WO2011069460A1 - Method and system for generating, recharging and querying rechargeable card - Google Patents

Method and system for generating, recharging and querying rechargeable card Download PDF

Info

Publication number
WO2011069460A1
WO2011069460A1 PCT/CN2010/079622 CN2010079622W WO2011069460A1 WO 2011069460 A1 WO2011069460 A1 WO 2011069460A1 CN 2010079622 W CN2010079622 W CN 2010079622W WO 2011069460 A1 WO2011069460 A1 WO 2011069460A1
Authority
WO
WIPO (PCT)
Prior art keywords
recharge card
recharge
card
serial number
ciphertext
Prior art date
Application number
PCT/CN2010/079622
Other languages
French (fr)
Chinese (zh)
Inventor
徐萌飞
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2011069460A1 publication Critical patent/WO2011069460A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols

Definitions

  • the present invention relates to the field of encryption technologies, and in particular, to a method for generating, recharging, and querying a recharge card. Background technique
  • a prepaid card is a PVC or paper card with a denomination that is used to recharge a specific gift card or a service, such as various game recharge cards and game cards.
  • the telecom industry also widely uses recharge cards to recharge or pay for customers, such as mobile phone recharge cards.
  • Each recharge card has a corresponding data stored in the database of the recharge center, so that the recharge center can retrieve the data to provide recharge service for the customer, and the recharge card is a valuable card certificate. Therefore, the data of the recharge card in the database is safe. Very important.
  • the card-making center encrypts the recharge card password with an irreversible encryption algorithm, and then encrypts the ciphertext and the recharge card amount of the encrypted recharge card password.
  • the second encryption uses an asymmetric encryption algorithm and uses a private key. encryption.
  • the card-making center loads the encrypted data and the serial number of the recharge card to the recharge center.
  • the recharge center forms the recharge card data table with the encrypted data together with the recharge card usage status and the sensitive field additional check information, and stores it in the recharge center. In the database.
  • the recharge card serial number is used to provide the recharge card to the recharge center when the user queries the recharge card information, so that the recharge center finds the corresponding recharge card data table in the database according to the serial number (plain text), and the recharge card in the data table
  • the usage status and validity period information are returned to the customer via the service control point.
  • the recharge card purchased by the user usually contains the serial number and recharge card password information.
  • the service access point receives the recharge card password input by the user and forwards it to the In the recharge center, the recharge center encrypts the password by using the same irreversible encryption algorithm as the card-making center, and decrypts the recharge card data according to the public key generated by the asymmetric encryption algorithm used by the card-making center, thereby finding a match in the database.
  • the recharge card data table After confirming the status and validity field of the recharge card, the recharge card data table returns the information such as the recharge amount of the recharge card to the user via the service access point, and after the user confirms the recharge, the recharge center updates the recharge card data table.
  • the recharge center operates according to the ciphertext of the recharge card password, and the illegal user of the recharge card
  • the plaintext of the recharge card password cannot be known, and the probability of leakage and misappropriation of the recharge card password is reduced.
  • the inventor found in the process of implementing the invention that the vulnerabilities of the recharge card database are used, even if the plaintext of the recharge card password cannot be known.
  • the recharge card can be stolen, that is, after obtaining an unused recharge card, the unused recharge card data table is found in the database according to the clear text of the recharge card serial number, and the data is backed up, and the card is used. After the recharge is completed, the original recharge card data table is updated to the database, and the recharge card can be used to recharge the recharge card.
  • the embodiment of the invention provides a method and a device for generating a prepaid card, a charging method and system, a query method and a system, and can improve the security of the recharge card system.
  • a method for generating a recharge card including:
  • the serial number ciphertext is stored in the recharge card database and corresponds to the recharge card data of the recharge card.
  • a method for recharging using a recharge card comprising:
  • Receiving the identification code of the recharge card And searching for the corresponding recharge card data in the database according to the identification code of the recharge card, and returning the recharge card information, where the recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned recharge card information includes recharging Card face value and/or expiration date information of the recharge card;
  • the amount of the recharge card is returned to enable the docking system to recharge the user account.
  • a method for querying recharge card information including:
  • a recharge card generating device includes:
  • a serial number generating module configured to generate a serial number of the recharge card
  • An encryption module configured to encrypt the serial number to generate a serial number ciphertext
  • a storage module configured to store the serial number ciphertext in the recharge card database, and corresponding to the recharge card data of the recharge card.
  • a prepaid card system comprising:
  • a first receiving unit configured to receive an identification code of the recharge card
  • a query unit configured to query, according to the identifier code of the recharge card, the corresponding recharge card data in the database and return the recharge card information, where the recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned
  • the recharge card information includes recharge card face value and/or expiration date information of the recharge card
  • a second receiving unit configured to receive refill confirmation information
  • the feedback unit is configured to return the amount of the recharge card to enable the docking system to recharge the user account.
  • a recharge card information inquiry system comprising:
  • a third receiving unit configured to receive a serial number of the recharge card
  • An encryption unit configured to encrypt the received recharge card serial number by using the same encryption method as the serial number ciphertext stored in the recharge card database to generate a serial number ciphertext
  • a searching unit configured to search, in the recharge card database, whether there is a matching serial number ciphertext according to the serial number ciphertext;
  • an obtaining unit configured to obtain, after the search unit finds the matched sequence number ciphertext, the recharge card status information corresponding to the matching sequence number ciphertext.
  • the recharge card data table corresponding to the serial number can be easily located in the recharge card database by using the serial number of the recharge card, so that backup and reuse can be implemented.
  • the recharge card is used.
  • the serial number is encrypted, and the display mode of the serial number in the recharge card data table is changed, that is, the original plaintext is changed into ciphertext, so that even if an unused recharge card is obtained, the serial number of the recharge card (plain text) is obtained. It is also impossible to locate the corresponding recharge card data table in the database, so that the backup of the data table and the re-use of the recharge card cannot be realized, and the security of the recharge card system is improved.
  • FIG. 1 is a flowchart of a method for generating a recharge card according to an embodiment of the present invention
  • FIG. 2 is a flow chart of an embodiment of a method for generating a recharge card
  • FIG. 3 is a flow chart of another embodiment of a method for generating a recharge card
  • FIG. 4 is a flow chart of a method for recharging using a recharge card according to an embodiment of the present invention
  • FIG. 5 is a timing chart of a method for recharging using a recharge card according to an embodiment of the present invention
  • FIG. 6 is a recharge card information according to an embodiment of the present invention
  • Method timing diagram of the query is a schematic structural diagram of a recharge card generating apparatus according to an embodiment of the present invention
  • FIG. 8 is a schematic structural diagram of a recharge card system according to an embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram of another recharge card system according to an embodiment of the present invention.
  • FIG. 10 is a schematic structural diagram of a recharge card information inquiry system according to an embodiment of the present invention. detailed description
  • the method may include: Step 101: Generate a serial number of the recharge card.
  • the method for generating the serial number may adopt a prior art, and may be sorted or randomly generated according to a certain rule.
  • the process of generating the recharge card serial number can be performed simultaneously with the generation of information such as the recharge card password.
  • the generated serial number is an unencrypted serial number, that is, the serial number is clear.
  • Step 102 Encrypt the serial number to generate a sequence number ciphertext.
  • the encryption algorithm for the serial number may be a reversible encryption algorithm or an irreversible encryption algorithm. If it is an irreversible encryption algorithm, the serial number information will not be recorded when the log is recorded after recharging.
  • Step 103 Store the serial number ciphertext into the recharge card database, and correspond to the recharge card data of the recharge card.
  • the display manner of the serial number in the recharge card data table is changed, that is, the original plaintext is changed into ciphertext, so that even if an unused recharge card is obtained, According to the serial number of the recharge card, the plain text cannot be located in the database.
  • the recharging card data table can not realize the backup of the data table and the re-use of the recharge card, thereby improving the security of the recharge card system.
  • FIG. 2 which is a flowchart of an embodiment of a method for generating a recharge card, the embodiment is described by taking an encrypted serial number in the card making process as an example.
  • the method may include: Step 201: Generate a recharge card password and a serial number in the card making process.
  • the recharge card serial number can be generated simultaneously with the password or separately.
  • the password and serial number generated in this step are plain text, that is, the number is not encrypted.
  • the password and the serial number can be separately encrypted, and the same method can also be used to simultaneously encrypt and generate the respective ciphertext.
  • the encryption algorithm can employ a variety of algorithms in the prior art. For example: A recharge card with a recharge card number of 7533479, the recharge card password is 5219, and the recharge card serial number is 5538832649. After encryption, the corresponding card data stored in the recharge card table in the recharge center database is encrypted.
  • Step 203 Load the password ciphertext and the serial number ciphertext into the database of the recharge center. After loading, the recharge data table corresponding to each recharge card in the recharge center database will display the serial number cipher text and password cipher text of the recharge card, as shown in the following table:
  • FIG. 3 is a flowchart of another embodiment of a method for generating a recharge card, the embodiment is described by taking an encrypted serial number in the process of card loading activation as an example.
  • the method may include: Step 301: After the card-making center encrypts the recharge card password to generate the password ciphertext, the password ciphertext and the recharge card serial number plaintext are loaded into the recharge card database of the recharge center. Step 302: Encrypt the serial number to generate a serial number ciphertext. The encryption process is the same as the foregoing embodiment, and details are not described herein again. Step 303: Store the serial number ciphertext in the recharge card database, and correspond to the recharge card data of the recharge card.
  • the storage refers to the method of using the serial number ciphertext instead of the plain text in the prior art.
  • the recharge card data table corresponding to each recharge card includes the serial number ciphertext and the password. Data information such as cipher text.
  • the use of the serial number ciphertext makes it impossible to locate the corresponding recharge data table of the serial number in the database according to the plaintext of the serial number, thereby improving the security of the recharge card system.
  • FIG. 4 it is a flowchart of a method for recharging using a recharge card according to an embodiment of the present invention.
  • the method may include: Step 401: Receive an identification code of the recharge card.
  • the identification code may be a card number and/or a password, or other number for providing a voucher during recharging.
  • the user submits the identification code of the recharge card, such as the card number and password, to the service access point, and the service access point sends the card number and password to the recharge center service processing point, where the card number and password are used. It is plain text, ie it is not encrypted.
  • Step 402 Query the corresponding recharge card data according to the recharge card identification code and return the recharge card information.
  • the recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned recharge card information includes a recharge card denomination. And/or the expiration date of the recharge card.
  • the recharge center service processing point encrypts the received card number and password.
  • the encryption method is the same as the encryption method of the card-making center for the recharge card number and password. This is to ensure that the card number and password submitted by the user are encrypted.
  • the ciphertext can find the matching ciphertext in the database of the recharge center to further query the corresponding recharge card data and return the recharge card information to the service access point, and the service access point returns the recharge card information to the client end. .
  • the query process may further include authenticating the user's mobile phone number sent by the service processing point, and validating the valid field of the recharge card data table. The specific process of the query is a prior art, and details are not described herein.
  • the matching recharge card information cannot be queried according to the user's recharge card password, or the result of the face card authentication, authentication, etc. fails, the related result of the refill failure is returned to the service access point, and the result is obtained by the service access point. Return to the user.
  • the plaintext of the recharge card serial number is not displayed, but the serial number ciphertext generated by encrypting the recharge card serial number is included.
  • the returned recharge card information includes information such as the recharge card face value and/or the expiration date of the recharge card, but does not include the recharge card serial number ciphertext.
  • Step 403 Receive recharge confirmation information. After the service access point receives the information that the user confirms the recharge, the service access point sends the information to the recharge center service processing point. Step 404, returning the recharge card amount for recharging.
