WO2018165921A1 - Pos machine password secure input method and device - Google Patents

Pos machine password secure input method and device Download PDF

Info

Publication number
WO2018165921A1
WO2018165921A1 PCT/CN2017/076812 CN2017076812W WO2018165921A1 WO 2018165921 A1 WO2018165921 A1 WO 2018165921A1 CN 2017076812 W CN2017076812 W CN 2017076812W WO 2018165921 A1 WO2018165921 A1 WO 2018165921A1
Authority
WO
WIPO (PCT)
Prior art keywords
password
pos machine
input
security
security chip
Prior art date
Application number
PCT/CN2017/076812
Other languages
French (fr)
Chinese (zh)
Inventor
宋孝亮
Original Assignee
深圳大趋智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳大趋智能科技有限公司 filed Critical 深圳大趋智能科技有限公司
Priority to PCT/CN2017/076812 priority Critical patent/WO2018165921A1/en
Priority to CN201780001538.6A priority patent/CN108521822A/en
Publication of WO2018165921A1 publication Critical patent/WO2018165921A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/206Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems

Definitions

  • the present invention relates to the field of POS terminal technology, and in particular, to a password security input method and apparatus in a POS machine.
  • the security of the android system is slowly accepted by the payment industry, and is used to express the full touch screen of the smart POS terminal, the full touch screen intelligent POS terminal is Intelligent POS terminal based on Internet and cloud computing, integrating secure payment, full acceptance, membership marketing, P0S
  • a primary object of the present invention is to provide a cryptographic security input method and apparatus in a POS machine, which aims to enhance the security of use of the POS machine.
  • the present invention provides a password security input method in a POS machine, wherein the POS machine is provided with a security chip and a POS machine operation processor, and the password security input method includes the following steps:
  • the operating system of the POS operating system based on the POS running processor receives the password input command ⁇ , and switches the input signal of the touch screen to the security chip;
  • the password information is encrypted and sent to the POS machine running processor.
  • the step of switching the input signal of the touch screen into the security chip includes:
  • the step of switching the input signal of the touch screen to the security chip includes: [0012] controlling the display interface of the operating system end of the POS machine to switch to the password input display state.
  • the method includes:
  • the password information is encrypted and then sent to the POS machine, and the step of running the processor includes:
  • the present invention also provides a password security input device in a POS machine, wherein the POS machine is provided with a security chip and a POS machine running processor, and the password security input device includes:
  • a switching unit configured to receive a password input command by the POS operating system running the processor based on the POS, and switch the input signal of the touch screen to the security chip;
  • an obtaining unit configured to acquire, by using the security chip, password information input by the touch screen
  • the processing unit is configured to encrypt the password information after the password input is completed, and then send the password information to the POS operation processor.
  • the switching unit is specifically configured to:
  • the switching unit is further configured to:
  • the acquiring unit is further configured to:
  • the device further includes:
  • the clearing unit is configured to clear the plaintext password cache that the security chip obtains the password information.
  • the password security input method and apparatus in the POS machine provided by the present invention have the following beneficial effects: [0031] The password security input method and apparatus in the POS machine provided by the present invention, based on the POS machine running the processor After the POS machine operating system receives the password input command, the input signal of the touch screen is switched to the security chip; the password information input by the touch screen is obtained by the security chip; after the password input is completed, the password information is encrypted and sent to The POS machine runs the processor; after the user inputs the password, the security chip obtains the password information, prevents the password information from being stolen, and enhances the security of the POS machine.
  • FIG. 1 is a schematic diagram showing the steps of a password security input method in a POS machine according to an embodiment of the present invention
  • FIG. 2 is a schematic diagram showing the steps of a password security input method in a POS machine according to another embodiment of the present invention.
  • FIG. 3 is a schematic structural diagram of a password security input device in a POS machine according to an embodiment of the present invention
  • FIG. 4 is a schematic structural diagram of a password security input device in a POS machine according to another embodiment of the present invention.
  • FIG. 1 is a schematic diagram of steps of a password security input method in a POS machine according to an embodiment of the present invention.
  • a password security input method in a POS machine is provided.
  • the POS machine is provided with a security chip and a POS machine running processor.
  • the password security input method includes the following steps:
  • Step S1 the POS machine operating system based on the POS running processor receives the password input command, and switches the input signal of the touch screen to the security chip;
  • Step S2 acquiring, by using the security chip, password information input by the touch screen;
  • Step S3 After the password input is completed, the password information is encrypted and sent to the P0S machine running processor.
  • the POS machine is a full touch screen payment terminal of an android (Android) system based on a linux kernel.
  • an android surfaceflinger graphical interface is displayed on the touch screen.
  • the user uses the POS machine to make payment and enters the corresponding password input interface, the user touches the corresponding area on the screen to issue a password input command, and the POS machine switches all input signals of the touch screen to the security chip, that is, The POS machine running processor can not receive the password information input by the touch screen, and the Trojan program cannot steal the user's password information from the android system.
  • the POS machine obtains the password information input by the touch screen through the above security chip, and the security chip and the Android system are independent of each other, and the Trojan horse program cannot enter the security chip to ensure the security of the password information.
  • the security chip encrypts the password information and then sends it to the POS machine to run the processor.
  • the password is verified on the android system. If the verification is passed, the payment is made. If the verification fails, the password is verified through the touch screen. .
  • the security chip is a trusted platform module, and is a device capable of independently performing key generation, encryption and decryption, and has an independent processor and a storage unit, and can store key and feature data. , providing encryption and security authentication services. Encrypted with a security chip, the keys are stored in hardware, and the stolen data cannot be decrypted, thereby protecting business privacy and data security.
  • the function of the security chip is equivalent to a "safe".
  • the important password data is stored in the security chip.
  • the security chip communicates with the POS operating system based on the POS machine running the processor through the SPI bus. According to the principle of the security chip. Since the password data can only be output, but cannot be input, the encryption and decryption operations are completed inside the security chip, and only the result is output to the upper layer, thereby avoiding the chance that the password is cracked.
  • the security chip may also be a general processor that is different from the POS machine running the processor, that is, two processors are disposed in the POS machine, and one processor is used to run the POS operation.
  • the system, the other processor is used for the password input, obtains the password information, and is encrypted and sent to the processor running the POS operating system, which is substantially the same as the above embodiment, and will not be described herein.
  • the password security input method in the POS machine provided in the embodiment of the present invention, the POS machine operating system based on the POS machine running processor receives the password input command, and switches the input signal of the touch screen to the security chip; The security chip obtains the password information input by the touch screen; after the password input is completed, the password information is encrypted and sent to the POS machine to run the processor; after the user inputs the password, the security chip obtains the password information to avoid the password information. Stealed, enhanced POS security.
  • step S1 of switching the input signal of the touch screen into the security chip is as follows:
  • the touch screen is provided with a signal data line.
  • one end of the signal data line is connected to the touch screen, and the other end is connected to the POS running processor, and the other end can also be connected to the security chip.
  • the signal data line of the touch screen is connected to the POS machine running processor, and when the POS machine operating system receives the password input command, the signal data line of the control touch screen is switched and connected to the security chip. Therefore, the signal transmission between the touch screen and the running processor of the POS machine is cut off, and the data acquired by the touch screen is all transmitted to the security chip, and even if the operating system hits the Trojan, the password information input by the user touching the screen cannot be obtained, and the password is avoided. Information is stolen and POS security is enhanced.
  • the step S1 of switching the input signal of the touch screen to the security chip includes: [0054] controlling the display interface of the operating system end of the POS machine to switch to the password input display state.
  • the card user When the card user is required to input a password, enter the card user password input state, the signal data of the touch screen The line is connected to the security chip, and the security chip sends the control information to the linux kernel of the application POS operating system to switch to the password input display state, so that the display content of the original application is not destroyed.
  • step S2 of acquiring the password information input by the touch screen by the security chip includes:
  • [0057] Sending an instruction without a plaintext PIN to the operating system end of the POS machine, and displaying the password in a password invisible manner on the display interface of the operating system end of the POS machine.
  • the security chip obtains the input data of the touch screen, analyzes which key the user presses, presses the key, and sends an instruction without the plaintext PIN to the Linux kernel of the operating system, and the linux kernel update password input "*" at the operating system end of the POS machine. No., the password is displayed invisible in the password.
  • the password information input by the touch screen is obtained by the security chip, a text input keyboard is provided in a password input interface of the touch screen, and the user inputs the account information by pressing a corresponding character on the keyboard;
  • the entered password is encrypted and displayed, for example, the password is displayed as a special character such as "*" to prevent the screen from stealing the password.
  • the text input keyboard inputs a password corresponding to the payment account, and the input characters are randomly displayed in the text input keyboard, so that the order of each display is different.
  • the input method input characters on the POS machine are sorted according to the input characters on the keyboard.
