WO2014048319A1 - Système, dispositif et procédé d'échange d'informations de sécurité - Google Patents

Système, dispositif et procédé d'échange d'informations de sécurité Download PDF

Info

Publication number
WO2014048319A1
WO2014048319A1 PCT/CN2013/084183 CN2013084183W WO2014048319A1 WO 2014048319 A1 WO2014048319 A1 WO 2014048319A1 CN 2013084183 W CN2013084183 W CN 2013084183W WO 2014048319 A1 WO2014048319 A1 WO 2014048319A1
Authority
WO
WIPO (PCT)
Prior art keywords
security information
information interaction
data
user terminal
processing server
Prior art date
Application number
PCT/CN2013/084183
Other languages
English (en)
Chinese (zh)
Inventor
柴洪峰
鲁志军
何朔
郑建宾
刘国宝
万四爽
Original Assignee
中国银联股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国银联股份有限公司 filed Critical 中国银联股份有限公司
Publication of WO2014048319A1 publication Critical patent/WO2014048319A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation

Definitions

  • the present invention relates to information interaction systems, devices and methods, and more particularly to security information interaction systems, devices and methods. Background technique
  • offline security information that is, information requiring high security, such as financial transactions
  • a network especially a mobile network
  • the present invention proposes a security information interaction system, apparatus and method that have high security and can be applied to offline information exchange.
  • a security information interaction method includes the following steps:
  • (A1) the user terminal transmits the security information interaction instruction from the user to the remote security information interaction device through the network;
  • the security information interaction device receives the security information interaction instruction from the user terminal, and constructs a security information interaction based on the security information interaction instruction Requesting and transmitting the security information interaction request to a data processing server;
  • the data processing server receives and parses the security information interaction request from the security information interaction device, and sends a security information interaction confirmation request to the user terminal based on the security information interaction request;
  • the user terminal receives the security information interaction confirmation request from the data processing server, and acquires application data from an offline application in the smart card based on the security information interaction confirmation request and the application data Transferred to the data processing server;
  • the data processing server receives the application data transmitted by the user terminal, and performs an authentication operation based on the application data and transmits an authentication result notification back to the user terminal;
  • the user terminal receives an authentication result notification from the data processing server, and generates security information interaction data based on the authentication result notification and transmits the security information interaction data to the data processing server;
  • the data processing server receives the security information interaction data from the user terminal, and performs a verification operation based on the security information interaction data and transmits a message related to the verification result to the security information Interactive device.
  • the step (A7) further comprises: if the verification result is "verification successful", the data processing server sends a security information interaction success response to the user terminal.
  • the step (A7) further comprises: if the verification result is "verification successful", the data processing server sends a notification related to the verification result to the service provider server .
  • the user terminal is a client in the mobile terminal, and the network is a mobile communication network.
  • the application data includes offline authentication data and data for terminal risk management and behavior analysis.
  • the step (A5) further includes: after receiving the application data transmitted back by the user terminal, the data processing server performs the following operations: parsing the application data To obtain offline authentication data and for terminal risk management And analyzing data of the behavior; performing an authentication operation based on the offline authentication data, and transmitting a security information interaction rejection response to the user terminal if the authentication result is "authentication failed"; if the authentication result is "authentication By performing a terminal risk management and behavior analysis operation to determine whether to perform a subsequent security information interaction process, and if it is determined that a subsequent security information interaction process is performed, transmitting a security information interaction approval response to the user terminal. And if it is determined that no subsequent security information interaction process is required, a security information interaction rejection response is transmitted back to the user terminal.
  • the step (A6) further includes: after receiving the authentication result notification from the data processing server, the user terminal performs the following operations: if the authentication result notification is The security information interaction rejection response prompts the user security information interaction failure, and if the authentication result notification is a security information interaction approval response, performs a data processing operation associated with the currently performed security information interaction process and generates The security information exchanges data, and transmits the security information interaction data to the data processing server.
  • the security information interaction data includes a security information interaction credential and other information associated with the currently performed security information interaction process.
  • the step (A7) further comprises: the data processing server verifying the security information interaction credential.
  • data communication between the security information interaction device and the data processing server is implemented by an SSL protocol.
  • data communication between the user terminal and the data processing server is implemented by an SSL protocol.
  • the step (A6) further comprises: transmitting the security information interaction data in an encrypted manner, wherein the security information interaction identifier is used as a generation factor of the encryption key.
  • the step (A4) further comprises: the user terminal acquiring the application data from an offline application in the following manner: U) transmitting an instruction for selecting an offline application to the smart card To select an offline application; (1) initialize the offline application; If the verification passes, the subsequent operation is performed, and if the verification fails, the prompt prompts to re-enter the PIN for the offline application, and repeats the 3 certificate process, and prompts the user authentication failure if the number of inputs exceeds a predetermined threshold. Sending a read application data instruction to the offline application to obtain the application data.
