WO2015161690A1 - Procédé et système d'interaction de données sécurisées - Google Patents

Procédé et système d'interaction de données sécurisées Download PDF

Info

Publication number
WO2015161690A1
WO2015161690A1 PCT/CN2015/071199 CN2015071199W WO2015161690A1 WO 2015161690 A1 WO2015161690 A1 WO 2015161690A1 CN 2015071199 W CN2015071199 W CN 2015071199W WO 2015161690 A1 WO2015161690 A1 WO 2015161690A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
terminal
cryptographic device
smart cryptographic
smart
Prior art date
Application number
PCT/CN2015/071199
Other languages
English (en)
Chinese (zh)
Inventor
李东声
Original Assignee
天地融科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN201410172005.2A external-priority patent/CN103944911A/zh
Priority claimed from CN201410172018.XA external-priority patent/CN103944735A/zh
Application filed by 天地融科技股份有限公司 filed Critical 天地融科技股份有限公司
Publication of WO2015161690A1 publication Critical patent/WO2015161690A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Definitions

  • the present invention relates to the field of information security, and in particular, to a data security interaction method and system.
  • Mobile payment is a service that allows users to use their mobile terminals (such as smart phones, PDAs, tablets, laptops, etc.) to pay for goods or services they consume.
  • the unit or individual sends the payment instruction directly or indirectly to the banking financial institution through the mobile terminal, the Internet or proximity sensing to generate the behavior of money payment and capital circulation, thereby realizing the mobile payment function.
  • Mobile payment combines mobile terminals, the Internet, application providers, and financial institutions to provide users with financial services such as money payment and payment.
  • Mobile payment mainly includes remote payment and near-field payment.
  • Remote payment refers to the user logging in to the bank's webpage through the mobile terminal for payment, account operation, etc., which is mainly applied to the shopping and consumption of online e-commerce websites;
  • near-field payment refers to the instant payment to the merchant through the mobile terminal when the consumer purchases the goods or services.
  • the payment is made, the processing of the payment is performed on site, and the offline operation of the mobile network is not required, and the local communication with the vending machine and the POS machine is realized by using the radio frequency (NFC), infrared, Bluetooth, and the like of the mobile terminal.
  • NFC radio frequency
  • the participants involved in the payment include: consumer users, merchants, mobile operators, third-party service providers, banks.
  • Consumer users and merchants are the service objects of the system, mobile operators provide network support, banks provide bank-related services, and third-party service providers provide payment platform services to achieve business through the combination of all parties.
  • the electronic and mobileization of payment methods has become an inevitable development trend, and the security issue of mobile payment systems is the core issue of mobile e-commerce security.
  • the present invention is directed to solving one of the above problems.
  • a primary object of the present invention is to provide a data security interaction method.
  • Another main object of the present invention is to provide a data security interaction system.
  • An aspect of the present invention provides a data security interaction method, including: performing mutual authentication between a terminal and a background system server, and respectively generating a first session key; the terminal scanning the smart password device within a signal coverage range, and obtaining a scan to Identification information of the smart cryptographic device; the terminal and the smart cryptographic device perform mutual authentication, and Generating a second session key separately; the terminal acquiring user information corresponding to the smart cryptographic device according to the identification information of the smart cryptographic device; the terminal storing the user information in a pre-established current user list; Transmitting, by the terminal, the transaction information according to the user information corresponding to the smart cryptographic device to be traded, and performing the encryption calculation and/or the verification calculation on the transaction information by using the second session key to obtain the transaction request information; The smart cryptographic device sends the transaction request information; after receiving the transaction request information, the smart cryptographic device performs decryption calculation and/or verification verification calculation on the transaction request information by using the second session key.
  • the transaction information; the smart password device prompts the transaction information; the smart password device receives an acknowledgement instruction, and generates transaction confirmation information; the terminal receives the transaction confirmation information; the terminal utilizes the first session
  • the key performs encryption calculation and/or verification calculation on the transaction confirmation information to obtain a transaction data packet, and
  • the background system server sends the transaction data packet; after receiving the transaction data packet, the background system server performs decryption calculation and/or verification verification calculation on the transaction data packet by using the first session key.
  • the acquiring, by the terminal, the user information corresponding to the smart cryptographic device according to the identifier information of the smart cryptographic device includes: sending, by the terminal, the identifier information of the smart cryptographic device and the user information read request to the background system server After receiving the identification information of the smart cryptographic device and the user information reading request, the background system server obtains user information corresponding to the smart cryptographic device according to the identification information of the smart cryptographic device; The system server performs encryption calculation and/or verification calculation on the user information by using the first session key to obtain response information of the user information read request, and sends the user information read request to the terminal.
  • Response information after receiving the response information of the user information read request, the terminal uses the first session key to perform decryption calculation and/or verification verification calculation on the response information of the user information read request. The user information.
  • the acquiring, by the terminal, the user information corresponding to the smart cryptographic device according to the identifier information of the smart cryptographic device includes: the terminal sending a user information read request to the smart cryptographic device according to the identifier information of the smart cryptographic device
  • the smart cryptographic device obtains pre-stored user information, performs encryption calculation and/or check calculation on the user information by using the second session key, and obtains response information of the user information read request, and Transmitting, by the terminal, response information of the user information read request; after receiving the response information of the user information read request, the terminal responding to the user information read request by using the second session key
  • the decryption calculation and/or verification verification calculation is performed to obtain the user information.
  • the terminal and the background system server perform mutual authentication, and respectively generate the first session key, including: the terminal generates first to-be-signed information; the terminal sends the first to-be-signed information to the background system server.
  • the terminal After the terminal receives the background authentication completion message, the terminal verifies the background authentication completion message; after verifying that the background authentication completion message is passed, the terminal generates a terminal authentication first completion message, to the The background system server sends the terminal authentication first completion message, and calculates a first session key according to the shared master key; the background system server verifies the terminal authentication after receiving the terminal authentication first completion message a first completion message; the background system server calculates the first session key according to the shared master key after verifying that the terminal authentication first completion message is passed.
  • the terminal mutually authenticating with the smart cryptographic device and generating the second session key respectively includes: the terminal generating third to-be-signed information; the terminal sending the third to-be-send to the smart cryptographic device The signature information and the second authentication request information; the smart cryptographic device generates the fourth to-be-signed information after receiving the third to-be-signed information and the second authentication request information; the smart cryptographic device uses the smart password The private key of the device signs the third to-be-signed information to obtain the second signature information, and sends the fourth to-be-signed information, the second signature information, and the smart cryptographic device certificate to the terminal; After the fourth to-be-signed information, the second signature information, and the smart cryptographic device certificate, verify whether the smart cryptographic device certificate is legal by using a root certificate corresponding to the pre-stored smart cryptographic device certificate; the terminal is verifying After the smart cryptographic device certificate is legal, the second signature information is entered by using the public key in the smart cryptographic device certificate.
  • the terminal signs the third signature information and the fourth signature information by using the private key of the terminal to obtain the third signature information, and generates the first a session key generation factor, which uses the public key in the smart cryptographic device certificate to encrypt the first session key generation factor to obtain second encrypted information;
  • the terminal sends the third signature to the smart cryptographic device Information, the second encrypted information, and the terminal certificate;
  • the smart cryptographic device uses the pre-stored terminal certificate corresponding to The root certificate verifies whether the terminal certificate is legal; after the smart password device verifies that the terminal certificate is legal,
  • the third signature information is verified by using the public key in the terminal certificate; after verifying that the third signature information is passed, the smart cryptographic device generates a second session key generation factor, and uses the terminal certificate
  • the public key encrypts the second session key generation factor to obtain third encrypted information, and generates a smart cryptographic device authentication completion message; the smart cryptographic device sends the third encrypted information and the smart to the terminal
  • a second session key generation factor generating the second session key; the smart cryptographic device receiving the end After the second completion message is authenticated, the terminal authenticates the second completion message; after the smart cryptographic device verifies the terminal authentication second completion message, obtains the second session key generation factor and decrypts the second encrypted information.
  • the first session key generation factor generates the second session key.
  • the method further includes: obtaining, by the terminal, signal coverage at the terminal And generating, by the identifier information of all the smart cryptographic devices, the real-time identification list; the terminal, according to the preset time interval, the identification information of the smart cryptographic device in the real-time identification list and the smart cryptographic device in the current user list The identification information is compared; if the identification information of the smart cryptographic device in the real-time identification list is not in the current user list, the terminal is configured to acquire the corresponding corresponding to the smart cryptographic device according to the identification information of the smart cryptographic device. Step of user information; and if the identification information of the smart cryptographic device in the current user list is not in the real-time identification list, deleting user information of the smart cryptographic device that is not in the real-time identification list in the current user list .
  • the method further includes: obtaining, by the terminal, signal coverage at the terminal And generating, by the identifier information of all the smart cryptographic devices, the real-time identification list; the terminal, according to the preset time interval, the identification information of the smart cryptographic device in the real-time identification list and the smart cryptographic device in the current user list The identification information is compared; if the identification information of the smart cryptographic device in the real-time identification list is not in the current user list, the terminal is configured to acquire the corresponding corresponding to the smart cryptographic device according to the identification information of the smart cryptographic device.
  • the terminal obtains the user information, storing the user information in the real-time identification list; and if the identification information of the smart cryptographic device in the real-time identification list is in the current In the user list, the smart password device in the current user list is Storing the real-time information to the user identifier list; a list of the real-time identification of the updated list of current users.
  • the first authentication request information includes the identifier information of the terminal; after the background system server receives the first to-be-signed information and the first authentication request information, it is determined whether the identifier information of the terminal includes And determining, by the backend system server, the terminal abnormality list pre-stored in the background system server; after determining that the identification information of the terminal is in the abnormal list of the terminal, the background system server acquires a lock terminal instruction, and uses the background system server The private key signs the locked terminal instruction to obtain the fourth signature information, and sends the locked terminal instruction and the fourth signature information to the terminal; the terminal receives the locked terminal instruction and the fourth signature information Then, the fourth signature information is verified by using a public key in the pre-stored background system server certificate; after verifying that the fourth signature information is passed, the terminal performs a locking operation according to the locked terminal instruction.
  • the method further includes: the background system server determining the identifier information of the smart cryptographic device Whether it is included in the abnormal list of the smart password device pre-stored in the background system server; the background system server obtains the locked smart password device after determining that the identification information of the smart password device is in the abnormal list of the smart password device And acquiring, by using the private key of the background system server, the locked smart password device instruction to obtain a fifth signature information, and sending, by the terminal, the locked smart password device instruction and the fifth to the smart password device Signing information; after receiving the locked smart cryptographic device command and the fifth signature information, the smart cryptographic device verifies the fifth signature information by using a public key in the pre-stored background system server certificate; The smart cryptographic device is verifying the fifth signature letter Passed, according to the apparatus instructions smart password lock locking operation is performed.
  • the method further includes: the background system server receiving the terminal registration application, and reviewing the terminal registration application; the background system server sending the terminal password to the terminal after reviewing the terminal registration application
  • the key pair generates an instruction; after receiving the terminal key pair generation instruction, the terminal generates a terminal key pair; the terminal sends the public key in the terminal key pair to the background system server; After receiving the public key in the terminal key pair, the system server generates the terminal certificate, and sends the terminal certificate to the terminal; the terminal stores the terminal certificate; and the background system server receives the smart
  • the password device registration application is performed, and the smart password device registration application is reviewed; the background system server sends a smart password device key pair generation instruction to the smart password device after reviewing the smart password device registration application; After the smart cryptographic device receives the smart cryptographic device key pair generation instruction, generating a smart password a backup key pair; the smart cryptographic device sends a public key in the smart cryptographic device key pair to the background system server; after the background system server receives the public key in the smart cryptographic device key pair
  • the terminal acquires a terminal account cancellation application, and uses the private key of the terminal to sign the account cancellation application. And obtaining the sixth signature information, and sending the terminal account cancellation application and the sixth signature information to the background system server; after the background system server receives the terminal account cancellation application and the sixth signature information, And verifying the sixth signature information by using a public key in the pre-stored terminal certificate; after verifying that the sixth signature information is passed, the background system server deletes the pre-stored terminal certificate, and generates a terminal account Completing the information, sending the terminal account completion information to the terminal; after receiving the terminal account completion information, the terminal deletes the private key of the terminal; and/or the smart password device acquires the smart password device
  • the account cancellation application using the private key of the smart cryptographic device to sign the account cancellation application to obtain the seventh signature information, and sending the smart cryptographic device account cancellation application and the seventh signature information to the background system server After the background system server receives the smart password device account cancellation application and the seventh signature information, using the pre-stored smart The public key in the
  • the background system server after the background system server receives the identification information of the smart cryptographic device and the user information read request, the background system server sends the response information of the user information read request to the terminal.
  • the method further includes: the background system server sends the user authorization request information to the smart cryptographic device by using the terminal; the smart cryptographic device generates the authorization information after receiving the user authorization request information, and Sending, by the terminal, the authorization information to the background system server; after the background system server receives the authorization information, executing, by the background system server, sending the response information of the user information read request to the terminal A step of.
  • the step of generating the authorization information includes: after receiving the user authorization request information, the smart cryptographic device converts from a sleep state to an awake state; The smart cryptographic device generates authorization information in the awake state.
  • the step of generating the fourth to-be-signed information includes: the smart cryptographic device receiving the second authentication request After the information, the sleep state is converted to the awake state; the smart cryptographic device generates the fourth to-be-signed information in the awake state.
  • the smart cryptographic device after receiving the transaction request information, performs decryption calculation and/or verification verification on the transaction request information by using the second session key to obtain the transaction information, and includes: After receiving the transaction request information, the smart cryptographic device converts from a sleep state to an awake state; the smart cryptographic device decrypts the transaction request information by using the second session key in an awake state and/or The verification verification calculation obtains the transaction information.
  • the step of generating the transaction confirmation information by the smart cryptographic device comprises: the smart cryptographic device signing the transaction information by using a private key of the smart cryptographic device, generating transaction signature information as transaction confirmation information; or the intelligence The cryptographic device generates a dynamic password as the transaction confirmation information.
  • the step of generating the transaction confirmation information by the smart cryptographic device includes: the smart cryptographic device generating a single transaction identifier, and signing the transaction information and the single transaction identifier by using a private key of the smart cryptographic device Generating transaction signature information as transaction confirmation information; or the smart cryptographic device generates a single transaction identifier, and signatures the single transaction identifier by using a private key of the smart cryptographic device to obtain signature information of a single transaction identifier, and A dynamic password is generated, and the signature information of the single transaction identifier and the dynamic password are used as transaction confirmation information.
  • the step of the terminal receiving the transaction confirmation information includes: the terminal receiving an acoustic wave signal sent by the smart cryptographic device and decoding the acoustic wave signal to obtain transaction confirmation information; or the terminal collecting the smart password And the image information displayed by the device is decoded to obtain the transaction confirmation information; or the terminal receives the transaction confirmation information through a communication interface that the terminal matches with the smart cryptographic device; or the terminal passes The information input by the terminal obtains the transaction confirmation information.
  • the background system server verifies the transaction confirmation information, and after the step of performing the transaction after the verification is passed, the method further includes: the background system server sending the transaction success receipt information to the terminal; The background system server sends a transaction success receipt information to the smart cryptographic device through the terminal; after receiving the transaction success receipt information, the smart cryptographic device prompts the transaction success receipt information.
  • the method further includes: the terminal sending the refund information to the smart password device; After receiving the refund information, the cryptographic device prompts the refund information; the smart cryptographic device receives the refund confirmation instruction, and signs the refund information by using the private key of the smart cryptographic device to generate a refund Confirmation information; the terminal receives the refund confirmation information, verifies the refund confirmation information, and after the verification is passed, uses the private key of the terminal to sign the refund confirmation information to generate a refund Confirming the package; the terminal sending the refund confirmation package and the refund confirmation information to the background system server; after the background system server receives the refund confirmation package and the refund confirmation information, respectively The refund confirmation package and the refund confirmation information are verified, and after all verification is passed, the refund operation is performed.