  • the input characters are randomly displayed in the text input keyboard, which means that the input characters on the keyboard are re-randomly randomized.
  • the order of each display is different, so that the password input by the user can be obtained according to the position where the user clicks the text input keyboard, thereby further ensuring the security of the password input by the user.
  • the password information is encrypted and then sent to the POS machine to run the processor, and the step S3 includes:
  • Step S4 Clear the plaintext password cache of the security chip to obtain the password information. After the card user password is entered, the plaintext password is encrypted by using the password encryption key inside the security chip, and the plaintext password cache of the password information is also cleared.
  • the security chip after the security chip obtains the password information, it does not send it to the POS machine to run the processor for verification, but performs password verification directly in the security chip, and then sends the verification result to the POS based verification.
  • the machine runs the processor's POS operating system.
  • the fingerprint data may be transmitted to the security chip after the fingerprint data is collected, and the fingerprint data of the fingerprint identifier is cut off. The POS machine runs the channel of the processor.
  • a password security input device in the POS machine is further provided in the embodiment of the present invention.
  • a password security input device in a POS machine is provided.
  • the POS device is provided with a security chip and a POS machine running processor, and the password security input device includes:
  • the switching unit 10 is configured to: after receiving the password input command by the POS operating system running the processor based on the POS machine, switching the input signal of the touch screen to the security chip;
  • the obtaining unit 20 is configured to acquire, by using the security chip, password information input by the touch screen;
  • the processing unit 30 is configured to encrypt the password information after the password input is completed, and then send the password information to the POS running processor.
  • the POS running processor is a processor running by an operating system of the POS, that is, a central processing unit in which the POS device operates.
  • the POS machine is a full touch screen payment terminal of the android kernel based android system.
  • the android surface flinger graphical interface is displayed on the touch screen.
  • the user uses the POS machine to make payment and enters the corresponding password input interface, the user touches the corresponding area on the screen to issue a password input command, and the POS machine switches all input signals of the touch screen to the security chip, that is,
  • the POS machine running processor can not receive the password information input by the touch screen, and the Trojan program cannot steal the user's password information from the android system.
  • the POS machine obtains the password information input by the touch screen through the above security chip, and the security chip and the security system are independent of each other, and the Trojan horse program cannot enter the security chip to ensure the security of the password information.
  • the security chip encrypts the password information and then sends it to the POS machine to run the processor.
  • the password is verified on the android system. If the verification is passed, the payment is made. If the verification fails, the password is verified through the touch screen. .
  • the security chip is a trusted platform module, and is a device capable of independently performing key generation, encryption and decryption, and has an independent processor and a storage unit internally, and can store key and feature data. , providing encryption and security authentication services. Encrypted with a security chip, the keys are stored in hardware, and the stolen data cannot be decrypted, thereby protecting business privacy and data security.
  • the role of the security chip is quite In a "safe", important password data is stored in the security chip.
  • the security chip communicates with the POS operating system based on the POS machine running the processor through the SPI bus. According to the principle of the security chip, the password data can only be output. , and can not be input, so the encryption and decryption operations are completed inside the security chip, and only the results are output to the upper layer, avoiding the chance that the password is cracked.
  • the security chip may also be a general processor that is different from the POS machine running the processor, that is, two processors are disposed in the POS machine, and one processor is used to run the POS operation.
  • the system, the other processor is used for the password input, obtains the password information, and is encrypted and sent to the processor running the POS operating system, which is substantially the same as the above embodiment, and will not be described herein.
  • the password security input device in the POS machine provided in the embodiment of the present invention, the POS machine operating system based on the POS machine running processor receives the password input command, and the switching unit 10 switches the input signal of the touch screen to the security chip.
  • the obtaining unit 20 acquires the password information input by the touch screen through the security chip; after the password input is completed, the processing unit 30 encrypts the password information and sends the password information to the POS machine to run the processor; after the user inputs the password,
  • the password information is obtained by the security chip to prevent the password information from being stolen and enhance the security of the POS machine.
  • the switching unit 10 is specifically configured to:
  • the touch screen is provided with a signal data line.
  • one end of the signal data line is connected to the touch screen, and the other end is connected to the POS running processor, and the other end can also be connected to the security chip.
  • the signal data line of the touch screen is connected to the POS machine running processor, and when the POS machine operating system receives the password input command, the signal data line of the control touch screen is switched and connected to the security chip. Therefore, the signal transmission between the touch screen and the running processor of the POS machine is cut off, and the data acquired by the touch screen is all transmitted to the security chip, and even if the operating system hits the Trojan, the password information input by the user touching the screen cannot be obtained, and the password is avoided. Information is stolen and POS security is enhanced.
  • the switching unit 10 is further configured to:
  • the card user When the card user is required to input a password, enter the card user password input state, the signal data line of the touch screen is connected to the security chip, and the control chip sends the control information to the application POS operating system through the security chip.
  • the linux kernel switches to the password input display state, so that the display content of the original application is not destroyed.
  • the obtaining unit 20 is further configured to:
  • [0080] Sending an instruction without a plaintext PIN to the operating system end of the POS machine, and displaying the password in a password invisible manner on the display interface of the operating system end of the POS machine.
  • the security chip obtains the input data of the touch screen, analyzes which key the user presses, presses the key, and sends an instruction without the plaintext PIN to the Linux kernel of the operating system, and the linux kernel update password input "*" at the operating system end of the POS machine. No., the password is displayed invisible in the password.
  • the password information input by the touch screen is obtained by the security chip, a text input keyboard is provided in a password input interface of the touch screen, and the user inputs the account information by pressing a corresponding character on the keyboard;
  • the entered password is encrypted and displayed, for example, the password is displayed as a special character such as "*" to prevent the screen from stealing the password.
  • the text input keyboard inputs a password corresponding to the payment account, and the input characters are randomly displayed in the text input keyboard, so that the order of each display is different.
  • the input method input characters on the POS machine are sorted according to the input characters on the keyboard.
  • the input characters are randomly displayed in the text input keyboard, which means that the input characters on the keyboard are re-randomly randomized.
  • the order of each display is different, so that the password input by the user can be obtained according to the position where the user clicks the text input keyboard, thereby further ensuring the security of the password input by the user.
  • the apparatus further includes:
  • the clearing unit 40 is configured to clear the plaintext password cache that the security chip obtains the password information. After the card user enters the password, the password is encrypted inside the security chip using the password encryption key.
  • the security chip after the security chip obtains the password information, it does not send it to the POS machine to run the processor for verification, but performs password verification directly in the security chip, and then sends the verification result to the POS-based authentication.
  • the machine runs the processor's POS operating system.
  • the fingerprint data may be transmitted to the security chip after the fingerprint data is collected for payment, and the fingerprint data of the fingerprint identifier is cut off.
  • the POS machine runs the channel of the processor.
  • the password security input method and device in the POS machine provided in the embodiment of the present invention, the POS machine operating system based on the POS machine running processor receives the password input command, and the switching unit 10 will touch the screen.
  • the input signal is switched to the security chip; the obtaining unit 20 acquires the password information input by the touch screen through the security chip; after the password input is completed, the processing unit 30 encrypts the password information and sends the password information to the POS machine for processing.
  • the security chip obtains the password information, avoids the password information being stolen, and enhances the security of the POS machine.
  • the present invention includes apparatus related to performing one or more of the operations described herein.
  • These devices may be specially designed and manufactured for the required purposes, or may also include known devices in a general purpose computer.
  • These devices have computer programs stored therein that are selectively activated or reconfigured.
  • Such computer programs may be stored in a device (eg, computer) readable medium or in any type of medium suitable for storing electronic instructions and respectively coupled to a bus, including but not limited to any Types of disks (including floppy disks, hard disks, CDs, CD-ROMs, and magneto-optical disks), ROM (Read-Only Memory, read-only memory), RAM (Random Access Memory), EPROM (Erasable)
  • a readable medium includes any medium that is stored or transmitted by a device (e.g., a computer) in a readable form.
  • each block of the block diagrams and/or block diagrams and/or flow diagrams can be implemented with computer program instructions, and/or in the block diagrams and/or block diagrams and/or flow diagrams.
  • Those skilled in the art will appreciate that these computer program instructions can be implemented by a general purpose computer, a professional computer, or a processor of other programmable data processing methods, such that the processor is executed by a computer or other programmable data processing method.
  • the block diagrams and/or block diagrams of the invention and/or the schemes specified in the blocks or blocks of the flow diagram are invented.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Cash Registers Or Receiving Machines (AREA)
  • Input From Keyboards Or The Like (AREA)

