WO2011060738A1 - Procédé de confirmation de données dans une carte cpu - Google Patents

Procédé de confirmation de données dans une carte cpu Download PDF

Info

Publication number
WO2011060738A1
WO2011060738A1 PCT/CN2010/078931 CN2010078931W WO2011060738A1 WO 2011060738 A1 WO2011060738 A1 WO 2011060738A1 CN 2010078931 W CN2010078931 W CN 2010078931W WO 2011060738 A1 WO2011060738 A1 WO 2011060738A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
cpu card
password
confirmation
confirmation password
Prior art date
Application number
PCT/CN2010/078931
Other languages
English (en)
Chinese (zh)
Inventor
邵通
Original Assignee
南京新神郁网络科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 南京新神郁网络科技有限公司 filed Critical 南京新神郁网络科技有限公司
Publication of WO2011060738A1 publication Critical patent/WO2011060738A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption

Definitions

  • the invention belongs to the field of information security.
  • the present invention relates to a method of confirming data in a CPU card.
  • it relates to a method for confirming and safely using data in a CPU card on a network computer client that may be insecure. Background technique
  • the computer terminal displays the payment of three 300 yuan, and asks the user to confirm the signature; the user can use various confirmation means including digital signature or payment password; however, it is actually a computer Trojan request
  • the user confirms that he will pay 100,000 yuan to Li Si.
  • the root cause of this insecurity is that when the computer terminal is not secure, all the information you see on the computer terminal may not be true.
  • the main means of hacking is the man-in-the-middle attack.
  • the simulated operational attack is that when a computer user inserts a USBKEY digital certificate into the computer for transaction, the Trojan takes an attack that simulates the user's keyboard and mouse: for example, modifying the transaction object, modifying the transaction price, and modifying the transaction amount.
  • Visual spoofing attacks are an advanced way of simulating operational attacks. You can modify the IE URL. Even when the user enters the correct URL, the Trojan allows IE to display the correct URL, but the internal URL is the address of the scammer, and the simulated bank website implements the scam. .
  • a small credible problem of m is to use an untrusted networked computer terminal and a trusted computing system to solve the security problem.
  • USBKEY is a trusted computer without a keyboard and display.
  • this solution satisfies the requirements of portability and minimization of people's habit of using computer terminals, it reduces security. In other words, the solution cannot guarantee that the computer keyboard input has not been tampered with, nor can it guarantee the accuracy of the data displayed on the display screen.
  • USBKEY should still have a CPU, display and keyboard, in order to form a complete trusted computer, in order to comply with "methods and systems for secure transactions in computer systems" (Chinese patent application)
  • USBKEY digital certificates
  • online banking, U-Shield, U-Bao and EMV cards can be the carriers of USBKEY digital certificates.
  • USBKEY is a CPU card
  • the second generation USBKEY with display and keyboard is also a CPU card
  • the new CPU card with CPU that conforms to the international EMV migration is also a CPU card
  • a security module with CPU such as TPM
  • TPM security module with CPU
  • the mobile phone and the computer terminal communicate with each other for security authentication, digital signature or bank payment, it is also a CPU card, but if the mobile phone directly passes the wireless network (such as mobile or Unicom) for security authentication, digital signature or bank payment, it is not a CPU card.
  • the module is a CPU card
  • the mobile phone is a computer terminal.
  • the CPU card can have a digital certificate or no digital certificate.
  • a CPU card is a portable device that obtains server services by interacting with a computer terminal and interacting with a server through a computer terminal.
  • a user terminal handheld device
  • a user terminal There are many ways to convey information to people. For example, you can take the way the display shows the data, or the way the device can read the sound to make people hear the data, and so on. Obviously satisfied ⁇ ⁇ ⁇ ⁇ , . n ⁇
  • the most popular device of this article is the mobile communication terminal, that is, the mobile phone; it can also be a device designed for the N of the invention, and of course it can be a networked computer terminal.
  • the general method of using the online banking card is: When the user logs in to the online banking system, insert the CPU card into the computer terminal; then enter the PIN code on the computer, if the verification is passed, further related operations can be performed; then on the computer terminal Enter or generate transaction key data (name, account number, amount) and transfer it to the CPU card; then the CPU card signs the key transaction data and transmits it back to the computer terminal, and then transmits it to the online banking server via the computer network to confirm the signature and complete the transaction.
  • This CPU card authentication method can be based on the PKI public key system, and the private key is securely stored in the CPU card, which is in line with the national security requirements for online financial transactions. Of course, the CPU card can use the other security protocols to implement the service without using the PKI public key system and the digital signature method.
  • Screen confirmation means that the user will verify the transaction data displayed on the CPU card display module during the transaction to achieve the purpose of confirmation.
  • Input confirmation means that when the user is trading, some key transaction data, such as the name of the other party, the account number, and the transaction amount, need to be confirmed by physical input on the input module of the CPU card to prevent the attacker from tampering with the signature content. In short, it is to find a way for the user to confirm the accuracy of the data to be signed or to be used in the CPU card.
