WO2015131747A1 - Method and system for security protection of near field communication card swiping - Google Patents

Method and system for security protection of near field communication card swiping Download PDF

Info

Publication number
WO2015131747A1
WO2015131747A1 PCT/CN2015/072689 CN2015072689W WO2015131747A1 WO 2015131747 A1 WO2015131747 A1 WO 2015131747A1 CN 2015072689 W CN2015072689 W CN 2015072689W WO 2015131747 A1 WO2015131747 A1 WO 2015131747A1
Authority
WO
WIPO (PCT)
Prior art keywords
card
information
swipe operation
user
current nfc
Prior art date
Application number
PCT/CN2015/072689
Other languages
French (fr)
Chinese (zh)
Inventor
房稳
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2015131747A1 publication Critical patent/WO2015131747A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3224Transactions dependent on location of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/405Establishing or using transaction specific rules

Definitions

  • the present invention relates to the field of Near Field Communication (NFC) technology, and in particular, to a method and system for security protection of a near field communication card.
  • NFC Near Field Communication
  • NFC technology for near field communication has been rapidly developed in recent years.
  • the contradiction between security and flexibility has always been an important issue that has plagued the large-scale use of NFC technology on mobile terminals.
  • the NFC communication must have a SE (secure elements) security unit, the card reader and the SE communicate, and the information is transmitted to the actual application through the SE.
  • SE secure elements
  • the SE may typically be present in a mobile terminal, SIM card, or SD card in current NFC solutions.
  • the HCE (host-based card emulation) technology is a new mobile payment implementation scheme that has been proposed after NFC encounters the above problems in the promotion process.
  • the difference between HCE and traditional schemes is that the payment path is different.
  • the traditional scheme is communication between the card reader and the SE, and the HCE scheme is the communication between the POS machine and the application.
  • the HCE solution is flexible and easy to be compatible. However, although it has got rid of the cost and compatibility issues of the hardware SE, it is obviously not as secure as the solution of the entity SE.
  • Embodiments of the present invention provide a method and system for performing security protection on a near field communication card. By setting restrictions on NFC card swipe operation, the risk of NFC stealing is reduced, and the security of the NFC card is improved.
  • an embodiment of the present invention provides a method for security protection of a near field communication card, the method comprising:
  • the user After detecting the NFC card swiping operation of the near field communication, the user obtains the scene information of the current NFC card swiping operation;
  • the scenario information of the current NFC card swipe operation is compared with the card swiping restriction information set by the user. When it is determined that the current NFC card swipe operation belongs to the scenario restricted by the swipe card restriction information, the current NFC card swipe operation is prohibited.
  • the method may also include the following features:
  • the user-set credit card restriction information includes: spatial area information and/or time information set by the user to allow the card swipe operation.
  • the method may also include the following features:
  • the step of acquiring the scenario information of the current NFC card swipe operation includes:
  • the step of acquiring the spatial area information of the current NFC card swipe operation includes:
  • the mobile terminal is located to obtain the current location of the mobile terminal, and the current location information of the mobile terminal is used as the spatial area information of the current NFC card swipe operation.
  • the method may also include the following features:
  • the step of determining that the current NFC card swipe operation belongs to the scenario restricted by the swipe restriction information includes:
  • the space area where the current NFC card swipe operation occurs is outside the range of the space area set by the user for allowing the card swipe operation, and the time when the current NFC card swipe operation occurs is allowed to be swiped by the user. Outside the range of the operation time, it is determined that the current NFC card swipe operation belongs to the scene limited by the swipe restriction information.
  • the method may also include the following features:
  • the method further includes:
  • the card restriction information is saved on the mobile terminal and/or uploaded to the operator server.
  • the method may also include the following features:
  • the step of obtaining the user-set credit card restriction information includes: acquiring the user-set credit card restriction information from the mobile terminal local or the operator server.
  • the method also includes the following features:
  • the method further includes:
  • the record includes: information for prohibiting the NFC card swipe operation, and scene information of the current NFC card swipe operation.
  • the embodiment of the present invention further provides a system for security protection of a near field communication card, the system comprising:
  • the card operation detecting module is configured to acquire the scene information of the current NFC card swiping operation after detecting that the user initiates the NFC card swiping operation of the near field communication;
  • the reference information obtaining module is configured to obtain the card restriction information set by the user
  • the determining and processing module is configured to compare the scene information of the current NFC card swiping operation with the swipe card restriction information set by the user, and prohibit the current NFC card swiping operation when determining that the current NFC card swiping operation belongs to the scene limited by the swipe card restriction information. .
  • the system can also include the following features:
  • the user-set credit card restriction information includes: spatial area information and/or time information set by the user to allow the card swipe operation.
  • the system can also include the following features:
  • the reference information obtaining module is configured to obtain scene information of a current NFC card swipe operation by:
  • the manner of obtaining the spatial area information of the current NFC card swipe operation includes:
  • the mobile terminal is located to obtain the current location of the mobile terminal, and the current location information of the mobile terminal is used as the spatial area information of the current NFC card swipe operation.
  • the system can also include the following features:
  • the determining and processing module is configured to determine that the current NFC card swipe operation belongs to the scenario restricted by the swipe restriction information by:
  • the current NFC card swiping operation occurs outside the range of the space area set by the user for allowing the card swipe operation, and the current NFC swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, the current NFC is determined.
  • the swipe operation belongs to a scene limited by the swipe restriction information.
  • the system can also include the following features:
  • the system also includes:
  • the card restriction setting module is configured to save the card restriction information on the mobile terminal and/or upload to the operator server after detecting that the user sets the card restriction information on the mobile terminal.
  • the system can also include the following features:
  • the reference information obtaining module is configured to obtain the user-set credit card restriction information by acquiring the user-set credit card restriction information from the mobile terminal local or the operator server.
  • the system can also include the following features:
  • the system also includes:
  • the card recording module is configured to generate a record of the current NFC card swiping operation, save the record on the mobile terminal, and/or upload to the operator server;
  • the record includes: information for prohibiting the NFC card swipe operation, and scene information of the current NFC card swipe operation.
  • the system can also include the following features:
  • the card restriction setting module is further configured to update the locally saved card restriction information after receiving the updated card scene restriction information sent by the operator server.
  • the embodiment of the invention further provides a computer readable storage medium storing program instructions, which can be implemented when the program instructions are executed.
  • the method and system for performing security protection on a near field communication card is provided by comparing the scenario information of the current NFC card swipe operation with the card restriction information set by the user, and determining When the current NFC card swiping operation belongs to the scenario where the card restriction information is restricted, the current NFC card swiping operation is prohibited, the risk of NFC stealing is reduced, and the security of the NFC swipe card is improved.
  • FIG. 1 is a flowchart of a method for security protection of a near field communication card according to an embodiment of the present invention.
  • FIG. 2 is a schematic structural diagram of a system for performing security protection on a near field communication card according to an embodiment of the present invention.
  • FIG. 3 is a flow chart of limiting the card swipe operation by AGPS positioning data according to an embodiment of the present invention.
  • FIG. 4 is a schematic diagram of an operation interface of a method for setting a space area allowing a card to be swiped according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of a system performing spatial and temporal restrictions simultaneously according to an embodiment of the present invention.
  • FIG. 6 is a schematic diagram of a method for storing credit card restriction data on an operator server side according to an embodiment of the present invention.
  • the embodiment of the present invention proposes to associate the NFC with the positioning module of the mobile phone, and the positioning data provided by the positioning module is used as a basis for whether the card swiping behavior is allowed.
  • the embodiment of the present invention can further enhance the security from the time dimension, that is, the NFC is associated with the schedule module. After the user sets the common card swipe time in the schedule, the swipe is not allowed outside the set time. This can further reduce the possibility of stealing the brush during very long periods of time (such as at night).
  • an embodiment of the present invention provides a method for security protection of a near field communication card, the method comprising:
  • S30 Compare the scenario information of the current NFC card swiping operation with the swipe card restriction information set by the user, and disable the current NFC card swipe operation when determining that the current NFC card swipe operation belongs to the scenario restricted by the swipe card restriction information.
  • the method further comprises:
  • the current NFC card swipe operation is allowed when it is determined that the current NFC card swipe operation does not belong to the scene limited by the swipe restriction information.
  • the card restriction information set by the user includes: spatial area information and/or time information set by the user to allow the card swipe operation.
  • the scene information of the current NFC card swipe operation includes:
  • the information about the spatial area where the current NFC card swipe operation occurs includes:
  • the positioning of the mobile terminal comprises: locating the mobile terminal by assisting an Assisted Global Positioning System (AGPS).
  • AGPS Assisted Global Positioning System
  • the obtaining the card restriction information set by the user includes: acquiring the card restriction information set by the user from the mobile terminal local or the operator server.
  • step S10 the method further includes:
  • the method further comprises:
  • the locally saved card restriction information is updated.
  • the user can save these time and space limit data locally (on the mobile terminal) or on the operator server side, which have advantages and disadvantages. After saving locally, the user does not need to perform additional traffic interaction every time, which is convenient and fast. However, if the user wants to modify (or reset) the card restriction information on the mobile terminal, the password needs to be entered, that is, the card is swiped. Restriction information settings or resets require password protection. On the operator server side, on the one hand, it is convenient to associate the card restriction information with the mobile phone number. For example, the user replaces the SIM card from the mobile phone A to the mobile phone B, and the mobile phone B can still inherit the previous credit card restriction without setting.
