WO2016192453A1 - Safety control method and apparatus, and terminal - Google Patents

Safety control method and apparatus, and terminal Download PDF

Info

Publication number
WO2016192453A1
WO2016192453A1 PCT/CN2016/077958 CN2016077958W WO2016192453A1 WO 2016192453 A1 WO2016192453 A1 WO 2016192453A1 CN 2016077958 W CN2016077958 W CN 2016077958W WO 2016192453 A1 WO2016192453 A1 WO 2016192453A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
application
hce
security
host card
Prior art date
Application number
PCT/CN2016/077958
Other languages
French (fr)
Chinese (zh)
Inventor
张子敬
张晴
Original Assignee
宇龙计算机通信科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 宇龙计算机通信科技(深圳)有限公司 filed Critical 宇龙计算机通信科技(深圳)有限公司
Publication of WO2016192453A1 publication Critical patent/WO2016192453A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction

Definitions

  • the present invention relates to the field of communications, and in particular, to a security control method, apparatus, and terminal.
  • NFC Near Field Communication
  • HCE High-based Card Emulation
  • the terminal does not need to provide physical SE (Security Elements), which makes the application of NFC simpler and more flexible.
  • the HCE technology only simulates the protocol and implementation of NFC and SE communication, that is, the security guarantee of the NFC service is completed by the virtual SE, and the SE is not implemented.
  • the existing SE solution based on HCE technology can be implemented by simulation of local application software or simulation of cloud server, but under these two schemes, data security is not enough due to the security problem of the Android system itself, for example, when After the system is rooted (with superuser privileges), all data in the system will be threatened by security, and SE or authentication information stored in the system can be easily obtained. So how to implement the security control of NFC service based on HCE technology is an urgent problem to be solved.
  • the embodiment of the invention provides a security control method, device and terminal, so as to implement security control of the NFC service based on the HCE technology.
  • a first aspect of the embodiments of the present invention provides a security control method, including:
  • the host card analog transaction channel is closed
  • a second aspect of the embodiments of the present invention provides a security control apparatus, including:
  • a first detecting module configured to detect a current state of the terminal
  • the module is closed, and if the current state of the terminal is detected to be unsafe, the host card analog transaction channel is closed;
  • the encryption module is used to encrypt and compress the host card to simulate the security module application and the authentication information data associated therewith.
  • the present invention also provides a terminal comprising the security control device according to any of the above technical solutions.
  • the current state of the terminal is detected; if the current state of the terminal is detected to be in an insecure state, the host card analog transaction channel is closed, so that the terminal state is unsafe. In the state, the host card is no longer used to simulate the transaction channel; the host card simulation security module application and its associated authentication information data are encrypted and compressed, and the data protection during the transaction process is realized. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
  • FIG. 1 is a schematic flowchart of a security control method according to an embodiment of the present invention.
  • FIG. 2 is a schematic flowchart of another security control method according to an embodiment of the present invention.
  • FIG. 3 is a schematic structural diagram of a security control apparatus according to an embodiment of the present invention.
  • FIG. 4 is a schematic structural diagram of another security control apparatus according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of still another security control apparatus according to an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
  • the embodiment of the invention provides a security control method, device and terminal, so as to implement security control of the NFC service based on the HCE technology.
  • a security control method includes: detecting a current state of the terminal; and detecting that the current state of the terminal is an unsecured state, closing the host card analog transaction channel; Encrypt and compress the host card to simulate the security module application and its associated authentication information data.
  • FIG. 1 is a schematic flow chart of a security control method according to an embodiment of the present invention.
  • a security control method provided by an embodiment of the present invention may include:
  • the terminal is a smart terminal capable of installing an Android system such as a mobile phone or a tablet computer, supports HCE, and has an NFC function.
  • the current status of the terminal refers to the status of the current operating environment of the terminal, such as whether it is secure or not.
  • the HCE refers to the host-based card emulation.
  • the SE does not need to be provided.
  • the SE function is implemented by an application running on the terminal or a cloud server.
  • the NFC chip receives the function.
  • the data obtained is completed by the operating system, or an application sent to the terminal, or a server sent to the cloud through the mobile network.
  • the security module SE can be simulated by an application in the mobile phone.
  • the security module SE refers to a chip module for storing NFC application and user sensitive data and realizing security key operation, and is the core of the NFC card simulation.
  • the security module also communicates with the external read/write device through the non-connected front end to realize data storage. And the security of the transaction process.
  • the NFC terminal may include a hardware security module SE, providing secure storage of sensitive information and providing a secure execution environment for transaction transactions, wherein the SE may be integrated into the SIM card , SD card or terminal chip.
  • SE hardware security module
  • the Android 4.4 system can be installed on the NFC-enabled terminal. Since the Android 4.4 system supports the HCE function, the HCE function can be implemented on the Android 4.4 system. Simulate SE applications with HCE.
  • the terminal system may be upgraded to the Android 4.4 system. This enables support for HCE functions.
  • the terminal supporting the HCE function may use an APP (Application) application emulation card on the terminal to implement the function of the host card emulation, and the terminal also supports other functions.
  • APP Application
  • the mobile terminal of the Android 4.4 system with NFC function supports the HCE function, so that the card module of the SE can be realized by the HCE, and the hardware SE module is provided on the mobile terminal, so it can be understood that the mobile terminal It is also compatible with HCE card emulation and traditional hardware SE functions.
  • the current state of the terminal may be a security state or an unsecured state.
  • the terminal after detecting that the HCE analog transaction channel is enabled, the terminal detects the current security state of the terminal at a certain frequency.
  • the insecure state means that the operating environment of the terminal is not secure, and the current data running on the terminal may be stolen or destroyed, thereby causing the current transaction of the terminal to be unsafe.
  • the host card module transaction channel (ie, the HCE card analog transaction channel) refers to the channel that uses the HCE technology to simulate the SE security module to complete the NFC transaction.
  • the NFC chip acts as a contactless communication front end and receives commands from the external reader. Forward to the application of the simulated SE and then reply by the application simulating the SE.
  • the traditional hardware-based NFC transaction channel is the NFC chip as a contactless communication front-end, which will receive commands from the external reader, forward it to the SE, and then reply by the SE.
  • the SE is simulated by the APP application, thereby implementing the HCE analog transaction channel, that is, the host card simulation transaction channel.
  • the mobile phone NFC is used for payment.
  • the mobile phone system is rooted, the data stored in the mobile phone system is easily stolen or destroyed. If the current state of the terminal is unsafe, the HCE analog transaction channel is closed, thereby terminating the payment transaction performed by the channel.
  • closing the host card simulation transaction channel can no longer use the transaction channel to conduct transactions when the current state of the terminal is unsafe, thereby preventing the occurrence of unsafe transactions.
  • S103 Encrypt and compress the host card to simulate the security module application and the authentication information data related thereto.
  • the host card analog security module application ie, the HCE analog SE application
  • the HCE analog SE application refers to an APP application that simulates the SE security module on the terminal having the HCE card simulation function, and the related authentication information data is stored in the HCE simulation.
  • Data for authentication and user sensitive data in NFC transactions in SE applications may be user information, a password, and other data related to the payment, etc. of the payment parties.
  • the HCE card analog security module application and the authentication information data associated therewith may also be compressed and encrypted to ensure the security of the transaction data.
  • the HCE analog payment channel is closed at this time, and the user information, password and other related data related to the payment are encrypted and compressed to ensure data security. .
  • the current state of the terminal is detected; if the current state of the terminal is detected to be in an insecure state, the host card analog transaction channel is closed, so that the terminal state is no longer in an unsafe state.
  • the host card continues to use the host card to simulate the transaction channel; encrypt and compress the host card to simulate the security module application and its associated authentication information data, to achieve data protection during the transaction process. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
  • the HCE card analog transaction channel may be closed by a host or an NFC controller.
  • the detecting the current state of the terminal includes at least one of the following manners:
  • the current security status of the terminal includes whether the operating environment of the terminal is secure and whether the software running on the terminal is qualified. When it is detected that the terminal system is acquired by the super user or the application installed by the terminal is infected by a virus, it is determined that the operating environment of the terminal itself is not Security, that is, the status of the terminal is unsafe. At this time, the HCE card analog transaction channel is closed.
  • the detecting the current state of the terminal may further include detecting whether the application installed by the terminal is an illegal application or a non-privileged application, and detecting other abnormal conditions of the terminal.
  • the method further includes:
  • the application installed by the terminal is an unofficial publishing application, an illegal application, or an unauthorized application, the application is denied access to the host card analog transaction channel.
  • the method further includes:
  • the host card analog transaction channel is routed to the security module entity.
  • the HCE card simulation transaction channel routing to the traditional SE module ensures the smooth progress of the transaction, while ensuring the security of the data.
  • the security module entity is a hardware entity SE module.
  • the mobile phone when the mobile phone is used for NFC mobile payment, if the mobile phone is detected to be Root, in order to ensure the security of payment, the HCE analog transaction channel is closed, and the host card is simulated and encrypted.
  • the module application and its associated authentication information data and at the same time routing the HCE simulated trading channel to the entity SE, thereby eliminating the payment risk and ensuring the smooth progress of the transaction.
  • the encrypting and compressing the host card to simulate the security module application and the authentication information data related thereto include:
  • the host card analog security module application and its associated authentication information data are encrypted by the host card emulating the personal identification password corresponding to the mobile wallet or the user-set password.
  • the encrypting and compressing the host card emulation security module application and the authentication information data related thereto may also use the password formed by a certain encoding rule to the host card.
  • the analog security module application and its associated authentication information data are encrypted.
  • the host card analog security module application and the authentication information data related thereto are encrypted according to the password setting manner in the NFC transaction, and the password is guaranteed. safety.
  • the method further includes:
  • the host card is simulated to open a transaction channel
  • Decompress and decrypt the host card to simulate the security module application and its associated authentication information data.
  • the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed. Continue to detect the current state of the terminal at a certain frequency.
  • the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, and then the terminal is continuously detected at a certain frequency.
  • the HCE simulated transaction channel is opened, and the HCE simulated SE application and related authentication information data are restored, so that the HCE simulated transaction channel can be restored in time after the security state of the terminal is restored.
  • the HCE card analog transaction channel is enabled by the host or the NFC controller.
  • the host card analog security module application and the authentication information data associated therewith may be decrypted and decompressed.
  • the HCE card analog transaction channel is again routed from the SE entity to the HCE card analog transaction channel.
  • the analog payment channel is closed. Close and protect the HCE simulated SE application and related authentication information data, and then route the HCE simulated transaction channel to the entity SE simulation, continue to detect the security status of the terminal, and when it detects that the terminal's insecure factor has been eliminated, then it is turned on.
  • the original HCE analog payment channel releases relevant applications and data, and routes the transaction channel from the entity SE to the HCE analog payment channel again to restore the HCE card simulation transaction function.
  • FIG. 2 is a schematic flowchart diagram of another security control method according to another embodiment of the present invention, where another security control method provided by another embodiment of the present invention is shown in FIG. Can include:
  • the terminal is a smart terminal capable of installing an Android system such as a mobile phone or a tablet computer, supports HCE, and has an NFC function.
  • the current status of the terminal refers to the status of the current operating environment of the terminal, such as whether it is secure or not.
  • the HCE refers to the host-based card emulation.
  • the SE does not need to be provided.
  • the SE function is implemented by an application running on the terminal or a cloud server.
  • the NFC chip receives the function.
  • the data obtained is completed by the operating system, or an application sent to the terminal, or a server sent to the cloud through the mobile network.
  • the security module SE can be simulated by an application in the mobile phone.
  • the security module SE refers to a chip module for storing NFC application and user sensitive data and realizing security key operation, and is the core of the NFC card simulation.
  • the security module also communicates with the external read/write device through the non-connected front end to realize data storage. And the security of the transaction process.
  • the NFC terminal may include a hardware security module SE, providing secure storage of sensitive information and providing a secure execution environment for transaction transactions, wherein the SE may be integrated into the SIM card , SD card or terminal chip.
  • SE hardware security module
  • the Android 4.4 system can be installed on the NFC-enabled terminal. Since the Android 4.4 system supports the HCE function, the HCE function can be implemented on the Android 4.4 system. Simulate SE applications with HCE.
  • the terminal system may be upgraded to the Android 4.4 system. This enables support for HCE functions.
  • the terminal supporting the HCE function may use an APP (Application) application emulation card on the terminal to implement the function of the host card emulation, and the terminal also supports other functions.
  • APP Application
  • Traditional SE solutions, such as hardware SE modules, that is, terminals are compatible with both HCE and traditional SE.
  • the HCE function is supported, so that the card module for the SE can be implemented by the HCE, and the mobile phone terminal has Hardware SE module, so it can be understood that the mobile terminal is compatible with both HCE card emulation and traditional hardware SE functions.
  • the current state of the terminal may be a security state or an unsecured state.
  • the terminal after detecting that the HCE analog transaction channel is enabled, the terminal detects the current security state of the terminal at a certain frequency.
  • the detecting the current state of the terminal includes at least one of the following manners:
  • the current security status of the terminal includes whether the operating environment of the terminal is secure and whether the software running on the terminal is qualified. When it is detected that the terminal system is acquired by the super user or the application installed by the terminal is infected by a virus, it is determined that the operating environment of the terminal itself is not Security, that is, the status of the terminal is unsafe. At this time, the HCE card analog transaction channel is closed.
  • the current state of the detecting terminal may further include other conditions that affect the security of the operating environment of the terminal.
  • the insecure state means that the operating environment of the terminal is not secure, and the current data running on the terminal may be stolen or destroyed, thereby causing the current transaction of the terminal to be unsafe, such as the terminal system.
  • Applications that are installed by the root or terminal are not infected by viruses.
  • the host card module transaction channel (ie, the HCE card analog transaction channel) refers to the channel that uses the HCE technology to simulate the SE security module to complete the NFC transaction.
  • the NFC chip acts as a contactless communication front end and receives commands from the external reader. Forward to the application of the simulated SE and then reply by the application simulating the SE.
  • the traditional hardware-based NFC transaction channel is the NFC chip as a contactless communication front-end, which will receive commands from the external reader, forward it to the SE, and then reply by the SE.
  • the SE is simulated by the APP application, thereby implementing the HCE analog transaction channel, that is, the host card simulation transaction channel.
  • the mobile phone NFC is used for payment.
  • the mobile phone system is rooted, the data stored in the mobile phone system is easily stolen or destroyed. If the current state of the terminal is unsafe, the HCE analog transaction channel is closed, thereby terminating the payment transaction performed by the channel.
  • the HCE card analog transaction channel may be closed by a host or an NFC controller.
  • closing the host card simulation transaction channel can no longer use the transaction channel to conduct transactions when the current state of the terminal is unsafe, thereby preventing the occurrence of unsafe transactions.
  • the method further includes:
  • the application installed by the terminal is an unofficial publishing application, an illegal application, or an unprivileged application, the application is denied access to the host card analog transaction channel.
  • S203 Encrypt and compress the host card to simulate the security module application and the authentication information data related thereto.
  • the host card analog security module application ie, the HCE analog SE application
  • the HCE analog SE application refers to an APP application that simulates the SE security module on the terminal having the HCE card simulation function, and the related authentication information data is stored in the HCE simulation.
  • Data for authentication and user sensitive data in NFC transactions in SE applications may be user information, a password, and other data related to the payment, etc. of the payment parties.
  • the HCE card analog security module application and the authentication information data associated therewith may also be compressed and encrypted to ensure the security of the transaction data.
  • the HCE analog payment channel is closed at this time, and the user information, password and other related data related to the payment are encrypted and compressed to ensure data security. .
  • the encrypting and compressing the host card to simulate the security module application and the authentication information data related thereto include:
  • the host card analog security module application and its associated authentication information data are encrypted by the host card emulating the personal identification password corresponding to the mobile wallet or the user-set password.
  • the encrypting and compressing the host card emulation security module application and the authentication information data related thereto may also use the password formed by a certain encoding rule to the host card.
  • the analog security module application and its associated authentication information data are encrypted.
  • the host card analog security module application and the authentication information data related thereto are encrypted according to the password setting manner in the NFC transaction, and the password is guaranteed. safety.
  • the HCE card simulation transaction channel routing to the traditional SE module ensures the smooth progress of the transaction, while ensuring the security of the data.
  • the security module entity is a hardware entity SE module.
  • the mobile phone when the mobile phone is used for NFC mobile payment, if the mobile phone is detected to be Root, in order to ensure the security of payment, the HCE analog transaction channel is closed, and the host card is simulated and encrypted.
  • the module application and its associated authentication information data and at the same time routing the HCE simulated trading channel to the entity SE, thereby eliminating the payment risk and ensuring the smooth progress of the transaction.
  • the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed. Continue to detect the current state of the terminal at a certain frequency.
  • the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, and then the terminal is continuously detected at a certain frequency.
  • the state of the terminal can be observed in real time, and the response is timely when the state of the terminal changes.
  • the HCE card analog transaction channel is enabled by the host or the NFC controller.
  • S207 Decompress and decrypt the host card to simulate the security module application and the authentication information data related thereto.
  • the host card emulation security module application may be decrypted and decompressed and Relevant authentication information data.
  • the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, and then the terminal is continuously detected at a certain frequency.
  • the HCE simulated transaction channel is opened, and the HCE simulated SE application and related authentication information data are restored, so that the HCE simulated transaction channel can be restored in time after the security state of the terminal is restored.
  • the password of the decryption host card emulation security module application and the authentication information data associated therewith is a password when the encryption host card emulates the security module application and the authentication information data associated therewith, Generally it is the host HCE wallet PIN code.
  • the analog payment channel is closed and the HCE simulated SE application and related authentication information data are protected, and the HCE simulated transaction channel is routed to the entity SE simulation, and then continues. Detecting the security status of the terminal. When it is detected that the insecure factor of the terminal has been eliminated, the original HCE analog payment channel is opened, the related application and data are released, and the transaction channel is again routed from the entity SE to the HCE analog payment channel. In the recovery of the HCE card simulation transaction function.
  • the current state of the terminal is detected; if the current state of the terminal is detected to be in an insecure state, the host card analog transaction channel is closed, so that the terminal state is no longer in an unsafe state.
  • the host card continues to use the host card to simulate the transaction channel; encrypt and compress the host card to simulate the security module application and its associated authentication information data, to achieve data protection during the transaction process. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
  • the terminal when the terminal is a mobile phone with an Android 4.4 system installed, it has an NFC function and supports HCE technology, so that the NFC software simulation can be implemented on the mobile phone through the HCE analog SE application.
  • NFC for mobile payment, first check the status of the mobile phone, such as whether the mobile phone is rooted, whether the payment software is officially released, whether the software installed on the mobile phone is infected by a virus, etc. If the mobile phone is detected to be root, the user can obtain the highest system. Permission, so that the stored SE or authentication information can be obtained.
  • the malicious user may access the terminal's storage system by other means, and obtain sensitive data stored in the application to complete some pseudo-card transactions, which will bring the payer Great security risk, so after detecting the security risk, the mobile phone closes the HCE card simulation transaction channel through the NFC controller, and encrypts and compresses the HCE simulated SE application and related authentication data information through the PIN code corresponding to the HCE mobile wallet. To ensure the security of the data.
  • the payment software is denied access to the HCE card analog transaction channel, thereby eliminating the insecurities caused by the payment software.
  • the HCE card analog transaction channel can be routed to the SE entity.
  • the mobile phone root authority is turned off, and the state of the mobile phone is detected again, the state of the mobile phone is detected as a safe state, the HCE card simulation transaction channel is restored, and the HCE simulated SE application and related authentication are decompressed and decrypted. Data information, at this time no NFC transactions are performed by the entity SE.
  • FIG. 3 is a schematic structural diagram of a security control apparatus according to an embodiment of the present invention.
  • a security control apparatus 300 may include:
  • the first detection module 310 the shutdown module 320, and the encryption module 330.
  • the first detecting module 310 is configured to detect a current state of the terminal.
  • the terminal is a smart terminal capable of installing an Android system such as a mobile phone or a tablet computer, and supports HCE. With NFC capabilities.
  • the current status of the terminal refers to the status of the current operating environment of the terminal, such as whether it is secure or not.
  • the HCE refers to the host-based card emulation.
  • the SE does not need to be provided.
  • the SE function is implemented by an application running on the terminal or a cloud server.
  • the NFC chip receives the function.
  • the data obtained is completed by the operating system, or an application sent to the terminal, or a server sent to the cloud through the mobile network.
  • the security module SE can be simulated by an application in the mobile phone.
  • the security module SE refers to a chip module for storing NFC application and user sensitive data and realizing security key operation, and is the core of the NFC card simulation.
  • the security module also communicates with the external read/write device through the non-connected front end to realize data storage. And the security of the transaction process.
  • the NFC terminal may include a hardware security module SE, providing secure storage of sensitive information and providing a secure execution environment for transaction transactions, wherein the SE may be integrated into the SIM card , SD card or terminal chip.
  • SE hardware security module
  • the Android 4.4 system can be installed on the NFC-enabled terminal. Since the Android 4.4 system supports the HCE function, the HCE function can be implemented on the Android 4.4 system. Simulate SE applications with HCE.
  • the terminal system may be upgraded to the Android 4.4 system. This enables support for HCE functions.
  • the terminal supporting the HCE function may use an APP (Application) application emulation card on the terminal to implement the function of the host card emulation, and the terminal also supports other functions.
  • APP Application
  • the mobile terminal of the Android 4.4 system with NFC function supports the HCE function, so that the card module of the SE can be realized by the HCE, and the hardware SE module is provided on the mobile terminal, so it can be understood that the mobile terminal It is also compatible with HCE card emulation and traditional hardware SE functions.
  • the current state of the terminal may be a security state or an unsecured state.
  • the terminal is opened in the HCE analog transaction channel. After the start, the current security status of the terminal is detected at a certain frequency.
  • the closing module 320 is configured to close the host card analog transaction channel if it is detected that the current state of the terminal is an unsafe state.
  • the insecure state means that the operating environment of the terminal is not secure, and the current data running on the terminal may be stolen or destroyed, thereby causing the current transaction of the terminal to be unsafe.
  • the host card module transaction channel (ie, the HCE card analog transaction channel) refers to the channel that uses the HCE technology to simulate the SE security module to complete the NFC transaction.
  • the NFC chip acts as a contactless communication front end and receives commands from the external reader. Forward to the application of the simulated SE and then reply by the application simulating the SE.
  • the traditional hardware-based NFC transaction channel is the NFC chip as a contactless communication front-end, which will receive commands from the external reader, forward it to the SE, and then reply by the SE.
  • the SE is simulated by the APP application, thereby implementing the HCE analog transaction channel, that is, the host card simulation transaction channel.
  • the mobile phone NFC is used for payment.
  • the mobile phone system is rooted, the data stored in the mobile phone system is easily stolen or destroyed. If the current state of the terminal is unsafe, the HCE analog transaction channel is closed, thereby terminating the payment transaction performed by the channel.
  • closing the host card simulation transaction channel can no longer use the transaction channel to conduct transactions when the current state of the terminal is unsafe, thereby preventing the occurrence of unsafe transactions.
  • the encryption module 330 is configured to encrypt and compress the host card to simulate the security module application and the authentication information data associated therewith.
  • the host card analog security module application ie, the HCE analog SE application
  • the HCE analog SE application refers to an APP application that simulates the SE security module on the terminal having the HCE card simulation function, and the related authentication information data is stored in the HCE simulation.
  • Data for authentication and user sensitive data in NFC transactions in SE applications may be user information, a password, and other data related to the payment, etc. of the payment parties.
  • the HCE card analog security module application and the authentication information data associated therewith may also be compressed and encrypted to ensure the security of the transaction data.
  • the HCE analog payment channel is closed at this time, and the user information, password and other related data related to the payment are encrypted and compressed to ensure data security. .
  • the security control device 300 detects the current state of the terminal; if the security control device 300 detects that the current state of the terminal is unsafe, the host controller simulates the transaction channel, thereby When the status is unsafe, the host card is no longer used to simulate the transaction channel; the security control device 300 encrypts and compresses the host card analog security module application and the authentication information data associated therewith, thereby realizing the protection of data during the transaction process. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
  • FIG. 4 is a schematic structural diagram of another security control apparatus according to another embodiment of the present invention, wherein another security control apparatus according to another embodiment of the present invention is shown in FIG. 400 can include:
  • the first detection module 410 the shutdown module 420, and the encryption module 430.
  • the first detecting module 410 is configured to detect a current state of the terminal.
  • the terminal is a smart terminal capable of installing an Android system such as a mobile phone or a tablet computer, supports HCE, and has an NFC function.
  • the current status of the terminal refers to the status of the current operating environment of the terminal, such as whether it is secure or not.
  • the HCE refers to the host-based card emulation.
  • the SE does not need to be provided.
  • the SE function is implemented by an application running on the terminal or a cloud server.
  • the NFC chip receives the function.
  • the data obtained is completed by the operating system, or an application sent to the terminal, or a server sent to the cloud through the mobile network.
  • the security module SE can be simulated by an application in the mobile phone.
  • the security module SE refers to a chip module for storing NFC application and user sensitive data and realizing security key operation, and is the core of the NFC card simulation.
  • the security module also communicates with the external read/write device through the non-connected front end to realize data storage. And the security of the transaction process.
  • the NFC terminal may include a hardware security module SE, providing secure storage of sensitive information and providing a secure execution environment for transaction transactions, wherein the SE may be integrated into the SIM card , SD card or terminal chip.
  • SE hardware security module
  • the Android 4.4 system can be installed on the NFC-enabled terminal. Since the Android 4.4 system supports the HCE function, the HCE function can be implemented on the Android 4.4 system. Simulate SE applications with HCE.
  • the terminal system may be upgraded to the Android 4.4 system. This enables support for HCE functions.
  • the terminal supporting the HCE function may use an APP (Application) application emulation card on the terminal to implement the function of the host card emulation, and the terminal also supports other functions.
  • APP Application
  • the mobile terminal of the Android 4.4 system with NFC function supports the HCE function, so that the card module of the SE can be realized by the HCE, and the hardware SE module is provided on the mobile terminal, so it can be understood that the mobile terminal It is also compatible with HCE card emulation and traditional hardware SE functions.
  • the current state of the terminal may be a security state or an unsecured state.
  • the terminal after detecting that the HCE analog transaction channel is enabled, the terminal detects the current security state of the terminal at a certain frequency.
  • the closing module 420 is configured to close the host card analog transaction channel if it detects that the current state of the terminal is an unsafe state.
  • the insecure state means that the operating environment of the terminal is not secure, and the current data running on the terminal may be stolen or destroyed, thereby causing the current transaction of the terminal to be unsafe.
  • the host card module transaction channel (ie, the HCE card analog transaction channel) refers to the channel that uses the HCE technology to simulate the SE security module to complete the NFC transaction.
  • the NFC chip acts as a contactless communication front end and receives commands from the external reader. Forward to the application of the simulated SE and then reply by the application simulating the SE.
  • the traditional hardware-based NFC transaction channel is the NFC chip as a contactless communication front-end, which will receive commands from the external reader, forward it to the SE, and then reply by the SE.
  • the SE is simulated by the APP application, thereby implementing the HCE analog transaction channel, that is, the host card simulation transaction channel.
  • the hand when the terminal is a mobile phone, the hand is utilized.
  • the NFC performs payment.
  • the mobile phone's system is rooted, the data stored in the mobile phone system is easily stolen or destroyed.
  • the current state of the terminal is unsafe, then the HCE analog transaction channel is closed, thereby terminating the channel. A payment transaction made.
  • closing the host card simulation transaction channel can no longer use the transaction channel to conduct transactions when the current state of the terminal is unsafe, thereby preventing the occurrence of unsafe transactions.
  • the encryption module 430 is configured to encrypt and compress the host card to simulate the security module application and the authentication information data associated therewith.
  • the host card analog security module application ie, the HCE analog SE application
  • the HCE analog SE application refers to an APP application that simulates the SE security module on the terminal having the HCE card simulation function, and the related authentication information data is stored in the HCE simulation.
  • Data for authentication and user sensitive data in NFC transactions in SE applications may be user information, a password, and other data related to the payment, etc. of the payment parties.
  • the HCE card analog security module application and the authentication information data associated therewith may also be compressed and encrypted to ensure the security of the transaction data.
  • the HCE analog payment channel is closed at this time, and the user information, password and other related data related to the payment are encrypted and compressed to ensure data security. .
  • the HCE card analog transaction channel may be closed by a host or an NFC controller.
  • the detecting module 410 detects that a current state of the terminal includes at least one of the following manners:
  • the current security status of the terminal includes whether the operating environment of the terminal is secure and whether the software running on the terminal is qualified. When it is detected that the terminal system is acquired by the super user or the application installed by the terminal is infected by a virus, it is determined that the operating environment of the terminal itself is not Security, that is, the status of the terminal is unsafe. At this time, the HCE card analog transaction channel is closed.
  • the detecting the current state of the terminal may further include detecting whether the application installed by the terminal is an illegal application or a non-privileged application, and detecting other abnormal conditions of the terminal.
  • the detecting module 410 is further configured to:
  • the application installed by the terminal is an unofficial publishing application, an illegal application, or an unprivileged application, the application is denied access to the host card analog transaction channel.
  • the security control apparatus 400 further includes:
  • the routing module 440 is configured to route the host card analog transaction channel to the security module entity.
  • the HCE card simulation transaction channel routing to the traditional SE module ensures the smooth progress of the transaction, while ensuring the security of the data.
  • the security module entity is a hardware entity SE module.
  • the mobile phone when the mobile phone is used for NFC mobile payment, if the mobile phone is detected to be Root, in order to ensure the security of payment, the HCE analog transaction channel is closed, and the host card is simulated and encrypted.
  • the module application and its associated authentication information data and at the same time routing the HCE simulated trading channel to the entity SE, thereby eliminating the payment risk and ensuring the smooth progress of the transaction.
  • the encryption module 430 is specifically configured to:
  • the host card analog security module application and its associated authentication information data are encrypted by the host card emulating the personal identification password corresponding to the mobile wallet or the user-set password.
  • the encrypting and compressing the host card emulation security module application and the authentication information data related thereto may also use the password formed by a certain encoding rule to the host card.
  • the analog security module application and its associated authentication information data are encrypted.
  • the host card analog security module application and the authentication information data related thereto are encrypted according to the password setting manner in the NFC transaction, and the password is guaranteed. safety.
  • the security control apparatus 400 further includes:
  • a second detecting module 450 configured to detect a current state of the terminal
  • the module 460 is configured to: if it is detected that the current state of the terminal is a security state, enable the host card to simulate a transaction channel;
  • the decryption module 470 is configured to decompress and decrypt the host card analog security module application and the authentication information data associated therewith.
  • the second detection module 450 may be different from the first detection module 410 for detecting the current security state of the terminal after the HCE card analog transaction channel is closed, or may be integrated with the first detection module 410 in the same module. It is used to detect the current state of the terminal.
  • the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed.
  • the second detecting module 450 continues to detect the current state of the terminal at a certain frequency.
  • the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, and then the terminal is continuously detected at a certain frequency.
  • the HCE simulated transaction channel is opened, and the HCE simulated SE application and related authentication information data are restored, so that the HCE simulated transaction channel can be restored in time after the security state of the terminal is restored.
  • the opening module 460 can be implemented by the host or the NFC controller to enable the HCE card to simulate the transaction channel.
  • the decryption module 470 can decrypt and decompress the host card analog security module application and the authentication information associated therewith. data.
  • the HCE card analog transaction channel is again routed from the SE entity to the HCE card analog transaction channel.
  • the analog payment channel is closed and the HCE simulated SE application and related authentication information data are protected, and the HCE simulated transaction channel is routed to the entity SE simulation, and then continues. Detecting the security status of the terminal. When it is detected that the insecure factor of the terminal has been eliminated, the original HCE analog payment channel is opened, the related application and data are released, and the transaction channel is again routed from the entity SE to the HCE analog payment channel. In the recovery of the HCE card simulation transaction function.
  • the security control device 400 detects the current state of the terminal; if the security control device 400 detects that the current state of the terminal is in an insecure state, the host controller simulates the transaction channel, thereby When the state is unsafe, the host card is no longer used to simulate the transaction channel; the security control device 400 encrypts and compresses the host card simulation security module application and the authentication information data related thereto, thereby realizing the protection of the data during the transaction process. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
  • FIG. 5 is a schematic structural diagram of still another safety control device according to still another embodiment of the present invention.
  • still another security control apparatus 500 provided by still another embodiment of the present invention may include at least one bus 501, at least one processor 502 connected to the bus, and at least one memory 503 connected to the bus.
  • the processor 502 calls the code stored in the memory 503 to detect the current state of the terminal through the bus 501. If the current state of the terminal is detected to be in an insecure state, the host card is simulated to close the transaction channel; the encryption and compression are performed. The host card emulates the security module application and its associated authentication information data.
  • the terminal is a smart terminal capable of installing an Android system such as a mobile phone or a tablet computer, supports HCE, and has an NFC function.
  • the current status of the terminal refers to the status of the current operating environment of the terminal, such as whether it is secure or not.
  • the HCE refers to the host-based card emulation.
  • the SE does not need to be provided.
  • the SE function is implemented by an application running on the terminal or a cloud server.
  • the NFC chip receives the function.
  • the data obtained is completed by the operating system, or an application sent to the terminal, or a server sent to the cloud through the mobile network.
  • the security module SE can be simulated by an application in the mobile phone.
  • the security module SE refers to a chip module for storing NFC application and user sensitive data and realizing security key operation, and is the core of the NFC card simulation.
  • the security module also communicates with the external read/write device through the non-connected front end to realize data storage. And the security of the transaction process.
  • the NFC terminal may include a hardware security module SE, providing secure storage of sensitive information and providing a secure execution environment for transaction transactions, wherein the SE may be integrated into the SIM card , SD card or terminal chip.
  • SE hardware security module
  • the Android 4.4 system can be installed on the NFC-enabled terminal. Since the Android 4.4 system supports the HCE function, the HCE function can be implemented on the Android 4.4 system. Simulate SE applications with HCE.
  • the terminal system may be upgraded to the Android 4.4 system. This enables support for HCE functions.
  • the terminal supporting the HCE function may use an APP (Application) application emulation card on the terminal to implement the function of the host card emulation, and the terminal also supports other functions.
  • APP Application
  • the current state of the terminal may be a security state or an unsecured state.
  • the terminal after detecting that the HCE analog transaction channel is enabled, the terminal detects the current security state of the terminal at a certain frequency.
  • the insecure state means that the operating environment of the terminal is not secure, and the current data running on the terminal may be stolen or destroyed, thereby causing the current transaction of the terminal to be unsafe.
  • the host card module transaction channel (ie, the HCE card analog transaction channel) refers to the channel that uses the HCE technology to simulate the SE security module to complete the NFC transaction.
  • the NFC chip acts as a contactless communication front end and receives commands from the external reader. Forward to the application of the simulated SE, then enter the application of the simulated SE Line reply.
  • the traditional hardware-based NFC transaction channel is the NFC chip as a contactless communication front-end, which will receive commands from the external reader, forward it to the SE, and then reply by the SE.
  • the host card analog security module application ie, the HCE analog SE application
  • the HCE analog SE application refers to an APP application that simulates the SE security module on the terminal having the HCE card simulation function, and the related authentication information data is stored in the HCE simulation.
  • Data for authentication and user sensitive data in NFC transactions in SE applications may be user information, a password, and other data related to the payment, etc. of the payment parties.
  • the HCE card analog security module application and the authentication information data associated therewith may also be compressed and encrypted to ensure the security of the transaction data.
  • the HCE card analog transaction channel may be closed by a host or an NFC controller.
  • the detecting, by the processor 502, the current state of the terminal includes at least one of the following manners:
  • the current security status of the terminal includes whether the operating environment of the terminal is secure and whether the software running on the terminal is qualified. When it is detected that the terminal system is acquired by the super user or the application installed by the terminal is infected by a virus, it is determined that the operating environment of the terminal itself is not Security, that is, the status of the terminal is unsafe. At this time, the HCE card analog transaction channel is closed.
  • the current state of the detecting terminal may further include other conditions that affect the security of the operating environment of the terminal.
  • the detecting the current state of the terminal may further include detecting whether the application installed by the terminal is an illegal application or a non-privileged application, and detecting other abnormal conditions of the terminal.
  • the processor 502 may further:
  • the application installed by the terminal is an unofficial publishing application, an illegal application, or an unprivileged application, the application is denied access to the host card analog transaction channel.
  • the processor 502 may further:
  • the host card analog transaction channel is routed to the security module entity.
  • the security module entity is a hardware entity SE module.
  • the processor 502 encrypts and compresses the host card emulation security module application and authentication information data related thereto, and the processor 502 may:
  • the host card analog security module application and its associated authentication information data are encrypted by the host card emulating the personal identification password corresponding to the mobile wallet or the user-set password.
  • the encrypting and compressing the host card emulation security module application and the authentication information data related thereto may also use the password formed by a certain encoding rule to the host card.
  • the analog security module application and its associated authentication information data are encrypted.
  • the processor 502 after the processor 502 encrypts and compresses the host card to simulate the security module application and the authentication information data associated therewith, the processor 502 further includes:
  • the host card is simulated to open a transaction channel
  • Decompress and decrypt the host card to simulate the security module application and its associated authentication information data.
  • the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed. Continue to detect the current state of the terminal at a certain frequency.
  • the HCE card analog transaction channel is enabled by the host or the NFC controller.
  • the processor 502 can decrypt and decompress the host card emulation security module application and the authentication information data associated therewith.
  • the processor 502 again routes the HCE card analog transaction channel from the SE entity to the HCE card analog transaction channel. in.
  • the security control device 500 detects the current state of the terminal; If the security control device 500 detects that the current state of the terminal is in an insecure state, the host card is simulated to close the transaction channel, so that the host card is not used to simulate the transaction channel when the terminal state is in an unsafe state; the security control device 500 encrypts And compress the host card analog security module application and its associated authentication information data to achieve data protection during the transaction process. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
  • Figure 6 is a terminal provided by an embodiment of the present invention.
  • the present invention also provides a terminal 500 comprising the security control device 400 as described in any of the above aspects.
  • the embodiment of the present invention further provides a computer storage medium, wherein the computer storage medium can store a program, and the program includes some or all of the steps of any one of the message interaction methods described in the foregoing method embodiments.
  • the disclosed apparatus may be implemented in other ways.
  • the device embodiments described above are merely illustrative.
  • the division of the unit is only a logical function division.
  • there may be another division manner for example, multiple units or components may be combined or may be Integrate into another system, or some features can be ignored or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be electrical or otherwise.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. in.
  • the above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
  • the integrated unit if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium.
  • the technical solution of the present invention which is essential or contributes to the prior art, or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium.
  • a number of instructions are included to cause a computer device (which may be a personal computer, server or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes: a U disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk, and the like. .