  • This method can also solve the problem of "not seen signing", but the solution cannot digitally sign the transaction data by the CPU card, and can only confirm the transaction data transmitted to the bank server, so it is not a perfect solution; , wrong signed data from the bank behalf , ⁇
  • the server passed to the corpse phone, and was not confirmed by the corpse, but the bank still erroneously slanderred; 3 ⁇ 4, the legal loss is still borne by the user. So the program is a flawed solution.
  • the user wants all the data sent to the bank server to be the data that the user wishes to send, and all the data seen on the display screen are the real data sent back by the bank or the real data input by the user himself. This is the so-called “what you see is what you sign” that the bank is currently paying for in the security field.
  • the computer client has a certain degree of security, which actually causes all the schemes to have such security holes. And our starting point is that the client is a Trojan, not just a Trojan. We assume that the operating system is a hacker's Trojan, and that the hacker fully grasps the client, and the user should not trust the security of the computer client at all. From the user's point of view, he just wants the computer client to handle the problem correctly, and does not care whether the computer client is safe.
  • the inventor believes that the acceptable security is that after the user displays the normal operation according to the screen of the computer client, the user cannot cause actual loss even if the data is tampered with; nor can the user base the user's screen based on the false display of the computer client screen. Shows actual loss after normal operation. The fact that no actual loss is caused is that the result is that the terminal is broken and cannot be used.
  • the Chinese patent application ZL200910008843 discloses a device for performing trusted digital signature on a smart cipher key and a working method thereof.
  • the key signature data in the smart cipher key can be confirmed by the customer by physical confirmation on the device.
  • the device processes the confirmed key signature data, it is combined with the key signature data and sent to the ordinary smart cryptographic key for digital signature, and transmitted back to the server, and the server determines the validity and correctness of the signature to implement the user. Trusted confirmation of ordinary smart cryptographic key signature data.
  • a CPU card with a display module or a keyboard module fully meets the requirements of a complete trusted computer, and obviously meets the requirements of "what you see is what you sign".
  • the display module and the input module can only be made small.
  • a small screen is not easy to read, and a small keyboard is not easy to operate; especially when the CPU card is in use, most of them need to physically access other computer terminals, so that the CPU card is far away from the user, which makes the small display module and The keypad module is not easy to use.
  • the CPU card is wirelessly connected to the computer terminal, of course, the distance problem can be avoided; however, the CPU card must have a battery system and charging problem.
  • the method for securely digitally signing may be when the data to be signed is input or generated by the computer terminal and transmitted to the CPU card; in the CPU card, before the signature of the signature data, a one-time confirmation password is generated by the CPU card ( Dynamic password), and transmit the confirmation password and the data to be signed to the bank customer through the computer terminal in a relatively safe manner; after confirming the accuracy of the data to be signed, the bank customer inputs a corresponding confirmation password on the computer terminal; The card compares the confirmation password received from the computer terminal with the generated confirmation password, and performs corresponding digital signature. Otherwise, the corresponding digital signature is not performed. It is also possible to use a commonly used input to confirm that the password is not correct and to cancel the data to be checked to improve security.
  • the CPU card may also first require input of an authentication password (PIN) or an identity authentication dynamic password to prevent multiple input of the data to be signed and the confirmation of the password.
  • PIN authentication password
  • an identity authentication dynamic password to prevent multiple input of the data to be signed and the confirmation of the password.
  • may also confirm by adding a confirmation button on the CPU card, so you don't need a 'live password (password) once.
  • the CPU card can use the data only after obtaining the user confirmation (for example, digital signature, modify the data in the CPU card), and can further provide the bank.
  • the server gets the corresponding service.
  • the method can be used for network payment, modification and resetting of key data in a CPU card; combined with a good cryptographic protocol, the method of safely using online banking, games and the like on a potentially unsafe computer terminal can be solved simply and safely. Realize the security purpose of "signing and seeing".
  • a method for confirming data in a CPU card comprising: generating, by the CPU card, a confirmation password, converting the data to be confirmed and confirming the password, outputting the converted data to be confirmed and confirming the password through the output interface of the CPU card, and passing the CPU
  • the input interface of the card inputs a confirmation password, and when the received confirmation password matches the confirmation password generated at the beginning, the CPU card confirms the data to be confirmed.
  • the CPU card generation confirmation password is generated by a random number generator in the CPU card. If the password is confirmed to be input from outside the CPU card, even the encrypted input is unsafe.