  • the method further includes: the smart password device sending a refund request to the terminal; the terminal Generating a refund information, and sending the refund information to the smart password device; after receiving the refund information, the smart password device prompts the refund information; the smart password device receives a refund confirmation instruction And signing the refund information by using a private key of the smart cryptographic device to generate refund confirmation information; the terminal receiving the refund confirmation Information, verifying the refund confirmation information, and after the verification is passed, signing the refund confirmation information by using the private key of the terminal to generate a refund confirmation package; the terminal sends the background confirmation to the background system server The refund confirmation package and the refund confirmation information; after the background system server receives the refund confirmation package and the refund confirmation information, respectively confirm the refund confirmation package and the refund The information is verified and a refund operation is performed after all verifications have been passed.
  • the method further includes: the smart password device sending a refund request to the terminal; the terminal Generating a refund request identifier, and sending the refund request identifier to the smart password device; after receiving the refund request identifier, the smart password device generates refund information and utilizes the private password device Keys sign the refund information, obtain refund confirmation information, and send the refund confirmation information to the terminal; the terminal receives the refund confirmation information, and verify the refund confirmation information.
  • the refund confirmation information is signed by using the private key of the terminal to generate a refund confirmation package; the terminal sends the refund confirmation package and the refund confirmation to the background system server.
  • Information after the background system server receives the refund confirmation package and the refund confirmation information, respectively, the refund confirmation package and the refund confirmation letter Verified and validated after all, perform the refund operation.
  • the refund information also includes an electronic statement.
  • the transaction success receipt information also includes an electronic statement.
  • the transaction information also includes an electronic statement.
  • the method further includes: the smart cryptographic device enters a scanable state.
  • a data security interaction system including: a terminal configured to perform mutual authentication with a background system server, and respectively generate a first session key; scan a smart cryptographic device within a signal coverage area, and obtain a scan The identification information of the smart cryptographic device is obtained; the mutual authentication is performed with the smart cryptographic device, and the second session key is generated separately; and the user information corresponding to the smart cryptographic device is obtained according to the identification information of the smart cryptographic device; The user information is stored in a pre-established current user list; the transaction information is generated according to the user information corresponding to the smart cryptographic device to be traded, and the transaction information is encrypted and calculated by using the second session key.
  • the smart cryptographic device is configured to receive the transaction request information sent by the terminal, and perform decryption calculation and/or verification verification on the transaction request information by using the second session key to obtain the transaction.
  • the background system server is configured to receive the transaction data packet sent by the terminal, and perform decryption calculation and/or verification verification calculation on the transaction data packet by using the first session key.
  • the transaction confirmation information is verified; the transaction confirmation information is verified, and the transaction is executed after the verification is passed.
  • the terminal is further configured to send the identification information of the smart cryptographic device and the user information read request to the background system server, and receive the response information of the user information read request sent by the background system server, And performing the decryption calculation and/or the verification verification calculation on the response information of the user information read request by using the first session key to obtain the user information;
  • the background system server is further configured to receive the sending by the terminal Obtaining the identification information of the smart cryptographic device and the user information reading request, acquiring user information corresponding to the smart cryptographic device according to the identification information of the smart cryptographic device; using the first session key to the user The information is subjected to an encryption calculation and/or a verification calculation to obtain response information of the user information read request, and the response information of the user information read request is transmitted to the terminal.
  • the terminal is further configured to send a user information read request to the smart cryptographic device according to the identification information of the smart cryptographic device, and receive response information of the user information read request sent by the smart cryptographic device. And performing the decryption calculation and/or the verification verification calculation on the response information of the user information read request by using the second session key to obtain the user information;
  • the smart password device is further configured to obtain pre-stored user information. And using the second session key to perform encryption calculation and/or check calculation on the user information to obtain response information of the user information read request, and send the response of the user information read request to the terminal. information.
  • the terminal is further configured to generate first to-be-signed information, and send the first to-be-signed information and the first authentication request information to the background system server, and receive the second to-be-signed information sent by the background system server.
  • the background system server certificate using the root certificate corresponding to the pre-stored background system server certificate to verify whether the background system server certificate is legal; after verifying that the background system server certificate is legal, generating a shared master key; using the background
  • the public key in the system server certificate encrypts the shared master key to generate first encrypted information, and uses the private key of the terminal to sign the first to-be-signed information and the second to-be-signed information to generate a first Signing information; sending the first encryption information, the first signature information, and the terminal certificate to the background system server; receiving the background authentication completion message sent by the background system server, and verifying the background authentication completion message; After verifying that the background authentication completion message is passed, generating the terminal authentication first Sending, by the backend system server, the terminal authentication first completion message, and calculating a
  • the terminal is further configured to generate third to-be-signed information, and send the third to-be-signed information and the second authentication request information to the smart cryptographic device, and receive the fourth to-be-sent sent by the smart cryptographic device. And verifying, by the root certificate corresponding to the pre-stored smart cryptographic device certificate, whether the smart cryptographic device certificate is legal; and verifying that the smart cryptographic device certificate is legal, using the signature information, the second signature information, and the smart cryptographic device certificate; The public key in the smart cryptographic device certificate verifies the second signature information; after verifying that the second signature information is passed, using the private key of the terminal to the third to-be-signed information and the And signing the fourth signature information to obtain the first session key generation factor, and encrypting the first session key generation factor by using the public key in the smart cryptographic device certificate to obtain the second encrypted information; Transmitting the third signature information, the second encryption information, and the terminal certificate to the smart cryptographic device; receiving the The third encryption information sent by the cryptographic device and the smart cryptographic device authentication
  • the smart cryptographic device is further configured to receive the third to-be-signed information and the second authentication request information sent by the terminal, to generate fourth to-be-signed information;
  • the private key signs the third to-be-signed information to obtain the second signature information, and sends the fourth to-be-signed information, the second signature information, and the smart cryptographic device certificate to the terminal;
  • the third signature information, the second encrypted information, and the terminal certificate using the pre-stored terminal certificate
  • the root certificate verifies whether the terminal certificate is legal; after verifying that the terminal certificate is legal, the third signature information is verified by using the public key in the terminal certificate; after verifying that the third signature information is passed Generating a second session key generation factor, encrypting the second session key generation factor by using a public key in the terminal certificate to obtain third encrypted information, and generating a smart cryptographic
  • the terminal is further configured to: after the terminal scans the smart cryptographic device within the signal coverage range, and obtains the scanned identification information of the smart cryptographic device, obtains all the signal coverage within the terminal Wisdom The identification information of the cryptographic device is generated, and the real-time identification list is generated; and the identification information of the smart cryptographic device in the real-time identification list is compared with the identification information of the smart cryptographic device in the current user list according to a preset time interval; If the identification information of the smart cryptographic device in the real-time identities list is not in the current user list, obtain the user information corresponding to the smart cryptographic device according to the identification information of the smart cryptographic device; and if the current user list The user information of the smart cryptographic device in the current user list is not deleted, and the user information of the smart cryptographic device that is not in the real-time identifier list in the current user list is deleted.
  • the terminal is further configured to: after the terminal scans the smart cryptographic device within the signal coverage range, and obtains the scanned identification information of the smart cryptographic device, obtains all the signal coverage within the terminal And the identification information of the smart cryptographic device is compared with the identification information of the smart cryptographic device in the current user list according to the preset time interval; If the identification information of the smart cryptographic device in the real-time identities list is not in the current user list, the user information corresponding to the smart cryptographic device is obtained according to the identification information of the smart cryptographic device, and the terminal is obtained at the terminal.
  • the user information is stored in the real-time identification list; and if the identification information of the smart cryptographic device in the real-time identification list is in the current user list, then the current User information of the smart cryptographic device in the user list is stored in the real-time identification list; The real-time identification of the list as the updated list of current users.
  • the background system server is further configured to receive the first to-be-signed information and the first authentication request information that are sent by the terminal, where the first authentication request information includes identifier information of the terminal; Determining whether the identification information of the terminal is included in a terminal abnormal list pre-stored in the background system server; after determining that the identification information of the terminal is in the terminal abnormal list, acquiring a locked terminal instruction, and using the The private key of the background system server signs the locked terminal instruction to obtain the fourth signature information, and sends the locked terminal instruction and the fourth signature information to the terminal; the terminal is further configured to receive the background system server Sending the locked terminal instruction and the fourth signature information, verifying the fourth signature information by using a public key in the pre-stored background system server certificate; after verifying that the fourth signature information is passed, according to The locking terminal instructs to perform a locking operation.
  • the background system server is further configured to determine, after the terminal sends the identification information of the smart cryptographic device and the user information read request to the background system server, whether the identifier information of the smart cryptographic device is included in the The smart password device abnormal list pre-stored in the background system server; after determining that the smart password device identifier information is in the smart password device abnormal list, acquiring the lock smart password device instruction, and using the background system
  • the private key of the server signs the lock smart cryptographic device command to obtain the fifth signature information, and sends the locked smart cryptographic device command and the fifth signature information to the smart cryptographic device through the terminal;
  • the smart cryptographic device is further configured to receive the locked smart cryptographic device command and the fifth signature information sent by the background system server by using the terminal, and use the pre-stored public key pair in the background system server certificate The fifth signature information is verified; after verifying that the fifth signature information is passed, the locking operation is performed according to the locked smart cryptographic device instruction.
  • the background system server is further configured to receive a terminal registration application, and review the terminal registration application; after reviewing the terminal registration application, send a terminal key pair generation instruction to the terminal; Transmitting, by the terminal, the public key in the terminal key pair, generating the terminal certificate, and sending the terminal certificate to the terminal; the terminal is further configured to receive the terminal sent by the background system server The key pair generates an instruction to generate a terminal key pair; the public key in the terminal key pair is sent to the background system server; the terminal certificate is stored; and the background system server is further configured to receive the smart password device Registering the application and reviewing the smart password device registration application; after reviewing the smart password device registration application, sending a smart password device key pair generation instruction to the smart password device; receiving the smart password device secret a public key in the key pair, generating the smart cryptographic device certificate, and transmitting the smart to the smart cryptographic device a smart device, configured to receive the smart cryptographic device key pair generation command, generate a smart cryptographic device key pair, and send the smart cryptographic device key pair to the background
  • the terminal is further configured to acquire a terminal account cancellation application, use the private key of the terminal to sign the account cancellation application to obtain a sixth signature information, and send the terminal account cancellation application to the background system server.
  • the sixth signature information receiving the terminal account completion information sent by the background system server, deleting the private key of the terminal; the background system server is further configured to receive the terminal account cancellation application and the After the sixth signature information, verifying the sixth signature information by using the public key in the pre-stored terminal certificate; after verifying that the sixth signature information is passed, deleting the pre-stored terminal certificate, and generating a terminal pin
  • the user completes the information, and sends the terminal account completion information to the terminal; and/or the smart password device is further configured to obtain a smart password device account cancellation application, and use the private key of the smart password device to the pin
  • the user applies for signature to obtain the seventh signature information, and sends the smart password device account cancellation application and the seventh signature letter to the background system server.
  • the background system server is further configured to receive the smart information sent by the smart password device And the cryptographic device account cancellation application and the seventh signature information, verifying the seventh signature information by using a public key in the pre-stored smart cryptographic device certificate; and deleting the pre-stored after verifying that the seventh signature information is passed
  • the smart password device certificate is generated, and the smart password device account completion information is generated, and the smart password device account completion information is sent to the smart password device.
  • the background system server is further configured to send user authorization request information to the smart cryptographic device through the terminal; receive authorization information, and send response information of the user information read request to the terminal.
  • the smart cryptographic device is further configured to receive the user authorization request information sent by the background system server by using the terminal, generate authorization information, and send the authorization information to the background system server by using the terminal. .
  • the smart cryptographic device is further configured to: after receiving the user authorization request information, transition from a sleep state to an awake state; and generate authorization information in the awake state.
  • the smart cryptographic device is further configured to: after receiving the second authentication request information, transition from a sleep state to an awake state; and generate a fourth to-be-signed information in the awake state.
  • the smart cryptographic device is further configured to: after receiving the transaction request information, convert from a sleep state to an awake state; and perform decryption calculation on the transaction request information by using the second session key in an awake state. / or verification verification calculation to obtain the transaction information.
  • the smart cryptographic device is further configured to sign the transaction information by using a private key of the smart cryptographic device, generate transaction signature information as transaction confirmation information or generate a dynamic password as transaction confirmation information.
  • the smart cryptographic device is further configured to generate a single transaction identifier, and use the private key of the smart cryptographic device to sign the transaction information and the single transaction identifier, and generate transaction signature information as transaction confirmation information.
  • the smart cryptographic device is further configured to generate a single transaction identifier, sign the single transaction identifier with the private key of the smart cryptographic device, obtain signature information of the single transaction identifier, and generate a dynamic password, and The signature information of the one-time transaction identifier and the dynamic password are used as transaction confirmation information.
  • the terminal is further configured to receive the sound wave signal sent by the smart cryptographic device and decode the sound wave signal to obtain transaction confirmation information; or collect image information displayed by the smart cryptographic device and perform the image information Decoding to obtain the transaction confirmation information; or receiving the transaction confirmation information by a communication interface that the terminal matches with the smart cryptographic device; or obtaining the transaction confirmation information by using information input by the terminal.
  • the background system server is further configured to: after the background system server verifies the transaction confirmation information, and after executing the transaction after the verification is passed, send the transaction success receipt information to the terminal and/or The terminal sends the transaction success receipt information to the smart cryptographic device; the smart cryptographic device is further configured to receive the transaction success receipt information, and prompt the transaction success receipt information.
  • the terminal is further configured to: after the background system server verifies the transaction confirmation information, and after performing the transaction after the verification is passed, send the refund information to the smart password device; and receive the refund confirmation Information, verifying the refund confirmation information, and after the verification is passed, signing the refund confirmation information by using the private key of the terminal to generate a refund confirmation package; sending the refund to the background system server And the refund confirmation information;
  • the smart password device is further configured to receive the refund information sent by the terminal, prompt the refund information, receive a refund confirmation instruction, and utilize the smart The private key of the cryptographic device signs the refund information and generates Refund confirmation information;
  • the background system server is further configured to receive the refund confirmation package and the refund confirmation information sent by the terminal, and respectively perform the refund confirmation package and the refund confirmation information Verify and perform a refund after all verifications have been passed.
  • the smart cryptographic device is further configured to: after the background system server verifies the transaction confirmation information, and after performing the transaction after the verification is passed, send a refund request to the terminal; and receive the sending by the terminal
  • the refund information prompts the refund information; receives a refund confirmation instruction, and signs the refund information by using a private key of the smart password device to generate a refund confirmation information
  • the terminal is further configured Generating the refund information and transmitting the refund information to the smart cryptographic device; receiving the refund confirmation information, verifying the refund confirmation information, and utilizing the private of the terminal after the verification is passed Keying the refund confirmation information to generate a refund confirmation package; transmitting the refund confirmation package and the refund confirmation information to the background system server