  • the recharge center business processing point feeds back the recharge card amount in the recharge card data table to the docking system such as the service access point, and the service access point updates the user account amount, and feeds the result back to the user.
  • the display manner of the serial number in the recharge card data table is changed from the original plaintext to the ciphertext, so that even if an unused recharge card is obtained, the plaintext according to the serial number of the recharge card cannot be in the database.
  • the corresponding recharge card data table is located in the middle, so that the backup of the data table and the re-use of the recharge card cannot be realized, and the security of the recharge card system is improved.
  • FIG. 5 it is a timing diagram of a method for recharging using a recharge card according to an embodiment of the present invention.
  • the method may include: Step 501: Receive a password of a recharge card.
  • the identification code of the recharge card used in this embodiment is the password of the recharge card.
  • Step 502 Query the corresponding recharge card data according to the recharge card password and return the recharge card information.
  • the recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned recharge card information includes a recharge card face value and / or the validity period of the recharge card.
  • Step 503 Receive recharge confirmation information.
  • the previous steps 501 to 503 are similar to the corresponding steps in the foregoing embodiment, and are not described herein again.
  • Step 504 Update status information of the recharge card, and change a password ciphertext in the recharge card data. Update the status of the recharge card to the used status.
  • There are various ways to change the password ciphertext For example, a new ciphertext can be generated by performing an encryption operation. In this embodiment, a random insertion number is randomly selected in the ciphertext.
  • the recharge center randomly inserts the password ciphertext of the recharge card using a random number algorithm (for example, a three-digit random number 269), and the password ciphertext may become 472329496321074798 from the original 473294932107478, and the original ciphertext is destroyed.
  • a random number algorithm for example, a three-digit random number 269
  • the password ciphertext may become 472329496321074798 from the original 473294932107478, and the original ciphertext is destroyed.
  • the process proceeds to step 505.
  • Step 505 Decrypt the serial number ciphertext in the recharge card data to obtain a sequence number plaintext, and use the serial number plaintext to record the recharge log.
  • Step 506 returning the amount of the recharge card for recharging.
  • the order of steps 504 to 506 can be adjusted to form different technical solutions, which are all within the protection scope of the claims.
  • the use of the serial number ciphertext makes it impossible to locate the corresponding recharge data table of the serial number in the database according to the plaintext of the serial number, and the recharge card serial number obtained by the pirate is used as the plaintext. 5538832649, and the ciphertext is stored in the database.
  • the password ciphertext in the recharge card database is changed and destroyed, even if the attempted pirate finds the corresponding recharge card record in the database, then the recharge card password ciphertext has been The random number is polluted. Take the foregoing as an example. At this time, the password ciphertext of the database has become 472329496321074798. The user then recharges the original recharge card password, and the ciphertext after the recharge center is 473294932107478, which cannot be matched in the database. The corresponding record.
  • the recharge log records the replenishment card serial number plaintext.
  • the recharge card serial number plaintext When the internal user views the recharge account, the user still sees the recharge card serial number plaintext, and the user still cannot locate the recharge card in the database through the recharge card serial number. The record also further ensures that the recharge card will not be reused.
  • the existing recharge card information query method can not be used for information inquiry. The following method for information query is detailed by specific embodiments. Description. Referring to FIG. 6, a timing diagram of a method for querying recharge card information according to an embodiment of the present invention is shown.
  • the method can include: Step 601: Receive a serial number of the recharge card. After receiving the serial number entered by the user, the service control point forwards the sequence to the service processing point of the recharge center, where the serial number received by the service processing point is the plaintext of the serial number. Step 602: Encrypt the received recharge card serial number to generate a sequence number ciphertext. The received serial number is encrypted by the refill center service processing point using the same encryption method as the serial number ciphertext stored in the recharge card database. Step 603: Search, according to the sequence number ciphertext, whether there is a matching sequence number ciphertext in the recharge card database.
  • the ciphertext generation method of the serial number ciphertext is the same as the ciphertext generation method of the matching ciphertext, if the recharge card is legal, according to the ciphertext generated by the encryption in the previous step, it can be found in the recharge card database of the recharge center.
  • the matching serial number ciphertext the so-called matching can mean the same. Step 604, if yes, acquiring and returning the recharge card status information corresponding to the matching sequence number ciphertext.
  • the recharge center business processing point After the matching ciphertext of the serial number is queried, the recharge center business processing point reads the recharge card data table, obtains information such as the recharge amount, validity period, and usage status, and returns the information to the service control point, further by the service control point. Return to the user, complete the query operation.
  • the serial number is set in the ciphertext, and the refill center encrypts the received serial number plaintext during the query, and still uses the serial number ciphertext for query, so The recharge card data table corresponding to the clear text of the recharge card serial number is obtained, and the recharge card cannot be reused, thereby improving the security of the recharge card system.
  • FIG. 7 is a schematic structural diagram of a recharge card generating apparatus according to an embodiment of the present invention.
  • the recharge card generating device may include a serial number generating module 701, an encryption module 702, and a storage module 703.
  • the serial number generating module 701 is configured to generate a serial number of the recharge card.
  • the encryption module 702 is configured to encrypt the serial number to generate a serial number ciphertext.
  • the storage module 703 is configured to store the serial number ciphertext in the recharge card database, and corresponding to the recharge card data of the recharge card.
  • the above three modules of the device may be disposed at the card making center, and the serial number generating module 701 generates a serial number of the recharge card by the card making center, and the generating process may be the same as the generating method of the recharge card password, and then pass the encryption module.
  • the recharge card serial number information part shows the serial number ciphertext instead of the serial number plaintext.
  • the above three modules of the device may not be disposed at the card making center, the serial number generating module 701 may be disposed at the card making center, and the encryption module 702 and the storage module 703 may be disposed at the refill center.
  • the serial number of the recharge card is generated by the card making center through the serial number generating module 701, and then the serial number is encrypted by the recharging center through the encryption module 702 to generate a serial number ciphertext, and the storage module 703 adds the serial number ciphertext together with the recharge card.
  • the other data is stored in the data table of the recharge card.
  • the recharge card serial number information portion also displays the sequence number ciphertext instead of the sequence number plaintext.
  • the refill card serial number information in the refill card database is displayed in cipher text instead of plaintext, so that the serial number according to the recharge card is obtained.
  • FIG. 8 is a schematic structural diagram of a prepaid card system according to an embodiment of the present invention.
  • the system can include a first receiving unit 801, a query unit 802, a second receiving unit 803, and a feedback unit 804.
  • the first receiving unit 801 is configured to receive an identification code of the recharge card.
  • the query unit 802 is configured to query the corresponding recharge card data according to the received recharge card identification code and return the recharge card information, where the recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned recharge card information includes Recharge card face value and / or recharge card validity period information.
  • the second receiving unit 803 is configured to receive refill confirmation information.
  • the feedback unit 804 is configured to return the amount of the recharge card to enable the docking system to recharge the user account.
  • the refilling is implemented by using the above four units, and the recharge card data includes the serial number ciphertext generated after encrypting the recharge card serial number, that is, the recharge card serial number information in the recharge card database is displayed in cipher text instead of In plain text, the corresponding recharge card data table cannot be found in the database according to the serial number of the recharge card, which solves the problem of re-use of the recharge card and improves the security of the recharge system.
  • FIG. 9 is a schematic structural diagram of another recharge card system according to an embodiment of the present invention.
  • the system includes a first update unit 901, a query unit 902, a second receiving unit 903, and a feedback unit 904, and may further include a status update unit 905, a decryption unit 906, and a recording unit 907.
  • the first receiving unit 901, the querying unit 902, the second receiving unit 903, and the feedback unit 904 are similar to the corresponding units in the embodiment shown in FIG. 8, and details are not described herein again.
  • the status update unit 905 is configured to: after the second receiving unit 903 receives the refill confirmation information, update the status information of the recharge card, and change the identification code ciphertext in the recharge card data.
  • the decryption unit 906 is configured to decrypt the serial number ciphertext in the recharge card data after the second receiving unit receives the refill confirmation information to obtain a sequence number plaintext.
  • the recording unit 907 is configured to record the refill log by using the serial number plaintext.
  • the service access point forwards the identification code to the first receiving unit 901 of the system, and the query unit 902 queries the matched recharge card information through the identification code.
  • the access point returns to the user end.
  • the status update unit 905 updates the status information of the recharge card, and changes the identification code ciphertext in the recharge card data, and the status update.
  • the unit 905 may specifically change the identification code ciphertext in the recharge card data by inserting a random number in the identification code ciphertext; when recording the log, if the serial number of the recharge card needs to be recorded, the recharging card is decrypted by the decryption unit 906 The serial number ciphertext in the data is decrypted to obtain the clear text of the serial number, and the recording unit 907 records the refill log using the serial number plaintext; the feedback unit 904 returns the amount of the recharge card to the docking system such as the service access point, and the service access point is updated. User account balance and return results to the user.
  • the status update unit 905 may perform the update process of the recharge card status and the destruction process of the identification code ciphertext, the recording process of the recharge log by the decryption unit 906 and the recording unit 907, and the feedback process of the feedback unit 904 may be performed simultaneously, or may be performed according to a certain The order is carried out, which is not limited here.
  • the querying unit 902 fails to query the matching recharge card information according to the recharge card identification code provided by the user, or fails to verify, the authentication, etc.
  • the query unit 902 returns a related result of the recharging failure to the service access point, and the service access point Return this result to the user. This situation is prior art and will not be described here.
  • the use of the serial number ciphertext makes it impossible to locate the corresponding recharge data table of the serial number in the database according to the plaintext of the serial number, thereby improving the security of the use of the recharge card.
  • the identification code ciphertext in the recharge card database is modified and destroyed, so that the thief uses the recharge card identification code to re-use the plaintext even if the recharge card status is modified, because the recharge is performed.
  • Card identification code ciphertext has been polluted by random numbers, recharge center The record of the response could not be matched in the database, and the refill failed.
  • the recharge card records the plain text of the recharge card serial number.
  • FIG. 10 is a schematic structural diagram of a recharge card information inquiry system according to an embodiment of the present invention.
  • the system may include: a third receiving unit 1001, configured to receive a serial number of the recharge card.
  • the encryption unit 1002 is configured to encrypt the received recharge card serial number by using the same encryption method as the serial number ciphertext stored in the recharge card database to generate a serial number ciphertext.
  • the searching unit 1003 is configured to search, in the recharge card database, whether there is a matching sequence number ciphertext according to the serial number ciphertext.
  • the obtaining unit 1004 is configured to obtain, after the searching unit 1003 finds the matched sequence number ciphertext, the recharge card status information corresponding to the matching sequence number ciphertext.
  • the service control point is forwarded to the third receiving unit 1001 of the system after receiving the plain text of the recharge card serial number provided by the user, and the encryption unit 1002 encrypts the plaintext received by the third receiving unit 1001 to generate the ciphertext of the serial number.
  • the searching unit 1003 searches for the matching sequence number ciphertext in the refill card database according to the sequence number ciphertext. After the searching unit 1003 finds the matched sequence number ciphertext, the obtaining unit 1004 obtains and returns the matching sequence. The status information of the recharge card corresponding to the cipher text.
  • the search unit 1003 cannot find the matching serial number ciphertext, the query failure information is returned to the service control point.
  • the received sequence number is encrypted by the encryption unit 1002, so that the recharge center uses the serial number password in the search process, so that the internal user still cannot obtain the correspondence between the plaintext and the ciphertext of the serial number, and thus cannot obtain the serial number.
  • the recharge card data table corresponding to the clear text of the card serial number is used, the recharge card cannot be reused, thereby improving the security.

