WO2019061801A1 - 一种终端交易方法及终端 - Google Patents
一种终端交易方法及终端 Download PDFInfo
- Publication number
- WO2019061801A1 WO2019061801A1 PCT/CN2017/114007 CN2017114007W WO2019061801A1 WO 2019061801 A1 WO2019061801 A1 WO 2019061801A1 CN 2017114007 W CN2017114007 W CN 2017114007W WO 2019061801 A1 WO2019061801 A1 WO 2019061801A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- nfc
- pos
- application
- service instruction
- nfc application
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/10009—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
- G06K7/10297—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for handling protocols designed for non-contact record carriers such as RFIDs NFCs, e.g. ISO/IEC 14443 and 18092
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/204—Point-of-sale [POS] network systems comprising interface for record bearing medium or carrier for electronic funds transfer or payment credit
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/206—Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/227—Payment schemes or models characterised in that multiple accounts are available, e.g. to the payer
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
- G06Q20/3263—Payment applications installed on the mobile devices characterised by activation or deactivation of payment capabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/352—Contactless payments by cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/405—Establishing or using transaction specific rules
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0873—Details of the card reader
- G07F7/0893—Details of the card reader the card reader reading the card in a contactless manner
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/005—Discovery of network devices, e.g. terminals
Definitions
- the present application relates to the field of near field communication (NFC) technology, and in particular, to a terminal transaction method and a terminal.
- NFC near field communication
- NFC technology is a short-range wireless connection technology based on radio frequency identification (RFID).
- RFID radio frequency identification
- the magnetic field sensing can realize the communication between electronic devices at close range. Users only need to touch or approach the device to exchange information or conduct transactions securely and quickly.
- Card emulation mode is a common working mode of NFC devices, which simulates NFC devices as a contactless card, such as access cards, bank cards, bus cards, and so on.
- the card simulation mode is mainly used in non-contact mobile payment scenarios such as shopping malls and transportation. The user only needs to bring the NFC device close to the point of sale (POS), and confirm the transaction by verification or directly receive the transaction.
- POS point of sale
- the user in order to realize the fast card transaction and simplify the operation of the user transaction, the user usually needs to set a default wallet application for the NFC device and a default card application in the default wallet application (also referred to as NFC). Application), while synchronizing this setting to the routing information saved by the NFC controller.
- the NFC controller in the NFC device routes the first service command sent by the POS to the default card application set by the user, the NFC device and the POS.
- the transaction process is implemented by the interaction of the default card application with the POS.
- the default card application set by the user does not match the POS type that initiated the transaction (for example, the default card application set by the user is the bus card application, and the POS that initiated the transaction is the bank. POS machine), then the transaction will be terminated, the user of the NFC device needs to manually select another card application that matches the POS type, and the transaction needs to be re-initiated at the POS end, thus making the user experience worse.
- the existing terminal transaction mode has a problem that the NFC application does not match the POS type, resulting in a poor user experience.
- the embodiment of the present invention provides a terminal transaction method and a terminal, which are used to solve the problem that the NFC application in the prior art does not match the POS type and the user experience is poor.
- the embodiment of the present application provides a terminal transaction method, where the method includes the following steps: the terminal establishes a near field communication NFC radio frequency connection with the sales terminal POS, and starts a first transaction; the terminal selects a first NFC application corresponding to the POS and The first transaction is executed when the usage conditions of the first NFC application have been met.
- the NFC application that performs the first transaction initiated by the POS is the first NFC application supported by the terminal and corresponding to the POS and the usage condition is satisfied. Therefore, using the first NFC application to execute the first transaction can make The execution of the first transaction is completed, avoiding the problem of poor user experience in the prior art due to the mismatch between the selected NFC application and the POS type. In addition, the above solution can also avoid the situation that the POS re-initiates the transaction from the transaction pre-processing due to the unsatisfied use condition of the NFC application, thereby improving the user experience.
- the method before the terminal establishes an NFC radio frequency connection with the sales terminal POS, the method further includes: the terminal receiving an instruction that the user selects the second NFC application; the terminal selecting the first NFC application corresponding to the POS and in the first NFC application The first transaction is executed when the usage condition is satisfied, and the method includes: if the second NFC application does not match the POS type, the terminal selects the first NFC application corresponding to the POS and executes the first when the usage condition of the first NFC application is satisfied. a transaction.
- the terminal when the terminal determines that the second NFC application does not match the POS type, the terminal may independently select a first NFC application that matches the POS type to perform the first transaction, so that the second NFC application manually selected by the user is When the POS types do not match, the user experience of the NFC application being manually switched and the POS end re-initiating the transaction is avoided.
- the terminal selects the first NFC application corresponding to the POS and executes the first transaction when the usage condition of the first NFC application has been met, specifically: the NFC controller in the terminal receives the first POS transmission.
- the NFC controller sends the first service command to the card management unit in the terminal, and the card management unit stores the first comparison relationship and the usage requirements corresponding to the plurality of NFC applications in the terminal, where the first control relationship is used to indicate a one-to-one correspondence between the plurality of NFC applications and the plurality of service instructions, the first NFC application being one of the plurality of NFC applications; the card management unit selecting the plurality of NFC applications according to the first service instruction and the first comparison relationship a first NFC application corresponding to the POS; if the usage requirement of the first NFC application is satisfied, the first NFC application receives the first service instruction and executes the first transaction according to the first service instruction.
- the operation of executing the first transaction can be implemented by the cooperation of the NFC controller, the card management unit, and the first NFC application in the terminal.
- the method further includes: the NFC controller receives the second service command sent by the POS; and the NFC controller sends the second service command to a card management unit; the card management unit determines at least one NFC application that matches the second service instruction type among the plurality of NFC applications according to the second service instruction and the second comparison relationship, where the second comparison relationship is used to indicate that the second service instruction is a matching relationship of the NFC applications; the card management unit sends a second response message of the second service instruction to the POS, where the second response message is used to indicate at least one NFC application that matches the POS type in the plurality of NFC applications, so that the POS is according to the second The first service instruction is generated by the response message; or the card management unit sends the second service instruction to the near field communication execution environment NFCEE where the specified NFC application in the at least one NFC application is located, and receives the second response message to the second service instruction.
- the POS type NFC application that matches the M, M ⁇ 1, the M NFC application containing the specified NFC applications.
- the card management unit responds to the second service instruction or responds to the second service instruction by the NFCEE where the specified NFC application is located.
- the method before the first NFC application receives the first service instruction and executes the first transaction according to the first service instruction, the method further includes: the card management unit transmitting the first service instruction to the first NFC application; or The card management unit instructs the NFC controller to send the first service instruction to the first NFC application.
- the first service instruction received by the first NFC application may be sent by the card management unit, and It may be that the card management unit instructs the NFC controller to send it.
- the card management unit instructs the NFC controller to send it.
- any of the two implementation manners may be used, which is not specifically limited in this embodiment of the present application.
- the method further includes the following steps: if the usage requirement of the first NFC application is not met, the terminal performs a pre-processing flow of the first NFC application, and the pre-processing flow is used to enable the use of the first NFC application. The request is satisfied; the first NFC application receives the first service instruction and executes the first transaction according to the first service instruction.
- the pre-processing flow can be executed by the terminal without the use requirement of the first NFC application, so that the use requirement of the first NFC application is satisfied, so that the first transaction can be executed.
- the method before the first NFC application receives the first service instruction and executes the first transaction according to the first service instruction, the method further includes: the card management unit transmitting the first service instruction to the first NFC application; or The card management unit instructs the NFC controller to send the first service instruction to the first NFC application.
- the first service command received by the first NFC application may be sent by the card management unit, or may be sent by the card management unit to the NFC controller.
- the method before the first NFC application receives the first service instruction, the method further includes: the card management unit triggers the POS to resend the first service instruction; the NFC controller receives the first service instruction of the POS retransmission; and the NFC control Transmitting, by the NFC controller, the first service instruction resent by the POS to the first NFC application; or the NFC controller sends the first service instruction resent by the POS to the card management unit; the first NFC application receives the first service instruction, and according to the first The first NFC application receives the first service command sent by the NFC controller, and responds to the first service command sent by the POS to execute the first transaction; or the first NFC application Receiving the first service instruction sent by the card management unit, and responding to the first service instruction sent by the POS, thereby executing the first transaction.
- the card management unit may trigger the POS to resend the first service instruction, so that the first NFC application executes the first transaction according to the first service instruction resent by the POS.
- the terminal performs a pre-processing process of the first NFC application, specifically: if the card management unit determines that the usage requirement of the first NFC application indicates that the terminal needs to perform If the device cardholder verification method CDCVM, and the terminal does not execute CDCVM, the terminal triggers the POS to execute the Try Again process and triggers execution of the CDCVM.
- the POS when the POS executes the Try Again process, the POS returns to the state of waiting for the card to be read after the transaction is preprocessed, and the terminal executes the CDCVM. After the terminal completes the CDCVM and the first NFC application records the CDCVM, the user closes the POS. After the POS establishes an NFC radio connection with the terminal, the POS resends the first service command to select the NFC application. The card management unit in the terminal still selects the first NFC application to execute the first transaction by comparing the first service instruction with the first comparison relationship. At this time, since the terminal has executed the CDCVM, the card management unit may directly send the first service instruction to the The first NFC application then executes the first transaction by the first NFC application.
- the terminal triggers the POS to execute the Try Again process, which may be implemented by: the card management unit transmitting the first service instruction to the first NFC application; the first NFC application is the first of the first service instruction.
- the response message is sent to the POS; the first NFC application receives the third service instruction sent by the POS, the third service instruction is used to perform the initial transaction processing; the card management unit acquires the third response message of the first NFC application to the third service instruction;
- the management unit determines whether the third response message includes a specified status word, and the specified status word is used by the card management unit to determine whether the POS supports the CDCVM; if included, the card management unit instructs the NFC controller to send a third response message to the POS to trigger POS executes the Try Again process; if not, the card management unit intercepts the third response
- the message or card management unit instructs the NFC controller to intercept the third response message to trigger the POS to execute the Try Again procedure.
- the method further includes: receiving, by the NFC controller, the card management unit A message, the first message is used to instruct the NFC controller to send the received service instruction to the card management unit.
- the method before the terminal establishes an NFC radio frequency connection with the POS, the method further includes: receiving, by the terminal, an instruction for the user to select the third NFC application; after the terminal establishes the NFC radio frequency connection with the POS, the method further includes: if the third NFC application Matching with the POS type, the terminal selects the third NFC application and executes the first transaction when the usage conditions of the third NFC application have been met.
- the above solution can meet the usage requirements of the user in different scenarios, and the third NFC application manually selected by the user is preferentially used to perform the first transaction initiated by the POS.
- the corresponding use requirements of the multiple NFC applications respectively include one or more of the following information: the corresponding authentication requirements of the multiple NFC applications; and the access control policies corresponding to the multiple NFC applications respectively; The user usage policy and policy execution conditions corresponding to the multiple NFC applications respectively.
- the first NFC application is an NFC application installed in the SE, or the first NFC application is an NFC application installed in the TEE, or the first NFC application is an NFC application installed in the REE.
- the embodiment of the present application provides a terminal, which has the functions of implementing the first aspect and the technical solutions of each possible design of the first aspect.
- This function can be implemented in hardware or in hardware by executing the corresponding software.
- the hardware or software includes one or more modules corresponding to the functions described above.
- the terminal comprises a processing unit and a communication unit
- the processing unit may for example be a processor
- the communication unit may for example be a transceiver
- the transceiver may comprise a radio frequency circuit.
- the processing unit is configured to perform the processing operations in the terminal transaction method provided by each of the first aspect and the first aspect of the first aspect; the communication unit is configured to perform data interaction with other devices (eg, POS).
- the terminal comprises a processor and a memory, wherein the memory is for storing a program, and the processor is for calling a program stored in the memory to implement the first aspect and any one of the possible designs of the first aspect Terminal trading method.
- the processor can transmit or receive data through an input/output interface, a pin or a circuit.
- the memory can be a register, a cache, etc. within the chip.
- the memory may also be a memory unit located outside the chip in the terminal, such as a read-only memory (ROM), other types of static storage devices that can store static information and instructions, and random access memory (random access memory). Memory, RAM), etc.
- the processor mentioned in any of the above may be a general central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more An integrated circuit for controlling a program for executing the terminal transaction method of any of the above first aspect or any of the first aspects.
- CPU central processing unit
- ASIC application-specific integrated circuit
- an embodiment of the present application further provides a computer readable storage medium storing a program, when the program is run on a computer, causing the computer to perform the method described in the above aspects.
- the present application also provides a computer program product comprising a program, which when executed on a computer, causes the computer to perform the method described in the above aspects.
- FIG. 1 is a schematic diagram of a mobile payment method according to an embodiment of the present application
- FIG. 2 is a schematic diagram of another mobile payment method according to an embodiment of the present application.
- FIG. 3 is a schematic diagram of an interaction process between an NFC device and a POS according to an embodiment of the present disclosure
- FIG. 4 is a schematic flowchart of a first terminal transaction method according to an embodiment of the present application.
- FIG. 5 is a schematic flowchart of a second terminal transaction method according to an embodiment of the present application.
- FIG. 6 is a schematic flowchart of a third terminal transaction method according to an embodiment of the present application.
- FIG. 7 is a schematic flowchart of a preprocessing process according to an embodiment of the present application.
- FIG. 8 is a schematic flowchart diagram of a fourth terminal transaction method according to an embodiment of the present application.
- FIG. 9 is a schematic structural diagram of a terminal according to an embodiment of the present application.
- FIG. 10 is a schematic structural diagram of another terminal according to an embodiment of the present application.
- the embodiment of the present invention provides a terminal transaction method and a terminal, which are used to solve the problem that the NFC application in the prior art does not match the POS type and the user experience is poor.
- the method and the device are based on the same inventive concept. Since the principles of the method and the device for solving the problem are similar, the implementation of the device and the method can be referred to each other, and the repeated description is not repeated.
- NFC technology is a short-range wireless connection technology based on RFID. It can realize the communication between electronic devices at close range by using magnetic field induction. Users only need to touch or approach the device to exchange information or conduct transactions securely and quickly.
- NFC devices typically operate at a frequency of 13.56 MHz with an effective communication range of 0-20 cm and a typical value of 4 cm.
- the working mode of an NFC device (that is, the role that an NFC device assumes in NFC communication) can be classified into three types:
- Peer-to-peer (P2P) mode At this time, NFC devices are used in scenarios such as business card sharing, web page sharing, NFC Bluetooth pairing, and wireless fidelity (WiFi) pairing.
- P2P Peer-to-peer
- CE Card emulation
- the NFC device is simulated as a contactless card, such as an access card, a bank card, a traffic card, a coupon, an ID card, and the like.
- the card simulation mode is mainly used in non-contact mobile payment scenarios such as shopping malls and transportation.
- the NFC device acts as a read/write terminal for the smart card, as a bank POS machine, a bus POS machine, etc. for mobile payment or identity verification, and as a tag read/write. Device.
- the NFC controller (NFCC) is responsible for the physical transmission of data through a radio frequency (RF) interface and an antenna to implement communication between the NFC device and the peer device. That is to say, the communication between the NFC device and the peer device needs to be implemented by the NFC controller.
- RF radio frequency
- the hardware entity corresponding to the NFCC is usually an NFC chip.