  • a security information interaction system comprising: at least one user terminal, each of the at least one user terminal for transmitting security information interaction instructions from a user to a remote security through a network An information interaction device, and receiving a security information interaction confirmation request from the data processing server, and each of the at least one user terminal is further configured to receive from the data processing server based on the access to the data processing server The authentication result notification, and generating security information interaction data based on the authentication result notification and transmitting the security information interaction data to the data processing server;
  • a security information interaction device configured to receive the security information interaction instruction from the user terminal, and construct a security information interaction request based on the security information interaction instruction and to perform the security a sexual information interaction request is transmitted to the data processing server;
  • a data processing server configured to receive and parse the security information interaction request from the security information interaction device, and send the security to a corresponding user terminal based on the security information interaction request An information exchange confirmation request, the data processing server is further configured to receive application data transmitted by the user terminal, perform an authentication operation based on the application data, and transmit an authentication result notification back to the corresponding user terminal, where the data processing server Further for receiving the security information interaction data from the user terminal, and performing a verification operation based on the security information interaction data and transmitting a message related to the certificate result to the security information interaction device;
  • a smart card the smart card is used to store at least one offline application.
  • the object of the present invention can also be achieved by the following technical solutions: a user terminal, the user terminal transmits a security information interaction instruction from the user to the remote security information interaction device through the network, and receives a security information interaction confirmation request from the data processing server, and based on the security information An interaction confirmation request from the smart server, the user terminal further configured to receive an authentication result notification from the data processing server, and generate security information interaction data based on the authentication result notification and transmit the security information interaction data to The data processing server.
  • the data processing server receives and parses a security information interaction request from the security information interaction device, and sends a security information interaction confirmation request to the corresponding user terminal based on the security information interaction request
  • the data processing server is further configured to receive application data transmitted by the user terminal, and perform an authentication operation based on the application data and transmit an authentication result notification back to the corresponding user terminal
  • the data processing server is further configured to receive the Determining security information interaction data of the user terminal, and performing a verification operation based on the security information interaction data and transmitting a message related to the verification result to the security information interaction device.
  • the security information interaction system, device and method disclosed by the present invention have the following advantages:
  • (1) can be applied to offline information exchange; (2) due to the use of multiple security measures (for example, the transmission of security information interaction data in an encrypted manner, where the security information interaction identifier (such as an order) No.) is a generation factor of the encryption key, so it has high security.
  • multiple security measures for example, the transmission of security information interaction data in an encrypted manner, where the security information interaction identifier (such as an order) No.
  • the security information interaction identifier such as an order
  • No. is a generation factor of the encryption key
  • FIG. 1 is a schematic structural diagram of a security information interaction system according to an embodiment of the present invention
  • FIG. 2 is a flowchart of a security information interaction method according to an embodiment of the present invention.
  • detailed description 1 is a schematic structural diagram of a security information interaction system according to an embodiment of the present invention.
  • the security information interaction system disclosed by the present invention includes at least one user terminal 1, a security information interaction device 2 (for example, a POS machine), a data processing server 3, and a smart card 4.
  • Each of the at least one user terminal 1 is configured to transmit a security information interaction instruction (eg, a purchase request) from the user to the remote security information interaction device 2 through the network, and receive security from the data processing server 3.
  • a security information interaction instruction eg, a purchase request
  • a sexual information interaction confirmation request (eg, an order payment request;), and acquiring application data from the offline application based on the security information interaction confirmation request and transmitting the application data to the data processing server 3, the at least one user
  • Each of the terminals 1 is further configured to receive an authentication result notification from the data processing server 3, and generate security information interaction data based on the authentication result notification and transmit the security information interaction data to the data processing Server 3.
  • the security information interaction device 2 is configured to receive the security information interaction instruction from the user terminal 1, and construct a security information interaction request (such as an order) based on the security information interaction instruction, and the security The sexual information exchange request is transmitted to the data processing server 3.
  • the data processing server 3 is configured to receive and parse the security information interaction request from the security information interaction device 2, and send the security information to the corresponding user terminal 1 based on the security information interaction request.
  • An interaction confirmation request the data processing server 3 is further configured to receive application data transmitted by the user terminal 1, and perform an authentication operation based on the application data and transmit an authentication result notification back to the corresponding user terminal 1, the data
  • the processing server 3 is further configured to receive the security information interaction data from the user terminal 1, and perform a verification operation based on the security information interaction data and transmit a message related to the verification result (eg, a payment success confirmation notification) To the security information interaction device 2 (for example, to remind the merchant to start shipping).
  • the smart card 4 is used to store at least one offline application.
  • the data processing server 3 is further configured to perform the following operations: if the verification result is "verification successful", send security to the corresponding user terminal 1.