Abstract

A safety control method and apparatus (300, 400), and a terminal. The safety control method comprises: detecting a current state of a terminal (S101); if it is detected that the current state of the terminal is an unsafe state, closing a host card simulated transaction channel (S102); and encrypting and compressing a host card simulated safety module application and authentication information data related to the host card simulated safety module application (S103). Therefore, safety control of an NFC service is implemented by using a host card simulation-based technology.

Description

一种安全控制方法、装置和终端Safety control method, device and terminal 技术领域Technical field
本发明涉及通信领域,具体涉及了一种安全控制方法、装置和终端。The present invention relates to the field of communications, and in particular, to a security control method, apparatus, and terminal.
背景技术Background technique
目前,基于Android4.4的NFC(Near Field Communication,近距离无线通讯技术)支付引入了一个新的开放式架构,即HCE(Host-based Card Emulation,主机卡模拟)技术,从而在配备NFC功能的终端中实现卡模块后,终端不需要提供物理SE(Security Elements,安全模块),使得NFC的应用更加简单与灵活。At present, NFC (Near Field Communication) payment based on Android 4.4 introduces a new open architecture, namely HCE (Host-based Card Emulation) technology, which is equipped with NFC function. After the card module is implemented in the terminal, the terminal does not need to provide physical SE (Security Elements), which makes the application of NFC simpler and more flexible.
但是HCE技术只是模拟了NFC和SE通信的协议和实现,也即以虚拟SE的方式完成NFC业务的安全保证,并没有实现SE。现有基于HCE技术的SE解决方案,可以是通过本地应用软件的模拟或者云端服务器的模拟来实现,但是在这两种方案下,由于Android系统本身的安全性问题导致数据安全性不够,比如当系统被Root(获取超级用户权限)以后,系统中的所有数据都将受到安全威胁,系统中存储的SE或认证信息很容易被获取。那么如何在基于HCE技术下实现NFC业务的安全控制是一个亟待解决的问题。However, the HCE technology only simulates the protocol and implementation of NFC and SE communication, that is, the security guarantee of the NFC service is completed by the virtual SE, and the SE is not implemented. The existing SE solution based on HCE technology can be implemented by simulation of local application software or simulation of cloud server, but under these two schemes, data security is not enough due to the security problem of the Android system itself, for example, when After the system is rooted (with superuser privileges), all data in the system will be threatened by security, and SE or authentication information stored in the system can be easily obtained. So how to implement the security control of NFC service based on HCE technology is an urgent problem to be solved.
发明内容Summary of the invention
本发明实施例提供了一种安全控制方法、装置和终端,以期可以在基于HCE技术下实现NFC业务的安全控制。The embodiment of the invention provides a security control method, device and terminal, so as to implement security control of the NFC service based on the HCE technology.
本发明实施例第一方面提供了一种安全控制方法,包括:A first aspect of the embodiments of the present invention provides a security control method, including:
检测终端当前的状态;Detecting the current state of the terminal;
若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道;If it is detected that the current state of the terminal is an unsafe state, the host card analog transaction channel is closed;
加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据。Encrypt and compress the host card to simulate the security module application and its associated authentication information data.
本发明实施例第二方面提供了一种安全控制装置,包括:A second aspect of the embodiments of the present invention provides a security control apparatus, including:
第一检测模块,用于检测终端当前的状态;a first detecting module, configured to detect a current state of the terminal;
关闭模块,用于若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道; The module is closed, and if the current state of the terminal is detected to be unsafe, the host card analog transaction channel is closed;
加密模块,用于加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据。The encryption module is used to encrypt and compress the host card to simulate the security module application and the authentication information data associated therewith.
本发明还提供了一种终端,包括如上述任一技术方案所述的安全控制装置。The present invention also provides a terminal comprising the security control device according to any of the above technical solutions.
可以看出,在本发明实施例提供的技术方案中,检测终端当前的状态;若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道,从而在终端状态为不安全状态时不再继续使用主机卡模拟交易通道;加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,实现了对交易过程中数据的保护。从而在基于主机卡模拟的技术下实现了对NFC业务的安全控制。It can be seen that, in the technical solution provided by the embodiment of the present invention, the current state of the terminal is detected; if the current state of the terminal is detected to be in an insecure state, the host card analog transaction channel is closed, so that the terminal state is unsafe. In the state, the host card is no longer used to simulate the transaction channel; the host card simulation security module application and its associated authentication information data are encrypted and compressed, and the data protection during the transaction process is realized. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
附图说明DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any creative work.
图1是本发明实施例提供的一种安全控制方法的流程示意图;1 is a schematic flowchart of a security control method according to an embodiment of the present invention;
图2是本发明实施例提供的另一种安全控制方法的流程示意图;2 is a schematic flowchart of another security control method according to an embodiment of the present invention;
图3是本发明实施例提供的一种安全控制装置的结构示意图;3 is a schematic structural diagram of a security control apparatus according to an embodiment of the present invention;
图4是本发明实施例提供的另一种安全控制装置的结构示意图;4 is a schematic structural diagram of another security control apparatus according to an embodiment of the present invention;
图5是本发明实施例提供的又一种安全控制装置的结构示意图;FIG. 5 is a schematic structural diagram of still another security control apparatus according to an embodiment of the present invention; FIG.
图6是本发明实施例提供的一种终端的结构示意图。FIG. 6 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
具体实施方式detailed description
本发明实施例提供了一种安全控制方法、装置和终端,以期可以在基于HCE技术下实现NFC业务的安全控制。The embodiment of the invention provides a security control method, device and terminal, so as to implement security control of the NFC service based on the HCE technology.
为了使本技术领域的人员更好地理解本发明方案,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分的实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都应当属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is an embodiment of the invention, but not all of the embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts shall fall within the scope of the present invention.
本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”和“第 三”等是用于区别不同对象,而非用于描述特定顺序。此外,术语“包括”以及它们任何变形,意图在于覆盖不排他的包含。例如包含了一系列步骤或单元的过程、方法、系统、产品或设备没有限定于已列出的步骤或单元,而是可选地还包括没有列出的步骤或单元,或可选地还包括对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first", "second" and "first" in the specification and claims of the present invention and the above drawings The third term is used to distinguish different objects, and is not intended to describe a particular order. In addition, the term "comprises" and any variants thereof are intended to cover a non-exclusive inclusion, such as a process or method comprising a series of steps or units. A system, product, or device is not limited to the listed steps or units, but optionally includes steps or units not listed, or alternatively other steps inherent to those processes, methods, products, or devices Or unit.
本发明实施例的一种安全控制方法的一个实施例,一种安全控制方法包括:检测终端当前的状态;若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道;加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据。An embodiment of the security control method of the embodiment of the present invention, a security control method includes: detecting a current state of the terminal; and detecting that the current state of the terminal is an unsecured state, closing the host card analog transaction channel; Encrypt and compress the host card to simulate the security module application and its associated authentication information data.
首先参见图1,图1是本发明的一个实施例提供的一种安全控制方法的流程示意图。其中,如图1所示,本发明的一个实施例提供的一种安全控制方法可以包括:Referring first to FIG. 1, FIG. 1 is a schematic flow chart of a security control method according to an embodiment of the present invention. As shown in FIG. 1 , a security control method provided by an embodiment of the present invention may include:
S101、检测终端当前的状态。S101. Detect a current state of the terminal.
其中,终端为手机、平板电脑等能安装Android系统的智能终端,支持HCE,具备NFC功能。终端当前的状态指终端当前的运行环境的状态,比如是否安全等。Among them, the terminal is a smart terminal capable of installing an Android system such as a mobile phone or a tablet computer, supports HCE, and has an NFC function. The current status of the terminal refers to the status of the current operating environment of the terminal, such as whether it is secure or not.
其中,HCE指基于主机的卡模拟,在配备NFC功能的终端上实现卡模拟时,不需要提供SE,由在终端上运行的一个应用或者云端的服务器来完成SE的功能,此时NFC芯片接收到的数据由操作系统、或发送至终端中的应用、或通过移动网络发送至云端的服务器来完成交互。例如,在NFC手机中,可以通过手机中的应用来模拟安全模块SE。The HCE refers to the host-based card emulation. When the card emulation is implemented on the NFC-enabled terminal, the SE does not need to be provided. The SE function is implemented by an application running on the terminal or a cloud server. At this time, the NFC chip receives the function. The data obtained is completed by the operating system, or an application sent to the terminal, or a server sent to the cloud through the mobile network. For example, in an NFC mobile phone, the security module SE can be simulated by an application in the mobile phone.
其中,安全模块SE指用于存储NFC应用和用户敏感数据以及实现安全密钥运算的芯片模块,是NFC卡模拟的核心,安全模块还通过非接前端与外部读写设备进行通信,实现数据存储及交易过程的安全性。The security module SE refers to a chip module for storing NFC application and user sensitive data and realizing security key operation, and is the core of the NFC card simulation. The security module also communicates with the external read/write device through the non-connected front end to realize data storage. And the security of the transaction process.
可选地,在本发明的一些可能的实施方式中,NFC终端可包括硬件安全模块SE,提供对敏感信息的安全存储和为交易事务提供一个安全的执行环境,其中,SE可以集成到SIM卡、SD卡或终端芯片中。Optionally, in some possible implementation manners of the present invention, the NFC terminal may include a hardware security module SE, providing secure storage of sensitive information and providing a secure execution environment for transaction transactions, wherein the SE may be integrated into the SIM card , SD card or terminal chip.
可选地,在本发明的一些可能的实施方式中,可在具有NFC功能的终端上安装Android4.4系统,由于Android4.4系统支持HCE功能,从而可在Android4.4系统上实现HCE功能,利用HCE模拟SE应用。 Optionally, in some possible implementation manners of the present invention, the Android 4.4 system can be installed on the NFC-enabled terminal. Since the Android 4.4 system supports the HCE function, the HCE function can be implemented on the Android 4.4 system. Simulate SE applications with HCE.
可选地,在本发明的其它一些可能的实施方式中,如果具有NFC功能的终端系统是Android4.4之前的版本,则可以将终端系统升级到Android4.4系统。从而可以实现对HCE功能的支持。Optionally, in some other possible implementation manners of the present invention, if the NFC-enabled terminal system is a version prior to Android 4.4, the terminal system may be upgraded to the Android 4.4 system. This enables support for HCE functions.
可选地,在本发明的一些可能的实施方式中,支持HCE功能的终端可在终端上用APP(Application,应用程序)应用程序模拟卡,实现主机卡模拟的功能,同时该终端也支持其它传统的SE模拟卡技术,如硬件SE模块,也即终端同时兼容HCE和传统的SE。Optionally, in some possible implementation manners of the present invention, the terminal supporting the HCE function may use an APP (Application) application emulation card on the terminal to implement the function of the host card emulation, and the terminal also supports other functions. Traditional SE analog card technology, such as hardware SE module, that is, the terminal is compatible with both HCE and traditional SE.
举例进行说明,对于一个具有NFC功能的Android4.4系统的手机终端,支持HCE功能,从而可通过HCE实现对SE的卡模块,同时该手机终端上具有硬件SE模块,所以可以理解,该手机终端同时兼容HCE卡模拟以及传统的硬件SE功能。For example, the mobile terminal of the Android 4.4 system with NFC function supports the HCE function, so that the card module of the SE can be realized by the HCE, and the hardware SE module is provided on the mobile terminal, so it can be understood that the mobile terminal It is also compatible with HCE card emulation and traditional hardware SE functions.
可选地,在本发明的一些可能的实施方式中,终端当前的状态可以为安全状态,也可以为不安全状态。Optionally, in some possible implementation manners of the present invention, the current state of the terminal may be a security state or an unsecured state.
可选地,在本发明的一些可能的实施方式中,终端在HCE模拟交易通道开启后,以一定的频率检测终端当前的安全状态。Optionally, in some possible implementation manners of the present invention, after detecting that the HCE analog transaction channel is enabled, the terminal detects the current security state of the terminal at a certain frequency.
S102、若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道。S102. If it is detected that the current state of the terminal is an unsafe state, the host card analog transaction channel is closed.
其中,不安全状态指终端的运行环境不安全,导致运行在终端当前的数据有可能被窃取或者破坏,从而导致终端当前所进行的交易不安全。The insecure state means that the operating environment of the terminal is not secure, and the current data running on the terminal may be stolen or destroyed, thereby causing the current transaction of the terminal to be unsafe.
其中,主机卡模块交易通道(即HCE卡模拟交易通道)是指利用HCE技术模拟SE安全模块完成NFC交易的通道,此时NFC芯片作为非接触通讯前端,将从外部读写器接收到命令,转发到模拟SE的应用,然后由模拟SE的应用进行回复。而传统的基于硬件的NFC交易通道是NFC芯片作为非接触通讯前端,将从外部读写器接收到命令,转发到SE,然后由SE进行回复。The host card module transaction channel (ie, the HCE card analog transaction channel) refers to the channel that uses the HCE technology to simulate the SE security module to complete the NFC transaction. At this time, the NFC chip acts as a contactless communication front end and receives commands from the external reader. Forward to the application of the simulated SE and then reply by the application simulating the SE. The traditional hardware-based NFC transaction channel is the NFC chip as a contactless communication front-end, which will receive commands from the external reader, forward it to the SE, and then reply by the SE.
例如,在一部具有HCE功能的NFC手机中,通过APP应用模拟SE,从而实现HCE模拟交易通道,即主机卡模拟交易通道。For example, in an HFC-enabled NFC mobile phone, the SE is simulated by the APP application, thereby implementing the HCE analog transaction channel, that is, the host card simulation transaction channel.
举例说明,在本发明的一些可能的实施方式中,当终端为手机时,利用手机NFC进行支付,当手机的系统被Root后,存储在手机系统中的数据很容易被窃取或破坏,此时终端的当前状态为不安全状态,那么关闭HCE模拟交易通道,从而终止该通道所进行的支付交易。 For example, in some possible implementation manners of the present invention, when the terminal is a mobile phone, the mobile phone NFC is used for payment. When the mobile phone system is rooted, the data stored in the mobile phone system is easily stolen or destroyed. If the current state of the terminal is unsafe, the HCE analog transaction channel is closed, thereby terminating the payment transaction performed by the channel.
可以理解,关闭主机卡模拟交易通道可以在终端当前状态为不安全状态时不再使用该交易通道进行交易,从而阻止了不安全交易的发生。It can be understood that closing the host card simulation transaction channel can no longer use the transaction channel to conduct transactions when the current state of the terminal is unsafe, thereby preventing the occurrence of unsafe transactions.
S103、加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据。S103. Encrypt and compress the host card to simulate the security module application and the authentication information data related thereto.
其中,在NFC终端中,主机卡模拟安全模块应用(即HCE模拟SE应用)指在具有HCE卡模拟功能的终端上模拟SE安全模块的APP应用,与其相关的认证信息数据是指存储在HCE模拟SE应用中的NFC交易中用于认证的数据和用户敏感数据。例如,在NFC支付中,该认证信息数据可以为支付双方的用户信息、密码、以及与支付相关的其它数据等。In the NFC terminal, the host card analog security module application (ie, the HCE analog SE application) refers to an APP application that simulates the SE security module on the terminal having the HCE card simulation function, and the related authentication information data is stored in the HCE simulation. Data for authentication and user sensitive data in NFC transactions in SE applications. For example, in the NFC payment, the authentication information data may be user information, a password, and other data related to the payment, etc. of the payment parties.
可选地,在本发明的一些可能的实施方式中,也可以压缩并加密HCE卡模拟安全模块应用及与其相关的认证信息数据,从而保证交易数据的安全性。Optionally, in some possible implementation manners of the present invention, the HCE card analog security module application and the authentication information data associated therewith may also be compressed and encrypted to ensure the security of the transaction data.
举例说明,在手机NFC移动支付时,若支付环境出现安全风险,此时关闭HCE模拟支付通道,并将与支付相关的用户信息、密码以及其它相关的数据进行加密并压缩,保证数据的安全性。For example, when the mobile phone NFC mobile payment, if the payment environment has a security risk, the HCE analog payment channel is closed at this time, and the user information, password and other related data related to the payment are encrypted and compressed to ensure data security. .
可以理解,通过一定的方式加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据将加强这些数据的安全性。It can be understood that encrypting and compressing the host card analog security module application and its associated authentication information data in a certain way will enhance the security of the data.
可以看出,本实施例的方案中,检测终端当前的状态;若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道,从而在终端状态为不安全状态时不再继续使用主机卡模拟交易通道;加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,实现了对交易过程中数据的保护。从而在基于主机卡模拟的技术下实现了对NFC业务的安全控制。It can be seen that, in the solution of this embodiment, the current state of the terminal is detected; if the current state of the terminal is detected to be in an insecure state, the host card analog transaction channel is closed, so that the terminal state is no longer in an unsafe state. Continue to use the host card to simulate the transaction channel; encrypt and compress the host card to simulate the security module application and its associated authentication information data, to achieve data protection during the transaction process. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
可选地,在本发明的一些可能的实施方式中,可由主机或者NFC控制器来实现关闭HCE卡模拟交易通道。Optionally, in some possible implementation manners of the present invention, the HCE card analog transaction channel may be closed by a host or an NFC controller.
可选地,在本发明的一些可能的实施方式中,所述检测终端当前的状态包括以下方式中的至少一种:Optionally, in some possible implementation manners of the present invention, the detecting the current state of the terminal includes at least one of the following manners:
检测所述终端系统是否被获取超级用户权限、检测所述终端安装的应用是否官方发布、检测所述终端安装的应用是否受到病毒入侵。Detecting whether the terminal system is acquired by the super user authority, detecting whether the application installed by the terminal is officially released, and detecting whether the application installed by the terminal is infected by a virus.
其中,终端当前的安全状态包括终端自身运行环境是否安全以及终端运行的软件是否合格,当检测到终端系统被获取超级用户权限或终端安装的应用受到病毒入侵时,判断为终端自身的运行环境不安全,也即终端的状态为不安全状态,此时关闭HCE卡模拟交易通道。 The current security status of the terminal includes whether the operating environment of the terminal is secure and whether the software running on the terminal is qualified. When it is detected that the terminal system is acquired by the super user or the application installed by the terminal is infected by a virus, it is determined that the operating environment of the terminal itself is not Security, that is, the status of the terminal is unsafe. At this time, the HCE card analog transaction channel is closed.
可以理解,在上述几种情况下将会使得终端运行的应用及数据的安全受到威胁,如终端正在进行支付时,若终端被获取到超级用户权限,则和支付相关的信息将会被获取,支付交易不安全。It can be understood that in the above several cases, the security of the application and the data running by the terminal will be threatened. For example, when the terminal is making a payment, if the terminal is acquired with the super user right, the information related to the payment will be acquired. Payment transactions are not secure.
可选地,在本发明其它的一些可能的实施方式中,所述检测终端当前的状态还可以包括检测终端安装的应用是否为不合法应用或无权限应用,以及检测终端其它异常情况。Optionally, in some other possible implementation manners of the present invention, the detecting the current state of the terminal may further include detecting whether the application installed by the terminal is an illegal application or a non-privileged application, and detecting other abnormal conditions of the terminal.
可选地,在本发明的一些可能的实施方式中,所述方法还包括:Optionally, in some possible implementation manners of the present invention, the method further includes:
若检测到所述终端安装的应用为非官方发布应用、不合法应用或无权限应用则拒绝所述应用访问所述主机卡模拟交易通道。If it is detected that the application installed by the terminal is an unofficial publishing application, an illegal application, or an unauthorized application, the application is denied access to the host card analog transaction channel.