- NFCC is a term used in the NFC Forum Interface (NFC) specification developed by the NFC Forum. It can correspond to the host controller interface (host controller) developed by the European Telecommunication Standards Institute (ETSI). Interface, HCI) The contactless front-end (CLF).
- NFC NFC Forum Interface
- ETSI European Telecommunication Standards Institute
- HCI HCI
- CPF contactless front-end
- the POS in the embodiment of the present application can be understood as a POS supporting NFC.
- the POS in the embodiment of the present application includes, but is not limited to, a bank POS machine, a bus POS machine, and an access POS machine.
- the POS is a multi-function terminal.
- the POS and the computer installed at the special merchant or the receiving network are connected to the network.
- the communication between the POS and the NFC device can realize the functions of consumption, pre-authorization, balance inquiry and transfer.
- NFC devices initiate transactions in two ways: active card sorting and fast card trading.
- Active card selection transaction refers to the user opening the wallet application and selecting the card application for this transaction. If the card application requires authentication, the user will follow the prompt to verify. After the verification is passed, the POS and the NFC device perform the verification. Communication to complete the transaction.
- the quick card transaction means that the NFC device wakes up the default wallet application by directly posting the POS.
- the default wallet application determines whether to perform the authentication according to the usage requirement of the default card application, and activates the default card application to communicate with the POS according to the verification result to complete the transaction.
- the wallet application is installed in the NFC device and is responsible for the activation and management of the NFC application and provides the user with a user interface (UI).
- An NFC application (which may also be referred to as a "card application”) may be considered an entity that implements contactless transaction logic.
- NFC applications are usually stored in NFC execution environments such as security elements (SEs), trusted execution environments (TEEs), or rich execution environments (REE). .
- a pay application downloaded in a mobile phone can be understood as a wallet application.
- the user binds and loads a card for payment through the wallet application, and the loaded card can be understood as a card application, the card.
- the data (program code and personalization data) is stored in NFCEE.
- NFC applications are typically stored in SE, TEE or REE.
- SE, TEE or REE referred to here can be understood as NFCEE.
- the physical entity corresponding to the SE includes, but is not limited to, an embedded secure element (eSE), a universal integrated circuit card (UICC), and an inSE integrated in the main chip.
- the physical entities corresponding to the TEE or REE include, but are not limited to, a central processing unit (CPU), an ARM processor, an application processor (AP), and the like.
- CPU central processing unit
- AP application processor
- the SE-based mobile payment method can be referred to FIG. 1.
- the NFC application is stored in the SE, and thus the information of the NFC application is isolated from the operating system (OS).
- the NFC controller routes the service command to the SE after receiving the service command sent by the NFC card reader (POS), and performs the mobile payment transaction by the corresponding NFC application saved in the SE.
- OS operating system
- HCE-based mobile payment technologies have emerged.
- the mobile payment method based on HCE can refer to FIG. 2, and the NFC application is saved in TEE or REE.
- the HCE-based mobile payment technology can route the service instructions sent by the NFC reader (POS) to the chip with computational processing capability, such as an application processor (AP), by the NFC controller without the need of the SE.
- the NFC application is notified by the operating system.
- HCE-based mobile payments can enable any application in an NFC device to be modeled as a contactless card to communicate directly with an NFC reader (POS).
- TEE-based HCE mobile payment is a common solution.
- TEE is an operating environment that coexists with REE in NFC devices. Through hardware support, TEE can implement an operating mechanism that is isolated from REE. TEE has its own operating space and defines strict protection measures, so it is more secure than REE. Since only authorized applications can be executed in the TEE, the confidentiality of assets (such as data, software, etc.) in the TEE is well protected against software attacks and against certain types of security threats.
- CDCVM is a unique cardholder verification method (CVM) based on the initiation of transactions by NFC devices.
- CVM refers to traditional authentication methods such as online PIN or user signature.
- CDCVM refers to Access PIN (password for wallet application), biometric authentication (such as fingerprint, iris, etc.) and some verification methods based on signature verification by wearable devices. .
- the NFC application in the NFC device can modify its own parameters (eg, card transaction attributes, card verification results).
- the identification information that has passed the CDCVM and passed the CDCVM is set and sent to the POS.
- the result of the fingerprint verification will be the cardholder verification result, and the transaction does not require the user to authenticate in the traditional way (for example, at the POS).
- the machine provides an online PIN or user signature) for a better user experience.
- the POS operation process is roughly divided into four phases: Pre-processing, Protocol Activation, Combination Selectinon, Kernel Activation, and Kernel Activation.
- the transaction pre-processing that is, the POS performs risk management and transaction attribute configuration according to the transaction amount
- the protocol activation means that the POS activates the RF field and prompts the user to apply the card/swipe card, and the POS waits for the card to be read
- the application selection that is, the POS After the user posts the card and establishes a radio connection with the card, the SELECT PPSE and the SELECT AID are negotiated with the card for the NFC application used for the transaction
- the Kernel activation and judgment means that the POS provides its own performance information and the transaction to the selected NFC application.
- the NFC application generates the necessary ciphertext and signature and returns the transaction data and results as a response to the initial transaction process to the POS, then the POS obtains the transaction data and the results, then the POS can independently perform subsequent decision logic and integrate the transaction The data and results generate an online message requesting the issuer's authorization transaction corresponding to the NFC application.
- the transaction delay requirement is higher (300ms-500ms). If the user has a black screen, a lock screen or an NFC application that has not been manually selected for this transaction, the card is swiped or swung. In this case, since the execution time of the CDCVM is long, if the device is directly added to the verification link in the last two stages. It is often difficult to meet the delay requirement, and thus the transaction timeout occurs. POS once judged The transaction will time out and the transaction will be reported incorrectly. At this point, the cashier needs to re-enter the transaction amount and then re-execute the transaction pre-processing and subsequent processes.
- the POS supports CDCVM function
- the NFC application may include a status word "6986" in response to the initial transaction process, indicating that the card application supports CDCVM but the terminal has not executed CDCVM.
- the preset logic flow of Try Again is triggered: the POS re-returns the protocol activation processing stage to wait for the card to be read, and after the NFC device completes the CDCVM and the NFC application records the CDCVM has executed the result, the user approaches the terminal.
- the POS performs the transaction, and the POS re-applies the application selection and initial transaction processing after establishing a radio connection with the user terminal. In the Try Again process, you can avoid the problem of re-entering the transaction amount due to transaction timeouts through a second interaction.
- the POS After the NFC device and the POS detect the peer device through the radio frequency discovery process, the POS sends a SELECT PPSE (Select PPSE) command to the NFC device to instruct the NFC device to report the NFC application that can be used in the transaction.
- SELECT PPSE Select PPSE
- the NFC controller in the NFC device receives the SELECT PPSE (select PPSE) command, routes the SELECT PPSE (select PPSE) instruction to the NFCEE according to the routing item configured to it, and responds to the SELECT PPSE by the PPSE application in the NFCEE ( Select the PPSE) command.
- the PPSE application in the NFCEE receiving the instruction in the NFC device reports the bank card NFC application that can be used in the transaction through the RESPONSE message.
- the number of NFC applications reported by the NFC device may be multiple or multiple.
- the NFC application reported by the NFC device is the default NFC application set by the user. That is, the RESPONSE message sent in step 2 may contain a list of a plurality of available NFC applications.
- the NFCEE reports through the NFC controller when reporting the RESPONSE message.
- the POS sends a SELECT AID (Select AID) command containing the AID information of the default NFC application to the NFC device to indicate that the transaction is performed using the default NFC application.
- the NFC controller in the NFC device receives the SELECT AID (select AID) instruction, routes the SELECT AID (select AID) instruction to the NFCEE, and responds to the SELECT AID (select AID) instruction by the default NFC application in the NFCEE.
- the NFC device After receiving the SELECT AID (Select AID) command, the NFC device indicates that the default NFC application is successfully selected by a RESPONSE message.
- the NFC device can send the RESPONSE (response) message through the NFC controller.
- the RESPONSE message sent in step 4 may include a file control information (FCI) of the default NFC application, an identifier of the default NFC application, and a status word of a response result of the default NFC application to the SELECT AID (select AID) instruction.
- FCI file control information
- the POS sends a get processing options (GPO) command to the NFC device to provide its own performance information and the conditions of the transaction to the default NFC application.
- GPO get processing options
- the NFC controller in the NFC device receives the GPO command, routes the GPO command to the NFCEE, and responds to the GPO command by the default NFC application in the NFCEE.
- the default NFC application generates the necessary ciphertext and signature and returns the transaction data and results via the GPO RESPONSE message.
- the NFC device can send the GPO RESPONSE (Get Process Option Response) message through the NFC controller.
- GPO RESPONSE Get Process Option Response
- the POS displays the NFC application selection failure message and terminates the transaction.
- the NFC device configures routing information for the NFCC to instruct the NFC controller to route the service instructions sent by the POS to the NFCEE (eg, SE, TEE, or REE) that holds the NFC application. in.
- the routing information usually exists in the form of an AID
- the NFC controller receives the service instruction of the SELECT AID sent by the POS, the NFC controller obtains the NFCEE ID according to the AID information and the routing information index in the SELECT AID instruction, and routes the service instruction to the NFCEE indicated by the NFCEE ID.
- the NFCEE is the NFCEE that holds the default NFC application.
- the routing information may also include usage conditions of the NFC application, such as whether it can be used under bright screen conditions, whether it can be used under the condition of the screen, or whether it can be used under the shutdown condition.
- usage conditions of the NFC application such as whether it can be used under bright screen conditions, whether it can be used under the condition of the screen, or whether it can be used under the shutdown condition.
- the usage condition of the NFC application needs to be judged, and the service instruction is routed to the NFCEE that holds the NFC application if the usage condition is satisfied.
- the routing information does not include the authentication requirement of the NFC application, and the authentication logic of the NFC application is implemented by the wallet application managing the NFC application.
- SELECT PPSE, RESPONSE, SELECT AID, and RESPONSE can be regarded as interactive instructions in the application selection phase of the interaction process between the NFC device and the POS, and the GPO and GPO RESPONSE can be regarded as NFC devices and POS. Interactive instructions for the initial transaction processing phase during the interaction.
- SELECT PPSE and RESPONSE are necessary in some scenarios, but not necessarily in some scenarios.
- NFC devices and POSs typically must perform instruction interactions between SELECT PPSE and RESPONSE. This is because for POS, there may be more than one NFC application matching the POS type, so the POS needs to acquire the NFC application in the NFC device that can be used to execute the transaction through the instruction of SELECT PPSE and RESPONSE, and then the POS negotiates with the NFC device. Determine the only NFC application for this transaction and select the NFC application with the SELECT AID command.
- the POS can send a SELECT AID instruction directly to indicate which NFC application to choose to execute the transaction.
- the NFC controller and the POS usually do not have to perform SELECT PPSE and RESPONSE instruction interaction, because for POS, the NFC application (card application) that matches the POS type is usually only One, so the POS can directly indicate the NFC application (card application) used in this transaction by the SELECT AID instruction.
- the bank card application generally requires user identity verification at the terminal, and applications such as a bus card application, an access card application, and a membership card application can be directly used.
- the existing NFCC routing mechanism design does not consider the actual needs of this service level. If the NFCC receives a business instruction (such as a SELECT PPSE instruction or a SELECT AID instruction) and then determines whether the corresponding application needs to be authenticated, and the process of verifying the authentication after verification, it is easy to have a timeout problem. .
- One solution is to determine whether the authentication is required by the wallet application that manages the default NFC application by setting the default NFC application mechanism, and perform the corresponding logic for the default NFC application settings: if the default NFC application is a bank card application For NFC applications that require authentication, the NFCC notifies the wallet application when entering the RF field. The wallet application performs user authentication. After the verification is passed, it indicates that the NFCC establishes a radio connection with the POS, and receives and routes the service command (for example, SELECT). PPSE command); if the default NFC application is a bus card application such as an NFC application that does not require authentication, the RF connection is established directly and a service command (such as a SELECT AID command) is received.
- SELECT SELECT
- PPSE command if the default NFC application is a bus card application such as an NFC application that does not require authentication, the RF connection is established directly and a service command (such as a SELECT AID command) is received.
- the existing NFC application setting mechanism is used to determine the default NFC application and the POS type does not match before the service command is received, and the default NFC application does not match the POS type.
- An NFC application If the service instruction is received and then judged according to the service instruction, the existing process needs to be modified. Although such modification can solve the problem that the NFC application matches the POS type, if the NFCC or POS is not modified according to the process, If there is a change, there will be a timeout issue.
- the default NFC application does not match the POS type that initiated the transaction (for example, the default NFC application set by the user is a bus card application, The POS of this transaction is a bank POS machine, then the transaction will be terminated.
- Users of NFC devices need to manually select and activate another NFC application that matches the POS type (and synchronize the NFCC configuration), and at the POS side. It is also necessary to re-initiate the transaction, resulting in a poor user experience.
- the problem of identity verification is not considered when routing the service instructions.
- the terminal transaction method shown in FIG. 3 has the following problem in the terminal authentication process: if the default NFC application matches the POS type, the service is After the command is routed to NFCEE for authentication, it is easy to have a timeout problem; if the authentication process is added to the scheme shown in Figure 3, the POS needs to be changed, and the existing POS may not be taken into account. Therefore, it is difficult to meet the authentication requirements of the NFC application by using the terminal transaction scheme provided by the prior art.
- the embodiment of the present application provides a terminal transaction method and a terminal.
- FIG. 4 is a schematic flowchart diagram of a terminal transaction method according to an embodiment of the present application. The method comprises the following steps:
- S401 The terminal establishes an NFC radio connection with the POS, and starts the first transaction.
- the NFC radio connection between the terminal and the POS can be understood as follows: the user touches or approaches the POS (in the power-on/protocol activation state), so that the terminal and the POS establish an NFC radio frequency within a valid communication range (for example, 0-20 cm). connection. That is to say, establishing an NFC radio frequency connection between the terminal and the POS does not limit the actual physical contact between the terminal and the POS.
- the terminal can be understood as a terminal that supports NFC, that is, it can be understood as the foregoing NFC device.
- Terminals include, but are not limited to, smart phones, smart watches, tablets, virtual reality (VR) devices, augmented reality (AR) devices, personal computers, handheld computers, personal digital assistants.
- VR virtual reality
- AR augmented reality
- the terminal selects the first NFC application corresponding to the POS and executes the first transaction when the usage condition of the first NFC application has been met.
- the word "correspondence" has two meanings: 1.
- the first NFC application is an NFC application that matches the POS type; 2.
- the first NFC application is selected by the terminal according to the negotiation with the POS, and is used to execute the first Trading NFC applications.
- the first NFC application for executing the first transaction in the embodiment of the present application is not determined by setting a default NFC application, but is through the terminal after starting the first transaction. With POS Negotiated and determined.
- NFC applications matching the POS type may be installed in the terminal, and the first NFC application is only one of them.
- the transaction type of the first transaction is not specifically limited.
- the first transaction initiated when the terminal contacts the bus POS machine, the first transaction initiated may be a bus card transaction; when the terminal contacts the bank POS machine, the first transaction initiated may be a bank card payment transaction.
- the first NFC application in S402 may be an NFC application installed in the SE, an NFC application installed in the TEE, or an NFC application installed in the REE.
- This embodiment of the present application does not limit this. That is to say, the selection of the first NFC application by using the terminal transaction method shown in FIG. 4 may be an NFC application installed in any NFCEE in the terminal.