  • the information interaction is successfully answered (for example, a payment success response is used to prompt the user that the payment has been completed).
  • the data processing server 3 is further configured to perform the following operations: if the verification result is "verification successful", A notification related to the verification result (eg, a payment result notification) is sent to the service provider server (eg, the relevant server of the issuer).
  • the service provider server eg, the relevant server of the issuer.
  • the user terminal 1 is a client in the mobile terminal, and the network is a mobile communication network.
  • the application data includes offline authentication data and data for terminal risk management and behavior analysis.
  • the data processing server 3 after receiving the application data transmitted back by the user terminal 1, the data processing server 3 performs the following operations: parsing the application data to obtain Offline authentication data and data for terminal risk management and behavior analysis; performing an authentication operation based on the offline authentication data, and transmitting security information to the corresponding user terminal 1 if the authentication result is "authentication failed" Interactive rejection response; if the authentication result is "authentication pass”, perform terminal risk management and behavior analysis operations (eg, determine whether the electronic cash available balance minus the authorized amount is less than the electronic cash reset threshold) to determine whether to perform subsequent security information
  • terminal risk management and behavior analysis operations eg, determine whether the electronic cash available balance minus the authorized amount is less than the electronic cash reset threshold
  • the user terminal 1 after receiving the authentication result notification from the data processing server 3, the user terminal 1 performs the following operations: if the authentication result notification is security The information interaction rejects the response, prompting the user to fail the security information interaction, and if the authentication result notification is a security information interaction approval response, performing a data processing operation associated with the currently performed security information interaction process (eg, for electronic Cash is debited) and the security information interaction data is generated, and the security information interaction data is transmitted to the data processing server 3.
  • a data processing operation associated with the currently performed security information interaction process eg, for electronic Cash is debited
  • the security information interaction data includes a security information interaction credential (such as a transaction debit memo) and other related to the currently performed security information interaction process.
  • Information such as security information interaction identifiers, such as order numbers).
  • the data processing The verification operation performed by the server 3 includes verifying the security information interaction credentials.
  • the security information interaction device 2 is a node in the network (i.e., data communication with an external device can be performed through the network).
  • data communication between the security information interaction device 2 and the data processing server 3 is implemented by the SSL protocol.
  • the authentication process is preferably implemented by a symmetric key system in the security information interaction system disclosed by the present invention through the SSL protocol.
  • the security information interaction data (which includes a security information interaction credential) is transmitted in an encrypted manner, wherein the security information interaction identifier (such as an order) No.) as a generation factor of the encryption key.
  • the smart card 4 may be a SIM card, or a smart SD card, or a terminal accessory or the like.
  • the user terminal 1 acquires the application data from an offline application in the following manner: (1) transmitting an instruction to select the offline application to the smart card 4 to Selecting an offline application; (2) initializing the offline application; (3) prompting the user to input a PIN (Personal Identification Number) for the offline application to verify the identity of the user, and if the verification passes, performing a subsequent operation, And if the verification fails, prompting to re-enter the PIN for the offline application, and repeating the 3 certificate process, and prompting the user for authentication failure if the number of inputs exceeds a predetermined threshold; sending a read to the offline application An application data instruction is fetched to obtain the application data.
  • PIN Personal Identification Number
  • the data processing operation associated with the currently performed security information interaction process may be a debit operation for electronic cash in order to complete the transaction
  • the specific operation process may be as follows:
  • the user terminal 1 sends a debit request to the smart card 4; after receiving the debit request, the smart card 4 performs card risk analysis to decide whether to approve the transaction request; if approved, returns the offline transaction approval ciphertext TC, Card at this time
  • the electronic cash amount has been updated; if not approved, a rejection response (for example, ciphertext AAC) is returned; the user terminal 1 determines whether the TC ciphertext is approved for the offline transaction, and if so, the offline transaction deduction is assembled.
  • a rejection response for example, ciphertext AAC
  • the smart card 4 confirms that the offline transaction debit voucher does belong to the valid offline transaction data of the account (ie, the unprocessed account belongs to the account The offline transaction data) completes the relevant security operation, and if the confirmation is not, an error indication is returned.
  • the security information interaction system disclosed by the present invention has the following advantages: (1) can be applied to remote information interaction in an offline mode; (1) due to the use of multiple security measures (for example, transmission in an encrypted manner) Security information interaction data, in which a security information interaction identifier (such as an order number) is used as a generation factor of an encryption key, so that it has high security.
  • a security information interaction identifier such as an order number
  • the present invention discloses a user terminal 1 that transmits a security information interaction instruction (for example, a purchase request) from a user to a remote security information interaction device 2 through a network, and receives from a security information interaction confirmation request (for example, an order payment request) of the data processing server 3, and an interaction confirmation request from the intelligent server 3 based on the security information, the user terminal 1 further for receiving the data processing server 3
  • the authentication result is notified, and the security information interaction data is generated based on the authentication result notification and the security information interaction data is transmitted to the data processing server 3.
  • the user terminal 1 disclosed in the present invention is a client in a mobile terminal, and the network is a mobile communication network.