  • the background system server is further configured to receive the terminal Sending the refund confirmation package and the refund confirmation information, respectively verifying the refund confirmation package and the refund confirmation information, and verifying all the verification After the implementation of the refund operation.
  • the smart cryptographic device is further configured to: after the background system server verifies the transaction confirmation information, and after performing the transaction after the verification is passed, send a refund request to the terminal; and receive the sending by the terminal
  • the refund request identifier generates a refund information, and signs the refund information by using a private key of the smart cryptographic device to obtain refund confirmation information, and sends the refund confirmation information to the terminal;
  • the terminal is further configured to generate a refund request identifier, and send the refund request identifier to the smart password device; receive the refund confirmation information, verify the refund confirmation information, and pass the verification Afterwards, the refund confirmation information is signed by the private key of the terminal to generate a refund confirmation package; the refund confirmation package and the refund confirmation information are sent to the background system server; the background system server And configured to receive the refund confirmation package and the refund confirmation information sent by the terminal, respectively, the refund confirmation package and the refund confirmation information Line verification and validation through after all, perform the refund operation.
  • the refund information also includes an electronic statement.
  • the transaction success receipt information also includes an electronic statement.
  • the transaction information also includes an electronic statement.
  • the smart cryptographic device is further configured to enter a scannable state before being scanned by the terminal.
  • the customer can complete the payment without using a wallet, a credit card, a mobile phone, etc., thereby simplifying the interaction between the customer and the merchant in the payment process, improving the payment efficiency, and improving the customer's The experience in the near-field payment process; at the same time, the security features of the smart cryptographic device are used to ensure the security of the customer payment process.
  • the terminal After the customer purchases the goods, the terminal does not need to be obtained by allowing the customer to manually swipe or swipe the phone.
  • User information when the customer only needs to report his/her name at the time of checkout, the terminal can directly send the transaction information such as the amount after settlement to the customer's smart password device and display it.
  • the customer only needs to confirm with the smart password device, and The transaction confirmation information is output, and the terminal generates a transaction data packet and sends it to the background system server. After the background system server verifies that the transaction data packet is accurate, the transfer processing is performed, and the payment process can be completed.
  • the network connection between the smart cryptographic device and the terminal is automatically interrupted, and the user information disappears from the current user list of the store. If the customer enters another store again, he will automatically enter the current user list of the other store and start another shopping. This allows the customer to have a seamless experience without requiring the customer to perform any operations.
  • FIG. 1 is a schematic structural diagram of a data security interaction system provided by the present invention.
  • FIG. 2 is a flow chart of a data security interaction method provided by the present invention.
  • connection In the description of the present invention, it should be noted that the terms “installation”, “connected”, and “connected” are to be understood broadly, and may be fixed or detachable, for example, unless otherwise explicitly defined and defined. Connected, or integrally connected; can be mechanical or electrical; can be directly connected, or indirectly connected through an intermediate medium, can be the internal communication of the two components.
  • Connected, or integrally connected can be mechanical or electrical; can be directly connected, or indirectly connected through an intermediate medium, can be the internal communication of the two components.
  • first and second are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or quantity or location.
  • the data security interaction method provided by the present invention is applicable to the system architecture as shown in FIG. 1 , including: background system service Servers, terminals, and smart cryptographic devices. among them:
  • the background system server can complete the management of the terminal and the smart cryptographic device and the storage and delivery management of the user information, for example, including registration, account cancellation, locking, authentication, etc. of the terminal and the smart cryptographic device, which can provide bank related services.
  • Financial services such as payment platform services; may include a combination of one or more servers such as a payment server, an authentication server, and a management server.
  • the terminal can be a terminal of the merchant terminal to complete the initiation of the mobile payment, the authentication of the smart cryptographic device and the background system server, the maintenance of the user information, etc., and the terminal can automatically scan the smart cryptographic device within the coverage of the signal, and establish and The communication connection of the smart cryptographic device acquires the user information corresponding to the smart cryptographic device.
  • the smart cryptographic device has a function of secure payment (for example, electronic signature, dynamic password generation) and authentication of the terminal, and the smart cryptographic device has a wireless communication module (for example: Bluetooth, infrared, RFID, NFC, light, sound wave, heat, vibration) , WIFI, etc., can communicate with the terminal through the wireless communication module, of course, the smart password device can also include a wired interface (eg, audio interface, USB interface, serial port, etc.), and communicate with the terminal through the wired interface . In addition, the smart password device can also have a connection option function. If the user does not enable the function, the terminal cannot obtain the identification information of the smart password device and the corresponding user information.
  • a wireless communication module for example: Bluetooth, infrared, RFID, NFC, light, sound wave, heat, vibration
  • WIFI wireless communication module
  • the smart password device can also include a wired interface (eg, audio interface, USB interface, serial port, etc.), and communicate with the terminal through the wired interface .
  • a smart cryptographic device can enter a state that can be scanned for the terminal to scan to the smart cryptographic device.
  • the connection option function of the smart password device can be implemented for the hardware switch set on the smart password device, or can be implemented by the software for the smart password device.
  • the data security interaction method provided by the present invention includes the following steps 1 to 8.
  • Step 1 The terminal and the smart password device register with the background system server.
  • the terminal registers with the background system server and the smart password device registers with the background system server. These two aspects are described in detail below.
  • the terminal registers with the background system server, where:
  • the background system server receives the terminal registration application and reviews the terminal registration application; specifically, the merchant can go to the bank counter to apply for registration of the terminal, or apply for registration of the terminal through the Internet, and the background system server receives the registration application. After that, the legality of the identity of the merchant is reviewed.
  • the background system server After the auditing terminal registration application is approved, the background system server sends a terminal key pair generation instruction to the terminal. Specifically, after the background system server verifies the legality of the merchant identity, the server system agrees to register the terminal of the merchant and sends the terminal to the terminal.
  • the key pair generation instruction is used to instruct the terminal to generate a terminal key pair, where the terminal key pair includes a pair of public and private keys.
  • the terminal After receiving the terminal key pair generation command, the terminal generates a terminal key pair; specifically, the terminal may preset one After the terminal generates the terminal key pair generation command, the terminal generates a terminal key pair according to the preset key pair generation manner, that is, generates a pair of public and private keys.
  • the terminal sends the public key in the terminal key pair to the background system server; specifically, the terminal can send the public key in the generated terminal key pair to the background system server through the trusted communication link to ensure the terminal
  • the security of public key transmission; the public key in the terminal key pair generated by the public key can also be sent to the background system server through the Internet, so as to improve the convenience of the public key transmission of the terminal.
  • the background system server After receiving the public key in the terminal key pair, the background system server generates a terminal certificate and sends the terminal certificate to the terminal.
  • the background system server may perform the information of the merchant and the public key of the terminal by using the private key of the background system server. Calculating and generating a terminal certificate; the background system server may further include a CA server, and the terminal certificate is generated by calculating the information of the merchant and the public key of the terminal by using the private key of the CA server; the background system server may also use the information of the merchant and the public of the terminal.
  • the key is sent to the CA.
  • the CA calculates the terminal certificate based on the private key of the CA and the public key of the terminal, and sends the terminal certificate to the terminal through the background system server.
  • the terminal stores the terminal certificate. Specifically, after receiving the terminal certificate sent by the background system server, the terminal stores the terminal certificate in a storage area where the security function is executed. Of course, for different back-end system servers, the terminal can also store different terminal certificates sent by different back-end system servers.
  • the smart password device registers with the background system server, where:
  • the background system server receives the smart password device registration application and audits the smart password device registration application; specifically, the user holding the smart password device can apply for the registration of the smart password device at the bank counter, or can handle the smart through the Internet. After the registration request of the cryptographic device, the background system server receives the registration application and reviews the legality of the identity of the user.
  • the background system server sends a smart password device key pair generation instruction to the smart password device; specifically, the background system server approves the legality of the user identity, and then agrees to the user's smart password.
  • the device performs registration, and sends a key pair generation instruction to the smart cryptographic device to instruct the smart cryptographic device to generate a smart cryptographic device key pair, the smart cryptographic device key pair including a pair of public and private keys.
  • the smart cryptographic device After receiving the instruction of the smart cryptographic device key pair, the smart cryptographic device generates a smart cryptographic device key pair. Specifically, a smart key device may preset a key pair generation manner, and the smart cryptographic device receives the smart password. After the device key pair generates an instruction, the smart cipher device key pair is generated according to the preset key pair generation manner, that is, a pair of public and private keys are generated.
  • the smart cryptographic device sends the public key in the smart cryptographic device key pair to the background system server; specifically, the smart cryptographic device can forward the public key in the smart cryptographic device key pair generated by the smart cryptographic device to the background system through the trusted communication link
  • the server sends it to ensure the security of the public key of the smart cryptographic device; it can also generate intelligence through the Internet.
  • the public key in the cryptographic device key pair is sent to the background system server to improve the convenience of the public key transmission of the smart cryptographic device.
  • the background system server After receiving the public key in the smart cryptographic device key pair, the background system server generates a smart cryptographic device certificate and sends the smart cryptographic device certificate to the smart cryptographic device; specifically, the background system server can use the private key of the background system server to the user.
  • the information and the public key of the smart cryptographic device are calculated to generate a smart cryptographic device certificate; the backend system server may further include a CA server, and the user's information and the public key of the smart cryptographic device are calculated by the private key of the CA server to generate a smart password.
  • the device certificate can also send the user's information and the public key of the smart cryptographic device to the CA.
  • the CA calculates the smart cryptographic device certificate by calculating the user's information and the public key of the smart cryptographic device according to the private key of the CA.
  • the background system server sends the smart password device.
  • the smart password device stores the smart password device certificate. Specifically, after receiving the smart password device certificate sent by the background system server, the smart password device stores the smart password device certificate in a storage area where the security function is executed.
  • the smart cryptographic device can also store different smart cryptographic device certificates sent by different background system servers.
  • Step 2 The terminal and the background system server perform mutual authentication, and respectively generate a first session key.
  • the terminal generates the first to-be-signed information.
  • the terminal may generate the random number as the first to-be-signed information by using the random number generator, or may use its own serial number, MAC address, or other identification information as the first to-be-signed information. It may also be a combination of a random number and identification information as the first to-be-signed information.
  • the information that can be signed by the background system server can be used as the first to-be-signed information, so that the background system server returns the signature information and then authenticates the background system server.
  • the random number can be one of a combination of numbers, letters, special characters, or the like.
  • the terminal sends the first to-be-signed information and the first authentication request information to the background system server.
  • the terminal may send the first to-be-signed information and the first authentication request information to the background system server through the trusted communication link, to The security of information transmission is guaranteed; the first to-be-signed information and the first authentication request information may also be sent to the background system server through the Internet to improve the convenience of information transmission.
  • the background system server may further determine whether the identification information of the terminal is included in the background system server after receiving the first to-be-signed information and the first authentication request information.
  • the first authentication request information includes the identification information of the terminal; the background system server obtains the locked terminal instruction after determining that the terminal identification information is in the terminal abnormal list, and uses the private of the background system server.
  • the key pair locks the terminal instruction to obtain the fourth signature information, and sends the locked terminal instruction and the fourth signature information to the terminal; after receiving the locked terminal instruction and the fourth signature information, the terminal uses the public key in the pre-stored background system server certificate.
  • the fourth signature information Verification after verifying that the fourth signature information is passed, the terminal performs a locking operation according to the locked terminal instruction.
  • the terminal abnormal list may be a blacklist, a loss list, an invalidation list, or the like, which is an illegal list of the terminal identity. If the terminal identification information is in the terminal abnormal list, the terminal is an illegal terminal. Security, the background system server sends a lock instruction to the illegal terminal to lock the illegal terminal. At the same time, the background system server also signs the lock instruction to ensure the legal source of the lock instruction and avoid malicious operation of illegally locking the terminal.
  • the background system server may not sign the lock instruction and only send the lock command to the illegal terminal to lock the illegal terminal.
  • the terminal performing the locking operation according to the locking terminal instruction may include: the terminal rejects any request, destroys the stored certificate, and the like.
  • the background system server can also perform any request to reject the illegal terminal after sending the lock instruction.
  • the identification information of the terminal will be entered into the abnormal list such as the loss list or blacklist of the background system server. Thereafter, if another person attempts to use the terminal.
  • the background system server compares the terminal identification information in the abnormal list. If the identification information of the terminal is found in the abnormal list, the background system server The terminal is locked to protect the security of the user's account.
  • the background system server After receiving the first to-be-signed information and the first authentication request information, the background system server generates the second to-be-signed information. Specifically, the background system server may generate the second to-be-signed information after receiving the first authentication request information.
  • the random number generator generates the random number as the second to-be-signed information, and may also use its own serial number, MAC address or other identification information as the second to-be-signed information, or may be a combination of the random number and the identification information as the second.
  • Information to be signed The information that can be signed by the terminal can be used as the second information to be signed, so that the terminal can authenticate the terminal after returning the signature information.
  • the random number can be one of a combination of numbers, letters, special characters, or the like.
  • the background system server sends the second to-be-signed information and the background system server certificate to the terminal; specifically, the background system server can send the second to-be-signed information and the background system server certificate to the terminal through the trusted communication link to ensure the information.
  • the security of the transmission; the second signature information and the background system server certificate can also be sent to the terminal through the Internet to improve the convenience of information transmission.
  • the terminal After receiving the second to-be-signed information and the background system server certificate, the terminal uses the pre-stored background system server.
  • the root certificate corresponding to the certificate verifies that the background system server certificate is legal. Specifically, the terminal needs to obtain the root certificate corresponding to the background system server certificate during the registration process, so as to verify the legality of the background system server certificate.
  • the terminal After the terminal verifies that the background system server certificate is valid, the terminal generates a shared master key. Specifically, after the terminal verifies that the background system server certificate is legal, the terminal generates a shared master key, and the shared master key may be used to generate the first session key.
  • the terminal encrypts the shared master key by using the public key in the background system server certificate to generate the first encrypted information, and uses the private key of the terminal to sign the first to-be-signed information and the second to-be-signed information to generate the first signature information;
  • the terminal encrypts the shared master key by using the public key of the background system server.
  • the terminal also treats the first key.
  • the signature information and the second signature information are signed, whereby the terminal transmits the signature information and the encrypted information to the backend system server, that is, the legal source of the data can be ensured, and the security of the important information in the data is also ensured.
  • the first signature information in the present invention may be obtained by signing the information after the first to-be-signed information and the second to-be-signed information are connected, or may be pre-negotiated according to the first to-be-signed information and the second to-be-signed information.
  • the adjustment plan is obtained by signing the adjusted information.
  • the terminal sends the first encrypted information, the first signature information, and the terminal certificate to the background system server;
  • the background system server uses the root certificate corresponding to the pre-stored terminal certificate to verify whether the terminal certificate is legal. Specifically, the background system server obtains the root certificate corresponding to the terminal certificate during the registration process of the terminal, so as to verify the validity of the terminal certificate.
  • the background system server After verifying that the terminal certificate is legal, the background system server verifies the first signature information by using the public key in the terminal certificate;
  • the background system server After verifying that the first signature information is passed, the background system server decrypts the first encrypted information by using the private key of the background system server to obtain a shared master key;
  • the background system server generates a background authentication completion message, and sends a background authentication completion message to the terminal;
  • the terminal After receiving the background authentication completion message, the terminal verifies the background authentication completion message; specifically, the terminal performs legality verification on the background authentication completion message.
  • the terminal After the terminal verifies that the background authentication completion message is passed, the terminal generates a terminal completion first completion message, sends a terminal authentication first completion message to the background system server, and calculates a first session key according to the shared master key;