- the terminal selects the first NFC application corresponding to the POS and executes the first transaction when the usage condition of the first NFC application has been met, which may be implemented by: the NFC controller in the terminal.
- the NFC controller receives a first service instruction sent by the POS; the NFC controller sends the first service instruction to the card management unit in the terminal; the card management unit selects a plurality of NFC applications corresponding to the POS according to the first service instruction and the first comparison relationship a first NFC application; if the usage requirement of the first NFC application has been met, the first NFC application receives the first service instruction and executes the first transaction according to the first service instruction.
- the card management unit stores a first comparison relationship and a usage requirement corresponding to the plurality of NFC applications in the terminal, where the first comparison relationship is used to indicate a one-to-one correspondence between the plurality of NFC applications and the plurality of service instructions.
- the first NFC application is one of a plurality of NFC applications.
- the first service instruction is used by the terminal to determine a first NFC application corresponding to the POS.
- the first business instruction may be the aforementioned SELECT AID instruction.
- the first service instruction sent by the bus POS machine to the terminal may be a SELECT AID instruction.
- the first service instruction in the embodiment of the present application is not limited to the SELECT AID instruction, and the instruction sent by the POS to the terminal for initiating the first transaction that can directly or indirectly indicate the NFC application for the first transaction may be regarded as The first service instruction in the embodiment of the present application.
- the terminal transaction method shown in FIG. 5 includes the following steps:
- S501 Establish NFC communication between the terminal and the POS through radio frequency discovery.
- the radio frequency discovery process can be implemented by the way that the terminal contacts the POS in S401.
- the POS may send a first service instruction to the terminal, thereby initiating the first transaction.
- S502 The NFC controller in the terminal receives the first service instruction sent by the POS.
- the first service instruction can be referred to the foregoing description, and details are not described herein again.
- S503 The NFC controller sends the first service instruction to the card management unit in the terminal.
- the card management unit stores a first comparison relationship and a usage requirement corresponding to a plurality of NFC applications in the terminal, where the first comparison relationship is used to indicate a one-to-one correspondence between the plurality of NFC applications and the plurality of service instructions. Relationship, the first NFC application is one of a plurality of NFC applications.
- the card management unit selects a first NFC application corresponding to the POS among the plurality of NFC applications according to the first service instruction and the first comparison relationship.
- the card management unit is configured as a module in the terminal operating system, where the first comparison relationship and the usage requirements corresponding to the plurality of NFC applications in the terminal are respectively saved.
- the POS-initiated transaction selects an NFC application corresponding to the POS, wherein the NFCEE that holds the NFC application may have multiple types, such as SE, TEE, or REE.
- the first comparison relationship is used to indicate a one-to-one correspondence between multiple NFC applications and multiple service instructions.
- the card management unit may determine the first NFC application corresponding to the POS that initiated the first transaction according to the first service instruction and the first comparison relationship.
- the first comparison relationship is used to indicate a comparison relationship between the AID information of the first service instruction and the NFC application.
- the card management unit parses the AID information carried in the service instruction, and compares the parsed AID information with the first comparison relationship to determine the first NFC application corresponding to the POS.
- three NFC applications such as a bus card application, a bank card application 1 and a bank card application 2, are installed in the terminal, and the first comparison relationship is used to indicate These three groups of control relationships. Among them, A00000000386980701, A000000333010102 and A000000333010101 all represent AID information.
- the card management unit receives the SELECT PPSE command sent by the POS, and reports the bank card application 1 and the bank card application 2 to the POS through the RESPONSE message. After the POS receives the RESPONSE message, A SELCET AID command is sent to the NFC controller in the terminal to instruct the bank card application 1 to execute the transaction.
- the card management unit After the card management unit receives the SELECT AID command sent by the NFC controller, the card management unit parses out the AID information carried in the SELECT AID command to be A000000333010102, and the card management unit compares the parsed AID information with the first control relationship to determine and The NFC application corresponding to the POS is the bank card application 1. Then, it can be executed by the bank card application 1 when the transaction is executed.
- the first comparison relationship is used to indicate a comparison relationship between the service instruction and the NFC application.
- the card management unit compares the received first service instruction with the first comparison relationship to determine an NFC application corresponding to the POS.
- the card management unit may select the application 2 corresponding to the POS according to the first comparison relationship and the service instruction B. Then, it can be executed by Application 2 when executing this transaction.
- the corresponding use requirements of the multiple NFC applications may include one or more of the following information: an authentication request corresponding to multiple NFC applications; and an access control policy corresponding to multiple NFC applications;
- the NFC application corresponds to the user usage policy and policy execution conditions.
- the authentication requirements of an NFC application can be understood as a strategy for whether an NFC application needs to be authenticated and authenticated before performing the first transaction.
- the authentication requirement of the NFC application indicates that the NFC application needs to perform authentication, and the NFC application cannot be successfully completed without the terminal being authenticated. transaction.
- the authentication requirement may also indicate the security level of the authentication required by the NFC application.
- the verification mode A corresponds to the security level 1
- the verification mode B corresponds to the security level 4
- the identity verification request indicates that the NFC application requires the security level 3 or higher for identity verification
- the authentication mode B can be used for identity verification to achieve the NFC.
- the watch and the mobile phone are in a secure range as an authentication method.
- the security level of the authentication method is lower than the security level of the fingerprint authentication method, and the authentication requirement of an NFC application may also indicate the NFC.
- the security level required for the application to authenticate is higher than the security level based on the security scope.
- the security level of authentication in the SE is higher than the security level of authentication in the TEE, and the authentication in the TEE is secure.
- the level of security is higher than the level of security for authentication in the REE, so the authentication requirement for an NFC application can also indicate that the security level required for authentication by the NFC application is higher than the level of security for authentication in the TEE.
- the actual usage environment of an NFC application corresponds to a different level of security.
- the security level of the environment used in common locations and non-working hours is higher than that of unconventional locations and working hours.
- the authentication requirement of an NFC application may indicate that the security level required by the NFC application is higher than that of the non-conventional location and the working time for the transaction environment, and then the usage environment of the common location and the non-working time may be used. Authenticate to achieve the authentication requirements for the NFC application.
- the access control policy of the NFC application can be understood as the requirement of the NFC application to initiate access to the NFC application before executing the first transaction.
- the access control policy of the NFC application may indicate a version restriction of the NFC application (or a wallet application managing the NFC application), and the access is denied if the requirement of the version restriction is not met; the access control policy of the NFC application may indicate the The NFC application limits the current login account of the wallet application (or operating system) that manages the NFC application. If the login account does not meet the requirements, the access is denied.
- the access control policy of the access card application may indicate that only the specified ID is specified in the access control scenario.
- the access control policy of the NFC application can be used to indicate that the NFC application can only be accessed after the POS certificate is verified.
- the access control policy of the NFC application can indicate other requirements of the NFC application for the terminal device, for example. Whether the terminal is root or not, the terminal refuses to access when it is rooted.
- the user usage policy of the NFC application is that when the terminal detects that there are multiple NFC applications matching the POS type, in order to ensure the smooth execution of the subsequent transaction process, the card management unit requires the user to pre-order the priorities of the plurality of NFC applications in advance. setting.
- the policy execution condition is a basis for the terminal to judge whether to conduct a transaction or how to proceed with the transaction when there is a conflict between the highest priority application determined according to the user usage policy and the NFC application selected during the actual transaction.
- the user can set "the bank card card is used to preferentially use the credit card that is farthest from the repayment date to conduct the transaction" as the user usage policy, and "the sub-priority card is not allowed to conduct the transaction” as the policy execution condition.
- the terminal determines the current bank card swipe scene according to the SELECT PPSE command
- the credit card application is prioritized according to the current date and the user usage policy, and the information of at least the highest priority NFC application is returned to the POS. .
- the NFC application indicated by the POS through the first service instruction is not the highest priority determined according to the user usage policy.
- the terminal can reject the transaction according to the policy execution conditions.
- different merchants may have different preferential activities for bank cards of different card issuing banks, and the user usage policy of the bank card application may be set according to the preferential activities of the issuing bank of the bank card application.
- the card management unit selects an NFC application that matches the POS type, if multiple bank card applications match the POS type, the card management unit can set the priority of the preferential bank card application to a higher priority. Select the higher priority card application to execute the transaction.
- the card management unit detects the same. After the scenario where the NFC application selection conflicts may occur, the user is triggered to set the user usage policy and policy execution conditions. Users can set the “Priority use of more/less bus cards” for the user to use the policy, “Allow the use of secondary priority bus cards”. In this way, after the terminal receives the first service command (SELECT AID command) sent by the bus POS machine, the card management unit may preferentially send the first service command to the bus card application with higher priority according to the indication of the user usage policy. (For example, a bus card application stored in the SE), and in the case where the application selection fails or the transaction fails, the transaction is performed again using the secondary priority bus card application according to the policy execution condition.
- the card management unit may also instruct the user to select one of the plurality of NFC applications as the highest priority application. Trading.
- the following is a specific example of the use requirements of the NFC application, and how the card management unit selects the NFC application corresponding to the POS in combination with the usage requirements of the first service instruction and the NFC application.
- bank card application A bank card application B
- bus card application C bus card application D
- access card application E is installed in the terminal.
- the bank card application A is saved in the SE
- the identity verification request of the bank card application A indicates that the terminal can successfully complete the transaction after performing fingerprint verification
- the bank card application B is saved in the TEE or REE
- the access restriction request indication of the bank card application B is The terminal can directly access the bank card application B after the bright screen
- the access restriction request of the bus card application C indicates that the terminal (all users) can directly access the bus card application C
- the access restriction request of the bus card application D indicates that the user can pass through the terminal.
- a wallet application or operating system directly accesses the bus card application D; the access restriction requirement of the access card application E indicates that only the access control POS machine with the specified ID can access the access card application E.
- the access restriction requirement of the access card application E indicates that only the access control POS machine with the specified ID can access the access card application E.
- the triggering user sets the following user usage policy and policy execution conditions: when using the bus credit card transaction, the bus card application with a higher balance (user usage policy) is preferentially used, and the usage is allowed.
- Priority bus card application policy execution condition
- priority to use credit card application user usage policy
- sub-priority bus card application policy execution condition
- the terminal contacts the access card POS machine in the state of the interest screen, and the access card POS machine sends the first service command (carrying ID) to the terminal.
- the card management unit determines the NFC application corresponding to the access card POS machine, and the access card POS machine instructs the POS to select the access card application E, and the ID of the access card POS machine is the use of the access card application E.
- the designated ID of the instruction is requested.
- the card management unit sends the first service instruction to the access card application E, and the access card application E executes the transaction.
- the terminal contacts the bank card POS machine in a bright screen state, and the bank card POS machine sends a SELECT PPSE command to the terminal.
- the card management unit determines that the NFC application matching the bank card POS type is the bank card application A and the bank card application B, and in combination with the current date, the bank card application A's repayment date is later than the bank card.
- the card management unit determines that the transaction uses bank card application A. Since the use of the bank card application A indicates that the terminal is accessible after the identity verification, the card management unit needs to send the first service instruction to the bank card application A after the terminal performs identity verification, and the bank card application A executes the current transaction.
- the terminal opens the wallet application in a bright screen state and contacts the bus card POS machine, and the bus card POS machine sends a first service instruction to the terminal.
- the card management unit determines that the NFC application corresponding to the bus card POS machine is the bus card application C and the bus card application D.
- the card management unit confirms that the balance of the bus card application C is 45 yuan, and the balance of the bus card application D is 67 yuan. Since the user sets the priority to use the bus card application with a large balance when performing the bus card transaction, the card management unit determines that the transaction uses the bus card application D.
- the card management unit sends the first service instruction to the bus card application D.
- the card management unit selects the bus card application C to execute the transaction, even though the balance of the bus card application D is greater than the balance of the bus card application C.
- the POS may also send the preferential information of the plurality of NFC applications (such as a bank card application) and the transaction amount information to the terminal, or the POS obtains a plurality of NFC applications installed in the terminal through the second service instruction and each The NFC application's preferential strength is sorted.
- the card management unit obtains the bank card preferential information through the Internet or other means, and combines the merchant information sent by the POS to prioritize the bank card application based on the preferential strength. Then, when the card management unit returns an NFC application matching the POS type to the POS, it can refer to each NFC application. The strength of the concessions, tend to favor the NFC application with greater intensity.
- the card management unit may select the NFC application corresponding to the POS to perform the first according to the first service instruction and/or the usage requirement of each NFC application. transaction.
- the first NFC application receives the first service instruction, where the first service instruction received by the first NFC application may be sent by the card management unit, or may be sent by the NFC controller. That is, before the first NFC application receives the first service instruction and executes the first transaction according to the first service instruction, the card management unit sends the first service instruction to the first NFC application; or the card management unit instructs the NFC controller to The first service instruction is sent to the first NFC application. After receiving the first service instruction, the first NFC application responds to the first service instruction sent by the POS, thereby executing the first transaction.
- the first service instruction received by the first NFC application may be sent by the card management unit, or may be sent by the card management unit to the NFC controller.
- any of the two implementation manners may be used, which is not specifically limited in this embodiment of the present application. Only one implementation of the first service command sent by the card management unit to the first NFC application is shown in FIG.
- the interaction process of the card management unit with the first NFC application may have multiple implementation manners.
- the card management unit sends the service instruction (eg, by transmitting the HCI protocol to the SE) to the NFCEE holding the first NFC application, and then the NFCEE is responsible for distributing the service instruction to the first NFC application, and the first NFC application is applied.
- the sent response message is returned to the card management unit; for example, the NFCEE holding the first NFC application has a specified interface, and the card management unit can directly communicate with the first NFC through a specified interface (such as the Client API for accessing the TA in the TEE).
- the application interacts.
- the interaction between the terminal and the POS is performed by the NFC controller. That is, the first NFC application, the card management unit, or other modules and units in the terminal do not directly send the response message to the POS, but send the response message to the NFC controller, and then sent to the POS by the NFC controller;
- the POS does not directly send the service command to the first NFC application, the card management unit, or other modules and units in the terminal, but sends the service command to the NFC controller, and then sends the NFC controller to the first NFC application.
- Card management unit or other modules and units in the terminal are not directly send the response message to the POS, but send the response message to the NFC controller, and then sent to the POS by the NFC controller;
- the method before the NFC controller in the terminal receives the first service command sent by the POS, the method further includes: the NFC controller receiving the second service command sent by the POS; and the NFC control The second service instruction is sent to the card management unit.
- the second service instruction may be the foregoing SELECT PPSE instruction.
- the POS may perform the selection of the first NFC application according to the information carried in the second service command response.
- the card management unit may determine, according to the second service instruction and the second comparison relationship, at least one NFC application that matches the second service instruction type among the plurality of NFC applications.
- the second comparison relationship is used to indicate a matching relationship between the second service instruction and the multiple NFC applications.
- Each NFC application in the terminal can indicate to the card management unit the type of the second service instruction that matches its own type, and the card management unit can A second comparison relationship is generated according to a second service instruction that matches each NFC application type.
- the card management unit may determine the at least one NFC according to the user usage policy.
- the priority of the application, and responding to the second service instruction according to the priority of the at least one NFC application There are two ways to handle how to respond to the second business instruction:
- the card management unit sends a second response message of the second service instruction to the POS, where the second response message is used to indicate at least one NFC application that matches the POS type in the plurality of NFC applications, so that the POS generates the second response message according to the second response message.