  • the random number generator is preferably a true random number generator, and of course a pseudo random number generator is also available. Obviously it would be better if there is a physical confirmation button on the CPU card.
  • converting the data to be signed and confirming the password is to convert the data to be signed and confirm the password in an encrypted manner.
  • the conversion of the data to be signed and the confirmation of the password are the steps of converting the data to be signed and the confirmation password into graphic data; further, encrypting the data to be signed and the data of the confirmation password that have been converted into graphics.
  • step of signing or encrypting the already confirmed data after the CPU card confirms the data to be confirmed. Further, there are steps to output a signature or encrypt the already confirmed data.
  • Figure 1 shows a schematic diagram of a system associated with preferred embodiments 13 and 4; ⁇ — ra
  • m 2 table is better than the intention of the system 2 associated with the purchase
  • the core of the invention is the data to be signed or to be used in the CPU card, which is output to the user trusted device by a trusted method, and the user confirms the data to be signed or to be used; after the user confirms, the corresponding signature or the corresponding data is used.
  • a system associated with a method of confirming data in a CPU card is shown in FIG. This is a SMS confirmation program.
  • the cryptographic device 42 corresponds to the cryptographic device 51 of the short message gateway 5; that is, the cryptographic device 42 completes the encryption and the cryptographic device 51 decrypts.
  • the cryptographic device 51 discloses the public key (E M), the secret private key (D M); then the cryptographic device 42 is encrypted with the public key (E M ) and the cryptographic device 51 is decrypted with the secret private key (D M).
  • E M public key
  • D M secret private key
  • encryption and decryption can be accomplished using other cryptographic protocols.
  • the CPU card 4 stores a handheld device address, such as a mobile phone number.
  • the CPU card 4 When the CPU card 4 is connected to the computer terminal 3, the user inputs or generates transaction key data according to the prompt of the computer terminal 3, such as key data such as account name, account number, and amount of funds accepted; the computer terminal 3 transfers the key data to the CPU.
  • the CPU card 4 In the card 4; the CPU card 4 generates a confirmation password (PIN) by the random number generator 41, and encrypts the key data, the confirmation password, and the handheld device address (mobile phone number) by the encryption device 42; the encrypted data is transmitted to the computer terminal 3 And transmitted to the short message gateway 5 through the computer network 2; the cryptographic device 51 of the short message gateway 5 decrypts the encrypted data to obtain key data, confirm the password and the address of the handheld device (mobile phone number); the short message gateway 5 transmits the key data through the mobile wireless network 6.
  • PIN confirmation password
  • mobile phone number mobile phone number
  • the user After confirming that the password is sent to the handheld device 7 (the user's mobile phone) according to the handheld device address (mobile phone number); after confirming that the key data on the handheld device 7 is correct, the user enters the confirmation password on the computer terminal 3; the computer terminal 3 receives the received password. Confirm the password is transferred to the CPU card 4; CPU card 4 comparison After the confirmation password is consistent with the generated confirmation password, the key data is signed by the signature device 43, the CPU card 4 transmits the signed key data to the computer terminal 3, and transmits the signed key data to the bank server 1 through the computer network 2.
  • the bank server 1 performs the corresponding payment operation based on the signed key data.
  • the signature of the key data is the legal basis for the bank to operate the funds, and it is clear that the key data of the signature is securely confirmed by the bank customer through the handheld device 7.
  • This scheme obviously has a security defect.
  • the computer terminal 3 continuously delivers key data to the CPU card 4, and continuously guesses the corresponding confirmation password. Although the probability of success is small, it is also a security flaw.
  • the solution can be that the CPU card can only perform one key data signature work once, or send the input key data pre-password through SMS before inputting the key data. Before entering the key data, it must be confirmed by the user's handheld device 7 (mobile phone), or combined with the CPU card 4 and the handheld device 7 (mobile phone) to form a dynamic password authentication to ensure that the key data is input into the CPU card 4 for pre-authentication.
  • the method belonging to confirming the key data in the CPU card 4 is: the CPU card 4 receives the computer end ⁇ _ ⁇ _ ⁇ character ⁇ ⁇ m is called 3 key data passed through; CPU card 4 through the random number generator 41 to confirm the password; through the cryptographic device
  • the cryptographic device 52 decrypts the decrypted key data, the confirmation password and the handheld device address, and transmits (sms) to the handheld device 7 (mobile phone) via the mobile wireless network 6; the user confirms that the key information on the handheld device 7 (mobile phone) is correct.
  • the confirmation password is input to the computer terminal 3; the computer terminal 3 transmits the confirmation password to the CPU card 4, and the CPU card 4 compares the received confirmation password with the previously generated confirmation password, and then signs the key data by the signature device 43; The card 4 transmits the signed key data to the computer terminal 3, and transmits it to the bank network server 1 through the computer network 2 to complete the payment;
  • Chinese patent application ZL9912388 On the Internet plus mobile phone sound protection money payment security method and corresponding system
