WO2016082394A1 - Method for realizing locking of subscriber identity module card and mobile terminal - Google Patents

Method for realizing locking of subscriber identity module card and mobile terminal Download PDF

Info

Publication number
WO2016082394A1
WO2016082394A1 PCT/CN2015/075095 CN2015075095W WO2016082394A1 WO 2016082394 A1 WO2016082394 A1 WO 2016082394A1 CN 2015075095 W CN2015075095 W CN 2015075095W WO 2016082394 A1 WO2016082394 A1 WO 2016082394A1
Authority
WO
WIPO (PCT)
Prior art keywords
user identification
identification card
switch control
mobile terminal
verification information
Prior art date
Application number
PCT/CN2015/075095
Other languages
French (fr)
Chinese (zh)
Inventor
王徐州
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016082394A1 publication Critical patent/WO2016082394A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/082Access security using revocation of authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Definitions

  • the present invention relates to the field of mobile communications, and in particular, to a method and a mobile terminal for implementing user identification card locking.
  • the mainstream mobile terminal products in the current market such as smart phones and PADs, all support the 4G frequency band as a standard configuration. While ensuring the quality of voice calls, the uplink data rate of the terminal products is greatly improved, and the user experience satisfaction is greatly improved.
  • the mobile terminal In addition to the wireless local area network (WIFI, Wireless Fidelity) access method, the mobile terminal generally needs to be inserted into the operator's user identification card to communicate normally.
  • the user identification card such as a SIM (Subscriber Identity Module) card, a UIM (User Identity Module) card, etc. .
  • SIM Subscriber Identity Module
  • UIM User Identity Module
  • the subscriber identity card is provided by the operator and is used by the terminal to enable paid access to the mobile operator network.
  • mobile terminals include, but are not limited to, smart phones, uFi, PAD, USB Dongle, etc., followed by smart phones as an example), for the switching of different numbers of user identification cards issued by operators
  • Some smart phones can set a password for switching different user identification cards or set a password through an application (APP, Application), so that a simple user identification card can be locked, but this method is a software encryption method, and the user can flash or decrypt the device.
  • APP Application
  • an embodiment of the present invention provides a method for implementing user identification card locking and a mobile terminal.
  • the embodiment of the invention provides a method for implementing user identification card locking, the method comprising:
  • the first verification information is acquired, and the first verification information is written into the user identification card switch control chip, and the user identification card switch control chip is controlled to be turned on. Supplying power to the first user identification card;
  • the user identification card switch control chip When the second user identification card is inserted into the mobile terminal, acquiring second verification information, and reading the first verification information from the user identification card switch control chip, where the second verification information and the first When the verification information does not match, the user identification card switch control chip is turned off to turn off the power of the second user identification card, and the second user identification card is locked.
  • the user identification card switch control chip is disconnected by default.
  • the method further includes: before the obtaining the first verification information, the method further includes:
  • Prompting whether to enable the hardware lock user identification card function if yes, acquiring the first verification information; if no, controlling the user identification card switch control chip to be turned on, and detecting whether the first user identification card is valid, If invalid, the user identification card switch control chip is disconnected, and the mobile terminal enters the cardless operation mode. If it is valid, the control user identification card switch control chip remains conductive, and the mobile terminal recognizes the card operation.
  • the first verification information is a first user identification card activation password and a first user identification card number
  • the second verification information is a second user identification card activation password and a second user identification card number.
  • the obtaining the first verification information, and writing the first verification information to the user identification card switch control chip includes:
  • the obtained first user identification card opening password and the first user identification card number are written into the user identification card switch control chip.
  • the method further includes: when the second user identification card opening password is consistent with the first user identification card opening password, or when the second user identification card number is consistent with the first user identification card number, the method further comprises:
  • the first verification information is a first user identification card opening password
  • the second verification information is a second user identification card opening password
  • the first verification information is obtained, and the first verification information is written into the user identification card switch control chip, including:
  • the obtaining the second verification information and controlling the chip from the user identification card switch Reading the first verification information, when the second verification information does not match the first verification information, controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card include:
  • the user identification card switch control chip Obtaining an input second user identification card opening password, and reading the first user identification card opening password from the user identification card switch control chip, the second user identification card opening password and the first user identification
  • the user identification card switch control chip is controlled to be turned off to turn off the power of the second user identification card.
  • the method further includes: when the second user identification card opening password is consistent with the first user identification card opening password, the method further includes:
  • An embodiment of the present invention provides a mobile terminal, including a baseband processing chip and a user identification module user identification card switch control chip, where
  • the baseband processing chip is configured to acquire first verification information when the first user identification card is first inserted in the mobile terminal, and write the first verification information into the user identification card switch control chip, and simultaneously control
  • the user identification card switch control chip is turned on to supply power to the first user identification card;
  • the baseband processing chip is further configured to: when the second user identification card is inserted in the mobile terminal, acquire second verification information, and read the first verification information from the user identification card switch control chip, where When the second verification information does not match the first verification information, controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card, and the second user identification card is locked;
  • the user identification card switch control chip is configured to store the first verification information; and is further configured to be turned on or off according to control of the baseband processing chip.
  • the user identification card switch control chip includes: a switch control unit, a power reset unit, a communication interface control unit, and a storage unit; wherein:
  • the power reset unit is respectively connected to the switch control unit and the communication interface control unit, and is configured to provide power and reset functions to the switch control unit and the communication interface control unit according to the control signal of the baseband processing chip;
  • a switch control unit configured to be turned on or off according to a control signal of the baseband processing chip, and to provide a power supply output by the baseband processing chip to a user identification card when turned on, and to turn off the The baseband processing chip outputs power to the user identification card;
  • the communication interface control unit is configured to provide a baseband processing chip with a communication interface for writing or reading data to the storage unit, the communication interface being connected to a corresponding pin of the baseband processing chip; Describe the first verification information;
  • the storage unit is configured to store the first verification information.
  • the switch control unit defaults to being disconnected.
  • the baseband processing chip is further configured to prompt whether to enable the hardware lock user identification card function before acquiring the first verification information, and if yes, obtain the first verification information; if no, control
  • the switch control unit is turned on, and detects whether the first user identification card is valid. If it is invalid, the switch control unit is controlled to be disconnected, the mobile terminal enters a cardless operation mode, and if valid, the switch control unit is controlled to remain Turn on, the mobile terminal knows the card operation.
  • the first verification information is a first user identification card activation password and a first user identification card number
  • the second verification information is a second user identification card activation password and a second user identification card number.
  • the baseband processing chip is further configured to acquire a set first user identification card open password, control the switch control unit to be turned on, and detect whether the first user identification card is valid; if valid, the control center The switch control unit remains turned on, and reads the first user identification card number of the first user identification card; and writes the acquired first user identification card open password and the first user identification card number into the storage unit.
  • the baseband processing chip is further configured to obtain an input second user identification card open password, and read the first user identification card open password from the storage unit, and the second user identification card opens a password. Obtaining the input second user identification card number when the first user identification card opening password does not match, and reading the first user identification card number from the storage unit, the second user identification card number and the first When a user identification card number does not match, the switch control unit is controlled to be turned off to turn off the power of the second user identification card.
  • the baseband processing chip is further configured to control the switch control unit to be turned on, and detect whether the second user identification card is valid, and if not, control the switch control unit to be disconnected, and the mobile terminal enters a cardless operation mode; If it is valid, the switch control unit is kept turned on, and the mobile terminal recognizes the card operation.
  • the first verification information is a first user identification card opening password
  • the second verification information is a second user identification card opening password
  • the baseband processing chip is further configured to acquire a set first user identification card open password, control the switch control unit to be turned on, and detect whether the first user identification card is valid; if valid, the control center The switch control unit remains conductive, and the acquired first user identification card open password is written into the storage unit.
  • the baseband processing chip is further configured to obtain an input second user identification card open password, and read the first user identification card open password from the storage unit, and the second user identification card opens a password.
  • the control switch control unit is turned off to turn off the power of the second user identification card.
  • the baseband processing chip is further configured to control the switch control unit to be turned on, and detect whether the second user identification card is valid, and if not, control the switch control unit to be disconnected, move The terminal enters the cardless operation mode; if it is valid, the switch control unit is kept turned on, and the mobile terminal recognizes the card operation.
  • a method for implementing user identification card locking and a mobile terminal provided by the embodiment of the present invention are provided with a special switch chip for controlling the power on and off of the user identification card, and also storing the verification information of the user identification card.
  • the chip is separately set up with the operating system of the mobile terminal, and then the switch chip is controlled by the baseband processing chip (operating system) to realize the function of controlling the locking of the user identification card by the hardware mode, and the security and reliability of the terminal are obtained.
  • FIG. 1 is a schematic flowchart of a method for implementing user identification card locking according to Embodiment 1 of the present invention
  • FIG. 2 is a schematic structural diagram of a mobile terminal for implementing user identification card locking according to Embodiment 2 of the present invention
  • FIG. 3 is a schematic flowchart of a method for implementing user identification card locking according to Embodiment 3 of the present invention
  • step 301 is a schematic diagram of a specific implementation process of step 301 according to Embodiment 3 of the present invention.
  • FIG. 5 is a schematic diagram of a specific implementation process of step 302 according to Embodiment 3 of the present invention.
  • FIG. 6 is a schematic flowchart of a method for implementing user identification card locking according to Embodiment 7 of the present invention.
  • FIG. 7 is a schematic diagram of a specific implementation process of step 601 according to Embodiment 7 of the present invention.
  • FIG. 8 is a schematic diagram of a specific implementation process of step 602 according to Embodiment 7 of the present invention.
  • the embodiment of the present invention provides a more reliable method for locking the user identification card by using a hardware control method. Based on the method, the mobile terminal obtained by illegal means is replaced. The user identification card can still be used normally. Can be effectively stopped. As shown in Figure 1, the method includes:
  • Step 101 When the first user identification card is inserted for the first time in the mobile terminal, the first verification information is acquired, and the first verification information is written into the user identification card switch control chip, and the user identification card switch control chip is controlled to be turned on. And supplying power to the first user identification card.
  • Step 102 When the second user identification card is inserted into the mobile terminal, acquiring second verification information, and reading the first verification information from the user identification card switch control chip, where the second verification information is When the first verification information does not match, the user identification card switch control chip is controlled to be turned off to turn off the power of the second user identification card, and the second user identification card is locked.
  • FIG. 2 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention.
  • the hardware involved in the hardware control mode for locking the user identification card is highlighted, including: a baseband processing chip 10 and a subscriber identity card switch control chip 20.
  • the power supply VCC that supplies power to the user identification card is output from the baseband processing chip 10 via the subscriber identification card switch control chip 20 and then received by the subscriber identification card. It is noted that the electrical connection path of the power supply VCC is controlled by the subscriber identification card switch.
  • the chip 20, so the interface between the baseband processing chip 10 and the subscriber identification card switch control chip 20 for the electrical connection of the power supply VCC, has electrical characteristics to meet the requirements of the IEC7816-3 standard.
  • the user identification card switch control chip 20 can be realized by a switch switch chip, and can also be a digital signal processor (DSP, Digital Signal Processor), a field-programmable gate array (FPGA), a RISC microprocessor (ARM). , Advanced RISC Machines) and other chips are implemented in combination with each other.
  • the subscriber identity card switch control chip 20 includes a switch control unit 21, a power source reset unit 22, a communication interface control unit 23, and a storage unit 24.
  • the switch control unit 21 has a basic switch function for controlling the user identification card power supply VCC
  • the communication interface control unit 23 and the storage unit 24 are configured to write/read verification information
  • the power reset module 22 is configured to provide power and reset functions to the user identification card switch control chip, in the embodiment of the present invention. Mainly to provide power and reset functions for the switch control unit 21 and the communication interface control unit 23.
  • the baseband processing chip 10 When the baseband processing chip 10 outputs a control signal to turn on the switch control unit 21, the power source VCC can be input to the user identification card to supply power thereto. Conversely, when the baseband processing chip 10 outputs a control signal to turn off the switch control unit 21, the power source If the VCC cannot be input to the user identification card, the user identification card cannot be used, that is, locked.
  • the storage unit 24 is configured to store the above-described verification information, and the baseband processing chip 10 writes the above-described verification information into the storage unit 24 through the communication interface control unit 23, and also reads the information from the storage unit 24 as needed.
  • the communication interface may be an Inter-Integrated Circuit (IIC), a Universal Asynchronous Receiver/Transmitter (UART), a Serial Peripheral Interface (SPI), etc., a user identification card.
  • IIC Inter-Integrated Circuit
  • UART Universal Asynchronous Receiver/Transmitter
  • SPI Serial Peripheral Interface
  • the communication interface of the switch control chip 20 is connected to the corresponding pin of the baseband processing chip 10.
  • the baseband processing chip 10 causes the power supply reset unit 22 to supply power and reset functions to the switch control unit 21 and the communication interface control unit 23 by transmitting a VDD signal and a RESET signal to the power supply reset unit 22.
  • the clock signal CLK, the data signal DATA, and the reset signal RST of the user identification card are directly connected by the baseband processing chip 10 and the user identification card.
  • the baseband processing chip 10 can read the corresponding data of the user identification card, and realize the user identification card. Identification.
  • each module in FIG. 2 is as follows:
  • the baseband processing chip 10 is configured to acquire first authentication information when the first user identification card is inserted for the first time in the mobile terminal, and write the first verification information into the user identification card switch control chip 20, Simultaneously controlling the user identification card switch control chip 20 to be turned on to supply power to the first user identification card;
  • the baseband processing chip 10 is further configured to acquire second verification information when the second user identification card is inserted in the mobile terminal, and read the first verification information from the user identification card switch control chip 20. And controlling, when the second verification information does not match the first verification information, the user identification card switch control chip 20 to be turned off to turn off the power of the second user identification card, the second user identification card locking;
  • the subscriber identity card switch control chip 20 is configured to store the first verification information; and is further configured to be turned on or off according to control of the baseband processing chip 10.
  • the power reset unit 22 is connected to the switch control unit 21 and the communication interface control unit 23, respectively, and configured to provide power to the switch control unit 21 and the communication interface control unit 23 according to a control signal of the baseband processing chip 10. Reset function
  • the switch control unit 21 is configured to be turned on or off according to a control signal of the baseband processing chip 10, and when turned on, provide power outputted by the baseband processing chip 10 to a user identification card, when disconnected, Turning off the power output of the baseband processing chip 10 to the user identification card;
  • the communication interface control unit 23 is configured to provide a baseband processing chip 10 with a communication interface for writing or reading data to the storage unit 24, the communication interface being connected to a corresponding pin of the baseband processing chip 10;
  • the data includes the first verification information;
  • the storage unit 24 is configured to store the first verification information.
  • the baseband processing chip 10 is further configured to prompt whether to enable the hardware lock user identification card function before acquiring the first verification information, and if yes, obtain the first verification information; if no, the control station
  • the switch control unit 21 is turned on, and detects whether the first subscriber identity card is valid. If it is invalid, the switch control unit 21 is controlled to be disconnected, the mobile terminal enters a cardless operation mode, and if valid, the switch control unit is controlled. 21 keeps on, and the mobile terminal knows the card to run.
  • the first verification information is a first user identification card activation password and a first user identification card number
  • the second verification information is a second user identification card activation password and a second user identification card number.
  • the method for implementing the locking of the user identification card provided by the embodiment of the present invention, as shown in FIG. 3, includes:
  • Step 301 When the first user identification card is inserted for the first time in the mobile terminal, the first user identification card opening password and the first user identification card number of the first user identification card are obtained, and the first user identification card is obtained.
  • the opening password and the first user identification card number are written into the subscriber identity card switch control chip, and the user identification card switch control chip is controlled to be turned on to supply power to the first subscriber identity card.
  • Step 302 When the second user identification card is inserted into the mobile terminal, obtain the input second user identification card opening password, and read the first user identification card opening password from the user identification card switch control chip.
  • the second user identification card opening password does not match the first user identification card opening password
  • acquiring the input second user identification card number and reading the first user identification from the user identification card switch control chip a card number
  • the second user identification card number does not match the first user identification card number
  • controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card, the second user identification The card is locked.
  • the user identification card number such as the IMSI number (International Mobile Subscriber Identification Number), is the only one of the IMSI number, which is unique to the user identification card provided by the operator, and is stored in the SIM card for distinguishing the mobile user. Valid information.
  • the total length of the IMSI number does not exceed 15 digits and consists of 0 to 9 digits.
  • MCC is the country code of the mobile user, which is 3 digits.
  • the MCC of China is 460.
  • the MNC is a mobile network number, which is composed of up to two digits. It is used to identify the mobile communication network to which the mobile user belongs, such as 00 code.
  • Corresponding to segments 135 to 139; MSIN is a mobile subscriber identity code for identifying mobile users in a mobile communication network.
  • step 301 The implementation process of the above step 301 is as shown in FIG. 4, and includes:
  • Step 401 The mobile terminal is powered on after the first user identification card is inserted for the first time. At this time, the user identification card switch control chip is turned off by default.
  • the user identification card switch control chip involved in the embodiment of the present invention is turned off or turned on, that is, the switch control unit therein is turned off or turned on.
  • Step 402 The baseband processing chip prompts whether to enable the hardware lock user identification card function through the display screen of the mobile terminal. If not, step 403 is performed; if yes, step 404 is performed.
  • Step 403 the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the first user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode. If valid, the subscriber identity card switch control chip remains conductive, and the mobile terminal normally recognizes the card operation.
  • the mobile terminal will prompt again whether to enable the hardware to lock the user identification card function, of course, the user also This prompt can be skipped by setting to enable subsequent booting.
  • Step 404 the baseband processing chip prompts to input the first user identification card to open the password through the display screen of the mobile terminal (here, a heavy password or multiple passwords may be set as needed).
  • Step 405 The baseband processing chip determines whether the input first user identification card opening password is valid (you can set and save the password setting rule in advance, and determine whether the input password meets the password setting rule, if it is met, the description is valid, otherwise invalid) If yes, go to step 306. If it is invalid, go back to step 304 and re-enter the first user ID card to open the password.