  • the background system server After receiving the terminal completion first completion message, the background system server verifies that the terminal authenticates the first completion message; the specific background system server performs legality verification on the terminal authentication first completion message.
  • the background system server After the background system server verifies that the terminal authentication first completion message is passed, the background system server calculates the first session key according to the shared master key.
  • a first session key is generated between the background system server and the terminal to ensure data transmission security and/or integrity, so that the background system server and the terminal perform subsequent data transmission, and the data to be transmitted is encrypted.
  • the first session key may include an encryption key and/or a verification key, and the verification key may be a MAC check calculation key or a HASH check calculation key, and the encryption key is a symmetric encryption calculation key, and the encryption key is a symmetric encryption calculation key.
  • the encryption key and/or the verification key included in the first session key may be obtained by decomposing by sharing the master key.
  • the present invention is not limited to such a first session key generation process initiated by the terminal, and may also be initiated by the background system server.
  • the locking of the terminal may be determined by the background system server after the background system server receives the identification information of the terminal.
  • the first session key may be generated by any one of the terminal or the background system server, and encrypted by the public key of the other party and then sent to the other party, thereby reducing the computational complexity of one party.
  • the background system server also opens the corresponding authority to the terminal.
  • the terminal can obtain the user information corresponding to the smart password device from the background system server, so as to implement the management of the background system server to the terminal. .
  • the process of generating the first session key between the terminal and the background system server may be the same as the process of generating the second session key between the terminal and the smart cryptographic device described below.
  • Two-way authentication between the terminal and the back-end system server ensures the legality of both parties and improves the security of subsequent processing.
  • the terminal at the merchant end sends the random number R1 to the background system server, and sends an authentication request to the background system server;
  • the background system server receives the authentication request from the terminal, and generates a random number R2;
  • the background system server sends the random number R2 and the background system server certificate to the terminal;
  • the terminal verifies the received background system server certificate by using the root certificate corresponding to the background system server certificate pre-stored in the terminal;
  • the terminal If the verification is passed, the terminal generates the shared master key MKey, and encrypts the MKey with the public key in the background system server certificate to obtain E1;
  • the terminal connects R1 and R2 to obtain R3, performs a digest calculation on R3 to obtain H1, and then uses the private key of the terminal to sign H1 to obtain S1;
  • the terminal sends the S1, E1 and the terminal certificate to the background system server;
  • the background system server verifies the validity of the terminal certificate by using the root certificate corresponding to the terminal certificate
  • the terminal certificate is used to verify S1;
  • the shared master key MKey is obtained by decrypting from E1;
  • the background system server performs a summary calculation on the background system server certificate to obtain H2, and performs a digest calculation on the terminal certificate to obtain H3, and connects R1, R2, H2, H3, S1, and E1 to obtain T1, and performs a digest calculation on T1.
  • HMAC calculates the "Background System Server Authentication Complete Message";
  • the background system server sends a "background system server authentication completion message" to the terminal;
  • the terminal verifies the "background system server authentication completion message" sent by the background system server received;
  • the terminal sends a "terminal authentication completion message" to the background system server;
  • the background system server verifies the received "terminal authentication completion message"
  • the two parties calculate the session key, and the encryption key K1 decomposed from the session key is used for encryption and decryption of data transmission between the background system server and the terminal, and/or
  • the calculated verification key MACKEY is used to generate and verify the check value.
  • the two-way identity authentication between the terminal of the merchant and the back-end system server ensures that the other party is legitimate and negotiates a public session key (including an encryption key and/or a verification key), which can be used for Data encryption and/or check value generation when data is transferred between the terminal and the backend system server.
  • the merchant's terminal also completes the "check-in" at the background system server, that is, the subsequent operation request for reading the user information and the transaction request.
  • the check value generated when the background system server and the terminal transmit data is in the form of MAC.
  • the check value is not necessarily the MAC value generated by using the MAC key, and the check value may be generated by generating a digest re-signature.
  • the terminal and the back-end system server mutually authenticate to establish a secure channel.
  • the merchant who holds the terminal completes the "check-in" of the background system server, that is, the background system server determines that the terminal is held.
  • the validity of the merchant and the first session key are negotiated with the terminal, so that the first session key is used to implement the encrypted transmission when the transaction data of the background system server and the terminal are exchanged, and the user information corresponding to the smart password device is performed. Preparation for operations such as transmission and transaction data transmission.
  • the terminal authenticated by the background system server can verify the legality of the smart cryptographic device through the background system server, and obtain related user information of the legal smart cryptographic device.
  • Step 3 The terminal scans the smart cryptographic device within the signal coverage area, and obtains the identification information of the scanned smart cryptographic device.
  • the terminal may send the query signal (such as the serial number of the terminal) to query the smart cryptographic device within the coverage of a certain wireless signal according to a certain time interval;
  • the query signal such as the serial number of the terminal
  • the smart cryptographic device listens to the query of the terminal (query scan). After the smart cryptographic device enters the signal coverage of the terminal, the smart cryptographic device sends the identification information of the smart cryptographic device to the terminal, and the terminal scans the identification information of the smart cryptographic device. .
  • the terminal can use the IAC (Inquiry Access Code) to query the smart cryptographic device within the coverage of a certain wireless signal;
  • IAC Inquiry Access Code
  • the smart cryptographic device listens (query scans) the query of the terminal, and sends the address and clock information of the smart cryptographic device to the terminal after the smart cryptographic device enters the signal coverage of the terminal;
  • the smart cryptographic device listens to paging information from the terminal and performs paging scanning
  • the terminal pages the smart cryptographic device that has been queried
  • the smart cryptographic device After receiving the paging information, the smart cryptographic device sends a DAC (Device Access Code) of the smart cryptographic device to the terminal.
  • DAC Device Access Code
  • the terminal sends an inquiry signal to query a smart cryptographic device within a certain wireless signal coverage range
  • the smart cryptographic device listens (query scans) the query signal of the terminal, and sends the address of the smart cryptographic device to the terminal after the smart cryptographic device enters the signal coverage of the terminal.
  • the present invention only uses the above two examples to describe how the terminal obtains the identification information of the smart cryptographic device, but the present invention is not limited thereto.
  • the smart cryptographic device may receive When any information is sent to the terminal, the information sent by the terminal can be used as a sleep wake-up signal, and the smart cryptographic device switches the sleep state to the awake state (ie, the normal working mode) according to the sleep wake-up signal. At the same time, the smart cryptographic device can automatically reply to the sleep state after any command execution ends. The smart cryptographic device enters a sleep state to save power of the smart cryptographic device and prolong its service life.
  • the smart password device Before the terminal scans the smart password device, the smart password device also needs to enter a state that can be scanned, so that the terminal can scan the smart password device, wherein the smart password device enters the scanable state and can pass the smart password device.
  • the set hardware switch is enabled, and can also be implemented by the smart password device software.
  • the present invention is not limited to this step being completed after step two, and may be completed before step two or simultaneously with step two, as long as the scanning is completed before step four.
  • Step 4 The terminal and the smart cryptographic device perform mutual authentication, and respectively generate a second session key.
  • the terminal generates the third to-be-signed information.
  • the terminal may generate the random number as the third to-be-signed information by using the random number generator, or may use the serial number, the MAC address, or other identification information as the third to-be-signed information. It may also be a combination of a random number and identification information as the third to-be-signed information.
  • the information that can be signed by the smart cryptographic device can be used as the third to-be-signed information, so that the smart cryptographic device can authenticate the smart cryptographic device after returning the signature information.
  • the random number can be one of a combination of numbers, letters, special characters, or the like.
  • the terminal sends the third to-be-signed information and the second authentication request information to the smart cryptographic device.
  • the terminal may send the third to-be-signed information and the second authentication request information to the smart cryptographic device through the wireless communication link to ensure the information.
  • Convenience of sending; the third to-be-signed information and the second authentication request information may also be sent to the smart cryptographic device through a wired interface to improve the security of information transmission.
  • the smart cryptographic device After receiving the third to-be-signed information and the second authentication request information, the smart cryptographic device generates the fourth to-be-signed information. Specifically, the smart cryptographic device may generate the fourth to-be-signed information after receiving the second authentication request information.
  • the random number generator generates the random number as the fourth to-be-signed information, and may also use its own serial number, MAC address or other identification information (such as device access code DAC) as the fourth to-be-signed information, or may be a random number sum.
  • the combination of the identification information is used as the fourth to-be-signed information.
  • the information that can be signed by the terminal can be used as the fourth information to be signed, so that the terminal can authenticate the terminal after returning the signature information.
  • the random number can be one of a combination of numbers, letters, special characters, or the like.
  • the smart cryptographic device may further switch from the sleep state after receiving the second authentication request information.
  • the awake state is generated; the smart cryptographic device generates the fourth to-be-signed information in the awake state.
  • the sleep state is changed to the awake state to complete the normal work, and after the smart cryptographic device completes the work, it is switched to the sleep state again to reduce the power loss and prolong the service life.
  • the smart cryptographic device uses the private key of the smart cryptographic device to sign the third to-be-signed information to obtain the second signature information, and sends the fourth to-be-signed information, the second signature information, and the smart cryptographic device certificate to the terminal;
  • the terminal After receiving the fourth to-be-signed information, the second signature information, and the smart cryptographic device certificate, the terminal uses the root certificate corresponding to the pre-stored smart cryptographic device certificate to verify whether the smart cryptographic device certificate is legal. Specifically, the terminal also needs to obtain the smart cryptographic device certificate. Corresponding root certificate for legality verification of smart cryptographic device certificates.
  • the terminal After verifying that the smart cryptographic device certificate is legal, the terminal uses the public key in the smart cryptographic device certificate to verify the second signature information;
  • the terminal After verifying that the second signature information is passed, the terminal signs the third signature information and the fourth signature information by using the private key of the terminal to obtain the third signature information, and generates a first session key generation factor, which is used in the smart password device certificate. of The public key encrypts the first session key generation factor to obtain the second encryption information. Specifically, after verifying that the smart password device certificate and the signature of the smart password device pass, the terminal generates a session for data interaction between the terminal and the smart password device.
  • a key generation factor ie, a first session key generation factor used to generate a session key for data interaction between the terminal and the smart cryptographic device
  • the public key encrypts the first session key generation factor to ensure the security of the first session key generation factor transmission.
  • the terminal sends the third signature information, the second encryption information, and the terminal certificate to the smart cryptographic device;
  • the smart cryptographic device After receiving the third signature information, the second encryption information, and the terminal certificate, the smart cryptographic device uses the root certificate corresponding to the pre-stored terminal certificate to verify whether the terminal certificate is legal. Specifically, the smart cryptographic device also needs to obtain the root certificate corresponding to the terminal certificate. In order to verify the validity of the terminal certificate.
  • the smart cryptographic device After verifying that the terminal certificate is legal, the smart cryptographic device uses the public key in the terminal certificate to verify the third signature information;
  • the smart cryptographic device After verifying that the third signature information is passed, the smart cryptographic device generates a second session key generation factor, encrypts the second session key generation factor by using the public key in the terminal certificate, obtains the third encrypted information, and generates a smart cryptographic device authentication.
  • the smart cryptographic device Completing the message; specifically, after the verification of the terminal certificate and the signature information of the terminal are passed, the smart cryptographic device generates a generation key of the session key for data interaction between the terminal and the smart cryptographic device (ie, a second session key generation factor, The second session key generation factor is used to generate a session key for data interaction between the terminal and the smart cryptographic device), and the second session key generation factor is encrypted by using the public key in the terminal certificate to ensure the second
  • a smart password device authentication completion message is generated to inform the terminal that the smart cryptographic device authentication is completed.
  • the smart cryptographic device sends the third encrypted information and the smart cryptographic device authentication completion message to the terminal;
  • the terminal After receiving the third encrypted information and the smart cryptographic device authentication completion message, the terminal verifies the smart cryptographic device authentication completion message; specifically, the terminal also authenticates the smart cryptographic device authentication completion message to ensure the legal source of the authentication completion message.
  • the terminal After verifying that the smart cryptographic device authentication completion message is passed, the terminal generates a terminal authentication second completion message, and sends a terminal authentication second completion message to the smart cryptographic device, and obtains the first session key generation factor and the third encrypted information.
  • the second session key generation factor generates a second session key. Specifically, after the authentication smart password device authentication completion message is passed, the terminal generates a terminal authentication second completion message to notify the smart cryptographic device terminal that the authentication is completed, and the terminal according to the first
  • the session key generation factor and the second session key generation factor obtained by decrypting the third encryption information generate a second session key for data interaction with the smart cryptographic device by the second session key.
  • the smart cryptographic device After receiving the terminal completion second completion message, the smart cryptographic device verifies the terminal to authenticate the second completion message. Specifically, the smart cryptographic device also authenticates the terminal to authenticate the second completion message to ensure the legal source of the authentication completion message.
  • the second session key is generated according to the second session key generation factor and the first session key generation factor obtained by decrypting the second encrypted information. Specifically, after verifying the terminal authentication second completion message, the smart cryptographic device generates a second session key according to the second session key generation factor and the first session key generation factor obtained by decrypting the second encrypted information, so as to be connected to the terminal. Data interaction is performed by the second session key.
  • the present invention is not limited to such a second session key generation process initiated by the terminal, and the second session key generation process may also be initiated by the smart cryptographic device.
  • the second session key may be generated by one of the terminal or the smart cryptographic device, and encrypted by the public key of the other party and then sent to the other party, thereby reducing the computational complexity of one party.
  • the process of generating the second session key between the terminal of the present invention and the smart cryptographic device may be the same as the process of generating the first session key between the terminal and the background system server. That is, the second session key can also be obtained by decomposing the shared master key.
  • the terminal sends an authentication request to the smart cryptographic device, and sends a random number R01;
  • the smart cryptographic device in the dormant state is woken up after receiving the authentication request sent by the terminal;
  • the smart cryptographic device generates a random number R02, performs a digest calculation on the R01, and uses the private key to encrypt the digest to generate the signature S01, and the smart cryptographic device sends the random number R02, the signature S01, and the smart cryptographic device certificate to the terminal;
  • the terminal verifies the legality of the smart cryptographic device certificate by using the root certificate corresponding to the smart cryptographic device certificate pre-stored in the terminal;
  • step 5 If the verification of the smart cryptographic device certificate is legal, perform step 5);
  • step 6 If the verification signature S01 is correct, step 6) is performed;
  • the terminal connects R01 and R02 to form R01
  • the smart cryptographic device verifies the legality of the terminal certificate by using the root certificate corresponding to the terminal certificate pre-stored by the smart cryptographic device;
  • step 8 If the verification terminal certificate is legal, perform step 8);
  • step 9 is performed;
  • the intelligent cryptographic device generates a random number R04, encrypts R04 with the public key of the terminal to generate ciphertext E02, and sends the ciphertext E02 to the terminal;
  • the terminal generates an authentication completion message, the terminal performs a digest operation on the terminal certificate to obtain H01, performs a digest operation on the smart cryptographic device certificate to obtain H02, and connects R01, R02, E01, E02, H01, H02, S01, and S02 to obtain T01. Then, T01 is digested and signed, and a "background authentication completion message" F01 is obtained, and F01 is sent to the smart cryptographic device;
  • the smart cryptographic device receives F01 and verifies F01;
  • step 12 If the verification F01 is passed, step 12) is performed;
  • the smart cryptographic device generates an authentication completion message F02 in the same manner, and sends the generated authentication completion information to the terminal;
  • step 14 If the verification F02 is passed, step 14) is performed;
  • the smart cryptographic device and the terminal are respectively connected to R03 and R04 to obtain R03
  • Process 1 generates an encryption key and a verification key (such as MACKEY).
  • Process 2 only generates an encryption key, and does not generate a verification key (of course, a verification key can also be generated).
  • the function of the verification key is to generate a check value, which is used to verify whether the data has been tampered with during transmission.
  • the data sender uses a specific algorithm to generate a check value using the check key
  • the data receiver uses the check value and the check key to verify whether the received data has been tampered with.
  • the user can manually determine whether the data is correct through the information displayed on the smart cryptographic device, so no need to introduce a check value.
  • the terminal can also determine whether the information has been tampered with by verifying the signature sent by the smart cryptographic device, and does not need to introduce a check value. Therefore, in order to simplify the processing flow and improve communication efficiency, when generating the second session key, it may not A verification key needs to be generated. Of course, in order to further improve security, a verification key can also be generated.
  • the background system server does not know the specific content of the transaction, in order to ensure security, it is necessary to determine whether the data has been tampered with by introducing a check value.
  • the process first generates a shared master key through one party, and then uses a special algorithm to process the shared master key, and decomposes to obtain an encryption key and a verification key; the second process is that each side of the authentication generates an encryption key. The constituent factor of the key, and finally the encryption key.