  • the application data includes offline authentication data and data for terminal risk management and behavior analysis.
  • the user terminal 1 After receiving the authentication result notification from the data processing server 3, the user terminal 1 performs the following operations: if the authentication result notification is a security information interaction rejection response, prompting the user that the security information interaction fails And if the authentication result notification is a security information interaction approval response, performing a data processing operation associated with the currently performed security information interaction process (eg, debiting electronic cash) and generating the security information interaction Data, and transferring the security information interaction data to the data processing server 3.
  • the security information interaction data includes a security information interaction credential (such as a transaction debit memo) and other information associated with the currently performed security information interaction process ( For example, a security information interaction identifier, such as an order number).
  • the user terminal 1 disclosed by the present invention performs data communication with the data processing server 3 via the SSL protocol.
  • the user terminal 1 disclosed by the present invention transmits the security information interaction data (which includes a security information interaction credential) in an encrypted manner, wherein the security information interaction identifier (such as an order number) is used as an encryption key.
  • the security information interaction identifier such as an order number
  • the user terminal 1 disclosed by the present invention acquires the application data from an offline application in the following manner: (1) transmitting an instruction to select an offline application to the smart card 4 to select an offline application; (2) an initialization station (3) prompting the user to input a PIN (Personal Identification Number) for the offline application to verify the identity of the user, and if the verification passes, perform a subsequent operation, and if the verification fails, prompt to re-enter The PIN for the offline application, and repeating the verification process, and prompting the user for authentication failure if the number of inputs exceeds a predetermined threshold; sending a read application data instruction to the offline application to obtain the application data.
  • PIN Personal Identification Number
  • the present invention discloses a data processing server 3 that receives and parses a security information interaction request from the security information interaction device 2, and based on the security information interaction request
  • the corresponding user terminal 1 sends a security information interaction confirmation request
  • the data processing server 3 is further configured to receive the application data transmitted by the user terminal 1 and perform an authentication operation based on the application data and transmit the authentication result notification back.
  • the data processing server 3 is further configured to receive security information interaction data from the user terminal 1, and perform a verification operation and a message related to the verification result based on the security information interaction data ( For example, a payment success confirmation notification is transmitted to the security information interaction device 2 (for example, to remind the merchant to start shipping).
  • the data processing server 3 disclosed by the present invention is further configured to: if the verification result is "verification successful", send a security information interaction success response (for example, a payment success response) to the corresponding user terminal 1, Used to prompt the user that the payment has been completed).
  • a security information interaction success response for example, a payment success response
  • the data processing server 3 disclosed by the present invention is further configured to perform the following operations. If the verification result is "verification successful", a notification related to the verification result (for example, a payment result notification) is sent to the service provider server (for example, the relevant server of the issuing bank).
  • the service provider server for example, the relevant server of the issuing bank.
  • the application data includes offline authentication data and data for terminal risk management and behavior analysis.
  • the data processing server 3 After receiving the application data transmitted back by the user terminal 1, the data processing server 3 performs the following operations: parsing the application data to obtain offline authentication data and for terminal risk management and behavior analysis. Data; performing an authentication operation based on the offline authentication data, and if the authentication result is "authentication failed", transmitting a security information interaction rejection response to the corresponding user terminal 1; if the authentication result is "authentication passed”, Then performing terminal risk management and behavior analysis operations (eg, determining whether the electronic cash available balance minus the authorized amount is less than an electronic cash reset threshold) to determine whether to perform a subsequent security information interaction process, and if it is determined to perform subsequent security information interaction In the process, the security information interaction approval response is transmitted back to the corresponding user terminal 1, and if it is determined that the subsequent security information interaction process is not required, the security information interaction rejection response is transmitted back to the corresponding user terminal 1.
  • terminal risk management and behavior analysis operations eg, determining whether the electronic cash available balance minus the authorized amount is less than an electronic cash reset threshold
  • the security information interaction data includes security information interaction credentials (such as transaction debit memos) and other information associated with the currently performed security information interaction process. (eg security information interaction identifier, such as order number).
  • the verifying operation performed by the data processing server 3 disclosed by the present invention includes verifying the security information interaction credential.
  • the data processing server 3 disclosed by the present invention performs data communication with the security information interaction device 2 via the SSL protocol.
  • the data processing server 3 disclosed by the present invention performs data communication with the user terminal 1 via the SSL protocol.
  • the authentication process is implemented by a symmetric key system.
  • the security information interaction method disclosed by the present invention includes the following steps: (A1) The user terminal transmits a security information interaction instruction (such as a purchase request) from the user to the network to a remote security information interaction device; (A2) the security information interaction device receives the security information interaction instruction from the user terminal, and constructs a security information interaction request (eg, an order based on the security information interaction instruction) And transmitting the security information interaction request to the data processing server; (A3) the data processing server receives and parses the security information interaction request from the security information interaction device, and based on the security The information exchange request sends a security information interaction confirmation request to the user terminal; 4) the user terminal receives the security information interaction confirmation request (eg, an order payment request;) from the data processing server, and based on the The security information interaction confirmation request is received from the smart card device; (A5) the data processing server receives the application data transmitted by the user terminal,