  • Step 406 the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the first user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode; If valid, the subscriber identity card switch control chip remains conductive. At this time, the baseband processing chip reads the first subscriber identification card number of the first subscriber identity card.
  • Step 407 The baseband processing chip writes the acquired first user identification card opening password and the first user identification card number into the user identification card switch control chip, and the mobile terminal normally recognizes the card operation.
  • the user identification card opening password and the user identification card number are stored in the user identification card switch control chip of the mobile terminal, and the operating system is based on the baseband processing chip, and the two are set in different hardware. .
  • detecting the validity of the user identification card is one of the steps for the mobile terminal to recognize the user identification card. It should be noted that the switch control unit of the user identification card switch control chip defaults each time the mobile terminal is powered on. To disconnect, the premise that the user identification card is valid is that the switch control unit is controlled to be turned on by the baseband processing chip.
  • the reading of the subscriber identification card number by the baseband processing chip can be implemented in the network authentication process.
  • the network authentication process is: a) after the mobile terminal normally recognizes the user identification card, the IMSI number is read from the user identification card; b) the mobile terminal sends the IMSI number to the operator server, and the server will Feedback to the mobile phone a set of random numbers; c) the mobile terminal sends the received random number to the user identification card, the user identification card operation unit calculates the result SRES according to the random number and Ki, and feeds back to the mobile terminal; d) the mobile terminal will SRES Passed to the server, the server finds the Ki corresponding to the IMSI from the database (the user authentication key, that is, the customer identity authentication password, which can not be read in a specific area of the user identification card, a total of 32 bits), and uses the same random number
  • the mobile terminal interacts with the user identification card through the serial data interaction command APDU (the maximum length of each APDU is 255 bytes, which is a single-thread execution mode, that is, the previous APDU command is not executed, and may not start.
  • the next command reads the unique IMSI number stored in the subscriber identity card.
  • the IMSI number is acquired by the baseband processing chip by using a data communication interface (for example, IIC), and the acquired IMSI number is written in the storage unit of the subscriber identity card switch control chip.
  • the implementation process of the above step 302 is as shown in FIG. 5, and includes:
  • Step 501 After the second user identification card is inserted into the mobile terminal, the second and subsequent steps are turned on. At this time, the user identification card switch control chip is turned off by default.
  • Step 502 The baseband processing chip prompts to input a second user identification card to open a password through a display screen of the mobile terminal.
  • a password when multiple passwords are set, a password can be randomly selected as the password for opening the user identification card, and the user is prompted to input, or the user can be required to input the set multiple passwords in order to open User identification card.
  • step 503 it is determined whether the input second user identification card is enabled to pass the password. If yes, step 504 is performed; otherwise, step 505 is performed.
  • the baseband processing chip synchronously reads the set first user identification card opening password from the storage unit of the user identification card switch control chip for comparison. If it matches, it passes; otherwise it does not pass.
  • Step 504 the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the second user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode. If valid, the subscriber identity card switch control chip remains conductive, and the mobile terminal normally recognizes the card operation.
  • the baseband processing chip reads the second subscriber identity card number of the second subscriber identity card and writes it into the storage unit of the subscriber identity card switch control chip.
  • Step 505 The baseband processing chip prompts to input the second user identification card number of the second user identification card through the display screen of the mobile terminal, and reads the saved first user identification card number from the storage unit of the user identification card switch control chip.
  • Step 506 Determine whether the second user identification card number and the first user identification card number match. If they match, the information of the second user identification card is recorded in the storage unit, and the verification is passed, and step 507 is performed; if not, step 508 is performed. .
  • Step 507 the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the second user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control. When the chip is disconnected, the mobile terminal enters the cardless operation mode; if it is valid, the user identification card switch control chip remains conductive, and the mobile terminal normally recognizes the card operation.
  • Step 508 the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal user identification card function is locked (at the same time, the number of password input times can be reached through the display screen).
  • the SIM card and the IMSI number are taken as an example.
  • the user A inserts the SIM card a into the mobile phone for the first time and selects to enable the hardware lock SIM card function, according to the system prompt,
  • the user sets and inputs the SIM card activation password, and the system simultaneously reads the IMSI number of the SIM card a.
  • the information is stored in the SIM card switch control chip of the mobile phone, and is set in different hardware with the operating system of the mobile phone. If the user B obtains the mobile phone of the user A by illegal means, when the user B inserts a new SIM card b into the mobile phone, first, the system prompts the user B to input the SIM card opening password, if the user B cannot know the above.
  • the system will prompt the user B to input the IMSI number. If the user B cannot obtain the IMSI number of the SIM card a, but enters the IMSI number of the SIM card b, since the SIM card is not recorded in the mobile phone, The IMSI number, then the system will not supply power to the SIM card b, and at the same time, the system will prompt that the SIM card function of the mobile phone is locked, then the user B cannot use the mobile phone normally. Since the SIM card activation password and the IMSI number are stored in the hardware, that is, the SIM card switch control chip, and are independently set with the operating system of the mobile phone, even if the user B flashes the mobile phone or uses the decryption software, the password cannot be unlocked. Or erase the saved SIM card activation password and IMSI number from the phone. In this way, the safety factor and reliability of the user terminal are improved.
  • the first verification information is the first user identification card opening password and the first user identification card number
  • the second verification information is the second user identification card opening password and Second user identification card number
  • the baseband processing chip 10 is configured to acquire a first user identification card opening password and a first user identification card number of the first user identification card when the first user identification card is inserted for the first time in the mobile terminal. And writing the first user identification card opening password and the first user identification card number into the user identification card switch control chip 20, and controlling the user identification card switch control chip 20 to be turned on, and supplying power to the first user identification card. ;
  • the baseband processing chip 10 is further configured to acquire an input second user identification card activation password when the second user identification card is inserted in the mobile terminal, and read the information from the user identification card switch control chip 20.
  • the first user identification card opens a password, and when the second user identification card opening password does not match the first user identification card opening password, the input second user identification card number is obtained, and the chip is controlled from the user identification card switch.
  • the first user identification card number is read in 20, and when the second user identification card number does not match the first user identification card number, the user identification card switch control chip 20 is controlled to be turned off to turn off the second user. Identifying the power of the card, the second user identification card is locked;
  • the user identification card switch control chip 20 is configured to store the first user identification card open password and the first user identification card number; and is further configured to be turned on or off according to the control of the baseband processing chip 10.
  • the subscriber identity card switch control chip 20 includes: a switch control unit 21, a power source reset unit 22, a communication interface control unit 23, and a storage unit 24;
  • the power reset unit 24 is connected to the switch control unit 21 and the communication interface control unit 23, respectively, and configured to supply power to the switch control unit 21 and the communication interface control unit 23 according to a control signal of the baseband processing chip 10. Reset function
  • the switch control unit 21 is configured to be turned on or off according to a control signal of the baseband processing chip 10, and when turned on, provide power outputted by the baseband processing chip 10 to a user identification card, when disconnected, Turning off the power output of the baseband processing chip 10 to the user identification card;
  • the communication interface control unit 23 is configured to provide a baseband processing chip 10 with a communication interface for writing or reading data to the storage unit 24, the communication interface being connected to a corresponding pin of the baseband processing chip 10;
  • the data includes the first user identification card opening password and a first user identification card number;
  • the storage unit 24 is configured to store the first user identification card activation password and the first user identification card number.
  • the switch control unit 21 When the first user identification card is inserted for the first time in the mobile terminal and the second user identification card is inserted into the mobile terminal, the switch control unit 21 is turned off by default.
  • the baseband processing chip 10 is further configured to acquire a set first user identification card opening password, control the switch control unit 21 to be turned on, and detect whether the first user identification card is valid; if valid, the control station The switch control unit 21 is kept turned on, and reads the first user identification card number of the first user identification card, and writes the acquired first user identification card open password and the first IMSI number into the storage unit 24 .
  • the baseband processing chip 10 is further configured to prompt whether to enable the hardware lock user identification card function before acquiring the set first user identification card opening password, and if yes, prompting to set and input the first user identification
  • the card opens the password; if no, the switch control unit 21 is controlled to be turned on, and detects whether the first user identification card is valid. If it is invalid, the switch control unit 21 is controlled to be disconnected, and the mobile terminal enters no card operation. The mode, if valid, controls the switch control unit 21 to remain conductive, and the mobile terminal normally recognizes the card operation.
  • the baseband processing chip 10 is further configured to acquire an input second user identification card open password, and read the first user identification card open password from the storage unit 24, and the second user identification card opens a password. Acquiring the input second user identification card number when the first user identification card opening password does not match, and reading the first user identification card number from the storage unit 24, the second user identification card number and the When the first subscriber identification card number does not match, the switch control unit 21 is controlled to be turned off to turn off the power of the second subscriber identity card.
  • the baseband processing chip 10 is further configured to control the switch control unit 21 to be turned on, and detect whether the second user identification card is If it is invalid, the switch control unit 21 is controlled to be disconnected, and the mobile terminal enters the cardless operation mode; if it is valid, the switch control unit 21 is controlled to be turned on, and the mobile terminal normally recognizes the card operation.
  • the first verification information is a first user identification card opening password
  • the second verification information is a second user identification card opening password.
  • the method for implementing the locking of the user identification card provided by the embodiment of the present invention, as shown in FIG. 6, includes:
  • Step 601 When the first user identification card is inserted for the first time in the mobile terminal, the first user identification card opening password is obtained, and the first user identification card opening password is written into the user identification card switch control chip, and the control center is controlled.
  • the subscriber identity card switch control chip is turned on to supply power to the first subscriber identity card.
  • Step 602 When the second user identification card is inserted into the mobile terminal, the input second user identification card opening password is obtained, and the first user identification card opening password is read from the user identification card switch control chip. When the second user identification card opening password does not match the first user identification card opening password, controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card, the second The user identification card is locked.
  • the implementation process of the above step 601 is as shown in FIG. 7, and includes:
  • Step 701 The mobile terminal is powered on after the first user identification card is inserted for the first time. At this time, the user identification card switch control chip is turned off by default.
  • the user identification card switch control chip involved in the embodiment of the present invention is disconnected or turned on, that is, Refers to the switch control unit in which it is disconnected or turned on.
  • Step 702 The baseband processing chip prompts whether to enable the hardware lock user identification card function through the display screen of the mobile terminal. If not, step 703 is performed; if yes, step 704 is performed.
  • Step 703 the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the first user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode. If valid, the subscriber identity card switch control chip remains conductive, and the mobile terminal normally recognizes the card operation.
  • the mobile terminal will prompt again whether to enable the hardware to lock the user identification card function, of course, the user also This prompt can be skipped by setting to enable subsequent booting.
  • Step 704 the baseband processing chip prompts to input the first user identification card to open the password through the display screen of the mobile terminal (here, a heavy password or multiple passwords can be set as needed).
  • Step 705 The baseband processing chip determines whether the input first user identification card opening password is valid (you can preset and save the password setting rule to determine whether the input password meets the password setting rule, if it is met, the description is valid, otherwise invalid) If yes, go to step 706. If it is invalid, go back to step 704, that is, re-enter the first user ID card to open the password.
  • Step 706 the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the first user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode; If valid, the subscriber identity card switch control chip remains on.
  • Step 707 The baseband processing chip writes the acquired first user identification card open password into the user identification card switch control chip, and the mobile terminal normally recognizes the card operation.
  • the user identification card activation password is stored in the user identification card switch control chip of the mobile terminal, and the operating system is based on the baseband processing chip, and the two are respectively disposed in different hardware.
  • detecting the validity of the user identification card is one of the steps for the mobile terminal to recognize the user identification card. It should be noted that the switch control unit of the user identification card switch control chip defaults each time the mobile terminal is powered on. To disconnect, the premise that the user identification card is valid is that the switch control unit is controlled to be turned on by the baseband processing chip.
  • the implementation process of the above step 602 is as shown in FIG. 8, and includes:
  • Step 801 After the second user identification card is inserted into the mobile terminal, the second and subsequent steps are turned on. At this time, the user identification card switch control chip is turned off by default.
  • Step 802 The baseband processing chip prompts to input a second user identification card to open a password through a display screen of the mobile terminal.
  • a password when multiple passwords are set, a password can be randomly selected as the password for opening the user identification card, and the user is prompted to input, or the user can be required to input the set multiple passwords in order to open User identification card.
  • step 803 it is determined whether the input second user identification card is enabled to pass the password. If yes, step 804 is performed; otherwise, step 805 is performed.
  • the baseband processing chip synchronously reads the set first user identification card opening password from the storage unit of the user identification card switch control chip for comparison. If it matches, it passes; otherwise it does not pass.
  • Step 804 the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the second user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode. If valid, the subscriber identity card switch control chip remains conductive, and the mobile terminal normally recognizes the card operation.
  • Step 805 the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal user identification card function is locked (at the same time, the number of password input times can be reached through the display screen).
  • the SIM card and the IMSI are taken as an example.
  • the user A inserts the SIM card a into the mobile phone for the first time and selects to enable the hardware lock SIM card function, according to the system prompt, the user sets and inputs the SIM card open password, and stores the SIM card open password in the SIM card switch of the mobile phone.
  • the control chip the operating system of the mobile phone is set in different hardware. If the user B obtains the mobile phone of the user A by illegal means, when the user B inserts a new SIM card b into the mobile phone, first, the system prompts the user B to input the SIM card opening password, if the user B cannot know the above.
  • the set SIM card opens the password, but enters the wrong SIM card to open the password, then the system will control the SIM card switch control chip to disconnect, does not supply power to the SIM card b, at the same time, the system will prompt the SIM card function of the mobile phone to be If it is locked, User B will not be able to use the phone normally. Since the SIM card activation password is stored in the hardware, that is, the SIM card switch control chip, and is independently set with the operating system of the mobile phone, even if the user B flashes the mobile phone or uses the decryption software, the password cannot be unlocked or Erasing the saved SIM card to open the password in the phone. In this way, the safety factor and reliability of the user terminal are improved.
  • the first verification information is that the first user identification card opens the password
  • the second verification information is the second user identification card opening password
  • the baseband processing chip 10 is configured to acquire a first user identification card open password when the first user identification card is inserted for the first time in the mobile terminal, and write the first user identification card open password to the user. Identifying the card switch control chip 20, and simultaneously controlling the user identification card switch control chip 20 to be turned on to supply power to the first user identification card;
  • the baseband processing chip 10 is further configured to acquire an input second user identification card activation password when the second user identification card is inserted in the mobile terminal, and read the information from the user identification card switch control chip 20.
  • the first user identification card opens a password, and when the second user identification card opening password does not match the first user identification card opening password, controlling the user identification card switch control chip 20 to be turned off to turn off the second User identification card power supply, the second user identification card lock set;
  • the user identification card switch control chip 20 is configured to store the first user identification card open password; and is further configured to be turned on or off according to the control of the baseband processing chip 10.
  • the subscriber identity card switch control chip 20 includes: a switch control unit 21, a power source reset unit 22, a communication interface control unit 23, and a storage unit 24;
  • the power reset unit 24 is connected to the switch control unit 21 and the communication interface control unit 23, respectively, and configured to supply power to the switch control unit 21 and the communication interface control unit 23 according to a control signal of the baseband processing chip 10. Reset function
  • the switch control unit 21 is configured to be turned on or off according to a control signal of the baseband processing chip 10, and when turned on, provide power outputted by the baseband processing chip 10 to a user identification card, when disconnected, Turning off the power output of the baseband processing chip 10 to the user identification card;
  • the communication interface control unit 23 is configured to provide a baseband processing chip 10 with a communication interface for writing or reading data to the storage unit 24, the communication interface being connected to a corresponding pin of the baseband processing chip 10;
  • the data includes the first user identification card opening password;
  • the storage unit 24 is configured to store the first user identification card open password.
  • the switch control unit 21 When the first user identification card is inserted for the first time in the mobile terminal and the second user identification card is inserted into the mobile terminal, the switch control unit 21 is turned off by default.
  • the baseband processing chip 10 is further configured to acquire a set first user identification card opening password, control the switch control unit 21 to be turned on, and detect whether the first user identification card is valid; if valid, the control station The switch control unit 21 remains turned on, and the acquired first user identification card open password is written into the storage unit 24.
  • the baseband processing chip 10 is further configured to prompt whether to enable the hardware lock user identification card function before acquiring the set first user identification card opening password, and if yes, prompting to set and input the first user identification
  • the card opens the password; if no, the switch control unit 21 is controlled to be turned on, and detects whether the first user identification card is valid, and if not, controls the switch The control unit 21 is disconnected, and the mobile terminal enters a cardless operation mode. If it is valid, the switch control unit 21 is controlled to be turned on, and the mobile terminal normally recognizes the card operation.
  • the baseband processing chip 10 is further configured to acquire an input second user identification card open password, and read the first user identification card open password from the storage unit 24, and the second user identification card opens a password.
  • the switch control unit 21 is controlled to be turned off to turn off the power of the second user identification card.
  • the baseband processing chip 10 is further configured to control the switch control unit 21 to be turned on, and detect the second user identification. Whether the card is valid, if it is invalid, the switch control unit 21 is controlled to be disconnected, and the mobile terminal enters the cardless operation mode; if it is valid, the switch control unit 21 is controlled to be turned on, and the mobile terminal normally recognizes the card operation.
  • a special switch chip is set in the mobile terminal for controlling the power on and off of the user identification card, and the verification information of the user identification card is also turned on (user identification)
  • the card opening password and the user identification card number are stored in the chip and set separately with the operating system of the mobile terminal; and based on the stored verification information, the switch chip is turned on or off by the baseband processing chip (operating system) to In this way, the user identification card is powered or powered off, and the user identification card is powered off and locked.
  • the function of controlling the locking of the user identification card by the hardware mode is realized, and the security and reliability of the terminal are greatly improved.
  • the embodiment of the invention adopts a hardware method for controlling the locking of the user identification card, and has the following advantages:
  • the terminal is lost, because the main functions such as call and data are limited, which can promote the loss and loss The main contact, to achieve the purpose of returning the phone.