- a business instruction is used to indicate at least one NFC application that matches the POS type in the plurality of NFC applications, so that the POS generates the second response message according to the second response message.
- the card management unit sends the second service command to the NFCEE where the specified NFC application is located in the at least one NFC application, and receives the second response message to the second service command, and sends the second response message to the POS, so that the card service unit sends the second service message to the POS.
- the POS generates a first service instruction according to the second response message.
- the second response message is used to indicate M NFC applications that are stored in the NFCEE and match the POS type, M ⁇ 1, and the M NFC applications include the designated NFC application.
- the designated NFC application may be the highest priority NFC application among the at least one NFC application.
- the first processing method and the second processing method will be described in detail below.
- the second response message is configured and sent by the card management unit according to the second comparison relationship: after receiving the second service instruction, the card management unit determines the POS type according to the second comparison relationship. Match at least one NFC application. If the number of the at least one NFC application is multiple, the card management unit may further prioritize the at least one NFC application according to the user usage policy of the at least one NFC application. The card management unit then sends a second response message to the POS to indicate at least one NFC application that matches the POS type and a prioritization of the at least one NFC application.
- the card management unit first determines, according to the second comparison relationship, at least one NFC application that matches the POS type, and then according to the user of the at least one NFC application. Using a policy to prioritize the at least one NFC application, and sending the second service instruction to the NFCEE where the highest priority NFC application (ie, the designated NFC application) is located in the at least one NFC application, and then the correlation in the NFCEE
- the application (such as a PPSE application) responds to the second service instruction.
- the second response message is used to indicate M NFC applications that are stored in the NFCEE and match the POS type, and M ⁇ 1. It is not difficult to understand that at least one NFC application is included in the M NFC applications.
- the NFCEE in which the specified NFC application is located also stores other NFC applications that match the POS type, and the second response message may further include M. Priority ranking information for NFC applications.
- the M NFC applications indicated by the second response message are NFC applications that are saved in the NFCEE where the NFC application is located and matched with the POS type; and in the first processing mode, The at least one NFC application indicated by the second response message is an NFC application that is saved in all NFCEEs in the terminal and matches the POS type. That is, the number of M NFC applications is less than or equal to the number of at least one NFC application.
- the NFC application that matches the POS type saved in the REE is the application 1 and the application 2.
- the NFC application that matches the POS type saved in the TEE is the application 3.
- the NFC application that matches the POS type saved in the SE is the application 4. Application 5 and Application 6.
- the application 5 is the NFC application with the highest priority among the NFC applications matching the POS type (that is, the designated NFC application). Then, if the first processing mode is adopted, the second response message is used to indicate the application 1, the application 2 Application 6, application 4, application 5 and application 6 six NFC applications and their prioritization information; if the second processing mode is adopted, the second response message is used to indicate three NFCs of application 4, application 5 and application 6. The application and its prioritization information.
- the POS can learn the NFC application that matches its own type according to the received second response message. Then, the POS combines its own capability to select an NFC application for executing the first transaction from the NFC application indicated in the second response message, and sends a first service instruction to the terminal by executing S502 to indicate the POS selected NFC application. Generally, the POS combines its own capabilities to select the NFC application with the highest priority among the NFC applications supported by both parties (POS and terminal).
- the card management unit in the terminal may perform the following two operations according to the NFC application indicated in the first service instruction:
- the first case is a first case:
- the NFC application indicated in the first service instruction is the NFC application with the highest priority among the NFC applications indicated by the POS type indicated in the second response message.
- the card management unit may determine, according to the first service instruction, that the highest priority NFC application is the first NFC application that performs the first transaction, and the use condition of the first NFC application is satisfied.
- the first service instruction is sent to the first NFC application (where NFCEE is located).
- the second response message sent by the terminal to the POS indicates that the NFC application matching the bank POS type is the bank card application A, the bank card application B, the bank card application C, and the card management unit.
- the priority order determined according to the user usage policy is bank card application A>bank card application B>bank card application C.
- the POS selects the bank card application A for performing the first transaction in combination with its own capability, and the POS instructs the terminal to select the bank card application A to execute the first transaction through the first service instruction.
- the card management unit determines that the bank card application A is the first NFC application for executing the first transaction, and sends the first service instruction to the bank card application A (in the NFCEE).
- the second case is a first case
- the NFC application indicated in the first service instruction is the NFC application in the NFC application that matches the POS type indicated in the second response message.
- the card management unit determines that the NFC application indicated by the first service instruction is not the highest priority NFC application, and the card management unit needs to determine whether the user allows the use of the secondary priority NFC according to the policy execution condition. The application executes the first transaction.
- the card management unit uses the NFC application indicated by the second priority in the first service instruction as the first NFC application executing the first transaction, and Sending the first service instruction to the first NFC application (where the NFCEE is located) if the usage condition of the first NFC application is satisfied; if the policy execution condition set by the user does not allow the first priority NFC application to execute the first In the case of a transaction, the first transaction is terminated/failed, or the terminal again reminds the user to set the policy execution condition (ie, prompts the user to reconfirm whether to allow the use of the secondary priority NFC application to execute the first transaction).
- the second response message sent by the terminal to the POS indicates that the NFC application matching the bank POS type is the bank card application A, the bank card application B, the bank card application C, and the card management unit.
- the priority order determined according to the user usage policy is bank card application A>bank card application B>bank card application C.
- the POS selects the bank card application B to perform the first transaction in combination with its own capability, and the POS instructs the terminal to select the bank card application B to execute the first transaction through the first service instruction.
- the card management unit determines that the bank card application B indicated by the first service instruction is not the highest priority NFC.
- the card management unit uses the bank card application B as the first NFC application executing the first transaction. And sending the first service instruction to the bank card application B (in the NFCEE), if the policy execution condition set by the user does not allow the first transaction to be executed by the NFC application of the second priority, the first transaction is terminated/failed, or the terminal is again Remind the user to set the policy execution conditions (ie, remind the user to reconfirm whether to allow the use of the secondary priority NFC application to execute the first transaction).
- the manner of the second response message that passes the second service instruction is mainly for a scenario where multiple NFC applications match the POS type.
- the POS initiates the first transaction to the terminal, the POS first sends a second service command to the terminal, and after receiving the second service command, the terminal sends a second response message of the second service command to the POS, including the NFC matching the POS type.
- Application information and prioritization information the POS may select an NFC application for executing the first transaction according to the second response message according to the second capability, and indicate the POS selected NFC application to the terminal by using the first service instruction.
- the NFC application indicated by the first service instruction is the highest priority NFC application after receiving the first service instruction, and finally determining the first NFC application for executing the first transaction according to the policy execution condition, and the first The business instruction is sent to the first NFC application (in the NFCEE).
- the terminal may perform some operations to make the first NFC application.
- the usage requirement is satisfied: if the usage requirement of the first NFC application is not met, the terminal performs a pre-processing flow of the first NFC application, the pre-processing flow is used to satisfy the usage requirement of the first NFC application;
- the NFC application receives the first service instruction and executes the first transaction according to the first service instruction.
- the pre-processing process may be performed by the card management unit, or may be notified by the card management unit to the wallet application corresponding to the first NFC application.
- the first service instruction received by the first NFC application may be sent by the card management unit, or may be sent by the card management unit to the NFC controller. That is, before the first NFC application receives the first service instruction and executes the first transaction according to the first service instruction, the card management unit may send the first service instruction to the first NFC application or the card management unit may instruct the NFC controller to A service command is sent to the first NFC application. The first NFC application then receives the first service instruction and responds to the first service instruction sent by the POS to execute the first transaction.
- the card management unit may trigger the POS to resend the first service instruction; the NFC controller receives the first service instruction resent by the POS; and the NFC controller re-sends the POS Sending the first service instruction to the first NFC application; or, the NFC controller sends the first service instruction resent by the POS to the card management unit; the first NFC application receives the first service instruction, and executes according to the first service instruction
- the first transaction may be implemented by: receiving, by the first NFC application, the first service instruction sent by the NFC controller, and responding to the first service instruction sent by the POS, thereby executing the first transaction; or, the first NFC application Receiving the first service instruction sent by the card management unit, and responding to the first service instruction sent by the POS, thereby executing the first transaction.
- the card management unit may trigger the POS to resend the first service instruction before the first NFC application receives the first service instruction.
- the first NFC application can then receive the first service instruction resent by the POS from the card management unit or the NFC controller.
- the usage requirements of the first NFC application may indicate that the first NFC application can complete the transaction flow after the terminal performs user authentication (eg, CDCVM). Then, the terminal performs a pre-processing procedure of the first NFC application if the usage requirement of the first NFC application is not met, and the specific implementation manner may be: if the card management list
- the POS may prompt the user to perform the card re-sticking or identity verification, and the user may follow the prompt of the terminal.
- the foregoing implementation manner can not only complete the pre-processing process of the first NFC application, but also satisfy the use requirement of the first NFC application, and can also avoid the foregoing transaction delay problem through the processing mechanism of the existing Try Again process, thereby improving the user. Experience.
- the POS When the POS executes the Try Again process, the POS returns to the state of waiting for the card to be read after the transaction is preprocessed, and the terminal executes the CDCVM. After the terminal completes the CDCVM and the first NFC application records the CDCVM, the user closes the POS. After the POS establishes an NFC radio connection with the terminal, the POS resends the first service command to select the NFC application. The card management unit in the terminal still selects the first NFC application to execute the first transaction by comparing the first service instruction with the first comparison relationship. At this time, since the terminal has executed the CDCVM, the card management unit may directly send the first service instruction to the The first NFC application then executes the first transaction by the first NFC application.
- the POS After the POS performs the Try Again process, the POS resends the first service command after the terminal establishes an NFC radio connection with the POS waiting for the card reading. Therefore, in the above solution, the transaction timeout problem occurring in the prior art can be avoided, and the user is improved.
- the above solution uses the POS in the processing mechanism of the existing Try Again process to return to the waiting for card reading state to provide the terminal with the opportunity to execute the CDCVM, so there is no need to change the POS (that is, the POS that does not support CDCVM can be utilized)
- Implementing the terminal to execute CDCVM can be applied to existing POS that does not support CDCVM.
- the POS that supports the CDCVM resolves to the status word and executes the Try Again procedure.
- the operation of the POS to perform the Try Again process may be triggered by the terminal.
- the specific manner may be: the card management unit sends the first service instruction to the first NFC application; the first NFC application applies the first service instruction.
- a response message is sent to the POS;
- the first NFC application receives the third service instruction sent by the POS, the third service instruction is used to perform the initial transaction processing; and the card management unit acquires the third response message of the first NFC application to the third service instruction;
- the card management unit determines whether the third response message includes a specified status word, and the specified status word is used by the card management unit to determine whether the POS supports the CDCVM; if included, the card management unit instructs the NFC controller to send the third response message to the POS to Triggering the POS to execute the Try Again process; if not, the card management unit intercepts the third response message or the card management unit instructs the NFC controller to intercept the third response message to trigger the POS execution (in the prior art, the card is accidentally dropped, etc.) The problem is designed by the Try Again process.
- the third service instruction may be a GPO instruction and the third response message may be a GPO RESPONSE message.
- the types of the third service instruction and the third response message in the embodiment of the present application are not limited to the types in this example, and other instructions that can be used for initial transaction processing can also be regarded as the third service instruction, and others can be used for initializing.
- the message processing the response of the transaction can also be regarded as the third response message.
- the specified status word may be the status word "6986" used in the prior art to trigger the POS to execute the Try Again process. Unlike the prior art, the role of the specified status word in the embodiment of the present application differs from the status word "6986" in the prior art.
- the status word "6986" is used to indicate that the NFC application requires CDCVM to be executed before the transaction flow can be completed. Cheng, but the terminal has not yet executed CDCVM.
- the card management unit determines that the usage requirement of the first NFC application indicates that the terminal needs to execute the CDCVM, and the terminal does not execute the CDCVM, before transmitting the first service command to the first NFC application. Since the third service instruction sent by the POS to the terminal indicates its own performance information and the conditions of the current transaction, the first NFC application can determine, according to the third service instruction, whether the POS supports the CDCVM authentication mode.
- the first NFC application carries the specified status word (eg, status word "6986") in the third response message, and if the POS does not support CDCVM, the first NFC application carries other status words in the third response message ( For example, the status word "9000" indicating the success of the response. Then, in the embodiment of the present application, after determining whether the third response message includes the specified status word, the card management unit may determine whether the POS supports the CDCVM, and trigger the POS in different manners when the POS supports and does not support the CDCVM. Execute the Try Again process.
- the specified status word eg, status word "6986”
- the card management unit instructs the NFC controller to send a third response message to the POS to trigger the POS to execute the Try Again procedure.
- the method of triggering the POS to execute the Try Again process is similar to the prior art. After the POS resolves to the specified status word carried in the third response message, it determines that the terminal does not execute the CDCVM, and then triggers the POS to execute the Try Again process, and returns to execute the transaction preprocessing. After waiting for the status of the card, wait for the terminal to complete the CDCVM.
- the card management unit intercepts the third response message or the card management unit instructs the NFC controller to intercept the third response message to trigger the POS to execute the Try Again procedure.
- the POS does not support CDCVM
- the authentication requirement of the card the first NFC application
- the card does not select CDCVM as the cardholder verification method of the transaction. Therefore, the status word "6986" unique to the CDCVM scenario will not appear, but the CVM will be determined in the response by using the online PIN or signature.
- the card management unit intercepts the third response message, and if the POS determines that the third service instruction has not received a response without receiving the third response message within the set duration, the Try Again process is executed. It should be noted that after the POS executes the Try Again process, the POS will prompt the terminal to execute the CDCVM. When the terminal executes the CDCVM, it may be executed by the card management unit, or the card management unit evokes execution of the wallet application managing the first NFC application, or is instructed by the card management unit to execute by the NFC controller.
- the POS may prompt the user to perform the card re-sticking or identity verification, and the user may follow the prompt of the terminal.
- the card management unit may trigger the POS to perform the Try Again process to mark the first transaction initiated by the POS.
- the advantages of the card management unit are: after the card management unit receives the second response message sent by the first NFC application. According to the mark, it is determined that the POS that needs to trigger the initiation of the first transaction executes the Try Again process; second, if the transaction fails due to the reason that the first transaction is to be executed, the last time the transaction is detected when the POS re-initiates the transaction.
- the terminal receives the SELECT PPSE command, determines that the bank card is swiped, and directly selects the first NFC application corresponding to the tag to execute the transaction and routes the service command sent by the POS to the first NFC application. Instead of performing the operation of selecting the NFC application corresponding to the POS again.
- the card management unit is responsible for managing a plurality of NFC applications installed in the terminal, and storing information of multiple NFC applications, for example, corresponding usage requirements of multiple NFC applications, and indicating multiple NFC applications and multiple The first contrast relationship of the one-to-one correspondence between the business instructions.
- the NFC controller can route the service instruction to the card management unit, and the card management unit selects and controls the NFC application for the transaction.
- the card management unit may send a first message to the NFC controller, the first message The message is used to instruct the NFC controller to send the received service command to the card management unit. In this way, all the service instructions sent by the NFC controller and sent by the POS are directly routed to the card management unit, so that the card management unit can select and control the NFC application.
- the NFC controller can set the routing information in the routing table to route the service command sent by the POS to the card management unit.