Abstract

A POS machine password secure input method and device, the method comprising: when a POS machine operation processor-based POS machine operating system receives a password input command, switching an input signal of a touch screen to a secure chip (S1); obtaining password information of a touch screen input via the secure chip (S2); after a password input is complete, encrypting the password information and sending to the POS machine operation processor (S3). The method prevents the password information from being stolen, and increases POS machine usage security.

Description

POS机中的密码安全输入方法及装置 技术领域  Password security input method and device in POS machine
[0001] 本发明涉及 POS机终端技术领域, 特别涉及一种 POS机中的密码安全输入方法 及装置。  [0001] The present invention relates to the field of POS terminal technology, and in particular, to a password security input method and apparatus in a POS machine.
背景技术  Background technique
[0002] 随着 android系统的安全性级别越来越高, android系统的安全性也慢慢被支付行 业接受, 并用来幵发全触屏的智能 POS机终端, 全触屏智能 POS机终端是基于互 联网和云计算的智能 POS机终端, 集安全支付, 全受理, 会员营销于一体, P0S [0002] With the increasing security level of the android system, the security of the android system is slowly accepted by the payment industry, and is used to express the full touch screen of the smart POS terminal, the full touch screen intelligent POS terminal is Intelligent POS terminal based on Internet and cloud computing, integrating secure payment, full acceptance, membership marketing, P0S
+的各种定制化应用。 + Various customized applications.
[0003] 由于 android系统的幵放性及可能存在的漏洞, 使得持卡人在触摸屏输入密码过 程中密码容易被窃取。 如底层被 root后, 容易被截屏, 或者 android系统中容易被 植入木马等。 因此, 为了防止持卡人密码输入过程中密码被窃取, 需要对密码 输入过程进行防护。  [0003] Due to the scalability of the android system and possible vulnerabilities, the cardholder is easily stolen during the password input process on the touch screen. If the bottom layer is rooted, it is easy to be screened, or the android system is easy to be implanted with a Trojan. Therefore, in order to prevent the password from being stolen during the cardholder password input process, the password input process needs to be protected.
技术问题  technical problem
[0004] 本发明的主要目的为提供一种 P0S机中的密码安全输入方法和装置, 旨在增强 P0S机的使用安全性。  [0004] A primary object of the present invention is to provide a cryptographic security input method and apparatus in a POS machine, which aims to enhance the security of use of the POS machine.
问题的解决方案  Problem solution
技术解决方案  Technical solution
[0005] 本发明提出一种 P0S机中的密码安全输入方法, 所述 P0S机中设置有一安全芯 片以及 P0S机运行处理器, 所述密码安全输入方法包括以下步骤:  [0005] The present invention provides a password security input method in a POS machine, wherein the POS machine is provided with a security chip and a POS machine operation processor, and the password security input method includes the following steps:
[0006] 基于 P0S机运行处理器的 P0S机操作系统接收到密码输入指令吋, 将触摸屏的 输入信号切换至安全芯片中; [0006] The operating system of the POS operating system based on the POS running processor receives the password input command 吋, and switches the input signal of the touch screen to the security chip;
[0007] 通过所述安全芯片获取所述触摸屏输入的密码信息;  [0007] acquiring password information input by the touch screen by using the security chip;
[0008] 密码输入完成后对所述密码信息进行加密后发送至所述 P0S机运行处理器。  [0008] After the password input is completed, the password information is encrypted and sent to the POS machine running processor.
[0009] 进一步地, 所述将触摸屏的输入信号切换至安全芯片中的步骤包括:  [0009] Further, the step of switching the input signal of the touch screen into the security chip includes:
[0010] 控制所述触摸屏连接所述 P0S机运行处理器的信号数据线切换连接至所述安全 心片。 [0010] controlling the touch screen to connect the signal data line of the POS machine operating processor to switch to the security Heart film.
[0011] 进一步地, 所述将触摸屏的输入信号切换至安全芯片中的步骤之后包括: [0012] 控制所述 POS机操作系统端的显示界面切换至密码输入显示状态。  [0011] Further, the step of switching the input signal of the touch screen to the security chip includes: [0012] controlling the display interface of the operating system end of the POS machine to switch to the password input display state.
[0013] 进一步地, 所述通过所述安全芯片获取所述触摸屏输入的密码信息的步骤之后 包括: [0013] Further, after the step of acquiring the password information input by the touch screen by the security chip, the method includes:
[0014] 发送不带明文 PIN的指令给 POS机操作系统端, 并在所述 POS机操作系统端的 显示界面以密码不可见方式显示密码。  [0014] Sending an instruction without a plaintext PIN to the operating system end of the POS machine, and displaying the password in a password invisible manner on the display interface of the operating system end of the POS machine.
[0015] 进一步地, 所述密码输入完成后对所述密码信息进行加密后发送至所述 POS机 运行处理器的步骤之后包括: [0015] Further, after the password input is completed, the password information is encrypted and then sent to the POS machine, and the step of running the processor includes:
[0016] 清除所述安全芯片获取密码信息的明文密码缓存。 [0016] Clearing the plaintext password cache of the security chip to obtain password information.
[0017] [0017]
[0018] 本发明还提供了一种 POS机中的密码安全输入装置, 所述 POS机中设置有一安 全芯片以及 POS机运行处理器, 所述密码安全输入装置包括:  The present invention also provides a password security input device in a POS machine, wherein the POS machine is provided with a security chip and a POS machine running processor, and the password security input device includes:
[0019] 切换单元, 用于基于 POS机运行处理器的 POS机操作系统接收到密码输入指令 吋, 将触摸屏的输入信号切换至安全芯片中; [0019] a switching unit, configured to receive a password input command by the POS operating system running the processor based on the POS, and switch the input signal of the touch screen to the security chip;
[0020] 获取单元, 用于通过所述安全芯片获取所述触摸屏输入的密码信息;  [0020] an obtaining unit, configured to acquire, by using the security chip, password information input by the touch screen;
[0021] 处理单元, 用于密码输入完成后对所述密码信息进行加密后发送至所述 POS机 运行处理器。  [0021] The processing unit is configured to encrypt the password information after the password input is completed, and then send the password information to the POS operation processor.
[0022] 进一步地, 所述切换单元具体用于: [0022] Further, the switching unit is specifically configured to:
[0023] 控制所述触摸屏连接所述 POS机运行处理器的信号数据线切换连接至所述安全 心片。  [0023] controlling a signal data line connecting the touch screen to the POS machine to operate the processor to switch to the security chip.
[0024] 进一步地, 所述切换单元还用于:  [0024] Further, the switching unit is further configured to:
[0025] 控制所述 POS机操作系统端的显示界面切换至密码输入显示状态。  [0025] controlling a display interface of the operating system end of the POS machine to switch to a password input display state.
[0026] 进一步地, 所述获取单元还用于: [0026] Further, the acquiring unit is further configured to:
[0027] 发送不带明文 PIN的指令给 POS机操作系统端, 并在所述 POS机操作系统端的 显示界面以密码不可见方式显示密码。  [0027] Sending an instruction without a plaintext PIN to the operating system end of the POS machine, and displaying the password in a password invisible manner on the display interface of the operating system end of the POS machine.
[0028] 进一步地, 所述装置还包括: [0028] Further, the device further includes:
[0029] 清除单元, 用于清除所述安全芯片获取密码信息的明文密码缓存。 发明的有益效果 [0029] The clearing unit is configured to clear the plaintext password cache that the security chip obtains the password information. Advantageous effects of the invention
有益效果  Beneficial effect
[0030] 本发明中提供的 POS机中的密码安全输入方法和装置, 具有以下有益效果: [0031] 本发明中提供的 POS机中的密码安全输入方法和装置, 基于 POS机运行处理器 的 POS机操作系统接收到密码输入指令吋, 将触摸屏的输入信号切换至安全芯片 中; 通过所述安全芯片获取所述触摸屏输入的密码信息; 密码输入完成后对所 述密码信息进行加密后发送至所述 POS机运行处理器; 在用户输入密码吋, 由安 全芯片获取密码信息, 避免密码信息被窃取, 增强 POS机安全性。  [0030] The password security input method and apparatus in the POS machine provided by the present invention have the following beneficial effects: [0031] The password security input method and apparatus in the POS machine provided by the present invention, based on the POS machine running the processor After the POS machine operating system receives the password input command, the input signal of the touch screen is switched to the security chip; the password information input by the touch screen is obtained by the security chip; after the password input is completed, the password information is encrypted and sent to The POS machine runs the processor; after the user inputs the password, the security chip obtains the password information, prevents the password information from being stolen, and enhances the security of the POS machine.
对附图的简要说明  Brief description of the drawing
附图说明  DRAWINGS
[0032] 图 1是本发明一实施例 POS机中的密码安全输入方法步骤示意图;  1 is a schematic diagram showing the steps of a password security input method in a POS machine according to an embodiment of the present invention;