Abstract

Disclosed is a method for realizing locking of a subscriber identity module card. The method comprises: when a first subscriber identity module card of a user identity module is inserted into a mobile terminal for the first time, obtaining first verification information, writing the first verification information into a switch control chip of the subscriber identity module card, controlling the switch control chip of the subscriber identity module card to be conducted at the same time, and supplying power to the first subscriber identity module card; when a second subscriber identity module card is inserted into the mobile terminal, acquiring second verification information and reading the first verification information from the switch control chip of the subscriber identity module card, and when the second verification information is inconsistent with the first verification information, controlling the switch control chip of the subscriber identity module card to be disconnected so as to switch off the power supply of the second subscriber identity module card, and locking the second subscriber identity module card. Also disclosed is a mobile terminal for realizing the locking of the subscriber identity module card.

Description

一种实现用户识别卡锁定的方法和移动终端Method for realizing user identification card locking and mobile terminal 技术领域Technical field
本发明涉及移动通信领域,尤其涉及一种实现用户识别卡锁定的方法和移动终端。The present invention relates to the field of mobile communications, and in particular, to a method and a mobile terminal for implementing user identification card locking.
背景技术Background technique
随着信息技术和移动通讯技术的高速发展,通讯领域已经快步跨进第四代移动通信技术阶段,简称为4G。当前市场主流移动终端产品比如智能手机、PAD等,均把支持4G频段列为标准配置,在保证语音通话质量同时,大大提升了终端产品上下行数据速率,极大提升了用户体验满意度。With the rapid development of information technology and mobile communication technology, the communication field has quickly stepped into the fourth-generation mobile communication technology stage, referred to as 4G. The mainstream mobile terminal products in the current market, such as smart phones and PADs, all support the 4G frequency band as a standard configuration. While ensuring the quality of voice calls, the uplink data rate of the terminal products is greatly improved, and the user experience satisfaction is greatly improved.
除无线局域网(WIFI,Wireless Fidelity)接入方式外,移动终端一般都需要插入运营商的用户识别卡才能正常通信,用户识别卡如SIM(Subscriber Identity Module)卡、UIM(User Identity Module)卡等。用户识别卡由运营商提供,插入终端使用,以便实现有偿访问移动运营商网络。In addition to the wireless local area network (WIFI, Wireless Fidelity) access method, the mobile terminal generally needs to be inserted into the operator's user identification card to communicate normally. The user identification card, such as a SIM (Subscriber Identity Module) card, a UIM (User Identity Module) card, etc. . The subscriber identity card is provided by the operator and is used by the terminal to enable paid access to the mobile operator network.
目前,市面上的绝大部分智能手机(移动终端包括但不限于智能手机、uFi、PAD、USB Dongle等,后续均以智能手机为例),对于运营商发放的不同号码用户识别卡的切换使用几乎不加限制。部分智能手机对于切换不同用户识别卡支持设定密码或者通过应用程序(APP,Application)设定密码,可以实现简单的用户识别卡锁定,但此种方式均为软件加密方式,用户通过刷机或者解密软件等方式较容易破解,在产品安全及可靠性方面无法满足用户要求。At present, most smartphones on the market (mobile terminals include, but are not limited to, smart phones, uFi, PAD, USB Dongle, etc., followed by smart phones as an example), for the switching of different numbers of user identification cards issued by operators There is almost no limit. Some smart phones can set a password for switching different user identification cards or set a password through an application (APP, Application), so that a simple user identification card can be locked, but this method is a software encryption method, and the user can flash or decrypt the device. Software and other methods are easier to crack, and cannot meet user requirements in terms of product safety and reliability.
发明内容Summary of the invention
为解决现有存在的技术问题,本发明实施例提供一种实现用户识别卡锁定的方法和移动终端。 In order to solve the existing technical problems, an embodiment of the present invention provides a method for implementing user identification card locking and a mobile terminal.
本发明实施例提供了一种实现用户识别卡锁定的方法,该方法包括:The embodiment of the invention provides a method for implementing user identification card locking, the method comprising:
移动终端中首次插入第一用户识别模块用户识别卡时,获取第一验证信息,并将所述第一验证信息写入用户识别卡开关控制芯片,同时控制所述用户识别卡开关控制芯片导通,向所述第一用户识别卡供电;When the first user identification module user identification card is inserted for the first time in the mobile terminal, the first verification information is acquired, and the first verification information is written into the user identification card switch control chip, and the user identification card switch control chip is controlled to be turned on. Supplying power to the first user identification card;
所述移动终端中插入第二用户识别卡时,获取第二验证信息,并从所述用户识别卡开关控制芯片中读取所述第一验证信息,在所述第二验证信息与所述第一验证信息不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,所述第二用户识别卡锁定。When the second user identification card is inserted into the mobile terminal, acquiring second verification information, and reading the first verification information from the user identification card switch control chip, where the second verification information and the first When the verification information does not match, the user identification card switch control chip is turned off to turn off the power of the second user identification card, and the second user identification card is locked.
其中,所述移动终端中首次插入第一用户识别卡时、以及所述移动终端中插入第二用户识别卡时,所述用户识别卡开关控制芯片默认为断开。When the first user identification card is inserted for the first time in the mobile terminal and the second user identification card is inserted into the mobile terminal, the user identification card switch control chip is disconnected by default.
其中,所述获取第一验证信息之前,该方法还包括:The method further includes: before the obtaining the first verification information, the method further includes:
提示是否开启硬件锁定用户识别卡功能,若选择是,则获取所述第一验证信息;若选择否,则控制用户识别卡开关控制芯片导通,并检测所述第一用户识别卡是否有效,若无效,控制所述用户识别卡开关控制芯片断开,移动终端进入无卡运行模式,若有效,控制用户识别卡开关控制芯片保持导通,移动终端识卡运行。Prompting whether to enable the hardware lock user identification card function, if yes, acquiring the first verification information; if no, controlling the user identification card switch control chip to be turned on, and detecting whether the first user identification card is valid, If invalid, the user identification card switch control chip is disconnected, and the mobile terminal enters the cardless operation mode. If it is valid, the control user identification card switch control chip remains conductive, and the mobile terminal recognizes the card operation.
其中,所述第一验证信息为第一用户识别卡开启密码和第一用户识别卡号,所述第二验证信息为第二用户识别卡开启密码和第二用户识别卡号。The first verification information is a first user identification card activation password and a first user identification card number, and the second verification information is a second user identification card activation password and a second user identification card number.
其中,所述获取第一验证信息,并将所述第一验证信息写入用户识别卡开关控制芯片,包括:The obtaining the first verification information, and writing the first verification information to the user identification card switch control chip, includes:
获取设定的第一用户识别卡开启密码,控制所述用户识别卡开关控制芯片导通,并检测所述第一用户识别卡是否有效;若有效,则控制所述用户识别卡开关控制芯片保持导通,并读取所述第一用户识别卡的第一用户识别卡号;Obtaining a set first user identification card opening password, controlling the user identification card switch control chip to be turned on, and detecting whether the first user identification card is valid; if valid, controlling the user identification card switch control chip to maintain Turning on, and reading the first user identification card number of the first user identification card;
将获取的所述第一用户识别卡开启密码和第一用户识别卡号写入所述用户识别卡开关控制芯片。 The obtained first user identification card opening password and the first user identification card number are written into the user identification card switch control chip.
其中,所述获取第二验证信息,并从所述用户识别卡开关控制芯片中读取所述第一验证信息,在所述第二验证信息与所述第一验证信息不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,包括:The obtaining the second verification information, and reading the first verification information from the user identification card switch control chip, and when the second verification information does not match the first verification information, controlling the The subscriber identity card switch control chip is disconnected to turn off the power of the second subscriber identity card, including:
获取输入的第二用户识别卡开启密码,并从所述用户识别卡开关控制芯片中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,获取输入的第二用户识别卡号,并从所述用户识别卡开关控制芯片中读取所述第一用户识别卡号,所述第二用户识别卡号与所述第一用户识别卡号不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源。Obtaining an input second user identification card opening password, and reading the first user identification card opening password from the user identification card switch control chip, the second user identification card opening password and the first user identification When the card opening password does not match, the input second user identification card number is obtained, and the first user identification card number is read from the user identification card switch control chip, the second user identification card number and the first user identification When the card number does not match, the user identification card switch control chip is controlled to be turned off to turn off the power of the second user identification card.
其中,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码相符时,或者,所述第二用户识别卡号与所述第一用户识别卡号相符时,该方法还包括:The method further includes: when the second user identification card opening password is consistent with the first user identification card opening password, or when the second user identification card number is consistent with the first user identification card number, the method further comprises:
控制所述用户识别卡开关控制芯片导通,并检测所述第二用户识别卡是否有效,若无效,控制所述用户识别卡开关控制芯片断开,移动终端进入无卡运行模式;若有效,控制所述用户识别卡开关控制芯片保持导通,移动终端识卡运行。Controlling the user identification card switch control chip to be turned on, and detecting whether the second user identification card is valid. If invalid, controlling the user identification card switch control chip to be disconnected, and the mobile terminal enters a cardless operation mode; if valid, The user identification card switch control chip is controlled to be turned on, and the mobile terminal recognizes the card operation.
其中,所述第一验证信息为第一用户识别卡开启密码,所述第二验证信息为第二用户识别卡开启密码。The first verification information is a first user identification card opening password, and the second verification information is a second user identification card opening password.
其中,获取第一验证信息,并将所述第一验证信息写入用户识别卡开关控制芯片,包括:The first verification information is obtained, and the first verification information is written into the user identification card switch control chip, including:
获取设定的第一用户识别卡开启密码,控制所述用户识别卡开关控制芯片导通,并检测所述第一用户识别卡是否有效;若有效,则控制所述用户识别卡开关控制芯片保持导通,将获取的所述第一用户识别卡开启密码写入所述用户识别卡开关控制芯片。Obtaining a set first user identification card opening password, controlling the user identification card switch control chip to be turned on, and detecting whether the first user identification card is valid; if valid, controlling the user identification card switch control chip to maintain Turning on, the acquired first user identification card open password is written into the user identification card switch control chip.
其中,所述获取第二验证信息,并从所述用户识别卡开关控制芯片中 读取所述第一验证信息,在所述第二验证信息与所述第一验证信息不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,包括:Wherein the obtaining the second verification information and controlling the chip from the user identification card switch Reading the first verification information, when the second verification information does not match the first verification information, controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card, include:
获取输入的第二用户识别卡开启密码,并从所述用户识别卡开关控制芯片中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源。Obtaining an input second user identification card opening password, and reading the first user identification card opening password from the user identification card switch control chip, the second user identification card opening password and the first user identification When the card opening password does not match, the user identification card switch control chip is controlled to be turned off to turn off the power of the second user identification card.
其中,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码相符时,该方法还包括:The method further includes: when the second user identification card opening password is consistent with the first user identification card opening password, the method further includes:
控制所述用户识别卡开关控制芯片导通,并检测所述第二用户识别卡是否有效,若无效,控制所述用户识别卡开关控制芯片断开,移动终端进入无卡运行模式;若有效,控制所述用户识别卡开关控制芯片保持导通,移动终端识卡运行。Controlling the user identification card switch control chip to be turned on, and detecting whether the second user identification card is valid. If invalid, controlling the user identification card switch control chip to be disconnected, and the mobile terminal enters a cardless operation mode; if valid, The user identification card switch control chip is controlled to be turned on, and the mobile terminal recognizes the card operation.
本发明实施例提供了一种移动终端,包括基带处理芯片和用户识别模块用户识别卡开关控制芯片,其中,An embodiment of the present invention provides a mobile terminal, including a baseband processing chip and a user identification module user identification card switch control chip, where
所述基带处理芯片,配置为在所述移动终端中首次插入第一用户识别卡时,获取第一验证信息,并将所述第一验证信息写入所述用户识别卡开关控制芯片,同时控制所述用户识别卡开关控制芯片导通,向所述第一用户识别卡供电;The baseband processing chip is configured to acquire first verification information when the first user identification card is first inserted in the mobile terminal, and write the first verification information into the user identification card switch control chip, and simultaneously control The user identification card switch control chip is turned on to supply power to the first user identification card;
所述基带处理芯片,还配置为在所述移动终端中插入第二用户识别卡时,获取第二验证信息,并从所述用户识别卡开关控制芯片中读取所述第一验证信息,在所述第二验证信息与所述第一验证信息不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,所述第二用户识别卡锁定;The baseband processing chip is further configured to: when the second user identification card is inserted in the mobile terminal, acquire second verification information, and read the first verification information from the user identification card switch control chip, where When the second verification information does not match the first verification information, controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card, and the second user identification card is locked;
所述用户识别卡开关控制芯片,配置为存储所述第一验证信息;还用于根据所述基带处理芯片的控制导通或断开。 The user identification card switch control chip is configured to store the first verification information; and is further configured to be turned on or off according to control of the baseband processing chip.
其中,所述用户识别卡开关控制芯片包括:开关控制单元、电源复位单元、通信接口控制单元和存储单元;其中:The user identification card switch control chip includes: a switch control unit, a power reset unit, a communication interface control unit, and a storage unit; wherein:
所述电源复位单元分别与所述开关控制单元和通信接口控制单元相连,用于根据所述基带处理芯片的控制信号向所述开关控制单元和通信接口控制单元提供电源和复位功能;The power reset unit is respectively connected to the switch control unit and the communication interface control unit, and is configured to provide power and reset functions to the switch control unit and the communication interface control unit according to the control signal of the baseband processing chip;
开关控制单元,配置为根据所述基带处理芯片的控制信号导通或断开,并在导通时,将所述基带处理芯片输出的电源提供给用户识别卡,在断开时,关断所述基带处理芯片输出给用户识别卡的电源;a switch control unit configured to be turned on or off according to a control signal of the baseband processing chip, and to provide a power supply output by the baseband processing chip to a user identification card when turned on, and to turn off the The baseband processing chip outputs power to the user identification card;
所述通信接口控制单元,配置为向基带处理芯片提供向所述存储单元写入或读取数据的通信接口,所述通信接口与所述基带处理芯片的相应管脚相连;所述数据包括所述第一验证信息;The communication interface control unit is configured to provide a baseband processing chip with a communication interface for writing or reading data to the storage unit, the communication interface being connected to a corresponding pin of the baseband processing chip; Describe the first verification information;
所述存储单元,配置为存储所述第一验证信息。The storage unit is configured to store the first verification information.
其中,所述移动终端中首次插入第一用户识别卡时、以及所述移动终端中插入第二用户识别卡时,所述开关控制单元默认为断开。Wherein, when the first user identification card is inserted for the first time in the mobile terminal, and the second user identification card is inserted into the mobile terminal, the switch control unit defaults to being disconnected.
其中,所述基带处理芯片,还配置为在获取所述第一验证信息之前,提示是否开启硬件锁定用户识别卡功能,若选择是,则获取所述第一验证信息;若选择否,则控制所述开关控制单元导通,并检测所述第一用户识别卡是否有效,若无效,控制所述开关控制单元断开,移动终端进入无卡运行模式,若有效,控制所述开关控制单元保持导通,移动终端识卡运行。The baseband processing chip is further configured to prompt whether to enable the hardware lock user identification card function before acquiring the first verification information, and if yes, obtain the first verification information; if no, control The switch control unit is turned on, and detects whether the first user identification card is valid. If it is invalid, the switch control unit is controlled to be disconnected, the mobile terminal enters a cardless operation mode, and if valid, the switch control unit is controlled to remain Turn on, the mobile terminal knows the card operation.
其中,所述第一验证信息为第一用户识别卡开启密码和第一用户识别卡号,所述第二验证信息为第二用户识别卡开启密码和第二用户识别卡号。The first verification information is a first user identification card activation password and a first user identification card number, and the second verification information is a second user identification card activation password and a second user identification card number.
其中,所述基带处理芯片,还配置为获取设定的第一用户识别卡开启密码,控制所述开关控制单元导通,并检测所述第一用户识别卡是否有效;若有效,则控制所述开关控制单元保持导通,并读取所述第一用户识别卡的第一用户识别卡号;将获取的所述第一用户识别卡开启密码和第一用户识别卡号写入所述存储单元。 The baseband processing chip is further configured to acquire a set first user identification card open password, control the switch control unit to be turned on, and detect whether the first user identification card is valid; if valid, the control center The switch control unit remains turned on, and reads the first user identification card number of the first user identification card; and writes the acquired first user identification card open password and the first user identification card number into the storage unit.
其中,所述基带处理芯片,还配置为获取输入的第二用户识别卡开启密码,并从所述存储单元中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,获取输入的第二用户识别卡号,并从所述存储单元中读取所述第一用户识别卡号,所述第二用户识别卡号与所述第一用户识别卡号不符时,控制所述开关控制单元断开以关断所述第二用户识别卡的电源。The baseband processing chip is further configured to obtain an input second user identification card open password, and read the first user identification card open password from the storage unit, and the second user identification card opens a password. Obtaining the input second user identification card number when the first user identification card opening password does not match, and reading the first user identification card number from the storage unit, the second user identification card number and the first When a user identification card number does not match, the switch control unit is controlled to be turned off to turn off the power of the second user identification card.
其中,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码相符时,或者,所述第二用户识别卡号与所述第一用户识别卡号相符时,When the second user identification card opening password matches the first user identification card opening password, or when the second user identification card number matches the first user identification card number,
所述基带处理芯片,还配置为控制所述开关控制单元导通,并检测所述第二用户识别卡是否有效,若无效,控制所述开关控制单元断开,移动终端进入无卡运行模式;若有效,控制所述开关控制单元保持导通,移动终端识卡运行。The baseband processing chip is further configured to control the switch control unit to be turned on, and detect whether the second user identification card is valid, and if not, control the switch control unit to be disconnected, and the mobile terminal enters a cardless operation mode; If it is valid, the switch control unit is kept turned on, and the mobile terminal recognizes the card operation.