  • a security information interaction instruction such as a purchase request
  • the security information interaction device receives the security information interaction instruction from the
  • the step (A7) further includes: if the verification result is "verification successful", the data processing server sends security to the user terminal The information interaction is successfully answered (for example, a payment success response is used to prompt the user that the payment has been completed).
  • the step (A7) further includes: if the verification result is "verification successful", the data processing server will notify the verification result (for example, payment result notifications are sent to the service provider server (for example, the relevant server of the issuer).
  • the user terminal is a client in a mobile terminal
  • the network is a mobile communication network
  • the application data includes offline authentication data and data for terminal risk management and behavior analysis.
  • the step (A5) further includes: after receiving the application data transmitted back by the user terminal, the data processing server performs the following operations: Parsing the application data to obtain offline authentication data and data for terminal risk management and behavior analysis; performing an authentication operation based on the offline authentication data, and if the authentication result is "authentication failed", to the user The terminal transmits back the security information interaction rejection response; if the authentication result is "authentication passed", the terminal risk management and behavior analysis operations are performed (for example, determining whether the electronic cash available balance minus the authorized amount is less than the electronic cash reset threshold) to determine whether Performing a subsequent security information interaction process, and if it is determined to perform a subsequent security information interaction process, transmitting a security information interaction approval response to the user terminal, and if it is determined that a subsequent security information interaction process is not required, Transmitting back security information to the
  • the step (A6) further includes: after receiving the authentication result notification from the data processing server, the user terminal performs the following operations: If the authentication result notification is a security information interaction rejection response, the user security information interaction failure is prompted, and if the authentication result notification is a security information interaction approval response, performing a security information interaction process that is currently performed.
  • Data processing operations e.g., debiting electronic cash
  • generating the security information interaction data and transmitting the security information interaction data to the data processing server.
  • the security information interaction data includes a security information interaction credential (such as a transaction debit memo) and other related to the currently performed security information interaction process.
  • Information such as security information interaction identifiers, such as order numbers).
  • the step (A7) further includes: the data processing server verifying the security information interaction credential.
  • the security information interaction device is a node in the network (i.e., data communication with an external device can be performed through the network).
  • the SSL protocol is adopted.
  • a data communication between the security information interaction device and the data processing server is implemented.
  • data communication between the user terminal and the data processing server is implemented by using an SSL protocol.
  • the authentication process is implemented by a symmetric key system.
  • the step (A6) further includes: transmitting the security information interaction data (including a security information interaction credential) in an encrypted manner, where A security information interaction identifier (such as an order number) is used as a generation factor of the encryption key.
  • a security information interaction identifier such as an order number
  • the smart card may be a SIM card, or a smart SD card, or a terminal accessory or the like.
  • the step (A4) further includes: the user terminal acquiring the application data from an offline application in the following manner: (1) sending the smart card to the smart card Selecting an offline application's instructions to select an offline application; (2) initializing the offline application; (3) prompting the user to enter a PIN (Personal Identification Number) for the offline application to verify the identity of the user, and if verified Passing, then performing a subsequent operation, and if the verification fails, prompting to re-enter the PIN for the offline application, and repeating the verification process, and prompting the user for authentication failure if the number of inputs exceeds a predetermined threshold;
  • the offline application sends a read application data instruction to obtain the application data.
  • the data processing operation associated with the currently performed security information interaction process may be a debit operation for electronic cash in order to complete the transaction
  • the specific operation process may be as follows: The user terminal sends a debit request to the smart card; after receiving the debit request, the smart card performs card risk analysis to decide whether to approve the transaction request; if approved, returns an offline transaction approval ciphertext TC, at this time, the card The electronic cash amount has been updated; if not approved, a rejection response is returned (eg ciphertext AAC); the user terminal determines whether the TC ciphertext is approved for offline transactions, and if so, the offline transaction debit memo is assembled And sending the voucher to the smart card for encryption and MAC calculation; the smart card confirms that the offline transaction debit voucher does belong to the valid offline transaction data of the account (ie, the unprocessed offline belonging to the account) Transaction data), complete the relevant security operations Yes, and if the confirmation is not, an error indication is returned.
  • the security information interaction method disclosed by the present invention has the following advantages: (1) can be applied to remote information interaction in an offline mode; (1) due to the use of multiple security measures (for example, transmission in an encrypted manner) Security information interaction data, in which a security information interaction identifier (such as an order number) is used as a generation factor of an encryption key, so that it has high security.
  • a security information interaction identifier such as an order number
  • the formula is not limited to the above embodiment. It should be recognized that: without departing from the spirit and scope of the present invention