- the routing information of the NFC controller can have different settings in special cases. For example, before the terminal is shut down, the routing information is directed to the bus card application, and the bus card application is set to the activation state. Under this setting, the bus card transaction can still be realized after the terminal is powered off. For another example, after the card management unit receives the first service instruction and selects the first NFC application, the routing information may be set to point to the NFCEE that saves the first NFC application, and after the first transaction is completed, the routing information may be set to point to the card management unit. Thus, when the terminal executes the transaction again, the POS still sends the first service instruction to the card management unit for selection of the NFC application.
- the above description of the embodiments of the present application is mainly directed to fast credit card transactions.
- the terminal receives an instruction for the user to select the second NFC application before the terminal contacts the POS in S401, the terminal selects the first NFC application corresponding to the POS and is in the first NFC application in S402.
- a specific implementation manner of performing the first transaction when the usage condition is met may be: if the second NFC application does not match the POS type, the terminal selects the first NFC application corresponding to the POS and the use condition of the first NFC application has been The first transaction is executed when satisfied.
- the second NFC application is an NFC application manually selected by the user for the first transaction to be initiated before the terminal contacts the POS. That is, the user manually selects the second NFC application to execute the first transaction to be initiated before the terminal initiates the first transaction. Then, in the case that the terminal determines that the second NFC application does not match the POS type, the terminal may independently select a first NFC application that matches the POS type to perform the first transaction, so that the second NFC application and the POS type manually selected by the user are used. In the case of a mismatch, the problem of poor user experience caused by the user manually switching the NFC application and re-initiating the transaction at the POS end is avoided.
- the user manually selects the bank card application to execute the first transaction before the terminal initiates the first transaction of the bus credit card transaction.
- the terminal determines that the bank card application does not match the type of the bus POS.
- the terminal may select a bus card application matching the type of the bus POS to execute the first transaction.
- the terminal may select the third NFC application and execute the first transaction when the usage condition of the third NFC application has been satisfied.
- the user needs to meet the usage requirements in different scenarios, and the third NFC application manually selected by the user is preferentially used to perform the first transaction initiated by the POS.
- the card management unit in the terminal still needs to determine the use condition of the third NFC application, if the use condition of the third NFC application is satisfied. And the third NFC application receives the first service instruction and executes the first transaction when the usage condition of the first NFC application has been met; if the usage condition of the third NFC application is not met, the pre-processing flow is further performed to make the third NFC After the application condition of the application is satisfied, the first service instruction is sent to the third NFC application.
- the execution steps and implementation manners are the same as those described above when the first transaction is executed by the first NFC application, and are not described here.
- the card management unit in the embodiment of the present application can be regarded as the operation of the terminal.
- a module in the system, wherein the first comparison relationship, the first service instruction, and the usage requirements corresponding to the plurality of NFC applications in the terminal may be saved.
- the card management unit may perform the following operations: selecting an NFC application corresponding to the POS for the POS-initiated transaction, implementing activation of the cross-storage location (SE/TEE/REE) of the NFC application, and routing of the service instruction; performing each NFC application Checking and pre-processing of the required use; in order to solve the selection conflict of the same type of NFC application, the user usage policy and the policy execution condition of the NFC application are personalized; when the NFC application manually selected by the user does not match the POS type, the conflict occurs. Process and automatically select a type matching NFC application for this transaction. It can be understood that since the card management unit plays an important role in the NFC application selection process, when the card management unit is implemented in the TEE, the transaction is more secure.
- the NFC application that performs the first transaction initiated by the POS is the first NFC application supported by the terminal and corresponding to the POS and the usage condition is satisfied. Therefore, executing the first transaction using the first NFC application may cause the first transaction execution to be completed, avoiding the problem of poor user experience in the prior art due to the mismatch between the selected NFC application and the POS type.
- the terminal transaction method provided by the embodiment of the present application can also avoid the situation that the POS re-initiates the transaction from the transaction pre-processing due to the unsatisfied use condition of the NFC application, thereby improving the user experience.
- the embodiment of the present application introduces a card management unit module in the terminal, which can be used to manage all NFC applications installed in the terminal (stored in different NFCEEs and managed by different wallet applications), thereby performing NFC application in the terminal.
- a series of solutions are provided in the case of conflicts in selection (ie, where multiple NFC applications match POS types).
- the user experience of the terminal is improved compared to the prior art.
- the card management unit stores a first comparison relationship and usage requirements of multiple NFC applications, where multiple NFC applications may be managed by different wallet applications or may be stored in different NFCEEs. Therefore, the card management unit has no limitation on the wallet application for managing the first NFC application, and there is no problem of manually switching the wallet application existing in the prior art.
- the first NFC application selected by the card management unit is an NFC application that matches the POS type, and the card management unit may be based on the first NFC application because the card management unit stores the usage requirement of the first NFC application.
- the use requires determination to determine that the usage requirements of the first NFC application have been met, or the terminal performs a pre-processing process such that the usage requirements of the first NFC application are met, ensuring that the first transaction can be performed.
- the prior art solution selects a default NFC application to perform a transaction, and in this embodiment, the POS type can be matched according to the POS type.
- the user usage policy of multiple NFC applications flexibly selects NFC applications for executing transactions, such as selecting the most popular bank card application or selecting a credit card application with a long repayment date.
- the embodiment of the present application further provides a terminal transaction method, which may be regarded as a specific example of the method shown in FIG. 4 or FIG. 5.
- the method includes the following steps:
- the NFC Adaptor sends routing information to the NFCC.
- NFC Adaptor can be regarded as a specific example of the card management unit. Routing information can be considered as a specific example of the first message. After receiving the first message, the NFCC can know that if the service command sent by the POS is received, the service instruction is sent to the NFC Adaptor.
- the NFC application sends registration information to the NFC Adaptor.
- the registration information may include a usage requirement of the NFC application and a first comparison relationship for indicating a one-to-one correspondence between the plurality of NFC applications and the plurality of service instructions.
- the registration information may further include a second comparison relationship for indicating a correspondence between the second service instruction and the plurality of NFC applications;
- the NFC Adaptor saves the registration information of each NFC application; performs anti-collision detection and setting; and configures the user usage policy.
- the anti-collision detection and setting detects information such as whether the usage conditions of each NFC application conflict and the usage priority of each NFC application.
- the NFC Adaptor configures all RF parameters supported by the NFCC.
- the NFCC can learn all the communication types supported by the terminal through all the supported RF parameters, and then perform corresponding processing after establishing radio communication with the POS: for the transaction type supported by the terminal, the service instruction is routed to the NFC Adaptor; The type of communication that is not supported responds to the error message.
- the NFC Adaptor After receiving the registration message of all NFC applications installed in the terminal, the NFC Adaptor knows that the bank card application and the access card application are installed in the terminal, but the bus card application is not installed, and then the NFC Adaptor applies the bank card application and the access card application. The RF parameters are sent to the NFCC. Then, when the user's handheld terminal contacts the bus POS machine, if the terminal does not support the RF technology of the bus POS, the NFC radio frequency connection will not be established with the bus POS machine.
- the POS and NFCC establish an NFC radio link through the radio frequency discovery process.
- the POS sends a first service instruction to the NFCC.
- the NFCC After receiving the first service instruction, the NFCC sends the first service instruction to the NFC Adaptor according to the indication of the routing information.
- the NFC Adaptor determines the NFC application corresponding to the POS according to the first service instruction and the registration information of each NFC application, and determines whether the usage condition of the NFC application is satisfied: if the usage condition is satisfied, step 9 is performed; if the usage condition is not met Then perform the pre-processing process and then perform step 9.
- the NFC Adaptor sends a first service instruction to the NFC application determined in step 8.
- the NFC Adaptor may also instruct the NFCC to send the first service instruction to the NFC application determined in step 8.
- the first NFC application performs an NFC radio connection with the POS after receiving the first service instruction, thereby executing the transaction.
- steps 1 to 4 in the dashed box are pre-steps performed before the user applies the card, and are mainly used for performing parameter setting operations on the terminal; steps 5 to 10 are performed after the user applies the card.
- the NFC application corresponding to the POS may be selected to perform the transaction by performing steps 6 to 10.
- the specific operation of performing the transaction by performing the NFC radio connection with the POS in the NFC application in step 10 is the same as the prior art, and details are not described herein again.
- terminal transaction method shown in FIG. 6 can be regarded as a specific example of the method shown in FIG. 4 or FIG. 5, and the implementation manner not described in detail in the terminal transaction method shown in FIG. 6 can be seen in FIG. 4 or FIG. A description of the method shown in 5.
- step 8 of the method shown in FIG. 6 if the usage condition is not met, the card management unit needs to execute the pre-processing flow, and then perform step 9.
- the specific implementation process of steps 7 and 8 can be as shown in FIG. 7:
- the NFC Adaptor receives the first service command sent by the POS.
- step 1 of FIG. 7 the first service command sent by the NFC Adaptor to the POS can be regarded as step 6 and step 7 in FIG. 6.
- step 3 executes the prior art service interaction process; if the CDCVM is not executed, perform step 4 and Follow-up actions.
- the NFC Adaptor sends the first service instruction to the NFC application.
- the NFC Adaptor marks the transaction for subsequent analysis of the response message for this transaction.
- the NFC Adaptor sends the first service instruction to the NFC application.
- the NFC application sends a first response message of the first service message to the NFC Adaptor.
- the NFC Adaptor sends a first response message to the POS.
- the NFC Adaptor receives the third service command sent by the POS.
- the third service instruction can be regarded as the foregoing GPO message.
- the NFC Adaptor sends a third service command to the NFC application.
- the NFC application sends a third response message of the third service instruction to the NFC Adaptor.
- the NFC Adaptor After receiving the third response message, the NFC Adaptor parses the marked third response message.
- the NFC Adaptor determines whether the status message "6986" is carried in the third response message. If it is carried, step 13 is performed. If not, step 14 is performed.
- the NFC Adaptor sends a third response message to the POS.
- the NFC Adaptor intercepts the third response message.
- the interaction between the NFC Adaptor and the POS is performed by the NFCC.
- the NFC Adaptor and the POS are simply indicated by the dotted line NFCC between the NFC Adaptor and the POS. process.
- step 7 and step 8 in the method shown in FIG. 6 can be regarded as a specific example of step 7 and step 8 in the method shown in FIG. 6.
- the implementation manner not described in detail in the method shown in FIG. 7 can be referred to the method shown in FIG. A related description, or refer to the related description in the method shown in FIG. 4 or FIG. 5.
- the terminal transaction method provided by the embodiment of the present application is applicable not only to the fast card transaction scenario shown in FIG. 6 or FIG. 7, but also to the active card selection transaction scenario.
- the active card selection transaction scenario a specific example of the terminal transaction method provided by the embodiment of the present application can be as shown in FIG. 8:
- the NFC Adaptor receives the first service command sent by the POS.
- step 1 of FIG. 8 the first service command sent by the NFC Adaptor to the POS can be regarded as step 6 and step 7 in FIG. 6.
- step 3 Determine whether the NFC application selected by the user matches the POS type. If yes, go to step 4. If not, go to step 5.
- step 7 After executing the pre-processing flow.
- the NFC Adaptor sends the first service instruction to the NFC application executing the transaction.
- the NFC application that performs the first transaction initiated by the POS is the first NFC application selected by the terminal and corresponding to the POS and the usage condition is satisfied. Therefore, executing the first transaction using the first NFC application may cause the first transaction execution to be completed, avoiding the problem of poor user experience in the prior art due to the mismatch between the selected NFC application and the POS type.
- the terminal transaction method provided by the embodiment of the present application can also perform the pre-processing process by triggering the POS in the case that the identity verification requirement of the NFC application is not met, and the identity verification request of the NFC application is obtained without modifying the POS. Satisfaction improves the user experience.
- the embodiment of the present application provides a terminal, and the terminal can implement the method provided by the embodiment corresponding to FIG. 4 .
- the terminal 900 includes a radio frequency connection module 901 and an execution module 902. among them,
- the radio frequency connection module 901 is configured to establish an NFC radio frequency connection with the POS to start the first transaction.
- the executing module 902 is configured to select a first NFC application corresponding to the POS and execute the first transaction when the usage condition of the first NFC application has been met.
- the first NFC application may be an NFC application installed in the SE, or the first NFC application may be an NFC application installed in the TEE, or the first NFC application may be an NFC application installed in the REE.
- the terminal 900 further includes a first transceiver module, where the first transceiver module is configured to receive the user selection second before the RF connection module 901 starts the first transaction.
- the execution module 902 includes an NFC controller, a card management unit, and a first NFC application.
- the execution module 902 is configured to: when the first NFC application corresponding to the POS is selected and execute the first transaction when the usage condition of the first NFC application is satisfied, specifically, the NFC controller receives the first service instruction sent by the POS.
- the NFC controller sends the first service command to the card management unit in the terminal, where the card management unit stores the first comparison relationship and the usage requirements corresponding to the plurality of NFC applications in the terminal, where the first comparison relationship is used to indicate multiple NFCs.
- the first NFC application is one of a plurality of NFC applications, and the one-to-one correspondence between the application and the plurality of service instructions.
- the card management unit selects the first NFC application corresponding to the POS among the plurality of NFC applications according to the first service instruction and the first comparison relationship. If the usage requirement of the first NFC application has been met, the first NFC application receives the first service instruction and executes the first transaction according to the first service instruction.
- the usage requirements of the multiple NFC applications respectively include one or more of the following information: the corresponding authentication requirements of the multiple NFC applications; the access control policies corresponding to the multiple NFC applications; and the multiple NFC applications respectively Users use policies and policies to enforce conditions.
- the NFC controller is further configured to: before receiving the first service instruction sent by the POS, receive the second service instruction sent by the POS.
- the second service instruction is sent to the card management unit.
- the card management unit is also used to:
- the at least one NFC application that matches the second service instruction type of the plurality of NFC applications is determined according to the second service instruction and the second comparison relationship, where the second comparison relationship is used to indicate a matching relationship between the second service instruction and the plurality of NFC applications.
- the first service instruction, the second response message is used to indicate the M NFC applications that are stored in the NFCEE and match the POS type, M ⁇ 1, and the M NFC applications include the designated NFC application.
- the card management unit is further configured to: send the first service instruction to the first NFC application before the first NFC application receives the first service instruction, and executes the first transaction according to the first service instruction. Or instructing the NFC controller to send the first service instruction to the first NFC application.
- the execution module 902 is further configured to: when the usage requirement of the first NFC application is not met, in a case that the usage condition of the first NFC application is not met, A pre-processing flow of the first NFC application, the pre-processing flow being used to satisfy the usage requirements of the first NFC application.
- the first NFC application is further configured to: receive the first service instruction, and execute the first transaction according to the first service instruction.
- the card management unit is further configured to send the first service instruction to the first NFC before the first NFC application receives the first service instruction and executes the first transaction according to the first service instruction.
- the card management unit is further configured to: after the first NFC application receives the first service instruction, trigger the POS to resend the first service instruction.
- the NFC controller is further configured to: receive the first service instruction resent by the POS. Sending the first service instruction resent by the POS to the first NFC application; or sending the first service instruction resent by the POS to the card management unit.
- the first NFC application When receiving the first service instruction and executing the first transaction according to the first service instruction, the first NFC application is specifically configured to: receive the first service instruction sent by the NFC controller, and respond to the first service instruction sent by the POS, Thereby executing the first transaction; or receiving the first service instruction sent by the card management unit and responding to the first service instruction sent by the POS, thereby executing the first transaction.