  • the user modifies the time and space restrictions of the NFC card on the carrier server (for example, resetting the time and space for permitting the card to be empty to directly turn off the card swipe function), and then notifying the mobile terminal of the update through the carrier server. Swipe the card to protect the information and prevent theft.
  • the scenario that the current NFC card swipe operation belongs to the card limit information is determined, including:
  • the space area where the current NFC card swipe operation occurs is outside the range of the space area set by the user that allows the card swipe operation, it is determined that the current NFC swipe operation belongs to the NFC stealing behavior;
  • the time when the current NFC card swipe operation occurs is the time set by the user to allow the card swipe operation. Outside, it is determined that the current NFC card swipe operation belongs to NFC stealing behavior; or
  • the current NFC card swiping operation occurs outside the range of the space area set by the user for allowing the card swipe operation, and the current NFC swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, the current NFC is determined.
  • the card swipe operation belongs to the NFC stealing behavior.
  • step S30 the method further includes:
  • the record includes: information for enabling or disabling the NFC card swipe operation, and scene information of the current NFC card swipe operation.
  • the NFC swipe operation record is finally generated, and the record is saved on the mobile terminal and/or uploaded to the operator.
  • the NFC card swipe operation record is generated only after the NFC card swipe operation is disabled, the record being saved on the mobile terminal and/or uploaded to the operator server.
  • an embodiment of the present invention provides a system for security protection of a near field communication card, the system comprising:
  • the card operation detecting module is configured to: after detecting that the user initiates the NFC card swiping operation, obtain the scene information of the current NFC card swiping operation;
  • the reference information obtaining module is configured to obtain the card restriction information set by the user
  • the determining and processing module is configured to compare the scene information of the current NFC card swiping operation with the swipe card restriction information set by the user, and prohibit the current NFC card swiping operation when determining that the current NFC card swiping operation belongs to the scene limited by the swipe card restriction information. .
  • the determining and processing module is further configured to allow the current NFC card swipe operation when determining that the current NFC card swipe operation does not belong to the scene limited by the swipe restriction information.
  • the card restriction information set by the user includes: spatial area information and/or time information set by the user to allow the card swipe operation.
  • the reference information obtaining module is configured to obtain scene information of the current NFC card swiping operation by:
  • the manner of obtaining the spatial area information of the current NFC card swipe operation includes:
  • the mobile terminal is located to obtain the current location of the mobile terminal, and the current location information of the mobile terminal is used as the spatial area information of the current NFC card swipe operation.
  • the manner of positioning the mobile terminal comprises: locating the mobile terminal by assisting an Assisted Global Positioning System (AGPS).
  • AGPS Assisted Global Positioning System
  • the reference information obtaining module is configured to obtain the user-set credit card restriction information by acquiring the user-set credit card restriction information from the mobile terminal local or the operator server.
  • the system also includes:
  • the card restriction setting module is configured to save the card restriction information on the mobile terminal and/or upload to the operator server after detecting that the user sets the card restriction information on the mobile terminal;
  • the card restriction setting module is further configured to: after receiving the updated card scene restriction information sent by the operator server, update the locally saved card restriction information.
  • the determining and processing module is configured to determine, by using the following manner, that the current NFC card swipe operation belongs to the scenario restricted by the swipe restriction information:
  • the card swipe operation belongs to the card restriction information Scene.
  • the system also includes:
  • the card recording module is configured to generate a record of the current NFC card swiping operation, save the record on the mobile terminal, and/or upload to the operator server;
  • the record includes: information for enabling or disabling the NFC card swipe operation, and scene information of the current NFC card swipe operation.
  • FIG. 3 is a flow chart of limiting NFC card swipe operation by assisting global satellite positioning system AGPS positioning data according to an embodiment of the present invention.
  • the current positioning position is obtained from the AGPS positioning module.
  • the range of the previously set NFC card-sending operation is compared. If the obtained positioning position is within the allowable range, the NFC radio is turned on to allow the card to be operated. If the obtained positioning position is not within the allowable range, it is determined that the card is stolen, and the user is not allowed to swipe the card.
  • FIG. 4 is a schematic diagram of setting a space for permitting a card in the embodiment of the present invention.
  • the screen is called up on the screen and the position of the location is completed on the map.
  • the user can: zoom the map by touch screen operation to select a larger range, and draw a rectangular area on the touch screen, the rectangular area is the range of the allowed area of the card set by the user.
  • the option of “unrestricted” is provided on the interface, and the user can cancel the restriction on the NFC card by touching “cancel the restriction”, so that the card is not prohibited anywhere.
  • the "Save” option is also available on the interface for saving user settings.
  • the user can directly input the administrative or street area as a selection.
  • the administrative or street area For example, only the card swiping operation is allowed in the Chengdu area, and the mobile phone background automatically determines the area corresponding to the input content.
  • the swipe card After the user selects the area and selects to save, the swipe card allows the space area information to be saved on the mobile phone side and is valid, and can also be saved on the network side.
  • Embodiments of the present invention can not only spatially limit the effectiveness of the NFC function, but can also be limited in time to further enhance the security of the NFC card swipe operation.
  • FIG. 5 it is a schematic structural diagram of a system for simultaneously performing space and time limitation in the embodiment of the present invention.
  • the system structure is divided into NFC
  • the security management module, the AGPS module, the schedule module, and the NFC application module are four parts.
  • the NFC security management module is responsible for setting and saving the space and time for allowing the card swipe operation, and transferring the spatial data to the AGPS module to pass the time data to the schedule module.
  • the NFC application module will automatically call the AGPS module to locate, and at the same time take out the current time of the mobile phone, and store the positioning result and the current time with the preset AGPS positioning location area and the schedule module of the allowed card swiping. Allow the card time range to be compared. If both of them meet the preset rules, the NFC card swipe operation is allowed. If one of the two does not meet the preset rules, the card swipe operation is rejected, and the stolen brush is determined in a predetermined manner. The information, as well as the location and time of this time, inform the user or the operator, such as by email, SMS, etc.
  • the space and time data allowing the card swipe operation are saved in the "NFC Security Management Module" in the mobile terminal.
  • the advantage of this embodiment is that only the slave terminal is required before each NFC card swipe. Internally obtained data can be compared, which simplifies the process and saves user traffic.
  • the swipe limit setting on the phone still works.
  • FIG. 6 is a flow chart of storing time and space data for permitting card swipe on the operator server side according to an embodiment of the present invention, which is described below in conjunction with FIG. 6:
  • the data is synchronously transmitted to the network side. For security reasons, do not store on the phone side.
  • the mobile terminal After receiving the space and time data transmitted by the network side, the mobile terminal compares with the positioning result and time obtained by the local machine. If the local positioning result and time are within the allowable range, the NFC card swipe operation is started. If the local positioning result or time is not within the allowable range, the NFC card swipe operation is not allowed.
  • the mobile terminal will successfully start the NFC, and the positioning and time information will be sent to the network side for saving.
  • the user can modify the time and space limit reference data on the operator side.
  • the operator can immediately notify the operator to modify the time and space restriction information, directly limit the NFC function, and then the operator server synchronizes the modified credit card restriction information. Go to the phone to achieve the effect of preventing theft.
  • the process described in FIG. 6 has many advantages.
  • the network side can also receive the positioning and time information of the terminal when the NFC positioning is unsuccessful, so that the user can obtain the time and place of the stolen brush through the operator after being stolen, which is beneficial to the self. Protection of rights.
  • the collection of credit card data is beneficial for operators to further summarize and analyze data to form big data and further generate value.
  • the method and system for protecting the near field communication card by the above embodiment provide a comparison between the scene information of the current NFC card swipe operation and the card swiping restriction information set by the user, and determine that the current NFC card swipe operation belongs to the swipe card limit. When the information is restricted, the current NFC card swipe operation is prohibited, which can reduce the risk of NFC stealing and improve the security of the NFC card.
  • the biggest difference between the technical solution of the present invention and the related technical solutions is that when the card is swiped, the positioning and the time taking operation need to be performed synchronously.
  • the legality of the card swiping can be ensured to prevent the illegal elements in the area where the user does not frequently use the NFC consumption function and Time to steal.
  • the location and time data at the time of swiping are properly preserved and analyzed, it can form powerful consumption data, which is invaluable in the era of big data.
  • the technical solution of the embodiment of the present invention can be applied to all technical branches of NFC card consumption, but is particularly applicable to the HCE solution, because there is no special SE protection in the HCE solution, and it is necessary to combine the functions of the NFC itself in the mobile phone. Other services provide additional security. It is believed that with the continuous expansion and promotion of the NFC card consumption function, the technical solution of the present invention has broad commercial prospects.
  • the technical solution of the embodiment of the present invention can be applied to all technical branches of NFC card consumption, but is particularly applicable to the HCE solution, because there is no special SE protection in the HCE solution, and it is necessary to combine the functions of the NFC itself in the mobile phone. Other services provide additional security. It is believed that with the continuous expansion and promotion of the NFC card consumption function, the technical solution of the present invention has broad commercial prospects.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Telephone Function (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A method for security protection of near field communication (NFC) card swiping. The method comprises: upon detection of initiation of an NFC card swiping operation by a user, obtaining the scene information of the current NFC card swiping operation; obtaining card swiping restriction information set by the user; comparing the scene information of the current NFC card swiping operation with the card swiping restriction information set by the user, and disabling the current NFC card swiping operation when the current NFC card swiping operation is determined to belong to scenes restricted by the card swiping restriction information. The present invention can lower the risk of unauthorized NFC card swiping, and therefore improves the security of NFC card swiping. Also disclosed in the present invention is a system for security protection of NFC card swiping.