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

La présente invention concerne un système, un dispositif et un procédé d'échange d'informations de sécurité. Ledit système comprend au moins un terminal d'utilisateur, un dispositif d'échange d'informations de sécurité, un serveur de traitement de données, et une carte à puce. Chaque commande d'échange d'informations de sécurité initiée par l'utilisateur dans le terminal d'utilisateur est transmise par l'intermédiaire d'un réseau à un dispositif d'échange d'informations de sécurité situé à distance en vue d'un traitement supplémentaire d'échange d'informations de sécurité. Le système, le dispositif et le procédé d'échange d'informations de sécurité selon l'invention sont très sûrs, et peuvent être utilisés pour l'échange d'informations à distance hors ligne.
PCT/CN2013/084183 2012-09-28 2013-09-25 Système, dispositif et procédé d'échange d'informations de sécurité WO2014048319A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210368401.3 2012-09-28
CN201210368401.3A CN103701762B (zh) 2012-09-28 2012-09-28 安全性信息交互系统、设备及方法

Publications (1)

Publication Number Publication Date
WO2014048319A1 true WO2014048319A1 (fr) 2014-04-03

Family

ID=50363161

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/084183 WO2014048319A1 (fr) 2012-09-28 2013-09-25 Système, dispositif et procédé d'échange d'informations de sécurité