- the execution module 902 when the execution of the first NFC application is performed, the execution module 902 is specifically configured to: if the card management unit determines that the usage requirement of the first NFC application indicates that the terminal needs to execute the CDCVM, and the terminal does not execute The CDCVM, the execution module 902 triggers the POS to execute the Try Again process and triggers the terminal to execute the CDCVM.
- the execution module 902 is configured to: when the POS is triggered to execute the Try Again process, the card management unit sends the first service instruction to the first NFC application.
- the first NFC application sends a first response message of the first service instruction to the POS.
- the first NFC application receives the third service instruction sent by the POS, and the third service instruction is used to perform the initial transaction processing.
- the card management unit acquires a third response message of the first NFC application to the third service instruction.
- the card management unit determines whether the third response message includes a specified status word, and the specified status word is used by the card management unit to determine whether the POS supports the CDCVM.
- the card management unit instructs the NFC controller to send a third response message to the POS to trigger the POS to execute the Try Again process; if not, the card management unit intercepts the third response message or the card management unit instructs the NFC controller to intercept A third response message to trigger the POS to execute the Try Again process.
- the NFC controller is further configured to: receive the card management before the execution module 902 selects the first NFC application corresponding to the POS and executes the first transaction when the usage condition of the first NFC application is satisfied.
- the first message sent by the unit, the first message is used to instruct the NFC controller to send the received service instruction to the card management unit.
- the terminal 900 provided by the embodiment of the present application can also implement an active card selection transaction.
- the terminal 900 further includes: a second transceiver module, configured to receive an instruction for the user to select the third NFC application before the radio frequency connection module 901 establishes an NFC radio frequency connection with the POS.
- the execution module 902 is further configured to: after the RF connection module 901 establishes an NFC radio frequency connection with the POS, if the third NFC application matches the POS type, select the third NFC application and execute the first when the usage condition of the third NFC application is satisfied. transaction.
- the second transceiver module may be the same module as the first transceiver module, or may be a module of a different first transceiver module.
- the division of the module in the embodiment of the present application is schematic, and is only a logical function division, and the actual implementation may have another division manner.
- the functional modules in the embodiments of the present application may be integrated into one processing module, or each module may exist physically separately, or two or more modules may be integrated into one module.
- the above integrated modules can be implemented in the form of hardware or in the form of software functional modules.
- the integrated modules if implemented in the form of software functional modules and sold or used as separate products, may be stored in a computer readable storage medium.
- a computer readable storage medium A number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) or a processor to perform all or part of the steps of the methods described in various embodiments of the present application.
- the foregoing storage medium includes various media that can store program codes, such as a USB flash drive, a mobile hard disk, a ROM, a RAM, a magnetic disk, or an optical disk.
- the terminal 900 can implement the method provided by the embodiment corresponding to FIG. 4 .
- the terminal 900 can implement the method provided by the embodiment corresponding to FIG. 4 .
- the embodiment of the present application further provides a terminal, which adopts the method provided by the embodiment corresponding to FIG. 4, and may be the same device as the terminal 900 shown in FIG.
- the terminal 1000 includes a transceiver 1001, a processor 1002, and a memory 1003.
- the transceiver 1001, the processor 1002, and the memory 1003 are connected by a bus to implement data exchange.
- the transceiver 1001 is configured to support the transmission and reception of information between the terminal 1000 and the POS in the foregoing embodiment.
- the memory 1003 is used to store program codes and data of the terminal 1000.
- the processor 1002 is configured to invoke program code and data stored in the memory 1003, perform the processes in the method illustrated in FIG. 4, and/or other processes for the techniques described herein.
- the radio frequency connection module 901 in the terminal 900 shown in FIG. 9 can be regarded as a module integrated in the transceiver 1001, and can also correspond to an independent sensor chip; the execution module 902 in the terminal 900 shown in FIG. 9 can be used. It is regarded as a module integrated in the processor 1002, and can also correspond to an independent processing chip.
- the card management unit and the first NFC application in the terminal 900 shown in FIG. 9 can be regarded as modules integrated in the processor 1002, and can also correspond to independent processing chips; NFC control in the terminal 900 shown in FIG.
- the device may be regarded as a module integrated in the transceiver 1001, or may be corresponding to a separate sensor chip.
- the NFC controller may also be regarded as a module integrated in the processor 1002; the first in the terminal 900 shown in FIG.
- the transceiver module and the second transceiver module can be considered as modules integrated in the transceiver 1001.
- the terminal 1000 may further include other interfaces, such as a fiber link interface, an Ethernet interface, a microwave link interface, a copper interface, etc., to implement interaction between the terminal 1000 and other devices (eg, POS).
- other interfaces such as a fiber link interface, an Ethernet interface, a microwave link interface, a copper interface, etc.
- the processor 1002 may be a central processing unit, an ASIC, or a field programmable gate array (field- Programmable gate array (FPGA) or complex programmable logic device (CPLD).
- FPGA field- Programmable gate array
- CPLD complex programmable logic device
- the terminal 1000 shown in FIG. 10 includes only one transceiver 1001, one processor 1002, and one memory 1003.
- the number of the transceiver 1001, the processor 1002, and the memory 1003 may be one or multiple.
- the terminal 1000 shown in FIG. 10 can implement the method provided by the embodiment corresponding to FIG. 4, or can be the same device as the terminal 900 shown in FIG. Therefore, the implementation manner not described in detail by the terminal 1000 may refer to the related description in the method provided by the embodiment corresponding to FIG. 4 or the related description in the terminal 900 shown in FIG. 9.
- Also provided in the embodiment of the present application is a computer storage medium, where the software program stores a software program, and the software program can implement the terminal transaction method in the foregoing embodiment when being read and executed by one or more processors.
- the embodiment of the present application provides a terminal transaction method and a terminal.
- the NFC application that performs the first transaction initiated by the POS is the first NFC application selected by the terminal and corresponding to the POS and the usage condition is satisfied. Therefore, executing the first transaction using the first NFC application may cause the first transaction execution to be completed, avoiding the problem of poor user experience in the prior art due to the mismatch between the selected NFC application and the POS type.
- embodiments of the present application can be provided as a method, system, or computer program product.
- the present application can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment in combination of software and hardware.
- the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
- the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
- the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
- These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
- the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Health & Medical Sciences (AREA)
- Toxicology (AREA)
- General Health & Medical Sciences (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Bioethics (AREA)