Description

一种对近场通信刷卡进行安全保护的方法和系统Method and system for security protection of near field communication card 技术领域Technical field
本发明涉及近场通信(Near Field Communication,NFC)技术领域,尤其涉及的是一种对近场通信刷卡进行安全保护的方法和系统。The present invention relates to the field of Near Field Communication (NFC) technology, and in particular, to a method and system for security protection of a near field communication card.
背景技术Background technique
近场通信NFC技术在近年来得到了迅速的发展。但安全性与灵活性的矛盾始终是困扰NFC技术大规模在移动终端上使用的一个重要问题。NFC technology for near field communication has been rapidly developed in recent years. However, the contradiction between security and flexibility has always been an important issue that has plagued the large-scale use of NFC technology on mobile terminals.
传统方案中,NFC通信必须有SE(secure elements)安全单元,刷卡机和SE之间通信,并通过SE将信息传递给实际应用。这就避免了直接通信有可能造成的安全性问题,例如密码被盗等。SE在目前的NFC方案中通常可能存在于移动终端、SIM卡、或SD卡中。虽然安全性比较高,但在成本、兼容性等方面存在诸多问题:一方面增加SE显然会带来成本的增加,另一方面,由于目前多种SE方案并行,实现兼容性也受到了极大影响。In the conventional solution, the NFC communication must have a SE (secure elements) security unit, the card reader and the SE communicate, and the information is transmitted to the actual application through the SE. This avoids security issues that may be caused by direct communication, such as password theft. The SE may typically be present in a mobile terminal, SIM card, or SD card in current NFC solutions. Although the security is relatively high, there are many problems in terms of cost and compatibility. On the one hand, increasing the SE obviously brings about an increase in cost. On the other hand, due to the parallelism of various SE schemes at present, the compatibility is also greatly improved. influences.
HCE(host-based card emulation,即基于主机的卡模拟)技术是在NFC在推广过程中遭遇到上述问题之后新提出的一种移动支付实现方案。HCE和传统方案的差别是支付走的通道不同,传统方案是刷卡机和SE之间通信,而HCE方案是POS机和应用程序通信。The HCE (host-based card emulation) technology is a new mobile payment implementation scheme that has been proposed after NFC encounters the above problems in the promotion process. The difference between HCE and traditional schemes is that the payment path is different. The traditional scheme is communication between the card reader and the SE, and the HCE scheme is the communication between the POS machine and the application.
HCE方案灵活性强,易于兼容。但它虽然摆脱了硬件SE的成本和兼容性问题,在安全性上显然不如有实体SE的方案。The HCE solution is flexible and easy to be compatible. However, although it has got rid of the cost and compatibility issues of the hardware SE, it is obviously not as secure as the solution of the entity SE.
因此,需要一种其它的方法能够增添新的安全保护,使基于NFC的移动支付即使在缺少SE的环境中也能够相对安全。Therefore, there is a need for an additional method that adds new security protection, making NFC-based mobile payments relatively secure even in environments where SE is lacking.
发明内容Summary of the invention
本发明实施例提供一种对近场通信刷卡进行安全保护的方法和系统,通过设置NFC刷卡操作的限制条件,降低NFC盗刷的风险,提高NFC刷卡的安全性。 Embodiments of the present invention provide a method and system for performing security protection on a near field communication card. By setting restrictions on NFC card swipe operation, the risk of NFC stealing is reduced, and the security of the NFC card is improved.
为了解决上述技术问题,本发明实施例提供了一种对近场通信刷卡进行安全保护的方法,该方法包括:In order to solve the above technical problem, an embodiment of the present invention provides a method for security protection of a near field communication card, the method comprising:
检测到用户启动近场通信NFC刷卡操作后,获取当前NFC刷卡操作的场景信息;After detecting the NFC card swiping operation of the near field communication, the user obtains the scene information of the current NFC card swiping operation;
获取用户设定的刷卡限制信息;Obtaining the card restriction information set by the user;
将当前NFC刷卡操作的场景信息与用户设定的刷卡限制信息进行比对,在确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景时,禁止当前NFC刷卡操作。The scenario information of the current NFC card swipe operation is compared with the card swiping restriction information set by the user. When it is determined that the current NFC card swipe operation belongs to the scenario restricted by the swipe card restriction information, the current NFC card swipe operation is prohibited.
该方法还可包括下述特点:The method may also include the following features:
用户设定的刷卡限制信息包括:用户设定的允许刷卡操作的空间区域信息和/或时间信息。The user-set credit card restriction information includes: spatial area information and/or time information set by the user to allow the card swipe operation.
该方法还可包括下述特点:The method may also include the following features:
所述获取当前NFC刷卡操作的场景信息的步骤包括:The step of acquiring the scenario information of the current NFC card swipe operation includes:
获取当前NFC刷卡操作发生的空间区域信息和/或时间信息;Obtaining spatial area information and/or time information of the current NFC card swipe operation;
其中,所述获取当前NFC刷卡操作发生的空间区域信息的步骤包括:The step of acquiring the spatial area information of the current NFC card swipe operation includes:
对移动终端进行定位,获取移动终端当前的位置,将移动终端当前的位置信息作为当前NFC刷卡操作发生的空间区域信息。The mobile terminal is located to obtain the current location of the mobile terminal, and the current location information of the mobile terminal is used as the spatial area information of the current NFC card swipe operation.
该方法还可包括下述特点:The method may also include the following features:
所述确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景的步骤包括:The step of determining that the current NFC card swipe operation belongs to the scenario restricted by the swipe restriction information includes:
如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景;或者If the space area where the current NFC card swipe operation occurs is outside the range of the space area set by the user that allows the card swipe operation, it is determined that the current NFC swipe operation belongs to the scene limited by the swipe restriction information; or
如当前NFC刷卡操作发生的时间在用户设定的允许刷卡操作的时间的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景;或者If the current NFC card swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, it is determined that the current NFC swipe operation belongs to the scene limited by the swipe restriction information; or
如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,并且当前NFC刷卡操作发生的时间在用户设定的允许刷卡 操作的时间的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景。For example, the space area where the current NFC card swipe operation occurs is outside the range of the space area set by the user for allowing the card swipe operation, and the time when the current NFC card swipe operation occurs is allowed to be swiped by the user. Outside the range of the operation time, it is determined that the current NFC card swipe operation belongs to the scene limited by the swipe restriction information.
该方法还可包括下述特点:The method may also include the following features:
所述方法还包括:The method further includes:
在检测到用户在移动终端上设置刷卡限制信息后,将所述刷卡限制信息保存在移动终端上和/或上传到运营商服务器上。After detecting that the user sets the card restriction information on the mobile terminal, the card restriction information is saved on the mobile terminal and/or uploaded to the operator server.
该方法还可包括下述特点:The method may also include the following features:
所述获取用户设定的刷卡限制信息的步骤包括:从移动终端本地或运营商服务器上获取用户设定的刷卡限制信息。The step of obtaining the user-set credit card restriction information includes: acquiring the user-set credit card restriction information from the mobile terminal local or the operator server.
该方法还包括下述特点:The method also includes the following features:
所述禁止当前NFC刷卡操作的步骤之后,还包括:After the step of disabling the current NFC card swipe operation, the method further includes:
生成当前NFC刷卡操作的记录,将所述记录保存在移动终端上和/或上传给运营商服务器;Generating a record of the current NFC card swipe operation, saving the record on the mobile terminal and/or uploading to the operator server;
其中,所述记录包括:禁止NFC刷卡操作的信息、和当前NFC刷卡操作的场景信息。The record includes: information for prohibiting the NFC card swipe operation, and scene information of the current NFC card swipe operation.
为了解决上述技术问题,本发明实施例还提供了一种对近场通信刷卡进行安全保护的系统,该系统包括:In order to solve the above technical problem, the embodiment of the present invention further provides a system for security protection of a near field communication card, the system comprising:
刷卡操作检测模块,设置为检测到用户启动近场通信NFC刷卡操作后,获取当前NFC刷卡操作的场景信息;The card operation detecting module is configured to acquire the scene information of the current NFC card swiping operation after detecting that the user initiates the NFC card swiping operation of the near field communication;
参考信息获取模块,设置为获取用户设定的刷卡限制信息;The reference information obtaining module is configured to obtain the card restriction information set by the user;
判断及处理模块,设置为将当前NFC刷卡操作的场景信息与用户设定的刷卡限制信息进行比对,在确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景时,禁止当前NFC刷卡操作。The determining and processing module is configured to compare the scene information of the current NFC card swiping operation with the swipe card restriction information set by the user, and prohibit the current NFC card swiping operation when determining that the current NFC card swiping operation belongs to the scene limited by the swipe card restriction information. .
该系统还可包括下述特点:The system can also include the following features:
用户设定的刷卡限制信息包括:用户设定的允许刷卡操作的空间区域信息和/或时间信息。The user-set credit card restriction information includes: spatial area information and/or time information set by the user to allow the card swipe operation.
该系统还可包括下述特点: The system can also include the following features:
所述参考信息获取模块是设置为通过以下方式获取当前NFC刷卡操作的场景信息:The reference information obtaining module is configured to obtain scene information of a current NFC card swipe operation by:
获取当前NFC刷卡操作发生的空间区域信息和/或时间信息;Obtaining spatial area information and/or time information of the current NFC card swipe operation;
其中,获取当前NFC刷卡操作发生的空间区域信息的方式包括:The manner of obtaining the spatial area information of the current NFC card swipe operation includes:
对移动终端进行定位,获取移动终端当前的位置,将移动终端当前的位置信息作为当前NFC刷卡操作发生的空间区域信息。The mobile terminal is located to obtain the current location of the mobile terminal, and the current location information of the mobile terminal is used as the spatial area information of the current NFC card swipe operation.
该系统还可包括下述特点:The system can also include the following features:
所述判断及处理模块是设置为通过以下方式确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景:The determining and processing module is configured to determine that the current NFC card swipe operation belongs to the scenario restricted by the swipe restriction information by:
如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景;或者If the space area where the current NFC card swipe operation occurs is outside the range of the space area set by the user that allows the card swipe operation, it is determined that the current NFC swipe operation belongs to the scene limited by the swipe restriction information; or
如当前NFC刷卡操作发生的时间在用户设定的允许刷卡操作的时间的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景;或者If the current NFC card swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, it is determined that the current NFC swipe operation belongs to the scene limited by the swipe restriction information; or
如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,并且当前NFC刷卡操作发生的时间在用户设定的允许刷卡操作的时间的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景。If the current NFC card swiping operation occurs outside the range of the space area set by the user for allowing the card swipe operation, and the current NFC swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, the current NFC is determined. The swipe operation belongs to a scene limited by the swipe restriction information.
该系统还可包括下述特点:The system can also include the following features:
该系统还包括:The system also includes:
刷卡限制设置模块,设置为在检测到用户在移动终端上设置刷卡限制信息后,将所述刷卡限制信息保存在移动终端上和/或上传到运营商服务器上。The card restriction setting module is configured to save the card restriction information on the mobile terminal and/or upload to the operator server after detecting that the user sets the card restriction information on the mobile terminal.
该系统还可包括下述特点:The system can also include the following features:
参考信息获取模块是设置为通过以下方式获取用户设定的刷卡限制信息:从移动终端本地或运营商服务器上获取用户设定的刷卡限制信息。The reference information obtaining module is configured to obtain the user-set credit card restriction information by acquiring the user-set credit card restriction information from the mobile terminal local or the operator server.
该系统还可包括下述特点:The system can also include the following features:
该系统还包括: The system also includes:
刷卡记录模块,设置为生成当前NFC刷卡操作的记录,将所述记录保存在移动终端上和/或上传给运营商服务器;The card recording module is configured to generate a record of the current NFC card swiping operation, save the record on the mobile terminal, and/or upload to the operator server;
其中,所述记录包括:禁止NFC刷卡操作的信息、和当前NFC刷卡操作的场景信息。The record includes: information for prohibiting the NFC card swipe operation, and scene information of the current NFC card swipe operation.
该系统还可包括下述特点:The system can also include the following features:
刷卡限制设置模块,还设置为接收到运营商服务器发送的更新后的刷卡场景限制信息后,更新本地保存的刷卡限制信息。The card restriction setting module is further configured to update the locally saved card restriction information after receiving the updated card scene restriction information sent by the operator server.
本发明实施例还提供一种计算机可读存储介质,存储有程序指令,当该程序指令被执行时可实现上面所述的方法。The embodiment of the invention further provides a computer readable storage medium storing program instructions, which can be implemented when the program instructions are executed.
与相关技术相比,本发明实施例提供的一种对近场通信刷卡进行安全保护的方法和系统,通过将当前NFC刷卡操作的场景信息与用户设定的刷卡限制信息进行比对,在确定当前NFC刷卡操作属于所述刷卡限制信息限制的情景时,禁止当前NFC刷卡操作,能够降低NFC盗刷风险,提高NFC刷卡的安全性。Compared with the related art, the method and system for performing security protection on a near field communication card is provided by comparing the scenario information of the current NFC card swipe operation with the card restriction information set by the user, and determining When the current NFC card swiping operation belongs to the scenario where the card restriction information is restricted, the current NFC card swiping operation is prohibited, the risk of NFC stealing is reduced, and the security of the NFC swipe card is improved.
附图概述BRIEF abstract
图1为本发明实施例的一种对近场通信刷卡进行安全保护的方法的流程图。FIG. 1 is a flowchart of a method for security protection of a near field communication card according to an embodiment of the present invention.
图2为本发明实施例的一种对近场通信刷卡进行安全保护的系统的结构示意图。FIG. 2 is a schematic structural diagram of a system for performing security protection on a near field communication card according to an embodiment of the present invention.
图3是本发明实施例通过AGPS定位数据进行刷卡操作限制的流程图。FIG. 3 is a flow chart of limiting the card swipe operation by AGPS positioning data according to an embodiment of the present invention.
图4是本发明实施例的方法设定允许刷卡的空间区域的操作界面的示意图。4 is a schematic diagram of an operation interface of a method for setting a space area allowing a card to be swiped according to an embodiment of the present invention.
图5是本发明实施例的系统同时进行空间与时间限制的结构示意图。FIG. 5 is a schematic structural diagram of a system performing spatial and temporal restrictions simultaneously according to an embodiment of the present invention.
图6是本发明实施例的方法在运营商服务器侧存储刷卡限制数据的流程示意图。 FIG. 6 is a schematic diagram of a method for storing credit card restriction data on an operator server side according to an embodiment of the present invention.
本发明的较佳实施方式Preferred embodiment of the invention
下文中将结合附图对本发明的实施例进行详细说明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互任意组合。Embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that, in the case of no conflict, the features in the embodiments and the embodiments in the present application may be arbitrarily combined with each other.
在现实生活中,盗刷卡的发生地通常会在远离持卡人正常使用的地点,因此如果从空间区域上对刷卡行为进行限制,能够有效的减少NFC盗刷的现象发生。区域限制的范围越小则安全性越强。基于此考虑,本发明实施例提出将NFC与手机的定位模块关联,通过定位模块提供的定位数据作为刷卡行为是否被允许的依据。In real life, the place where the stolen card is swiped is usually far away from the normal use of the card holder. Therefore, if the card swipe behavior is restricted from the space area, the NFC stealing phenomenon can be effectively reduced. The smaller the range of regional restrictions, the stronger the security. Based on this consideration, the embodiment of the present invention proposes to associate the NFC with the positioning module of the mobile phone, and the positioning data provided by the positioning module is used as a basis for whether the card swiping behavior is allowed.
本发明实施例还可以从时间维度进一步加强安全性,即将NFC与日程模块相关联,当用户在日程中设置了常用刷卡时间之后,在所设置的时间之外进行刷卡都不会被允许。这可以进一步减少非常用时间(如夜间)盗刷的发生可能。The embodiment of the present invention can further enhance the security from the time dimension, that is, the NFC is associated with the schedule module. After the user sets the common card swipe time in the schedule, the swipe is not allowed outside the set time. This can further reduce the possibility of stealing the brush during very long periods of time (such as at night).
如图1所示,本发明实施例提供了一种对近场通信刷卡进行安全保护的方法,该方法包括:As shown in FIG. 1 , an embodiment of the present invention provides a method for security protection of a near field communication card, the method comprising:
S10,检测到用户启动NFC刷卡操作后,获取当前NFC刷卡操作的场景信息;S10, after detecting that the user initiates the NFC card swiping operation, acquiring scene information of the current NFC card swiping operation;
S20,获取用户设定的刷卡限制信息;S20, obtaining user-set credit card restriction information;
S30,将当前NFC刷卡操作的场景信息与用户设定的刷卡限制信息进行比对,在确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景时,禁止当前NFC刷卡操作。S30: Compare the scenario information of the current NFC card swiping operation with the swipe card restriction information set by the user, and disable the current NFC card swipe operation when determining that the current NFC card swipe operation belongs to the scenario restricted by the swipe card restriction information.
其中,该方法还包括:Wherein, the method further comprises:
在确定当前NFC刷卡操作不属于所述刷卡限制信息所限制的场景时,允许当前NFC刷卡操作。The current NFC card swipe operation is allowed when it is determined that the current NFC card swipe operation does not belong to the scene limited by the swipe restriction information.
其中,用户设定的刷卡限制信息包括:用户设定的允许刷卡操作的空间区域信息和/或时间信息。The card restriction information set by the user includes: spatial area information and/or time information set by the user to allow the card swipe operation.
其中,获取当前NFC刷卡操作的场景信息包括:The scene information of the current NFC card swipe operation includes:
获取当前NFC刷卡操作发生的空间区域信息和/或时间信息; Obtaining spatial area information and/or time information of the current NFC card swipe operation;
其中,获取当前NFC刷卡操作发生的空间区域信息包括:The information about the spatial area where the current NFC card swipe operation occurs includes:
对移动终端进行定位,获取移动终端当前的位置,将移动终端当前的位置信息作为当前NFC刷卡操作发生的空间区域信息;Positioning the mobile terminal, obtaining the current location of the mobile terminal, and using the current location information of the mobile terminal as the spatial area information of the current NFC card swipe operation;
优选地,对移动终端进行定位包括:通过辅助全球卫星定位系统(Assisted Global Positioning System,AGPS)对移动终端进行定位。Preferably, the positioning of the mobile terminal comprises: locating the mobile terminal by assisting an Assisted Global Positioning System (AGPS).
其中,获取用户设定的刷卡限制信息包括:从移动终端本地或运营商服务器上获取用户设定的刷卡限制信息。The obtaining the card restriction information set by the user includes: acquiring the card restriction information set by the user from the mobile terminal local or the operator server.
其中,在步骤S10之前,还包括:Wherein, before step S10, the method further includes:
S00,在检测到用户在移动终端上设置刷卡限制信息后,将所述刷卡限制信息保存在移动终端上和/或上传到运营商服务器上;S00, after detecting that the user sets the card restriction information on the mobile terminal, saving the card restriction information on the mobile terminal and/or uploading to the operator server;
其中,该方法还包括:Wherein, the method further comprises:
接收到运营商服务器发送的更新后的刷卡限制信息后,更新本地保存的刷卡限制信息。After receiving the updated card restriction information sent by the operator server, the locally saved card restriction information is updated.
可以看出,用户可以在本地(移动终端上)或是运营商服务器侧保存这些时间和空间限制数据,这各有优缺点。在本地保存后,用户的每次刷卡操作都无需进行额外的流量交互,方便快捷,但是,用户如果要在移动终端上修改(或重新设置)刷卡限制信息,则需要输入口令,也即,刷卡限制信息的设置或重置需要密码保护。在运营商服务器侧保存,一方面便于刷卡限制信息与手机号进行关联,比如,用户把SIM卡从手机A更换到手机B上,手机B无需设置仍然能够继承之前的刷卡限制。另一方面,用户在运营商服务器上对NFC刷卡的时间和空间限制进行修改(例如:把允许刷卡的时间和空间重置为空以直接关闭刷卡功能),然后通过运营商服务器通知移动终端更新刷卡保护信息,防止盗刷。It can be seen that the user can save these time and space limit data locally (on the mobile terminal) or on the operator server side, which have advantages and disadvantages. After saving locally, the user does not need to perform additional traffic interaction every time, which is convenient and fast. However, if the user wants to modify (or reset) the card restriction information on the mobile terminal, the password needs to be entered, that is, the card is swiped. Restriction information settings or resets require password protection. On the operator server side, on the one hand, it is convenient to associate the card restriction information with the mobile phone number. For example, the user replaces the SIM card from the mobile phone A to the mobile phone B, and the mobile phone B can still inherit the previous credit card restriction without setting. On the other hand, the user modifies the time and space restrictions of the NFC card on the carrier server (for example, resetting the time and space for permitting the card to be empty to directly turn off the card swipe function), and then notifying the mobile terminal of the update through the carrier server. Swipe the card to protect the information and prevent theft.