  • Chinese patent application ZL02116722 mobile phone caller ID information for a variety of financial card payment confirmation telecommunications methods and systems” proposed by the mobile phone Confirm the data in the server.
  • the main difference from this embodiment is that one is to confirm the data in the CPU card, one is to confirm the data in the server; one must ensure that the data in the CPU card is securely confirmed, so the key data and the confirmation password must be changed, and the server data Confirmation does not require this critical step; one is that the confirmed data also needs to be signed (encrypted) to be submitted to the banking service, and the data in the bank server is used directly for payment.
  • FIG. 1 A system associated with a method of confirming data in a CPU card according to a second embodiment of the present invention is shown in FIG. In this embodiment.
  • the handheld device 6 in the figure can be connected to the computer terminal 3 by a wired connection (such as a USB cable) or wirelessly (such as Bluetooth, can be a wireless computer network and a short message network), and the connection is represented by "wireless or wired connection 5".
  • the wireless or wired connection 5 can also directly connect the CPU card 4 to the handheld device 6.
  • the handheld device 6 is a mobile phone, it is preferable to add the cryptographic device 61 by adding an SD card or changing the SIM card.
  • the function of the cryptographic device 61 can also be implemented by using the mobile phone software.
  • the CPU card 4 When the CPU card 4 is connected to the computer terminal 3, the user inputs or generates transaction key data according to the prompt of the computer terminal 3, such as key data such as account name, account number, and amount of funds accepted; the computer terminal 3 transfers the key data to the CPU.
  • the CPU card 4 In the card 4; the CPU card 4 generates a confirmation password (PIN) by the random number generator 41, and encrypts the key data and the confirmation password by the encryption device 42; the encrypted key data and the confirmation password are transmitted to the computer terminal 3, and passed
  • the wireless or wired connection 5 is transmitted to the handheld device 6 (mobile phone); the cryptographic device 61 in the handheld device 6 decrypts the encrypted data to obtain key data and confirms the password; after the user confirms that the key data on the handheld device 6 is correct, at the end of the computer , ⁇ ⁇ ⁇ Ai ⁇ ⁇ said that the password is entered into the Buddha; the computer terminal 3 transmits the received confirmation password to the CPU ⁇ 4; after comparing the received acknowledgment password with the generated
  • the method of confirming the key data in the CPU card 4 is: the CPU card 4 receives the key data transmitted from the computer terminal 3; the CPU card 4 generates the confirmation password by the random number generator 41; the encryption is performed by the cryptographic device 42 Key data and confirmation password; the CPU card 4 transmits the encrypted key data and the confirmation password to the computer terminal 3, and transmits it to the handheld device 6 (mobile phone) through the wireless or wired connection 5; the user confirms the handheld device 6 (mobile phone)
  • a confirmation password is input on the computer terminal 3; the computer terminal 3 transmits a confirmation password to the CPU card 4, and the CPU card 4 compares the received confirmation password with the previously generated confirmation password, and passes through the signature device 43.
  • Signing key data the CPU card 4 transmits the signed key data to the computer terminal 3, and transmits it to the bank network server 1 through the computer network 2 to complete the payment;
  • the handheld device 6 used in the solution may be a "smart phone", and a decoding program for installing a password on the smart phone implements the cryptographic device 61; or a handheld device (mobile phone) of the solution is inserted into an SDIO card with a wireless communication module and decryption thereon.
  • the module is capable of receiving encrypted data transmitted by the computer terminal 3, and decrypted and displayed on the screen of the mobile phone. It is also possible for the user to hold a dedicated security device with a wireless communication module, display and keyboard. However, smart phones also have a security risk. When the smartphone is not secure, the confirmation password may be sent back to the unsafe computer terminal 3, and then the CPU card is input to generate an unsafe data confirmation.
  • the solution is to add a confirmation key to the CPU card to use with the confirmation password.
  • the best method is to make the connection of the CPU card to the user terminal (handheld device) a "one-way channel" from the CPU card to the user terminal, that is, the CPU card can send data to the user terminal, and the user device cannot transmit the information to CPU card.
  • a CPU card broadcasts information in a broadcast manner, and a user terminal can only receive information and cannot transmit information, which is a typical one-way channel.
  • the core of the present invention is the data to be signed in the CPU card, which is output to the trusted device of the user by the trusted method, and the data to be signed is confirmed by the user; after the user confirms, the corresponding signature is performed.
  • This method can be illustrated in Figure 1.
  • the CPU card 4 When the CPU card 4 is connected to the computer terminal 3, the user inputs or generates transaction key data according to the prompt of the computer terminal 3, such as key data such as account name, account number, and amount of funds accepted; the computer terminal 3 transfers the key data to the CPU.
  • the CPU card 4 In the card 4; the CPU card 4 generates a confirmation password (PIN) by the random number generator 41, and sets the confirmation password ⁇ ⁇ ⁇ ⁇ _ ⁇ , , > , , /D