  • the session key generation method used in the process 1 and the session key generation method used in the process 2 can be used for the generation of the session key between the terminal and the background system server, and can also be used for the terminal and the smart password device. The generation of a session key.
  • the phishing risk can be prevented, the transaction risk such as tampering of the transmission information, remote hijacking and man-in-the-middle attack can be prevented, thereby effectively securing the funds of the terminal and the smart cryptographic device.
  • steps 2 and 4 a method of mutual authentication between the back-end system server and the terminal and the smart cryptographic device is established to establish a secure channel between the three to prevent phishing risks, prevent transaction information tampering, remote hijacking and man-in-the-middle attacks. Such as transaction risk, thus effectively protecting the security of the account of the user holding the smart cryptographic device and the merchant holding the terminal.
  • Step 5 The terminal obtains user information.
  • the terminal obtains the user information corresponding to the smart cryptographic device according to the information of the scanned smart cryptographic device (for example, the user's photo, name, account, and the like), which may be, but not limited to, the following manner.
  • the terminal obtains the user information corresponding to the smart password device.
  • Method 1 The terminal acquires user information corresponding to the smart password device from the background system server.
  • the terminal sends the identification information of the smart cryptographic device and the user information read request to the background system server; specifically, when the terminal sends the identification information of the smart cryptographic device and the user information read request to the background system server, the terminal may directly send the request to the background system server.
  • the identification information of the smart cryptographic device and the user information reading request may also use the first session key to perform encryption calculation and/or verification calculation on the identification information of the smart cryptographic device and/or the user information read request, and then send the Guarantee the security and integrity of information transmission.
  • the background system server After receiving the identification information of the smart cryptographic device and the user information reading request, the background system server obtains the user information corresponding to the smart cryptographic device according to the identification information of the smart cryptographic device; specifically, the background system server prestores each registered smart device.
  • the user information corresponding to the cryptographic device is used to obtain the user information corresponding to the smart cryptographic device according to the received identification information of the smart cryptographic device.
  • the background system server also needs to decrypt and/or verify the received information by using the first session key. After the verification calculation is correct, the identification information of the complete smart cryptographic device and/or the user information read request are obtained.
  • the background system server determines whether the identification information of the smart cryptographic device is included in the background system after receiving the identification information of the smart cryptographic device and the user information reading request.
  • the cryptographic device instructs the signature to obtain the fifth signature information, and sends the locked smart cryptographic device command and the fifth signature information to the smart cryptographic device through the terminal; after receiving the locked smart cryptographic device command and the fifth signature information, the smart cryptographic device uses the pre-stored
  • the public key in the background system server certificate verifies the fifth signature information; after verifying that the fifth signature information is passed, the smart cryptographic device performs a locking operation according to the instruction of the locked smart cryptographic device.
  • the smart password device abnormal list may be a blacklist, a loss list, an invalidation list, or the like, which is an illegal list of the smart password device identity; if the smart password device identification information is in the smart password device abnormal list, the smart password device is specified. It is an illegal smart password device.
  • the background system server sends a lock instruction to the illegal smart password device through the terminal to lock the illegal smart password device, and the background system server also signs the lock command. To ensure the legal source of the lock instruction, to avoid malicious operations that illegally lock the smart password device.
  • the background system server may not sign the lock instruction and only send the lock command to the illegal terminal to lock the illegal terminal.
  • the smart cryptographic device may perform the locking operation according to the instruction of the locked smart cryptographic device, and may include any manner in which the smart cryptographic device refuses to execute any request, destroys the certificate stored by itself, and the like.
  • the background system server can also perform any request to reject the illegal smart cryptographic device after sending the lock instruction.
  • the backend system server can report the loss, and the background system server registers the device identification code of the smart password device on the loss list; or the account is abnormally reported. In some cases, the backend system server will also register these smart password devices in the blacklist. Devices in these exception lists are registered as exception devices on the exception list.
  • the background system server authenticates the smart password device. During the authentication process, the device identifier is compared with the abnormal list. If the smart password device is locked on the list.
  • the background system server can remotely authenticate the smart password device before each transaction. Will this Smart password devices are locked, so even if the smart password device is illegally stolen by others, the user account can be protected from loss.
  • the backend system server may further perform encryption calculation on the locked smart cryptographic device command and the fifth signature information by using the first session key. And/or verifying the calculation to ensure the security and/or integrity of the locked smart cryptographic device command and the fifth signature information transmission, and the terminal uses the first session after receiving the encrypted calculated and/or verified calculated information. After the key performs the decryption calculation and/or the verification verification calculation, the locked smart password device instruction and the fifth signature information are obtained.
  • the terminal may further perform encryption calculation and/or check calculation on the locked smart cryptographic device command and the fifth signature information by using the second session key, and then perform the cryptographic calculation. And/or verifying the calculated information and sending it to the smart cryptographic device to ensure the security and/or integrity of the information transmission.
  • the smart cryptographic device After receiving the information sent by the terminal, the smart cryptographic device performs decryption calculation and/or verification verification calculation. To obtain the lock smart cryptographic device command and the fifth signature information.
  • the background system server also needs to authorize the smart password device holder to send the user information corresponding to the smart password device to the terminal.
  • the background system server sends the user authorization request information to the smart cryptographic device through the terminal (for example, the user authorization request information may be a random number); after receiving the user authorization request information, the smart cryptographic device generates authorization information (for example, the authorization information may be And the information obtained by signing the random number), and sending the authorization information to the background system server by the terminal; and after the background system server receives the authorization information, performing the step of the background system server transmitting the response information of the user information read request to the terminal.
  • the user authorization request information may be a random number
  • the smart cryptographic device after receiving the user authorization request information, the smart cryptographic device generates authorization information (for example, the authorization information may be And the information obtained by signing the random number), and sending the authorization information to the background system server by the terminal; and after the background system server receives the authorization information, performing the step of the background system server transmitting the response information of the user information read request
  • the background system server may also use the private key of the background system server to sign the user authorization request information, and then send the information to the smart cryptographic device through the terminal.
  • the smart cryptographic device After receiving the signed information, the smart cryptographic device verifies the signature, and after the verification is passed.
  • the user authorization request information is considered to be from a legitimate background system server, and the request is confirmed to authorize the background system server; the smart cryptographic device can also use the private key of the smart cryptographic device to sign the authorization information and then send it to the background through the terminal. After receiving the signed information, the system server verifies the signature.
  • the authorization information is considered to be from the correct smart password device to perform subsequent operations according to the authorization information; the background system server may also utilize the first The session key performs encryption calculation and/or verification calculation on the user authorization request information, and then sends the data to the terminal, and the terminal uses the first session key to perform decryption calculation and/or verification verification calculation on the received information; the terminal uses the second session.
  • the right request information is sent to the smart cryptographic device after the encryption calculation and/or the check calculation, and the smart cryptographic device uses the second session key to perform decryption calculation and/or verification verification calculation on the received information;
  • the background system server may also utilize The private key of the background system server signs the user authorization request information, and then performs the encryption calculation and/or the verification calculation by using the first session key, and the terminal uses the first session key to connect.
  • the received information is subjected to decryption calculation and/or verification verification calculation; the terminal uses the second session key to perform encryption calculation and/or verification calculation on the information signed by the background system server, and then sends the information to the smart password device, and the smart password device utilizes The second session key performs a decryption calculation and/or a verification verification calculation on the received information, and performs verification on the signature.
  • the above is only a few ways for the background system server to request authorization from the smart cryptographic device.
  • the present invention is not limited thereto, and the above various combinations of variants should also fall within the protection scope of the present invention.
  • the smart cryptographic device can also be converted from the sleep state to the awake state; the smart cryptographic device generates the authorization information in the awake state. In order to save energy and extend the life of smart password devices.
  • the background system server performs the encryption calculation and/or the verification calculation of the user information by using the first session key to obtain the response information of the user information read request, and sends the response information of the user information read request to the terminal;
  • the terminal After receiving the response information of the user information read request, the terminal performs the decryption calculation and/or the verification verification calculation on the response information of the user information read request by using the first session key to obtain the user information.
  • Manner 2 The terminal acquires user information corresponding to the smart password device from the smart password device.
  • the terminal sends a user information read request to the smart cryptographic device according to the identification information of the smart cryptographic device; specifically, the terminal may directly send the user information read request to the smart cryptographic device, or may use the second session key to read the user information request. Encryption calculation and/or verification calculation are performed before transmission to ensure the security and integrity of information transmission.
  • the smart cryptographic device obtains pre-stored user information, performs encryption calculation and/or verification calculation on the obtained user information by using the second session key, and obtains response information of the user information read request, and sends the user information to the terminal. Requested response information;
  • the terminal After receiving the response information of the user information read request, the terminal performs the decryption calculation and/or the verification verification calculation on the response information of the user information read request by using the second session key to obtain the user information.
  • the refusal information may be sent to the terminal through a button set on the smart cryptographic device or through software control to ensure the security of the user information.
  • the rejection information can also be sent after the second session key encryption calculation and/or verification calculation.
  • the terminal stores the user information in the pre-established current user list.
  • the detected smart password device is constantly changing due to the change of the passenger flow in the store where the terminal is located and the flow of the personnel.
  • the current user list may be Update by, but not limited to, the following.
  • the terminal obtains identification information of all the smart cryptographic devices within the signal coverage of the terminal, and generates a real-time identification list;
  • the terminal sets the identification information of the smart cryptographic device in the real-time identification list with the current user column according to the preset time interval.
  • the identification information of the smart cryptographic device in the table is compared;
  • the current user list is updated in this manner to ensure that the user information corresponding to the smart cryptographic device in the coverage of the terminal signal can be updated to the current user list in time, and the user information corresponding to the smart cryptographic device within the coverage of the terminal signal is removed. It can be deleted from the current user list in time to ensure security.
  • the terminal obtains identification information of all the smart cryptographic devices within the signal coverage of the terminal, and generates a real-time identification list;
  • the terminal compares the identification information of the smart cryptographic device in the real-time identification list with the identification information of the smart cryptographic device in the current user list according to a preset time interval;
  • the step of obtaining the user information corresponding to the smart cryptographic device according to the identification information of the scanned smart cryptographic device is performed, and after the terminal obtains the user information, The user information is stored in the real-time identification list; and if the identification information of the smart cryptographic device in the real-time identification list is in the current user list, the user information of the smart cryptographic device in the current user list is stored in the real-time identification list;
  • the real-time identification list is taken as the updated current user list.
  • the terminal can copy the user information corresponding to the original smart password device in the store directly from the original current user list to the real-time identification list, and the user information corresponding to the customer of the newly entered store can pass.
  • a user information read request is obtained from the background system server or the smart cryptographic device to obtain.
  • the current user list can be automatically updated, which facilitates the management and maintenance of the information of the merchant's store staff.
  • the terminal may display the user information corresponding to the user in the stored current user list, so that the holder of the smart password device can view the user information to ensure the correctness of the transaction.
  • the transaction process requires a device with an account storage function such as a SIM card or a smart card, and the user needs to perform operations such as swiping the mobile phone, so that the merchant can obtain the account information of the user.
  • an account storage function such as a SIM card or a smart card
  • the terminal of the merchant can use the identification information of the smart cryptographic device first, and then use the wise The identification information of the cryptographic device obtains the user information corresponding to the smart cryptographic device. Therefore, the customer can pay for the product without using a wallet, a credit card, a mobile phone, etc., thereby simplifying the interaction between the customer and the merchant, and improving the user experience.
  • Step 6 Transaction information processing.
  • the terminal generates transaction information according to the user information corresponding to the smart cryptographic device to be traded, and uses the second session key to perform encryption calculation and/or check calculation on the transaction information to obtain transaction request information; specifically, the transaction information may include the transaction amount, The account information of both parties to the payment and payment, the identification information of the parties to the payment, and the like, the transaction information may also include an electronic statement, and the user may review the transaction details according to the electronic statement, for example, the specific transaction time, the transaction number, the transaction amount, and the purchase. Items, etc.
  • the terminal uses the second session key to perform encryption calculations and/or check calculations on the transaction information to ensure the security and/or integrity of the transaction information transmission.
  • the terminal sends the transaction request information to the smart cryptographic device.
  • the terminal may send the transaction request information by using, but not limited to, the following: the terminal encodes the transaction request information and sends the signal through the sound wave; or the terminal performs graphic coding on the transaction request information. Displayed for the smart cryptographic device to perform image acquisition; or the terminal transmits the transaction request information through a communication interface that the terminal matches with the smart cryptographic device.
  • the smart cryptographic device After receiving the transaction request information, the smart cryptographic device obtains the transaction information by performing decryption calculation and/or verification verification calculation on the transaction request information by using the second session key;
  • the smart cryptographic device can also switch from the sleep state to the awake state after receiving the transaction request information; the smart cryptographic device uses the second session key to request the transaction information in the awake state.
  • the decryption calculation and/or the verification verification calculation is performed to obtain the transaction information.
  • the smart password device prompts the transaction information; specifically, the smart password device can display the transaction information through the display screen, and can also play the transaction information in a voice manner through a speaker or the like.
  • the smart cryptographic device can also prompt the user to know the real transaction information by other means to ensure the security of the transaction.
  • the key information can be extracted from the transaction information, and the smart cryptographic device only prompts the key information.
  • the specific prompting manner refer to the prompting manner of the smart cryptographic device for the transaction information.
  • the smart cryptographic device receives the confirmation command and generates the transaction confirmation information; specifically, the smart cryptographic device can receive the confirmation command by detecting the information sent when the confirmation button set on the smart cryptographic device is pressed, or can detect the touch screen by detecting The information confirmation confirmation command sent when the virtual confirmation key is displayed is clicked, and the biometric information such as the detected voice, fingerprint, and iris may be used as a confirmation command or the like. Further, the smart cryptographic device may generate the transaction confirmation information by, but not limited to, the smart cryptographic device signing the transaction information by using the private key of the smart cryptographic device, generating the transaction signature information as the transaction confirmation information; or generating the dynamic password as the smart cryptographic device.
  • the transaction confirmation information may also be information calculated by using the second session key encryption calculation and/or verification.
  • each generation of the smart password device is generated.
  • the smart cryptographic device also generates a single transaction identifier, and uses the private key of the smart cryptographic device to sign the transaction information and the single transaction identifier, and generates the transaction signature information as the transaction confirmation information; or the smart cryptographic device generates a single time.
  • the transaction identifier uses the private key of the smart cryptographic device to sign the single transaction identifier to obtain the signature information of the single transaction identifier, and generates a dynamic password, and uses the signature information of the single transaction identifier and the dynamic password as the transaction confirmation information to ensure one time.
  • the transaction is only successfully executed once, wherein the single transaction identifier may be a random number or the like.
  • the transaction confirmation information may also be the information calculated by using the second session key encryption calculation and/or verification. Due to the unstable transmission line of the wireless network, the smart password device may not receive the receipt. If the single transaction identifier is not set, the terminal may need to hold the smart password device when it does not receive the signature information of the smart password device.
  • the user performs the confirmation signature operation multiple times, that is, the smart cryptographic device sends the signature information to the terminal multiple times, so that the terminal may use the multiple signature values to generate multiple transaction data packets and send them to the background system server, thereby The account corresponding to the device is repeatedly debited. If a single transaction identifier is set, when the line is unstable, the smart cryptographic device will continue to sign the transaction information and the same single transaction identifier and then send it to the terminal until the receipt is received.