其中,确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景,包括:The scenario that the current NFC card swipe operation belongs to the card limit information is determined, including:
如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,则判定当前NFC刷卡操作属于NFC盗刷行为;或者If the space area where the current NFC card swipe operation occurs is outside the range of the space area set by the user that allows the card swipe operation, it is determined that the current NFC swipe operation belongs to the NFC stealing behavior; or
如当前NFC刷卡操作发生的时间在用户设定的允许刷卡操作的时间的范 围外,则判定当前NFC刷卡操作属于NFC盗刷行为;或者For example, the time when the current NFC card swipe operation occurs is the time set by the user to allow the card swipe operation. Outside, it is determined that the current NFC card swipe operation belongs to NFC stealing behavior; or
如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,并且当前NFC刷卡操作发生的时间在用户设定的允许刷卡操作的时间的范围外,则判定当前NFC刷卡操作属于NFC盗刷行为。If the current NFC card swiping operation occurs outside the range of the space area set by the user for allowing the card swipe operation, and the current NFC swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, the current NFC is determined. The card swipe operation belongs to the NFC stealing behavior.
其中,在步骤S30后,还包括:After step S30, the method further includes:
S40,生成当前NFC刷卡操作的记录,将所述记录保存在移动终端上和/或上传给运营商服务器;S40. Generate a record of the current NFC card swipe operation, save the record on the mobile terminal, and/or upload the file to the operator server.
其中,所述记录包括:允许或禁止NFC刷卡操作的信息、和当前NFC刷卡操作的场景信息。The record includes: information for enabling or disabling the NFC card swipe operation, and scene information of the current NFC card swipe operation.
上述方法中,当已被设置所述时间或空间限定的NFC手机在对应时间或空间之外进行刷卡时,刷卡操作被禁止,同时会以各种方式通知网络侧和用户。In the above method, when the NFC mobile phone that has been set to the time or space is swiped outside the corresponding time or space, the card swipe operation is prohibited, and the network side and the user are notified in various ways.
在一种实施方式中,用户每次启动NFC刷卡操作后,无论NFC刷卡是允许的还是被禁止的,最终都生成NFC刷卡操作记录,所述记录保存在移动终端上和/或上传给运营商服务器;在另一种实施方式中,仅在NFC刷卡操作被禁止后,才生成NFC刷卡操作记录,所述记录保存在移动终端上和/或上传给运营商服务器。In one embodiment, each time the user initiates the NFC card swiping operation, whether the NFC card is allowed or disabled, the NFC swipe operation record is finally generated, and the record is saved on the mobile terminal and/or uploaded to the operator. Server; in another embodiment, the NFC card swipe operation record is generated only after the NFC card swipe operation is disabled, the record being saved on the mobile terminal and/or uploaded to the operator server.
如图2所示,本发明实施例提供了一种对近场通信刷卡进行安全保护的系统,该系统包括:As shown in FIG. 2, an embodiment of the present invention provides a system for security protection of a near field communication card, the system comprising:
刷卡操作检测模块,设置为检测到用户启动NFC刷卡操作后,获取当前NFC刷卡操作的场景信息;The card operation detecting module is configured to: after detecting that the user initiates the NFC card swiping operation, obtain the scene information of the current NFC card swiping operation;
参考信息获取模块,设置为获取用户设定的刷卡限制信息;The reference information obtaining module is configured to obtain the card restriction information set by the user;
判断及处理模块,设置为将当前NFC刷卡操作的场景信息与用户设定的刷卡限制信息进行比对,在确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景时,禁止当前NFC刷卡操作。The determining and processing module is configured to compare the scene information of the current NFC card swiping operation with the swipe card restriction information set by the user, and prohibit the current NFC card swiping operation when determining that the current NFC card swiping operation belongs to the scene limited by the swipe card restriction information. .
其中,among them,
判断及处理模块,还设置为在确定当前NFC刷卡操作不属于所述刷卡限制信息所限制的场景时,允许当前NFC刷卡操作。 The determining and processing module is further configured to allow the current NFC card swipe operation when determining that the current NFC card swipe operation does not belong to the scene limited by the swipe restriction information.
其中,用户设定的刷卡限制信息包括:用户设定的允许刷卡操作的空间区域信息和/或时间信息。The card restriction information set by the user includes: spatial area information and/or time information set by the user to allow the card swipe operation.
其中,参考信息获取模块是设置为通过以下方式获取当前NFC刷卡操作的场景信息:The reference information obtaining module is configured to obtain scene information of the current NFC card swiping operation by:
获取当前NFC刷卡操作发生的空间区域信息和/或时间信息;Obtaining spatial area information and/or time information of the current NFC card swipe operation;
其中,获取当前NFC刷卡操作发生的空间区域信息的方式包括:The manner of obtaining the spatial area information of the current NFC card swipe operation includes:
对移动终端进行定位,获取移动终端当前的位置,将移动终端当前的位置信息作为当前NFC刷卡操作发生的空间区域信息。The mobile terminal is located to obtain the current location of the mobile terminal, and the current location information of the mobile terminal is used as the spatial area information of the current NFC card swipe operation.
优选地,对移动终端进行定位的方式包括:通过辅助全球卫星定位系统(Assisted Global Positioning System,AGPS)对移动终端进行定位。Preferably, the manner of positioning the mobile terminal comprises: locating the mobile terminal by assisting an Assisted Global Positioning System (AGPS).
其中,参考信息获取模块是设置为通过以下方式获取用户设定的刷卡限制信息:从移动终端本地或运营商服务器上获取用户设定的刷卡限制信息。The reference information obtaining module is configured to obtain the user-set credit card restriction information by acquiring the user-set credit card restriction information from the mobile terminal local or the operator server.
其中,该系统还包括:Among them, the system also includes:
刷卡限制设置模块,设置为在检测到用户在移动终端上设置刷卡限制信息后,将所述刷卡限制信息保存在移动终端上和/或上传到运营商服务器上;The card restriction setting module is configured to save the card restriction information on the mobile terminal and/or upload to the operator server after detecting that the user sets the card restriction information on the mobile terminal;
其中,刷卡限制设置模块,还设置为接收到运营商服务器发送的更新后的刷卡场景限制信息后,更新本地保存的刷卡限制信息。The card restriction setting module is further configured to: after receiving the updated card scene restriction information sent by the operator server, update the locally saved card restriction information.
其中,判断及处理模块是设置为通过以下方式确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景:The determining and processing module is configured to determine, by using the following manner, that the current NFC card swipe operation belongs to the scenario restricted by the swipe restriction information:
如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景;或者If the space area where the current NFC card swipe operation occurs is outside the range of the space area set by the user that allows the card swipe operation, it is determined that the current NFC swipe operation belongs to the scene limited by the swipe restriction information; or
如当前NFC刷卡操作发生的时间在用户设定的允许刷卡操作的时间的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景;或者If the current NFC card swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, it is determined that the current NFC swipe operation belongs to the scene limited by the swipe restriction information; or
如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,并且当前NFC刷卡操作发生的时间在用户设定的允许刷卡操作的时间的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限 制的场景。If the current NFC card swiping operation occurs outside the range of the space area set by the user for allowing the card swipe operation, and the current NFC swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, the current NFC is determined. The card swipe operation belongs to the card restriction information Scene.
其中,该系统还包括:Among them, the system also includes:
刷卡记录模块,设置为生成当前NFC刷卡操作的记录,将所述记录保存在移动终端上和/或上传给运营商服务器;The card recording module is configured to generate a record of the current NFC card swiping operation, save the record on the mobile terminal, and/or upload to the operator server;
其中,所述记录包括:允许或禁止NFC刷卡操作的信息、和当前NFC刷卡操作的场景信息。The record includes: information for enabling or disabling the NFC card swipe operation, and scene information of the current NFC card swipe operation.
图3是本发明实施例通过辅助全球卫星定位系统AGPS定位数据进行NFC刷卡操作限制的流程图,如图3所示,当用户决定启动NFC刷卡操作后,立即从AGPS定位模块获取当前的定位位置。获得了定位位置后,与之前设置好的允许NFC刷卡操作的范围进行比对,如获取的定位位置位于允许的范围内,则开启NFC射频,允许刷卡操作。如获取的定位位置不在允许的范围内,则判定为盗刷卡,不允许用户刷卡。3 is a flow chart of limiting NFC card swipe operation by assisting global satellite positioning system AGPS positioning data according to an embodiment of the present invention. As shown in FIG. 3, when the user decides to start the NFC card swiping operation, the current positioning position is obtained from the AGPS positioning module. . After the positioning position is obtained, the range of the previously set NFC card-sending operation is compared. If the obtained positioning position is within the allowable range, the NFC radio is turned on to allow the card to be operated. If the obtained positioning position is not within the allowable range, it is determined that the card is stolen, and the user is not allowed to swipe the card.
图4是本发明实施例设置刷卡允许空间区域的示意图,如图4所示,用户在设置NFC刷卡允许区域时,屏幕上调出手机地图界面并在地图上完成对自身位置的定位。用户可以:通过触屏操作缩放地图以选择更大的范围,在触屏上划出矩形区域,该矩形区域为用户设置的刷卡允许区域范围。其中,界面上提供“取消限制”的选项,用户可以通过触摸“取消限制”来取消掉关于NFC刷卡的限制,使之在任何地方刷卡都不会被禁止。界面上还提供“保存”选项用于保存用户设置的信息。4 is a schematic diagram of setting a space for permitting a card in the embodiment of the present invention. As shown in FIG. 4, when the user sets an NFC card-enabled area, the screen is called up on the screen and the position of the location is completed on the map. The user can: zoom the map by touch screen operation to select a larger range, and draw a rectangular area on the touch screen, the rectangular area is the range of the allowed area of the card set by the user. Among them, the option of “unrestricted” is provided on the interface, and the user can cancel the restriction on the NFC card by touching “cancel the restriction”, so that the card is not prohibited anywhere. The "Save" option is also available on the interface for saving user settings.