  • the picture and the handheld device address are encrypted (or not encrypted) and sent to the short message gateway 5 and to the handheld device 7 (mobile phone); after the user confirms that the key data is correct, the confirmation password is entered on the computer terminal 3.
  • the computer terminal 3 transmits the received confirmation password to the CPU card 4; after comparing the received confirmation password with the generated confirmation password, the CPU card 4 signs the key data by the signature device 43, and the CPU card 4 signs the signature.
  • the data is transferred to the computer terminal 3, and the signed data is transmitted to the bank server 1 through the computer terminal 2; the bank server 1 performs a corresponding payment operation based on the signed payment data.
  • the signature of the key data is the legal basis for the bank to operate the funds, and it is clear that the key data of the signature is securely confirmed by the bank customer through the handheld device.
  • the method for confirming the key data in the CPU card 4 is: the CPU card 4 receives the key data transmitted from the computer terminal 3; the CPU card 4 generates the confirmation password through the random number generator 41; converts the key data and confirms The password is a graphic; the CPU card 4 transmits the converted key data and the confirmation password graphic, the handheld device address (mobile phone number) to the computer terminal 3, and transmits it to the short message gateway 5 through the computer network 2, and transmits it through the mobile wireless network 6 ( SMS) to the handheld device 7 (mobile phone); after confirming that the key information on the handheld device 7 (mobile phone) is correct, the user enters a confirmation password on the computer terminal 3; the computer terminal 3 transmits a confirmation password to the CPU card 4, the CPU card 4 Comparing the received confirmation password with the previously generated confirmation password, the key data is signed by the signature device 43; the CPU card 4 transmits the signed key data to the computer terminal 3, and transmits it to the bank network server 1 through the computer network 2, and completes Pay
  • the key data and the confirmation password need not be transmitted to the handheld device, and can actually be transmitted to the user's email address (using an email address instead of a mobile phone number address), which is convenient for users without a mobile phone. Security is sure to decline, but it is easier to use. Therefore, some users' trusted terminals are mobile phones, some users' trusted terminals are other computers (reading e-mails), and some users' trusted terminals are any other devices that can receive and display key data and confirm passwords. Essentially, it is necessary for the CPU card to tell the computer terminal which key data and confirmation password to send to which electronic address. Therefore, it is also very important to set and modify the output electronic address of the CPU card.
  • a method for confirming data in a CPU card is to modify or reset key data in a CPU card, and output to a trusted device of the user in a trusted manner, and the user confirms that the data is to be modified or Reset data; modify or reset after user confirmation.
  • This method can be illustrated with reference to Figure 1.
  • the user When the CPU card 4 is connected to the computer terminal 3, the user inputs or modifies or resets the data according to the prompt of the computer terminal, such as accepting the key data such as the mobile phone number or the EMAIL address stored in the CPU card; the computer terminal will modify or heavy
  • the key data is transferred to the CPU card 4; the CPU card 4 generates a confirmation password by the random number generator 41; the key data is encrypted by the cryptographic device 42, the password and the address of the handheld device are encrypted; and the CPU card 4 encrypts the key number spoon , ⁇ , ⁇ ⁇ data, Buddha password and handheld device address are transmitted to the computer terminal 3, and transmitted to the short gateway 5 through the computer 1 «" 3 ⁇ 4 each, the short message gateway 5 is decrypted by the cryptographic device 52 to obtain the decrypted
  • the key data, the confirmation password and the address of the handheld device and transmit (sms) to the handheld device 7 (mobile phone) via the mobile wireless network 6 according to the address of the handheld device; after confirming that the key information on
  • the CPU card 4 compares the received confirmation password with the previously generated confirmation password, and then modifies or resets the data in the CPU card 4 based on the key data.
  • This method is a method for safely modifying key data in the CPU card, and can ensure that the sensitive data in the CPU card is safely modified when the computer terminal is not safe. It can be seen from this embodiment that the first confirmed data in the CPU card can be derived from the connected computer terminal or from the CPU card itself; the confirmed data can be transmitted out of the CPU card (such as a secure signature transaction).
  • the way to encrypt the data can be digital signature, public key encryption, or Any other transformation; sent to the server: can be online banking, can also be a gaming website, or any other computer that provides services; obtain the corresponding services: can be secure payment, online game signature transaction, any other website can be confirmed according to the data Carry out the corresponding services.
  • the core of the invention is to confirm the accuracy of the information in the CPU card, so a method for confirming the data in the CPU card, which includes: the CPU card generates a confirmation password; converts the data to be confirmed and confirms the password; outputs through the output interface of the CPU card The converted data to be confirmed and the confirmation password; the confirmation password is input through the input interface of the CPU card; when the received confirmation password matches the previously generated confirmation password, the CPU card confirms the data to be confirmed; jobs.