Abstract

A rechargeable card generation method and apparatus, recharging method and system, and query method and system thereof are provided by the present invention. The rechargeable card generation method includes that a sequence number of the rechargeable card is generated; the sequence number is encrypted to generate a sequence number ciphertext; the sequence number ciphertext is stored in the rechargeable card database and is corresponding to the rechargeable card data of the rechargeable card. In the embodiments of the present invention, by the encryption performed on the sequence number of the rechargeable card, the display means of the sequence number in the rechargeable card data list is changed, i.e. the primary plaintext is changed to a ciphertext. In this way, even though an unused rechargeable card is obtained, the corresponding rechargeable card data list cannot be located in the database according to the sequence number plaintext of the rechargeable card, thus neither the data list backup nor the rechargeable card reuse can be realized. Meanwhile, after the recharging is successful, the ciphertext of the recharged rechargeable card is destroyed by using a random number pollution method, thus the security of the rechargeable card system is improved.

Description

充值卡生成、 充值、 查询方法及系统 本申请要求于 2009 年 12 月 11 日提交中国专利局、 申请号为 200910254328.5、 发明名称为 "充值卡生成、 充值、 查询方法及系统" 的中 国专利申请的优先权, 其全部内容通过引用结合在本申请中。 技术领域  Recharge card generation, recharge, inquiry method and system This application claims to be submitted to the Chinese Patent Office on December 11, 2009, the application number is 200910254328.5, and the invention name is "recharge card generation, recharge, inquiry method and system" Chinese patent application Priority is hereby incorporated by reference in its entirety. Technical field
本发明涉及加密技术领域, 尤其涉及一种充值卡生成、 充值、 查询方 法及系统。 背景技术  The present invention relates to the field of encryption technologies, and in particular, to a method for generating, recharging, and querying a recharge card. Background technique
充值卡是一种具有一定面值, 用于给特定储值卡或某种服务充值续费 的 PVC或纸卡, 如各种游戏充值卡、 游戏点卡。 电信行业也广泛使用充值 卡为客户进行充值或缴费, 如手机充值卡。 每一张充值卡都有一条对应的 数据存储在充值中心的数据库中, 以便于充值中心调取该数据为客户提供 充值服务, 充值卡为有价卡证, 因此, 数据库中充值卡数据的安全非常重 要。  A prepaid card is a PVC or paper card with a denomination that is used to recharge a specific gift card or a service, such as various game recharge cards and game cards. The telecom industry also widely uses recharge cards to recharge or pay for customers, such as mobile phone recharge cards. Each recharge card has a corresponding data stored in the database of the recharge center, so that the recharge center can retrieve the data to provide recharge service for the customer, and the recharge card is a valuable card certificate. Therefore, the data of the recharge card in the database is safe. Very important.
现有技术中常采用多种加密方法来对充值卡数据进行加密, 以保证数 据的安全性。 由制卡中心对充值卡密码釆用不可逆加密算法进行加密, 然 后对加密后的充值卡密码的密文及充值卡金额进行二次加密, 该二次加密 采用非对称加密算法, 使用私钥进行加密。 制卡中心将加密后的数据及充 值卡的序列号加载至充值中心, 充值中心将加密后的数据连同充值卡使用 状态及敏感字段附加校验信息等字段形成充值卡数据表, 存储在充值中心 的数据库中。 其中, 充值卡序列号用于在用户查询充值卡信息时向充值中 心提供, 以便于充值中心根据该序列号 (明文) 在数据库中找到对应的充 值卡数据表, 将数据表中该充值卡的使用状态、 有效期信息经业务控制点 返回至客户。  In the prior art, multiple encryption methods are often used to encrypt the recharge card data to ensure data security. The card-making center encrypts the recharge card password with an irreversible encryption algorithm, and then encrypts the ciphertext and the recharge card amount of the encrypted recharge card password. The second encryption uses an asymmetric encryption algorithm and uses a private key. encryption. The card-making center loads the encrypted data and the serial number of the recharge card to the recharge center. The recharge center forms the recharge card data table with the encrypted data together with the recharge card usage status and the sensitive field additional check information, and stores it in the recharge center. In the database. The recharge card serial number is used to provide the recharge card to the recharge center when the user queries the recharge card information, so that the recharge center finds the corresponding recharge card data table in the database according to the serial number (plain text), and the recharge card in the data table The usage status and validity period information are returned to the customer via the service control point.
用户购买的充值卡上通常包含有序列号和充值卡密码信息。 当用户在 使用充值卡进行充值时, 业务接入点接收用户输入的充值卡密码并转发给 充值中心, 充值中心采用与制卡中心相同的不可逆加密算法对该密码进行 加密, 并根据制卡中心采用的非对称加密算法产生的公钥对充值卡数据进 行解密, 从而在数据库中查找出匹配的充值卡数据表, 在对该充值卡的状 态、 效验字段进行确认后, 将该充值卡的充值金额等信息经业务接入点返 回用户, 用户确认充值后, 充值中心更新该充值卡数据表的信息, 业务接 入点更新用户的账户余额, 完成充值。 The recharge card purchased by the user usually contains the serial number and recharge card password information. When the user recharges using the recharge card, the service access point receives the recharge card password input by the user and forwards it to the In the recharge center, the recharge center encrypts the password by using the same irreversible encryption algorithm as the card-making center, and decrypts the recharge card data according to the public key generated by the asymmetric encryption algorithm used by the card-making center, thereby finding a match in the database. After confirming the status and validity field of the recharge card, the recharge card data table returns the information such as the recharge amount of the recharge card to the user via the service access point, and after the user confirms the recharge, the recharge center updates the recharge card data table. The information, the service access point updates the user's account balance, and completes the recharge.
虽然通过上述多种加密过程使充值卡密码、 金额等重要信息以密文的 形式储存在数据库中, 而且查询和充值时, 充值中心也根据充值卡密码的 密文进行操作, 充值卡的非法用户无法获知充值卡密码的明文, 减少了充 值卡密码的泄露和盗用几率, 但是, 发明人在实现本发明的过程中发现, 利用充值卡数据库的漏洞, 即使无法得知充值卡密码的明文也仍然可以盗 用充值卡, 即在获取一张未使用的充值卡后, 根据充值卡序列号明文, 在 数据库中查找到这张未使用的充值卡数据表, 将此条数据进行备份, 待使 用此卡充值完毕后, 将原来备份的充值卡数据表更新到数据库中, 就可以 使用此充值卡重复充值, 从而盗用充值卡。 发明内容  Although the important information such as the recharge card password and the amount are stored in the database in the form of cipher text through the above various encryption processes, and the inquiry and recharge are performed, the recharge center operates according to the ciphertext of the recharge card password, and the illegal user of the recharge card The plaintext of the recharge card password cannot be known, and the probability of leakage and misappropriation of the recharge card password is reduced. However, the inventor found in the process of implementing the invention that the vulnerabilities of the recharge card database are used, even if the plaintext of the recharge card password cannot be known. The recharge card can be stolen, that is, after obtaining an unused recharge card, the unused recharge card data table is found in the database according to the clear text of the recharge card serial number, and the data is backed up, and the card is used. After the recharge is completed, the original recharge card data table is updated to the database, and the recharge card can be used to recharge the recharge card. Summary of the invention
本发明实施例提供一种充值卡生成方法及装置、 充值方法及系统、 查 询方法及系统, 能够提高充值卡系统的安全性。  The embodiment of the invention provides a method and a device for generating a prepaid card, a charging method and system, a query method and a system, and can improve the security of the recharge card system.
为了解决上述技术特征, 本发明实施例提供的技术方案如下: 一种充值卡生成方法, 包括:  In order to solve the above technical features, the technical solution provided by the embodiment of the present invention is as follows: A method for generating a recharge card, including:
生成充值卡的序列号;  Generate a serial number of the recharge card;
对所述序列号进行加密生成序列号密文;  Encrypting the serial number to generate a sequence number ciphertext;
将所述序列号密文存储至充值卡数据库中, 并与所述充值卡的充值卡 数据对应。  The serial number ciphertext is stored in the recharge card database and corresponds to the recharge card data of the recharge card.
一种使用充值卡进行充值的方法, 包括:  A method for recharging using a recharge card, comprising:
接收充值卡的标识码; 根据所述充值卡的标识码在数据库中查询对应的充值卡数据并返回充 值卡信息, 所述充值卡数据包括对序列号加密后生成的序列号密文, 返回 的所述充值卡信息包括充值卡面值和 /或充值卡的有效期信息; Receiving the identification code of the recharge card; And searching for the corresponding recharge card data in the database according to the identification code of the recharge card, and returning the recharge card information, where the recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned recharge card information includes recharging Card face value and/or expiration date information of the recharge card;
接收充值确认信息;  Receiving refill confirmation information;
返回所述充值卡的金额以使对接系统对用户帐户进行充值。  The amount of the recharge card is returned to enable the docking system to recharge the user account.
一种充值卡信息查询方法, 包括:  A method for querying recharge card information, including:
接收充值卡的序列号;  Receiving the serial number of the recharge card;
采用与充值卡数据库中存储的序列号密文相同的加密方式对所述接收 到的充值卡序列号进行加密生成序列号密文;  Encrypting the received recharge card serial number to generate a serial number ciphertext by using the same encryption method as the serial number ciphertext stored in the recharge card database;
根据所述序列号密文在充值卡数据库中查找是否有匹配的序列号密 文;  Finding, according to the serial number ciphertext, whether there is a matching serial number ciphertext in the recharge card database;
若有, 则获取并返回所述匹配序列号密文对应的充值卡状态信息。 一种充值卡生成装置, 包括:  If yes, the status information of the refill card corresponding to the matching sequence number ciphertext is obtained and returned. A recharge card generating device includes:
序列号生成模块, 用于生成充值卡的序列号;  a serial number generating module, configured to generate a serial number of the recharge card;
加密模块, 用于对所述序列号进行加密生成序列号密文;  An encryption module, configured to encrypt the serial number to generate a serial number ciphertext;
存储模块, 用于将所述序列号密文存储至充值卡数据库中, 并与所述 充值卡的充值卡数据对应。  And a storage module, configured to store the serial number ciphertext in the recharge card database, and corresponding to the recharge card data of the recharge card.
一种充值卡系统, 包括:  A prepaid card system comprising:
第一接收单元, 用于接收充值卡的标识码;  a first receiving unit, configured to receive an identification code of the recharge card;