可选的,用户可以直接输入行政或街道区域作为选择,比如,只允许在成都市区内进行刷卡操作,此时手机后台自动确定所输入的内容对应的区域。Optionally, the user can directly input the administrative or street area as a selection. For example, only the card swiping operation is allowed in the Chengdu area, and the mobile phone background automatically determines the area corresponding to the input content.
当用户选定区域并选择保存后,所述的刷卡允许空间区域信息可以保存在手机端并生效,也可以保存在网络侧。After the user selects the area and selects to save, the swipe card allows the space area information to be saved on the mobile phone side and is valid, and can also be saved on the network side.
本发明的实施例不仅可以从空间上限制NFC功能的有效性,也可以从时间上加以限制以进一步增强NFC刷卡操作的安全性。如图5所示,是本发明实施例同时进行空间与时间限制的系统结构示意图。所述系统结构分为NFC 安全管理模块、AGPS模块、日程模块和NFC应用模块四个部分。NFC安全管理模块负责设置和保存允许刷卡操作的空间和时间,并将所述空间数据传递给AGPS模块,将所述时间数据传递给日程模块。用户每次启动NFC刷卡功能时,NFC应用模块会自动调用AGPS模块进行定位,同时取出手机的当前时间,将定位结果和当前时间与预设的允许刷卡的AGPS定位位置区域和日程模块中存储的允许刷卡时间范围进行比对,如两者都符合预设规则,则允许本次NFC刷卡操作,如两者其中之一不符合预设规则,拒绝本次刷卡操作,同时以预定方式将盗刷信息,以及本次的位置和时间通知用户或运营商,如通过email,短信等进行通知。Embodiments of the present invention can not only spatially limit the effectiveness of the NFC function, but can also be limited in time to further enhance the security of the NFC card swipe operation. As shown in FIG. 5, it is a schematic structural diagram of a system for simultaneously performing space and time limitation in the embodiment of the present invention. The system structure is divided into NFC The security management module, the AGPS module, the schedule module, and the NFC application module are four parts. The NFC security management module is responsible for setting and saving the space and time for allowing the card swipe operation, and transferring the spatial data to the AGPS module to pass the time data to the schedule module. Each time the user starts the NFC card swiping function, the NFC application module will automatically call the AGPS module to locate, and at the same time take out the current time of the mobile phone, and store the positioning result and the current time with the preset AGPS positioning location area and the schedule module of the allowed card swiping. Allow the card time range to be compared. If both of them meet the preset rules, the NFC card swipe operation is allowed. If one of the two does not meet the preset rules, the card swipe operation is rejected, and the stolen brush is determined in a predetermined manner. The information, as well as the location and time of this time, inform the user or the operator, such as by email, SMS, etc.
在图5所述的方式中,允许刷卡操作的空间和时间数据都被保存在了移动终端中的“NFC安全管理模块”中,这种实施方式的优点在于每次NFC刷卡之前只需要从终端内部取得数据进行比对即可,简化了流程并节省了用户的流量。另外,当用户更换了SIM卡(也就是更换了号码),手机上的刷卡限制设置仍然会起作用。In the manner described in FIG. 5, the space and time data allowing the card swipe operation are saved in the "NFC Security Management Module" in the mobile terminal. The advantage of this embodiment is that only the slave terminal is required before each NFC card swipe. Internally obtained data can be compared, which simplifies the process and saves user traffic. In addition, when the user replaces the SIM card (that is, the number is changed), the swipe limit setting on the phone still works.
图6是本发明实施例在运营商服务器侧存储允许刷卡的时间和空间数据的流程图,结合图6说明如下:FIG. 6 is a flow chart of storing time and space data for permitting card swipe on the operator server side according to an embodiment of the present invention, which is described below in conjunction with FIG. 6:
1)用户在移动终端上输入NFC刷卡空间和时间的限制数据后,该数据被同步发送到了网络侧。为了安全起见,在手机侧不做存储。1) After the user inputs the NFC credit card space and time limit data on the mobile terminal, the data is synchronously transmitted to the network side. For security reasons, do not store on the phone side.
2)当用户启动NFC刷卡操作时,主动向网络侧要求传递空间和时间限制数据,同时,启动自己的AGPS定位并取当前时间。2) When the user initiates the NFC card swiping operation, it actively requests the network side to transmit the space and time limit data, and at the same time, starts its own AGPS positioning and takes the current time.
3)移动终端收到网络侧传递的空间和时间数据后,与本机获得的定位结果和时间进行比对。如果本机定位结果与时间在允许范围内,则启动NFC刷卡操作,如果本机定位结果或时间不在允许范围内,不允许NFC刷卡操作。3) After receiving the space and time data transmitted by the network side, the mobile terminal compares with the positioning result and time obtained by the local machine. If the local positioning result and time are within the allowable range, the NFC card swipe operation is started. If the local positioning result or time is not within the allowable range, the NFC card swipe operation is not allowed.
4)移动终端将本次NFC是否成功启动,以及定位和时间信息发送到网络侧保存。4) The mobile terminal will successfully start the NFC, and the positioning and time information will be sent to the network side for saving.
可以看出,用户能够在运营商侧对所述时间和空间限制基准数据进行修改。这样一旦用户发现手机丢失,可以立即通知运营商修改时间和空间限制信息,直接限制NFC功能,然后运营商服务器将修改后的刷卡限制信息同步 到手机,实现防止盗刷的效果。It can be seen that the user can modify the time and space limit reference data on the operator side. In this way, once the user finds that the mobile phone is lost, the operator can immediately notify the operator to modify the time and space restriction information, directly limit the NFC function, and then the operator server synchronizes the modified credit card restriction information. Go to the phone to achieve the effect of preventing theft.
图6所述流程具有诸多优点,由于NFC定位不成功时网络侧也能收到终端的定位和时间信息,这样用户在被盗刷后能够通过运营商获取盗刷的时间和地点,有利于自我权益的保护。其次刷卡数据的收集有利于运营商进一步进行数据汇总和分析,形成大数据而进一步产生价值。The process described in FIG. 6 has many advantages. The network side can also receive the positioning and time information of the terminal when the NFC positioning is unsuccessful, so that the user can obtain the time and place of the stolen brush through the operator after being stolen, which is beneficial to the self. Protection of rights. Secondly, the collection of credit card data is beneficial for operators to further summarize and analyze data to form big data and further generate value.
上述实施例提供的一种对近场通信刷卡进行安全保护的方法和系统,通过将当前NFC刷卡操作的场景信息与用户设定的刷卡限制信息进行比对,在确定当前NFC刷卡操作属于刷卡限制信息所限制的场景时,禁止当前NFC刷卡操作,能够降低NFC盗刷风险,提高NFC刷卡的安全性。The method and system for protecting the near field communication card by the above embodiment provide a comparison between the scene information of the current NFC card swipe operation and the card swiping restriction information set by the user, and determine that the current NFC card swipe operation belongs to the swipe card limit. When the information is restricted, the current NFC card swipe operation is prohibited, which can reduce the risk of NFC stealing and improve the security of the NFC card.
本发明的技术方案与相关技术方案最大的区别在于发生刷卡时,需要同步进行定位和取时间操作,一方面这能够保证刷卡的合法性以防止不法分子在用户不常使用NFC消费功能的区域和时间进行盗刷。另一方面,如果刷卡时的位置和时间数据被妥善保存和分析,能够形成作用强大的海量消费数据,在大数据时代产生不可估量的价值。The biggest difference between the technical solution of the present invention and the related technical solutions is that when the card is swiped, the positioning and the time taking operation need to be performed synchronously. On the one hand, the legality of the card swiping can be ensured to prevent the illegal elements in the area where the user does not frequently use the NFC consumption function and Time to steal. On the other hand, if the location and time data at the time of swiping are properly preserved and analyzed, it can form powerful consumption data, which is invaluable in the era of big data.
本发明实施例的技术方案能够适用于所有NFC刷卡消费的技术分支,但特别适用于HCE方案,这是因为HCE方案中并没有特别的SE保护,更需要在NFC本身的功能之外结合手机中的其它业务提供额外的安全保护。相信随着NFC刷卡消费功能的不断拓展和推广,本发明的技术方案会有广阔的商用前景。The technical solution of the embodiment of the present invention can be applied to all technical branches of NFC card consumption, but is particularly applicable to the HCE solution, because there is no special SE protection in the HCE solution, and it is necessary to combine the functions of the NFC itself in the mobile phone. Other services provide additional security. It is believed that with the continuous expansion and promotion of the NFC card consumption function, the technical solution of the present invention has broad commercial prospects.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序来指令相关硬件完成,所述程序可以存储于计算机可读存储介质中,如只读存储器、磁盘或光盘等。可选地,上述实施例的全部或部分步骤也可以使用一个或多个集成电路来实现,相应地,上述实施例中的各模块/单元可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。本发明不限制于任何特定形式的硬件和软件的结合。One of ordinary skill in the art will appreciate that all or a portion of the steps described above can be accomplished by a program that instructs the associated hardware, such as a read-only memory, a magnetic or optical disk, and the like. Optionally, all or part of the steps of the foregoing embodiments may also be implemented by using one or more integrated circuits. Accordingly, each module/unit in the foregoing embodiment may be implemented in the form of hardware, or may be implemented by using a software function module. Formal realization. The invention is not limited to any specific form of combination of hardware and software.
需要说明的是,本发明还可有其他多种实施例,在不背离本发明精神及 其实质的情况下,熟悉本领域的技术人员可根据本发明作出各种相应的改变和变形,但这些相应的改变和变形都应属于本发明所附的权利要求的保护范围。It should be noted that the present invention may have other various embodiments without departing from the spirit of the present invention. In the present invention, those skilled in the art can make various changes and modifications in accordance with the present invention, and the corresponding changes and modifications are intended to fall within the scope of the appended claims.
工业实用性Industrial applicability
本发明实施例的技术方案能够适用于所有NFC刷卡消费的技术分支,但特别适用于HCE方案,这是因为HCE方案中并没有特别的SE保护,更需要在NFC本身的功能之外结合手机中的其它业务提供额外的安全保护。相信随着NFC刷卡消费功能的不断拓展和推广,本发明的技术方案会有广阔的商用前景。 The technical solution of the embodiment of the present invention can be applied to all technical branches of NFC card consumption, but is particularly applicable to the HCE solution, because there is no special SE protection in the HCE solution, and it is necessary to combine the functions of the NFC itself in the mobile phone. Other services provide additional security. It is believed that with the continuous expansion and promotion of the NFC card consumption function, the technical solution of the present invention has broad commercial prospects.