可以理解,若检测到所述终端安装的应用为非官方发布应用、合法应用或无权限应用时,此时只是终端的应用不合格,而终端本身不存在Root或其它安全风险时,此时只限制该应用对HCE卡模拟交易通道的访问,而不去关闭HCE卡模拟交易通道,使得操作简单,也能不影响其它官方应用、合法应用以及有权限应用对HCE卡模拟交易通道的访问。It can be understood that, if it is detected that the application installed in the terminal is an unofficial publishing application, a legitimate application, or a non-privileged application, only the application of the terminal is unqualified, and the terminal itself does not have a root or other security risk, Limiting the application's access to the HCE card emulation transaction channel without closing the HCE card emulation transaction channel, making the operation simple, without affecting other official applications, legitimate applications, and access to the HCE card emulation transaction channel.
可选地,在本发明的一些可能的实施方式中,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据后,所述方法还包括:Optionally, in some possible implementation manners of the present invention, after the encrypting and compressing the host card to simulate the security module application and the authentication information data associated therewith, the method further includes:
将所述主机卡模拟交易通道路由到安全模块实体中。The host card analog transaction channel is routed to the security module entity.
可以理解,当终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,从而NFC交易则无法进行,那么此时将HCE卡模拟交易通道路由到传统的SE模块中保证了交易的顺利进行,同时保证了数据的安全性。It can be understood that when the current state of the terminal is in an insecure state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, so that the NFC transaction cannot be performed, then the HCE card simulation transaction channel routing to the traditional SE module ensures the smooth progress of the transaction, while ensuring the security of the data.
可选地,在本发明的一些可能的实施方式中,所述安全模块实体为硬件实体SE模块。Optionally, in some possible implementation manners of the present disclosure, the security module entity is a hardware entity SE module.
举例说明,在本发明的一些可能的实施方式中,当利用手机进行NFC移动支付时,若检测到手机被Root,为了保证支付的安全性,关闭HCE模拟交易通道,加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,并同时将HCE模拟交易通道路由到实体SE中,从而消除了支付风险并保证了交易的顺利进行。For example, in some possible implementation manners of the present invention, when the mobile phone is used for NFC mobile payment, if the mobile phone is detected to be Root, in order to ensure the security of payment, the HCE analog transaction channel is closed, and the host card is simulated and encrypted. The module application and its associated authentication information data, and at the same time routing the HCE simulated trading channel to the entity SE, thereby eliminating the payment risk and ensuring the smooth progress of the transaction.
可选地,在本发明的一些可能的实施方式中,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,包括: Optionally, in some possible implementation manners of the present invention, the encrypting and compressing the host card to simulate the security module application and the authentication information data related thereto include:
通过主机卡模拟手机钱包对应的个人识别密码或用户自设定的密码对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密。The host card analog security module application and its associated authentication information data are encrypted by the host card emulating the personal identification password corresponding to the mobile wallet or the user-set password.
可选地,在本发明的一些可能的实施方式中,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据还可以通过其它以一定的编码规则形成的密码对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密。Optionally, in some possible implementation manners of the present invention, the encrypting and compressing the host card emulation security module application and the authentication information data related thereto may also use the password formed by a certain encoding rule to the host card. The analog security module application and its associated authentication information data are encrypted.
可以理解,利用主机卡模拟手机钱包对应的个人识别密码(主机HCE钱包PIN码)对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密符合NFC交易中的密码设置方式,保证密码安全性。It can be understood that using the host card to simulate the personal identification password (host HCE wallet PIN code) of the mobile phone wallet, the host card analog security module application and the authentication information data related thereto are encrypted according to the password setting manner in the NFC transaction, and the password is guaranteed. safety.
可选地,在本发明的一些可能的实施方式中,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据后,所述方法还包括:Optionally, in some possible implementation manners of the present invention, after the encrypting and compressing the host card to simulate the security module application and the authentication information data associated therewith, the method further includes:
检测所述终端当前的状态;Detecting a current state of the terminal;
若检测到所述终端当前的状态为安全状态,开启所述主机卡模拟交易通道;If it is detected that the current state of the terminal is a security state, the host card is simulated to open a transaction channel;
解压并解密主机卡模拟安全模块应用及与其相关的认证信息数据。Decompress and decrypt the host card to simulate the security module application and its associated authentication information data.
可选地,在本发明的一些可能的实施方式中,在终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,继续以一定的频率检测终端当前的状态。Optionally, in some possible implementation manners of the present invention, when the current state of the terminal is an unsecured state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed. Continue to detect the current state of the terminal at a certain frequency.
可以理解,在终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,再持续不断地以一定的频率检测终端当前的状态,并在终端当前的状态为安全状态后,开启HCE模拟交易通道,并恢复HCE模拟SE应用及相关认证信息数据,从而可以在终端的安全状态恢复后,及时恢复HCE模拟交易通道。It can be understood that when the current state of the terminal is in an insecure state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, and then the terminal is continuously detected at a certain frequency. After the current state of the terminal is in a safe state, the HCE simulated transaction channel is opened, and the HCE simulated SE application and related authentication information data are restored, so that the HCE simulated transaction channel can be restored in time after the security state of the terminal is restored.
可选地,在本发明的一些可能的实施方式中,可由主机或者NFC控制器来实现开启HCE卡模拟交易通道。Optionally, in some possible implementation manners of the present invention, the HCE card analog transaction channel is enabled by the host or the NFC controller.
可选地,在本发明的一些可能的实施方式中,恢复HCE模拟交易通道时,可以解密并解压主机卡模拟安全模块应用及与其相关的认证信息数据。Optionally, in some possible implementation manners of the present invention, when the HCE simulated transaction channel is restored, the host card analog security module application and the authentication information data associated therewith may be decrypted and decompressed.
可选地,在本发明的一些可能的实施方式中,若检测到所述终端当前的状态为安全状态,则再次将HCE卡模拟交易通道从SE实体中路由到HCE卡模拟交易通道中。Optionally, in some possible implementation manners of the present invention, if it is detected that the current state of the terminal is a security state, the HCE card analog transaction channel is again routed from the SE entity to the HCE card analog transaction channel.
举例说明,在手机NCF支付时,当系统被Root后,对模拟支付通道进行关 闭并将HCE模拟SE应用以及相关认证信息数据进行保护,同时将HCE模拟交易通道路由到实体SE模拟中后,继续检测终端的安全状态,当检测到终端的不安全因素已经排除后,则开启原有的HCE模拟支付通道,将相关应用及数据进行释放,并再次将交易通道从实体SE路由到HCE模拟支付通道中,恢复HCE卡模拟交易功能。For example, when the mobile phone NCF pays, when the system is rooted, the analog payment channel is closed. Close and protect the HCE simulated SE application and related authentication information data, and then route the HCE simulated transaction channel to the entity SE simulation, continue to detect the security status of the terminal, and when it detects that the terminal's insecure factor has been eliminated, then it is turned on. The original HCE analog payment channel releases relevant applications and data, and routes the transaction channel from the entity SE to the HCE analog payment channel again to restore the HCE card simulation transaction function.
为了便于更好理解和实施本发明实施例的上述方案,下面结合一些具体的应用场景进行举例说明。In order to facilitate the better understanding and implementation of the foregoing solutions of the embodiments of the present invention, the following is exemplified in conjunction with some specific application scenarios.
请参见图2,图2是本发明的另一个实施例提供的另一种安全控制方法的流程示意图,其中,如图2所示,本发明的另一个实施例提供的另一种安全控制方法可以包括:Referring to FIG. 2, FIG. 2 is a schematic flowchart diagram of another security control method according to another embodiment of the present invention, where another security control method provided by another embodiment of the present invention is shown in FIG. Can include:
S201、检测终端当前的状态。S201. Detect a current state of the terminal.
其中,终端为手机、平板电脑等能安装Android系统的智能终端,支持HCE,具备NFC功能。终端当前的状态指终端当前的运行环境的状态,比如是否安全等。Among them, the terminal is a smart terminal capable of installing an Android system such as a mobile phone or a tablet computer, supports HCE, and has an NFC function. The current status of the terminal refers to the status of the current operating environment of the terminal, such as whether it is secure or not.
其中,HCE指基于主机的卡模拟,在配备NFC功能的终端上实现卡模拟时,不需要提供SE,由在终端上运行的一个应用或者云端的服务器来完成SE的功能,此时NFC芯片接收到的数据由操作系统、或发送至终端中的应用、或通过移动网络发送至云端的服务器来完成交互。例如,在NFC手机中,可以通过手机中的应用来模拟安全模块SE。The HCE refers to the host-based card emulation. When the card emulation is implemented on the NFC-enabled terminal, the SE does not need to be provided. The SE function is implemented by an application running on the terminal or a cloud server. At this time, the NFC chip receives the function. The data obtained is completed by the operating system, or an application sent to the terminal, or a server sent to the cloud through the mobile network. For example, in an NFC mobile phone, the security module SE can be simulated by an application in the mobile phone.
其中,安全模块SE指用于存储NFC应用和用户敏感数据以及实现安全密钥运算的芯片模块,是NFC卡模拟的核心,安全模块还通过非接前端与外部读写设备进行通信,实现数据存储及交易过程的安全性。The security module SE refers to a chip module for storing NFC application and user sensitive data and realizing security key operation, and is the core of the NFC card simulation. The security module also communicates with the external read/write device through the non-connected front end to realize data storage. And the security of the transaction process.
可选地,在本发明的一些可能的实施方式中,NFC终端可包括硬件安全模块SE,提供对敏感信息的安全存储和为交易事务提供一个安全的执行环境,其中,SE可以集成到SIM卡、SD卡或终端芯片中。Optionally, in some possible implementation manners of the present invention, the NFC terminal may include a hardware security module SE, providing secure storage of sensitive information and providing a secure execution environment for transaction transactions, wherein the SE may be integrated into the SIM card , SD card or terminal chip.
可选地,在本发明的一些可能的实施方式中,可在具有NFC功能的终端上安装Android4.4系统,由于Android4.4系统支持HCE功能,从而可在Android4.4系统上实现HCE功能,利用HCE模拟SE应用。Optionally, in some possible implementation manners of the present invention, the Android 4.4 system can be installed on the NFC-enabled terminal. Since the Android 4.4 system supports the HCE function, the HCE function can be implemented on the Android 4.4 system. Simulate SE applications with HCE.
可选地,在本发明的其它一些可能的实施方式中,如果具有NFC功能的终端系统是Android4.4之前的版本,则可以将终端系统升级到Android4.4系统。 从而可以实现对HCE功能的支持。Optionally, in some other possible implementation manners of the present invention, if the NFC-enabled terminal system is a version prior to Android 4.4, the terminal system may be upgraded to the Android 4.4 system. This enables support for HCE functions.
可选地,在本发明的一些可能的实施方式中,支持HCE功能的终端可在终端上用APP(Application,应用程序)应用程序模拟卡,实现主机卡模拟的功能,同时该终端也支持其它传统的SE方案,如硬件SE模块,也即终端同时兼容HCE和传统的SE。Optionally, in some possible implementation manners of the present invention, the terminal supporting the HCE function may use an APP (Application) application emulation card on the terminal to implement the function of the host card emulation, and the terminal also supports other functions. Traditional SE solutions, such as hardware SE modules, that is, terminals are compatible with both HCE and traditional SE.
举例进行说明,在本发明的一些可能的实施方式中,对于一个具有NFC功能的Android4.4系统的手机终端,支持HCE功能,从而可通过HCE实现对SE的卡模块,同时该手机终端上具有硬件SE模块,所以可以理解,该手机终端同时兼容HCE卡模拟以及传统的硬件SE功能。For example, in some possible implementation manners of the present invention, for a mobile phone terminal with an NFC-enabled Android 4.4 system, the HCE function is supported, so that the card module for the SE can be implemented by the HCE, and the mobile phone terminal has Hardware SE module, so it can be understood that the mobile terminal is compatible with both HCE card emulation and traditional hardware SE functions.
可选地,在本发明的一些可能的实施方式中,终端当前的状态可以为安全状态,也可以为不安全状态。Optionally, in some possible implementation manners of the present invention, the current state of the terminal may be a security state or an unsecured state.
可选地,在本发明的一些可能的实施方式中,终端在HCE模拟交易通道开启后,以一定的频率检测终端当前的安全状态。Optionally, in some possible implementation manners of the present invention, after detecting that the HCE analog transaction channel is enabled, the terminal detects the current security state of the terminal at a certain frequency.
可选地,在本发明的一些可能的实施方式中,所述检测终端当前的状态包括以下方式中的至少一种:Optionally, in some possible implementation manners of the present invention, the detecting the current state of the terminal includes at least one of the following manners:
检测所述终端系统是否被获取超级用户权限、检测所述终端安装的应用是否官方发布、检测所述终端安装的应用是否受到病毒入侵。Detecting whether the terminal system is acquired by the super user authority, detecting whether the application installed by the terminal is officially released, and detecting whether the application installed by the terminal is infected by a virus.
其中,终端当前的安全状态包括终端自身运行环境是否安全以及终端运行的软件是否合格,当检测到终端系统被获取超级用户权限或终端安装的应用受到病毒入侵时,判断为终端自身的运行环境不安全,也即终端的状态为不安全状态,此时关闭HCE卡模拟交易通道。The current security status of the terminal includes whether the operating environment of the terminal is secure and whether the software running on the terminal is qualified. When it is detected that the terminal system is acquired by the super user or the application installed by the terminal is infected by a virus, it is determined that the operating environment of the terminal itself is not Security, that is, the status of the terminal is unsafe. At this time, the HCE card analog transaction channel is closed.
可以理解,在上述几种情况下将会使得终端运行的应用及数据的安全受到威胁,如终端正在进行支付时,若终端被获取到超级用户权限,则和支付相关的信息将会被获取,支付交易不安全。It can be understood that in the above several cases, the security of the application and the data running by the terminal will be threatened. For example, when the terminal is making a payment, if the terminal is acquired with the super user right, the information related to the payment will be acquired. Payment transactions are not secure.
可选地,在本发明其它的一些可能的实施方式中,所述检测终端当前的状态还可以包括其它检测影响终端运行环境安全的情况。Optionally, in some other possible implementation manners of the present invention, the current state of the detecting terminal may further include other conditions that affect the security of the operating environment of the terminal.
S202、若检测到终端当前的状态为不安全状态,则关闭主机卡模拟交易通道。S202. If it is detected that the current state of the terminal is an unsafe state, the host card analog transaction channel is closed.
其中,不安全状态指终端的运行环境不安全,导致运行在终端当前的数据有可能被窃取或者破坏,从而导致终端当前所进行的交易不安全,如终端系统 被Root、终端安装的应用否受到病毒入侵等。The insecure state means that the operating environment of the terminal is not secure, and the current data running on the terminal may be stolen or destroyed, thereby causing the current transaction of the terminal to be unsafe, such as the terminal system. Applications that are installed by the root or terminal are not infected by viruses.
其中,主机卡模块交易通道(即HCE卡模拟交易通道)是指利用HCE技术模拟SE安全模块完成NFC交易的通道,此时NFC芯片作为非接触通讯前端,将从外部读写器接收到命令,转发到模拟SE的应用,然后由模拟SE的应用进行回复。而传统的基于硬件的NFC交易通道是NFC芯片作为非接触通讯前端,将从外部读写器接收到命令,转发到SE,然后由SE进行回复。The host card module transaction channel (ie, the HCE card analog transaction channel) refers to the channel that uses the HCE technology to simulate the SE security module to complete the NFC transaction. At this time, the NFC chip acts as a contactless communication front end and receives commands from the external reader. Forward to the application of the simulated SE and then reply by the application simulating the SE. The traditional hardware-based NFC transaction channel is the NFC chip as a contactless communication front-end, which will receive commands from the external reader, forward it to the SE, and then reply by the SE.
例如,在一部具有HCE功能的NFC手机中,通过APP应用模拟SE,从而实现HCE模拟交易通道,即主机卡模拟交易通道。For example, in an HFC-enabled NFC mobile phone, the SE is simulated by the APP application, thereby implementing the HCE analog transaction channel, that is, the host card simulation transaction channel.
举例说明,在本发明的一些可能的实施方式中,当终端为手机时,利用手机NFC进行支付,当手机的系统被Root后,存储在手机系统中的数据很容易被窃取或破坏,此时终端的当前状态为不安全状态,那么关闭HCE模拟交易通道,从而终止该通道所进行的支付交易。For example, in some possible implementation manners of the present invention, when the terminal is a mobile phone, the mobile phone NFC is used for payment. When the mobile phone system is rooted, the data stored in the mobile phone system is easily stolen or destroyed. If the current state of the terminal is unsafe, the HCE analog transaction channel is closed, thereby terminating the payment transaction performed by the channel.
可选地,在本发明的一些可能的实施方式中,可由主机或者NFC控制器来实现关闭HCE卡模拟交易通道。Optionally, in some possible implementation manners of the present invention, the HCE card analog transaction channel may be closed by a host or an NFC controller.
可以理解,关闭主机卡模拟交易通道可以在终端当前状态为不安全状态时不再使用该交易通道进行交易,从而阻止了不安全交易的发生。It can be understood that closing the host card simulation transaction channel can no longer use the transaction channel to conduct transactions when the current state of the terminal is unsafe, thereby preventing the occurrence of unsafe transactions.
可选地,在本发明的一些可能的实施方式中,所述方法还包括:Optionally, in some possible implementation manners of the present invention, the method further includes:
若检测到所述终端安装的应用为非官方发布应用、不合法应用或无权限应用,则拒绝所述应用访问所述主机卡模拟交易通道。If it is detected that the application installed by the terminal is an unofficial publishing application, an illegal application, or an unprivileged application, the application is denied access to the host card analog transaction channel.
可以理解,若检测到所述终端安装的应用为非官方发布应用、合法应用或无权限应用时,此时只是终端的应用不合格,而终端本身不存在Root或其它安全风险时,此时只限制该应用对HCE卡模拟交易通道的访问,而不去关闭HCE卡模拟交易通道,使得操作简单,也能不影响其它官方应用、合法应用以及有权限应用对HCE卡模拟交易通道的访问。It can be understood that, if it is detected that the application installed in the terminal is an unofficial publishing application, a legitimate application, or a non-privileged application, only the application of the terminal is unqualified, and the terminal itself does not have a root or other security risk, Limiting the application's access to the HCE card emulation transaction channel without closing the HCE card emulation transaction channel, making the operation simple, without affecting other official applications, legitimate applications, and access to the HCE card emulation transaction channel.
S203、加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据。S203: Encrypt and compress the host card to simulate the security module application and the authentication information data related thereto.
其中,在NFC终端中,主机卡模拟安全模块应用(即HCE模拟SE应用)指在具有HCE卡模拟功能的终端上模拟SE安全模块的APP应用,与其相关的认证信息数据是指存储在HCE模拟SE应用中的NFC交易中用于认证的数据和用户敏感数据。例如,在NFC支付中,该认证信息数据可以为支付双方的用户信息、密码、以及与支付相关的其它数据等。 In the NFC terminal, the host card analog security module application (ie, the HCE analog SE application) refers to an APP application that simulates the SE security module on the terminal having the HCE card simulation function, and the related authentication information data is stored in the HCE simulation. Data for authentication and user sensitive data in NFC transactions in SE applications. For example, in the NFC payment, the authentication information data may be user information, a password, and other data related to the payment, etc. of the payment parties.
可选地,在本发明的一些可能的实施方式中,也可以压缩并加密HCE卡模拟安全模块应用及与其相关的认证信息数据,从而保证交易数据的安全性。Optionally, in some possible implementation manners of the present invention, the HCE card analog security module application and the authentication information data associated therewith may also be compressed and encrypted to ensure the security of the transaction data.
举例说明,在手机NFC移动支付时,若支付环境出现安全风险,此时关闭HCE模拟支付通道,并将与支付相关的用户信息、密码以及其它相关的数据进行加密并压缩,保证数据的安全性。For example, when the mobile phone NFC mobile payment, if the payment environment has a security risk, the HCE analog payment channel is closed at this time, and the user information, password and other related data related to the payment are encrypted and compressed to ensure data security. .
可以理解,通过一定的方式加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据将加强这些数据的安全性。It can be understood that encrypting and compressing the host card analog security module application and its associated authentication information data in a certain way will enhance the security of the data.