- Electromagnetism (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Cash Registers Or Receiving Machines (AREA)
Abstract
一种终端交易方法及终端,用以解决现有技术中存在的NFC应用与POS类型不匹配、用户体验较差的问题。方法包括:终端与销售终端POS建立近场通信NFC射频连接,启动第一交易;终端选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易。
Description
本申请要求在2017年09月28日提交中国专利局、申请号为201710900511.2、发明名称为“NFC应用选择冲突处理方法和设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
本申请涉及近场通信(near field communication,NFC)技术领域,尤其涉及一种终端交易方法及终端。
NFC技术是一种基于射频识别(radio frequency identification,RFID)的短距离无线连接技术,利用磁场感应可以实现电子设备在近距离间的通信。用户只需要通过设备的触碰或者靠近,就可以安全快速地交换信息或进行交易。
卡模拟模式为NFC设备的一种常见的工作模式,即将NFC设备模拟成一张非接触卡,如门禁卡、银行卡、公交卡等。卡模拟模式主要用于商场、交通等非接触移动支付场景中,用户只要将NFC设备靠近销售终端(point of sale,POS),并通过验证确认交易或者直接接收交易即可。
在现有技术中,针对卡模拟工作模式,为了实现快速刷卡交易、简化用户交易时的操作通常要求用户为NFC设备设置一个默认钱包应用以及默认钱包应用中的默认卡应用(也可以称为NFC应用),同时将这一设置同步到NFC控制器保存的路由信息中。在用户使用NFC设备贴卡(即用户将NFC设备触碰或靠近POS)时,NFC设备中的NFC控制器将POS发送的第一条业务指令路由到用户设置的默认卡应用,NFC设备与POS的交易过程即通过该默认卡应用与POS的交互实现。
但是,采用上述方案会带来如下问题:若用户设置的默认卡应用与发起本次交易的POS类型不匹配(例如用户设置的默认卡应用为公交卡应用,而发起本次交易的POS为银行POS机),那么本次交易会被终止,NFC设备的用户需要手动选择另一个与POS类型匹配的卡应用,且在POS端也需重新发起交易,从而使得用户体验较差。
综上,现有的终端交易方式存在NFC应用与POS类型不匹配的问题,从而导致用户体验较差。
发明内容
本申请实施例提供一种终端交易方法及终端,用以解决现有技术中存在的NFC应用与POS类型不匹配、用户体验较差的问题。
第一方面,本申请实施例提供一种终端交易方法,该方法包括如下步骤:终端与销售终端POS建立近场通信NFC射频连接,启动第一交易;终端选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易。
采用上述方案,由于执行POS发起的第一交易的NFC应用为终端支持的、与该POS对应且使用条件已满足的第一NFC应用。因此,使用第一NFC应用执行第一交易可以使
得第一交易执行完成,避免现有技术中由于选择的NFC应用与POS类型不匹配而导致的用户体验较差的问题。此外,采用上述方案还可以避免由于NFC应用的使用条件未满足而导致的POS从交易预处理开始重新发起交易的情形,提升了用户体验。
在一种可能的设计中,在终端与销售终端POS建立NFC射频连接之前,还包括:终端接收用户选择第二NFC应用的指令;终端选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易,具体包括:如果第二NFC应用与POS类型不匹配,则终端选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易。
采用上述方案,在终端判断第二NFC应用与POS类型不匹配的情况下,终端可以自主选择一个与POS类型匹配的第一NFC应用执行第一交易,从而在用户手动选择的第二NFC应用与POS类型不匹配的情况下,避免用户手动切换NFC应用、POS端重新发起交易等操作所带来的用户体验较差的问题。
在一种可能的设计中,终端选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易,具体包括:终端中的NFC控制器接收POS发送的第一业务指令;NFC控制器将第一业务指令发送给终端中的卡片管理单元,卡片管理单元保存有第一对照关系和终端中的多个NFC应用分别对应的使用要求,第一对照关系用于指示多个NFC应用与多个业务指令之间的一一对应关系,第一NFC应用为多个NFC应用中的一个;卡片管理单元根据第一业务指令和第一对照关系,选择多个NFC应用中与POS对应的第一NFC应用;如果第一NFC应用的使用要求已满足,第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易。
采用上述方案,可以通过终端中的NFC控制器、卡片管理单元和第一NFC应用的相互配合,实现执行第一交易的操作。
在一种可能的设计中,在终端中的NFC控制器接收POS发送的第一业务指令之前,还包括:NFC控制器接收POS发送的第二业务指令;NFC控制器将第二业务指令发送给卡片管理单元;卡片管理单元根据第二业务指令与第二对照关系,确定多个NFC应用中与第二业务指令类型匹配的至少一个NFC应用,第二对照关系用于指示第二业务指令与多个NFC应用的匹配关系;卡片管理单元向POS发送第二业务指令的第二响应消息,第二响应消息用于指示多个NFC应用中与POS类型匹配的至少一个NFC应用,使得POS根据第二响应消息生成第一业务指令;或者,卡片管理单元将第二业务指令发送给至少一个NFC应用中的指定NFC应用所在的近场通信执行环境NFCEE,并接收对第二业务指令的第二响应消息,将第二响应消息发送给POS,使得POS根据第二响应消息生成第一业务指令,第二响应消息用于指示保存在NFCEE中的、与POS类型匹配的M个NFC应用,M≥1,M个NFC应用中包含指定NFC应用。
采用上述方案,提供了两种终端响应POS发送的第二业务指令的方法,即由卡片管理单元对第二业务指令进行响应或者由指定NFC应用所在的NFCEE对第二业务指令进行响应。
在一种可能的设计中,在第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易之前,还包括:卡片管理单元将第一业务指令发送给第一NFC应用;或者,卡片管理单元指示NFC控制器将第一业务指令发送给第一NFC应用。
采用上述方案,第一NFC应用接收到的第一业务指令可以是卡片管理单元发送的,也
可以是卡片管理单元指示NFC控制器发送的。在不同的实现场景下,可以采用这两种实现方式中的任一种,本申请实施例对此不做具体限定。
在一种可能的设计中,该方法还包括如下步骤:如果第一NFC应用的使用要求未满足,则终端执行第一NFC应用的预处理流程,预处理流程用于使得第一NFC应用的使用要求得到满足;第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易。
采用上述方案,可以在第一NFC应用的使用要求未满足的情况下由终端执行预处理流程,从而使得第一NFC应用的使用要求得到满足,使得第一交易能够执行。
在一种可能的设计中,在第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易之前,还包括:卡片管理单元将第一业务指令发送给第一NFC应用;或者,卡片管理单元指示NFC控制器将第一业务指令发送给第一NFC应用。
采用上述方案,第一NFC应用接收到的第一业务指令可以是卡片管理单元发送的,也可以是卡片管理单元指示NFC控制器发送的。
在一种可能的设计中,在第一NFC应用接收第一业务指令之前,还包括:卡片管理单元触发POS重新发送第一业务指令;NFC控制器接收POS重新发送的第一业务指令;NFC控制器将POS重新发送的第一业务指令发送给第一NFC应用;或者,NFC控制器将POS重新发送的第一业务指令发送给卡片管理单元;第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易,具体包括:第一NFC应用接收NFC控制器发送的第一业务指令,并对POS发送的第一业务指令进行响应,从而执行第一交易;或者,第一NFC应用接收卡片管理单元发送的第一业务指令,并对POS发送的第一业务指令进行响应,从而执行第一交易。
采用上述方案,卡片管理单元可以在第一NFC应用的使用条件得到满足以后,触发POS重新发送第一业务指令,从而使得第一NFC应用根据POS重新发送的第一业务指令执行第一交易。
在一种可能的设计中,如果第一NFC应用的使用要求未满足,则终端执行第一NFC应用的预处理流程,具体包括:如果卡片管理单元判断第一NFC应用的使用要求指示终端需执行设备持卡人验证方法CDCVM,且终端未执行CDCVM,则终端触发POS执行Try Again流程,并触发执行CDCVM。
采用上述方案,POS执行Try Again流程时,POS重新返回执行交易预处理后等待读卡的状态,终端执行CDCVM。等终端完成CDCVM、第一NFC应用记录CDCVM已执行的结果后,用户将终端靠近POS,POS与终端建立了NFC射频连接后重新发送第一业务指令,进行NFC应用的选择。终端中的卡片管理单元通过对照第一业务指令和第一对照关系,仍会选择第一NFC应用执行第一交易,此时由于终端已执行CDCVM,卡片管理单元可以直接将第一业务指令发送给第一NFC应用,然后由第一NFC应用执行第一交易。
在一种可能的设计中,终端触发POS执行Try Again流程,具体可通过如下方式实现:卡片管理单元将第一业务指令发送给第一NFC应用;第一NFC应用将第一业务指令的第一响应消息发送给POS;第一NFC应用接收POS发送的第三业务指令,第三业务指令用于进行初始交易处理;卡片管理单元获取第一NFC应用对第三业务指令的第三响应消息;卡片管理单元判断第三响应消息中是否包含指定状态字,指定状态字用于卡片管理单元判断POS是否支持CDCVM;若包含,则卡片管理单元指示NFC控制器将第三响应消息发送给POS,以触发POS执行Try Again流程;若不包含,则卡片管理单元截留第三响应消
息或卡片管理单元指示NFC控制器截留第三响应消息,以触发POS执行Try Again流程。
采用上述方案,提供了终端触发POS执行Try Again流程的具体方案。
在一种可能的设计中,在终端选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易之前,还包括:NFC控制器接收卡片管理单元发送的第一消息,第一消息用于指示NFC控制器将接收到的业务指令发送至卡片管理单元。
在一种可能的设计中,在终端与POS建立NFC射频连接之前,还包括:终端接收用户选择第三NFC应用的指令;在终端与POS建立NFC射频连接之后,还包括:如果第三NFC应用与POS类型匹配,则终端选择第三NFC应用并在第三NFC应用的使用条件已满足时执行第一交易。
采用上述方案,可以满足用户的不同场景下的使用需求,优先使用用户手动选择的第三NFC应用来执行POS此次发起的第一交易。
在一种可能的设计中,多个NFC应用分别对应的使用要求包含以下信息中的一种或多种:多个NFC应用分别对应的身份验证要求;多个NFC应用分别对应的访问控制策略;多个NFC应用分别对应的用户使用策略及策略执行条件。
在一种可能的设计中,第一NFC应用为SE中安装的NFC应用,或者第一NFC应用为TEE中安装的NFC应用,或者第一NFC应用为REE中安装的NFC应用。
采用上述方案,可以实现由保存在不同NFCEE中的第一NFC应用执行第一交易。
第二方面,本申请实施例提供一种终端,该终端具有实现上述第一方面以及第一方面的各个可能设计的技术方案的功能。该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的模块。
在一种可能的设计中,该终端包括处理单元和通信单元,处理单元例如可以是处理器,通信单元例如可以是收发器,收发器可以包括射频电路。其中处理单元用于执行上述第一方面以及第一方面的各个可能设计提供的终端交易方法中的处理操作;通信单元用于与其他设备(例如POS)进行数据交互。
在另一种可能的设计中,该终端包括处理器和存储器,其中存储器用于存储程序,处理器用于调用存储器中存储的程序,以实现第一方面以及第一方面任意一项可能的设计中的终端交易方法。需要说明的是,处理器可以通过输入/输出接口、管脚或电路等发送或者接收数据。存储器可以为芯片内的寄存器、缓存等。此外,存储器还可以是终端内的位于芯片外部的存储单元,如只读存储器(read-only memory,ROM)、可存储静态信息和指令的其他类型的静态存储设备、随机存取存储器(random access memory,RAM)等。
其中,上述任一处提到的处理器,可以是一个通用的中央处理器(central processing unit,CPU),微处理器,特定应用集成电路(application-specific integrated circuit,ASIC),或一个或多个用于控制执行上述第一方面或者第一方面任意一项可能设计的终端交易方法的程序的集成电路。
第三方面,本申请实施例还提供一种计算机可读存储介质,该计算机可读存储介质存储有程序,当该程序在计算机上运行时,使得计算机执行上述各方面所述的方法。
第四方面,本申请还提供一种包含程序的计算机程序产品,当其在计算机上运行时,使得计算机执行上述各方面所述的方法。
另外,第二方面至第四方面中任一种可能设计方式所带来的技术效果可参见第一方面中不同设计方式所带来的技术效果,此处不再赘述。
图1为本申请实施例提供的一种移动支付方式的示意图;
图2为本申请实施例提供的另一种移动支付方式的示意图;
图3为本申请实施例提供的一种NFC设备和POS的交互流程的示意图;
图4为本申请实施例提供的第一种终端交易方法的流程示意图;
图5为本申请实施例提供的第二种终端交易方法的流程示意图;
图6为本申请实施例提供的第三种终端交易方法的流程示意图;
图7为本申请实施例提供的预处理流程的流程示意图;
图8为本申请实施例提供的第四种终端交易方法的流程示意图;
图9为本申请实施例提供的一种终端的结构示意图;
图10为本申请实施例提供的另一种终端的结构示意图。
为了使本申请的目的、技术方案和优点更加清楚,下面将结合附图对本申请作进一步地详细描述。
本申请实施例提供一种终端交易方法及终端,用以解决现有技术中存在的NFC应用与POS类型不匹配、用户体验较差的问题。其中,方法和装置是基于同一发明构思的,由于方法及装置解决问题的原理相似,因此装置与方法的实施可以相互参见,重复之处不再赘述。
下面,对本申请涉及的基本概念进行解释。需要说明的是,这些解释是为了让本申请实施例更容易被理解,而不应该视为对本申请实施例所要求的保护范围的限定。
一、NFC
NFC技术是一种基于RFID的短距离无线连接技术,利用磁场感应可以实现电子设备在近距离间的通信。用户只需要通过设备的触碰或者靠近,就可以安全快速地交换信息或进行交易。
NFC设备通常工作在13.56MHz的频率上,其有效通信范围为0-20cm,典型值为4cm。
一般地,NFC设备的工作模式(即NFC设备在NFC通信中承担的角色)可分为三种:
1、点对点(peer-to-peer,P2P)模式,此时NFC设备用于如名片分享、网页分享、NFC蓝牙配对、无线保真(wireless fidelity,WiFi)配对等场景。
2、卡模拟(card emulation,CE)模式,此时NFC设备被模拟成一张非接触卡,如门禁卡、银行卡、交通卡、优惠券、身份证等。卡模拟模式主要用于商场、交通等非接触移动支付场景中。
3、读写器(reader/writer,R/W)模式,此时NFC设备作为智能卡的读写终端,作为移动支付或身份验证等场景的银行POS机、公交POS机等,以及作为标签读写器。
二、NFC控制器
NFC控制器(near field communication controller,NFCC)负责通过射频(radio frequency,RF)接口和天线进行数据的物理传输,以实现NFC设备与对端设备的通信。也就是说,NFC设备与对端设备的通信需要通过NFC控制器实现。
在NFC设备中,NFCC对应的硬件实体通常是NFC芯片。
NFCC是在NFC论坛(NFC Forum)制定的NFC控制接口(NFC controller interface,NCI)规范中使用的术语,它可以对应欧洲电信标准协会(european telecommunication standards institute,ETSI)制定的主机控制接口(host controller interface,HCI)规范中的非接触前端(contactless front-end,CLF)。
三、POS
本申请实施例中的POS可以理解为支持NFC的POS。示例性地,本申请实施例中的POS包括但不限于银行POS机、公交POS机、门禁POS机。POS是一种多功能终端,在特约商户或受理网点安装的POS与计算机联成网络,通过POS与NFC设备进行通信可以实现消费、预授权、余额查询和转账等功能。
通常,NFC设备发起交易的方式有两种:主动选卡交易和快速刷卡交易。
主动选卡交易是指用户需要进行交易时,主动打开钱包应用,选择用于本次交易的卡应用,如果卡应用要求身份验证,用户则按提示进行验证,验证通过后,POS与NFC设备进行通信从而完成交易。
快速刷卡交易是指NFC设备通过直接贴POS的方式唤醒默认钱包应用,默认钱包应用按照默认卡应用的使用要求判断是否进行身份验证,并根据验证结果激活默认卡应用与POS进行通信从而完成交易。
四、钱包应用和NFC应用
钱包应用安装在NFC设备中,负责NFC应用的激活和管理,并为用户提供可视用户界面(user interface,UI)。NFC应用(又可以称为“卡应用”)可以认为是实现非接触交易逻辑的实体。NFC应用通常保存在安全单元(secure element,SE)、可信执行环境(trusted execution environments,TEE)或富执行环境(rich execution environments,REE)等近场通信执行环境(NFC execution environments,NFCEE)中。
举例来说,手机中下载的pay应用(比如Huawei钱包)可以理解为钱包应用,用户通过钱包应用绑定并加载一张用于支付的卡片,加载的这张卡片可以理解为卡应用,该卡片的数据(程序代码和个人化数据)保存在NFCEE中。
五、NFCEE
如前所述,NFC应用通常保存在SE、TEE或REE中。这里所说的SE、TEE或REE可以理解为NFCEE。其中,SE对应的物理实体包括但不限于嵌入式安全单元(embedded secure element,eSE)、通用集成电路卡(universal integrated circuit card,UICC)、集成在主芯片中的inSE。TEE或REE对应的物理实体包括但不限于中央处理器(central processing unit,CPU)、ARM处理器、应用处理器(application processor,AP)等具有计算处理能力的芯片。在上述具有计算处理能力的芯片中划分出REE和TEE两个区域,通过软件和硬件配置方式实现访问控制,从而TEE中的NFC应用提供了更为安全的运行空间。
当NFC设备处于卡模拟工作模式时,通常存在两种移动支付方式:基于SE的移动支付和基于HCE的移动支付。
1、基于SE的移动支付
基于SE的移动支付方式可参考图1,此时NFC应用保存在SE中,因而NFC应用的信息与操作系统(operating system,OS)隔离。NFC控制器在接收到NFC读卡器(POS)发送的业务指令后将业务指令路由至SE,由SE中保存的相应NFC应用执行移动支付交易。
2、基于HCE的移动支付
为绕开卡片发行方的制约,满足快速部署NFC应用的需求,出现了基于HCE的移动支付技术。基于HCE的移动支付方式可参考图2,此时NFC应用保存在TEE或REE中。基于HCE的移动支付技术可以在不需要SE的情况下,由NFC控制器将NFC读卡器(POS)发送的业务指令路由至应用处理器(application processor,AP)等具有计算处理能力的芯片,并由操作系统通知到NFC应用。与基于SE的移动支付方式相比,基于HCE的移动支付可以使得NFC设备中的任何应用程序都可以模拟成一张非接触卡来与NFC读卡器(POS)直接通信。
由于缺少了实体SE的保护,基于HCE的移动支付方式可以结合其他安全加固方案来保证支付安全性。基于TEE的HCE移动支付是目前常见的一种方案。TEE是与REE共存于NFC设备中的运行环境,通过硬件的支撑,TEE可以实现与REE相隔离的运行机制。TEE有自身的运行空间并定义了严格的保护措施,因此比REE的安全级别更高。由于只有经过授权的应用才能在TEE中执行,TEE中的资产(如数据,软件等)的机密性得到了很好的保护,可免受软件攻击、抵抗特定类型的安全威胁。