Claims (16)

  1. 一种对近场通信刷卡进行安全保护的方法,该方法包括:A method for security protection of a near field communication card, the method comprising:
    检测到用户启动近场通信NFC刷卡操作后,获取当前NFC刷卡操作的场景信息;After detecting the NFC card swiping operation of the near field communication, the user obtains the scene information of the current NFC card swiping operation;
    获取用户设定的刷卡限制信息;Obtaining the card restriction information set by the user;
    将当前NFC刷卡操作的场景信息与用户设定的刷卡限制信息进行比对,在确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景时,禁止当前NFC刷卡操作。The scenario information of the current NFC card swipe operation is compared with the card swiping restriction information set by the user. When it is determined that the current NFC card swipe operation belongs to the scenario restricted by the swipe card restriction information, the current NFC card swipe operation is prohibited.
  2. 如权利要求1所述的方法,其中:The method of claim 1 wherein:
    用户设定的刷卡限制信息包括:用户设定的允许刷卡操作的空间区域信息和/或时间信息。The user-set credit card restriction information includes: spatial area information and/or time information set by the user to allow the card swipe operation.
  3. 如权利要求2所述的方法,其中:The method of claim 2 wherein:
    所述获取当前NFC刷卡操作的场景信息的步骤包括:The step of acquiring the scenario information of the current NFC card swipe operation includes:
    获取当前NFC刷卡操作发生的空间区域信息和/或时间信息;Obtaining spatial area information and/or time information of the current NFC card swipe operation;
    其中,所述获取当前NFC刷卡操作发生的空间区域信息的步骤包括:The step of acquiring the spatial area information of the current NFC card swipe operation includes:
    对移动终端进行定位,获取移动终端当前的位置,将移动终端当前的位置信息作为当前NFC刷卡操作发生的空间区域信息。The mobile terminal is located to obtain the current location of the mobile terminal, and the current location information of the mobile terminal is used as the spatial area information of the current NFC card swipe operation.
  4. 如权利要求3所述的方法,其中:The method of claim 3 wherein:
    所述确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景的步骤包括:The step of determining that the current NFC card swipe operation belongs to the scenario restricted by the swipe restriction information includes:
    如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景;或者If the space area where the current NFC card swipe operation occurs is outside the range of the space area set by the user that allows the card swipe operation, it is determined that the current NFC swipe operation belongs to the scene limited by the swipe restriction information; or
    如当前NFC刷卡操作发生的时间在用户设定的允许刷卡操作的时间的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景;或者If the current NFC card swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, it is determined that the current NFC swipe operation belongs to the scene limited by the swipe restriction information; or
    如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,并且当前NFC刷卡操作发生的时间在用户设定的允许刷卡 操作的时间的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景。For example, the space area where the current NFC card swipe operation occurs is outside the range of the space area set by the user for allowing the card swipe operation, and the time when the current NFC card swipe operation occurs is allowed to be swiped by the user. Outside the range of the operation time, it is determined that the current NFC card swipe operation belongs to the scene limited by the swipe restriction information.
  5. 如权利要求1所述的方法,还包括:The method of claim 1 further comprising:
    在检测到用户在移动终端上设置刷卡限制信息后,将所述刷卡限制信息保存在移动终端上和/或上传到运营商服务器上。After detecting that the user sets the card restriction information on the mobile terminal, the card restriction information is saved on the mobile terminal and/or uploaded to the operator server.
  6. 如权利要求5所述的方法,其中:The method of claim 5 wherein:
    所述获取用户设定的刷卡限制信息的步骤包括:从移动终端本地或运营商服务器上获取用户设定的刷卡限制信息。The step of obtaining the user-set credit card restriction information includes: acquiring the user-set credit card restriction information from the mobile terminal local or the operator server.
  7. 如权利要求1所述的方法,其中,所述禁止当前NFC刷卡操作的步骤之后,还包括:The method of claim 1, wherein after the step of disabling the current NFC card swipe operation, the method further comprises:
    生成当前NFC刷卡操作的记录,将所述记录保存在移动终端上和/或上传给运营商服务器;Generating a record of the current NFC card swipe operation, saving the record on the mobile terminal and/or uploading to the operator server;
    其中,所述记录包括:禁止NFC刷卡操作的信息和当前NFC刷卡操作的场景信息。The record includes: information for prohibiting the NFC card swipe operation and scene information of the current NFC card swipe operation.
  8. 一种对近场通信刷卡进行安全保护的系统,该系统包括:A system for securing a near field communication card, the system comprising:
    刷卡操作检测模块,设置为检测到用户启动近场通信NFC刷卡操作后,获取当前NFC刷卡操作的场景信息;The card operation detecting module is configured to acquire the scene information of the current NFC card swiping operation after detecting that the user initiates the NFC card swiping operation of the near field communication;
    参考信息获取模块,设置为获取用户设定的刷卡限制信息;The reference information obtaining module is configured to obtain the card restriction information set by the user;
    判断及处理模块,设置为将当前NFC刷卡操作的场景信息与用户设定的刷卡限制信息进行比对,在确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景时,禁止当前NFC刷卡操作。The determining and processing module is configured to compare the scene information of the current NFC card swiping operation with the swipe card restriction information set by the user, and prohibit the current NFC card swiping operation when determining that the current NFC card swiping operation belongs to the scene limited by the swipe card restriction information. .
  9. 如权利要求8所述的系统,其中:The system of claim 8 wherein:
    用户设定的刷卡限制信息包括:用户设定的允许刷卡操作的空间区域信息和/或时间信息。The user-set credit card restriction information includes: spatial area information and/or time information set by the user to allow the card swipe operation.
  10. 如权利要求9所述的系统,其中:The system of claim 9 wherein:
    所述参考信息获取模块是设置为通过以下方式获取当前NFC刷卡操作的场景信息: The reference information obtaining module is configured to obtain scene information of a current NFC card swipe operation by:
    获取当前NFC刷卡操作发生的空间区域信息和/或时间信息;Obtaining spatial area information and/or time information of the current NFC card swipe operation;
    其中,获取当前NFC刷卡操作发生的空间区域信息的方式包括:The manner of obtaining the spatial area information of the current NFC card swipe operation includes:
    对移动终端进行定位,获取移动终端当前的位置,将移动终端当前的位置信息作为当前NFC刷卡操作发生的空间区域信息。The mobile terminal is located to obtain the current location of the mobile terminal, and the current location information of the mobile terminal is used as the spatial area information of the current NFC card swipe operation.
  11. 如权利要求10所述的系统,其特征在于:The system of claim 10 wherein:
    所述判断及处理模块是设置为通过以下方式确定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景:The determining and processing module is configured to determine that the current NFC card swipe operation belongs to the scenario restricted by the swipe restriction information by:
    如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景;或者If the space area where the current NFC card swipe operation occurs is outside the range of the space area set by the user that allows the card swipe operation, it is determined that the current NFC swipe operation belongs to the scene limited by the swipe restriction information; or
    如当前NFC刷卡操作发生的时间在用户设定的允许刷卡操作的时间的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景;或者If the current NFC card swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, it is determined that the current NFC swipe operation belongs to the scene limited by the swipe restriction information; or
    如当前NFC刷卡操作发生的空间区域位于用户设定的允许刷卡操作的空间区域的范围外,并且当前NFC刷卡操作发生的时间在用户设定的允许刷卡操作的时间的范围外,则判定当前NFC刷卡操作属于所述刷卡限制信息所限制的场景。If the current NFC card swiping operation occurs outside the range of the space area set by the user for allowing the card swipe operation, and the current NFC swipe operation occurs outside the range of the time allowed by the user to allow the swipe operation, the current NFC is determined. The swipe operation belongs to a scene limited by the swipe restriction information.
  12. 如权利要求8所述的系统,还包括:The system of claim 8 further comprising:
    刷卡限制设置模块,设置为在检测到用户在移动终端上设置刷卡限制信息后,将所述刷卡限制信息保存在移动终端上和/或上传到运营商服务器上。The card restriction setting module is configured to save the card restriction information on the mobile terminal and/or upload to the operator server after detecting that the user sets the card restriction information on the mobile terminal.
  13. 如权利要求12所述的系统,其中:The system of claim 12 wherein:
    所述参考信息获取模块是设置为通过以下方式获取用户设定的刷卡限制信息:从移动终端本地或运营商服务器上获取用户设定的刷卡限制信息。The reference information obtaining module is configured to obtain the user-set credit card restriction information by acquiring the user-set credit card restriction information from the mobile terminal local or the operator server.
  14. 如权利要求8所述的系统,还包括:The system of claim 8 further comprising:
    刷卡记录模块,设置为生成当前NFC刷卡操作的记录,将所述记录保存在移动终端上和/或上传给运营商服务器;The card recording module is configured to generate a record of the current NFC card swiping operation, save the record on the mobile terminal, and/or upload to the operator server;
    其中,所述记录包括:禁止NFC刷卡操作的信息、和当前NFC刷卡操作的场景信息。 The record includes: information for prohibiting the NFC card swipe operation, and scene information of the current NFC card swipe operation.
  15. 如权利要求12所述的系统,其中:The system of claim 12 wherein:
    所述刷卡限制设置模块,还设置为接收到运营商服务器发送的更新后的刷卡场景限制信息后,更新本地保存的刷卡限制信息。The card restriction setting module is further configured to: after receiving the updated card scene restriction information sent by the operator server, update the locally saved card restriction information.
  16. 一种计算机可读存储介质,存储有程序指令,当该程序指令被执行时可实现权利要求1-7任一项所述的方法。 A computer readable storage medium storing program instructions that, when executed, implement the method of any of claims 1-7.
PCT/CN2015/072689 2014-09-25 2015-02-10 Method and system for security protection of near field communication card swiping WO2015131747A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410499690.XA CN105512892A (en) 2014-09-25 2014-09-25 Safety protection method and system for NFC (Near Field Communication) card brushing
CN201410499690.X 2014-09-25