[0033] 图 2是本发明另一实施例 POS机中的密码安全输入方法步骤示意图; 2 is a schematic diagram showing the steps of a password security input method in a POS machine according to another embodiment of the present invention;
[0034] 图 3是本发明一实施例 POS机中的密码安全输入装置结构示意图; 3 is a schematic structural diagram of a password security input device in a POS machine according to an embodiment of the present invention;
[0035] 图 4是本发明另一实施例 POS机中的密码安全输入装置结构示意图。 4 is a schematic structural diagram of a password security input device in a POS machine according to another embodiment of the present invention.
[0036] [0036]
[0037] 本发明目的实现、 功能特点及优点将结合实施例, 参照附图做进一步说明。 [0037] The objects, features, and advantages of the present invention will be further described in conjunction with the embodiments.
实施该发明的最佳实施例  BEST MODE FOR CARRYING OUT THE INVENTION
本发明的最佳实施方式  BEST MODE FOR CARRYING OUT THE INVENTION
[0038] 应当理解, 此处所描述的具体实施例仅仅用以解释本发明, 并不用于限定本发 明。  The specific embodiments described herein are intended to be illustrative only and not to limit the invention.
[0039] 本技术领域技术人员可以理解, 除非特意声明, 这里使用的单数形式"一"、 " 一个"、 "所述""上述"和"该"也可包括复数形式。 应该进一步理解的是, 本发明 的说明书中使用的措辞"包括"是指存在所述特征、 整数、 步骤、 操作、 元件、 单 元、 模块和 /或组件, 但是并不排除存在或添加一个或多个其他特征、 整数、 步 骤、 操作、 元件、 单元、 模块、 组件和 /或它们的组。 应该理解, 当我们称元件 被"连接"或"耦接"到另一元件吋, 它可以直接连接或耦接到其他元件, 或者也可 以存在中间元件。 此外, 这里使用的"连接"或"耦接"可以包括无线连接或无线耦 接。 这里使用的措辞"和 /或"包括一个或更多个相关联的列出项的全部或任一单 元和全部组合。 [0039] The singular forms "a", "an", "the" It will be further understood that the phrase "comprising", used in the <RTI ID=0.0></RTI><RTIgt;</RTI> is intended to mean the presence of the features, integers, steps, operations, components, units, modules and/or components, but does not exclude the presence or addition of one or more Other characteristics, integers, steps, operations, components, units, modules, components, and/or groups thereof. It will be understood that when we refer to an element being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element, or an intermediate element can be present. In addition, "connected" or "coupled" as used herein may include a wireless connection or a wireless coupling. Pick up. The phrase "and/or" used herein includes all or any of the elements and all combinations of one or more of the associated listed.
[0040] 本技术领域技术人员可以理解, 除非另外定义, 这里使用的所有术语 (包括技 术术语和科学术语) , 具有与本发明所属领域中的普通技术人员的一般理解相 同的意义。 还应该理解的是, 诸如通用字典中定义的那些术语, 应该被理解为 具有与现有技术的上下文中的意义一致的意义, 并且除非像这里一样被特定定 义, 否则不会用理想化或过于正式的含义来解释。  [0040] Those skilled in the art will appreciate that all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs, unless otherwise defined. It should also be understood that terms such as those defined in a general dictionary should be understood to have meaning consistent with the meaning in the context of the prior art, and will not be idealized or excessive unless specifically defined as here. The formal meaning is explained.
[0041] 参照图 1, 为本发明一实施例 POS机中的密码安全输入方法步骤示意图。 1 is a schematic diagram of steps of a password security input method in a POS machine according to an embodiment of the present invention.
[0042] 本发明一实施例中提出一种 POS机中的密码安全输入方法, 该 POS机中设置有 一安全芯片以及 POS机运行处理器, 所述密码安全输入方法包括以下步骤: [0042] In an embodiment of the present invention, a password security input method in a POS machine is provided. The POS machine is provided with a security chip and a POS machine running processor. The password security input method includes the following steps:
[0043] 步骤 Sl, 基于 POS机运行处理器的 POS机操作系统接收到密码输入指令吋, 将 触摸屏的输入信号切换至安全芯片中; [0043] Step S1, the POS machine operating system based on the POS running processor receives the password input command, and switches the input signal of the touch screen to the security chip;
[0044] 步骤 S2, 通过所述安全芯片获取所述触摸屏输入的密码信息; [0044] Step S2, acquiring, by using the security chip, password information input by the touch screen;
[0045] 步骤 S3, 密码输入完成后对所述密码信息进行加密后发送至所述 P0S机运行处 理器。 [0045] Step S3: After the password input is completed, the password information is encrypted and sent to the P0S machine running processor.
[0046] 在本实施例中, 所述 P0S机为基于 linux内核的 android (安卓) 系统的全触屏支 付终端, 在正常状态下 (非密码输入状态) , 触摸屏上显示 android surfaceflinger 图形界面。 当用户使用所述 POS机进行支付, 并进入对应的密码输入界面吋, 用 户触摸屏幕上对应区域发出密码输入指令, 此吋 POS机将触摸屏所有的输入信号 都切换输入至安全芯片中, 即此吋 POS机运行处理器接收不到触摸屏输入的密码 信息, 木马程序则无法从 android系统窃取用户的密码信息。 POS机通过上述安全 芯片获取触摸屏输入的密码信息, 该安全芯片与所述安卓系统相互独立, 木马 程序无法进入安全芯片中, 保障密码信息的安全。 用户输入密码完成之后, 安 全芯片对密码信息进行加密之后再发送至 POS机运行处理器, 最后在 android系统 端进行密码的验证, 验证通过则进行支付, 验证不通过则重新通过触摸屏输入 密码进行验证。  [0046] In this embodiment, the POS machine is a full touch screen payment terminal of an android (Android) system based on a linux kernel. In a normal state (non-password input state), an android surfaceflinger graphical interface is displayed on the touch screen. When the user uses the POS machine to make payment and enters the corresponding password input interface, the user touches the corresponding area on the screen to issue a password input command, and the POS machine switches all input signals of the touch screen to the security chip, that is, The POS machine running processor can not receive the password information input by the touch screen, and the Trojan program cannot steal the user's password information from the android system. The POS machine obtains the password information input by the touch screen through the above security chip, and the security chip and the Android system are independent of each other, and the Trojan horse program cannot enter the security chip to ensure the security of the password information. After the user enters the password, the security chip encrypts the password information and then sends it to the POS machine to run the processor. Finally, the password is verified on the android system. If the verification is passed, the payment is made. If the verification fails, the password is verified through the touch screen. .
[0047] 在本实施例中, 所述安全芯片为可信任平台模块, 是一个可独立进行密钥生成 、 加解密的装置, 内部拥有独立的处理器和存储单元, 可存储密钥和特征数据 , 提供加密和安全认证服务。 用安全芯片进行加密, 密钥被存储在硬件中, 被 窃的数据无法解密, 从而保护商业隐私和数据安全。 安全芯片所起的作用相当 于一个 "保险柜", 重要的密码数据都存储在安全芯片中, 安全芯片通过 SPI总线 与基于 POS机运行处理器的 POS机操作系统进行通信, 根据安全芯片的原理, 由 于密码数据只能输出, 而不能输入, 这样加密和解密的运算在安全芯片内部完 成, 只将结果输出到上层, 避免了密码被破解的机会。 [0047] In this embodiment, the security chip is a trusted platform module, and is a device capable of independently performing key generation, encryption and decryption, and has an independent processor and a storage unit, and can store key and feature data. , providing encryption and security authentication services. Encrypted with a security chip, the keys are stored in hardware, and the stolen data cannot be decrypted, thereby protecting business privacy and data security. The function of the security chip is equivalent to a "safe". The important password data is stored in the security chip. The security chip communicates with the POS operating system based on the POS machine running the processor through the SPI bus. According to the principle of the security chip. Since the password data can only be output, but cannot be input, the encryption and decryption operations are completed inside the security chip, and only the result is output to the upper layer, thereby avoiding the chance that the password is cracked.
[0048] 在本实施例中, 上述安全芯片也可以是一个异于 POS机运行处理器的一个普通 处理器, 即在 POS机中设置有两个处理器, 其中一个处理器用于运行 POS机操作 系统, 另一个处理器则用于密码输入吋获取密码信息, 并进行加密后发送至运 行 POS机操作系统的处理器, 其与上述实施例大致相同, 在此不进行赘述。  [0048] In this embodiment, the security chip may also be a general processor that is different from the POS machine running the processor, that is, two processors are disposed in the POS machine, and one processor is used to run the POS operation. The system, the other processor is used for the password input, obtains the password information, and is encrypted and sent to the processor running the POS operating system, which is substantially the same as the above embodiment, and will not be described herein.
[0049] 本发明实施例中提供的 POS机中的密码安全输入方法, 基于 POS机运行处理器 的 POS机操作系统接收到密码输入指令吋, 将触摸屏的输入信号切换至安全芯片 中; 通过所述安全芯片获取所述触摸屏输入的密码信息; 密码输入完成后对所 述密码信息进行加密后发送至所述 POS机运行处理器; 在用户输入密码吋, 由安 全芯片获取密码信息, 避免密码信息被窃取, 增强 POS机安全性。 [0049] The password security input method in the POS machine provided in the embodiment of the present invention, the POS machine operating system based on the POS machine running processor receives the password input command, and switches the input signal of the touch screen to the security chip; The security chip obtains the password information input by the touch screen; after the password input is completed, the password information is encrypted and sent to the POS machine to run the processor; after the user inputs the password, the security chip obtains the password information to avoid the password information. Stealed, enhanced POS security.