可选地,在本发明的一些可能的实施方式中,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,包括:Optionally, in some possible implementation manners of the present invention, the encrypting and compressing the host card to simulate the security module application and the authentication information data related thereto include:
通过主机卡模拟手机钱包对应的个人识别密码或用户自设定的密码对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密。The host card analog security module application and its associated authentication information data are encrypted by the host card emulating the personal identification password corresponding to the mobile wallet or the user-set password.
可选地,在本发明的一些可能的实施方式中,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据还可以通过其它以一定的编码规则形成的密码对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密。Optionally, in some possible implementation manners of the present invention, the encrypting and compressing the host card emulation security module application and the authentication information data related thereto may also use the password formed by a certain encoding rule to the host card. The analog security module application and its associated authentication information data are encrypted.
可以理解,利用主机卡模拟手机钱包对应的个人识别密码(主机HCE钱包PIN码)对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密符合NFC交易中的密码设置方式,保证密码安全性。It can be understood that using the host card to simulate the personal identification password (host HCE wallet PIN code) of the mobile phone wallet, the host card analog security module application and the authentication information data related thereto are encrypted according to the password setting manner in the NFC transaction, and the password is guaranteed. safety.
S204、将主机卡模拟交易通道路由到安全模块实体中。S204. Route the host card analog transaction channel to the security module entity.
可以理解,当终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,从而NFC交易则无法进行,那么此时将HCE卡模拟交易通道路由到传统的SE模块中保证了交易的顺利进行,同时保证了数据的安全性。It can be understood that when the current state of the terminal is in an insecure state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, so that the NFC transaction cannot be performed, then the HCE card simulation transaction channel routing to the traditional SE module ensures the smooth progress of the transaction, while ensuring the security of the data.
可选地,在本发明的一些可能的实施方式中,所述安全模块实体为硬件实体SE模块。Optionally, in some possible implementation manners of the present disclosure, the security module entity is a hardware entity SE module.
举例说明,在本发明的一些可能的实施方式中,当利用手机进行NFC移动支付时,若检测到手机被Root,为了保证支付的安全性,关闭HCE模拟交易通道,加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,并同时将HCE模拟交易通道路由到实体SE中,从而消除了支付风险并保证了交易的顺利进行。 For example, in some possible implementation manners of the present invention, when the mobile phone is used for NFC mobile payment, if the mobile phone is detected to be Root, in order to ensure the security of payment, the HCE analog transaction channel is closed, and the host card is simulated and encrypted. The module application and its associated authentication information data, and at the same time routing the HCE simulated trading channel to the entity SE, thereby eliminating the payment risk and ensuring the smooth progress of the transaction.
S205、再次检测终端当前的状态。S205. Detect the current state of the terminal again.
可选地,在本发明的一些可能的实施方式中,在终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,继续以一定的频率检测终端当前的状态。Optionally, in some possible implementation manners of the present invention, when the current state of the terminal is an unsecured state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed. Continue to detect the current state of the terminal at a certain frequency.
可以理解,在终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,再持续不断地以一定的频率检测终端当前的状态,可以实时观察终端的状态,在终端的状态发生改变时及时做出响应。It can be understood that when the current state of the terminal is in an insecure state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, and then the terminal is continuously detected at a certain frequency. The state of the terminal can be observed in real time, and the response is timely when the state of the terminal changes.
S206、若检测到终端当前的状态为安全状态,开启主机卡模拟交易通道。S206. If it is detected that the current state of the terminal is a safe state, start the host card to simulate the transaction channel.
可选地,在本发明的一些可能的实施方式中,可由主机或者NFC控制器来实现开启HCE卡模拟交易通道。Optionally, in some possible implementation manners of the present invention, the HCE card analog transaction channel is enabled by the host or the NFC controller.
可选地,若再次检测到终端当前的状态为不安全状态时,不进行任何动作。Optionally, if it is detected again that the current state of the terminal is an unsafe state, no action is taken.
S207、解压并解密主机卡模拟安全模块应用及与其相关的认证信息数据。S207. Decompress and decrypt the host card to simulate the security module application and the authentication information data related thereto.
可选地,在本发明的一些可能的实施方式中,若保护主机卡模拟安全模块应用及与其相关的认证信息数据的动作为压缩并加密时,可以解密并解压主机卡模拟安全模块应用及与其相关的认证信息数据。Optionally, in some possible implementation manners of the present invention, if the action of protecting the host card emulation security module application and the authentication information data associated therewith is compressed and encrypted, the host card emulation security module application may be decrypted and decompressed and Relevant authentication information data.
可以理解,在终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,再持续不断地以一定的频率检测终端当前的状态,并在终端当前的状态为安全状态后,开启HCE模拟交易通道,并恢复HCE模拟SE应用及相关认证信息数据,从而可以在终端的安全状态恢复后,及时恢复HCE模拟交易通道。It can be understood that when the current state of the terminal is in an insecure state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, and then the terminal is continuously detected at a certain frequency. After the current state of the terminal is in a safe state, the HCE simulated transaction channel is opened, and the HCE simulated SE application and related authentication information data are restored, so that the HCE simulated transaction channel can be restored in time after the security state of the terminal is restored.
可选地,在本发明的一些可能的实施方式中,解密主机卡模拟安全模块应用及与其相关的认证信息数据的密码为加密主机卡模拟安全模块应用及与其相关的认证信息数据时的密码,一般为主机HCE钱包PIN码。Optionally, in some possible implementation manners of the present invention, the password of the decryption host card emulation security module application and the authentication information data associated therewith is a password when the encryption host card emulates the security module application and the authentication information data associated therewith, Generally it is the host HCE wallet PIN code.
举例说明,在手机NCF支付时,当系统被Root后,对模拟支付通道进行关闭并将HCE模拟SE应用以及相关认证信息数据进行保护,同时将HCE模拟交易通道路由到实体SE模拟中后,继续检测终端的安全状态,当检测到终端的不安全因素已经排除后,则开启原有的HCE模拟支付通道,将相关应用及数据进行释放,并再次将交易通道从实体SE路由到HCE模拟支付通道中,恢复HCE卡模拟交易功能。 For example, when the mobile phone NCF pays, when the system is rooted, the analog payment channel is closed and the HCE simulated SE application and related authentication information data are protected, and the HCE simulated transaction channel is routed to the entity SE simulation, and then continues. Detecting the security status of the terminal. When it is detected that the insecure factor of the terminal has been eliminated, the original HCE analog payment channel is opened, the related application and data are released, and the transaction channel is again routed from the entity SE to the HCE analog payment channel. In the recovery of the HCE card simulation transaction function.
可以看出,本实施例的方案中,检测终端当前的状态;若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道,从而在终端状态为不安全状态时不再继续使用主机卡模拟交易通道;加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,实现了对交易过程中数据的保护。从而在基于主机卡模拟的技术下实现了对NFC业务的安全控制。It can be seen that, in the solution of this embodiment, the current state of the terminal is detected; if the current state of the terminal is detected to be in an insecure state, the host card analog transaction channel is closed, so that the terminal state is no longer in an unsafe state. Continue to use the host card to simulate the transaction channel; encrypt and compress the host card to simulate the security module application and its associated authentication information data, to achieve data protection during the transaction process. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
下面再举例一个更为具体的应用场景。Let's take a more specific application scenario below.
例如,当终端为安装Android4.4系统的手机时,具有NFC功能,支持HCE技术,从而可在手机上通过HCE模拟SE应用来实现NFC的软件模拟。当利用NFC进行移动支付时,首先检测手机的状态,如手机是否被Root、支付软件是否官方发布、手机上安装的软件是否受到病毒入侵等,若检测到手机被Root,用户可以取得系统的最高权限,从而就可以取得存储的SE或认证信息,恶意用户可能通过其它方式访问终端的存储系统,并且获取存储于应用中的敏感数据去完成一些伪卡的交易,这将会给支付者带来极大的安全风险,所以手机在检测到该安全风险后,再通过NFC控制器关闭HCE卡模拟交易通道,同时通过HCE手机钱包对应的PIN码加密并压缩存储HCE模拟SE应用及相关认证数据信息,保证数据的安全性。For example, when the terminal is a mobile phone with an Android 4.4 system installed, it has an NFC function and supports HCE technology, so that the NFC software simulation can be implemented on the mobile phone through the HCE analog SE application. When using NFC for mobile payment, first check the status of the mobile phone, such as whether the mobile phone is rooted, whether the payment software is officially released, whether the software installed on the mobile phone is infected by a virus, etc. If the mobile phone is detected to be root, the user can obtain the highest system. Permission, so that the stored SE or authentication information can be obtained. The malicious user may access the terminal's storage system by other means, and obtain sensitive data stored in the application to complete some pseudo-card transactions, which will bring the payer Great security risk, so after detecting the security risk, the mobile phone closes the HCE card simulation transaction channel through the NFC controller, and encrypts and compresses the HCE simulated SE application and related authentication data information through the PIN code corresponding to the HCE mobile wallet. To ensure the security of the data.
更进一步地,当检测到支付软件为非官方发布软件时,拒绝该支付软件访问HCE卡模拟交易通道,从而可以杜绝支付软件带来的不安全因素。Further, when it is detected that the payment software is an unofficial release software, the payment software is denied access to the HCE card analog transaction channel, thereby eliminating the insecurities caused by the payment software.
更进一步地,当关闭HCE卡模拟交易通道后,可以将HCE卡模拟交易通道路由到SE实体中。Further, after the HCE card analog transaction channel is closed, the HCE card analog transaction channel can be routed to the SE entity.
更进一步地,当关闭手机Root权限后,再次检测手机的状态是否安全时,此时将检测到手机的状态为安全状态,恢复HCE卡模拟交易通道,同时解压并解密HCE模拟SE应用及相关认证数据信息,此时不再由实体SE进行NFC交易。Further, when the mobile phone root authority is turned off, and the state of the mobile phone is detected again, the state of the mobile phone is detected as a safe state, the HCE card simulation transaction channel is restored, and the HCE simulated SE application and related authentication are decompressed and decrypted. Data information, at this time no NFC transactions are performed by the entity SE.
请参见图3,图3是本发明的一个实施例提供的一种安全控制装置的结构示意图,其中,如图3所示,本发明的一个实施例提供的一种安全控制装置300可以包括:Referring to FIG. 3, FIG. 3 is a schematic structural diagram of a security control apparatus according to an embodiment of the present invention. As shown in FIG. 3, a security control apparatus 300 according to an embodiment of the present invention may include:
第一检测模块310、关闭模块320和加密模块330。The first detection module 310, the shutdown module 320, and the encryption module 330.
其中,第一检测模块310用于检测终端当前的状态。The first detecting module 310 is configured to detect a current state of the terminal.
其中,终端为手机、平板电脑等能安装Android系统的智能终端,支持HCE, 具备NFC功能。终端当前的状态指终端当前的运行环境的状态,比如是否安全等。Among them, the terminal is a smart terminal capable of installing an Android system such as a mobile phone or a tablet computer, and supports HCE. With NFC capabilities. The current status of the terminal refers to the status of the current operating environment of the terminal, such as whether it is secure or not.
其中,HCE指基于主机的卡模拟,在配备NFC功能的终端上实现卡模拟时,不需要提供SE,由在终端上运行的一个应用或者云端的服务器来完成SE的功能,此时NFC芯片接收到的数据由操作系统、或发送至终端中的应用、或通过移动网络发送至云端的服务器来完成交互。例如,在NFC手机中,可以通过手机中的应用来模拟安全模块SE。The HCE refers to the host-based card emulation. When the card emulation is implemented on the NFC-enabled terminal, the SE does not need to be provided. The SE function is implemented by an application running on the terminal or a cloud server. At this time, the NFC chip receives the function. The data obtained is completed by the operating system, or an application sent to the terminal, or a server sent to the cloud through the mobile network. For example, in an NFC mobile phone, the security module SE can be simulated by an application in the mobile phone.
其中,安全模块SE指用于存储NFC应用和用户敏感数据以及实现安全密钥运算的芯片模块,是NFC卡模拟的核心,安全模块还通过非接前端与外部读写设备进行通信,实现数据存储及交易过程的安全性。The security module SE refers to a chip module for storing NFC application and user sensitive data and realizing security key operation, and is the core of the NFC card simulation. The security module also communicates with the external read/write device through the non-connected front end to realize data storage. And the security of the transaction process.
可选地,在本发明的一些可能的实施方式中,NFC终端可包括硬件安全模块SE,提供对敏感信息的安全存储和为交易事务提供一个安全的执行环境,其中,SE可以集成到SIM卡、SD卡或终端芯片中。Optionally, in some possible implementation manners of the present invention, the NFC terminal may include a hardware security module SE, providing secure storage of sensitive information and providing a secure execution environment for transaction transactions, wherein the SE may be integrated into the SIM card , SD card or terminal chip.
可选地,在本发明的一些可能的实施方式中,可在具有NFC功能的终端上安装Android4.4系统,由于Android4.4系统支持HCE功能,从而可在Android4.4系统上实现HCE功能,利用HCE模拟SE应用。Optionally, in some possible implementation manners of the present invention, the Android 4.4 system can be installed on the NFC-enabled terminal. Since the Android 4.4 system supports the HCE function, the HCE function can be implemented on the Android 4.4 system. Simulate SE applications with HCE.
可选地,在本发明的其它一些可能的实施方式中,如果具有NFC功能的终端系统是Android4.4之前的版本,则可以将终端系统升级到Android4.4系统。从而可以实现对HCE功能的支持。Optionally, in some other possible implementation manners of the present invention, if the NFC-enabled terminal system is a version prior to Android 4.4, the terminal system may be upgraded to the Android 4.4 system. This enables support for HCE functions.
可选地,在本发明的一些可能的实施方式中,支持HCE功能的终端可在终端上用APP(Application,应用程序)应用程序模拟卡,实现主机卡模拟的功能,同时该终端也支持其它传统的SE模拟卡技术,如硬件SE模块,也即终端同时兼容HCE和传统的SE。Optionally, in some possible implementation manners of the present invention, the terminal supporting the HCE function may use an APP (Application) application emulation card on the terminal to implement the function of the host card emulation, and the terminal also supports other functions. Traditional SE analog card technology, such as hardware SE module, that is, the terminal is compatible with both HCE and traditional SE.
举例进行说明,对于一个具有NFC功能的Android4.4系统的手机终端,支持HCE功能,从而可通过HCE实现对SE的卡模块,同时该手机终端上具有硬件SE模块,所以可以理解,该手机终端同时兼容HCE卡模拟以及传统的硬件SE功能。For example, the mobile terminal of the Android 4.4 system with NFC function supports the HCE function, so that the card module of the SE can be realized by the HCE, and the hardware SE module is provided on the mobile terminal, so it can be understood that the mobile terminal It is also compatible with HCE card emulation and traditional hardware SE functions.
可选地,在本发明的一些可能的实施方式中,终端当前的状态可以为安全状态,也可以为不安全状态。Optionally, in some possible implementation manners of the present invention, the current state of the terminal may be a security state or an unsecured state.
可选地,在本发明的一些可能的实施方式中,终端在HCE模拟交易通道开 启后,以一定的频率检测终端当前的安全状态。Optionally, in some possible implementation manners of the present invention, the terminal is opened in the HCE analog transaction channel. After the start, the current security status of the terminal is detected at a certain frequency.
关闭模块320,用于若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道。The closing module 320 is configured to close the host card analog transaction channel if it is detected that the current state of the terminal is an unsafe state.
其中,不安全状态指终端的运行环境不安全,导致运行在终端当前的数据有可能被窃取或者破坏,从而导致终端当前所进行的交易不安全。The insecure state means that the operating environment of the terminal is not secure, and the current data running on the terminal may be stolen or destroyed, thereby causing the current transaction of the terminal to be unsafe.
其中,主机卡模块交易通道(即HCE卡模拟交易通道)是指利用HCE技术模拟SE安全模块完成NFC交易的通道,此时NFC芯片作为非接触通讯前端,将从外部读写器接收到命令,转发到模拟SE的应用,然后由模拟SE的应用进行回复。而传统的基于硬件的NFC交易通道是NFC芯片作为非接触通讯前端,将从外部读写器接收到命令,转发到SE,然后由SE进行回复。The host card module transaction channel (ie, the HCE card analog transaction channel) refers to the channel that uses the HCE technology to simulate the SE security module to complete the NFC transaction. At this time, the NFC chip acts as a contactless communication front end and receives commands from the external reader. Forward to the application of the simulated SE and then reply by the application simulating the SE. The traditional hardware-based NFC transaction channel is the NFC chip as a contactless communication front-end, which will receive commands from the external reader, forward it to the SE, and then reply by the SE.
例如,在一部具有HCE功能的NFC手机中,通过APP应用模拟SE,从而实现HCE模拟交易通道,即主机卡模拟交易通道。For example, in an HFC-enabled NFC mobile phone, the SE is simulated by the APP application, thereby implementing the HCE analog transaction channel, that is, the host card simulation transaction channel.
举例说明,在本发明的一些可能的实施方式中,当终端为手机时,利用手机NFC进行支付,当手机的系统被Root后,存储在手机系统中的数据很容易被窃取或破坏,此时终端的当前状态为不安全状态,那么关闭HCE模拟交易通道,从而终止该通道所进行的支付交易。For example, in some possible implementation manners of the present invention, when the terminal is a mobile phone, the mobile phone NFC is used for payment. When the mobile phone system is rooted, the data stored in the mobile phone system is easily stolen or destroyed. If the current state of the terminal is unsafe, the HCE analog transaction channel is closed, thereby terminating the payment transaction performed by the channel.
可以理解,关闭主机卡模拟交易通道可以在终端当前状态为不安全状态时不再使用该交易通道进行交易,从而阻止了不安全交易的发生。It can be understood that closing the host card simulation transaction channel can no longer use the transaction channel to conduct transactions when the current state of the terminal is unsafe, thereby preventing the occurrence of unsafe transactions.
加密模块330,用于加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据。The encryption module 330 is configured to encrypt and compress the host card to simulate the security module application and the authentication information data associated therewith.
其中,在NFC终端中,主机卡模拟安全模块应用(即HCE模拟SE应用)指在具有HCE卡模拟功能的终端上模拟SE安全模块的APP应用,与其相关的认证信息数据是指存储在HCE模拟SE应用中的NFC交易中用于认证的数据和用户敏感数据。例如,在NFC支付中,该认证信息数据可以为支付双方的用户信息、密码、以及与支付相关的其它数据等。In the NFC terminal, the host card analog security module application (ie, the HCE analog SE application) refers to an APP application that simulates the SE security module on the terminal having the HCE card simulation function, and the related authentication information data is stored in the HCE simulation. Data for authentication and user sensitive data in NFC transactions in SE applications. For example, in the NFC payment, the authentication information data may be user information, a password, and other data related to the payment, etc. of the payment parties.
可选地,在本发明的一些可能的实施方式中,也可以压缩并加密HCE卡模拟安全模块应用及与其相关的认证信息数据,从而保证交易数据的安全性。Optionally, in some possible implementation manners of the present invention, the HCE card analog security module application and the authentication information data associated therewith may also be compressed and encrypted to ensure the security of the transaction data.
举例说明,在手机NFC移动支付时,若支付环境出现安全风险,此时关闭HCE模拟支付通道,并将与支付相关的用户信息、密码以及其它相关的数据进行加密并压缩,保证数据的安全性。 For example, when the mobile phone NFC mobile payment, if the payment environment has a security risk, the HCE analog payment channel is closed at this time, and the user information, password and other related data related to the payment are encrypted and compressed to ensure data security. .
可以理解,通过一定的方式加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据将加强这些数据的安全性。It can be understood that encrypting and compressing the host card analog security module application and its associated authentication information data in a certain way will enhance the security of the data.
可以理解的是,本实施例的安全控制装置300的各功能模块的功能可根据上述方法实施例中的方法具体实现,其具体实现过程可以参照上述方法实施例的相关描述,此处不再赘述。It is to be understood that the functions of the functional modules of the security control device 300 of the present embodiment may be specifically implemented according to the method in the foregoing method embodiments. For the specific implementation process, reference may be made to the related description of the foregoing method embodiments, and details are not described herein again. .