查询单元, 用于根据所述充值卡的标识码查询数据库中对应的充值卡 数据并返回充值卡信息, 所述充值卡数据中包括对序列号加密后生成的序 列号密文, 返回的所述充值卡信息包括充值卡面值和 /或充值卡的有效期信 息;  a query unit, configured to query, according to the identifier code of the recharge card, the corresponding recharge card data in the database and return the recharge card information, where the recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned The recharge card information includes recharge card face value and/or expiration date information of the recharge card;
第二接收单元, 用于接收充值确认信息;  a second receiving unit, configured to receive refill confirmation information;
反馈单元, 用于返回所述充值卡的金额以使对接系统对用户帐户进行 充值。 一种充值卡信息查询系统, 包括: The feedback unit is configured to return the amount of the recharge card to enable the docking system to recharge the user account. A recharge card information inquiry system, comprising:
第三接收单元, 用于接收充值卡的序列号;  a third receiving unit, configured to receive a serial number of the recharge card;
加密单元, 用于采用与充值卡数据库中存储的序列号密文相同的加密 方式对所述接收到的充值卡序列号进行加密生成序列号密文;  An encryption unit, configured to encrypt the received recharge card serial number by using the same encryption method as the serial number ciphertext stored in the recharge card database to generate a serial number ciphertext;
查找单元, 用于根据所述序列号密文在充值卡数据库中查找是否有匹 配的序列号密文;  a searching unit, configured to search, in the recharge card database, whether there is a matching serial number ciphertext according to the serial number ciphertext;
获取单元, 用于在所述查找单元查找到所述匹配的序列号密文后, 获 取并返回所述匹配序列号密文对应的充值卡状态信息。  And an obtaining unit, configured to obtain, after the search unit finds the matched sequence number ciphertext, the recharge card status information corresponding to the matching sequence number ciphertext.
现有技术中, 通过充值卡的序列号可以很容易在充值卡数据库中定位 到该序列号对应的充值卡数据表, 从而可以实现备份和重复使用, 而本发 明实施例中, 通过对充值卡的序列号进行加密, 改变了充值卡数据表中序 列号的显示方式, 即由原来的明文变为密文, 这样即使获取一张未使用的 充值卡, 根据该充值卡的序列号 (明文)也无法在数据库中定位对应的充 值卡数据表, 从而无法实现该数据表的备份和充值卡的重复使用, 提高了 充值卡系统的安全性。 附图说明  In the prior art, the recharge card data table corresponding to the serial number can be easily located in the recharge card database by using the serial number of the recharge card, so that backup and reuse can be implemented. In the embodiment of the present invention, the recharge card is used. The serial number is encrypted, and the display mode of the serial number in the recharge card data table is changed, that is, the original plaintext is changed into ciphertext, so that even if an unused recharge card is obtained, the serial number of the recharge card (plain text) is obtained. It is also impossible to locate the corresponding recharge card data table in the database, so that the backup of the data table and the re-use of the recharge card cannot be realized, and the security of the recharge card system is improved. DRAWINGS
为了更清楚地说明本发明实施例的技术方案, 下面将对实施例描述中 所需要使用的附图作一简单地介绍, 显而易见地, 下面描述中的附图仅仅 是本发明的一些实施例, 对于本领域普通技术人员来讲, 在不付出创造性 劳动性的前提下, 还可以根据这些附图获得其他的附图。  In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the following drawings will be briefly described, and the drawings in the following description are only some embodiments of the present invention. It will be apparent to those skilled in the art that other drawings may be obtained from these drawings without the inventive labor.
图 1是本发明实施例一种充值卡生成方法流程图;  1 is a flowchart of a method for generating a recharge card according to an embodiment of the present invention;
图 2是充值卡生成方法实施例的流程图;  2 is a flow chart of an embodiment of a method for generating a recharge card;
图 3是充值卡生成方法另一实施例的流程图;  3 is a flow chart of another embodiment of a method for generating a recharge card;
图 4是本发明实施例一种使用充值卡进行充值的方法流程图; 图 5是本发明实施例一种使用充值卡进行充值的方法时序图; 图 6是本发明实施例一种充值卡信息查询的方法时序图; 图 7是本发明实施例一种充值卡生成装置的结构示意图; 图 8是本发明实施例一种充值卡系统结构示意图; 4 is a flow chart of a method for recharging using a recharge card according to an embodiment of the present invention; FIG. 5 is a timing chart of a method for recharging using a recharge card according to an embodiment of the present invention; FIG. 6 is a recharge card information according to an embodiment of the present invention; Method timing diagram of the query; 7 is a schematic structural diagram of a recharge card generating apparatus according to an embodiment of the present invention; FIG. 8 is a schematic structural diagram of a recharge card system according to an embodiment of the present invention;
图 9是本发明实施例另一种充值卡系统结构示意图;  9 is a schematic structural diagram of another recharge card system according to an embodiment of the present invention;
图 10是本发明实施例一种充值卡信息查询系统结构示意图。 具体实施方式  FIG. 10 is a schematic structural diagram of a recharge card information inquiry system according to an embodiment of the present invention. detailed description
为了使本领域技术人员能进一步了解本发明的特征及技术内容, 请参 阅以下有关本发明的详细说明与附图, 附图仅提供参考与说明, 并非用来 限制本发明。  The detailed description of the present invention and the accompanying drawings are to be understood as
下面结合附图和实施例, 对本发明的技术方案进行描述。  The technical solution of the present invention will be described below with reference to the accompanying drawings and embodiments.
参照图 1, 为本发明实施例一种充值卡生成方法流程图。 该方法可以包括: 步骤 101, 生成充值卡的序列号。 其中, 生成该序列号的方法可采用现有技术, 具体可以根据一定的规 律进行排序或随机生成。 该生成充值卡序列号的过程可以与充值卡密码等 信息的生成同时进行。 生成的序列号为未经加密的序列号即序列号明文。  Referring to FIG. 1, a flowchart of a method for generating a recharge card according to an embodiment of the present invention is shown. The method may include: Step 101: Generate a serial number of the recharge card. The method for generating the serial number may adopt a prior art, and may be sorted or randomly generated according to a certain rule. The process of generating the recharge card serial number can be performed simultaneously with the generation of information such as the recharge card password. The generated serial number is an unencrypted serial number, that is, the serial number is clear.
步骤 102, 对所述序列号进行加密生成序列号密文。  Step 102: Encrypt the serial number to generate a sequence number ciphertext.
本步骤中, 对序列号的加密算法可以是可逆加密算法或不可逆加密算 法等, 如果是不可逆加密算法, 则充值后记录日志时将不记录序列号信息。 步骤 103, 将所述序列号密文存储至充值卡数据库中, 并与所述充值卡 的充值卡数据对应。 本发明实施例中, 通过对充值卡的序列号进行加密, 改变了充值卡数 据表中序列号的显示方式, 即由原来的明文变为密文, 这样即使获取一张 未使用的充值卡, 根据该充值卡的序列号明文也无法在数据库中定位对应 的充值卡数据表, 从而无法实现该数据表的备份和充值卡的重复使用, 提 高了充值卡系统的安全性。 参照图 2, 为充值卡生成方法实施例的流程图, 本实施例以在制卡过程 中加密序列号为例进行说明。 该方法可以包括: 步骤 201, 在制卡过程中生成充值卡密码和序列号。 In this step, the encryption algorithm for the serial number may be a reversible encryption algorithm or an irreversible encryption algorithm. If it is an irreversible encryption algorithm, the serial number information will not be recorded when the log is recorded after recharging. Step 103: Store the serial number ciphertext into the recharge card database, and correspond to the recharge card data of the recharge card. In the embodiment of the present invention, by encrypting the serial number of the recharge card, the display manner of the serial number in the recharge card data table is changed, that is, the original plaintext is changed into ciphertext, so that even if an unused recharge card is obtained, According to the serial number of the recharge card, the plain text cannot be located in the database. The recharging card data table can not realize the backup of the data table and the re-use of the recharge card, thereby improving the security of the recharge card system. Referring to FIG. 2, which is a flowchart of an embodiment of a method for generating a recharge card, the embodiment is described by taking an encrypted serial number in the card making process as an example. The method may include: Step 201: Generate a recharge card password and a serial number in the card making process.
在制卡中心, 充值卡序列号可以与密码同时生成也可分别生成。 本步 骤中生成的密码和序列号均为明文, 也即没有加密的号码。 步骤 202, 对充值卡密码和序列号进行加密生成密码密文和序列号密 文。 其中, 对密码和对序列号可以分别进行加密, 也可釆用同样的方法同 时加密生成各自的密文。 该加密算法可以采用现有技术中的多种算法。 例如: 一张充值卡号为 7533479的充值卡, 充值卡密码是 5219, 其充值 卡序列号为 5538832649, 经过加密后, 充值中心数据库中充值卡表内保存 的对应数据中, 充值卡号是经过加密后的密文 473294932107478, 充值卡密 码密文是 76682432, 充值卡序列号也是经过加密后的密文 6436543654689。 步骤 203 , 将密码密文和序列号密文加载至充值中心的数据库。 加载后, 充值中心的数据库内每个充值卡对应的充值数据表上就会显 示该充值卡的序列号密文、 密码密文等信息, 如下表所示:
Figure imgf000008_0001
In the card making center, the recharge card serial number can be generated simultaneously with the password or separately. The password and serial number generated in this step are plain text, that is, the number is not encrypted. Step 202: Encrypt the recharge card password and the serial number to generate a password ciphertext and a sequence number ciphertext. Wherein, the password and the serial number can be separately encrypted, and the same method can also be used to simultaneously encrypt and generate the respective ciphertext. The encryption algorithm can employ a variety of algorithms in the prior art. For example: A recharge card with a recharge card number of 7533479, the recharge card password is 5219, and the recharge card serial number is 5538832649. After encryption, the corresponding card data stored in the recharge card table in the recharge center database is encrypted. The ciphertext 473294932107478, the recharge card password ciphertext is 76682242, and the recharge card serial number is also encrypted cipher text 6643546654689. Step 203: Load the password ciphertext and the serial number ciphertext into the database of the recharge center. After loading, the recharge data table corresponding to each recharge card in the recharge center database will display the serial number cipher text and password cipher text of the recharge card, as shown in the following table:
Figure imgf000008_0001
本实施例中, 该序列号密文的使用, 使得根据序列号明文无法定位该 序列号在数据库中的对应充值数据表, 提高了充值卡系统的安全性。 参照图 3 , 为充值卡生成方法另一实施例的流程图, 本实施例以在卡加 载激活过程中加密序列号为例进行说明。 In this embodiment, the use of the serial number ciphertext makes it impossible to locate the corresponding recharge data table of the serial number in the database according to the plaintext of the serial number, thereby improving the security of the recharge card system. Referring to FIG. 3, which is a flowchart of another embodiment of a method for generating a recharge card, the embodiment is described by taking an encrypted serial number in the process of card loading activation as an example.