[0050] 具体地, 上述将触摸屏的输入信号切换至安全芯片中的步骤 S1包括: [0050] Specifically, the step S1 of switching the input signal of the touch screen into the security chip is as follows:
[0051] 控制所述触摸屏连接所述 POS机运行处理器的信号数据线切换连接至所述安全 心片。 And [0051] controlling a signal data line connecting the touch screen to the POS operation processor to switch to the security chip.
[0052] 触摸屏上设置有信号数据线, 通常该信号数据线一端连接触摸屏, 另一端连接 至 POS机运行处理器, 同吋该另一端还可以连接至上述安全芯片上。 在正常状态 下 (非密码输入状态) , 触摸屏的信号数据线连接至上述 POS机运行处理器, 当 POS机操作系统接收到密码输入指令吋, 则控制触摸屏的信号数据线切换连接至 安全芯片, 此吋, 触摸屏与 POS机运行处理器之间的信号传输被切断, 触摸屏获 取的数据全部传输至安全芯片中, 即便操作系统中命中木马, 也无法获取到用 户触摸屏幕输入的密码信息, 避免密码信息被窃取, 增强 POS机安全性。  [0052] The touch screen is provided with a signal data line. Usually, one end of the signal data line is connected to the touch screen, and the other end is connected to the POS running processor, and the other end can also be connected to the security chip. In the normal state (non-password input state), the signal data line of the touch screen is connected to the POS machine running processor, and when the POS machine operating system receives the password input command, the signal data line of the control touch screen is switched and connected to the security chip. Therefore, the signal transmission between the touch screen and the running processor of the POS machine is cut off, and the data acquired by the touch screen is all transmitted to the security chip, and even if the operating system hits the Trojan, the password information input by the user touching the screen cannot be obtained, and the password is avoided. Information is stolen and POS security is enhanced.
[0053] 进一步地, 上述将触摸屏的输入信号切换至安全芯片中的步骤 S1之后包括: [0054] 控制所述 POS机操作系统端的显示界面切换至密码输入显示状态。 [0053] Further, the step S1 of switching the input signal of the touch screen to the security chip includes: [0054] controlling the display interface of the operating system end of the POS machine to switch to the password input display state.
[0055] 当需要持卡用户输入密码吋, 进入持卡用户密码输入状态, 触摸屏的信号数据 线连接到安全芯片上, 同吋通过安全芯片发送控制信息至应用 POS机操作系统的 linux内核切换到密码输入显示状态, 这样不会破坏原应用的显示内容。 [0055] When the card user is required to input a password, enter the card user password input state, the signal data of the touch screen The line is connected to the security chip, and the security chip sends the control information to the linux kernel of the application POS operating system to switch to the password input display state, so that the display content of the original application is not destroyed.
[0056] 进一步地, 上述通过所述安全芯片获取所述触摸屏输入的密码信息的步骤 S2之 后包括: [0056] Further, the step S2 of acquiring the password information input by the touch screen by the security chip includes:
[0057] 发送不带明文 PIN的指令给 POS机操作系统端, 并在所述 POS机操作系统端的 显示界面以密码不可见方式显示密码。 安全芯片获取触摸屏的输入数据, 分析 用户按的是哪个键, 按下键后发送不带明文 PIN的指令给操作系统的 linux内核, 在所述 POS机操作系统端的 linux内核更新密码输入" *"号, 即以密码不可见方式 显示密码。  [0057] Sending an instruction without a plaintext PIN to the operating system end of the POS machine, and displaying the password in a password invisible manner on the display interface of the operating system end of the POS machine. The security chip obtains the input data of the touch screen, analyzes which key the user presses, presses the key, and sends an instruction without the plaintext PIN to the Linux kernel of the operating system, and the linux kernel update password input "*" at the operating system end of the POS machine. No., the password is displayed invisible in the password.
[0058] 在本实施例中, 通过所述安全芯片获取所述触摸屏输入的密码信息吋, 在触摸 屏的密码输入界面中提供文本输入键盘, 用户点按键盘上对应的字符输入账户 信息; 在输入密码吋, 将输入的密码进行加密显示, 例如将密码显示为" *"等特 殊字符, 防止被截屏窃取密码。  [0058] In this embodiment, the password information input by the touch screen is obtained by the security chip, a text input keyboard is provided in a password input interface of the touch screen, and the user inputs the account information by pressing a corresponding character on the keyboard; After the password is 加密, the entered password is encrypted and displayed, for example, the password is displayed as a special character such as "*" to prevent the screen from stealing the password.
[0059] 优选地, 所述文本输入键盘输入支付账户对应的密码吋, 在所述文本输入键盘 中随机显示输入字符, 使其每次显示的顺序均不一样。 通常, 在 POS机上的输入 法输入字符按照键盘上的输入字符进行排序, 而在本实施例中, 在文本输入键 盘中随机显示输入字符, 其指的是, 将键盘上的输入字符重新进行随机排列分 布在所述文本输入键盘中, 每次显示的顺序均不一样, 如此, 便可以避免根据 用户点按文本输入键盘的位置获取用户输入的密码, 进一步地保障用户输入的 密码安全。  [0059] Preferably, the text input keyboard inputs a password corresponding to the payment account, and the input characters are randomly displayed in the text input keyboard, so that the order of each display is different. Generally, the input method input characters on the POS machine are sorted according to the input characters on the keyboard. In the embodiment, the input characters are randomly displayed in the text input keyboard, which means that the input characters on the keyboard are re-randomly randomized. Arranged and distributed in the text input keyboard, the order of each display is different, so that the password input by the user can be obtained according to the position where the user clicks the text input keyboard, thereby further ensuring the security of the password input by the user.
[0060] 进一步地, 参照图 2, 在另一实施例中, 所述密码输入完成后对所述密码信息 进行加密后发送至所述 POS机运行处理器的步骤 S3之后包括:  [0060] Further, referring to FIG. 2, in another embodiment, after the password input is completed, the password information is encrypted and then sent to the POS machine to run the processor, and the step S3 includes:
[0061] 步骤 S4, 清除所述安全芯片获取密码信息的明文密码缓存。 持卡用户密码输入 完成后, 立即在安全芯片内部使用密码加密密钥对明文密码进行加密, 同吋清 除密码信息的明文密码缓存。 [0061] Step S4: Clear the plaintext password cache of the security chip to obtain the password information. After the card user password is entered, the plaintext password is encrypted by using the password encryption key inside the security chip, and the plaintext password cache of the password information is also cleared.
[0062] 在一些实施例中, 安全芯片获取密码信息之后, 不将其发送至 POS机运行处理 器进行验证, 而是直接在安全芯片中进行密码验证, 验证之后再将验证结果发 送至基于 POS机运行处理器的 POS机操作系统。 [0063] 在其它一些实施例中, 支付吋若支持使用指纹支付, 则可以在采集指纹数据进 行支付吋, 将指纹识别器的数据全部传输至安全芯片中, 切断指纹识别器的指 纹数据传输至 POS机运行处理器的通道。 [0062] In some embodiments, after the security chip obtains the password information, it does not send it to the POS machine to run the processor for verification, but performs password verification directly in the security chip, and then sends the verification result to the POS based verification. The machine runs the processor's POS operating system. [0063] In some other embodiments, if the payment is to support the use of fingerprint payment, the fingerprint data may be transmitted to the security chip after the fingerprint data is collected, and the fingerprint data of the fingerprint identifier is cut off. The POS machine runs the channel of the processor.
[0064] 为了进一步地对本发明实施例中的 POS机中的密码安全输入方法进行说明, 本 发明实施例中还提供了一种 POS机中的密码安全输入装置。 [0064] In order to further describe the password security input method in the POS machine in the embodiment of the present invention, a password security input device in the POS machine is further provided in the embodiment of the present invention.
[0065] 参照图 3, 本发明实施例中提供了一种 POS机中的密码安全输入装置, 所述 POS 机中设置有一安全芯片以及 POS机运行处理器, 所述密码安全输入装置包括: [0066] 切换单元 10, 用于基于 POS机运行处理器的 POS机操作系统接收到密码输入指 令吋, 将触摸屏的输入信号切换至安全芯片中; [0065] Referring to FIG. 3, in the embodiment of the present invention, a password security input device in a POS machine is provided. The POS device is provided with a security chip and a POS machine running processor, and the password security input device includes: The switching unit 10 is configured to: after receiving the password input command by the POS operating system running the processor based on the POS machine, switching the input signal of the touch screen to the security chip;
[0067] 获取单元 20, 用于通过所述安全芯片获取所述触摸屏输入的密码信息; [0067] The obtaining unit 20 is configured to acquire, by using the security chip, password information input by the touch screen;
[0068] 处理单元 30, 用于密码输入完成后对所述密码信息进行加密后发送至所述 POS 机运行处理器。 [0068] The processing unit 30 is configured to encrypt the password information after the password input is completed, and then send the password information to the POS running processor.