可以看出,本实施例的方案中,安全控制装置300检测终端当前的状态;安全控制装置300若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道,从而在终端状态为不安全状态时不再继续使用主机卡模拟交易通道;安全控制装置300加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,实现了对交易过程中数据的保护。从而在基于主机卡模拟的技术下实现了对NFC业务的安全控制。It can be seen that, in the solution of the embodiment, the security control device 300 detects the current state of the terminal; if the security control device 300 detects that the current state of the terminal is unsafe, the host controller simulates the transaction channel, thereby When the status is unsafe, the host card is no longer used to simulate the transaction channel; the security control device 300 encrypts and compresses the host card analog security module application and the authentication information data associated therewith, thereby realizing the protection of data during the transaction process. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
请参见图4,图4是本发明的另一个实施例提供的另一种安全控制装置的结构示意图,其中,如图4所示,本发明的另一个实施例提供的另一种安全控制装置400可以包括:Referring to FIG. 4, FIG. 4 is a schematic structural diagram of another security control apparatus according to another embodiment of the present invention, wherein another security control apparatus according to another embodiment of the present invention is shown in FIG. 400 can include:
第一检测模块410、关闭模块420和加密模块430。The first detection module 410, the shutdown module 420, and the encryption module 430.
其中,第一检测模块410用于检测终端当前的状态。The first detecting module 410 is configured to detect a current state of the terminal.
其中,终端为手机、平板电脑等能安装Android系统的智能终端,支持HCE,具备NFC功能。终端当前的状态指终端当前的运行环境的状态,比如是否安全等。Among them, the terminal is a smart terminal capable of installing an Android system such as a mobile phone or a tablet computer, supports HCE, and has an NFC function. The current status of the terminal refers to the status of the current operating environment of the terminal, such as whether it is secure or not.
其中,HCE指基于主机的卡模拟,在配备NFC功能的终端上实现卡模拟时,不需要提供SE,由在终端上运行的一个应用或者云端的服务器来完成SE的功能,此时NFC芯片接收到的数据由操作系统、或发送至终端中的应用、或通过移动网络发送至云端的服务器来完成交互。例如,在NFC手机中,可以通过手机中的应用来模拟安全模块SE。The HCE refers to the host-based card emulation. When the card emulation is implemented on the NFC-enabled terminal, the SE does not need to be provided. The SE function is implemented by an application running on the terminal or a cloud server. At this time, the NFC chip receives the function. The data obtained is completed by the operating system, or an application sent to the terminal, or a server sent to the cloud through the mobile network. For example, in an NFC mobile phone, the security module SE can be simulated by an application in the mobile phone.
其中,安全模块SE指用于存储NFC应用和用户敏感数据以及实现安全密钥运算的芯片模块,是NFC卡模拟的核心,安全模块还通过非接前端与外部读写设备进行通信,实现数据存储及交易过程的安全性。The security module SE refers to a chip module for storing NFC application and user sensitive data and realizing security key operation, and is the core of the NFC card simulation. The security module also communicates with the external read/write device through the non-connected front end to realize data storage. And the security of the transaction process.
可选地,在本发明的一些可能的实施方式中,NFC终端可包括硬件安全模块SE,提供对敏感信息的安全存储和为交易事务提供一个安全的执行环境,其中,SE可以集成到SIM卡、SD卡或终端芯片中。 Optionally, in some possible implementation manners of the present invention, the NFC terminal may include a hardware security module SE, providing secure storage of sensitive information and providing a secure execution environment for transaction transactions, wherein the SE may be integrated into the SIM card , SD card or terminal chip.
可选地,在本发明的一些可能的实施方式中,可在具有NFC功能的终端上安装Android4.4系统,由于Android4.4系统支持HCE功能,从而可在Android4.4系统上实现HCE功能,利用HCE模拟SE应用。Optionally, in some possible implementation manners of the present invention, the Android 4.4 system can be installed on the NFC-enabled terminal. Since the Android 4.4 system supports the HCE function, the HCE function can be implemented on the Android 4.4 system. Simulate SE applications with HCE.
可选地,在本发明的其它一些可能的实施方式中,如果具有NFC功能的终端系统是Android4.4之前的版本,则可以将终端系统升级到Android4.4系统。从而可以实现对HCE功能的支持。Optionally, in some other possible implementation manners of the present invention, if the NFC-enabled terminal system is a version prior to Android 4.4, the terminal system may be upgraded to the Android 4.4 system. This enables support for HCE functions.
可选地,在本发明的一些可能的实施方式中,支持HCE功能的终端可在终端上用APP(Application,应用程序)应用程序模拟卡,实现主机卡模拟的功能,同时该终端也支持其它传统的SE模拟卡技术,如硬件SE模块,也即终端同时兼容HCE和传统的SE。Optionally, in some possible implementation manners of the present invention, the terminal supporting the HCE function may use an APP (Application) application emulation card on the terminal to implement the function of the host card emulation, and the terminal also supports other functions. Traditional SE analog card technology, such as hardware SE module, that is, the terminal is compatible with both HCE and traditional SE.
举例进行说明,对于一个具有NFC功能的Android4.4系统的手机终端,支持HCE功能,从而可通过HCE实现对SE的卡模块,同时该手机终端上具有硬件SE模块,所以可以理解,该手机终端同时兼容HCE卡模拟以及传统的硬件SE功能。For example, the mobile terminal of the Android 4.4 system with NFC function supports the HCE function, so that the card module of the SE can be realized by the HCE, and the hardware SE module is provided on the mobile terminal, so it can be understood that the mobile terminal It is also compatible with HCE card emulation and traditional hardware SE functions.
可选地,在本发明的一些可能的实施方式中,终端当前的状态可以为安全状态,也可以为不安全状态。Optionally, in some possible implementation manners of the present invention, the current state of the terminal may be a security state or an unsecured state.
可选地,在本发明的一些可能的实施方式中,终端在HCE模拟交易通道开启后,以一定的频率检测终端当前的安全状态。Optionally, in some possible implementation manners of the present invention, after detecting that the HCE analog transaction channel is enabled, the terminal detects the current security state of the terminal at a certain frequency.
关闭模块420,用于若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道。The closing module 420 is configured to close the host card analog transaction channel if it detects that the current state of the terminal is an unsafe state.
其中,不安全状态指终端的运行环境不安全,导致运行在终端当前的数据有可能被窃取或者破坏,从而导致终端当前所进行的交易不安全。The insecure state means that the operating environment of the terminal is not secure, and the current data running on the terminal may be stolen or destroyed, thereby causing the current transaction of the terminal to be unsafe.
其中,主机卡模块交易通道(即HCE卡模拟交易通道)是指利用HCE技术模拟SE安全模块完成NFC交易的通道,此时NFC芯片作为非接触通讯前端,将从外部读写器接收到命令,转发到模拟SE的应用,然后由模拟SE的应用进行回复。而传统的基于硬件的NFC交易通道是NFC芯片作为非接触通讯前端,将从外部读写器接收到命令,转发到SE,然后由SE进行回复。The host card module transaction channel (ie, the HCE card analog transaction channel) refers to the channel that uses the HCE technology to simulate the SE security module to complete the NFC transaction. At this time, the NFC chip acts as a contactless communication front end and receives commands from the external reader. Forward to the application of the simulated SE and then reply by the application simulating the SE. The traditional hardware-based NFC transaction channel is the NFC chip as a contactless communication front-end, which will receive commands from the external reader, forward it to the SE, and then reply by the SE.
例如,在一部具有HCE功能的NFC手机中,通过APP应用模拟SE,从而实现HCE模拟交易通道,即主机卡模拟交易通道。For example, in an HFC-enabled NFC mobile phone, the SE is simulated by the APP application, thereby implementing the HCE analog transaction channel, that is, the host card simulation transaction channel.
举例说明,在本发明的一些可能的实施方式中,当终端为手机时,利用手 机NFC进行支付,当手机的系统被Root后,存储在手机系统中的数据很容易被窃取或破坏,此时终端的当前状态为不安全状态,那么关闭HCE模拟交易通道,从而终止该通道所进行的支付交易。For example, in some possible implementation manners of the present invention, when the terminal is a mobile phone, the hand is utilized. The NFC performs payment. When the mobile phone's system is rooted, the data stored in the mobile phone system is easily stolen or destroyed. At this time, the current state of the terminal is unsafe, then the HCE analog transaction channel is closed, thereby terminating the channel. A payment transaction made.
可以理解,关闭主机卡模拟交易通道可以在终端当前状态为不安全状态时不再使用该交易通道进行交易,从而阻止了不安全交易的发生。It can be understood that closing the host card simulation transaction channel can no longer use the transaction channel to conduct transactions when the current state of the terminal is unsafe, thereby preventing the occurrence of unsafe transactions.
加密模块430,用于加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据。The encryption module 430 is configured to encrypt and compress the host card to simulate the security module application and the authentication information data associated therewith.
其中,在NFC终端中,主机卡模拟安全模块应用(即HCE模拟SE应用)指在具有HCE卡模拟功能的终端上模拟SE安全模块的APP应用,与其相关的认证信息数据是指存储在HCE模拟SE应用中的NFC交易中用于认证的数据和用户敏感数据。例如,在NFC支付中,该认证信息数据可以为支付双方的用户信息、密码、以及与支付相关的其它数据等。In the NFC terminal, the host card analog security module application (ie, the HCE analog SE application) refers to an APP application that simulates the SE security module on the terminal having the HCE card simulation function, and the related authentication information data is stored in the HCE simulation. Data for authentication and user sensitive data in NFC transactions in SE applications. For example, in the NFC payment, the authentication information data may be user information, a password, and other data related to the payment, etc. of the payment parties.
可选地,在本发明的一些可能的实施方式中,也可以压缩并加密HCE卡模拟安全模块应用及与其相关的认证信息数据,从而保证交易数据的安全性。Optionally, in some possible implementation manners of the present invention, the HCE card analog security module application and the authentication information data associated therewith may also be compressed and encrypted to ensure the security of the transaction data.
举例说明,在手机NFC移动支付时,若支付环境出现安全风险,此时关闭HCE模拟支付通道,并将与支付相关的用户信息、密码以及其它相关的数据进行加密并压缩,保证数据的安全性。For example, when the mobile phone NFC mobile payment, if the payment environment has a security risk, the HCE analog payment channel is closed at this time, and the user information, password and other related data related to the payment are encrypted and compressed to ensure data security. .
可以理解,通过一定的方式加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据将加强这些数据的安全性。It can be understood that encrypting and compressing the host card analog security module application and its associated authentication information data in a certain way will enhance the security of the data.
可选地,在本发明的一些可能的实施方式中,可由主机或者NFC控制器来实现关闭HCE卡模拟交易通道。Optionally, in some possible implementation manners of the present invention, the HCE card analog transaction channel may be closed by a host or an NFC controller.
可选地,在本发明的一些可能的实施方式中,所述检测模块410检测终端当前的状态包括以下方式中的至少一种:Optionally, in some possible implementation manners of the present invention, the detecting module 410 detects that a current state of the terminal includes at least one of the following manners:
检测所述终端系统是否被获取超级用户权限、检测所述终端安装的应用是否官方发布、检测所述终端安装的应用是否受到病毒入侵。Detecting whether the terminal system is acquired by the super user authority, detecting whether the application installed by the terminal is officially released, and detecting whether the application installed by the terminal is infected by a virus.
其中,终端当前的安全状态包括终端自身运行环境是否安全以及终端运行的软件是否合格,当检测到终端系统被获取超级用户权限或终端安装的应用受到病毒入侵时,判断为终端自身的运行环境不安全,也即终端的状态为不安全状态,此时关闭HCE卡模拟交易通道。The current security status of the terminal includes whether the operating environment of the terminal is secure and whether the software running on the terminal is qualified. When it is detected that the terminal system is acquired by the super user or the application installed by the terminal is infected by a virus, it is determined that the operating environment of the terminal itself is not Security, that is, the status of the terminal is unsafe. At this time, the HCE card analog transaction channel is closed.
可以理解,在上述几种情况下将会使得终端运行的应用及数据的安全受到 威胁,如终端正在进行支付时,若终端被获取到超级用户权限,则和支付相关的信息将会被获取,支付交易不安全。It can be understood that in the above several cases, the security of applications and data running on the terminal will be affected. Threats, such as when the terminal is making a payment, if the terminal is acquired the super user right, the information related to the payment will be obtained, and the payment transaction is not secure.
可选地,在本发明其它的一些可能的实施方式中,所述检测终端当前的状态还可以包括检测终端安装的应用是否为不合法应用或无权限应用,以及检测终端其它异常情况。Optionally, in some other possible implementation manners of the present invention, the detecting the current state of the terminal may further include detecting whether the application installed by the terminal is an illegal application or a non-privileged application, and detecting other abnormal conditions of the terminal.
可选地,在本发明的一些可能的实施方式中,所述检测模块410还用于:Optionally, in some possible implementation manners of the present invention, the detecting module 410 is further configured to:
若检测到所述终端安装的应用为非官方发布应用、不合法应用或无权限应用,则拒绝所述应用访问所述主机卡模拟交易通道。If it is detected that the application installed by the terminal is an unofficial publishing application, an illegal application, or an unprivileged application, the application is denied access to the host card analog transaction channel.
可以理解,若检测到所述终端安装的应用为非官方发布应用、合法应用或无权限应用时,此时只是终端的应用不合格,而终端本身不存在Root或其它安全风险时,此时只限制该应用对HCE卡模拟交易通道的访问,而不去关闭HCE卡模拟交易通道,使得操作简单,也能不影响其它官方应用、合法应用以及有权限应用对HCE卡模拟交易通道的访问。It can be understood that, if it is detected that the application installed in the terminal is an unofficial publishing application, a legitimate application, or a non-privileged application, only the application of the terminal is unqualified, and the terminal itself does not have a root or other security risk, Limiting the application's access to the HCE card emulation transaction channel without closing the HCE card emulation transaction channel, making the operation simple, without affecting other official applications, legitimate applications, and access to the HCE card emulation transaction channel.
可选地,在本发明的一些可能的实施方式中,所述安全控制装置400还包括:Optionally, in some possible implementation manners of the present invention, the security control apparatus 400 further includes:
路由模块440,用于将所述主机卡模拟交易通道路由到安全模块实体中。The routing module 440 is configured to route the host card analog transaction channel to the security module entity.
可以理解,当终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,从而NFC交易则无法进行,那么此时将HCE卡模拟交易通道路由到传统的SE模块中保证了交易的顺利进行,同时保证了数据的安全性。It can be understood that when the current state of the terminal is in an insecure state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, so that the NFC transaction cannot be performed, then the HCE card simulation transaction channel routing to the traditional SE module ensures the smooth progress of the transaction, while ensuring the security of the data.
可选地,在本发明的一些可能的实施方式中,所述安全模块实体为硬件实体SE模块。Optionally, in some possible implementation manners of the present disclosure, the security module entity is a hardware entity SE module.
举例说明,在本发明的一些可能的实施方式中,当利用手机进行NFC移动支付时,若检测到手机被Root,为了保证支付的安全性,关闭HCE模拟交易通道,加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,并同时将HCE模拟交易通道路由到实体SE中,从而消除了支付风险并保证了交易的顺利进行。For example, in some possible implementation manners of the present invention, when the mobile phone is used for NFC mobile payment, if the mobile phone is detected to be Root, in order to ensure the security of payment, the HCE analog transaction channel is closed, and the host card is simulated and encrypted. The module application and its associated authentication information data, and at the same time routing the HCE simulated trading channel to the entity SE, thereby eliminating the payment risk and ensuring the smooth progress of the transaction.
可选地,在本发明的一些可能的实施方式中,所述加密模块430具体用于:Optionally, in some possible implementation manners of the present disclosure, the encryption module 430 is specifically configured to:
通过主机卡模拟手机钱包对应的个人识别密码或用户自设定的密码对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密。 The host card analog security module application and its associated authentication information data are encrypted by the host card emulating the personal identification password corresponding to the mobile wallet or the user-set password.
可选地,在本发明的一些可能的实施方式中,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据还可以通过其它以一定的编码规则形成的密码对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密。Optionally, in some possible implementation manners of the present invention, the encrypting and compressing the host card emulation security module application and the authentication information data related thereto may also use the password formed by a certain encoding rule to the host card. The analog security module application and its associated authentication information data are encrypted.
可以理解,利用主机卡模拟手机钱包对应的个人识别密码(主机HCE钱包PIN码)对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密符合NFC交易中的密码设置方式,保证密码安全性。It can be understood that using the host card to simulate the personal identification password (host HCE wallet PIN code) of the mobile phone wallet, the host card analog security module application and the authentication information data related thereto are encrypted according to the password setting manner in the NFC transaction, and the password is guaranteed. safety.
可选地,在本发明的一些可能的实施方式中,在所述加密模块430后,所述安全控制装置400还包括:Optionally, in some possible implementation manners of the present invention, after the encryption module 430, the security control apparatus 400 further includes:
第二检测模块450,用于检测所述终端当前的状态;a second detecting module 450, configured to detect a current state of the terminal;
开启模块460,用于若检测到所述终端当前的状态为安全状态,开启所述主机卡模拟交易通道;The module 460 is configured to: if it is detected that the current state of the terminal is a security state, enable the host card to simulate a transaction channel;
解密模块470,用于解压并解密主机卡模拟安全模块应用及与其相关的认证信息数据。The decryption module 470 is configured to decompress and decrypt the host card analog security module application and the authentication information data associated therewith.
其中,第二检测模块450可以与第一检测模块410不同,用于在HCE卡模拟交易通道关闭后检测所述终端当前的安全状态,也可以与第一检测模块410集成在同一个模块中,用于检测所述终端当前的状态。The second detection module 450 may be different from the first detection module 410 for detecting the current security state of the terminal after the HCE card analog transaction channel is closed, or may be integrated with the first detection module 410 in the same module. It is used to detect the current state of the terminal.
可选地,在本发明的一些可能的实施方式中,在终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,第二检测模块450继续以一定的频率检测终端当前的状态。Optionally, in some possible implementation manners of the present invention, when the current state of the terminal is an unsecured state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed. The second detecting module 450 continues to detect the current state of the terminal at a certain frequency.
可以理解,在终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,再持续不断地以一定的频率检测终端当前的状态,并在终端当前的状态为安全状态后,开启HCE模拟交易通道,并恢复HCE模拟SE应用及相关认证信息数据,从而可以在终端的安全状态恢复后,及时恢复HCE模拟交易通道。It can be understood that when the current state of the terminal is in an insecure state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed, and then the terminal is continuously detected at a certain frequency. After the current state of the terminal is in a safe state, the HCE simulated transaction channel is opened, and the HCE simulated SE application and related authentication information data are restored, so that the HCE simulated transaction channel can be restored in time after the security state of the terminal is restored.
可选地,在本发明的一些可能的实施方式中,开启模块460可由主机或者NFC控制器来实现开启HCE卡模拟交易通道。Optionally, in some possible implementation manners of the present invention, the opening module 460 can be implemented by the host or the NFC controller to enable the HCE card to simulate the transaction channel.
可选地,在本发明的一些可能的实施方式中,恢复HCE模拟交易通道时,解密模块470可以解密并解压主机卡模拟安全模块应用及与其相关的认证信息 数据。Optionally, in some possible implementation manners of the present invention, when the HCE simulated transaction channel is restored, the decryption module 470 can decrypt and decompress the host card analog security module application and the authentication information associated therewith. data.
可选地,在本发明的一些可能的实施方式中,若检测到所述终端当前的状态为安全状态,则再次将HCE卡模拟交易通道从SE实体中路由到HCE卡模拟交易通道中。Optionally, in some possible implementation manners of the present invention, if it is detected that the current state of the terminal is a security state, the HCE card analog transaction channel is again routed from the SE entity to the HCE card analog transaction channel.