  • the terminal generates a transaction data packet by using the signature value sent by the smart cryptographic device, and the background system server receives the transaction data packet to determine the single transaction identifier inside, if the single transaction identifier is already saved in the transaction log, that is, Once the transaction has been made, the transaction data packet will no longer be processed, and no multiple or repeated debits will be incurred, thus protecting the account funds of the smart password device user.
  • the terminal receives the transaction confirmation information.
  • the terminal may receive the transaction confirmation information by using, but not limited to, the following manner: the terminal receives the sound wave signal sent by the smart password device and decodes the sound wave signal to obtain the transaction confirmation information (for example, the sound wave identification device may be used. The sound wave signal is recognized, the sound wave signal is decoded by the sound wave decoder to obtain the transaction confirmation information); or the terminal collects the image information displayed by the smart password device and decodes the image information (for example, the two-dimensional code, the barcode, etc.) to obtain the transaction confirmation information.
  • the terminal receives the sound wave signal sent by the smart password device and decodes the sound wave signal to obtain the transaction confirmation information (for example, the sound wave identification device may be used.
  • the sound wave signal is recognized, the sound wave signal is decoded by the sound wave decoder to obtain the transaction confirmation information
  • the terminal collects the image information displayed by the smart password device and decodes the image information (for example, the two-dimensional code, the barcode
  • the image acquisition device is used to collect the image information
  • the decoder is used to decode the image information to obtain the transaction confirmation information
  • the terminal receives the transaction confirmation information through the communication interface matched by the terminal and the smart cryptographic device; or the terminal inputs through the terminal.
  • the information is obtained by confirming the transaction. If the transaction confirmation information is obtained by using the second session key encryption calculation and/or verification calculation, then in this step, the calculated information is also subjected to decryption calculation and/or verification verification calculation using the second session key.
  • the terminal uses the first session key to perform encryption calculation and/or check calculation on the transaction confirmation information to obtain the transaction data packet, and sends the transaction data packet to the background system server; specifically, the terminal uses the first session key to confirm the transaction information or
  • the information obtained by decrypting the transaction confirmation information is subjected to encryption calculation and/or verification calculation; the transaction data package may also include other information such as transaction information.
  • the transaction information may include information such as the transaction amount, the account information of the parties to the payment, and the identification information of both parties.
  • the transaction information may also include an electronic statement, and the user may review the transaction details according to the electronic statement, for example, the specific transaction time, the transaction. Single number, transaction amount, purchased items, etc.
  • the background system server After receiving the transaction data packet, the background system server obtains transaction confirmation information by performing decryption calculation and/or verification verification calculation on the transaction data packet by using the first session key;
  • the background system server verifies the transaction confirmation information, and executes the transaction after the verification is passed; specifically, the background system server only confirms that the transaction has been verified by the legal smart password device after verifying that the transaction confirmation information is verified, and The transaction is executed based on the confirmed result.
  • the background system server may also send the transaction success receipt information to the smart cryptographic device through the terminal; after receiving the transaction success receipt information, the smart cryptographic device prompts the transaction success receipt information.
  • the transaction success receipt information may also include an electronic statement, and the user may review the transaction details according to the electronic statement, such as the specific transaction time, the transaction number, the transaction amount, the purchased item, and the like.
  • the background system server may also send a transaction success receipt information to the terminal, so that the terminal knows that the transaction is completed.
  • the transaction success receipt information can be sent to the terminal by using the first session key encryption calculation and/or verification calculation, and the terminal decryption calculation and/or verification verification calculation uses the second session key for encryption calculation and/or calibration. After the calculation is performed, it is sent to the smart cryptographic device, and the smart cryptographic device decrypts the calculation and/or verifies the verification calculation and prompts the user to know; the transaction success receipt information may also be that the background system server uses the private key of the background system server to sign and then sends the message through the terminal.
  • the smart cryptographic device prompts the user to know the signature information, and may also be prompted by the background system server to use the first session key to encrypt and calculate and/or verify the calculation and then send it to the terminal.
  • the second session key is used to encrypt the calculation and/or the verification calculation, and then sent to the smart cryptographic device, and the smart cryptographic device decrypts the calculation and/or verifies the verification calculation, and then prompts the verification after the verification is passed.
  • Step 7 Refund.
  • Method 1 The terminal sends the refund information to the smart password device; specifically, the refund information may include: any combination of the account number of the refund, the refund amount, the refund transaction ticket number, and the identification information of both parties of the refund, and the refund
  • the information can also include an electronic statement, and the user can review the refund details based on the electronic statement, such as the specific refund time, the refund transaction number, the refund amount, and the returned item.
  • the refund information can also be sent to the smart cryptographic device through the second session key for encryption calculation and/or verification calculation to ensure the security and/or integrity of the information transmission.
  • the terminal may also send the refund information by, but not limited to, the following: the terminal encodes the refund information and sends the sound signal through the sound wave signal; or the terminal graphically encodes the refund information and displays it for the smart password device to perform image collection; or the terminal passes The communication interface that the terminal matches with the smart cryptographic device sends a refund information.
  • the smart password device After receiving the refund information, the smart password device prompts the refund information; specifically, after receiving the refund information, the smart password device prompts the user to know the refund information by any means such as voice play or display display, so that The user determines that the refund information is a true refund information.
  • the terminal uses the second session key to encrypt the refund information After the calculation and/or verification calculation, this step also needs to use the second session key to perform decryption calculation and/or verification verification calculation on the received information.
  • the smart cryptographic device can also switch from the sleep state to the awake state after receiving the refund information; the smart cryptographic device prompts the refund information in the awake state.
  • the smart cryptographic device receives the refund confirmation instruction and signs the refund information by using the private key of the smart cryptographic device to generate a refund confirmation information; specifically, the user passes the smart after determining that the refund information is true refund information. Confirm the physical button or virtual button set on the password device. After the smart cryptographic device sends the refund confirmation information to the terminal (for example, after transmitting the sound wave signal corresponding to the refund confirmation information, or after displaying the image information corresponding to the refund confirmation information for a predetermined time), the awake state is changed to the sleep state. .
  • the terminal receives the refund confirmation information, and verifies the refund confirmation information, and after the verification is passed, uses the private key of the terminal to sign the refund confirmation information to generate a refund confirmation package; specifically, the terminal may pass but is not limited to the following manner Receiving the refund confirmation information: the terminal receives the sound wave signal sent by the smart password device and decodes the sound wave signal to obtain the refund confirmation information (for example, the sound wave identification device can be used to identify the sound wave signal, and the sound wave signal is decoded by the sound wave decoder to obtain the sound wave signal.
  • the sound wave identification device can be used to identify the sound wave signal
  • the sound wave signal is decoded by the sound wave decoder to obtain the sound wave signal.
  • Refund confirmation information or the terminal collects image information displayed by the smart cryptographic device and decodes the image information (for example, two-dimensional code, barcode, etc.) to obtain refund confirmation information (for example, image acquisition device is used to collect image information, The decoder obtains the refund confirmation information after decoding the image information; or the terminal receives the refund confirmation information through the communication interface matched by the terminal and the smart password device. In addition, the terminal authenticates the refund confirmation information using the public key of the smart cryptographic device.
  • image information displayed by the smart cryptographic device decodes the image information (for example, two-dimensional code, barcode, etc.) to obtain refund confirmation information (for example, image acquisition device is used to collect image information,
  • the decoder obtains the refund confirmation information after decoding the image information; or the terminal receives the refund confirmation information through the communication interface matched by the terminal and the smart password device.
  • the terminal authenticates the refund confirmation information using the public key of the smart cryptographic device.
  • the terminal sends a refund confirmation packet and a refund confirmation information to the background system server; specifically, the terminal may use the first session key to perform encryption calculation and/or verification calculation on the refund confirmation package and the refund confirmation information, and then send the report to the background.
  • System server to ensure the security and/or integrity of information transmission.
  • the background system server After receiving the refund confirmation package and the refund confirmation information, the background system server verifies the refund confirmation package and the refund confirmation information separately, and performs the refund operation after all the verifications are passed. Specifically, if the terminal performs the encryption calculation and/or the check calculation on the refund confirmation package and the refund confirmation information by using the first session key, in this step, the background system server further receives the first session key pair. The obtained information is subjected to decryption calculation and/or verification verification calculation. In addition, the backend system server also uses the public key of the terminal to verify the refund confirmation package, and uses the public key of the smart cryptographic device to verify the refund confirmation information.
  • the store generates refund information according to the customer's refund intention (the refund information may be obtained by searching for the recorded transaction information, or may be a regenerated refund information or other forms of refund information), and
  • the refund information is encrypted using a second session key between the terminal and the smart cryptographic device and sent to the smart cryptographic device;
  • the smart cryptographic device After receiving the encrypted refund information, the smart cryptographic device converts from the sleep state to the awake state, and decrypts the encrypted refund information by using the second session key, obtains the refund information, and displays the refund information. For customer confirmation;
  • the terminal After receiving the encrypted refund confirmation information, the terminal decrypts the information by using the second session key, obtains the refund confirmation information, and verifies the correctness of the refund confirmation information by using the public key of the smart password device. If correct, the terminal utilizes The private key of the terminal re-signs the refund confirmation information to obtain a refund confirmation package. Of course, the terminal can also directly sign the refund information to obtain a refund confirmation package;
  • the terminal encrypts the refund confirmation package and the refund confirmation information by using the first session key, and sends the confirmation to the background system server;
  • the background system server After receiving the encrypted information, the background system server decrypts the received information by using the first session key, and uses the public key of the terminal to verify the refund confirmation package, and uses the public key of the smart password device to confirm the refund. The information is verified and, after both verifications have been passed, a refund operation is performed and a refund success receipt information is sent to the terminal and/or smart cryptographic device.
  • Mode 2 The difference between the second mode and the first mode is that before the terminal sends the refund information to the smart cryptographic device, the terminal further receives the refund request sent by the smart cryptographic device, and generates the refund information according to the refund request.
  • the customer can generate a refund request by pressing a button on the smart password device, and the smart password device sends the refund request to the terminal after receiving the refund request.
  • the refund information can also include an electronic statement, and the user can review the refund details based on the electronic statement, such as the specific refund time, the refund transaction number, the refund amount, and the returned item.
  • any implementation that can trigger a smart cryptographic device to generate a refund request is within the scope of the present invention.
  • the smart cryptographic device can also switch from the sleep state to the awake state before sending the refund request to the terminal; the smart cryptographic device sends a refund request to the terminal in the awake state. After the smart cryptographic device sends a refund request, it transitions from the awake state to the sleep state. When the smart cryptographic device receives the refund information sent by the terminal, it changes from the sleep state to the awake state, and performs an operation of prompting the refund information and generating the refund confirmation information in the awake state.
  • the awake state is changed to the sleep state.
  • Method 3 The smart cryptographic device sends a refund request to the terminal.
  • the customer can generate a refund request by pressing a button on the smart password device, and the smart password device is connected. After receiving the refund request, the refund request is sent to the terminal.
  • the customer can generate a refund request by pressing a button on the smart password device, and the smart password device is connected. After receiving the refund request, the refund request is sent to the terminal.
  • the terminal can trigger a smart cryptographic device to generate a refund request.
  • the smart cryptographic device can also switch from the sleep state to the awake state before sending the refund request to the terminal; the smart cryptographic device sends a refund request to the terminal in the awake state.
  • the terminal generates a refund request identifier, and sends a refund request identifier to the smart password device.
  • the terminal may generate a random number, and the random number is used as a refund request identifier, and the random number is used to provide the smart password device to generate a refund. Information.
  • the smart password device After receiving the refund request identifier, the smart password device generates a refund information, and uses the private key of the smart password device to sign the refund information, obtains the refund confirmation information, and sends a refund confirmation information to the terminal; specific, intelligent The password device generates the refund information by using the refund request identifier, the refund amount, the refund account and the like, and the refund information may further include any combination of the refund transaction ticket number and the identification information of both parties of the refund;
  • the amount can be input through the keys on the smart password device. Of course, it can also be input by other means (for example, voice input).
  • the refund account can be input through the keys on the smart password device, and can also be pre-stored in the smart by reading.
  • the refund account in the password device is input; of course, after the transaction is completed, the transaction information is saved on the smart password device, and the transaction information is inquired to obtain information such as the refund amount and the refund account; of course, the refund information It can also perform encryption calculation and/or verification calculation through the second session key and send it to the terminal to ensure the letter. Security and / or integrity of transmission.
  • the smart cryptographic device may also send the refund information by, but not limited to, the following: the smart cryptographic device encodes the refund information and transmits the sound signal; or the smart cryptographic device graphically encodes the refund information and displays it for the terminal to perform image collection. Or the smart cryptographic device sends a refund message via the communication interface that the smart cryptographic device matches the terminal.
  • the smart cryptographic device can also send the refund confirmation information to the terminal (for example, after transmitting the sound wave signal corresponding to the refund confirmation information, or displaying the image information corresponding to the refund confirmation information) After the predetermined time has elapsed, the state transitions from the awake state to the sleep state.
  • the terminal receives the refund confirmation information, verifies the refund confirmation information, and after the verification is passed, uses the private key of the terminal to sign the refund confirmation information to generate a refund confirmation package; specifically, when the smart password device utilizes the second session After the key performs encryption calculation and/or verification calculation on the refund information, this step also needs to use the second session key to perform decryption calculation and/or verification verification calculation on the received information; the terminal may pass but not be limited to the following
  • the method receives the refund confirmation information: the terminal receives the sound wave signal sent by the smart password device and decodes the sound wave signal to obtain the refund confirmation information (for example, the sound wave recognition device can be used to identify the sound wave signal, and the sound wave decoder is used to decode the sound wave signal.
  • the terminal collects the image information displayed by the smart password device and decodes the image information (for example, the two-dimensional code, the barcode, etc.) to obtain the refund confirmation information (for example, the image collection device is used to collect the image information, Adopt
  • the decoder obtains the refund confirmation information after decoding the image information; or the terminal receives the refund confirmation information through the communication interface matched by the terminal and the smart password device.
  • the terminal authenticates the refund confirmation information using the public key of the smart cryptographic device.
  • the terminal sends a refund confirmation packet and a refund confirmation information to the background system server; specifically, the terminal may use the first session key to perform encryption calculation and/or verification calculation on the refund confirmation package and the refund confirmation information, and then send the report to the background.
  • System server to ensure the security and/or integrity of information transmission.
  • the background system server After receiving the refund confirmation package and the refund confirmation information, the background system server verifies the refund confirmation package and the refund confirmation information separately, and performs the refund operation after all the verifications are passed. Specifically, if the terminal performs the encryption calculation and/or the check calculation on the refund confirmation package and the refund confirmation information by using the first session key, in this step, the background system server further receives the first session key pair. The obtained information is subjected to decryption calculation and/or verification verification calculation. In addition, the backend system server also uses the public key of the terminal to verify the refund confirmation package, and uses the public key of the smart cryptographic device to verify the refund confirmation information.
  • the smart cryptographic device is switched from a sleep state to an awake state; for example, the smart cryptographic device can be brought into an awake state by a key operation of a customer holding the smart cryptographic device;
  • the customer can generate a refund request by pressing a button on the smart password device, and the smart password device sends the refund request to the terminal after receiving the refund request;
  • the terminal may generate a random number R, and the random number is R as a refund request identifier, and send a refund request identifier to the smart password device;
  • the smart password device generates the refund information, and uses the private key of the smart password device to sign the refund information, obtain the refund confirmation information, and send the refund confirmation information to the terminal; wherein the refund information includes at least: a refund request Information such as identification, refund amount, refund account, etc., wherein the refund amount, refund account and other information can be input by the customer through the button on the smart password device, or the refund amount can be passed by the customer through the button on the smart password device Input, the refund account is read from the information pre-stored by the smart password device, or the refund amount, refund account and other information can be read from the information pre-stored by the smart password device, and the smart password device uses the terminal and the smart password device.
  • the second session key is encrypted with the refund confirmation information and sent to the terminal;