[0069] 在本实施例中, 所述 POS机运行处理器为 POS机的操作系统所运行的处理器, 即 POS机设备得以运行的中央处理器。 所述 POS机为基于 linux内核的 android (安 卓) 系统的全触屏支付终端, 在正常状态下 (非密码输入状态) , 触摸屏上显 示 android surfaceflinger图形界面。 当用户使用所述 POS机进行支付, 并进入对应 的密码输入界面吋, 用户触摸屏幕上对应区域发出密码输入指令, 此吋 POS机将 触摸屏所有的输入信号都切换输入至安全芯片中, 即此吋 POS机运行处理器接收 不到触摸屏输入的密码信息, 木马程序则无法从 android系统窃取用户的密码信 息。 POS机通过上述安全芯片获取触摸屏输入的密码信息, 该安全芯片与所述安 卓系统相互独立, 木马程序无法进入安全芯片中, 保障密码信息的安全。 用户 输入密码完成之后, 安全芯片对密码信息进行加密之后再发送至 POS机运行处理 器, 最后在 android系统端进行密码的验证, 验证通过则进行支付, 验证不通过 则重新通过触摸屏输入密码进行验证。  [0069] In this embodiment, the POS running processor is a processor running by an operating system of the POS, that is, a central processing unit in which the POS device operates. The POS machine is a full touch screen payment terminal of the android kernel based android system. In the normal state (non-password input state), the android surface flinger graphical interface is displayed on the touch screen. When the user uses the POS machine to make payment and enters the corresponding password input interface, the user touches the corresponding area on the screen to issue a password input command, and the POS machine switches all input signals of the touch screen to the security chip, that is, The POS machine running processor can not receive the password information input by the touch screen, and the Trojan program cannot steal the user's password information from the android system. The POS machine obtains the password information input by the touch screen through the above security chip, and the security chip and the security system are independent of each other, and the Trojan horse program cannot enter the security chip to ensure the security of the password information. After the user enters the password, the security chip encrypts the password information and then sends it to the POS machine to run the processor. Finally, the password is verified on the android system. If the verification is passed, the payment is made. If the verification fails, the password is verified through the touch screen. .
[0070] 在本实施例中, 所述安全芯片为可信任平台模块, 是一个可独立进行密钥生成 、 加解密的装置, 内部拥有独立的处理器和存储单元, 可存储密钥和特征数据 , 提供加密和安全认证服务。 用安全芯片进行加密, 密钥被存储在硬件中, 被 窃的数据无法解密, 从而保护商业隐私和数据安全。 安全芯片所起的作用相当 于一个 "保险柜", 重要的密码数据都存储在安全芯片中, 安全芯片通过 SPI总线 与基于 POS机运行处理器的 POS机操作系统进行通信, 根据安全芯片的原理, 由 于密码数据只能输出, 而不能输入, 这样加密和解密的运算在安全芯片内部完 成, 只将结果输出到上层, 避免了密码被破解的机会。 [0070] In this embodiment, the security chip is a trusted platform module, and is a device capable of independently performing key generation, encryption and decryption, and has an independent processor and a storage unit internally, and can store key and feature data. , providing encryption and security authentication services. Encrypted with a security chip, the keys are stored in hardware, and the stolen data cannot be decrypted, thereby protecting business privacy and data security. The role of the security chip is quite In a "safe", important password data is stored in the security chip. The security chip communicates with the POS operating system based on the POS machine running the processor through the SPI bus. According to the principle of the security chip, the password data can only be output. , and can not be input, so the encryption and decryption operations are completed inside the security chip, and only the results are output to the upper layer, avoiding the chance that the password is cracked.
[0071] 在本实施例中, 上述安全芯片也可以是一个异于 POS机运行处理器的一个普通 处理器, 即在 POS机中设置有两个处理器, 其中一个处理器用于运行 POS机操作 系统, 另一个处理器则用于密码输入吋获取密码信息, 并进行加密后发送至运 行 POS机操作系统的处理器, 其与上述实施例大致相同, 在此不进行赘述。  [0071] In this embodiment, the security chip may also be a general processor that is different from the POS machine running the processor, that is, two processors are disposed in the POS machine, and one processor is used to run the POS operation. The system, the other processor is used for the password input, obtains the password information, and is encrypted and sent to the processor running the POS operating system, which is substantially the same as the above embodiment, and will not be described herein.
[0072] 本发明实施例中提供的 POS机中的密码安全输入装置, 基于 POS机运行处理器 的 POS机操作系统接收到密码输入指令吋, 切换单元 10将触摸屏的输入信号切换 至安全芯片中; 获取单元 20通过所述安全芯片获取所述触摸屏输入的密码信息 ; 密码输入完成后, 处理单元 30对所述密码信息进行加密后发送至所述 POS机运 行处理器; 在用户输入密码吋, 由安全芯片获取密码信息, 避免密码信息被窃 取, 增强 POS机安全性。 [0072] The password security input device in the POS machine provided in the embodiment of the present invention, the POS machine operating system based on the POS machine running processor receives the password input command, and the switching unit 10 switches the input signal of the touch screen to the security chip. The obtaining unit 20 acquires the password information input by the touch screen through the security chip; after the password input is completed, the processing unit 30 encrypts the password information and sends the password information to the POS machine to run the processor; after the user inputs the password, The password information is obtained by the security chip to prevent the password information from being stolen and enhance the security of the POS machine.
[0073] 进一步地, 所述切换单元 10具体用于: [0073] Further, the switching unit 10 is specifically configured to:
[0074] 控制所述触摸屏连接所述 POS机运行处理器的信号数据线切换连接至所述安全 心片。  [0074] controlling the touch screen to connect the signal data line of the POS machine running processor to switch to the security chip.
[0075] 触摸屏上设置有信号数据线, 通常该信号数据线一端连接触摸屏, 另一端连接 至 POS机运行处理器, 同吋该另一端还可以连接至安全芯片上。 在正常状态下 ( 非密码输入状态) , 触摸屏的信号数据线连接至上述 POS机运行处理器, 当 POS 机操作系统接收到密码输入指令吋, 则控制触摸屏的信号数据线切换连接至安 全芯片, 此吋, 触摸屏与 POS机运行处理器之间的信号传输被切断, 触摸屏获取 的数据全部传输至安全芯片中, 即便操作系统中命中木马, 也无法获取到用户 触摸屏幕输入的密码信息, 避免密码信息被窃取, 增强 POS机安全性。  [0075] The touch screen is provided with a signal data line. Usually, one end of the signal data line is connected to the touch screen, and the other end is connected to the POS running processor, and the other end can also be connected to the security chip. In the normal state (non-password input state), the signal data line of the touch screen is connected to the POS machine running processor, and when the POS machine operating system receives the password input command, the signal data line of the control touch screen is switched and connected to the security chip. Therefore, the signal transmission between the touch screen and the running processor of the POS machine is cut off, and the data acquired by the touch screen is all transmitted to the security chip, and even if the operating system hits the Trojan, the password information input by the user touching the screen cannot be obtained, and the password is avoided. Information is stolen and POS security is enhanced.
[0076] 进一步地, 所述切换单元 10还用于: [0076] Further, the switching unit 10 is further configured to:
[0077] 控制所述 POS机操作系统端的显示界面切换至密码输入显示状态。  [0077] controlling a display interface of the operating system end of the POS machine to switch to a password input display state.
[0078] 当需要持卡用户输入密码吋, 进入持卡用户密码输入状态, 触摸屏的信号数据 线连接到安全芯片上, 同吋通过安全芯片发送控制信息至应用 POS机操作系统的 linux内核切换到密码输入显示状态, 这样不会破坏原应用的显示内容。 [0078] When the card user is required to input a password, enter the card user password input state, the signal data line of the touch screen is connected to the security chip, and the control chip sends the control information to the application POS operating system through the security chip. The linux kernel switches to the password input display state, so that the display content of the original application is not destroyed.
[0079] 进一步地, 所述获取单元 20还用于: [0079] Further, the obtaining unit 20 is further configured to:
[0080] 发送不带明文 PIN的指令给 POS机操作系统端, 并在所述 POS机操作系统端的 显示界面以密码不可见方式显示密码。 安全芯片获取触摸屏的输入数据, 分析 用户按的是哪个键, 按下键后发送不带明文 PIN的指令给操作系统的 linux内核, 在所述 POS机操作系统端的 linux内核更新密码输入" *"号, 即以密码不可见方式 显示密码。  [0080] Sending an instruction without a plaintext PIN to the operating system end of the POS machine, and displaying the password in a password invisible manner on the display interface of the operating system end of the POS machine. The security chip obtains the input data of the touch screen, analyzes which key the user presses, presses the key, and sends an instruction without the plaintext PIN to the Linux kernel of the operating system, and the linux kernel update password input "*" at the operating system end of the POS machine. No., the password is displayed invisible in the password.