其中,所述第一验证信息为第一用户识别卡开启密码,所述第二验证信息为第二用户识别卡开启密码。The first verification information is a first user identification card opening password, and the second verification information is a second user identification card opening password.
其中,所述基带处理芯片,还配置为获取设定的第一用户识别卡开启密码,控制所述开关控制单元导通,并检测所述第一用户识别卡是否有效;若有效,则控制所述开关控制单元保持导通,将获取的所述第一用户识别卡开启密码写入所述存储单元。The baseband processing chip is further configured to acquire a set first user identification card open password, control the switch control unit to be turned on, and detect whether the first user identification card is valid; if valid, the control center The switch control unit remains conductive, and the acquired first user identification card open password is written into the storage unit.
其中,所述基带处理芯片,还配置为获取输入的第二用户识别卡开启密码,并从所述存储单元中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,控制开关控制单元断开以关断所述第二用户识别卡的电源。The baseband processing chip is further configured to obtain an input second user identification card open password, and read the first user identification card open password from the storage unit, and the second user identification card opens a password. When the first user identification card opening password does not match, the control switch control unit is turned off to turn off the power of the second user identification card.
其中,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码相符时,Wherein, when the second user identification card opening password matches the first user identification card opening password,
所述基带处理芯片,还配置为控制所述开关控制单元导通,并检测所述第二用户识别卡是否有效,若无效,控制所述开关控制单元断开,移动 终端进入无卡运行模式;若有效,控制所述开关控制单元保持导通,移动终端识卡运行。The baseband processing chip is further configured to control the switch control unit to be turned on, and detect whether the second user identification card is valid, and if not, control the switch control unit to be disconnected, move The terminal enters the cardless operation mode; if it is valid, the switch control unit is kept turned on, and the mobile terminal recognizes the card operation.
本发明实施例提供的一种实现用户识别卡锁定的方法和移动终端中,设置了一个专门的开关芯片,用于控制用户识别卡电源的通断,还将开启用户识别卡的验证信息存储在该芯片中,与移动终端的操作系统分别设置,再通过基带处理芯片(操作系统)对该开关芯片进行控制,实现硬件方式控制用户识别卡锁定的功能,在终端的安全和可靠性方面都得到了大大的提升。A method for implementing user identification card locking and a mobile terminal provided by the embodiment of the present invention are provided with a special switch chip for controlling the power on and off of the user identification card, and also storing the verification information of the user identification card. The chip is separately set up with the operating system of the mobile terminal, and then the switch chip is controlled by the baseband processing chip (operating system) to realize the function of controlling the locking of the user identification card by the hardware mode, and the security and reliability of the terminal are obtained. Great improvement.
附图说明DRAWINGS
图1为本发明实施例一提供的实现用户识别卡锁定的方法流程示意图;1 is a schematic flowchart of a method for implementing user identification card locking according to Embodiment 1 of the present invention;
图2为本发明实施例二提供的实现用户识别卡锁定的移动终端结构示意图;2 is a schematic structural diagram of a mobile terminal for implementing user identification card locking according to Embodiment 2 of the present invention;
图3为本发明实施例三提供的实现用户识别卡锁定的方法流程示意图;3 is a schematic flowchart of a method for implementing user identification card locking according to Embodiment 3 of the present invention;
图4为本发明实施例三的步骤301的具体实现过程示意图;4 is a schematic diagram of a specific implementation process of step 301 according to Embodiment 3 of the present invention;
图5为本发明实施例三的步骤302的具体实现过程示意图;FIG. 5 is a schematic diagram of a specific implementation process of step 302 according to Embodiment 3 of the present invention;
图6为本发明实施例七提供的实现用户识别卡锁定的方法流程示意图;6 is a schematic flowchart of a method for implementing user identification card locking according to Embodiment 7 of the present invention;
图7为本发明实施例七的步骤601的具体实现过程示意图;FIG. 7 is a schematic diagram of a specific implementation process of step 601 according to Embodiment 7 of the present invention;
图8为本发明实施例七的步骤602的具体实现过程示意图。FIG. 8 is a schematic diagram of a specific implementation process of step 602 according to Embodiment 7 of the present invention.
具体实施方式detailed description
下面结合附图和具体实施例对本发明的技术方案进一步详细阐述。The technical solutions of the present invention are further elaborated below in conjunction with the accompanying drawings and specific embodiments.
实施例一Embodiment 1
为了提高移动终端的用户安全系数,本发明实施例提供了一种更加可靠的、通过硬件控制方式实现用户识别卡锁定的方法,基于该方法,对于在通过非法途径获得的移动终端上、换张用户识别卡仍能正常使用的情况 可以得到有效制止。如图1所示,该方法包括:In order to improve the user security factor of the mobile terminal, the embodiment of the present invention provides a more reliable method for locking the user identification card by using a hardware control method. Based on the method, the mobile terminal obtained by illegal means is replaced. The user identification card can still be used normally. Can be effectively stopped. As shown in Figure 1, the method includes:
步骤101,移动终端中首次插入第一用户识别卡时,获取第一验证信息,并将所述第一验证信息写入用户识别卡开关控制芯片,同时控制所述用户识别卡开关控制芯片导通,向所述第一用户识别卡供电。Step 101: When the first user identification card is inserted for the first time in the mobile terminal, the first verification information is acquired, and the first verification information is written into the user identification card switch control chip, and the user identification card switch control chip is controlled to be turned on. And supplying power to the first user identification card.
步骤102,所述移动终端中插入第二用户识别卡时,获取第二验证信息,并从所述用户识别卡开关控制芯片中读取所述第一验证信息,在所述第二验证信息与所述第一验证信息不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,所述第二用户识别卡锁定。Step 102: When the second user identification card is inserted into the mobile terminal, acquiring second verification information, and reading the first verification information from the user identification card switch control chip, where the second verification information is When the first verification information does not match, the user identification card switch control chip is controlled to be turned off to turn off the power of the second user identification card, and the second user identification card is locked.
实施例二Embodiment 2
为了实现上述的方法,需要对移动终端的硬件进行改进。如图2所示为本发明实施例提供的移动终端结构示意图,其中重点示出了硬件控制方式实现用户识别卡锁定所涉及的硬件,包括:基带处理芯片10和用户识别卡开关控制芯片20。In order to implement the above method, it is necessary to improve the hardware of the mobile terminal. FIG. 2 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention. The hardware involved in the hardware control mode for locking the user identification card is highlighted, including: a baseband processing chip 10 and a subscriber identity card switch control chip 20.
其中,向用户识别卡供电的电源VCC从基带处理芯片10输出经用户识别卡开关控制芯片20后接到用户识别卡,需要注意的是,因为电源VCC的电气连接路径要经过用户识别卡开关控制芯片20,所以基带处理芯片10和用户识别卡开关控制芯片20之间用于电源VCC的电气连接的接口、其电气特性要满足IEC7816-3标准要求。The power supply VCC that supplies power to the user identification card is output from the baseband processing chip 10 via the subscriber identification card switch control chip 20 and then received by the subscriber identification card. It is noted that the electrical connection path of the power supply VCC is controlled by the subscriber identification card switch. The chip 20, so the interface between the baseband processing chip 10 and the subscriber identification card switch control chip 20 for the electrical connection of the power supply VCC, has electrical characteristics to meet the requirements of the IEC7816-3 standard.
用户识别卡开关控制芯片20可以通过Switch开关芯片实现,还可以通过数字信号处理器(DSP,Digital Signal Processor)单片机现场可编程门阵列(FPGA,Field-Programmable Gate Array),RISC微处理器(ARM,Advanced RISC Machines)等芯片之一种或互相组合实现。用户识别卡开关控制芯片20包括开关控制单元21、电源复位单元22、通信接口控制单元23和存储单元24。The user identification card switch control chip 20 can be realized by a switch switch chip, and can also be a digital signal processor (DSP, Digital Signal Processor), a field-programmable gate array (FPGA), a RISC microprocessor (ARM). , Advanced RISC Machines) and other chips are implemented in combination with each other. The subscriber identity card switch control chip 20 includes a switch control unit 21, a power source reset unit 22, a communication interface control unit 23, and a storage unit 24.
开关控制单元21具备基本开关功能,用于控制用户识别卡电源VCC 的通断;通信接口控制单元23和存储单元24,用于写入/读取验证信息;电源复位模块22,用于给用户识别卡开关控制芯片提供电源和复位功能,在本发明实施例中主要是为开关控制单元21和通信接口控制单元23提供电源和复位功能。The switch control unit 21 has a basic switch function for controlling the user identification card power supply VCC The communication interface control unit 23 and the storage unit 24 are configured to write/read verification information; the power reset module 22 is configured to provide power and reset functions to the user identification card switch control chip, in the embodiment of the present invention. Mainly to provide power and reset functions for the switch control unit 21 and the communication interface control unit 23.
当基带处理芯片10输出控制信号使开关控制单元21导通时,电源VCC就可以输入到用户识别卡向其供电,相反,当基带处理芯片10输出控制信号使开关控制单元21断开时,电源VCC无法输入到用户识别卡,则用户识别卡无法使用、即锁定。存储单元24,用于存储上述验证信息,基带处理芯片10通过通信接口控制单元23将上述验证信息写入存储单元24,还根据需要从存储单元24中读取这些信息。这里,通信接口可以是集成电路总线(IIC,Inter-Integrated Circuit)、通用异步收发传输器(UART,Universal Asynchronous Receiver/Transmitter)、串行外设接口(SPI,Serial Peripheral Interface)等,用户识别卡开关控制芯片20的通信接口与基带处理芯片10相应的管脚连接。When the baseband processing chip 10 outputs a control signal to turn on the switch control unit 21, the power source VCC can be input to the user identification card to supply power thereto. Conversely, when the baseband processing chip 10 outputs a control signal to turn off the switch control unit 21, the power source If the VCC cannot be input to the user identification card, the user identification card cannot be used, that is, locked. The storage unit 24 is configured to store the above-described verification information, and the baseband processing chip 10 writes the above-described verification information into the storage unit 24 through the communication interface control unit 23, and also reads the information from the storage unit 24 as needed. Here, the communication interface may be an Inter-Integrated Circuit (IIC), a Universal Asynchronous Receiver/Transmitter (UART), a Serial Peripheral Interface (SPI), etc., a user identification card. The communication interface of the switch control chip 20 is connected to the corresponding pin of the baseband processing chip 10.
基带处理芯片10通过向电源复位单元22发送VDD信号、复位(RESET)信号,使电源复位单元22向开关控制单元21和通信接口控制单元23提供电源和复位功能。The baseband processing chip 10 causes the power supply reset unit 22 to supply power and reset functions to the switch control unit 21 and the communication interface control unit 23 by transmitting a VDD signal and a RESET signal to the power supply reset unit 22.
用户识别卡的时钟信号CLK、数据信号DATA、复位信号RST由基带处理芯片10和用户识别卡直连,如此,可以实现基带处理芯片10对用户识别卡相应数据的读取,实现对用户识别卡的识别。The clock signal CLK, the data signal DATA, and the reset signal RST of the user identification card are directly connected by the baseband processing chip 10 and the user identification card. Thus, the baseband processing chip 10 can read the corresponding data of the user identification card, and realize the user identification card. Identification.
在实现上述实施例一提供的用户识别卡锁定的方法时,图2中各个模块的功能如下:In the method for implementing the user identification card locking provided in the above first embodiment, the functions of each module in FIG. 2 are as follows:
所述基带处理芯片10,配置为在所述移动终端中首次插入第一用户识别卡时,获取第一验证信息,并将所述第一验证信息写入所述用户识别卡开关控制芯片20,同时控制所述用户识别卡开关控制芯片20导通,向所述第一用户识别卡供电; The baseband processing chip 10 is configured to acquire first authentication information when the first user identification card is inserted for the first time in the mobile terminal, and write the first verification information into the user identification card switch control chip 20, Simultaneously controlling the user identification card switch control chip 20 to be turned on to supply power to the first user identification card;
所述基带处理芯片10,还配置为在所述移动终端中插入第二用户识别卡时,获取第二验证信息,并从所述用户识别卡开关控制芯片20中读取所述第一验证信息,在所述第二验证信息与所述第一验证信息不符时,控制所述用户识别卡开关控制芯片20断开以关断所述第二用户识别卡的电源,所述第二用户识别卡锁定;The baseband processing chip 10 is further configured to acquire second verification information when the second user identification card is inserted in the mobile terminal, and read the first verification information from the user identification card switch control chip 20. And controlling, when the second verification information does not match the first verification information, the user identification card switch control chip 20 to be turned off to turn off the power of the second user identification card, the second user identification card locking;
所述用户识别卡开关控制芯片20,配置为存储所述第一验证信息;还配置为根据所述基带处理芯片10的控制导通或断开。The subscriber identity card switch control chip 20 is configured to store the first verification information; and is further configured to be turned on or off according to control of the baseband processing chip 10.
在所述用户识别卡开关控制芯片20中:In the subscriber identity card switch control chip 20:
所述电源复位单元22分别与所述开关控制单元21和通信接口控制单元23相连,配置为根据所述基带处理芯片10的控制信号向所述开关控制单元21和通信接口控制单元23提供电源和复位功能;The power reset unit 22 is connected to the switch control unit 21 and the communication interface control unit 23, respectively, and configured to provide power to the switch control unit 21 and the communication interface control unit 23 according to a control signal of the baseband processing chip 10. Reset function
开关控制单元21,配置为根据所述基带处理芯片10的控制信号导通或断开,并在导通时,将所述基带处理芯片10输出的电源提供给用户识别卡,在断开时,关断所述基带处理芯片10输出给用户识别卡的电源;The switch control unit 21 is configured to be turned on or off according to a control signal of the baseband processing chip 10, and when turned on, provide power outputted by the baseband processing chip 10 to a user identification card, when disconnected, Turning off the power output of the baseband processing chip 10 to the user identification card;
所述通信接口控制单元23,配置为向基带处理芯片10提供向所述存储单元24写入或读取数据的通信接口,所述通信接口与所述基带处理芯片10的相应管脚相连;所述数据包括所述第一验证信息;The communication interface control unit 23 is configured to provide a baseband processing chip 10 with a communication interface for writing or reading data to the storage unit 24, the communication interface being connected to a corresponding pin of the baseband processing chip 10; The data includes the first verification information;
所述存储单元24,配置为存储所述第一验证信息。The storage unit 24 is configured to store the first verification information.
所述基带处理芯片10,还配置为在获取所述第一验证信息之前,提示是否开启硬件锁定用户识别卡功能,若选择是,则获取所述第一验证信息;若选择否,则控制所述开关控制单元21导通,并检测所述第一用户识别卡是否有效,若无效,控制所述开关控制单元21断开,移动终端进入无卡运行模式,若有效,控制所述开关控制单元21保持导通,移动终端识卡运行。The baseband processing chip 10 is further configured to prompt whether to enable the hardware lock user identification card function before acquiring the first verification information, and if yes, obtain the first verification information; if no, the control station The switch control unit 21 is turned on, and detects whether the first subscriber identity card is valid. If it is invalid, the switch control unit 21 is controlled to be disconnected, the mobile terminal enters a cardless operation mode, and if valid, the switch control unit is controlled. 21 keeps on, and the mobile terminal knows the card to run.
实施例三Embodiment 3
上述第一验证信息为第一用户识别卡开启密码和第一用户识别卡号, 所述第二验证信息为第二用户识别卡开启密码和第二用户识别卡号。此种情况下,本发明实施例提供的实现用户识别卡锁定的方法,如图3所示,包括:The first verification information is a first user identification card activation password and a first user identification card number, The second verification information is a second user identification card activation password and a second user identification card number. In this case, the method for implementing the locking of the user identification card provided by the embodiment of the present invention, as shown in FIG. 3, includes:
步骤301,移动终端中首次插入第一用户识别卡时,获取设定的第一用户识别卡开启密码和所述第一用户识别卡的第一用户识别卡号,并将所述第一用户识别卡开启密码和第一用户识别卡号写入用户识别卡开关控制芯片,同时控制所述用户识别卡开关控制芯片导通,向所述第一用户识别卡供电。Step 301: When the first user identification card is inserted for the first time in the mobile terminal, the first user identification card opening password and the first user identification card number of the first user identification card are obtained, and the first user identification card is obtained. The opening password and the first user identification card number are written into the subscriber identity card switch control chip, and the user identification card switch control chip is controlled to be turned on to supply power to the first subscriber identity card.
步骤302,所述移动终端中插入第二用户识别卡时,获取输入的第二用户识别卡开启密码,并从所述用户识别卡开关控制芯片中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,获取输入的第二用户识别卡号,并从所述用户识别卡开关控制芯片中读取所述第一用户识别卡号,所述第二用户识别卡号与所述第一用户识别卡号不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,所述第二用户识别卡锁定。Step 302: When the second user identification card is inserted into the mobile terminal, obtain the input second user identification card opening password, and read the first user identification card opening password from the user identification card switch control chip. When the second user identification card opening password does not match the first user identification card opening password, acquiring the input second user identification card number, and reading the first user identification from the user identification card switch control chip a card number, when the second user identification card number does not match the first user identification card number, controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card, the second user identification The card is locked.
用户识别卡号如IMSI号(International Mobile Subscriber Identification Number),上述IMSI号即国际移动用户识别码是唯一的,与运营商提供的用户识别卡一一对应,存储在SIM卡中,用于区别移动用户的有效信息。IMSI号总长度不超过15位,由0~9数字组成。其中MCC是移动用户所属国家代号,占3位数字,中国的MCC规定为460;MNC是移动网号码,最多由两位数字组成,用于识别移动用户所归属的移动通信网,比如00代码,对应135~139号段;MSIN是移动用户识别码,用以识别某一移动通信网中的移动用户。The user identification card number, such as the IMSI number (International Mobile Subscriber Identification Number), is the only one of the IMSI number, which is unique to the user identification card provided by the operator, and is stored in the SIM card for distinguishing the mobile user. Valid information. The total length of the IMSI number does not exceed 15 digits and consists of 0 to 9 digits. MCC is the country code of the mobile user, which is 3 digits. The MCC of China is 460. The MNC is a mobile network number, which is composed of up to two digits. It is used to identify the mobile communication network to which the mobile user belongs, such as 00 code. Corresponding to segments 135 to 139; MSIN is a mobile subscriber identity code for identifying mobile users in a mobile communication network.
实施例四Embodiment 4
下面对实施例三提供的方法进行详细的说明。 The method provided in the third embodiment will be described in detail below.
上述步骤301的实现过程如图4所示,包括:The implementation process of the above step 301 is as shown in FIG. 4, and includes:
步骤401,移动终端首次插入第一用户识别卡后开机,此时,用户识别卡开关控制芯片默认为断开。Step 401: The mobile terminal is powered on after the first user identification card is inserted for the first time. At this time, the user identification card switch control chip is turned off by default.
本发明实施例中所涉及的用户识别卡开关控制芯片断开或导通,即是指其中的开关控制单元断开或导通。The user identification card switch control chip involved in the embodiment of the present invention is turned off or turned on, that is, the switch control unit therein is turned off or turned on.
步骤402,基带处理芯片通过移动终端的显示屏提示是否开启硬件锁定用户识别卡功能,若否,执行步骤403;若是,执行步骤404。Step 402: The baseband processing chip prompts whether to enable the hardware lock user identification card function through the display screen of the mobile terminal. If not, step 403 is performed; if yes, step 404 is performed.
步骤403,基带处理芯片控制用户识别卡开关控制芯片导通,并检测第一用户识别卡是否有效,若无效,基带处理芯片控制用户识别卡开关控制芯片断开,移动终端进入无卡运行模式,若有效,用户识别卡开关控制芯片保持导通,移动终端正常识卡运行。 Step 403, the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the first user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode. If valid, the subscriber identity card switch control chip remains conductive, and the mobile terminal normally recognizes the card operation.
