to a card issuer management platform and a card issuer service terminal, or the management platform and the service terminal respectively refer to an application provider management platform and an application provider service terminal.
 The method according to claim 8, wherein, when the management platform refers to an application provider management platform, the method further includes: before the step (a):
 The card issuer management platform creates a slave security domain and generates a slave security domain initial key on the smart card; the card issuer management platform sends the created basic information and the initial key of the security domain to the application provider management platform .
 10. A mobile terminal, the mobile terminal comprising a smart card having an electronic payment application function, wherein the smart card is distributed from a security domain key by an application provider management platform through an application provider service terminal, or by a card issuer The management platform is distributed through the card issuer business terminal.
PCT/CN2009/073492 2008-11-10 2009-08-25 Method, system and mobile terminal for updating and distributing the secondary security domain key of smart card WO2010051716A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN200810177014.5 2008-11-10
CN200810177014A CN101742479A (en) 2008-11-10 2008-11-10 Method and system for updating and distributing smart card secondary security domain keys and mobile terminal

Publications (1)

Publication Number Publication Date
WO2010051716A1 true WO2010051716A1 (en) 2010-05-14

Family

ID=42152479

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/073492 WO2010051716A1 (en) 2008-11-10 2009-08-25 Method, system and mobile terminal for updating and distributing the secondary security domain key of smart card

Country Status (2)

Country Link
CN (2) CN101742479A (en)
WO (1) WO2010051716A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017143885A1 (en) * 2016-02-25 2017-08-31 华为技术有限公司 Application processing method and apparatus for embedded universal integrated circuit card

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000025278A1 (en) * 1998-10-27 2000-05-04 Visa International Service Association Delegated management of smart card applications
EP1431862A2 (en) * 2002-12-18 2004-06-23 Activcard Ireland Limited Uniform framework for security tokens
WO2005076204A1 (en) * 2004-02-09 2005-08-18 Hismartech Co., Ltd. Smart card for containing plural issuer security domain and method for installing plural issuer security domain in a smart card
KR100562255B1 (en) * 2004-09-21 2006-03-13 에스케이 텔레콤주식회사 Method for initializing key of security domain
WO2007052116A1 (en) * 2005-11-02 2007-05-10 Nokia Corporation Method and apparatus for initializing a secure element in a wireless terminal .
WO2007105104A2 (en) * 2006-03-15 2007-09-20 Actividentity Inc. Method and system for storing a key in a remote security module
CN101073098A (en) * 2004-12-07 2007-11-14 皇家飞利浦电子股份有限公司 System and method for application management on multi-application smart cards
CN101164086A (en) * 2005-03-07 2008-04-16 诺基亚公司 Methods, system and mobile device capable of enabling credit card personalization using a wireless network
CN101295394A (en) * 2007-04-23 2008-10-29 美国通宝科技有限公司 Method and device for providing e-commerce and m-commerce
CN101370248A (en) * 2007-08-15 2009-02-18 中国移动通信集团公司;中国移动通信集团湖南有限公司 Cryptographic key updating method, third party server and system for activating third party application
CN101374153A (en) * 2007-08-23 2009-02-25 中国移动通信集团公司;中国移动通信集团湖南有限公司 Method for activating a third party application safely, a third party server, terminal and system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101083792A (en) * 2007-06-27 2007-12-05 浙江省电信有限公司 PHS non-contact card small amount payment system for public transport system

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000025278A1 (en) * 1998-10-27 2000-05-04 Visa International Service Association Delegated management of smart card applications
EP1431862A2 (en) * 2002-12-18 2004-06-23 Activcard Ireland Limited Uniform framework for security tokens
WO2005076204A1 (en) * 2004-02-09 2005-08-18 Hismartech Co., Ltd. Smart card for containing plural issuer security domain and method for installing plural issuer security domain in a smart card
KR100562255B1 (en) * 2004-09-21 2006-03-13 에스케이 텔레콤주식회사 Method for initializing key of security domain
CN101073098A (en) * 2004-12-07 2007-11-14 皇家飞利浦电子股份有限公司 System and method for application management on multi-application smart cards
CN101164086A (en) * 2005-03-07 2008-04-16 诺基亚公司 Methods, system and mobile device capable of enabling credit card personalization using a wireless network
WO2007052116A1 (en) * 2005-11-02 2007-05-10 Nokia Corporation Method and apparatus for initializing a secure element in a wireless terminal .
WO2007105104A2 (en) * 2006-03-15 2007-09-20 Actividentity Inc. Method and system for storing a key in a remote security module
CN101295394A (en) * 2007-04-23 2008-10-29 美国通宝科技有限公司 Method and device for providing e-commerce and m-commerce
CN101370248A (en) * 2007-08-15 2009-02-18 中国移动通信集团公司;中国移动通信集团湖南有限公司 Cryptographic key updating method, third party server and system for activating third party application
CN101374153A (en) * 2007-08-23 2009-02-25 中国移动通信集团公司;中国移动通信集团湖南有限公司 Method for activating a third party application safely, a third party server, terminal and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
GLOBAL PLATFORM CARD SPECIFICATION 2.2, 31 March 2006 (2006-03-31) *

Also Published As

Publication number Publication date
CN105303377B (en) 2019-10-29
CN101742479A (en) 2010-06-16
CN105303377A (en) 2016-02-03

Similar Documents

Publication Publication Date Title
EP1371255B1 (en) Method for enabling pki functions in a smart card
EP2248322B1 (en) Methods and apparatus for wireless device registration
EP2649826B1 (en) Method for managing content on a secure element connected to an equipment
AU2009282039B2 (en) Systems, methods, and computer readable media for providing for secure offline data transfer between wireless smart devices
ES2265694T3 (en) Procedure to verify in a mobile device the authenticity of electronic certificates issued by a certificating authority and corresponding identification module.
RU2595904C2 (en) Methods and device for large-scale propagation of electronic access clients
EP2741548B1 (en) Method for changing mno in embedded sim on basis of dynamic key generation and embedded sim and recording medium therefor
EP2405378B1 (en) Method of executing a secure application in an NFC device
EP2340654B1 (en) Method for securely changing a mobile device from an old owner to a new owner.
ES2219032T3 (en) Establishment of an insured session connection through the wireless application protocol (wap).
CN101164086B (en) Methods, system and mobile device capable of enabling credit card personalization using a wireless network
EP2731381A2 (en) Method for changing mno in embedded sim on basis of special privilege, and embedded sim and recording medium therefor
US20120196529A1 (en) Communications devices comprising NFC communicators
JP4758517B2 (en) Bootstrapping NFC applications using GBA
US20180091978A1 (en) Universal Integrated Circuit Card Having A Virtual Subscriber Identity Module Functionality
US20100173609A1 (en) Method and Apparatus for Secure Immediate Wireless Access in a Telecommunications Network
CN100380267C (en) Method, arrangement and apparatus for authentication through communications network
EP2197167B1 (en) Device and method for short range communication
RU2630419C2 (en) Integrated mobile trusted services manager
US20100207742A1 (en) Wireless Communication Device for Providing at Least One Near Field Communication Service
KR20130116905A (en) System and method for managing mobile wallet and its related credentials
TWI264917B (en) Method and system for authenticating user of data transfer device
CN101820613B (en) Application downloading system and method
KR102026612B1 (en) Method for Creating Trust Relationship and Embedded UICC
CN102349319B (en) Setup and configuration of relay nodes

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09824371

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09824371

Country of ref document: EP

Kind code of ref document: A1