举例说明,在手机NCF支付时,当系统被Root后,对模拟支付通道进行关闭并将HCE模拟SE应用以及相关认证信息数据进行保护,同时将HCE模拟交易通道路由到实体SE模拟中后,继续检测终端的安全状态,当检测到终端的不安全因素已经排除后,则开启原有的HCE模拟支付通道,将相关应用及数据进行释放,并再次将交易通道从实体SE路由到HCE模拟支付通道中,恢复HCE卡模拟交易功能。For example, when the mobile phone NCF pays, when the system is rooted, the analog payment channel is closed and the HCE simulated SE application and related authentication information data are protected, and the HCE simulated transaction channel is routed to the entity SE simulation, and then continues. Detecting the security status of the terminal. When it is detected that the insecure factor of the terminal has been eliminated, the original HCE analog payment channel is opened, the related application and data are released, and the transaction channel is again routed from the entity SE to the HCE analog payment channel. In the recovery of the HCE card simulation transaction function.
可以理解的是,本实施例的安全控制装置400的各功能模块的功能可根据上述方法实施例中的方法具体实现,其具体实现过程可以参照上述方法实施例的相关描述,此处不再赘述。It is to be understood that the functions of the functional modules of the security control device 400 of the present embodiment may be specifically implemented according to the method in the foregoing method embodiments, and the specific implementation process may refer to the related description of the foregoing method embodiments, and details are not described herein again. .
可以看出,本实施例的方案中,安全控制装置400检测终端当前的状态;安全控制装置400若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道,从而在终端状态为不安全状态时不再继续使用主机卡模拟交易通道;安全控制装置400加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,实现了对交易过程中数据的保护。从而在基于主机卡模拟的技术下实现了对NFC业务的安全控制。It can be seen that, in the solution of the embodiment, the security control device 400 detects the current state of the terminal; if the security control device 400 detects that the current state of the terminal is in an insecure state, the host controller simulates the transaction channel, thereby When the state is unsafe, the host card is no longer used to simulate the transaction channel; the security control device 400 encrypts and compresses the host card simulation security module application and the authentication information data related thereto, thereby realizing the protection of the data during the transaction process. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
参见图5,图5是本发明的又一个实施例提供的又一种安全控制装置的结构示意图。如图5所示,本发明的又一个实施例提供的又一种安全控制装置500可以包括:至少一个总线501、与总线相连的至少一个处理器502以及与总线相连的至少一个存储器503。Referring to FIG. 5, FIG. 5 is a schematic structural diagram of still another safety control device according to still another embodiment of the present invention. As shown in FIG. 5, still another security control apparatus 500 provided by still another embodiment of the present invention may include at least one bus 501, at least one processor 502 connected to the bus, and at least one memory 503 connected to the bus.
其中,处理器502通过总线501,调用存储器503中存储的代码以用于检测终端当前的状态;若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道;加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据。The processor 502 calls the code stored in the memory 503 to detect the current state of the terminal through the bus 501. If the current state of the terminal is detected to be in an insecure state, the host card is simulated to close the transaction channel; the encryption and compression are performed. The host card emulates the security module application and its associated authentication information data.
其中,终端为手机、平板电脑等能安装Android系统的智能终端,支持HCE,具备NFC功能。终端当前的状态指终端当前的运行环境的状态,比如是否安全等。 Among them, the terminal is a smart terminal capable of installing an Android system such as a mobile phone or a tablet computer, supports HCE, and has an NFC function. The current status of the terminal refers to the status of the current operating environment of the terminal, such as whether it is secure or not.
其中,HCE指基于主机的卡模拟,在配备NFC功能的终端上实现卡模拟时,不需要提供SE,由在终端上运行的一个应用或者云端的服务器来完成SE的功能,此时NFC芯片接收到的数据由操作系统、或发送至终端中的应用、或通过移动网络发送至云端的服务器来完成交互。例如,在NFC手机中,可以通过手机中的应用来模拟安全模块SE。The HCE refers to the host-based card emulation. When the card emulation is implemented on the NFC-enabled terminal, the SE does not need to be provided. The SE function is implemented by an application running on the terminal or a cloud server. At this time, the NFC chip receives the function. The data obtained is completed by the operating system, or an application sent to the terminal, or a server sent to the cloud through the mobile network. For example, in an NFC mobile phone, the security module SE can be simulated by an application in the mobile phone.
其中,安全模块SE指用于存储NFC应用和用户敏感数据以及实现安全密钥运算的芯片模块,是NFC卡模拟的核心,安全模块还通过非接前端与外部读写设备进行通信,实现数据存储及交易过程的安全性。The security module SE refers to a chip module for storing NFC application and user sensitive data and realizing security key operation, and is the core of the NFC card simulation. The security module also communicates with the external read/write device through the non-connected front end to realize data storage. And the security of the transaction process.
可选地,在本发明的一些可能的实施方式中,NFC终端可包括硬件安全模块SE,提供对敏感信息的安全存储和为交易事务提供一个安全的执行环境,其中,SE可以集成到SIM卡、SD卡或终端芯片中。Optionally, in some possible implementation manners of the present invention, the NFC terminal may include a hardware security module SE, providing secure storage of sensitive information and providing a secure execution environment for transaction transactions, wherein the SE may be integrated into the SIM card , SD card or terminal chip.
可选地,在本发明的一些可能的实施方式中,可在具有NFC功能的终端上安装Android4.4系统,由于Android4.4系统支持HCE功能,从而可在Android4.4系统上实现HCE功能,利用HCE模拟SE应用。Optionally, in some possible implementation manners of the present invention, the Android 4.4 system can be installed on the NFC-enabled terminal. Since the Android 4.4 system supports the HCE function, the HCE function can be implemented on the Android 4.4 system. Simulate SE applications with HCE.
可选地,在本发明的其它一些可能的实施方式中,如果具有NFC功能的终端系统是Android4.4之前的版本,则可以将终端系统升级到Android4.4系统。从而可以实现对HCE功能的支持。Optionally, in some other possible implementation manners of the present invention, if the NFC-enabled terminal system is a version prior to Android 4.4, the terminal system may be upgraded to the Android 4.4 system. This enables support for HCE functions.
可选地,在本发明的一些可能的实施方式中,支持HCE功能的终端可在终端上用APP(Application,应用程序)应用程序模拟卡,实现主机卡模拟的功能,同时该终端也支持其它传统的SE模拟卡技术,如硬件SE模块,也即终端同时兼容HCE和传统的SE。Optionally, in some possible implementation manners of the present invention, the terminal supporting the HCE function may use an APP (Application) application emulation card on the terminal to implement the function of the host card emulation, and the terminal also supports other functions. Traditional SE analog card technology, such as hardware SE module, that is, the terminal is compatible with both HCE and traditional SE.
可选地,在本发明的一些可能的实施方式中,终端当前的状态可以为安全状态,也可以为不安全状态。Optionally, in some possible implementation manners of the present invention, the current state of the terminal may be a security state or an unsecured state.
可选地,在本发明的一些可能的实施方式中,终端在HCE模拟交易通道开启后,以一定的频率检测终端当前的安全状态。Optionally, in some possible implementation manners of the present invention, after detecting that the HCE analog transaction channel is enabled, the terminal detects the current security state of the terminal at a certain frequency.
其中,不安全状态指终端的运行环境不安全,导致运行在终端当前的数据有可能被窃取或者破坏,从而导致终端当前所进行的交易不安全。The insecure state means that the operating environment of the terminal is not secure, and the current data running on the terminal may be stolen or destroyed, thereby causing the current transaction of the terminal to be unsafe.
其中,主机卡模块交易通道(即HCE卡模拟交易通道)是指利用HCE技术模拟SE安全模块完成NFC交易的通道,此时NFC芯片作为非接触通讯前端,将从外部读写器接收到命令,转发到模拟SE的应用,然后由模拟SE的应用进 行回复。而传统的基于硬件的NFC交易通道是NFC芯片作为非接触通讯前端,将从外部读写器接收到命令,转发到SE,然后由SE进行回复。The host card module transaction channel (ie, the HCE card analog transaction channel) refers to the channel that uses the HCE technology to simulate the SE security module to complete the NFC transaction. At this time, the NFC chip acts as a contactless communication front end and receives commands from the external reader. Forward to the application of the simulated SE, then enter the application of the simulated SE Line reply. The traditional hardware-based NFC transaction channel is the NFC chip as a contactless communication front-end, which will receive commands from the external reader, forward it to the SE, and then reply by the SE.
其中,在NFC终端中,主机卡模拟安全模块应用(即HCE模拟SE应用)指在具有HCE卡模拟功能的终端上模拟SE安全模块的APP应用,与其相关的认证信息数据是指存储在HCE模拟SE应用中的NFC交易中用于认证的数据和用户敏感数据。例如,在NFC支付中,该认证信息数据可以为支付双方的用户信息、密码、以及与支付相关的其它数据等。In the NFC terminal, the host card analog security module application (ie, the HCE analog SE application) refers to an APP application that simulates the SE security module on the terminal having the HCE card simulation function, and the related authentication information data is stored in the HCE simulation. Data for authentication and user sensitive data in NFC transactions in SE applications. For example, in the NFC payment, the authentication information data may be user information, a password, and other data related to the payment, etc. of the payment parties.
可选地,在本发明的一些可能的实施方式中,也可以压缩并加密HCE卡模拟安全模块应用及与其相关的认证信息数据,从而保证交易数据的安全性。Optionally, in some possible implementation manners of the present invention, the HCE card analog security module application and the authentication information data associated therewith may also be compressed and encrypted to ensure the security of the transaction data.
可选地,在本发明的一些可能的实施方式中,可由主机或者NFC控制器来实现关闭HCE卡模拟交易通道。Optionally, in some possible implementation manners of the present invention, the HCE card analog transaction channel may be closed by a host or an NFC controller.
可选地,在本发明的一些可能的实施方式中,处理器502检测终端当前的状态包括以下方式中的至少一种:Optionally, in some possible implementation manners of the present invention, the detecting, by the processor 502, the current state of the terminal includes at least one of the following manners:
检测所述终端系统是否被获取超级用户权限、检测所述终端安装的应用是否官方发布、检测所述终端安装的应用是否受到病毒入侵。Detecting whether the terminal system is acquired by the super user authority, detecting whether the application installed by the terminal is officially released, and detecting whether the application installed by the terminal is infected by a virus.
其中,终端当前的安全状态包括终端自身运行环境是否安全以及终端运行的软件是否合格,当检测到终端系统被获取超级用户权限或终端安装的应用受到病毒入侵时,判断为终端自身的运行环境不安全,也即终端的状态为不安全状态,此时关闭HCE卡模拟交易通道。The current security status of the terminal includes whether the operating environment of the terminal is secure and whether the software running on the terminal is qualified. When it is detected that the terminal system is acquired by the super user or the application installed by the terminal is infected by a virus, it is determined that the operating environment of the terminal itself is not Security, that is, the status of the terminal is unsafe. At this time, the HCE card analog transaction channel is closed.
可选地,在本发明其它的一些可能的实施方式中,所述检测终端当前的状态还可以包括其它检测影响终端运行环境安全的情况。Optionally, in some other possible implementation manners of the present invention, the current state of the detecting terminal may further include other conditions that affect the security of the operating environment of the terminal.
可选地,在本发明其它的一些可能的实施方式中,所述检测终端当前的状态还可以包括检测终端安装的应用是否为不合法应用或无权限应用,以及检测终端其它异常情况。Optionally, in some other possible implementation manners of the present invention, the detecting the current state of the terminal may further include detecting whether the application installed by the terminal is an illegal application or a non-privileged application, and detecting other abnormal conditions of the terminal.
可选地,在本发明的一些可能的实施方式中,处理器502还可以:Optionally, in some possible implementation manners of the present invention, the processor 502 may further:
若检测到所述终端安装的应用为非官方发布应用、不合法应用或无权限应用,则拒绝所述应用访问所述主机卡模拟交易通道。If it is detected that the application installed by the terminal is an unofficial publishing application, an illegal application, or an unprivileged application, the application is denied access to the host card analog transaction channel.
可选地,在本发明的一些可能的实施方式中,处理器502加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据后,处理器502还可以:Optionally, in some possible implementation manners of the present invention, after the processor 502 encrypts and compresses the host card emulation security module application and the authentication information data associated therewith, the processor 502 may further:
将所述主机卡模拟交易通道路由到安全模块实体中。 The host card analog transaction channel is routed to the security module entity.
可选地,在本发明的一些可能的实施方式中,所述安全模块实体为硬件实体SE模块。Optionally, in some possible implementation manners of the present disclosure, the security module entity is a hardware entity SE module.
可选地,在本发明的一些可能的实施方式中,处理器502加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,处理器502可以:Optionally, in some possible implementation manners of the present invention, the processor 502 encrypts and compresses the host card emulation security module application and authentication information data related thereto, and the processor 502 may:
通过主机卡模拟手机钱包对应的个人识别密码或用户自设定的密码对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密。The host card analog security module application and its associated authentication information data are encrypted by the host card emulating the personal identification password corresponding to the mobile wallet or the user-set password.
可选地,在本发明的一些可能的实施方式中,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据还可以通过其它以一定的编码规则形成的密码对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密。Optionally, in some possible implementation manners of the present invention, the encrypting and compressing the host card emulation security module application and the authentication information data related thereto may also use the password formed by a certain encoding rule to the host card. The analog security module application and its associated authentication information data are encrypted.
可选地,在本发明的一些可能的实施方式中,处理器502加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据后,处理器502还包括:Optionally, in some possible implementation manners of the present invention, after the processor 502 encrypts and compresses the host card to simulate the security module application and the authentication information data associated therewith, the processor 502 further includes:
检测所述终端当前的状态;Detecting a current state of the terminal;
若检测到所述终端当前的状态为安全状态,开启所述主机卡模拟交易通道;If it is detected that the current state of the terminal is a security state, the host card is simulated to open a transaction channel;
解压并解密主机卡模拟安全模块应用及与其相关的认证信息数据。Decompress and decrypt the host card to simulate the security module application and its associated authentication information data.
可选地,在本发明的一些可能的实施方式中,在终端当前的状态为不安全状态时,关闭HCE卡模拟交易通道,并同时加密并压缩HCE模拟SE应用以及与其相关的认证信息数据后,继续以一定的频率检测终端当前的状态。Optionally, in some possible implementation manners of the present invention, when the current state of the terminal is an unsecured state, the HCE card analog transaction channel is closed, and the HCE simulated SE application and the authentication information data related thereto are simultaneously encrypted and compressed. Continue to detect the current state of the terminal at a certain frequency.
可选地,在本发明的一些可能的实施方式中,可由主机或者NFC控制器来实现开启HCE卡模拟交易通道。Optionally, in some possible implementation manners of the present invention, the HCE card analog transaction channel is enabled by the host or the NFC controller.
可选地,在本发明的一些可能的实施方式中,恢复HCE模拟交易通道时,处理器502可以解密并解压主机卡模拟安全模块应用及与其相关的认证信息数据。Optionally, in some possible implementation manners of the present invention, when the HCE simulated transaction channel is restored, the processor 502 can decrypt and decompress the host card emulation security module application and the authentication information data associated therewith.
可选地,在本发明的一些可能的实施方式中,若检测到所述终端当前的状态为安全状态,处理器502则再次将HCE卡模拟交易通道从SE实体中路由到HCE卡模拟交易通道中。Optionally, in some possible implementation manners of the present invention, if it is detected that the current state of the terminal is a security state, the processor 502 again routes the HCE card analog transaction channel from the SE entity to the HCE card analog transaction channel. in.
可以理解的是,本实施例的安全控制装置500的各功能模块的功能可根据上述方法实施例中的方法具体实现,其具体实现过程可以参照上述方法实施例的相关描述,此处不再赘述。It is to be understood that the functions of the functional modules of the security control device 500 of the present embodiment may be specifically implemented according to the method in the foregoing method embodiments. For the specific implementation process, reference may be made to the related description of the foregoing method embodiments, and details are not described herein again. .
可以看出,本实施例的方案中,安全控制装置500检测终端当前的状态; 安全控制装置500若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道,从而在终端状态为不安全状态时不再继续使用主机卡模拟交易通道;安全控制装置500加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,实现了对交易过程中数据的保护。从而在基于主机卡模拟的技术下实现了对NFC业务的安全控制。It can be seen that, in the solution of this embodiment, the security control device 500 detects the current state of the terminal; If the security control device 500 detects that the current state of the terminal is in an insecure state, the host card is simulated to close the transaction channel, so that the host card is not used to simulate the transaction channel when the terminal state is in an unsafe state; the security control device 500 encrypts And compress the host card analog security module application and its associated authentication information data to achieve data protection during the transaction process. Therefore, the security control of the NFC service is realized under the technology based on the host card simulation.
参见图6,图6是本发明的一个实施例提供的终端。本发明还提供了一种终端500,包括如上述任一技术方案所述的安全控制装置400。Referring to Figure 6, Figure 6 is a terminal provided by an embodiment of the present invention. The present invention also provides a terminal 500 comprising the security control device 400 as described in any of the above aspects.
本发明实施例还提供一种计算机存储介质,其中,该计算机存储介质可存储有程序,该程序执行时包括上述方法实施例中记载的任何一种消息交互方法的部分或全部步骤。The embodiment of the present invention further provides a computer storage medium, wherein the computer storage medium can store a program, and the program includes some or all of the steps of any one of the message interaction methods described in the foregoing method embodiments.
需要说明的是,对于前述的各方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为依据本发明,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本发明所必须的。It should be noted that, for the foregoing method embodiments, for the sake of simple description, they are all expressed as a series of action combinations, but those skilled in the art should understand that the present invention is not limited by the described action sequence. Because certain steps may be performed in other sequences or concurrently in accordance with the present invention. In addition, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见其他实施例的相关描述。In the above embodiments, the descriptions of the various embodiments are different, and the details that are not detailed in a certain embodiment can be referred to the related descriptions of other embodiments.
在本申请所提供的几个实施例中,应该理解到,所揭露的装置,可通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性或其它的形式。In the several embodiments provided herein, it should be understood that the disclosed apparatus may be implemented in other ways. For example, the device embodiments described above are merely illustrative. For example, the division of the unit is only a logical function division. In actual implementation, there may be another division manner, for example, multiple units or components may be combined or may be Integrate into another system, or some features can be ignored or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be electrical or otherwise.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
另外,在本发明的各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元 中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. in. The above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可为个人计算机、服务器或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。The integrated unit, if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium. A number of instructions are included to cause a computer device (which may be a personal computer, server or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention. The foregoing storage medium includes: a U disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk, and the like. .
以上所述,以上实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的范围。 The above embodiments are only used to illustrate the technical solutions of the present invention, and are not intended to be limiting; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art will understand that The technical solutions described in the embodiments are modified, or some of the technical features are replaced by equivalents; and the modifications or substitutions do not deviate from the scope of the technical solutions of the embodiments of the present invention.