由于在开机时选择了不开启硬件锁定用户识别卡功能,那么为了便于用户启用硬件锁定用户识别卡功能,当再次开机时,移动终端会再次提示是否开启硬件锁定用户识别卡功能,当然,用户也可通过设置使后续开机时跳过此提示。Since the function of locking the user identification card is not turned on at the time of power-on, in order to facilitate the user to enable the hardware to lock the user identification card function, when the computer is turned on again, the mobile terminal will prompt again whether to enable the hardware to lock the user identification card function, of course, the user also This prompt can be skipped by setting to enable subsequent booting.
步骤404,基带处理芯片通过移动终端的显示屏提示输入第一用户识别卡开启密码(此处,根据需要可以设置一重密码或多重密码)。 Step 404, the baseband processing chip prompts to input the first user identification card to open the password through the display screen of the mobile terminal (here, a heavy password or multiple passwords may be set as needed).
步骤405,基带处理芯片判断输入的所述第一用户识别卡开启密码是否有效(可以预先设置并保存密码设置规则,判断输入的密码是否符合密码设置规则,若符合则说明有效,否则无效),若有效,执行步骤306,若无效,返回执行步骤304、即重新输入第一用户识别卡开启密码。Step 405: The baseband processing chip determines whether the input first user identification card opening password is valid (you can set and save the password setting rule in advance, and determine whether the input password meets the password setting rule, if it is met, the description is valid, otherwise invalid) If yes, go to step 306. If it is invalid, go back to step 304 and re-enter the first user ID card to open the password.
步骤406,基带处理芯片控制用户识别卡开关控制芯片导通,并检测第一用户识别卡是否有效,若无效,基带处理芯片控制用户识别卡开关控制芯片断开,移动终端进入无卡运行模式;若有效,用户识别卡开关控制芯片保持导通,此时,基带处理芯片读取第一用户识别卡的第一用户识别卡号。 Step 406, the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the first user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode; If valid, the subscriber identity card switch control chip remains conductive. At this time, the baseband processing chip reads the first subscriber identification card number of the first subscriber identity card.
步骤407,基带处理芯片将获取的第一用户识别卡开启密码和第一用户识别卡号写入用户识别卡开关控制芯片,移动终端正常识卡运行。Step 407: The baseband processing chip writes the acquired first user identification card opening password and the first user identification card number into the user identification card switch control chip, and the mobile terminal normally recognizes the card operation.
需要说明的是,用户识别卡开启密码和用户识别卡号被存储在移动终端的用户识别卡开关控制芯片中,而操作系统是以基带处理芯片为硬件基础运行的,两者分设在不同的硬件中。It should be noted that the user identification card opening password and the user identification card number are stored in the user identification card switch control chip of the mobile terminal, and the operating system is based on the baseband processing chip, and the two are set in different hardware. .
在上述过程中,检测用户识别卡的有效性是移动终端能否识别用户识别卡的步骤之一,需要注意的是,移动终端每次开机时,用户识别卡开关控制芯片的开关控制单元默认均为断开,而检测用户识别卡是否有效的前提是开关控制单元被基带处理芯片控制为导通。In the above process, detecting the validity of the user identification card is one of the steps for the mobile terminal to recognize the user identification card. It should be noted that the switch control unit of the user identification card switch control chip defaults each time the mobile terminal is powered on. To disconnect, the premise that the user identification card is valid is that the switch control unit is controlled to be turned on by the baseband processing chip.
另外,基带处理芯片对用户识别卡号的读取可以在入网鉴权过程中实现。以IMSI号的读取为例,入网鉴权流程为:a)移动终端正常识别用户识别卡后,从用户识别卡上读取IMSI号;b)移动终端把IMSI号发送运营商服务器,服务器会反馈给手机一组随机数;c)移动终端将收到的随机数发给用户识别卡,用户识别卡运算单元根据随机数和Ki算出结果SRES,并反馈给移动终端;d)移动终端将SRES传给服务器,服务器从数据库中找到与此IMSI对应的Ki(用户鉴权密钥,即客户身份认证密码,存放在用户识别卡特定区域不能读取,共32位),并使用相同的随机数,相同算法计算出SRES’,进行比较;e)若SRES=SRES’,则鉴权成功,否则鉴权失败。In addition, the reading of the subscriber identification card number by the baseband processing chip can be implemented in the network authentication process. Taking the reading of the IMSI number as an example, the network authentication process is: a) after the mobile terminal normally recognizes the user identification card, the IMSI number is read from the user identification card; b) the mobile terminal sends the IMSI number to the operator server, and the server will Feedback to the mobile phone a set of random numbers; c) the mobile terminal sends the received random number to the user identification card, the user identification card operation unit calculates the result SRES according to the random number and Ki, and feeds back to the mobile terminal; d) the mobile terminal will SRES Passed to the server, the server finds the Ki corresponding to the IMSI from the database (the user authentication key, that is, the customer identity authentication password, which can not be read in a specific area of the user identification card, a total of 32 bits), and uses the same random number The same algorithm calculates SRES' for comparison; e) if SRES=SRES', the authentication succeeds, otherwise the authentication fails.
基于入网鉴权过程可以确认,移动终端会通过串行数据交互指令APDU与用户识别卡交互(APDU每条长度最大255字节,为单线程执行方式,即前一条APDU命令没执行完毕,不得开始下一条命令),读取用户识别卡中存储的唯一IMSI号。获取IMSI号同时,由基带处理芯片利用数据通信接口(例如IIC),将获取的IMSI号写入用户识别卡开关控制芯片的存储单元中保存。Based on the network authentication process, it can be confirmed that the mobile terminal interacts with the user identification card through the serial data interaction command APDU (the maximum length of each APDU is 255 bytes, which is a single-thread execution mode, that is, the previous APDU command is not executed, and may not start. The next command) reads the unique IMSI number stored in the subscriber identity card. At the same time, the IMSI number is acquired by the baseband processing chip by using a data communication interface (for example, IIC), and the acquired IMSI number is written in the storage unit of the subscriber identity card switch control chip.
上述步骤302的实现过程如图5所示,包括: The implementation process of the above step 302 is as shown in FIG. 5, and includes:
步骤501,第二次及后续在移动终端中插入第二用户识别卡后开机,此时,用户识别卡开关控制芯片默认为断开。Step 501: After the second user identification card is inserted into the mobile terminal, the second and subsequent steps are turned on. At this time, the user identification card switch control chip is turned off by default.
步骤502,基带处理芯片通过移动终端的显示屏提示输入第二用户识别卡开启密码。Step 502: The baseband processing chip prompts to input a second user identification card to open a password through a display screen of the mobile terminal.
根据前述设置的一重密码或多重密码,当设置的为多重密码时,可以随机选择一重密码作为此次开启用户识别卡的密码,并提示用户输入,也可以要求用户依次输入设置的多重密码以开启用户识别卡。According to the above-mentioned one-fold password or multiple passwords, when multiple passwords are set, a password can be randomly selected as the password for opening the user identification card, and the user is prompted to input, or the user can be required to input the set multiple passwords in order to open User identification card.
步骤503,判断输入的第二用户识别卡开启密码是否通过,如果通过,执行步骤504,否则,执行步骤505。In step 503, it is determined whether the input second user identification card is enabled to pass the password. If yes, step 504 is performed; otherwise, step 505 is performed.
需要说明的是,输入第二用户识别卡开启密码时,基带处理芯片会从用户识别卡开关控制芯片的存储单元中同步读取已设定过的第一用户识别卡开启密码进行比对,若相符,则通过;否则不通过。It should be noted that, when the second user identification card is input to open the password, the baseband processing chip synchronously reads the set first user identification card opening password from the storage unit of the user identification card switch control chip for comparison. If it matches, it passes; otherwise it does not pass.
步骤504,基带处理芯片控制用户识别卡开关控制芯片导通,并检测第二用户识别卡是否有效,若无效,基带处理芯片控制用户识别卡开关控制芯片断开,移动终端进入无卡运行模式,若有效,用户识别卡开关控制芯片保持导通,移动终端正常识卡运行。 Step 504, the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the second user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode. If valid, the subscriber identity card switch control chip remains conductive, and the mobile terminal normally recognizes the card operation.
需要说明的是,第二用户识别卡有效时,基带处理芯片读取第二用户识别卡的第二用户识别卡号并写入用户识别卡开关控制芯片的存储单元中。It should be noted that when the second subscriber identity card is valid, the baseband processing chip reads the second subscriber identity card number of the second subscriber identity card and writes it into the storage unit of the subscriber identity card switch control chip.
步骤505,基带处理芯片通过移动终端的显示屏提示输入第二用户识别卡的第二用户识别卡号,并从用户识别卡开关控制芯片的存储单元中读取已经保存第一用户识别卡号。Step 505: The baseband processing chip prompts to input the second user identification card number of the second user identification card through the display screen of the mobile terminal, and reads the saved first user identification card number from the storage unit of the user identification card switch control chip.
步骤506,判断第二用户识别卡号和第一用户识别卡号是否相符,若相符,说明存储单元中记录过该第二用户识别卡的信息,验证通过,执行步骤507;若不相符,执行步骤508。Step 506: Determine whether the second user identification card number and the first user identification card number match. If they match, the information of the second user identification card is recorded in the storage unit, and the verification is passed, and step 507 is performed; if not, step 508 is performed. .
步骤507,基带处理芯片控制用户识别卡开关控制芯片导通,并检测第二用户识别卡是否有效,若无效,基带处理芯片控制用户识别卡开关控制 芯片断开,移动终端进入无卡运行模式;若有效,用户识别卡开关控制芯片保持导通,移动终端正常识卡运行。 Step 507, the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the second user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control. When the chip is disconnected, the mobile terminal enters the cardless operation mode; if it is valid, the user identification card switch control chip remains conductive, and the mobile terminal normally recognizes the card operation.
步骤508,基带处理芯片控制用户识别卡开关控制芯片断开,移动终端用户识别卡功能被锁定(同时可以通过显示屏提示密码输入次数达到上限)。 Step 508, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal user identification card function is locked (at the same time, the number of password input times can be reached through the display screen).
实施例五Embodiment 5
根据本发明上述的实施例三和实施例四,以SIM卡和IMSI号为例,当用户A第一次在手机中插入SIM卡a,并选择启用硬件锁定SIM卡功能时,根据系统提示,用户设定并输入SIM卡开启密码,系统同时读取该SIM卡a的IMSI号,这些信息被存储在手机的SIM卡开关控制芯片中,与手机的操作系统分别设置在不同的硬件中。如果该用户B通过非法途径得到了用户A的手机,当用户B在该手机中插入一张新的SIM卡b时,首先,系统会提示用户B输入SIM卡开启密码,如果用户B无法获知上述设定的SIM卡开启密码,则系统会提示用户B输入IMSI号,如果用户B无法获取SIM卡a的IMSI号,而是输入了SIM卡b的IMSI号,由于该手机中未记录SIM卡b的IMSI号,那么系统就不会向SIM卡b供电,同时,系统会提示该手机的SIM卡功能被锁定,则用户B就无法正常使用该手机。由于SIM卡开启密码和IMSI号是存储在硬件、即SIM卡开关控制芯片中,且与手机的操作系统是独立设置的,因此,即使用户B对该手机刷机或者使用解密软件也无法解开密码或者从该手机中抹去已保存的SIM卡开启密码和IMSI号。如此,提高了用户终端的安全系数和可靠性。According to the third embodiment and the fourth embodiment of the present invention, the SIM card and the IMSI number are taken as an example. When the user A inserts the SIM card a into the mobile phone for the first time and selects to enable the hardware lock SIM card function, according to the system prompt, The user sets and inputs the SIM card activation password, and the system simultaneously reads the IMSI number of the SIM card a. The information is stored in the SIM card switch control chip of the mobile phone, and is set in different hardware with the operating system of the mobile phone. If the user B obtains the mobile phone of the user A by illegal means, when the user B inserts a new SIM card b into the mobile phone, first, the system prompts the user B to input the SIM card opening password, if the user B cannot know the above. If the set SIM card is turned on, the system will prompt the user B to input the IMSI number. If the user B cannot obtain the IMSI number of the SIM card a, but enters the IMSI number of the SIM card b, since the SIM card is not recorded in the mobile phone, The IMSI number, then the system will not supply power to the SIM card b, and at the same time, the system will prompt that the SIM card function of the mobile phone is locked, then the user B cannot use the mobile phone normally. Since the SIM card activation password and the IMSI number are stored in the hardware, that is, the SIM card switch control chip, and are independently set with the operating system of the mobile phone, even if the user B flashes the mobile phone or uses the decryption software, the password cannot be unlocked. Or erase the saved SIM card activation password and IMSI number from the phone. In this way, the safety factor and reliability of the user terminal are improved.
实施例六Embodiment 6
对应实施例三和实施例四提供的实现用户识别卡锁定的方法(第一验证信息为第一用户识别卡开启密码和第一用户识别卡号、第二验证信息为第二用户识别卡开启密码和第二用户识别卡号),对图2所示的移动终端各 个硬件的功能进行详细的说明,其中,Corresponding to the method for implementing the user identification card locking provided by the third embodiment and the fourth embodiment (the first verification information is the first user identification card opening password and the first user identification card number, and the second verification information is the second user identification card opening password and Second user identification card number), for each mobile terminal shown in FIG. The functions of the hardware are described in detail, among them,
所述基带处理芯片10,配置为在所述移动终端中首次插入第一用户识别卡时,获取设定的第一用户识别卡开启密码和所述第一用户识别卡的第一用户识别卡号,并将所述第一用户识别卡开启密码和第一用户识别卡号写入用户识别卡开关控制芯片20,同时控制所述用户识别卡开关控制芯片20导通,向所述第一用户识别卡供电;The baseband processing chip 10 is configured to acquire a first user identification card opening password and a first user identification card number of the first user identification card when the first user identification card is inserted for the first time in the mobile terminal. And writing the first user identification card opening password and the first user identification card number into the user identification card switch control chip 20, and controlling the user identification card switch control chip 20 to be turned on, and supplying power to the first user identification card. ;
所述基带处理芯片10,还配置为在所述移动终端中插入第二用户识别卡时,获取输入的第二用户识别卡开启密码,并从所述用户识别卡开关控制芯片20中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,获取输入的第二用户识别卡号,并从所述用户识别卡开关控制芯片20中读取所述第一用户识别卡号,所述第二用户识别卡号与所述第一用户识别卡号不符时,控制所述用户识别卡开关控制芯片20断开以关断所述第二用户识别卡的电源,所述第二用户识别卡锁定;The baseband processing chip 10 is further configured to acquire an input second user identification card activation password when the second user identification card is inserted in the mobile terminal, and read the information from the user identification card switch control chip 20. The first user identification card opens a password, and when the second user identification card opening password does not match the first user identification card opening password, the input second user identification card number is obtained, and the chip is controlled from the user identification card switch. The first user identification card number is read in 20, and when the second user identification card number does not match the first user identification card number, the user identification card switch control chip 20 is controlled to be turned off to turn off the second user. Identifying the power of the card, the second user identification card is locked;
所述用户识别卡开关控制芯片20,配置为存储所述第一用户识别卡开启密码和第一用户识别卡号;还用于根据所述基带处理芯片10的控制导通或断开。The user identification card switch control chip 20 is configured to store the first user identification card open password and the first user identification card number; and is further configured to be turned on or off according to the control of the baseband processing chip 10.
其中:among them:
所述用户识别卡开关控制芯片20包括:开关控制单元21、电源复位单元22、通信接口控制单元23和存储单元24;其中:The subscriber identity card switch control chip 20 includes: a switch control unit 21, a power source reset unit 22, a communication interface control unit 23, and a storage unit 24;
所述电源复位单元24分别与所述开关控制单元21和通信接口控制单元23相连,配置为根据所述基带处理芯片10的控制信号向所述开关控制单元21和通信接口控制单元23提供电源和复位功能;The power reset unit 24 is connected to the switch control unit 21 and the communication interface control unit 23, respectively, and configured to supply power to the switch control unit 21 and the communication interface control unit 23 according to a control signal of the baseband processing chip 10. Reset function
开关控制单元21,配置为根据所述基带处理芯片10的控制信号导通或断开,并在导通时,将所述基带处理芯片10输出的电源提供给用户识别卡,在断开时,关断所述基带处理芯片10输出给用户识别卡的电源; The switch control unit 21 is configured to be turned on or off according to a control signal of the baseband processing chip 10, and when turned on, provide power outputted by the baseband processing chip 10 to a user identification card, when disconnected, Turning off the power output of the baseband processing chip 10 to the user identification card;
所述通信接口控制单元23,配置为向基带处理芯片10提供向所述存储单元24写入或读取数据的通信接口,所述通信接口与所述基带处理芯片10的相应管脚相连;所述数据包括所述第一用户识别卡开启密码和第一用户识别卡号;The communication interface control unit 23 is configured to provide a baseband processing chip 10 with a communication interface for writing or reading data to the storage unit 24, the communication interface being connected to a corresponding pin of the baseband processing chip 10; The data includes the first user identification card opening password and a first user identification card number;
所述存储单元24,配置为存储所述第一用户识别卡开启密码和第一用户识别卡号。The storage unit 24 is configured to store the first user identification card activation password and the first user identification card number.
所述移动终端中首次插入第一用户识别卡时、以及所述移动终端中插入第二用户识别卡时,所述开关控制单元21默认为断开。When the first user identification card is inserted for the first time in the mobile terminal and the second user identification card is inserted into the mobile terminal, the switch control unit 21 is turned off by default.
所述基带处理芯片10,还配置为获取设定的第一用户识别卡开启密码,控制所述开关控制单元21导通,并检测所述第一用户识别卡是否有效;若有效,则控制所述开关控制单元21保持导通,并读取所述第一用户识别卡的第一用户识别卡号,将获取的所述第一用户识别卡开启密码和第一IMSI号写入所述存储单元24。The baseband processing chip 10 is further configured to acquire a set first user identification card opening password, control the switch control unit 21 to be turned on, and detect whether the first user identification card is valid; if valid, the control station The switch control unit 21 is kept turned on, and reads the first user identification card number of the first user identification card, and writes the acquired first user identification card open password and the first IMSI number into the storage unit 24 .
所述基带处理芯片10,还配置为在获取设定的第一用户识别卡开启密码之前,提示是否开启硬件锁定用户识别卡功能,若选择是,则提示设定并输入所述第一用户识别卡开启密码;若选择否,则控制所述开关控制单元21导通,并检测所述第一用户识别卡是否有效,若无效,控制所述开关控制单元21断开,移动终端进入无卡运行模式,若有效,控制所述开关控制单元21保持导通,移动终端正常识卡运行。The baseband processing chip 10 is further configured to prompt whether to enable the hardware lock user identification card function before acquiring the set first user identification card opening password, and if yes, prompting to set and input the first user identification The card opens the password; if no, the switch control unit 21 is controlled to be turned on, and detects whether the first user identification card is valid. If it is invalid, the switch control unit 21 is controlled to be disconnected, and the mobile terminal enters no card operation. The mode, if valid, controls the switch control unit 21 to remain conductive, and the mobile terminal normally recognizes the card operation.
所述基带处理芯片10,还配置为获取输入的第二用户识别卡开启密码,并从所述存储单元24中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,获取输入的第二用户识别卡号,并从所述存储单元24中读取所述第一用户识别卡号,所述第二用户识别卡号与所述第一用户识别卡号不符时,控制所述开关控制单元21断开以关断所述第二用户识别卡的电源。The baseband processing chip 10 is further configured to acquire an input second user identification card open password, and read the first user identification card open password from the storage unit 24, and the second user identification card opens a password. Acquiring the input second user identification card number when the first user identification card opening password does not match, and reading the first user identification card number from the storage unit 24, the second user identification card number and the When the first subscriber identification card number does not match, the switch control unit 21 is controlled to be turned off to turn off the power of the second subscriber identity card.
所述第二用户识别卡开启密码与所述第一用户识别卡开启密码相符时, 或者,所述第二用户识别卡号与所述第一用户识别卡号相符时,所述基带处理芯片10,还用于控制所述开关控制单元21导通,并检测所述第二用户识别卡是否有效,若无效,控制所述开关控制单元21断开,移动终端进入无卡运行模式;若有效,控制所述开关控制单元21保持导通,移动终端正常识卡运行。When the second user identification card opening password matches the first user identification card opening password, Alternatively, when the second user identification card number matches the first user identification card number, the baseband processing chip 10 is further configured to control the switch control unit 21 to be turned on, and detect whether the second user identification card is If it is invalid, the switch control unit 21 is controlled to be disconnected, and the mobile terminal enters the cardless operation mode; if it is valid, the switch control unit 21 is controlled to be turned on, and the mobile terminal normally recognizes the card operation.