[0081] 在本实施例中, 通过所述安全芯片获取所述触摸屏输入的密码信息吋, 在触摸 屏的密码输入界面中提供文本输入键盘, 用户点按键盘上对应的字符输入账户 信息; 在输入密码吋, 将输入的密码进行加密显示, 例如将密码显示为" *"等特 殊字符, 防止被截屏窃取密码。  [0081] In this embodiment, the password information input by the touch screen is obtained by the security chip, a text input keyboard is provided in a password input interface of the touch screen, and the user inputs the account information by pressing a corresponding character on the keyboard; After the password is 加密, the entered password is encrypted and displayed, for example, the password is displayed as a special character such as "*" to prevent the screen from stealing the password.
[0082] 优选地, 所述文本输入键盘输入支付账户对应的密码吋, 在所述文本输入键盘 中随机显示输入字符, 使其每次显示的顺序均不一样。 通常, 在 POS机上的输入 法输入字符按照键盘上的输入字符进行排序, 而在本实施例中, 在文本输入键 盘中随机显示输入字符, 其指的是, 将键盘上的输入字符重新进行随机排列分 布在所述文本输入键盘中, 每次显示的顺序均不一样, 如此, 便可以避免根据 用户点按文本输入键盘的位置获取用户输入的密码, 进一步地保障用户输入的 密码安全。  [0082] Preferably, the text input keyboard inputs a password corresponding to the payment account, and the input characters are randomly displayed in the text input keyboard, so that the order of each display is different. Generally, the input method input characters on the POS machine are sorted according to the input characters on the keyboard. In the embodiment, the input characters are randomly displayed in the text input keyboard, which means that the input characters on the keyboard are re-randomly randomized. Arranged and distributed in the text input keyboard, the order of each display is different, so that the password input by the user can be obtained according to the position where the user clicks the text input keyboard, thereby further ensuring the security of the password input by the user.
[0083] 进一步地, 参照图 4, 在另一实施例中, 所述装置还包括:  [0083] Further, referring to FIG. 4, in another embodiment, the apparatus further includes:
[0084] 清除单元 40, 用于清除所述安全芯片获取密码信息的明文密码缓存。 持卡用户 密码输入完成后, 立即在安全芯片内部使用密码加密密钥对明文密码进行加密 [0084] The clearing unit 40 is configured to clear the plaintext password cache that the security chip obtains the password information. After the card user enters the password, the password is encrypted inside the security chip using the password encryption key.
, 同吋清除密码信息的明文密码缓存。 , Clear the clear text password cache for password information.
[0085] 在一些实施例中, 安全芯片获取密码信息之后, 不将其发送至 POS机运行处理 器进行验证, 而是直接在安全芯片中进行密码验证, 验证之后再将验证结果发 送至基于 POS机运行处理器的 POS机操作系统。 [0085] In some embodiments, after the security chip obtains the password information, it does not send it to the POS machine to run the processor for verification, but performs password verification directly in the security chip, and then sends the verification result to the POS-based authentication. The machine runs the processor's POS operating system.
[0086] 在其它一些实施例中, 支付吋若支持使用指纹支付, 则可以在采集指纹数据进 行支付吋, 将指纹识别器的数据全部传输至安全芯片中, 切断指纹识别器的指 纹数据传输至 POS机运行处理器的通道。 [0087] 所属领域的技术人员可以清楚地了解到, 为描述的方便和简洁, 上述描述的装 置和单元的具体工作过程, 可以参考前述方法实施例中的对应过程, 在此不再 赘述。 [0086] In some other embodiments, if the payment is to support the use of fingerprint payment, the fingerprint data may be transmitted to the security chip after the fingerprint data is collected for payment, and the fingerprint data of the fingerprint identifier is cut off. The POS machine runs the channel of the processor. [0087] It will be apparent to those skilled in the art that, for the convenience and brevity of the description, the specific working process of the device and the unit described above may be referred to the corresponding process in the foregoing method embodiment, and details are not described herein again.
[0088] 综上所述, 为本发明实施例中提供的 POS机中的密码安全输入方法和装置, 基 于 POS机运行处理器的 POS机操作系统接收到密码输入指令吋, 切换单元 10将触 摸屏的输入信号切换至安全芯片中; 获取单元 20通过所述安全芯片获取所述触 摸屏输入的密码信息; 密码输入完成后, 处理单元 30对所述密码信息进行加密 后发送至所述 POS机运行处理器; 在用户输入密码吋, 由安全芯片获取密码信息 , 避免密码信息被窃取, 增强 POS机安全性。  [0088] In summary, the password security input method and device in the POS machine provided in the embodiment of the present invention, the POS machine operating system based on the POS machine running processor receives the password input command, and the switching unit 10 will touch the screen. The input signal is switched to the security chip; the obtaining unit 20 acquires the password information input by the touch screen through the security chip; after the password input is completed, the processing unit 30 encrypts the password information and sends the password information to the POS machine for processing. After the user enters the password, the security chip obtains the password information, avoids the password information being stolen, and enhances the security of the POS machine.
[0089] 本领域技术人员可以理解, 本发明包括涉及用于执行本申请中所述操作中的一 项或多项的设备。 这些设备可以为所需的目的而专门设计和制造, 或者也可以 包括通用计算机中的已知设备。 这些设备具有存储在其内的计算机程序, 这些 计算机程序选择性地激活或重构。 这样的计算机程序可以被存储在设备 (例如 , 计算机) 可读介质中或者存储在适于存储电子指令并分别耦联到总线的任何 类型的介质中, 所述计算机可读介质包括但不限于任何类型的盘 (包括软盘、 硬盘、 光盘、 CD-ROM和磁光盘) 、 ROM (Read-Only Memory , 只读存储器) 、 RAM (Random Access Memory , 随即存储器) 、 EPROM (Erasable  [0089] Those skilled in the art will appreciate that the present invention includes apparatus related to performing one or more of the operations described herein. These devices may be specially designed and manufactured for the required purposes, or may also include known devices in a general purpose computer. These devices have computer programs stored therein that are selectively activated or reconfigured. Such computer programs may be stored in a device (eg, computer) readable medium or in any type of medium suitable for storing electronic instructions and respectively coupled to a bus, including but not limited to any Types of disks (including floppy disks, hard disks, CDs, CD-ROMs, and magneto-optical disks), ROM (Read-Only Memory, read-only memory), RAM (Random Access Memory), EPROM (Erasable)
Programmable Read-Only  Programmable Read-Only
Memory , 可擦写可编程只读存储器) 、 EEPROM (Electrically Erasable Programmable Read-Only Memory , 电可擦可编程只读存储器) 、 闪存、 磁性卡 片或光线卡片。 也就是, 可读介质包括由设备 (例如, 计算机) 以能够读的形 式存储或传输信息的任何介质。  Memory, EEPROM (Electrically Erasable Programmable Read-Only Memory), flash memory, magnetic card or light card. That is, a readable medium includes any medium that is stored or transmitted by a device (e.g., a computer) in a readable form.
[0090] 本技术领域技术人员可以理解, 可以用计算机程序指令来实现这些结构图和 / 或框图和 /或流图中的每个框以及这些结构图和 /或框图和 /或流图中的框的组合。 本技术领域技术人员可以理解, 可以将这些计算机程序指令提供给通用计算机 、 专业计算机或其他可编程数据处理方法的处理器来实现, 从而通过计算机或 其他可编程数据处理方法的处理器来执行本发明公幵的结构图和 /或框图和 /或流 图的框或多个框中指定的方案。 [0091] 本技术领域技术人员可以理解, 本发明中已经讨论过的各种操作、 方法、 流程 中的步骤、 措施、 方案可以被交替、 更改、 组合或刪除。 进一步地, 具有本发 明中已经讨论过的各种操作、 方法、 流程中的其他步骤、 措施、 方案也可以被 交替、 更改、 重排、 分解、 组合或刪除。 进一步地, 现有技术中的具有与本发 明中公幵的各种操作、 方法、 流程中的步骤、 措施、 方案也可以被交替、 更改 、 重排、 分解、 组合或刪除。 [0090] Those skilled in the art will appreciate that each block of the block diagrams and/or block diagrams and/or flow diagrams can be implemented with computer program instructions, and/or in the block diagrams and/or block diagrams and/or flow diagrams. The combination of boxes. Those skilled in the art will appreciate that these computer program instructions can be implemented by a general purpose computer, a professional computer, or a processor of other programmable data processing methods, such that the processor is executed by a computer or other programmable data processing method. The block diagrams and/or block diagrams of the invention and/or the schemes specified in the blocks or blocks of the flow diagram are invented. Those skilled in the art can understand that the various operations, methods, and steps, measures, and solutions in the present invention may be alternated, changed, combined, or deleted. Further, other operations, methods, and steps in the various operations, methods, and processes that have been discussed in the present invention may be alternated, changed, rearranged, decomposed, combined, or deleted. Further, the steps, measures, and solutions in the various operations, methods, and processes in the prior art may be alternated, changed, rearranged, decomposed, combined, or deleted.
[0092]  [0092]
[0093] 以上所述仅为本发明的优选实施例, 并非因此限制本发明的专利范围, 凡是利 用本发明说明书及附图内容所作的等效结构或等效流程变换, 或直接或间接运 用在其他相关的技术领域, 均同理包括在本发明的专利保护范围内。  The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the invention, and the equivalent structure or equivalent process transformations made by the description of the invention and the drawings are used directly or indirectly. Other related technical fields are equally included in the scope of patent protection of the present invention.