Abstract

L'invention porte sur un procédé de confirmation sûre de données de clé dans une carte CPU. Le procédé comprend les opérations suivantes : un mot de passe de confirmation est généré par la carte CPU; les données devant être confirmées et le mot de passe de confirmation sont transformés; les données transformées devant être confirmées et le mot de passe de confirmation transformé sont délivrés par une interface de sortie de la carte CPU; le mot de passe de confirmation est appliqué en entrée par l'intermédiaire d'une interface d'entrée de la carte CPU; les données devant être confirmées sont confirmées par la carte CPU lorsque le mot de passe de confirmation reçu correspond au mot de passe de confirmation généré par la carte CPU. Le procédé peut être utilisé dans un paiement en ligne et la modification et le remplacement de données de clé dans la carte CPU. En combinaison avec un bon protocole cryptographique, le problème d'utilisation sécurisée de services tels qu'une banque en réseau et un jeu dans un terminal informatique éventuellement non sécurisé peut être résolu simplement et sûrement.
PCT/CN2010/078931 2009-11-23 2010-11-19 Procédé de confirmation de données dans une carte cpu WO2011060738A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200910234546.2 2009-11-23
CN200910234546.2A CN102073801A (zh) 2009-11-23 2009-11-23 一种确认cpu卡内数据的方法