Claims (13)

  1. 一种安全控制方法,其特征在于,所述方法包括:A security control method, the method comprising:
    检测终端当前的状态;Detecting the current state of the terminal;
    若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道;If it is detected that the current state of the terminal is an unsafe state, the host card analog transaction channel is closed;
    加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据。Encrypt and compress the host card to simulate the security module application and its associated authentication information data.
  2. 如权利要求1所述的方法,其特征在于,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据后,所述方法还包括:The method of claim 1, wherein after the encrypting and compressing the host card emulation security module application and the authentication information data associated therewith, the method further comprises:
    将所述主机卡模拟交易通道路由到安全模块实体中。The host card analog transaction channel is routed to the security module entity.
  3. 如权利要求1所述的方法,其特征在于,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据后,所述方法还包括:The method of claim 1, wherein after the encrypting and compressing the host card emulation security module application and the authentication information data associated therewith, the method further comprises:
    检测所述终端当前的状态;Detecting a current state of the terminal;
    若检测到所述终端当前的状态为安全状态,开启所述主机卡模拟交易通道;If it is detected that the current state of the terminal is a security state, the host card is simulated to open a transaction channel;
    解压并解密主机卡模拟安全模块应用及与其相关的认证信息数据。Decompress and decrypt the host card to simulate the security module application and its associated authentication information data.
  4. 如权利要求1或3所述的方法,其特征在于,所述检测终端当前的状态包括以下方式中的至少一种:The method according to claim 1 or 3, wherein the detecting the current state of the terminal comprises at least one of the following:
    检测所述终端系统是否被获取超级用户权限、检测所述终端安装的应用是否官方发布、检测所述终端安装的应用是否受到病毒入侵。Detecting whether the terminal system is acquired by the super user authority, detecting whether the application installed by the terminal is officially released, and detecting whether the application installed by the terminal is infected by a virus.
  5. 如权利要求1所述的方法,其特征在于,所述加密并压缩主机卡模拟安全模块应用及与其相关的认证信息数据,包括:The method of claim 1, wherein the encrypting and compressing the host card emulation security module application and the authentication information data associated therewith comprises:
    通过主机卡模拟手机钱包对应的个人识别密码或用户自设定的密码对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密。The host card analog security module application and its associated authentication information data are encrypted by the host card emulating the personal identification password corresponding to the mobile wallet or the user-set password.
  6. 如权利要求1所述的方法,其特征在于,所述方法还包括:The method of claim 1 wherein the method further comprises:
    若检测到所述终端安装的应用为非官方发布应用、不合法应用或无权限应用,则拒绝所述应用访问所述主机卡模拟交易通道。If it is detected that the application installed by the terminal is an unofficial publishing application, an illegal application, or an unprivileged application, the application is denied access to the host card analog transaction channel.
  7. 一种安全控制装置,其特征在于,所述装置包括:A safety control device, characterized in that the device comprises:
    第一检测模块,用于检测终端当前的状态;a first detecting module, configured to detect a current state of the terminal;
    关闭模块,用于若检测到所述终端当前的状态为不安全状态,则关闭主机卡模拟交易通道;The module is closed, and if the current state of the terminal is detected to be unsafe, the host card analog transaction channel is closed;
    加密模块,用于加密并压缩主机卡模拟安全模块应用及与其相关的认证信 息数据。Encryption module for encrypting and compressing the host card analog security module application and its associated authentication letter Information data.
  8. 如权利要求7所述的装置,其特征在于,所述装置还包括:The device of claim 7 wherein said device further comprises:
    路由模块,用于将所述主机卡模拟交易通道路由到安全模块实体中。a routing module, configured to route the host card analog transaction channel to the security module entity.
  9. 如权利要求7所述的装置,其特征在于,在所述加密模块后,所述装置还包括:The device of claim 7, wherein after the encrypting module, the device further comprises:
    第二检测模块,用于检测所述终端当前的状态;a second detecting module, configured to detect a current state of the terminal;
    开启模块,用于若检测到所述终端当前的状态为安全状态,开启所述主机卡模拟交易通道;Opening a module, if it is detected that the current state of the terminal is a safe state, opening the host card to simulate a transaction channel;
    解密模块,用于解压并解密主机卡模拟安全模块应用及与其相关的认证信息数据。The decryption module is configured to decompress and decrypt the host card analog security module application and the authentication information data related thereto.
  10. 如权利要求6或9所述的装置,其特征在于,所述检测模块检测终端当前的状态包括以下方式中的至少一种:The device according to claim 6 or 9, wherein the detecting module detects the current state of the terminal and comprises at least one of the following manners:
    检测所述终端系统是否被获取超级用户权限、检测所述终端安装的应用是否官方发布、检测所述终端安装的应用是否受到病毒入侵。Detecting whether the terminal system is acquired by the super user authority, detecting whether the application installed by the terminal is officially released, and detecting whether the application installed by the terminal is infected by a virus.
  11. 如权利要求7所述的装置,其特征在于,所述加密模块具体用于:The device according to claim 7, wherein the encryption module is specifically configured to:
    通过主机卡模拟手机钱包对应的个人识别密码或用户自设定的密码对所述主机卡模拟安全模块应用及与其相关的认证信息数据进行加密。The host card analog security module application and its associated authentication information data are encrypted by the host card emulating the personal identification password corresponding to the mobile wallet or the user-set password.
  12. 如权利要求7所述的装置,其特征在于,所述检测模块还用于:The apparatus of claim 7, wherein the detecting module is further configured to:
    若检测到所述终端安装的应用为非官方发布应用、不合法应用或无权限应用,则拒绝所述应用访问所述主机卡模拟交易通道。If it is detected that the application installed by the terminal is an unofficial publishing application, an illegal application, or an unprivileged application, the application is denied access to the host card analog transaction channel.
  13. 一种终端,其特征在于,包括如权利要求7至12中任一项所述的安全控制装置。 A terminal characterized by comprising the security control device according to any one of claims 7 to 12.
PCT/CN2016/077958 2015-05-30 2016-03-31 Safety control method and apparatus, and terminal WO2016192453A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510290962.XA CN105550866B (en) 2015-05-30 2015-05-30 Safety control method and device
CN201510290962.X 2015-05-30