实施例七Example 7
上述第一验证信息为第一用户识别卡开启密码,第二验证信息为第二用户识别卡开启密码。此种情况下,本发明实施例提供的实现用户识别卡锁定的方法,如图6所示,包括:The first verification information is a first user identification card opening password, and the second verification information is a second user identification card opening password. In this case, the method for implementing the locking of the user identification card provided by the embodiment of the present invention, as shown in FIG. 6, includes:
步骤601,移动终端中首次插入第一用户识别卡时,获取设定的第一用户识别卡开启密码,并将所述第一用户识别卡开启密码写入用户识别卡开关控制芯片,同时控制所述用户识别卡开关控制芯片导通,向所述第一用户识别卡供电。Step 601: When the first user identification card is inserted for the first time in the mobile terminal, the first user identification card opening password is obtained, and the first user identification card opening password is written into the user identification card switch control chip, and the control center is controlled. The subscriber identity card switch control chip is turned on to supply power to the first subscriber identity card.
步骤602,所述移动终端中插入第二用户识别卡时,获取输入的第二用户识别卡开启密码,并从所述用户识别卡开关控制芯片中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,所述第二用户识别卡锁定。Step 602: When the second user identification card is inserted into the mobile terminal, the input second user identification card opening password is obtained, and the first user identification card opening password is read from the user identification card switch control chip. When the second user identification card opening password does not match the first user identification card opening password, controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card, the second The user identification card is locked.
实施例八Example eight
下面对实施例七提供的方法进行详细的说明。The method provided in the seventh embodiment will be described in detail below.
上述步骤601的实现过程如图7所示,包括:The implementation process of the above step 601 is as shown in FIG. 7, and includes:
步骤701,移动终端首次插入第一用户识别卡后开机,此时,用户识别卡开关控制芯片默认为断开。Step 701: The mobile terminal is powered on after the first user identification card is inserted for the first time. At this time, the user identification card switch control chip is turned off by default.
本发明实施例中所涉及的用户识别卡开关控制芯片断开或导通,即是 指其中的开关控制单元断开或导通。The user identification card switch control chip involved in the embodiment of the present invention is disconnected or turned on, that is, Refers to the switch control unit in which it is disconnected or turned on.
步骤702,基带处理芯片通过移动终端的显示屏提示是否开启硬件锁定用户识别卡功能,若否,执行步骤703;若是,执行步骤704。Step 702: The baseband processing chip prompts whether to enable the hardware lock user identification card function through the display screen of the mobile terminal. If not, step 703 is performed; if yes, step 704 is performed.
步骤703,基带处理芯片控制用户识别卡开关控制芯片导通,并检测第一用户识别卡是否有效,若无效,基带处理芯片控制用户识别卡开关控制芯片断开,移动终端进入无卡运行模式,若有效,用户识别卡开关控制芯片保持导通,移动终端正常识卡运行。 Step 703, the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the first user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode. If valid, the subscriber identity card switch control chip remains conductive, and the mobile terminal normally recognizes the card operation.
由于在开机时选择了不开启硬件锁定用户识别卡功能,那么为了便于用户启用硬件锁定用户识别卡功能,当再次开机时,移动终端会再次提示是否开启硬件锁定用户识别卡功能,当然,用户也可通过设置使后续开机时跳过此提示。Since the function of locking the user identification card is not turned on at the time of power-on, in order to facilitate the user to enable the hardware to lock the user identification card function, when the computer is turned on again, the mobile terminal will prompt again whether to enable the hardware to lock the user identification card function, of course, the user also This prompt can be skipped by setting to enable subsequent booting.
步骤704,基带处理芯片通过移动终端的显示屏提示输入第一用户识别卡开启密码(此处,根据需要可以设置一重密码或多重密码)。 Step 704, the baseband processing chip prompts to input the first user identification card to open the password through the display screen of the mobile terminal (here, a heavy password or multiple passwords can be set as needed).
步骤705,基带处理芯片判断输入的所述第一用户识别卡开启密码是否有效(可以预先设置并保存密码设置规则,判断输入的密码是否符合密码设置规则,若符合则说明有效,否则无效),若有效,执行步骤706,若无效,返回执行步骤704、即重新输入第一用户识别卡开启密码。Step 705: The baseband processing chip determines whether the input first user identification card opening password is valid (you can preset and save the password setting rule to determine whether the input password meets the password setting rule, if it is met, the description is valid, otherwise invalid) If yes, go to step 706. If it is invalid, go back to step 704, that is, re-enter the first user ID card to open the password.
步骤706,基带处理芯片控制用户识别卡开关控制芯片导通,并检测第一用户识别卡是否有效,若无效,基带处理芯片控制用户识别卡开关控制芯片断开,移动终端进入无卡运行模式;若有效,用户识别卡开关控制芯片保持导通。 Step 706, the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the first user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode; If valid, the subscriber identity card switch control chip remains on.
步骤707,基带处理芯片将获取的第一用户识别卡开启密码写入用户识别卡开关控制芯片,移动终端正常识卡运行。Step 707: The baseband processing chip writes the acquired first user identification card open password into the user identification card switch control chip, and the mobile terminal normally recognizes the card operation.
需要说明的是,用户识别卡开启密码被存储在移动终端的用户识别卡开关控制芯片中,而操作系统是以基带处理芯片为硬件基础运行的,两者分设在不同的硬件中。 It should be noted that the user identification card activation password is stored in the user identification card switch control chip of the mobile terminal, and the operating system is based on the baseband processing chip, and the two are respectively disposed in different hardware.
在上述过程中,检测用户识别卡的有效性是移动终端能否识别用户识别卡的步骤之一,需要注意的是,移动终端每次开机时,用户识别卡开关控制芯片的开关控制单元默认均为断开,而检测用户识别卡是否有效的前提是开关控制单元被基带处理芯片控制为导通。In the above process, detecting the validity of the user identification card is one of the steps for the mobile terminal to recognize the user identification card. It should be noted that the switch control unit of the user identification card switch control chip defaults each time the mobile terminal is powered on. To disconnect, the premise that the user identification card is valid is that the switch control unit is controlled to be turned on by the baseband processing chip.
上述步骤602的实现过程如图8所示,包括:The implementation process of the above step 602 is as shown in FIG. 8, and includes:
步骤801,第二次及后续在移动终端中插入第二用户识别卡后开机,此时,用户识别卡开关控制芯片默认为断开。Step 801: After the second user identification card is inserted into the mobile terminal, the second and subsequent steps are turned on. At this time, the user identification card switch control chip is turned off by default.
步骤802,基带处理芯片通过移动终端的显示屏提示输入第二用户识别卡开启密码。Step 802: The baseband processing chip prompts to input a second user identification card to open a password through a display screen of the mobile terminal.
根据前述设置的一重密码或多重密码,当设置的为多重密码时,可以随机选择一重密码作为此次开启用户识别卡的密码,并提示用户输入,也可以要求用户依次输入设置的多重密码以开启用户识别卡。According to the above-mentioned one-fold password or multiple passwords, when multiple passwords are set, a password can be randomly selected as the password for opening the user identification card, and the user is prompted to input, or the user can be required to input the set multiple passwords in order to open User identification card.
步骤803,判断输入的第二用户识别卡开启密码是否通过,如果通过,执行步骤804,否则,执行步骤805。In step 803, it is determined whether the input second user identification card is enabled to pass the password. If yes, step 804 is performed; otherwise, step 805 is performed.
需要说明的是,输入第二用户识别卡开启密码时,基带处理芯片会从用户识别卡开关控制芯片的存储单元中同步读取已设定过的第一用户识别卡开启密码进行比对,若相符,则通过;否则不通过。It should be noted that, when the second user identification card is input to open the password, the baseband processing chip synchronously reads the set first user identification card opening password from the storage unit of the user identification card switch control chip for comparison. If it matches, it passes; otherwise it does not pass.
步骤804,基带处理芯片控制用户识别卡开关控制芯片导通,并检测第二用户识别卡是否有效,若无效,基带处理芯片控制用户识别卡开关控制芯片断开,移动终端进入无卡运行模式,若有效,用户识别卡开关控制芯片保持导通,移动终端正常识卡运行。 Step 804, the baseband processing chip controls the user identification card switch control chip to be turned on, and detects whether the second user identification card is valid. If invalid, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal enters the cardless operation mode. If valid, the subscriber identity card switch control chip remains conductive, and the mobile terminal normally recognizes the card operation.
步骤805,基带处理芯片控制用户识别卡开关控制芯片断开,移动终端用户识别卡功能被锁定(同时可以通过显示屏提示密码输入次数达到上限)。 Step 805, the baseband processing chip controls the user identification card switch control chip to be disconnected, and the mobile terminal user identification card function is locked (at the same time, the number of password input times can be reached through the display screen).
实施例九Example nine
根据本发明上述的实施例七和实施例八,以SIM卡和IMSI为例,当用 户A第一次在手机中插入SIM卡a,并选择启用硬件锁定SIM卡功能时,根据系统提示,用户设定并输入SIM卡开启密码,并将SIM卡开启密码存储在手机的SIM卡开关控制芯片中,与手机的操作系统分别设置在不同的硬件中。如果该用户B通过非法途径得到了用户A的手机,当用户B在该手机中插入一张新的SIM卡b时,首先,系统会提示用户B输入SIM卡开启密码,如果用户B无法获知上述设定的SIM卡开启密码、而是输入了错误的SIM卡开启密码,那么系统会控制SIM卡开关控制芯片断开,不向SIM卡b供电,同时,系统会提示该手机的SIM卡功能被锁定,则用户B就无法正常使用该手机。由于SIM卡开启密码是存储在硬件、即SIM卡开关控制芯片中,且与手机的操作系统是独立设置的,因此,即使用户B对该手机刷机或者使用解密软件也无法解开密码或者从该手机中抹去已保存的SIM卡开启密码。如此,提高了用户终端的安全系数和可靠性。According to the seventh embodiment and the eighth embodiment of the present invention, the SIM card and the IMSI are taken as an example. When the user A inserts the SIM card a into the mobile phone for the first time and selects to enable the hardware lock SIM card function, according to the system prompt, the user sets and inputs the SIM card open password, and stores the SIM card open password in the SIM card switch of the mobile phone. In the control chip, the operating system of the mobile phone is set in different hardware. If the user B obtains the mobile phone of the user A by illegal means, when the user B inserts a new SIM card b into the mobile phone, first, the system prompts the user B to input the SIM card opening password, if the user B cannot know the above. The set SIM card opens the password, but enters the wrong SIM card to open the password, then the system will control the SIM card switch control chip to disconnect, does not supply power to the SIM card b, at the same time, the system will prompt the SIM card function of the mobile phone to be If it is locked, User B will not be able to use the phone normally. Since the SIM card activation password is stored in the hardware, that is, the SIM card switch control chip, and is independently set with the operating system of the mobile phone, even if the user B flashes the mobile phone or uses the decryption software, the password cannot be unlocked or Erasing the saved SIM card to open the password in the phone. In this way, the safety factor and reliability of the user terminal are improved.
实施例十Example ten
对应实施例七和实施例八提供的实现用户识别卡锁定的方法(第一验证信息为第一用户识别卡开启密码、第二验证信息为第二用户识别卡开启密码),对图2所示的移动终端各个硬件的功能进行详细的说明,其中,Corresponding to the method for implementing the user identification card locking provided by the seventh embodiment and the eighth embodiment (the first verification information is that the first user identification card opens the password, and the second verification information is the second user identification card opening password), as shown in FIG. 2 Detailed description of the functions of each hardware of the mobile terminal, wherein
所述基带处理芯片10,配置为在所述移动终端中首次插入第一用户识别卡时,获取设定的第一用户识别卡开启密码,并将所述第一用户识别卡开启密码写入用户识别卡开关控制芯片20,同时控制所述用户识别卡开关控制芯片20导通,向所述第一用户识别卡供电;The baseband processing chip 10 is configured to acquire a first user identification card open password when the first user identification card is inserted for the first time in the mobile terminal, and write the first user identification card open password to the user. Identifying the card switch control chip 20, and simultaneously controlling the user identification card switch control chip 20 to be turned on to supply power to the first user identification card;
所述基带处理芯片10,还配置为在所述移动终端中插入第二用户识别卡时,获取输入的第二用户识别卡开启密码,并从所述用户识别卡开关控制芯片20中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,控制所述用户识别卡开关控制芯片20断开以关断所述第二用户识别卡的电源,所述第二用户识别卡锁 定;The baseband processing chip 10 is further configured to acquire an input second user identification card activation password when the second user identification card is inserted in the mobile terminal, and read the information from the user identification card switch control chip 20. The first user identification card opens a password, and when the second user identification card opening password does not match the first user identification card opening password, controlling the user identification card switch control chip 20 to be turned off to turn off the second User identification card power supply, the second user identification card lock set;
所述用户识别卡开关控制芯片20,配置为存储所述第一用户识别卡开启密码;还用于根据所述基带处理芯片10的控制导通或断开。The user identification card switch control chip 20 is configured to store the first user identification card open password; and is further configured to be turned on or off according to the control of the baseband processing chip 10.
其中:among them:
所述用户识别卡开关控制芯片20包括:开关控制单元21、电源复位单元22、通信接口控制单元23和存储单元24;其中:The subscriber identity card switch control chip 20 includes: a switch control unit 21, a power source reset unit 22, a communication interface control unit 23, and a storage unit 24;
所述电源复位单元24分别与所述开关控制单元21和通信接口控制单元23相连,配置为根据所述基带处理芯片10的控制信号向所述开关控制单元21和通信接口控制单元23提供电源和复位功能;The power reset unit 24 is connected to the switch control unit 21 and the communication interface control unit 23, respectively, and configured to supply power to the switch control unit 21 and the communication interface control unit 23 according to a control signal of the baseband processing chip 10. Reset function
开关控制单元21,配置为根据所述基带处理芯片10的控制信号导通或断开,并在导通时,将所述基带处理芯片10输出的电源提供给用户识别卡,在断开时,关断所述基带处理芯片10输出给用户识别卡的电源;The switch control unit 21 is configured to be turned on or off according to a control signal of the baseband processing chip 10, and when turned on, provide power outputted by the baseband processing chip 10 to a user identification card, when disconnected, Turning off the power output of the baseband processing chip 10 to the user identification card;
所述通信接口控制单元23,配置为向基带处理芯片10提供向所述存储单元24写入或读取数据的通信接口,所述通信接口与所述基带处理芯片10的相应管脚相连;所述数据包括所述第一用户识别卡开启密码;The communication interface control unit 23 is configured to provide a baseband processing chip 10 with a communication interface for writing or reading data to the storage unit 24, the communication interface being connected to a corresponding pin of the baseband processing chip 10; The data includes the first user identification card opening password;
所述存储单元24,配置为存储所述第一用户识别卡开启密码。The storage unit 24 is configured to store the first user identification card open password.
所述移动终端中首次插入第一用户识别卡时、以及所述移动终端中插入第二用户识别卡时,所述开关控制单元21默认为断开。When the first user identification card is inserted for the first time in the mobile terminal and the second user identification card is inserted into the mobile terminal, the switch control unit 21 is turned off by default.
所述基带处理芯片10,还配置为获取设定的第一用户识别卡开启密码,控制所述开关控制单元21导通,并检测所述第一用户识别卡是否有效;若有效,则控制所述开关控制单元21保持导通,将获取的所述第一用户识别卡开启密码写入所述存储单元24。The baseband processing chip 10 is further configured to acquire a set first user identification card opening password, control the switch control unit 21 to be turned on, and detect whether the first user identification card is valid; if valid, the control station The switch control unit 21 remains turned on, and the acquired first user identification card open password is written into the storage unit 24.
所述基带处理芯片10,还配置为在获取设定的第一用户识别卡开启密码之前,提示是否开启硬件锁定用户识别卡功能,若选择是,则提示设定并输入所述第一用户识别卡开启密码;若选择否,则控制所述开关控制单元21导通,并检测所述第一用户识别卡是否有效,若无效,控制所述开关 控制单元21断开,移动终端进入无卡运行模式,若有效,控制所述开关控制单元21保持导通,移动终端正常识卡运行。The baseband processing chip 10 is further configured to prompt whether to enable the hardware lock user identification card function before acquiring the set first user identification card opening password, and if yes, prompting to set and input the first user identification The card opens the password; if no, the switch control unit 21 is controlled to be turned on, and detects whether the first user identification card is valid, and if not, controls the switch The control unit 21 is disconnected, and the mobile terminal enters a cardless operation mode. If it is valid, the switch control unit 21 is controlled to be turned on, and the mobile terminal normally recognizes the card operation.
所述基带处理芯片10,还配置为获取输入的第二用户识别卡开启密码,并从所述存储单元24中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,控制所述开关控制单元21断开以关断所述第二用户识别卡的电源。The baseband processing chip 10 is further configured to acquire an input second user identification card open password, and read the first user identification card open password from the storage unit 24, and the second user identification card opens a password. When the first user identification card opening password does not match, the switch control unit 21 is controlled to be turned off to turn off the power of the second user identification card.
所述第二用户识别卡开启密码与所述第一用户识别卡开启密码相符时,所述基带处理芯片10,还配置为控制所述开关控制单元21导通,并检测所述第二用户识别卡是否有效,若无效,控制所述开关控制单元21断开,移动终端进入无卡运行模式;若有效,控制所述开关控制单元21保持导通,移动终端正常识卡运行。When the second user identification card opening password matches the first user identification card opening password, the baseband processing chip 10 is further configured to control the switch control unit 21 to be turned on, and detect the second user identification. Whether the card is valid, if it is invalid, the switch control unit 21 is controlled to be disconnected, and the mobile terminal enters the cardless operation mode; if it is valid, the switch control unit 21 is controlled to be turned on, and the mobile terminal normally recognizes the card operation.
综上所述,在本发明实施例提供的方案中,在移动终端中设置了一个专门的开关芯片,用于控制用户识别卡电源的通断,还将开启用户识别卡的验证信息(用户识别卡开启密码、用户识别卡号)存储该芯片中,与移动终端的操作系统分别设置;再基于存储的验证信息、通过基带处理芯片(操作系统)对该开关芯片进行导通或断开控制,以此来对用户识别卡供电或断电,用户识别卡断电即锁定,如此,实现了硬件方式控制用户识别卡锁定的功能,在终端的安全和可靠性方面都得到了大大的提升。In summary, in the solution provided by the embodiment of the present invention, a special switch chip is set in the mobile terminal for controlling the power on and off of the user identification card, and the verification information of the user identification card is also turned on (user identification) The card opening password and the user identification card number are stored in the chip and set separately with the operating system of the mobile terminal; and based on the stored verification information, the switch chip is turned on or off by the baseband processing chip (operating system) to In this way, the user identification card is powered or powered off, and the user identification card is powered off and locked. Thus, the function of controlling the locking of the user identification card by the hardware mode is realized, and the security and reliability of the terminal are greatly improved.
本发明实施例采用硬件方式控制用户识别卡锁定的方法,还存在如下优势:The embodiment of the invention adopts a hardware method for controlling the locking of the user identification card, and has the following advantages:
1、在安全和可靠性方面都优于软件加密方法;1. Better than software encryption methods in terms of security and reliability;
2、可以忽略不同终端操作系统的差异,提高兼容性;2, can ignore the differences between different terminal operating systems, improve compatibility;
3、对于支持此功能的终端,可以显著减少偷盗者的作案动机,大大降低终端被盗风险;3. For terminals that support this function, the thief's motives for committing crimes can be significantly reduced, and the risk of stolen terminals is greatly reduced;
4、终端丢失,因为通话和数据等主要功能受限,可以促使捡到者和失 主联系,达到归还手机目的。4, the terminal is lost, because the main functions such as call and data are limited, which can promote the loss and loss The main contact, to achieve the purpose of returning the phone.
以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应以所述权利要求的保护范围为准。 The above is only a specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or substitutions within the technical scope of the present invention. It should be covered by the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the appended claims.