该方法可以包括: 步骤 301, 制卡中心对充值卡密码进行加密生成密码密文后, 将密码密 文和充值卡序列号明文加载至充值中心的充值卡数据库。 步骤 302, 对序列号加密生成序列号密文。 该加密过程与前述实施例相同, 此处不再赘述。 步骤 303, 将序列号密文存储至充值卡数据库中, 并与该充值卡的充值 卡数据对应。  The method may include: Step 301: After the card-making center encrypts the recharge card password to generate the password ciphertext, the password ciphertext and the recharge card serial number plaintext are loaded into the recharge card database of the recharge center. Step 302: Encrypt the serial number to generate a serial number ciphertext. The encryption process is the same as the foregoing embodiment, and details are not described herein again. Step 303: Store the serial number ciphertext in the recharge card database, and correspond to the recharge card data of the recharge card.
在本步骤中, 该存储指采用序列号密文来代替现有技术中采用序列号 明文的方式, 该存储完成后, 每个充值卡对应的充值卡数据表中包含有序 列号密文、 密码密文等数据信息。  In this step, the storage refers to the method of using the serial number ciphertext instead of the plain text in the prior art. After the storage is completed, the recharge card data table corresponding to each recharge card includes the serial number ciphertext and the password. Data information such as cipher text.
本实施例中, 该序列号密文的使用, 使得根据序列号明文无法定位该 序列号在数据库中的对应充值数据表, 提高了充值卡系统的安全性。 参照图 4, 为本发明实施例一种使用充值卡进行充值的方法流程图。 该方法可以包括: 步骤 401, 接收充值卡的标识码。  In this embodiment, the use of the serial number ciphertext makes it impossible to locate the corresponding recharge data table of the serial number in the database according to the plaintext of the serial number, thereby improving the security of the recharge card system. Referring to FIG. 4, it is a flowchart of a method for recharging using a recharge card according to an embodiment of the present invention. The method may include: Step 401: Receive an identification code of the recharge card.
其中, 所述的标识码可以是卡号和 /或密码, 或其它用于在充值时提供 凭证的号码。 用户在使用充值卡进行充值时, 向业务接入点提交充值卡的 标识码, 如卡号和密码, 业务接入点再将该卡号和密码发送至充值中心业 务处理点, 其中, 该卡号和密码为明文, 即未加密。 步骤 402 , 根据所述充值卡标识码查询对应的充值卡数据并返回充值卡 信息, 充值卡数据中包括对序列号加密后生成的序列号密文, 返回的所述 充值卡信息包括充值卡面值和 /或充值卡的有效期信息。 充值中心业务处理点对接收到得卡号和密码进行加密, 该加密方法与 前述制卡中心对充值卡卡号和密码的加密方法相同, 这是为了保证才艮据用 户提交的卡号和密码加密后获得的密文, 可以在充值中心的数据库中找到 匹配的密文, 以进一步查询查询对应的充值卡数据并向业务接入点返回充 值卡信息, 业务接入点进而将充值卡信息返回至用户端。 该查询过程中还 可以包括对业务处理点发送的用户手机号码进行鉴权, 对充值卡数据表的 有效字段进行效验等, 该查询的具体过程为现有技术, 此处不再赘述。 而且, 当根据用户提供的充值卡密码无法查询到匹配的充值卡信息或 脸证、 鉴权等结果失败时, 将向业务接入点返回充值失败的相关结果, 由 业务接入点将此结果返回至用户。 该部分为现有技术, 此处不再赘述。 在该数据库中存储的充值卡数据表中, 并没有显示充值卡序列号的明 文, 而是包含充值卡序列号加密后生成的序列号密文。 返回的充值卡信息 包括充值卡面值和 /或充值卡的有效期等相关信息, 但是不包含充值卡序列 号密文。 The identification code may be a card number and/or a password, or other number for providing a voucher during recharging. When the user uses the recharge card to recharge, the user submits the identification code of the recharge card, such as the card number and password, to the service access point, and the service access point sends the card number and password to the recharge center service processing point, where the card number and password are used. It is plain text, ie it is not encrypted. Step 402: Query the corresponding recharge card data according to the recharge card identification code and return the recharge card information. The recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned recharge card information includes a recharge card denomination. And/or the expiration date of the recharge card. The recharge center service processing point encrypts the received card number and password. The encryption method is the same as the encryption method of the card-making center for the recharge card number and password. This is to ensure that the card number and password submitted by the user are encrypted. The ciphertext can find the matching ciphertext in the database of the recharge center to further query the corresponding recharge card data and return the recharge card information to the service access point, and the service access point returns the recharge card information to the client end. . The query process may further include authenticating the user's mobile phone number sent by the service processing point, and validating the valid field of the recharge card data table. The specific process of the query is a prior art, and details are not described herein. Moreover, when the matching recharge card information cannot be queried according to the user's recharge card password, or the result of the face card authentication, authentication, etc. fails, the related result of the refill failure is returned to the service access point, and the result is obtained by the service access point. Return to the user. This part is prior art and will not be described here. In the recharge card data table stored in the database, the plaintext of the recharge card serial number is not displayed, but the serial number ciphertext generated by encrypting the recharge card serial number is included. The returned recharge card information includes information such as the recharge card face value and/or the expiration date of the recharge card, but does not include the recharge card serial number ciphertext.
步骤 403, 接收充值确认信息。 当业务接入点接受到用户确认充值的信息后, 将该信息发送至充值中 心业务处理点。 步骤 404, 返回充值卡金额以进行充值。 充值中心业务处理点将充值卡数据表中的充值卡金额反馈至业务接入 点等对接系统, 由业务接入点进行用户账号金额的更新, 并将结果反馈给 用户。 本发明实施例中, 充值卡数据表中序列号的显示方式, 即由原来的明 文变为密文, 这样即使获取一张未使用的充值卡, 根据该充值卡的序列号 明文也无法在数据库中定位对应的充值卡数据表, 从而无法实现该数据表 的备份和充值卡的重复使用, 提高了充值卡系统的安全性。 参照图 5 , 为本发明实施例一种使用充值卡进行充值的方法时序图。 该方法可以包括: 步骤 501 , 接收充值卡的密码。 本实施例中采用的充值卡的标识码为充值卡的密码。 步骤 502, 根据所述充值卡密码查询对应的充值卡数据并返回充值卡信 息, 充值卡数据中包括对序列号加密后生成的序列号密文, 返回的所述充 值卡信息包括充值卡面值和 /或充值卡的有效期信息。 步骤 503, 接收充值确认信息。 上步骤 501〜步骤 503与前述实施例的对应步骤类似, 此处不再赘述。 步骤 504, 更新所述充值卡的状态信息, 并更改所述充值卡数据中的密 码密文。 将充值卡的状态更新为已使用状态。 其中对密码密文的更改有多种方 式, 例如可以再经过一次加密运算产生新的密文等, 在本实施例中采用的 是在密码密文中随机选择位置插入随机数。 例如, 用户确认充值后, 充值中心使用随机数算法 (例如三位随机数 269 )随机插入此充值卡的密码密文中,密码密文由原来的 473294932107478 可能变成 472329496321074798, 原密文被破坏。 用户确认充值后, 如果后 续记录日志时如果需要记录充值卡序列号, 则转入步骤 505。 步骤 505 , 对所述充值卡数据中的序列号密文进行解密获得序列号明 文, 使用所述序列号明文记录充值日志。 步骤 506, 返回所述充值卡的金额以进行充值。 上述步骤中, 步骤 504〜步骤 506的顺序可以进行调整, 以形成不同的技 术方案, 均在权利要求的保护范围之内。 首先, 本实施例中, 该序列号密文的使用, 使得根据序列号明文无法 定位该序列号在数据库中的对应充值数据表, 以前述为例企图盗用者拿到 的充值卡序列号为明文 5538832649,而数据库中存放的是密文 Step 403: Receive recharge confirmation information. After the service access point receives the information that the user confirms the recharge, the service access point sends the information to the recharge center service processing point. Step 404, returning the recharge card amount for recharging. The recharge center business processing point feeds back the recharge card amount in the recharge card data table to the docking system such as the service access point, and the service access point updates the user account amount, and feeds the result back to the user. In the embodiment of the present invention, the display manner of the serial number in the recharge card data table is changed from the original plaintext to the ciphertext, so that even if an unused recharge card is obtained, the plaintext according to the serial number of the recharge card cannot be in the database. The corresponding recharge card data table is located in the middle, so that the backup of the data table and the re-use of the recharge card cannot be realized, and the security of the recharge card system is improved. Referring to FIG. 5, it is a timing diagram of a method for recharging using a recharge card according to an embodiment of the present invention. The method may include: Step 501: Receive a password of a recharge card. The identification code of the recharge card used in this embodiment is the password of the recharge card. Step 502: Query the corresponding recharge card data according to the recharge card password and return the recharge card information. The recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned recharge card information includes a recharge card face value and / or the validity period of the recharge card. Step 503: Receive recharge confirmation information. The previous steps 501 to 503 are similar to the corresponding steps in the foregoing embodiment, and are not described herein again. Step 504: Update status information of the recharge card, and change a password ciphertext in the recharge card data. Update the status of the recharge card to the used status. There are various ways to change the password ciphertext. For example, a new ciphertext can be generated by performing an encryption operation. In this embodiment, a random insertion number is randomly selected in the ciphertext. For example, after the user confirms the recharge, the recharge center randomly inserts the password ciphertext of the recharge card using a random number algorithm (for example, a three-digit random number 269), and the password ciphertext may become 472329496321074798 from the original 473294932107478, and the original ciphertext is destroyed. After the user confirms the recharge, if it is necessary to record the recharge card serial number when the log is subsequently recorded, the process proceeds to step 505. Step 505: Decrypt the serial number ciphertext in the recharge card data to obtain a sequence number plaintext, and use the serial number plaintext to record the recharge log. Step 506, returning the amount of the recharge card for recharging. In the above steps, the order of steps 504 to 506 can be adjusted to form different technical solutions, which are all within the protection scope of the claims. First, in this embodiment, the use of the serial number ciphertext makes it impossible to locate the corresponding recharge data table of the serial number in the database according to the plaintext of the serial number, and the recharge card serial number obtained by the pirate is used as the plaintext. 5538832649, and the ciphertext is stored in the database.