Publications (1)

Publication Number Publication Date
WO2015131747A1 true WO2015131747A1 (en) 2015-09-11

Family

ID=54054584

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/072689 WO2015131747A1 (en) 2014-09-25 2015-02-10 Method and system for security protection of near field communication card swiping

Country Status (2)

Country Link
CN (1) CN105512892A (en)
WO (1) WO2015131747A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11004061B2 (en) 2006-09-24 2021-05-11 Rfcyber Corporation Method and apparatus for payments between two mobile devices
CN113992790A (en) * 2021-09-29 2022-01-28 长江勘测规划设计研究有限责任公司 NFC virtual card intelligent switching method and system on mobile intelligent device and application

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106127487A (en) * 2016-08-26 2016-11-16 成都市硕达科技股份有限公司 A kind of illegal safe preservation system and using method thereof
CN108604342B (en) * 2017-01-20 2022-04-12 华为技术有限公司 NFC-based data transmission method and mobile device
CN107330687A (en) * 2017-06-06 2017-11-07 深圳市金立通信设备有限公司 A kind of near field payment method and terminal

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101499153A (en) * 2008-12-26 2009-08-05 北京握奇数据系统有限公司 Method and device for implementing security mobile payment
CN102790632A (en) * 2011-05-19 2012-11-21 深圳富泰宏精密工业有限公司 Mobile equipment having near field communication protection function and protection method for mobile equipment
US20130124346A1 (en) * 2011-11-14 2013-05-16 At&T Intellectual Property I, L.P. Security Token for Mobile Near Field Communication Transactions
CN103186945A (en) * 2011-12-31 2013-07-03 国民技术股份有限公司 Mobile payment terminal and mobile payment method
CN103377517A (en) * 2012-04-18 2013-10-30 深圳长城开发科技股份有限公司 Payment terminal and method for executing payment of payment card by same
CN103778533A (en) * 2012-10-23 2014-05-07 三星电子株式会社 System for performing payment in mobile terminal
CN103778730A (en) * 2013-12-31 2014-05-07 宇龙计算机通信科技(深圳)有限公司 Method for improving near field communication payment security of mobile terminal, system and terminal thereof

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101499153A (en) * 2008-12-26 2009-08-05 北京握奇数据系统有限公司 Method and device for implementing security mobile payment
CN102790632A (en) * 2011-05-19 2012-11-21 深圳富泰宏精密工业有限公司 Mobile equipment having near field communication protection function and protection method for mobile equipment
US20130124346A1 (en) * 2011-11-14 2013-05-16 At&T Intellectual Property I, L.P. Security Token for Mobile Near Field Communication Transactions
CN103186945A (en) * 2011-12-31 2013-07-03 国民技术股份有限公司 Mobile payment terminal and mobile payment method
CN103377517A (en) * 2012-04-18 2013-10-30 深圳长城开发科技股份有限公司 Payment terminal and method for executing payment of payment card by same
CN103778533A (en) * 2012-10-23 2014-05-07 三星电子株式会社 System for performing payment in mobile terminal
CN103778730A (en) * 2013-12-31 2014-05-07 宇龙计算机通信科技(深圳)有限公司 Method for improving near field communication payment security of mobile terminal, system and terminal thereof

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11004061B2 (en) 2006-09-24 2021-05-11 Rfcyber Corporation Method and apparatus for payments between two mobile devices
CN113992790A (en) * 2021-09-29 2022-01-28 长江勘测规划设计研究有限责任公司 NFC virtual card intelligent switching method and system on mobile intelligent device and application

Also Published As

Publication number Publication date
CN105512892A (en) 2016-04-20

Similar Documents

Publication Publication Date Title
US10447839B2 (en) Device locator disable authentication
CN108307674B (en) Method and equipment for guaranteeing terminal safety
WO2015131747A1 (en) Method and system for security protection of near field communication card swiping
KR102622185B1 (en) Mobile payment devices and mobile payment systems
US10462647B2 (en) Communication control method and apparatus, terminal, and network platform
US8903359B2 (en) Mobile device and NFC service protection method of the mobile device
US20150347786A1 (en) Secure storage of an electronic subscriber identity module on a wireless communication device
US9891969B2 (en) Method and apparatus for device state based encryption key
EP3401823B1 (en) Security verification method and device for smart card application
US9940448B2 (en) Unlock processing method and device
EP3716185A1 (en) Apparatus and method for payment
JP6858256B2 (en) Payment application separation methods and devices, as well as terminals
US10592679B2 (en) Support for changing encryption classes of files
EP3239841B1 (en) Method and device for managing application program
US20230229760A1 (en) Mobile device with secure private memory
US20150094023A1 (en) Retroactively Securing a Mobile Device From a Remote Source
CN104424028A (en) Terminal device and switching method thereof
US20230122885A1 (en) Provisioning credentials on multiple electronic devices
WO2016202108A1 (en) Nfc payment method, nfc payment system and mobile terminal
CN103870755A (en) Method and device for transferring files between multiple users of same electronic device
CN113168477A (en) Data processing method, device and system chip
CN107305608A (en) The management method and device of terminal device
CN107105156B (en) picture management method and mobile terminal
EP3662399B1 (en) Electronic device and control method thereof
US20190180257A1 (en) Mobile terminal and method for controlling same

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15758112

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15758112

Country of ref document: EP

Kind code of ref document: A1