Claims (23)

  1. 一种实现用户识别卡锁定的方法,该方法包括:A method for implementing user identification card locking, the method comprising:
    移动终端中首次插入第一用户识别模块用户识别卡时,获取第一验证信息,并将所述第一验证信息写入用户识别卡开关控制芯片,同时控制所述用户识别卡开关控制芯片导通,向所述第一用户识别卡供电;When the first user identification module user identification card is inserted for the first time in the mobile terminal, the first verification information is acquired, and the first verification information is written into the user identification card switch control chip, and the user identification card switch control chip is controlled to be turned on. Supplying power to the first user identification card;
    所述移动终端中插入第二用户识别卡时,获取第二验证信息,并从所述用户识别卡开关控制芯片中读取所述第一验证信息,在所述第二验证信息与所述第一验证信息不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,所述第二用户识别卡锁定。When the second user identification card is inserted into the mobile terminal, acquiring second verification information, and reading the first verification information from the user identification card switch control chip, where the second verification information and the first When the verification information does not match, the user identification card switch control chip is turned off to turn off the power of the second user identification card, and the second user identification card is locked.
  2. 根据权利要求1所述实现用户识别卡锁定的方法,其中,所述移动终端中首次插入第一用户识别卡时、以及所述移动终端中插入第二用户识别卡时,所述用户识别卡开关控制芯片默认为断开。The method for implementing user identification card locking according to claim 1, wherein when the first user identification card is inserted for the first time in the mobile terminal, and the second user identification card is inserted into the mobile terminal, the user identification card switch The control chip is off by default.
  3. 根据权利要求1所述实现用户识别卡锁定的方法,其中,所述获取第一验证信息之前,该方法还包括:The method for implementing the user identification card locking according to claim 1, wherein before the obtaining the first verification information, the method further comprises:
    提示是否开启硬件锁定用户识别卡功能,若选择是,则获取所述第一验证信息;若选择否,则控制用户识别卡开关控制芯片导通,并检测所述第一用户识别卡是否有效,若无效,控制所述用户识别卡开关控制芯片断开,移动终端进入无卡运行模式,若有效,控制用户识别卡开关控制芯片保持导通,移动终端识卡运行。Prompting whether to enable the hardware lock user identification card function, if yes, acquiring the first verification information; if no, controlling the user identification card switch control chip to be turned on, and detecting whether the first user identification card is valid, If invalid, the user identification card switch control chip is disconnected, and the mobile terminal enters the cardless operation mode. If it is valid, the control user identification card switch control chip remains conductive, and the mobile terminal recognizes the card operation.
  4. 根据权利要求1、2或3所述实现用户识别卡锁定的方法,其中,A method of implementing user identification card locking according to claim 1, 2 or 3, wherein
    所述第一验证信息为第一用户识别卡开启密码和第一用户识别卡号,所述第二验证信息为第二用户识别卡开启密码和第二用户识别卡号。The first verification information is a first user identification card activation password and a first user identification card number, and the second verification information is a second user identification card activation password and a second user identification card number.
  5. 根据权利要求4所述实现用户识别卡锁定的方法,其中,所述获取第一验证信息,并将所述第一验证信息写入用户识别卡开关控制芯片,包括: The method for implementing the user identification card locking according to claim 4, wherein the obtaining the first verification information and writing the first verification information to the user identification card switch control chip comprises:
    获取设定的第一用户识别卡开启密码,控制所述用户识别卡开关控制芯片导通,并检测所述第一用户识别卡是否有效;若有效,则控制所述用户识别卡开关控制芯片保持导通,并读取所述第一用户识别卡的第一用户识别卡号;Obtaining a set first user identification card opening password, controlling the user identification card switch control chip to be turned on, and detecting whether the first user identification card is valid; if valid, controlling the user identification card switch control chip to maintain Turning on, and reading the first user identification card number of the first user identification card;
    将获取的所述第一用户识别卡开启密码和第一用户识别卡号写入所述用户识别卡开关控制芯片。The obtained first user identification card opening password and the first user identification card number are written into the user identification card switch control chip.
  6. 根据权利要求5所述实现用户识别卡锁定的方法,其中,所述获取第二验证信息,并从所述用户识别卡开关控制芯片中读取所述第一验证信息,在所述第二验证信息与所述第一验证信息不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,包括:The method for implementing user identification card locking according to claim 5, wherein said acquiring second verification information, and reading said first verification information from said user identification card switch control chip, said second verification When the information does not match the first verification information, controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card, including:
    获取输入的第二用户识别卡开启密码,并从所述用户识别卡开关控制芯片中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,获取输入的第二用户识别卡号,并从所述用户识别卡开关控制芯片中读取所述第一用户识别卡号,所述第二用户识别卡号与所述第一用户识别卡号不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源。Obtaining an input second user identification card opening password, and reading the first user identification card opening password from the user identification card switch control chip, the second user identification card opening password and the first user identification When the card opening password does not match, the input second user identification card number is obtained, and the first user identification card number is read from the user identification card switch control chip, the second user identification card number and the first user identification When the card number does not match, the user identification card switch control chip is controlled to be turned off to turn off the power of the second user identification card.
  7. 根据权利要求6所述实现用户识别卡锁定的方法,其中,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码相符时,或者,所述第二用户识别卡号与所述第一用户识别卡号相符时,该方法还包括:The method for implementing user identification card locking according to claim 6, wherein when the second user identification card opening password matches the first user identification card opening password, or the second user identification card number is When the first user identification card number matches, the method further includes:
    控制所述用户识别卡开关控制芯片导通,并检测所述第二用户识别卡是否有效,若无效,控制所述用户识别卡开关控制芯片断开,移动终端进入无卡运行模式;若有效,控制所述用户识别卡开关控制芯片保持导通,移动终端识卡运行。Controlling the user identification card switch control chip to be turned on, and detecting whether the second user identification card is valid. If invalid, controlling the user identification card switch control chip to be disconnected, and the mobile terminal enters a cardless operation mode; if valid, The user identification card switch control chip is controlled to be turned on, and the mobile terminal recognizes the card operation.
  8. 根据权利要求1、2或3所述实现用户识别卡锁定的方法,其中,A method of implementing user identification card locking according to claim 1, 2 or 3, wherein
    所述第一验证信息为第一用户识别卡开启密码,所述第二验证信息为第二用户识别卡开启密码。 The first verification information is a first user identification card opening password, and the second verification information is a second user identification card opening password.
  9. 根据权利要求8所述实现用户识别卡锁定的方法,其中,获取第一验证信息,并将所述第一验证信息写入用户识别卡开关控制芯片,包括:The method for implementing the user identification card locking according to claim 8, wherein the obtaining the first verification information and writing the first verification information to the user identification card switch control chip comprises:
    获取设定的第一用户识别卡开启密码,控制所述用户识别卡开关控制芯片导通,并检测所述第一用户识别卡是否有效;若有效,则控制所述用户识别卡开关控制芯片保持导通,将获取的所述第一用户识别卡开启密码写入所述用户识别卡开关控制芯片。Obtaining a set first user identification card opening password, controlling the user identification card switch control chip to be turned on, and detecting whether the first user identification card is valid; if valid, controlling the user identification card switch control chip to maintain Turning on, the acquired first user identification card open password is written into the user identification card switch control chip.
  10. 根据权利要求9所述实现用户识别卡锁定的方法,其中,所述获取第二验证信息,并从所述用户识别卡开关控制芯片中读取所述第一验证信息,在所述第二验证信息与所述第一验证信息不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,包括:The method for implementing user identification card locking according to claim 9, wherein said acquiring second verification information, and reading said first verification information from said user identification card switch control chip, said second verification When the information does not match the first verification information, controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card, including:
    获取输入的第二用户识别卡开启密码,并从所述用户识别卡开关控制芯片中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源。Obtaining an input second user identification card opening password, and reading the first user identification card opening password from the user identification card switch control chip, the second user identification card opening password and the first user identification When the card opening password does not match, the user identification card switch control chip is controlled to be turned off to turn off the power of the second user identification card.
  11. 根据权利要求10所述实现用户识别卡锁定的方法,其中,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码相符时,该方法还包括:The method for implementing the user identification card locking according to claim 10, wherein when the second user identification card opening password is consistent with the first user identification card opening password, the method further comprises:
    控制所述用户识别卡开关控制芯片导通,并检测所述第二用户识别卡是否有效,若无效,控制所述用户识别卡开关控制芯片断开,移动终端进入无卡运行模式;若有效,控制所述用户识别卡开关控制芯片保持导通,移动终端识卡运行。Controlling the user identification card switch control chip to be turned on, and detecting whether the second user identification card is valid. If invalid, controlling the user identification card switch control chip to be disconnected, and the mobile terminal enters a cardless operation mode; if valid, The user identification card switch control chip is controlled to be turned on, and the mobile terminal recognizes the card operation.
  12. 一种移动终端,包括基带处理芯片和用户识别模块用户识别卡开关控制芯片,其中,A mobile terminal includes a baseband processing chip and a user identification module user identification card switch control chip, wherein
    所述基带处理芯片,配置为在所述移动终端中首次插入第一用户识别卡时,获取第一验证信息,并将所述第一验证信息写入所述用户识别 卡开关控制芯片,同时控制所述用户识别卡开关控制芯片导通,向所述第一用户识别卡供电;The baseband processing chip is configured to acquire first verification information when the first user identification card is first inserted in the mobile terminal, and write the first verification information into the user identification The card switch control chip simultaneously controls the user identification card switch control chip to be turned on to supply power to the first user identification card;
    所述基带处理芯片,还配置为在所述移动终端中插入第二用户识别卡时,获取第二验证信息,并从所述用户识别卡开关控制芯片中读取所述第一验证信息,在所述第二验证信息与所述第一验证信息不符时,控制所述用户识别卡开关控制芯片断开以关断所述第二用户识别卡的电源,所述第二用户识别卡锁定;The baseband processing chip is further configured to: when the second user identification card is inserted in the mobile terminal, acquire second verification information, and read the first verification information from the user identification card switch control chip, where When the second verification information does not match the first verification information, controlling the user identification card switch control chip to be turned off to turn off the power of the second user identification card, and the second user identification card is locked;
    所述用户识别卡开关控制芯片,配置为存储所述第一验证信息;还用于根据所述基带处理芯片的控制导通或断开。The user identification card switch control chip is configured to store the first verification information; and is further configured to be turned on or off according to control of the baseband processing chip.
  13. 根据权利要求12所述移动终端,其中,所述用户识别卡开关控制芯片包括:开关控制单元、电源复位单元、通信接口控制单元和存储单元;其中:The mobile terminal of claim 12, wherein the subscriber identity card switch control chip comprises: a switch control unit, a power reset unit, a communication interface control unit, and a storage unit; wherein:
    所述电源复位单元分别与所述开关控制单元和通信接口控制单元相连,配置为根据所述基带处理芯片的控制信号向所述开关控制单元和通信接口控制单元提供电源和复位功能;The power reset unit is respectively connected to the switch control unit and the communication interface control unit, and configured to provide power and reset functions to the switch control unit and the communication interface control unit according to a control signal of the baseband processing chip;
    开关控制单元,配置为根据所述基带处理芯片的控制信号导通或断开,并在导通时,将所述基带处理芯片输出的电源提供给用户识别卡,在断开时,关断所述基带处理芯片输出给用户识别卡的电源;a switch control unit configured to be turned on or off according to a control signal of the baseband processing chip, and to provide a power supply output by the baseband processing chip to a user identification card when turned on, and to turn off the The baseband processing chip outputs power to the user identification card;
    所述通信接口控制单元,配置为向基带处理芯片提供向所述存储单元写入或读取数据的通信接口,所述通信接口与所述基带处理芯片的相应管脚相连;所述数据包括所述第一验证信息;The communication interface control unit is configured to provide a baseband processing chip with a communication interface for writing or reading data to the storage unit, the communication interface being connected to a corresponding pin of the baseband processing chip; Describe the first verification information;
    所述存储单元,配置为存储所述第一验证信息。The storage unit is configured to store the first verification information.
  14. 根据权利要求13所述移动终端,其中,所述移动终端中首次插入第一用户识别卡时、以及所述移动终端中插入第二用户识别卡时,所述开关控制单元默认为断开。The mobile terminal according to claim 13, wherein the switch control unit is turned off by default when the first user identification card is inserted for the first time in the mobile terminal and the second user identification card is inserted into the mobile terminal.
  15. 根据权利要求13所述移动终端,其中, The mobile terminal according to claim 13, wherein
    所述基带处理芯片,还配置为在获取所述第一验证信息之前,提示是否开启硬件锁定用户识别卡功能,若选择是,则获取所述第一验证信息;若选择否,则控制所述开关控制单元导通,并检测所述第一用户识别卡是否有效,若无效,控制所述开关控制单元断开,移动终端进入无卡运行模式,若有效,控制所述开关控制单元保持导通,移动终端识卡运行。The baseband processing chip is further configured to prompt whether to enable the hardware lock user identification card function before acquiring the first verification information, and if yes, obtain the first verification information; if no, control the The switch control unit is turned on, and detects whether the first user identification card is valid. If it is invalid, the switch control unit is controlled to be disconnected, and the mobile terminal enters a cardless operation mode. If it is valid, the switch control unit is controlled to remain conductive. , the mobile terminal knows the card to run.
  16. 根据权利要求12至15任一项所述移动终端,其中,A mobile terminal according to any one of claims 12 to 15, wherein
    所述第一验证信息为第一用户识别卡开启密码和第一用户识别卡号,所述第二验证信息为第二用户识别卡开启密码和第二用户识别卡号。The first verification information is a first user identification card activation password and a first user identification card number, and the second verification information is a second user identification card activation password and a second user identification card number.
  17. 根据权利要求16所述移动终端,其中,The mobile terminal according to claim 16, wherein
    所述基带处理芯片,还配置为获取设定的第一用户识别卡开启密码,控制所述开关控制单元导通,并检测所述第一用户识别卡是否有效;若有效,则控制所述开关控制单元保持导通,并读取所述第一用户识别卡的第一用户识别卡号;将获取的所述第一用户识别卡开启密码和第一用户识别卡号写入所述存储单元。The baseband processing chip is further configured to acquire a set first user identification card open password, control the switch control unit to be turned on, and detect whether the first user identification card is valid; if valid, control the switch The control unit remains conductive, and reads the first user identification card number of the first user identification card; and writes the acquired first user identification card opening password and the first user identification card number into the storage unit.
  18. 根据权利要求17所述移动终端,其中,The mobile terminal according to claim 17, wherein
    所述基带处理芯片,还配置为获取输入的第二用户识别卡开启密码,并从所述存储单元中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,获取输入的第二用户识别卡号,并从所述存储单元中读取所述第一用户识别卡号,所述第二用户识别卡号与所述第一用户识别卡号不符时,控制所述开关控制单元断开以关断所述第二用户识别卡的电源。The baseband processing chip is further configured to acquire an input second user identification card open password, and read the first user identification card open password from the storage unit, and the second user identification card opens a password and a Obtaining the input second user identification card number when the first user identification card opening password does not match, and reading the first user identification card number from the storage unit, the second user identification card number and the first user When the identification card number does not match, the switch control unit is controlled to be turned off to turn off the power of the second subscriber identity card.
  19. 根据权利要求18所述移动终端,其中,The mobile terminal according to claim 18, wherein
    所述第二用户识别卡开启密码与所述第一用户识别卡开启密码相符时,或者,所述第二用户识别卡号与所述第一用户识别卡号相符时,When the second user identification card opening password matches the first user identification card opening password, or when the second user identification card number matches the first user identification card number,
    所述基带处理芯片,还配置为控制所述开关控制单元导通,并检测 所述第二用户识别卡是否有效,若无效,控制所述开关控制单元断开,移动终端进入无卡运行模式;若有效,控制所述开关控制单元保持导通,移动终端识卡运行。The baseband processing chip is further configured to control the switch control unit to be turned on and detect Whether the second subscriber identity card is valid, if invalid, controlling the switch control unit to be disconnected, the mobile terminal enters a cardless operation mode; if it is valid, the switch control unit is controlled to be turned on, and the mobile terminal recognizes the card operation.
  20. 根据权利要求12至15任一项所述移动终端,其中,A mobile terminal according to any one of claims 12 to 15, wherein
    所述第一验证信息为第一用户识别卡开启密码,所述第二验证信息为第二用户识别卡开启密码。The first verification information is a first user identification card opening password, and the second verification information is a second user identification card opening password.
  21. 根据权利要求20所述移动终端,其中,The mobile terminal according to claim 20, wherein
    所述基带处理芯片,还配置为获取设定的第一用户识别卡开启密码,控制所述开关控制单元导通,并检测所述第一用户识别卡是否有效;若有效,则控制所述开关控制单元保持导通,将获取的所述第一用户识别卡开启密码写入所述存储单元。The baseband processing chip is further configured to acquire a set first user identification card open password, control the switch control unit to be turned on, and detect whether the first user identification card is valid; if valid, control the switch The control unit remains conductive, and the acquired first user identification card open password is written into the storage unit.
  22. 根据权利要求21所述移动终端,其中,The mobile terminal according to claim 21, wherein
    所述基带处理芯片,还配置为获取输入的第二用户识别卡开启密码,并从所述存储单元中读取所述第一用户识别卡开启密码,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码不符时,控制开关控制单元断开以关断所述第二用户识别卡的电源。The baseband processing chip is further configured to acquire an input second user identification card open password, and read the first user identification card open password from the storage unit, and the second user identification card opens a password and a When the first user identification card opens the password does not match, the control switch control unit is turned off to turn off the power of the second user identification card.
  23. 根据权利要求22所述移动终端,其中,所述第二用户识别卡开启密码与所述第一用户识别卡开启密码相符时,The mobile terminal according to claim 22, wherein when the second subscriber identity card open password matches the first subscriber identity card open password,
    所述基带处理芯片,还配置为控制所述开关控制单元导通,并检测所述第二用户识别卡是否有效,若无效,控制所述开关控制单元断开,移动终端进入无卡运行模式;若有效,控制所述开关控制单元保持导通,移动终端识卡运行。 The baseband processing chip is further configured to control the switch control unit to be turned on, and detect whether the second user identification card is valid, and if not, control the switch control unit to be disconnected, and the mobile terminal enters a cardless operation mode; If it is valid, the switch control unit is kept turned on, and the mobile terminal recognizes the card operation.
PCT/CN2015/075095 2014-11-24 2015-03-26 Method for realizing locking of subscriber identity module card and mobile terminal WO2016082394A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410683248.2A CN105704704A (en) 2014-11-24 2014-11-24 Method and mobile terminal for realizing locking of user identification card
CN201410683248.2 2014-11-24