Publications (1)

Publication Number Publication Date
WO2011060738A1 true WO2011060738A1 (fr) 2011-05-26

Family

ID=44032340

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/078931 WO2011060738A1 (fr) 2009-11-23 2010-11-19 Procédé de confirmation de données dans une carte cpu

Country Status (2)

Country Link
CN (1) CN102073801A (fr)
WO (1) WO2011060738A1 (fr)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103984906B (zh) * 2014-05-28 2018-01-16 天地融科技股份有限公司 一种无按键的电子密钥设备
CN112396424B (zh) * 2019-08-15 2024-02-02 京东科技控股股份有限公司 一种融合即时通讯系统的交易方法及系统

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101183456A (zh) * 2007-12-18 2008-05-21 中国工商银行股份有限公司 加密装置、利用该加密装置加密、认证的系统与方法
CN101494541A (zh) * 2009-03-06 2009-07-29 中国工商银行股份有限公司 一种实现对pin码进行安全保护的系统及方法

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101183456A (zh) * 2007-12-18 2008-05-21 中国工商银行股份有限公司 加密装置、利用该加密装置加密、认证的系统与方法
CN101494541A (zh) * 2009-03-06 2009-07-29 中国工商银行股份有限公司 一种实现对pin码进行安全保护的系统及方法

Also Published As

Publication number Publication date
CN102073801A (zh) 2011-05-25

Similar Documents

Publication Publication Date Title
EP2213044B1 (fr) Procédé pour fournir des transactions assurées en utilisant un appareil de transactions sécurisées et une vérification de filigrane
JP6012125B2 (ja) 問い合わせ型トランザクションによる強化された2chk認証セキュリティ
JP6105721B2 (ja) 企業トリガ式2chk関連付けの起動
KR101878149B1 (ko) 패스워드의 보안 입력 및 처리 장치, 시스템 및 방법
EP2634703B1 (fr) Dispositif à mémoire amovible et système et procédé de traitement de données basés sur le dispositif
CN102801710B (zh) 一种网络交易方法和系统
EP2999189A1 (fr) Procédé d'authentification de réseau pour des transactions électroniques sécurisées
CN101334884B (zh) 提高转账安全性的方法和系统
US20070033136A1 (en) Secured financial transaction device
US8060447B2 (en) Method of providing transactions employing advertising based verification
CN101221641B (zh) 一种联机交易的安全确认设备及联机交易方法
US20080284565A1 (en) Apparatus, System and Methods for Supporting an Authentication Process
EP2188942A2 (fr) Dispositif de protection des informations
US20110202762A1 (en) Method and apparatus for carrying out secure electronic communication
KR101879758B1 (ko) 사용자 단말기별 사용자 디지털 인증서 발급 방법 및 그 인증서에 의한 인증 방법
US20110202772A1 (en) Networked computer identity encryption and verification
CN102073803A (zh) 一种增强usbkey安全的装置、方法及系统
KR20140046674A (ko) 클라우드 공인인증 시스템 및 그 제공방법
WO2011060739A1 (fr) Système et procédé de sécurité
WO2011060738A1 (fr) Procédé de confirmation de données dans une carte cpu
JP5135331B2 (ja) 無線通信能力を有するpc用外部署名装置
WO2008022559A1 (fr) Dispositif et procédé permettant une utilisation sûre d'un service réseau sans qu'il soit nécessaire de reposer sur la sécurité côté client
Ortiz-Yepes Enhancing Authentication in eBanking with NFC-enabled mobile phones
KR20140047058A (ko) 클라우드 공인인증 시스템 및 그 제공방법
BRPI0803951A2 (pt) método para assinatura remota de dados

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10831153

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS (EPO FORM 1205A DATED 10-09-2012)

122 Ep: pct application non-entry in european phase

Ref document number: 10831153

Country of ref document: EP

Kind code of ref document: A1