Publications (1)

Publication Number Publication Date
WO2016192453A1 true WO2016192453A1 (en) 2016-12-08

Family

ID=55830046

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/077958 WO2016192453A1 (en) 2015-05-30 2016-03-31 Safety control method and apparatus, and terminal

Country Status (2)

Country Link
CN (1) CN105550866B (en)
WO (1) WO2016192453A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113473474A (en) * 2021-05-26 2021-10-01 上海商甲信息科技有限公司 Background authority control method for mobile communication terminal system

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106127467A (en) * 2016-06-20 2016-11-16 上海易码信息科技有限公司 The method of mobile payment integrating financial card paying and settle accounts
CN106096450A (en) * 2016-06-21 2016-11-09 依偎科技(南昌)有限公司 A kind of application program freezing method and mobile terminal
CN107316197B (en) * 2017-07-04 2020-05-29 Oppo广东移动通信有限公司 Payment protection method, mobile terminal and computer readable storage medium
CN108280647A (en) * 2018-02-12 2018-07-13 北京金山安全软件有限公司 Private key protection method and device for digital wallet, electronic equipment and storage medium
US20220147641A1 (en) * 2019-02-28 2022-05-12 Huawei Technologies Co., Ltd. File processing method and terminal device
CN113793156A (en) * 2020-12-18 2021-12-14 京东科技控股股份有限公司 Method, device, equipment and storage medium for prompting fraud application program

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101079090A (en) * 2007-07-02 2007-11-28 北京飞天诚信科技有限公司 Apparatus for reproducing personal application environment
CN103617382A (en) * 2013-11-22 2014-03-05 北京奇虎科技有限公司 Privacy protection method and device
CN104240085A (en) * 2013-06-07 2014-12-24 中兴通讯股份有限公司 Mobile terminal and mobile payment safety verification method and device
US20150006319A1 (en) * 2013-06-26 2015-01-01 Barkley, Inc. System and method for communication and processing between devices and objects

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104281946A (en) * 2013-07-11 2015-01-14 北京同方微电子有限公司 Safe and reliable mobile payment transaction method
CN104166914A (en) * 2014-08-20 2014-11-26 武汉天喻信息产业股份有限公司 Secure system and method based on secure element and applied to host card emulation technology

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101079090A (en) * 2007-07-02 2007-11-28 北京飞天诚信科技有限公司 Apparatus for reproducing personal application environment
CN104240085A (en) * 2013-06-07 2014-12-24 中兴通讯股份有限公司 Mobile terminal and mobile payment safety verification method and device
US20150006319A1 (en) * 2013-06-26 2015-01-01 Barkley, Inc. System and method for communication and processing between devices and objects
CN103617382A (en) * 2013-11-22 2014-03-05 北京奇虎科技有限公司 Privacy protection method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113473474A (en) * 2021-05-26 2021-10-01 上海商甲信息科技有限公司 Background authority control method for mobile communication terminal system

Also Published As

Publication number Publication date
CN105550866A (en) 2016-05-04
CN105550866B (en) 2020-05-19

Similar Documents

Publication Publication Date Title
WO2016192453A1 (en) Safety control method and apparatus, and terminal
US11157912B2 (en) Method and system for enhancing the security of a transaction
CN104951409B (en) A kind of hardware based full disk encryption system and encryption method
AU2013200681B2 (en) Security-enhanced computer systems and methods
Marforio et al. Smartphones as Practical and Secure Location Verification Tokens for Payments.
KR102382397B1 (en) System for transaction authentication
CA2838763C (en) Credential authentication methods and systems
CA2865148C (en) Multi-issuer secure element partition architecture for nfc enabled devices
AU2014256377B2 (en) Systems and methods for secure processing with embedded cryptographic unit
EP2795829B1 (en) Cryptographic system and methodology for securing software cryptography
WO2017041603A1 (en) Data encryption method and apparatus, mobile terminal, and computer storage medium
KR101349849B1 (en) Universal secure information storage device
CN109412812A (en) Data safe processing system, method, apparatus and storage medium
US9059990B2 (en) System and methods for ensuring confidentiality of information used during authentication and authorization operations
Zhang et al. Trusttokenf: A generic security framework for mobile two-factor authentication using trustzone
WO2015096645A1 (en) Payment terminal, payment background and method of payment using virtual card
CN101420299B (en) Method for enhancing stability of intelligent cipher key equipment and intelligent cipher key equipment
WO2017008729A1 (en) Method and system for securely switching terminal between product mode and development mode
US11379568B2 (en) Method and system for preventing unauthorized computer processing
EP3193262A1 (en) Database operation method and device
Kim et al. Secure mobile device management based on domain separation
Amarante et al. Exploring USB connection vulnerabilities on Android devices breaches using the Android debug bridge
Herodotou et al. Check for Spying on the Spy: Security Analysis of Hidden Cameras Samuel Herodotou () and Feng Hao Warwick University, Coventry CV4 7AL, UK
Mehr Nezhad et al. Security Analysis of Mobile Point-of-Sale Terminals
Ahsan HARDWARE ASSITED SECURITY PLATFORM

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16802376

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 06/02/2018)

122 Ep: pct application non-entry in european phase

Ref document number: 16802376

Country of ref document: EP

Kind code of ref document: A1