Publications (1)

Publication Number Publication Date
WO2016082394A1 true WO2016082394A1 (en) 2016-06-02

Family

ID=56073456

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/075095 WO2016082394A1 (en) 2014-11-24 2015-03-26 Method for realizing locking of subscriber identity module card and mobile terminal

Country Status (2)

Country Link
CN (1) CN105704704A (en)
WO (1) WO2016082394A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112969182A (en) * 2021-02-26 2021-06-15 北京小米移动软件有限公司 PIN code setting method and device and terminal equipment

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106791171B (en) * 2017-01-16 2020-03-24 北京安云世纪科技有限公司 Card locking method and device of mobile terminal and mobile terminal
CN107635218B (en) 2017-07-20 2020-08-21 捷开通讯(深圳)有限公司 Method and device for generating and injecting SIMLOCK password
CN114756849B (en) * 2020-12-28 2023-04-28 华为技术有限公司 Method and device for verifying personal identification number PIN code

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060058064A1 (en) * 2002-12-18 2006-03-16 Mitsubishi Denki Kabushiki Kaisha Mobile communication terminal
US20060105809A1 (en) * 2004-11-12 2006-05-18 Kunyuan Luo Desktop cellular phone having SIM card-related security features
CN101488986A (en) * 2005-05-10 2009-07-22 索尼爱立信移动通信日本株式会社 Portable terminal card and function limiting method

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102209129B (en) * 2011-05-30 2014-04-02 惠州Tcl移动通信有限公司 Mobile phone
CN103037043B (en) * 2012-12-07 2015-12-02 Tcl通讯(宁波)有限公司 A kind of temperature protective device of mobile terminal SIM card

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060058064A1 (en) * 2002-12-18 2006-03-16 Mitsubishi Denki Kabushiki Kaisha Mobile communication terminal
US20060105809A1 (en) * 2004-11-12 2006-05-18 Kunyuan Luo Desktop cellular phone having SIM card-related security features
CN101488986A (en) * 2005-05-10 2009-07-22 索尼爱立信移动通信日本株式会社 Portable terminal card and function limiting method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112969182A (en) * 2021-02-26 2021-06-15 北京小米移动软件有限公司 PIN code setting method and device and terminal equipment
CN112969182B (en) * 2021-02-26 2023-09-26 北京小米移动软件有限公司 PIN code setting method, PIN code setting device and terminal equipment

Also Published As

Publication number Publication date
CN105704704A (en) 2016-06-22

Similar Documents

Publication Publication Date Title
US9516019B2 (en) Method, system and terminal for encrypting/decrypting application program on communication terminal
US10061942B2 (en) Secure storage of an electronic subscriber identity module on a wireless communication device
CN105704332B (en) Mobile payment method and device
US9848326B2 (en) Mobile terminal, and safety verification method and device for mobile payment
WO2012155620A1 (en) Method and mobile communication terminal for protecting near field communication security
US20150121510A1 (en) Method, device and system for entering data
US20120057701A1 (en) Mobile terminal with encryption chip and related network locking/unlocking method
US20150058213A1 (en) Preventative security for credential transmission using smart cards
WO2016082394A1 (en) Method for realizing locking of subscriber identity module card and mobile terminal
WO2015184818A1 (en) Method for connecting terminal to wireless access point, corresponding terminal, and wireless access point
US10872327B2 (en) Mobile payment systems and mobile payment methods thereof
KR20110104258A (en) Method of accessing universal ic card on dual band dual mode modem
KR101098670B1 (en) Method for Providing End-to-End Security Service using Wireless Terminal and Recording Medium
KR101686631B1 (en) Apparatus for Smart Secure Storage
KR101542653B1 (en) Method for Creating One Time Password based on Time Verification by using Near Field Communication
KR101972492B1 (en) Method for Operating Multiple One Time Password based on SD Memory
KR101537484B1 (en) Method for Creating One Time Password based on Time Verification by using Near Field Communication
KR101972483B1 (en) Method for Creating One Time Password based on Time Verification by using SD Memory
KR101710722B1 (en) Method for Operating Mobile OTP using Contactless Media
KR101537485B1 (en) Method for Creating One Time Password based on Time Verification by using Near Field Communication
KR102006987B1 (en) Method for Creating One Time Password by using SD Memory
KR101513435B1 (en) Method for Protecting Key Input, and Device for Key Input Protection
KR20060024983A (en) Initialization method for mobile communication terminal
KR101505734B1 (en) Method for Authenticating Near Field Communication Card by using Time Verification
KR101972485B1 (en) Method for Operating Multiple One Time Password based on USIM

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15862748

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15862748

Country of ref document: EP

Kind code of ref document: A1