6436543654689 , 无法在数据库中直接查到相应的记录, 从而无法在充值前 备份相关原始数据, 提高了充值卡系统的安全性。 其次, 通过在接收到用户的充值确认信息后, 对该充值卡数据库中得 密码密文进行更改破坏, 即使企图盗用者在数据库中找到对应充值卡记录 的时候, 此时充值卡密码密文已经被随机数污染性破坏, 以前述为例, 此 时数据库的密码密文已经变成 472329496321074798, 用户再使用原充值卡 密码明文进行充值, 充值中心加密后密文为 473294932107478, 无法在数据 库中匹配到相应的记录。 此充值卡将无法被再次应用充值, 也无法通过更 新再次使用。 再者, 充值日志中记录的是充值卡序列号明文, 内部用户查看充值曰 志的时候, 仍然看到的是充值卡序列号明文, 用户仍然无法通过充值卡序 列号定位到数据库中的充值卡记录, 也进一步保证了充值卡不会被重复使 用。 在充值中心的数据库中, 由于充值卡数据表中序列号已经加密为密文, 采用现有的充值卡信息查询方法, 已经不能进行信息查询了, 下面就信息 查询的方法通过具体实施例进行详细说明。 参照图 6, 为本发明实施例一种充值卡信息查询的方法时序图。 该方法可以包括: 步骤 601 , 接收充值卡的序列号。 业务控制点接收到用户输入的序列号后, 转发给充值中心业务处理点, 其中, 该业务处理点接收到得序列号为序列号明文。 步骤 602, 对接收到的充值卡序列号进行加密生成序列号密文。 由充值中心业务处理点釆用与充值卡数据库中存储的序列号密文相同 的加密方式对接收到得序列号进行加密。 步骤 603, 根据所述序列号密文在充值卡数据库中查找是否有匹配的序 列号密文。 由于序列号密文与所述匹配序列号密文的密文生成方法相同, 所以如 果该充值卡合法, 根据上步骤中加密产生的序列号密文, 在充值中心的充 值卡数据库中一定可以找到匹配的序列号密文, 所谓匹配可以指相同。 步骤 604, 若有, 则获取并返回所述匹配序列号密文对应的充值卡状态 信息。 6436543654689, unable to directly find the corresponding records in the database, so that it is impossible to back up the relevant original data before recharging, which improves the security of the recharge card system. Secondly, after receiving the user's recharge confirmation information, the password ciphertext in the recharge card database is changed and destroyed, even if the attempted pirate finds the corresponding recharge card record in the database, then the recharge card password ciphertext has been The random number is polluted. Take the foregoing as an example. At this time, the password ciphertext of the database has become 472329496321074798. The user then recharges the original recharge card password, and the ciphertext after the recharge center is 473294932107478, which cannot be matched in the database. The corresponding record. This recharge card will not be refilled again and will not be used again via the update. In addition, the recharge log records the replenishment card serial number plaintext. When the internal user views the recharge account, the user still sees the recharge card serial number plaintext, and the user still cannot locate the recharge card in the database through the recharge card serial number. The record also further ensures that the recharge card will not be reused. In the database of the recharge center, since the serial number in the recharge card data table has been encrypted into ciphertext, the existing recharge card information query method can not be used for information inquiry. The following method for information query is detailed by specific embodiments. Description. Referring to FIG. 6, a timing diagram of a method for querying recharge card information according to an embodiment of the present invention is shown. The method can include: Step 601: Receive a serial number of the recharge card. After receiving the serial number entered by the user, the service control point forwards the sequence to the service processing point of the recharge center, where the serial number received by the service processing point is the plaintext of the serial number. Step 602: Encrypt the received recharge card serial number to generate a sequence number ciphertext. The received serial number is encrypted by the refill center service processing point using the same encryption method as the serial number ciphertext stored in the recharge card database. Step 603: Search, according to the sequence number ciphertext, whether there is a matching sequence number ciphertext in the recharge card database. Since the ciphertext generation method of the serial number ciphertext is the same as the ciphertext generation method of the matching ciphertext, if the recharge card is legal, according to the ciphertext generated by the encryption in the previous step, it can be found in the recharge card database of the recharge center. The matching serial number ciphertext, the so-called matching can mean the same. Step 604, if yes, acquiring and returning the recharge card status information corresponding to the matching sequence number ciphertext.
查询到匹配的序列号密文后, 充值中心业务处理点对该充值卡数据表 进行读取, 获取其中的充值金额、 有效期、 使用状态等信息进行反馈, 返 回业务控制点, 由业务控制点进一步返回给用户, 完成查询操作。 本实施例中, 充值中心数据库的充值卡数据表中, 序列号均采用密文 设置, 查询过程中充值中心通过对接收的序列号明文进行加密, 且仍然采 用序列号密文进行查询, 因此无法获得充值卡序列号明文对应的充值卡数 据表, 也就无法重复使用该充值卡, 从而提高了充值卡系统的安全性。 本领域普通技术人员可以理解实现上述实施例方法中的全部或部分步 骤是可以通过程序来指令相关的硬件来完成, 所述的程序可以存储于一计 算机可读取存储介质中, 该程序在执行时, 包括以下步骤: (方法的步骤), 所述的存储介质, 如: ROM/RAM、 磁碟、 光盘等。 以上对充值卡生成方法、 充值方法和查询方法进行了详细说明, 下面 通过具体实施例对各方法对应的装置或系统进行说明。 参照图 7, 为本发明实施例一种充值卡生成装置的结构示意图。 该充值卡生成装置可以包括序列号生成模块 701、 加密模块 702和存储 模块 703。 序列号生成模块 701 , 用于生成充值卡的序列号。 After the matching ciphertext of the serial number is queried, the recharge center business processing point reads the recharge card data table, obtains information such as the recharge amount, validity period, and usage status, and returns the information to the service control point, further by the service control point. Return to the user, complete the query operation. In this embodiment, in the recharge card data table of the recharge center database, the serial number is set in the ciphertext, and the refill center encrypts the received serial number plaintext during the query, and still uses the serial number ciphertext for query, so The recharge card data table corresponding to the clear text of the recharge card serial number is obtained, and the recharge card cannot be reused, thereby improving the security of the recharge card system. A person skilled in the art can understand that all or part of the steps of implementing the foregoing embodiments may be completed by a program instructing related hardware, and the program may be stored in a computer readable storage medium, and the program is executed. The method includes the following steps: (step of the method), the storage medium, such as: ROM/RAM, disk, optical disk, and the like. The method for generating a recharge card, the method for recharging, and the method for querying are described in detail above. The device or system corresponding to each method will be described below by way of specific embodiments. FIG. 7 is a schematic structural diagram of a recharge card generating apparatus according to an embodiment of the present invention. The recharge card generating device may include a serial number generating module 701, an encryption module 702, and a storage module 703. The serial number generating module 701 is configured to generate a serial number of the recharge card.
加密模块 702, 用于对所述序列号进行加密生成序列号密文。 存储模块 703, 用于将所述序列号密文存储至充值卡数据库中, 并与所 述充值卡的充值卡数据对应。 其中, 该装置的上述三个模块可以设置在制卡中心, 由制卡中心通过 序列号生成模块 701生成充值卡的序列号, 该生成过程可以与充值卡密码的 生成方式相同, 然后通过加密模块 702对序列号进行加密产生序列号密文, 最后通过存储模块 703将序列号密文存入充值中心的充值卡数据库中, 并且 与充值卡的其它数据对应, 也即在该数据库中该充值卡的数据表中, 充值 卡序列号信息部分显示的是序列号密文而非序列号明文。 另外, 该装置的上述三个模块也可以不都设置在制卡中心, 可以将序 列号生成模块 701设置在制卡中心, 而将加密模块 702和存储模块 703设置在 充值中心。 由制卡中心通过序列号生成模块 701生成充值卡的序列号, 然后 由充值中心通过加密模块 702对该序列号进行加密生成序列号密文, 再由存 储模块 703将序列号密文连同充值卡的其它数据存储在该充值卡的数据表 中, 在该充值卡的数据表中, 充值卡序列号信息部分显示的也是序列号密 文而非序列号明文。 本实施例通过上述充值卡生成装置的三个模块, 实现了充值卡数据库 中充值卡序列号信息以密文形式显示而非明文, 使得根据充值卡的序列号 明文无法在数据库中查找到对应的充值卡数据表, 解决了充值卡重复使用 的问题, 提高了充值卡系统的安全性。 参照图 8, 为本发明实施例一种充值卡系统的结构示意图。 该系统可以包括第一接收单元 801、 查询单元 802、 第二接收单元 803和 反馈单元 804。 第一接收单元 801, 用于接收充值卡的标识码。 查询单元 802, 用于根据接收的充值卡标识码查询对应的充值卡数据并 返回充值卡信息, 其中, 充值卡数据中包括对序列号加密后生成的序列号 密文, 返回的充值卡信息包括充值卡面值和 /或充值卡的有效期信息。 第二接收单元 803, 用于接收充值确认信息。 反馈单元 804, 用于返回所述充值卡的金额以使对接系统对用户帐户进 行充值。 本实施例通过上述四个单元实现了充值, 并且充值卡数据中包括对充 值卡序列号加密后生成的序列号密文, 也即充值卡数据库中充值卡序列号 信息以密文形式显示而非明文, 使得根据充值卡的序列号明文无法在数据 库中查找到对应的充值卡数据表, 解决了充值卡重复使用的问题, 提高了 充值系统的安全性。 参照图 9, 为本发明实施例另一种充值卡系统的结构示意图。 在本实施例中, 该系统除了包括第一接收单元 901、 查询单元 902、 第 二接收单元 903和反馈单元 904,还可以包括状态更新单元 905、解密单元 906 和记录单元 907。 其中, 第一接收单元 901、 查询单元 902、 第二接收单元 903 和反馈单元 904与图 8所示实施例中的相应单元类似, 此处不再赘述。 状态更新单元 905, 用于在第二接收单元 903接收到充值确认信息之后, 更新所述充值卡的状态信息, 并更改所述充值卡数据中的标识码密文。 解密单元 906, 用于在第二接收单元接收到充值确认信息之后, 对所述 充值卡数据中的序列号密文进行解密获得序列号明文。 记录单元 907, 用于使用所述序列号明文记录充值日志。 在充值过程中, 业务接入点接收到用户输入的充值卡标识码后转发该 标识码至本系统的第一接收单元 901, 查询单元 902通过该标识码查询到匹 配的充值卡信息后经业务接入点返回至用户端, 在第二接收单元 903接收到 用户的充值确认信息后, 状态更新单元 905更新所述充值卡的状态信息, 并 更改充值卡数据中的标识码密文, 状态更新单元 905具体可以通过在所述标 识码密文中插入随机数更改充值卡数据中的标识码密文; 在记录日志时, 如果需要记录充值卡的序列号, 则由解密单元 906对所述充值卡数据中的序 列号密文进行解密获得序列号明文, 由记录单元 907使用所述序列号明文记 录充值日志; 反馈单元 904返回充值卡的金额至业务接入点等对接系统, 业 务接入点更新用户账户余额, 并向用户返回结果。 其中, 状态更新单元 905 对充值卡状态的更新和标识码密文的破坏过程, 解密单元 906和记录单元 907对充值日志的记录过程, 以及反馈单元 904的反馈过程可以同时执行, 也可按照一定的顺序进行, 此处不作限定。 而且, 查询单元 902当根据用户提供的充值卡标识码无法查询到匹配的 充值卡信息或验证、 鉴权等结果失败时, 将向业务接入点返回充值失败的 相关结果, 由业务接入点将此结果返回至用户。 该情况为现有技术, 此处 不再赘述。 本实施例中, 该序列号密文的使用使得根据序列号明文无法定位该序 列号在数据库中的对应充值数据表, 提高了充值卡使用的安全性。 而且通 过在接收到用户的充值确认信息后, 对该充值卡数据库中标识码密文进行 更改破坏, 使盗用者即使修改充值卡状态后, 利用此充值卡标识码明文进 行重复使用时, 因充值卡标识码密文已经被随机数污染性破坏, 充值中心 无法在数据库中匹配到响应的记录, 而使重复充值失败。 再者, 充值曰志 中记录的是充值卡序列号明文, 内部用户查看充值日志的时候, 用户仍然 无法通过充值卡序列号定位到数据库中的充值卡记录, 也进一步保证了充 值卡不会被重复使用, 从而提高了充值卡系统的安全性。 参照图 10 , 为本发明实施例一种充值卡信息查询系统结构示意图。 该系统可以包括: 第三接收单元 1001 , 用于接收充值卡的序列号。 加密单元 1002, 用于采用与充值卡数据库中存储的序列号密文相同的 加密方式对接收的充值卡序列号进行加密生成序列号密文。 查找单元 1003, 用于根据所述序列号密文在充值卡数据库中查找是否 有匹配的序列号密文。 获取单元 1004, 用于在所述查找单元 1003查找到所述匹配的序列号密 文后, 获取并返回所述匹配序列号密文对应的充值卡状态信息。 业务控制点在接收到用户提供的充值卡序列号明文后转发至本系统的 第三接收单元 1001 , 加密单元 1002对第三接收单元 1001接收到的序列号明 文进行加密生成该序列号的密文, 查找单元 1003根据序列号密文在充值卡 数据库中查找是否有匹配的序列号密文, 在查找单元 1003查找到所述匹配 的序列号密文后, 获取单元 1004获取并返回所述匹配序列号密文对应的充 值卡状态信息。 如果查找单元 1003找不到匹配的序列号密文则向业务控制 点返回查询失败信息。 本实施例中, 通过加密单元 1002对接收的序列号进行加密, 使得充值 中心在查找过程中均使用序列号密码进行, 使内部用户仍然无法获得序列 号明文和密文的对应关系, 因此无法获得充值卡序列号明文对应的充值卡 数据表, 也就无法重复使用该充值卡, 从而提高了安全性。 以上装置或系统实施例中, 各模块或单元的具体实现过程请参照前述 方法实施例对应部分的描述, 此处不再赘述。 The encryption module 702 is configured to encrypt the serial number to generate a serial number ciphertext. The storage module 703 is configured to store the serial number ciphertext in the recharge card database, and corresponding to the recharge card data of the recharge card. The above three modules of the device may be disposed at the card making center, and the serial number generating module 701 generates a serial number of the recharge card by the card making center, and the generating process may be the same as the generating method of the recharge card password, and then pass the encryption module. 