  • the terminal After receiving the encrypted refund confirmation information, the terminal decrypts the information by using the second session key, obtains the refund confirmation information, and verifies the correctness of the refund confirmation information by using the public key of the smart password device. If correct, the terminal utilizes The private key of the terminal re-signs the refund confirmation information to obtain a refund confirmation package. Of course, the terminal can also directly sign the refund information to obtain a refund confirmation package;
  • the terminal encrypts the refund confirmation package and the refund confirmation information by using the first session key, and then sends the information to the background system service.
  • the background system server After receiving the encrypted information, the background system server decrypts the received information by using the first session key, and uses the public key of the terminal to verify the refund confirmation package, and uses the public key of the smart password device to confirm the refund. The information is verified and, after both verifications have been passed, a refund operation is performed and a refund success receipt information is sent to the terminal and/or smart cryptographic device.
  • the refund confirmation package or the refund confirmation information may also include a single refund identifier, and the single refund identifier may be a random number to ensure that one refund is successfully executed only once.
  • the single refund identifier may be generated by the terminal, or may be generated by the smart password device, may be signed by the terminal in the refund confirmation packet, or may be signed by the smart password device in the refund confirmation information.
  • the background system server may also send a refund success receipt information to the terminal and/or the smart password device, so that the store and/or the customer can know that the refund is successful.
  • Step 8 Sell out.
  • terminal's account cancellation and smart password device sales the following describes the terminal's account:
  • the terminal acquires the terminal account cancellation application, uses the private key of the terminal to sign the account cancellation application to obtain the sixth signature information, and sends the terminal account cancellation application and the sixth signature information to the background system server; specifically, the terminal can also utilize the first session.
  • the key performs encryption calculation and/or verification calculation on the sixth signature information, and sends the calculated information to the background system server to ensure the security and/or integrity of the information transmission.
  • the background system server After receiving the terminal account cancellation application and the sixth signature information, the background system server uses the public key in the pre-stored terminal certificate to verify the sixth signature information; specifically, if the terminal further performs encryption calculation using the first session key and / or check calculation, in this step, the background system server also uses the first session key to perform decryption calculation and/or verification verification calculation on the received information.
  • the background system server After verifying that the sixth signature information is passed, the background system server deletes the pre-stored terminal certificate, and generates terminal completion information, and sends the terminal completion information to the terminal; specifically, the background system server deletes the pre-stored when performing the account cancellation.
  • the information corresponding to the terminal can be placed in the default account list of the background system server and other other account operations.
  • the account completion information may also be obtained by using the first session key for encryption calculation and/or verification calculation, or by using the private key of the background system server for signature, or by using the private key of the background system server. After the signature is performed, the first session key is used for the encryption calculation and/or the check calculation.
  • the terminal After receiving the terminal completion information, the terminal deletes the private key of the terminal. Specifically, after receiving the completion information of the terminal, the terminal deletes the private key, and of course, can also refuse to execute any backend system that sends the completion information of the terminal to the customer. Server related transaction operations. In addition, the terminal may also perform decryption calculation and/or verification verification calculation and/or verification operation and the like by using the first session key.
  • the smart password device obtains the application for the smart password device to cancel the account, uses the private key of the smart password device to sign the account cancellation application to obtain the seventh signature information, and sends the smart password device account cancellation application and the seventh signature information to the background system server;
  • the seventh signature information may be sent by the terminal, or may be manually processed.
  • the first session key and the second session key may be used to perform calculations such as encryption calculation and/or verification calculation. To ensure the security of information transmission.
  • the background system server After receiving the smart PIN device account cancellation application and the seventh signature information, the background system server uses the public key in the pre-stored smart cryptographic device certificate to verify the seventh signature information; specifically, if the terminal further uses the first session key The encryption calculation and/or the verification calculation, in this step, the background system server also performs decryption calculation and/or verification verification calculation on the received information by using the first session key.
  • the background system server After verifying the seventh signature information, the background system server deletes the pre-stored smart password device certificate, generates a smart password device account completion information, and sends the smart password device to the smart password device to complete the information; specifically, the background system server is When the account is cancelled, in addition to deleting the pre-stored smart password device certificate, the information corresponding to the smart password device can be placed in the default account list of the background system server and other other account operations.
  • the account completion information can also be sent to the smart cryptographic device through the terminal.
  • the first session key can be used for the encryption calculation and/or the check calculation, or the signature of the backend system server can be used to obtain the signature. Or use the private key of the background system server to sign and then use the first session key for encryption calculation and/or check calculation.
  • the smart cryptographic device After receiving the information about the completion of the smart cryptographic device, the smart cryptographic device deletes the private key of the smart cryptographic device. Specifically, the smart cryptographic device may perform verification on the signature information, and after the verification is passed, perform a deletion operation, and may also use the second session key to decrypt and/or verify the obtained information, and of course, may also utilize the After the second session key is decrypted and/or verified, the signature information is checked, as long as the security and/or integrity of the information transmission is included in the scope of the present invention.
  • the back-end system server ensures the legitimacy of the terminal and the smart password device through the registration, the account cancellation, the authentication and the locking of the management terminal and the smart password device, and the property loss caused by the illegal use of the terminal or the smart password device is eliminated.
  • steps 1 to 8 are not performed in sequence, and only a few steps may be completed.
  • steps 1 to 8 are not limited to the same application scenario, regardless of the application scenario. It is within the scope of the present invention to use any of the steps of the present invention and to perform the transaction safely.
  • the information transmitted between the terminal and the background system server can utilize the first session as needed.
  • the information transmitted between the terminal and the smart cryptographic device may also be transmitted after the second session key encryption calculation and/or check calculation as needed, as long as the information to be transmitted needs to be transmitted.
  • the session key can be used to complete the information transmission.
  • a wireless communication module is integrated on the smart cryptographic device, and the state control module forms a novel smart cryptographic device of the present invention that can be used for secure payment.
  • the smart cryptographic device includes a wireless communication module, which may be a Bluetooth communication module or a WIFI communication module, etc., and the wireless communication module may perform inquiry scanning and page scanning on other devices, and may perform signal and data interaction with other wireless devices.
  • the smart cryptographic device further includes a state control module, which can control the working state of the wireless communication module of the smart cryptographic device and the host.
  • the smart cryptographic device of the present invention has two states: a sleep state and an awake state.
  • the state control module can identify these signals, generate a wake-up signal, wake up the CPU to the awake state, and start executing the application command.
  • the CPU will go to sleep again.
  • the smart cryptographic device is in a dormant state, and the user enters the wireless signal coverage of the terminal with the smart cryptographic device, and the smart cryptographic device and the terminal complete the interactive identification of the wireless device, that is, the terminal can know that the smart cryptographic device enters the store where the terminal is located and A smart cryptographic device establishes a connection.
  • the terminal After the terminal establishes a connection with the smart cryptographic device, the terminal sends a request for the authentication device to the smart cryptographic device.
  • the state control module sends a wakeup signal, and the CPU is woken up, and the smart cryptographic device enters the wakeup. Status and perform the appropriate action.
  • the smart cryptographic device After completing the corresponding instruction, the smart cryptographic device returns to the sleep state, and continues to maintain the device interaction identification with the terminal, so that the terminal can determine whether the holder of the smart cryptographic device leaves the store.
  • the terminal After the terminal and the smart cryptographic device authenticate each other, the terminal requests the background system server to read the user information, and the background system server requests the user authorization information, and the terminal sends a user authorization request to the smart cryptographic device.
  • the smart cryptographic device in the sleep state receives the user authorization request sent from the terminal, and enters the awake state.
  • the smart cryptographic device will display the request from the terminal, prompting the user to judge whether it is authorized.
  • the user judges whether to authorize according to the request sent by the displayed terminal. If authorized, press the smart password device to confirm The key enables the smart cryptographic device to generate authorization information and send it to the terminal, and then goes to the sleep state. Otherwise, the smart cryptographic device ends executing the command and directly goes to the sleep state.
  • the terminal sends a user transaction confirmation request command to the sleepy smart cryptographic device, and the smart cryptographic device in the sleep state receives the command to enter the awake state, and the smart cryptographic device displays the received transaction information, and the user confirms. If the transaction information is correct, press the enter key to cause the smart password device to sign the transaction information and return it to the terminal; otherwise, the execution operation is completed and the smart password device goes to sleep.
  • the background system server and the terminal perform mutual authentication, and establish a secure channel to negotiate a common session key K1;
  • the terminal establishes a current user list on the local server, where the current user list can be used to store user information corresponding to the smart password device held by the customer in the current store;
  • the terminal local server monitors the smart cryptographic device in the wireless signal coverage of the terminal by using a wireless method (for example, using a wireless detecting device);
  • the customer carries a smart cryptographic device with wireless communication function (sleeping state) to shop, and when the customer enters the wireless signal coverage of the terminal, the smart cryptographic device can be searched by the terminal and establish a wireless connection with the terminal;
  • the terminal and the smart cryptographic device perform mutual authentication, and establish a secure channel to negotiate a common session key K2;
  • the terminal sends a request for reading the user information corresponding to the smart password device to the background system server;
  • the background system server generates a random number (single authorization identifier) as a parameter for generating user authorization information, and the background system server encrypts the random number by using the session key K1;
  • the background system server sends the user authorization request information to the terminal, and sends the random number ciphertext to the terminal;
  • the terminal decrypts the ciphertext, and then encrypts the random number by using the session key K2 negotiated between the terminal and the smart cryptographic device;
  • the terminal sends the user authorization request information to the smart cryptographic device, and sends the random ciphertext to the smart cryptographic device;
  • the smart cryptographic device After receiving the authorization request information, the smart cryptographic device converts to the awake state, and decrypts the received random ciphertext by using the session key K2, and then displays the user authorization request information on the display screen of the smart cryptographic device. Waiting for the user to confirm;
  • the user judges the information, and if not allowed, the smart password device goes to sleep state;
  • the smart password device summarizes and signs the random number (single authorization identifier), and uses the signature value as the user authorization information to send the signature value using the session key K2. Go to the terminal and then go to sleep;
  • the terminal receives the signature value and decrypts it with the session key K2, and then encrypts it with the session key K1 and transmits it to the background system service.
  • the background system server decrypts the signature by using the session key K1, and then decrypts the signature by using the public key of the smart cryptographic device, and compares the digest generated by the self-generated random number with the value obtained by decrypting the signature, and if not, returns an error. End of information operation;
  • the background system server encrypts the user information by using the session key K1, and generates a user authorization information check value (first check value), which may be in the form of a MAC or a hash function plus a signature. Waiting, sending the ciphertext and the check value to the terminal;
  • the terminal After receiving the user information, the terminal stores the user information in the current user list.
  • the terminal settles the amount, and selects an account corresponding to the smart password device held by the customer in the current user list;
  • the terminal generates transaction information by using the transaction amount, the account of the payment and payment parties, and the identification information of the payment and payment parties, and encrypts the transaction information by using the session key K2;
  • the terminal sends the transaction request information to the smart cryptographic device, and sends the transaction ciphertext to the smart cryptographic device;
  • the smart cryptographic device After receiving the transaction request information of the terminal, the smart cryptographic device transfers to the awake state, decrypts the transaction information into plaintext and displays it on the screen;
  • the customer confirms the transaction information, if there is a problem, press cancel, the transaction is aborted, and the smart password device goes to sleep state;
  • the smart cryptographic device summarizes and signs the transaction information and the random number, encrypts the signature by using the session key K2, obtains the user transaction confirmation information, and sends the information to the terminal;
  • the terminal decrypts the user transaction confirmation information, and generates a transaction data packet (including the transaction amount, the payment and payment account number, and the respective unique identification information, etc.), encrypts the transaction data packet by using the session key K1, and generates a transaction data packet verification.
  • Value (second check value);
  • the terminal sends a transfer request to the background system server and sends the transaction data packet ciphertext and the second check value;
  • the background system server performs the transfer processing, and sends the payment completion information to the terminal successfully.
  • the background system server can also send the payment completion information to the smart password device through the terminal, so that the customer knows that the transaction is completed;
  • the terminal receives the payment completion information, delivers the goods to the customer, and the settlement is completed.
  • the trusted background system server can be used to authenticate the legality of the smart cryptographic device. In the case where it is determined that the background system server and the smart cryptographic device are trusted, this ensures the security of the terminal transaction.
  • the back-end system server authenticates the validity of the terminal and the manual confirmation of the display information by the smart cryptographic device during the transaction, and also ensures the security of the transaction of the smart cryptographic device holder.
  • the payment does not need to be completed with a related account carrier device such as a mobile phone, a bank card or a financial IC card, and the payment process of the original technology requires a SIM card or a smart card.
  • a related account carrier device such as a mobile phone, a bank card or a financial IC card
  • SIM card or a smart card For devices with account storage, users also need to perform operations such as swiping and swiping the phone to complete the transaction.
  • the customer can complete the payment without using the wallet, the credit card, the mobile phone, etc., thereby simplifying the interaction between the customer and the merchant in the payment process, improving the payment efficiency, and improving the customer in the near field payment process.
  • the experience while using the security features of smart cryptographic devices to ensure the security of the customer payment process.
  • the terminal After the customer purchases the good product, the terminal does not need to obtain the user information by manually swiping the card or swiping the mobile phone, because the user information is already stored in the current user list of the terminal when entering the store, and at the time of checkout
  • the customer only needs to report his/her name, and the terminal can directly send the transaction information such as the amount after settlement to the customer's smart password device and display it.
  • the customer only needs to confirm with the smart password device and output the transaction confirmation information.
  • the terminal generates a transaction data packet and sends it to the background system server. After the background system server verifies that the transaction data packet is accurate and then performs the transfer processing, the payment process can be completed.
  • the network connection between the smart cryptographic device and the terminal is automatically interrupted, and the user information disappears from the current user list of the store. If the customer enters another store again, he will automatically enter the current user list of the other store and start another shopping. This eliminates the need for the customer to perform any operations, and only requires the customer to put a small smart password device into the pocket while shopping, and the invention can provide a seamless user experience.
  • portions of the invention may be implemented in hardware, software, firmware or a combination thereof.
  • multiple steps or methods may be implemented in software or firmware stored in a memory and executed by a suitable instruction execution system.
  • a suitable instruction execution system For example, if implemented in hardware, as in another embodiment, it can be implemented by any one or combination of the following techniques well known in the art: having logic gates for implementing logic functions on data signals. Discrete logic circuit, ASIC with suitable combinational logic gate, Programmable Gate Array (PGA), now Field programmable gate array (FPGA), etc.
  • each functional unit in each embodiment of the present invention may be integrated into one processing module, or each unit may exist physically separately, or two or more units may be integrated into one module.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
  • the integrated modules, if implemented in the form of software functional modules and sold or used as stand-alone products, may also be stored in a computer readable storage medium.
  • the above mentioned storage medium may be a read only memory, a magnetic disk or an optical disk or the like.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé et un système d'interaction de données sécurisées, le procédé comprenant les étapes suivantes : un terminal et un arrière-plan s'authentifient l'un auprès de l'autre et génèrent respectivement une première clé de session et obtiennent les informations d'identification d'un dispositif cryptographique intelligent, et le terminal et le dispositif cryptographique intelligent s'authentifient l'un auprès de l'autre, génèrent respectivement une seconde clé de session, stockent les informations d'utilisateur dans une liste d'utilisateurs actuels préétablie, obtiennent les informations de demande de transaction, et transmettent les informations de demande de transaction au dispositif cryptographique intelligent ; la seconde clé de session est utilisée pour effectuer un calcul de déchiffrement et/ou un calcul de vérification d'authentification sur les informations de demande de transaction pour obtenir les informations de transaction ; le dispositif cryptographique intelligent sollicite les informations de transaction, reçoit une commande de confirmation, et génère des informations de confirmation de transaction ; le terminal utilise la première clé de session pour effectuer un calcul de chiffrement et/ou le calcul de vérification sur les informations de confirmation de transaction pour obtenir un paquet de données de transaction, et transmet le paquet de données de transaction à l'arrière-plan ; la première clé de session est utilisée pour effectuer un calcul de déchiffrement et/ou le calcul de vérification d'authentification pour obtenir les informations de confirmation de transaction ; et l'arrière-plan authentifie les informations de confirmation de transaction, et exécute la transaction une fois que les informations de confirmation de transaction ont passé l'authentification.
PCT/CN2015/071199 2014-04-25 2015-01-21 Procédé et système d'interaction de données sécurisées WO2015161690A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN201410172005.2A CN103944911A (zh) 2014-04-25 2014-04-25 数据安全交互系统
CN201410172018.XA CN103944735A (zh) 2014-04-25 2014-04-25 数据安全交互方法
CN201410172018.X 2014-04-25
CN201410172005.2 2014-04-25