Country Status (2)

Country Link
CN (1) CN103701762B (fr)
WO (1) WO2014048319A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106411522A (zh) * 2015-08-03 2017-02-15 中兴通讯股份有限公司 一种基于智能卡的在线认证方法、智能卡及认证服务器
CN106330883B (zh) * 2016-08-19 2019-11-22 中国银联股份有限公司 基于快捷验证码的安全性信息交互方法
CN107871266B (zh) * 2016-09-28 2022-05-27 菜鸟智能物流控股有限公司 一种交互凭证的获取方法及相关装置

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020038287A1 (en) * 2000-08-30 2002-03-28 Jean-Marc Villaret EMV card-based identification, authentication, and access control for remote access
CN101394615A (zh) * 2007-09-20 2009-03-25 中国银联股份有限公司 一种基于pki技术的移动支付终端及支付方法
CN101923757A (zh) * 2010-08-05 2010-12-22 中国科学院深圳先进技术研究院 移动支付管理系统
CN102419846A (zh) * 2011-12-30 2012-04-18 快钱支付清算信息有限公司 一种基于pos机网络的非接近场支付系统和方法

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2443489B (en) * 2006-11-06 2008-10-15 Visa Europe Ltd Electronic purchasing of tickets
CN101593387B (zh) * 2008-05-27 2012-06-27 中国移动通信集团公司 一种使用本地账户进行远程支付的方法、系统及设备
AU2009293439B2 (en) * 2008-09-17 2013-01-17 Mastercard International, Inc. Off-line activation/loading of pre-authorized and cleared payment cards
CN102469081B (zh) * 2010-11-11 2014-10-08 中国移动通信集团公司 智能卡片操作的方法、设备及系统
CN102169613B (zh) * 2010-12-03 2013-03-13 北京握奇数据系统有限公司 一种处理电子钱包的远程业务的方法及装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020038287A1 (en) * 2000-08-30 2002-03-28 Jean-Marc Villaret EMV card-based identification, authentication, and access control for remote access
CN101394615A (zh) * 2007-09-20 2009-03-25 中国银联股份有限公司 一种基于pki技术的移动支付终端及支付方法
CN101923757A (zh) * 2010-08-05 2010-12-22 中国科学院深圳先进技术研究院 移动支付管理系统
CN102419846A (zh) * 2011-12-30 2012-04-18 快钱支付清算信息有限公司 一种基于pos机网络的非接近场支付系统和方法

Also Published As

Publication number Publication date
CN103701762B (zh) 2017-04-19
CN103701762A (zh) 2014-04-02

Similar Documents

Publication Publication Date Title
AU2018202542B2 (en) Automated account provisioning
US10826702B2 (en) Secure authentication of user and mobile device
US10140607B2 (en) Mutual mobile authentication using a key management center
US11620647B2 (en) Provisioning of access credentials using device codes
JP6497834B2 (ja) 支払い方法、ならびにそれに関連する支払いゲートウェイ・サーバー、モバイル端末、およびタイムサーティフィケート発行サーバー
US20140207682A1 (en) Systems and methods for contactless transaction processing
CN115907763A (zh) 向消费者提供支付凭证
WO2020072340A1 (fr) Systèmes et procédés d'authentification cryptographique de cartes sans contact
WO2015000365A1 (fr) Procédé et système de paiement rapide basés sur des informations de localisation
JP2015537399A (ja) モバイル決済のためのアプリケーションシステム及びモバイル決済手段を提供する及び用いるための方法
KR20100074735A (ko) 모바일 카드결제 시스템과 그를 이용한 모바일 카드결제 서비스 방법
KR20180123151A (ko) 장치 처리 시간이 감소된 시스템 및 방법
WO2014048319A1 (fr) Système, dispositif et procédé d'échange d'informations de sécurité
TW201830917A (zh) 安全性資訊交互方法及設備
US11915221B2 (en) Systems and methods for direct electronic communication of consumer information
JP7483688B2 (ja) 非接触カードの暗号化認証のためのシステムおよび方法
TW201804407A (zh) 用於一銀行交易系統的主機設備

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13841440

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 24-07-2015)

122 Ep: pct application non-entry in european phase

Ref document number: 13841440

Country of ref document: EP

Kind code of ref document: A1