702 encrypts the serial number to generate a serial number ciphertext, and finally stores the serial number ciphertext in the recharge card database of the recharge center through the storage module 703, and corresponds to other data of the recharge card, that is, the recharge card in the database In the data table, the recharge card serial number information part shows the serial number ciphertext instead of the serial number plaintext. In addition, the above three modules of the device may not be disposed at the card making center, the serial number generating module 701 may be disposed at the card making center, and the encryption module 702 and the storage module 703 may be disposed at the refill center. The serial number of the recharge card is generated by the card making center through the serial number generating module 701, and then the serial number is encrypted by the recharging center through the encryption module 702 to generate a serial number ciphertext, and the storage module 703 adds the serial number ciphertext together with the recharge card. The other data is stored in the data table of the recharge card. In the data table of the recharge card, the recharge card serial number information portion also displays the sequence number ciphertext instead of the sequence number plaintext. In this embodiment, through the three modules of the above-mentioned recharge card generating device, the refill card serial number information in the refill card database is displayed in cipher text instead of plaintext, so that the serial number according to the recharge card is obtained. The plaintext cannot find the corresponding recharge card data table in the database, solves the problem of re-use of the recharge card, and improves the security of the recharge card system. FIG. 8 is a schematic structural diagram of a prepaid card system according to an embodiment of the present invention. The system can include a first receiving unit 801, a query unit 802, a second receiving unit 803, and a feedback unit 804. The first receiving unit 801 is configured to receive an identification code of the recharge card. The query unit 802 is configured to query the corresponding recharge card data according to the received recharge card identification code and return the recharge card information, where the recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned recharge card information includes Recharge card face value and / or recharge card validity period information. The second receiving unit 803 is configured to receive refill confirmation information. The feedback unit 804 is configured to return the amount of the recharge card to enable the docking system to recharge the user account. In this embodiment, the refilling is implemented by using the above four units, and the recharge card data includes the serial number ciphertext generated after encrypting the recharge card serial number, that is, the recharge card serial number information in the recharge card database is displayed in cipher text instead of In plain text, the corresponding recharge card data table cannot be found in the database according to the serial number of the recharge card, which solves the problem of re-use of the recharge card and improves the security of the recharge system. FIG. 9 is a schematic structural diagram of another recharge card system according to an embodiment of the present invention. In this embodiment, the system includes a first update unit 901, a query unit 902, a second receiving unit 903, and a feedback unit 904, and may further include a status update unit 905, a decryption unit 906, and a recording unit 907. The first receiving unit 901, the querying unit 902, the second receiving unit 903, and the feedback unit 904 are similar to the corresponding units in the embodiment shown in FIG. 8, and details are not described herein again. The status update unit 905 is configured to: after the second receiving unit 903 receives the refill confirmation information, update the status information of the recharge card, and change the identification code ciphertext in the recharge card data. The decryption unit 906 is configured to decrypt the serial number ciphertext in the recharge card data after the second receiving unit receives the refill confirmation information to obtain a sequence number plaintext. The recording unit 907 is configured to record the refill log by using the serial number plaintext. In the recharging process, after receiving the recharge card identification code input by the user, the service access point forwards the identification code to the first receiving unit 901 of the system, and the query unit 902 queries the matched recharge card information through the identification code. The access point returns to the user end. After the second receiving unit 903 receives the recharge confirmation information of the user, the status update unit 905 updates the status information of the recharge card, and changes the identification code ciphertext in the recharge card data, and the status update. The unit 905 may specifically change the identification code ciphertext in the recharge card data by inserting a random number in the identification code ciphertext; when recording the log, if the serial number of the recharge card needs to be recorded, the recharging card is decrypted by the decryption unit 906 The serial number ciphertext in the data is decrypted to obtain the clear text of the serial number, and the recording unit 907 records the refill log using the serial number plaintext; the feedback unit 904 returns the amount of the recharge card to the docking system such as the service access point, and the service access point is updated. User account balance and return results to the user. The status update unit 905 may perform the update process of the recharge card status and the destruction process of the identification code ciphertext, the recording process of the recharge log by the decryption unit 906 and the recording unit 907, and the feedback process of the feedback unit 904 may be performed simultaneously, or may be performed according to a certain The order is carried out, which is not limited here. Moreover, when the querying unit 902 fails to query the matching recharge card information according to the recharge card identification code provided by the user, or fails to verify, the authentication, etc., the query unit 902 returns a related result of the recharging failure to the service access point, and the service access point Return this result to the user. This situation is prior art and will not be described here. In this embodiment, the use of the serial number ciphertext makes it impossible to locate the corresponding recharge data table of the serial number in the database according to the plaintext of the serial number, thereby improving the security of the use of the recharge card. Moreover, after receiving the recharge confirmation information of the user, the identification code ciphertext in the recharge card database is modified and destroyed, so that the thief uses the recharge card identification code to re-use the plaintext even if the recharge card status is modified, because the recharge is performed. Card identification code ciphertext has been polluted by random numbers, recharge center The record of the response could not be matched in the database, and the refill failed. Furthermore, the recharge card records the plain text of the recharge card serial number. When the internal user views the recharge log, the user still cannot locate the recharge card record in the database through the recharge card serial number, which further ensures that the recharge card will not be Reuse, which increases the security of the recharge card system. FIG. 10 is a schematic structural diagram of a recharge card information inquiry system according to an embodiment of the present invention. The system may include: a third receiving unit 1001, configured to receive a serial number of the recharge card. The encryption unit 1002 is configured to encrypt the received recharge card serial number by using the same encryption method as the serial number ciphertext stored in the recharge card database to generate a serial number ciphertext. The searching unit 1003 is configured to search, in the recharge card database, whether there is a matching sequence number ciphertext according to the serial number ciphertext. The obtaining unit 1004 is configured to obtain, after the searching unit 1003 finds the matched sequence number ciphertext, the recharge card status information corresponding to the matching sequence number ciphertext. The service control point is forwarded to the third receiving unit 1001 of the system after receiving the plain text of the recharge card serial number provided by the user, and the encryption unit 1002 encrypts the plaintext received by the third receiving unit 1001 to generate the ciphertext of the serial number. The searching unit 1003 searches for the matching sequence number ciphertext in the refill card database according to the sequence number ciphertext. After the searching unit 1003 finds the matched sequence number ciphertext, the obtaining unit 1004 obtains and returns the matching sequence. The status information of the recharge card corresponding to the cipher text. If the search unit 1003 cannot find the matching serial number ciphertext, the query failure information is returned to the service control point. In this embodiment, the received sequence number is encrypted by the encryption unit 1002, so that the recharge center uses the serial number password in the search process, so that the internal user still cannot obtain the correspondence between the plaintext and the ciphertext of the serial number, and thus cannot obtain the serial number. If the recharge card data table corresponding to the clear text of the card serial number is used, the recharge card cannot be reused, thereby improving the security. For the specific implementation process of each module or unit in the above device or system embodiment, refer to the description of the corresponding part in the foregoing method embodiment, and details are not described herein again.
以上所述的本发明实施方式, 并不构成对本发明保护范围的限定。 任 何在本发明的精神和原则之内所作的修改、 等同替换和改进等, 均应包含 在本发明的权利要求保护范围之内。  The embodiments of the present invention described above are not intended to limit the scope of the present invention. Any modifications, equivalent substitutions and improvements made within the spirit and scope of the invention are intended to be included within the scope of the appended claims.