Publications (1)

Publication Number Publication Date
WO2015161690A1 true WO2015161690A1 (fr) 2015-10-29

Family

ID=54331713

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/071199 WO2015161690A1 (fr) 2014-04-25 2015-01-21 Procédé et système d'interaction de données sécurisées

Country Status (1)

Country Link
WO (1) WO2015161690A1 (fr)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018126059A1 (fr) * 2016-12-30 2018-07-05 Slock.it, Inc. Système de fournisseur de services activé par chaîne de blocs
CN111556199A (zh) * 2020-04-26 2020-08-18 上海掌门科技有限公司 一种在社交应用中呈现背景的方法与设备
CN111615105A (zh) * 2016-07-18 2020-09-01 阿里巴巴集团控股有限公司 信息提供、获取方法、装置及终端
CN113037736A (zh) * 2021-03-02 2021-06-25 四川九州电子科技股份有限公司 一种认证鉴权方法、装置、系统及计算机存储介质
CN113473458A (zh) * 2021-05-10 2021-10-01 厦门市思芯微科技有限公司 一种设备接入方法、数据传输方法和计算机可读存储介质
CN113676448A (zh) * 2021-07-13 2021-11-19 上海瓶钵信息科技有限公司 一种基于对称秘钥的离线设备双向认证方法和系统
CN114286134A (zh) * 2021-12-23 2022-04-05 天翼视讯传媒有限公司 一种应用于接口请求中识别播放盗链行为的方法和系统
CN115171245A (zh) * 2022-06-09 2022-10-11 郑州信大捷安信息技术股份有限公司 一种基于hce的门锁安全认证方法及系统
CN116911988A (zh) * 2023-04-04 2023-10-20 深圳市奥盛通科技有限公司 交易数据处理方法、系统、计算机设备及存储介质
CN117350725A (zh) * 2023-12-05 2024-01-05 深圳桑达银络科技有限公司 基于人工智能驱动的物联网实现系统及方法

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101546407A (zh) * 2009-02-11 2009-09-30 广州杰赛科技股份有限公司 基于数字证书的电子商务系统及其管理方法
CN101635075A (zh) * 2009-05-31 2010-01-27 北京飞天诚信科技有限公司 一种交易方法及系统
CN102299797A (zh) * 2010-06-23 2011-12-28 财团法人工业技术研究院 认证方法、密钥分配方法及认证与密钥分配方法
CN102685704A (zh) * 2012-05-16 2012-09-19 钱袋网(北京)信息技术有限公司 手机交易方法及系统
CN103944911A (zh) * 2014-04-25 2014-07-23 天地融科技股份有限公司 数据安全交互系统
CN103944735A (zh) * 2014-04-25 2014-07-23 天地融科技股份有限公司 数据安全交互方法

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101546407A (zh) * 2009-02-11 2009-09-30 广州杰赛科技股份有限公司 基于数字证书的电子商务系统及其管理方法
CN101635075A (zh) * 2009-05-31 2010-01-27 北京飞天诚信科技有限公司 一种交易方法及系统
CN102299797A (zh) * 2010-06-23 2011-12-28 财团法人工业技术研究院 认证方法、密钥分配方法及认证与密钥分配方法
CN102685704A (zh) * 2012-05-16 2012-09-19 钱袋网(北京)信息技术有限公司 手机交易方法及系统
CN103944911A (zh) * 2014-04-25 2014-07-23 天地融科技股份有限公司 数据安全交互系统
CN103944735A (zh) * 2014-04-25 2014-07-23 天地融科技股份有限公司 数据安全交互方法

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111615105B (zh) * 2016-07-18 2023-08-04 创新先进技术有限公司 信息提供、获取方法、装置及终端
CN111615105A (zh) * 2016-07-18 2020-09-01 阿里巴巴集团控股有限公司 信息提供、获取方法、装置及终端
US11316850B2 (en) 2016-12-30 2022-04-26 Bc Development Labs Gmbh Block-chain enabled service provider system
US10652239B2 (en) 2016-12-30 2020-05-12 Slock.It Gmbh Block-chain enabled service provider system including permission data structure and state channel monitoring
WO2018126059A1 (fr) * 2016-12-30 2018-07-05 Slock.it, Inc. Système de fournisseur de services activé par chaîne de blocs
CN111556199B (zh) * 2020-04-26 2021-04-13 上海掌门科技有限公司 一种在社交应用中呈现背景的方法与设备
CN111556199A (zh) * 2020-04-26 2020-08-18 上海掌门科技有限公司 一种在社交应用中呈现背景的方法与设备
CN113037736A (zh) * 2021-03-02 2021-06-25 四川九州电子科技股份有限公司 一种认证鉴权方法、装置、系统及计算机存储介质
CN113473458A (zh) * 2021-05-10 2021-10-01 厦门市思芯微科技有限公司 一种设备接入方法、数据传输方法和计算机可读存储介质
CN113473458B (zh) * 2021-05-10 2023-11-17 厦门市思芯微科技有限公司 一种设备接入方法、数据传输方法和计算机可读存储介质
CN113676448B (zh) * 2021-07-13 2023-06-16 上海瓶钵信息科技有限公司 一种基于对称秘钥的离线设备双向认证方法和系统
CN113676448A (zh) * 2021-07-13 2021-11-19 上海瓶钵信息科技有限公司 一种基于对称秘钥的离线设备双向认证方法和系统
CN114286134A (zh) * 2021-12-23 2022-04-05 天翼视讯传媒有限公司 一种应用于接口请求中识别播放盗链行为的方法和系统
CN114286134B (zh) * 2021-12-23 2024-02-27 天翼视讯传媒有限公司 一种应用于接口请求中识别播放盗链行为的方法和系统
CN115171245A (zh) * 2022-06-09 2022-10-11 郑州信大捷安信息技术股份有限公司 一种基于hce的门锁安全认证方法及系统
CN115171245B (zh) * 2022-06-09 2024-03-12 郑州信大捷安信息技术股份有限公司 一种基于hce的门锁安全认证方法及系统
CN116911988A (zh) * 2023-04-04 2023-10-20 深圳市奥盛通科技有限公司 交易数据处理方法、系统、计算机设备及存储介质
CN116911988B (zh) * 2023-04-04 2024-04-05 深圳市奥盛通科技有限公司 交易数据处理方法、系统、计算机设备及存储介质
CN117350725A (zh) * 2023-12-05 2024-01-05 深圳桑达银络科技有限公司 基于人工智能驱动的物联网实现系统及方法

Similar Documents

Publication Publication Date Title
WO2015161699A1 (fr) Procédé et système d'interaction de données sécurisés
US10592872B2 (en) Secure registration and authentication of a user using a mobile device
KR101784125B1 (ko) 결제 데이터의 보안 프로비저닝, 전송 및 인증을 위한 방법, 디바이스 및 시스템
WO2015161690A1 (fr) Procédé et système d'interaction de données sécurisées
US10135614B2 (en) Integrated contactless MPOS implementation
US9521548B2 (en) Secure registration of a mobile device for use with a session
CN103942687A (zh) 数据安全交互系统
CN103942688A (zh) 数据安全交互系统
CN103944736A (zh) 数据安全交互方法
US20130311768A1 (en) Secure authentication of a user using a mobile device
CN103942690A (zh) 数据安全交互系统
CN103944729A (zh) 数据安全交互方法
CN103942684A (zh) 数据安全交互系统
CN101770619A (zh) 一种用于网上支付的多因子认证方法和认证系统
CN103944734A (zh) 数据安全交互方法
TWI591553B (zh) Systems and methods for mobile devices to trade financial documents
CN103942685A (zh) 数据安全交互系统
CN103944730A (zh) 数据安全交互系统
CN103944728A (zh) 数据安全交互系统
CN103944735A (zh) 数据安全交互方法
WO2015161693A1 (fr) Procédé et système sécurisés d'interaction de données
CN103944731A (zh) 数据安全交互方法
CN103944909A (zh) 数据更新方法和系统
CN103942686A (zh) 数据安全交互系统
CN103944911A (zh) 数据安全交互系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15783825

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15783825

Country of ref document: EP

Kind code of ref document: A1