Claims

权利要求书 Claim
一种 POS机中的密码安全输入方法, 其特征在于, 所述 P0S机中设置 有一安全芯片以及 P0S机运行处理器, 所述密码安全输入方法包括以 下步骤: A password security input method in a POS machine, wherein the POS machine is provided with a security chip and a POS machine operation processor, and the password security input method comprises the following steps:
基于 P0S机运行处理器的 P0S机操作系统接收到密码输入指令吋, 将 触摸屏的输入信号切换至安全芯片中; The P0S machine operating system based on the P0S machine running processor receives the password input command 吋, and switches the input signal of the touch screen to the security chip;
通过所述安全芯片获取所述触摸屏输入的密码信息; Obtaining password information input by the touch screen by using the security chip;
密码输入完成后对所述密码信息进行加密后发送至所述 POS机运行处 理器。 After the password input is completed, the password information is encrypted and sent to the POS running processor.
根据权利要求 1所述的 POS机中的密码安全输入方法, 其特征在于, 所述将触摸屏的输入信号切换至安全芯片中的步骤包括: The cryptographic security input method in a POS machine according to claim 1, wherein the step of switching an input signal of the touch screen into the security chip comprises:
控制所述触摸屏连接所述 POS机运行处理器的信号数据线切换连接至 所述安全芯片。 A signal data line controlling the touch screen to connect to the POS machine operating processor is switched to be connected to the security chip.
根据权利要求 1所述的 POS机中的密码安全输入方法, 其特征在于, 所述将触摸屏的输入信号切换至安全芯片中的步骤之后包括: 控制所述 POS机操作系统端的显示界面切换至密码输入显示状态。 根据权利要求 3所述的 POS机中的密码安全输入方法, 其特征在于, 所述通过所述安全芯片获取所述触摸屏输入的密码信息的步骤之后包 括: The password security input method in the POS machine according to claim 1, wherein the step of switching the input signal of the touch screen to the security chip comprises: controlling the display interface of the operating system of the POS machine to switch to the password Enter the display status. The cryptographic security input method in the POS machine according to claim 3, wherein the step of acquiring the password information input by the touch screen by the security chip comprises:
发送不带明文 PIN的指令给 POS机操作系统端, 并在所述 POS机操作 系统端的显示界面以密码不可见方式显示密码。 Sending an instruction without a plain text PIN to the operating system of the POS machine, and displaying the password in a password invisible manner on the display interface of the operating system side of the POS machine.
根据权利要求 1-4任一项所述的 POS机中的密码安全输入方法, 其特 征在于, 所述密码输入完成后对所述密码信息进行加密后发送至所述The cryptographic security input method in a POS machine according to any one of claims 1 to 4, wherein after the password input is completed, the password information is encrypted and then sent to the
POS机运行处理器的步骤之后包括: The steps of the POS machine running the processor include:
清除所述安全芯片获取密码信息的明文密码缓存。 Clearing the plaintext password cache of the security chip to obtain password information.
一种 POS机中的密码安全输入装置, 其特征在于, 所述 POS机中设置 有一安全芯片以及 POS机运行处理器, 所述密码安全输入装置包括: 切换单元, 用于基于 POS机运行处理器的 POS机操作系统接收到密码 输入指令吋, 将触摸屏的输入信号切换至安全芯片中; 获取单元, 用于通过所述安全芯片获取所述触摸屏输入的密码信息; 处理单元, 用于密码输入完成后对所述密码信息进行加密后发送至所 述 POS机运行处理器。 A password security input device in a POS machine, wherein the POS machine is provided with a security chip and a POS machine running processor, and the password security input device comprises: a switching unit, configured to run a processor based on the POS machine POS machine operating system receives the password The input command 切换 is used to switch the input signal of the touch screen to the security chip; the obtaining unit is configured to acquire the password information input by the touch screen by using the security chip; and the processing unit is configured to encrypt the password information after the password input is completed Then sent to the POS machine to run the processor.
[权利要求 7] 根据权利要求 6所述的 POS机中的密码安全输入装置, 其特征在于, 所述切换单元具体用于:  [Claim 7] The cryptographic security input device in the POS machine according to claim 6, wherein the switching unit is specifically configured to:
控制所述触摸屏连接所述 POS机运行处理器的信号数据线切换连接至 所述安全芯片。  A signal data line controlling the touch screen to connect to the POS machine operating processor is switched to be connected to the security chip.
[权利要求 8] 根据权利要求 6所述的 POS机中的密码安全输入装置, 其特征在于, 所述切换单元还用于:  [Claim 8] The cryptographic security input device in the POS machine according to claim 6, wherein the switching unit is further configured to:
控制所述 POS机操作系统端的显示界面切换至密码输入显示状态。  Controlling the display interface of the operating system end of the POS machine to switch to the password input display state.
[权利要求 9] 根据权利要求 8所述的 POS机中的密码安全输入装置, 其特征在于, 所述获取单元还用于:  [Claim 9] The cryptographic security input device in the POS machine according to claim 8, wherein the acquiring unit is further configured to:
发送不带明文 PIN的指令给 POS机操作系统端, 并在所述 POS机操作 系统端的显示界面以密码不可见方式显示密码。  Sending an instruction without a plain text PIN to the operating system of the POS machine, and displaying the password in a password invisible manner on the display interface of the operating system side of the POS machine.
[权利要求 10] 根据权利要求 6-9任一项所述的 POS机中的密码安全输入装置, 其特 征在于, 所述装置还包括:  [Claim 10] The cryptographic security input device in the POS machine according to any one of claims 6-9, wherein the device further comprises:
清除单元, 用于清除所述安全芯片获取密码信息的明文密码缓存。  The clearing unit is configured to clear the plaintext password cache that the security chip obtains the password information.
PCT/CN2017/076812 2017-03-15 2017-03-15 Pos machine password secure input method and device WO2018165921A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2017/076812 WO2018165921A1 (en) 2017-03-15 2017-03-15 Pos machine password secure input method and device
CN201780001538.6A CN108521822A (en) 2017-03-15 2017-03-15 Cipher safety inputting method in POS machine and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/076812 WO2018165921A1 (en) 2017-03-15 2017-03-15 Pos machine password secure input method and device

Publications (1)

Publication Number Publication Date
WO2018165921A1 true WO2018165921A1 (en) 2018-09-20

Family

ID=63434481

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/076812 WO2018165921A1 (en) 2017-03-15 2017-03-15 Pos machine password secure input method and device

Country Status (2)

Country Link
CN (1) CN108521822A (en)
WO (1) WO2018165921A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN209471528U (en) * 2019-03-26 2019-10-08 百富计算机技术(深圳)有限公司 A kind of safety switching apparatus and POS machine
CN112231735A (en) * 2020-11-02 2021-01-15 北京蜂窝科技有限公司 Data transmission method and system
CN112462980B (en) * 2020-12-15 2021-07-20 深圳市捷诚技术服务有限公司 Password interception preventing method and device and POS machine

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101000703A (en) * 2006-11-30 2007-07-18 上海麦柯信息技术有限公司 Electronic payment terminal capable of ensuring confidentiality and integrity of information transmission
CN103136668A (en) * 2011-11-28 2013-06-05 中兴通讯股份有限公司 Terminal payment method, terminal and payment platform
CN105761389A (en) * 2016-02-02 2016-07-13 上海动联信息技术股份有限公司 Full-channel intelligent POS machine
CN106096961A (en) * 2016-06-13 2016-11-09 上海盛本智能科技股份有限公司 The intelligence safe touch input system of POS terminal dual chip and its implementation
CN106169091A (en) * 2016-07-03 2016-11-30 恒宝股份有限公司 A kind of fiscard and using method thereof

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7740171B2 (en) * 2005-07-25 2010-06-22 Blackhawk Network, Inc. Payment program for use in point-of-sale transactions
CN101359991A (en) * 2008-09-12 2009-02-04 湖北电力信息通信中心 Public key cipher system private key escrowing system based on identification
CN104009963B (en) * 2013-02-26 2019-05-10 中国银联股份有限公司 The security authentication mechanism of remote password
CN104156642B (en) * 2014-07-22 2019-04-09 杭州晟元数据安全技术股份有限公司 A kind of security password input system and method based on safe touch screen control chip
CN105426790A (en) * 2015-11-18 2016-03-23 北京微智全景信息技术有限公司 Touch screen based password security input method and apparatus
CN205721819U (en) * 2016-04-28 2016-11-23 湖南美景创意文化建设有限公司 Based on NFC sensing real-time interactive Digital Three-Dimensional mark

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101000703A (en) * 2006-11-30 2007-07-18 上海麦柯信息技术有限公司 Electronic payment terminal capable of ensuring confidentiality and integrity of information transmission
CN103136668A (en) * 2011-11-28 2013-06-05 中兴通讯股份有限公司 Terminal payment method, terminal and payment platform
CN105761389A (en) * 2016-02-02 2016-07-13 上海动联信息技术股份有限公司 Full-channel intelligent POS machine
CN106096961A (en) * 2016-06-13 2016-11-09 上海盛本智能科技股份有限公司 The intelligence safe touch input system of POS terminal dual chip and its implementation
CN106169091A (en) * 2016-07-03 2016-11-30 恒宝股份有限公司 A kind of fiscard and using method thereof

Also Published As

Publication number Publication date
CN108521822A (en) 2018-09-11

Similar Documents

Publication Publication Date Title
JP6239788B2 (en) Fingerprint authentication method, apparatus, intelligent terminal, and computer storage medium
US10009173B2 (en) System, device, and method of secure entry and handling of passwords
KR102322118B1 (en) Private key securing methods of decentralizedly storying keys in owner&#39;s device and/or blockchain nodes
England et al. A trusted open platform
US8966269B2 (en) Integrity protected smart card transaction
US7861015B2 (en) USB apparatus and control method therein
CN103020537B (en) Data encrypting method, data encrypting device, data deciphering method and data deciphering device
EP3676746B1 (en) A system and a method for signing transactions using airgapped private keys
US20040024710A1 (en) Secure input pad partition
US20160057136A1 (en) Computer network system with single-key quick secure login function
CN203746071U (en) Security computer based on encrypted hard disc
GB2512595A (en) Integrated contactless mpos implementation
CN103886234A (en) Safety computer based on encrypted hard disk and data safety control method of safety computer
WO2017028711A1 (en) Method for processing data, wearable electronic equipment and system
CN101364187A (en) Double operating system computer against worms
TW201539247A (en) Password input and verification method and system thereof
CN101335754B (en) Method for information verification using remote server
WO2013167043A2 (en) Data security verification method and device
TWI724684B (en) Method, system and device for performing cryptographic operations subject to identity verification
US20100031045A1 (en) Methods and system and computer medium for loading a set of keys
TWI739778B (en) The login mechanism of the operating system
TW201223225A (en) Method for personal identity authentication utilizing a personal cryptographic device
WO2010049839A1 (en) Networked computer identity encryption and verification
WO2018165921A1 (en) Pos machine password secure input method and device
CN112987942A (en) Method, device and system for inputting information by keyboard, electronic equipment and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17900822

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 17/01/2020)

122 Ep: pct application non-entry in european phase

Ref document number: 17900822

Country of ref document: EP

Kind code of ref document: A1