Claims

权利要求 Rights request
1、 一种充值卡生成方法, 其特征在于, 包括: 生成充值卡的序列号; 对所述序列号进行加密生成序列号密文; 将所述序列号密文存储至充值卡数据库中, 并与所述充值卡的充值卡 数据对应。 A method for generating a recharge card, comprising: generating a serial number of a recharge card; encrypting the serial number to generate a serial number ciphertext; storing the serial ciphertext in a recharge card database, and Corresponding to the recharge card data of the recharge card.
2、 根据权利要求 1所述的方法, 其特征在于, 在制卡过程中或在卡加 载激活过程中对所述序列号进行加密生成序列号密文。 2. The method according to claim 1, wherein the serial number is encrypted during a card making process or during a card loading activation process to generate a serial number ciphertext.
3、 一种使用充值卡进行充值的方法, 其特征在于, 包括: 接收充值卡的标识码; 3. A method for recharging using a recharge card, comprising: receiving an identification code of a recharge card;
根据所述充值卡的标识码在数据库中查询对应的充值卡数据并返回充 值卡信息, 所述充值卡数据包括对序列号加密后生成的序列号密文, 返回 的所述充值卡信息包括充值卡面值和 /或充值卡的有效期信息; 接收充值确认信息;  And searching for the corresponding recharge card data in the database according to the identification code of the recharge card, and returning the recharge card information, where the recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned recharge card information includes recharging Card face value and/or expiration date information of the recharge card; receiving recharge confirmation information;
返回所述充值卡的金额以使对接系统对用户帐户进行充值。  The amount of the recharge card is returned to enable the docking system to recharge the user account.
4、 根据权利要求 3所述的方法, 其特征在于, 在所述接收充值确认信 息之后, 还包括: 更新所述充值卡的状态信息, 并更改所述充值卡数据中的标识码密文。The method according to claim 3, after the receiving the refill confirmation information, further comprising: updating status information of the recharge card, and changing the identification code ciphertext in the recharge card data.
5、 根据权利要求 4所述的方法, 其特征在于, 所述更改所述充值卡数 据中的标识码密文具体包括: 在所述标识码密文中随机选择位置插入随机数。 The method according to claim 4, wherein the modifying the identification code ciphertext in the recharge card data comprises: randomly selecting a location insertion random number in the identification code ciphertext.
6、 根据权利要求 3所述的方法, 其特征在于, 在所述接收充值确认信 息后, 还包括: 对所述充值卡数据中的序列号密文进行解密获得序列号明文; 使用所述序列号明文记录充值日志。 The method according to claim 3, after the receiving the refill confirmation information, further comprising: decrypting the serial number ciphertext in the recharge card data to obtain a sequence number plaintext; using the sequence No. Clear text record recharge log.
7、 一种充值卡信息查询方法, 其特征在于, 包括: 接收充值卡的序列号;  7. A method for querying recharge card information, comprising: receiving a serial number of a recharge card;
釆用与充值卡数据库中存储的序列号密文相同的加密方式对所述接收 到的充值卡序列号进行加密生成序列号密文;  And encrypting the received recharge card serial number by using the same encryption method as the serial number ciphertext stored in the recharge card database to generate a serial number ciphertext;
根据所述序列号密文在充值卡数据库中查找是否有匹配的序列号密 文;  Finding, according to the serial number ciphertext, whether there is a matching serial number ciphertext in the recharge card database;
若有, 则获取并返回所述匹配序列号密文对应的充值卡状态信息。 If yes, the status information of the refill card corresponding to the matching sequence number ciphertext is obtained and returned.
8、 一种充值卡生成装置, 其特征在于, 包括: 序列号生成模块, 用于生成充值卡的序列号; 加密模块, 用于对所述序列号进行加密生成序列号密文; 存储模块, 用于将所述序列号密文存储至充值卡数据库中, 并与所述 充值卡的充值卡数据对应。 8. A recharge card generating device, comprising: a serial number generating module, configured to generate a serial number of a recharge card; an encryption module, configured to encrypt the serial number to generate a serial number ciphertext; a storage module, And storing the serial number ciphertext in the recharge card database, and corresponding to the recharge card data of the recharge card.
9、 一种充值卡系统, 其特征在于, 包括: 第一接收单元, 用于接收充值卡的标识码; 查询单元, 用于根据所述充值卡的标识码查询数据库中对应的充值卡 数据并返回充值卡信息, 所述充值卡数据中包括对序列号加密后生成的序 列号密文, 返回的所述充值卡信息包括充值卡面值和 /或充值卡的有效期信 息;  A recharge card system, comprising: a first receiving unit, configured to receive an identification code of a recharge card; and a query unit, configured to query a corresponding recharge card data in the database according to the identification code of the recharge card Returning the recharge card information, the recharge card data includes a sequence number ciphertext generated by encrypting the serial number, and the returned recharge card information includes recharge card face value and/or expiration date information of the recharge card;
第二接收单元, 用于接收充值确认信息; 反馈单元, 用于返回所述充值卡的金额以使对接系统对用户帐户进行 充值。 a second receiving unit, configured to receive refill confirmation information; The feedback unit is configured to return the amount of the recharge card to enable the docking system to recharge the user account.
10、 根据权利要求 9所述的系统, 其特征在于, 还包括: 状态更新单元, 用于在所述第二接收单元接收到充值确认信息之后, 更新所述充值卡的状态信息, 并更改所述充值卡数据中的标识码密文。  The system according to claim 9, further comprising: a status update unit, configured to: after the second receiving unit receives the refill confirmation information, update status information of the recharge card, and change the location The identification code ciphertext in the recharge card data.
11、 根据权利要求 10所述的系统, 其特征在于, 所述状态更新单元具体通过在所述标标识码密文中随机选择位置插入 随机数更改所述充值卡数据中的标识码密文。 The system according to claim 10, wherein the status update unit specifically changes the identification code ciphertext in the recharge card data by randomly selecting a location insertion random number in the target identification code ciphertext.
12、 根据权利要求 9所述的系统, 其特征在于, 还包括: 解密单元, 用于在所述第二接收单元接收到充值确认信息之后, 对所 述充值卡数据中的序列号密文进行解密获得序列号明文; The system according to claim 9, further comprising: a decryption unit, configured to perform, after the second receiving unit receives the refill confirmation information, perform a sequence number ciphertext in the recharge card data Decrypt to obtain the clear text of the serial number;
记录单元, 用于使用所述序列号明文记录充值日志。  a recording unit, configured to record the refill log by using the serial number plaintext.
13、 一种充值卡信息查询系统, 其特征在于, 包括: 第三接收单元, 用于接收充值卡的序列号; 加密单元, 用于釆用与充值卡数据库中存储的序列号密文相同的加密 方式对所述接收到的充值卡序列号进行加密生成序列号密文; 查找单元, 用于根据所述序列号密文在充值卡数据库中查找是否有匹 配的序列号密文; 获取单元, 用于在所述查找单元查找到所述匹配的序列号密文后, 获 取并返回所述匹配序列号密文对应的充值卡状态信息。 13. A recharge card information inquiry system, comprising: a third receiving unit, configured to receive a serial number of a recharge card; and an encryption unit, configured to use the same sequence number ciphertext as stored in the recharge card database The encryption method encrypts the received recharge card serial number to generate a sequence number ciphertext; the searching unit is configured to search, in the recharge card database, whether there is a matching sequence number ciphertext according to the sequence number ciphertext; And after the search unit finds the matched sequence number ciphertext, obtains and returns the recharge card status information corresponding to the matching sequence number ciphertext.
PCT/CN2010/079622 2009-12-11 2010-12-09 Method and system for generating, recharging and querying rechargeable card WO2011069460A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2009102543285A CN102098401A (en) 2009-12-11 2009-12-11 Voucher card generating, charging and inquiring methods and systems
CN200910254328.5 2009-12-11

Publications (1)

Publication Number Publication Date
WO2011069460A1 true WO2011069460A1 (en) 2011-06-16

Family

ID=44131258

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/079622 WO2011069460A1 (en) 2009-12-11 2010-12-09 Method and system for generating, recharging and querying rechargeable card

Country Status (2)

Country Link
CN (1) CN102098401A (en)
WO (1) WO2011069460A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103944878A (en) * 2014-03-10 2014-07-23 航天数字传媒有限公司 Application and manufacturing method and system for satellite digital service rechargeable cards

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103118351B (en) * 2013-01-17 2015-08-05 北京印天网真科技有限公司 The generation method and apparatus of repaid card data
CN106874743B (en) * 2016-12-29 2020-07-10 上海雷塔智能科技有限公司 Method and system for storing and extracting smart card password
CN106815761B (en) * 2016-12-31 2020-12-15 中国移动通信集团江苏有限公司 Electronic rechargeable card processing method, device and system
CN107391762B (en) * 2017-08-28 2021-02-05 京信通信系统(中国)有限公司 Log data processing method and device
CN112101935A (en) * 2020-09-11 2020-12-18 上海阿吉必信息技术有限公司 Processing method and device for block chain rechargeable card
CN112131542B (en) * 2020-09-23 2024-03-26 北京达佳互联信息技术有限公司 Data processing method, device and server
CN113721887A (en) * 2021-08-30 2021-11-30 上海通联金融服务有限公司 Method for generating system card number by random hash algorithm

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101174321A (en) * 2006-11-01 2008-05-07 上海融兴网络科技有限公司 Charging method for mobile electronic payment system
WO2008095367A1 (en) * 2007-01-31 2008-08-14 Huawei Technologies Co., Ltd. A card issuing method, device and system
CN101252628A (en) * 2008-04-14 2008-08-27 中兴通讯股份有限公司 System and method for recharging based on recharging card
CN101360159A (en) * 2008-09-26 2009-02-04 中兴通讯股份有限公司 Implementing method and apparatus for independent VC system accommodating different charging cards

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1913547B (en) * 2006-08-28 2010-05-12 华为技术有限公司 Card distributing user terminer, paying center, and method and system for protecting repaid card data

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101174321A (en) * 2006-11-01 2008-05-07 上海融兴网络科技有限公司 Charging method for mobile electronic payment system
WO2008095367A1 (en) * 2007-01-31 2008-08-14 Huawei Technologies Co., Ltd. A card issuing method, device and system
CN101252628A (en) * 2008-04-14 2008-08-27 中兴通讯股份有限公司 System and method for recharging based on recharging card
CN101360159A (en) * 2008-09-26 2009-02-04 中兴通讯股份有限公司 Implementing method and apparatus for independent VC system accommodating different charging cards

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103944878A (en) * 2014-03-10 2014-07-23 航天数字传媒有限公司 Application and manufacturing method and system for satellite digital service rechargeable cards

Also Published As

Publication number Publication date
CN102098401A (en) 2011-06-15

Similar Documents

Publication Publication Date Title
US9740849B2 (en) Registration and authentication of computing devices using a digital skeleton key
WO2011069460A1 (en) Method and system for generating, recharging and querying rechargeable card
US7003668B2 (en) Secure authentication of users via intermediate parties
EP2731040B1 (en) Computer system for storing and retrieval of encrypted data items, client computer, computer program product and computer-implemented method
US8369521B2 (en) Smart card based encryption key and password generation and management
EP3694143B1 (en) Enabling access to data
US20130073854A1 (en) Data storage incorporating crytpographically enhanced data protection
US20110085664A1 (en) Systems and methods for managing multiple keys for file encryption and decryption
US20020083325A1 (en) Updating security schemes for remote client access
CN113545006A (en) Remote authorized access locked data storage device
JP2004304751A5 (en)
US8176313B2 (en) Executable software security system
US20100031045A1 (en) Methods and system and computer medium for loading a set of keys
JP2017531951A (en) Method, device, terminal and server for security check
CN104868998A (en) System, Device, And Method Of Provisioning Cryptographic Data To Electronic Devices
CN113383511A (en) Recovery key for unlocking a data storage device
CN115066863A (en) Systems and techniques for cross-account device key transfer in a benefit denial system
CN113383510A (en) Multi-role unlocking of data storage devices
KR20200123029A (en) Method for using service with one time id based on pki, and user terminal using the same
US11480945B2 (en) Production device for production of an object for user permitted to print pre-defined number of copies of the object including encrypted token, and decrypted by the production device for determining user access right
JP2007020065A (en) Decryption backup method, decryption restoration method, attestation device, individual key setting machine, user terminal, backup equipment, encryption backup program, decryption restoration program
US11323267B1 (en) Systems and methods for maintaining confidentiality, integrity, and authenticity of the last secret
CN114175574A (en) Wireless security protocol
CN113545021A (en) Registration of pre-authorized devices
CN113316915B (en) Unlocking a data storage device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10835495

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10835495

Country of ref document: EP

Kind code of ref document: A1