六、设备持卡人验证方法(consumer device cardholder verification method,CDCVM)
CDCVM是基于NFC设备发起交易时的一种特有的持卡人验证方式(cardholder verification method,CVM)。通常,CVM是指联机PIN或用户签名等传统验证方式,CDCVM是指Access PIN(钱包应用的密码)、生物验证(例如指纹、虹膜等验证)以及一些基于可穿戴设备进行的签名验证等验证方式。
示例性地,在进行交易时,如果用户在NFC设备上进行了指纹验证,且发现对端PoS也支持CDCVM时,NFC设备中的NFC应用可以修改自身参数(例如卡片交易属性、卡片验证结果),同时设置已进行过CDCVM且CDCVM已通过的标识信息并发送给POS,此时指纹验证的结果将作为持卡人验证结果,此次交易无需用户再通过传统方式进行身份验证(例如,在POS机提供联机PIN或用户签名),从而带来较好的用户体验。
七、Try Again流程
在一次非接触交易中,POS的运行流程大致分为四个阶段:交易预处理(Pre-processing)、协议激活(Protocol Activation)、应用选择(Combination Selectinon)、Kernel激活与判断(Kernel Activation)。
其中,交易预处理,即POS根据本次交易金额进行风险管理以及交易属性的配置;协议激活即POS上电激活射频场并提示用户贴卡/挥卡,POS等待读卡;应用选择,即POS在用户贴卡并与卡片建立射频连接后,通过SELECT PPSE与SELECT AID与卡片协商本次用于交易的NFC应用;Kernel激活与判断即POS向选择的NFC应用提供自身的性能信息以及本次交易的信息,NFC应用生成必要的密文和签名并将交易数据和结果作为初始交易处理过程的响应返回给POS,然后POS获取到交易数据和结果,然后POS可独立执行后续判断逻辑,并整合交易数据和结果生成联机报文,请求NFC应用对应的发卡方授权交易。
但是在非接触式快速刷卡交易场景(例如qPBOC)下,对交易时延的要求较高(300ms-500ms以内)。用户在黑屏、锁屏或者未手动选择本次交易使用的NFC应用的情况下贴卡或挥卡,此时由于CDCVM的执行时长较长,如果在前述最后两个阶段中直接加入设备端的验证环节,通常难以满足时延要求,因而出现交易超时的情况。POS一旦判断
交易超时就会对此次交易报错。此时,收银员需要重新输入交易金额,然后重新执行上述交易预处理以及后续流程。
POS(支持CDCVM功能)可通过Try Again流程解决上述进行CDCVM交易超时的问题。NFC应用可在初始交易处理过程的响应中附带状态字“6986”,该状态字指示卡应用支持CDCVM但终端还未执行CDCVM。POS解析到该状态字后,会触发Try Again这一预设逻辑流程:POS重新返回协议激活处理阶段等待读卡,等NFC设备完成CDCVM、NFC应用记录CDCVM已执行的结果后,用户将终端靠近POS进行交易,POS在与用户终端建立射频连接后重新进行应用选择和初始交易处理。在Try Again流程中,可以通过二次交互的方式避免由于交易超时而导致的重新输入交易金额的问题。
下面,对现有的终端交易方案进行详细介绍。
参见图3,现有技术中,NFC设备和银行卡POS的交互过程通过三组指令完成。
1、当NFC设备和POS通过射频发现过程检测到对端设备后,POS向NFC设备发送SELECT PPSE(选择PPSE)指令,以指示NFC设备上报本次交易可以使用的NFC应用。
其中,NFC设备中的NFC控制器接收到SELECT PPSE(选择PPSE)指令后,按照给其配置的路由项,将SELECT PPSE(选择PPSE)指令路由至NFCEE,由NFCEE中的PPSE应用响应SELECT PPSE(选择PPSE)指令。
2、NFC设备中接收到该指令的NFCEE中的PPSE应用通过RESPONSE(响应)消息上报本次交易可以使用的银行卡NFC应用。
其中,NFC设备上报的NFC应用的数量可以为多个,也可以为一个。通常,在默认刷卡场景下,NFC设备上报的NFC应用为用户设置的默认NFC应用。也就是说,步骤2发送的RESPONSE(响应)消息可包含多个可用的NFC应用的列表。此外,NFCEE在上报RESPONSE(响应)消息时,通过NFC控制器上报。
3、若NFC设备上报的默认NFC应用与POS类型匹配,POS则向NFC设备发送包含该默认NFC应用的AID信息的SELECT AID(选择AID)指令,以指示使用该默认NFC应用进行本次交易。
其中,NFC设备中的NFC控制器接收到SELECT AID(选择AID)指令后,将SELECT AID(选择AID)指令路由至NFCEE,由NFCEE中的默认NFC应用响应SELECT AID(选择AID)指令。
4、NFC设备在接收到SELECT AID(选择AID)指令后,通过RESPONSE(响应)消息指示该默认NFC应用被成功选择到。
其中,NFC设备在发送RESPONSE(响应)消息时,可以通过NFC控制器发送。
其中,步骤4发送的RESPONSE消息可包含默认NFC应用的文件控制信息(file control information,FCI)、默认NFC应用的标识以及默认NFC应用对SELECT AID(选择AID)指令的响应结果的状态字。
5、POS向NFC设备发送获取处理选项(get processing options,GPO)指令,从而向默认NFC应用提供自身的性能信息以及本次交易的条件。
其中,NFC设备中的NFC控制器接收到GPO指令后,将GPO指令路由至NFCEE,由NFCEE中的默认NFC应用响应GPO指令。
6、默认NFC应用生成必要的密文和签名并通过GPO RESPONSE(获取处理选项响应)消息返回交易数据和结果。
其中,NFC设备在发送GPO RESPONSE(获取处理选项响应)消息时,可以通过NFC控制器发送。
此外,若默认NFC应用与POS类型不匹配,即所述NFC设备无法响应SELECT PPSE或SELECT PPSE响应包含的NFC应用信息为空,则POS显示NFC应用选择失败的消息并终止交易。
当NFC应用被设置成默认NFC应用并激活后,NFC设备会对NFCC进行路由信息配置,以指示NFC控制器将POS发送的业务指令路由至保存该NFC应用的NFCEE(例如SE、TEE或者REE)中。路由信息通常以AID|NFCEE ID的形式存在,AID为索引项,NFCEE ID为结果项。当NFC控制器接收到POS发送的SELECT AID这一业务指令后,NFC控制器根据SELECT AID指令中的AID信息以及路由信息索引得到NFCEE ID,并将业务指令路由至该NFCEE ID指示的NFCEE中,该NFCEE即为保存有默认NFC应用的NFCEE。
此外,路由信息还可以包含NFC应用的使用条件,例如亮屏条件下是否可以使用,息屏条件下是否可以使用,或者关机条件下是否可以使用。在根据路由信息将业务指令路由至NFCEE之前,还需要对该NFC应用的使用条件进行判断,在使用条件满足的情况下才将业务指令路由至保存该NFC应用的NFCEE。但是,路由信息中不包含NFC应用的身份验证要求,NFC应用的身份验证逻辑由管理该NFC应用的钱包应用实现。
需要说明的是,图3所示方法中SELECT PPSE、RESPONSE、SELECT AID、RESPONSE可视为NFC设备与POS的交互过程中应用选择阶段的交互指令,GPO、GPO RESPONSE可视为NFC设备与POS的交互过程中初始交易处理阶段的交互指令。
同样需要说明的是,SELECT PPSE、RESPONSE在某些场景下是必要的,但在某些场景下不是必须执行的。例如,在银行卡支付场景下,NFC设备和POS通常必须进行SELECT PPSE和RESPONSE的指令交互。这是因为对于POS来说,与POS类型匹配的NFC应用可能有多个,因而该POS需要通过SELECT PPSE和RESPONSE的指令交互获取NFC设备中可用于执行交易的NFC应用,然后POS和NFC设备协商确定出唯一一个用于本次交易的NFC应用,并通过SELECT AID指令对该NFC应用进行选择。但是,在某些场景下与POS类型匹配的NFC应用只有一个,因此POS可直接发送SELECT AID指令,以指示选择哪个NFC应用执行此次交易。例如,在公交刷卡或门禁开门等场景下,NFC控制器和POS通常不必进行SELECT PPSE和RESPONSE的指令交互,这是因为对于POS来说,与该POS类型匹配的NFC应用(卡应用)通常只有一个,因而该POS可直接通过SELECT AID指令指示本次交易使用的NFC应用(卡应用)。
在现有实现方式中,银行卡应用一般要求在终端进行用户身份验证,而公交卡应用、门禁卡应用、会员卡应用这类应用可以直接使用。现有NFCC的路由机制设计时并没有考虑这种业务层面的实际需求。如果在NFCC接收到业务指令(例如SELECT PPSE指令或SELECT AID指令)后再进行相应的应用是否需要进行身份验证的判断,以及在判断需要验证后再进行身份验证的流程,则很容易出现超时问题。一种解决方法就是通过设置默认NFC应用的机制,由管理默认NFC应用的钱包应用来判断是否需要进行身份验证,并针对默认NFC应用的设置执行相应的逻辑:如果默认NFC应用是银行卡应用这类需要进行身份验证的NFC应用,则NFCC在进入射频场时通知钱包应用,钱包应用执行用户身份验证,验证通过后,指示NFCC与POS建立射频连接,接收并路由业务指令(例如SELECT
PPSE指令);如果默认NFC应用是公交卡应用这类不需要进行身份验证的NFC应用,则直接建立射频连接并接收业务指令(例如SELECT AID指令)。
采用现有的设置默认NFC应用的机制,在接收业务指令之前,通过默认NFC应用的机制进行判断,会出现默认NFC应用与POS类型不匹配的情况,并且也只能实现激活一个钱包应用中的一个NFC应用。如果在接收到业务指令后进行再根据业务指令进行判断,需要对现有流程进行修改,这样的修改虽然能解决NFC应用与POS类型匹配的问题,但是如果不根据流程的修改对NFCC或POS进行改动,则会出现超时的问题。基于如上对现有实现方式的描述,在图3所示的终端交易方法中,若默认NFC应用与发起本次交易的POS类型不匹配(例如用户设置的默认NFC应用为公交卡应用,而发起本次交易的POS为银行POS机),那么本次交易会被终止,NFC设备的用户需要手动选择与激活另一个与POS类型匹配的NFC应用(并同步进行NFCC的配置),且在POS端也需要重新发起交易,从而使得用户体验较差。
此外,图3所示方法中,在进行业务指令的路由时,并没有考虑身份验证的问题。对于银行卡应用这类始终要求终端进行身份验证的NFC应用来说,图3所示的终端交易方法在终端的身份验证过程中会存在如下问题:若默认NFC应用与POS类型匹配,在将业务指令路由至NFCEE后进行身份验证,则很容易出现超时问题;若在图3所示方案中增加身份验证流程,则需要对POS进行改动,可能无法兼顾现有POS。因此,采用现有技术提供的终端交易方案,难以满足NFC应用的身份验证要求。
为了解决现有技术中存在的NFC应用与POS类型不匹配、用户体验较差的问题,本申请实施例提供一种终端交易方法及终端。
下面结合附图对本申请实施例提供的终端交易方案进行具体说明。需要说明的是,本申请实施例中所涉及的多个,是指两个或两个以上。另外,需要理解的是,在本申请实施例的描述中,“第一”、“第二”等词汇,仅用于区分描述的目的,而不能理解为指示或暗示相对重要性,也不能理解为指示或暗示顺序。
参见图4,为本申请实施例提供的终端交易方法的流程示意图。该方法包括如下步骤:
S401:终端与POS建立NFC射频连接,启动第一交易。
其中,终端与POS建立NFC射频连接可以有如下理解:用户将终端触碰或靠近POS(处于上电/协议激活状态),使得终端与POS在有效通信范围(例如0-20cm)内建立NFC射频连接。也就是说,终端与POS建立NFC射频连接并不限定终端与POS有实际的物理接触。
本申请实施例中,终端可以理解为支持NFC的终端,即可以理解为前述NFC设备。终端包括但不限于智能手机、智能手表、平板电脑、虚拟现实(virtual reality,VR)设备、增强现实(augmented reality,AR)设备、个人计算机、手持式计算机、个人数字助理。
S402:终端选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易。
其中,“对应”一词有两层含义:1、第一NFC应用为与POS类型匹配的NFC应用;2、第一NFC应用为终端根据与POS进行交互时协商选择的、用于执行第一交易的NFC应用。
由此可见,与现有技术不同的是,本申请实施例中用于执行第一交易的第一NFC应用并不是通过设置默认NFC应用的方式确定的,而是在启动第一交易后通过终端与POS的
协商确定出的。
需要说明的是,在终端中可能安装有多个与POS类型匹配的NFC应用,第一NFC应用只是其中之一。
本申请实施例中,对第一交易的交易类型不做具体限定。例如,终端与公交POS机接触时,发起的第一交易可以是公交刷卡交易;终端与银行POS机接触时,发起的第一交易可以是银行卡支付交易。
此外,在S402中的第一NFC应用可以为SE中安装的NFC应用,也可以为TEE中安装的NFC应用,也可以为REE中安装的NFC应用。本申请实施例中对此不做限定。也就是说,采用图4所示的终端交易方法选择第一NFC应用可以是终端中任意NFCEE中安装的NFC应用。
在具体实现时,S402中,终端选择与POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行第一交易,具体可通过如下方式实现:终端中的NFC控制器接收POS发送的第一业务指令;NFC控制器将第一业务指令发送给终端中的卡片管理单元;卡片管理单元根据第一业务指令和第一对照关系,选择多个NFC应用中与POS对应的第一NFC应用;如果第一NFC应用的使用要求已满足,第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易。
其中,卡片管理单元保存有第一对照关系和终端中的多个NFC应用分别对应的使用要求,该第一对照关系用于指示多个NFC应用与多个业务指令之间的一一对应关系,第一NFC应用为多个NFC应用中的一个。
在S402的这种实现方式中,第一业务指令用于终端确定与POS对应的第一NFC应用。比如,第一业务指令可以是前述的SELECT AID指令。示例性地,当公交POS机发起交易时,公交POS机向终端发送的第一业务指令可以是SELECT AID指令。当然,本申请实施例中第一业务指令不限于SELECT AID指令,POS向终端发送的用于发起第一交易的、能够直接或间接指示出用于第一交易的NFC应用的指令均可视为本申请实施例中的第一业务指令。
基于上述S402的实现方式,图4所示的终端交易方法的一种具体实现方式可以如图5所示。图5所示的终端交易方法包括如下步骤:
S501:终端与POS间通过射频发现建立NFC通信。
这里,射频发现过程可通过S401中终端与POS接触的方式来实现。当终端与POS通过射频发现过程建立NFC通信,POS可向终端发送第一业务指令,从而发起第一交易。
S502:终端中的NFC控制器接收POS发送的第一业务指令。
其中,第一业务指令可参见前面的描述,此处不再赘述。
S503:NFC控制器将第一业务指令发送给终端中的卡片管理单元。
如前所述,卡片管理单元保存有第一对照关系和终端中的多个NFC应用分别对应的使用要求,第一对照关系用于指示多个NFC应用与多个业务指令之间的一一对应关系,第一NFC应用为多个NFC应用中的一个。
S504:卡片管理单元根据第一业务指令和第一对照关系,选择多个NFC应用中与POS对应的第一NFC应用。
本申请实施例中,卡片管理单元为可视为终端操作系统中的一个模块,其中保存有第一对照关系以及终端中的多个NFC应用分别对应的使用要求。通过卡片管理单元可以为
POS发起的交易选择与该POS对应的NFC应用,其中,保存该NFC应用的NFCEE可以有多种,例如可以是SE、TEE或者REE。
其中,第一对照关系用于指示多个NFC应用与多个业务指令之间的一一对应关系。卡片管理单元根据第一业务指令和第一对照关系可以确定与发起第一交易的POS对应的第一NFC应用。
S504中,根据第一业务指令和第一对照关系确定与POS对应的第一NFC应用时,可以通过如下两种方式实现:
第一种方式:
在第一种方式中,第一对照关系用于指示第一业务指令的AID信息和NFC应用的对照关系。卡片管理单元在接收到第一业务指令后解析出业务指令中携带的AID信息,将解析得到的AID信息与第一对照关系进行对照,确定出与POS对应的第一NFC应用。
示例性地,终端中安装有公交卡应用、银行卡应用1和银行卡应用2这三个NFC应用,第一对照关系用于指示
这三组对照关系。其中,A00000000386980701、A000000333010102和A000000333010101均代表AID信息。那么,当银行POS机发起银行卡支付交易时,卡片管理单元接收到POS发送的SELECT PPSE指令后,通过RESPONSE消息将银行卡应用1和银行卡应用2上报给POS,POS接收到RESPONSE消息后,向终端中的NFC控制器发送SELECET AID指令,以指示选择银行卡应用1执行此次交易。卡片管理单元接收到NFC控制器发送的SELECT AID指令后,卡片管理单元解析出SELECT AID指令中携带的AID信息为A000000333010102,卡片管理单元将解析得到的AID信息与第一对照关系进行对照,确定与POS对应的NFC应用为银行卡应用1。那么,在执行此次交易时可以通过银行卡应用1执行。
第二种方式:
在第二种方式中,第一对照关系用于指示业务指令和NFC应用的对照关系。卡片管理单元将接收到的第一业务指令与第一对照关系进行对照,确定与POS对应的NFC应用。
示例性地,终端中安装有应用1、应用2、应用3、应用4这四个NFC应用,第一对照关系用于指示
这四组对照关系。若卡片管理单元接收到NFC控制器发送的第一业务指令为业务指令B,卡片管理单元则根据第一对照关系和业务指令B可以选择与POS对应的应用2。那么,在执行此次交易时可以通过应用2执行。
S505:如果第一NFC应用的使用要求已满足,第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易。
本申请实施例中,多个NFC应用分别对应的使用要求可以包含以下信息中的一种或多种:多个NFC应用分别对应的身份验证要求;多个NFC应用分别对应的访问控制策略;多个NFC应用分别对应的用户使用策略及策略执行条件。
下面对身份验证要求、访问控制策略、用户使用策略及策略执行条件进行详细解释。
一、身份验证要求
NFC应用的身份验证要求可以理解为NFC应用在执行第一交易前是否需要进行身份验证、进行何种方式的身份验证的策略。例如,NFC应用的身份验证要求指示该NFC应用需执行身份验证,那么,在终端未进行身份验证的情况下无法使用该NFC应用成功完成
交易。
更进一步,如果不同的身份验证方式对应不同的安全等级,那么身份验证要求还可以指示该NFC应用要求的身份验证的安全等级。比如,验证方式A对应安全等级1,验证方式B对应安全等级4,身份验证要求指示该NFC应用要求安全等级3以上的身份验证,那么此时可以通过验证方式B进行身份验证,从而达到该NFC应用的身份验证要求。
示例性地,手表和手机处于安全范围内可以作为一种身份验证方式,这种身份验证方式的安全等级低于指纹验证方式的安全等级,那么某个NFC应用的身份验证要求还可以指示该NFC应用要求的身份验证的安全等级高于根据安全范围进行身份验证这一方式的安全等级。
示例性地,在不同的环境中进行身份验证时对应不同的安全等级,例如,在SE中进行身份验证的安全等级高于在TEE中进行身份验证的安全等级,在TEE中进行身份验证的安全等级高于在REE中进行身份验证的安全等级,那么某个NFC应用的身份验证要求还可以指示该NFC应用要求的身份验证的安全等级高于在TEE中进行身份验证这一方式的安全等级。
示例性地,NFC应用的实际使用环境对应不同的安全等级。比如常用地点、非工作时间进行交易时使用环境的安全等级高于非常规地点、工作时间进行交易时使用环境的安全等级。某个NFC应用的身份验证要求可以指示该NFC应用要求的安全等级高于非常规地点、工作时间进行交易时使用环境的安全等级,那么此时可在常用地点、非工作时间这一使用环境下进行身份验证,从而达到该NFC应用的身份验证要求。
二、访问控制策略
NFC应用的访问控制策略可以理解为NFC应用在执行第一交易前、发起对该NFC应用的访问时的要求。示例性地,NFC应用的访问控制策略可以指示对该NFC应用(或者管理该NFC应用的钱包应用)的版本限制,如果不满足版本限制的要求则拒绝访问;NFC应用的访问控制策略可以指示该NFC应用对管理该NFC应用的钱包应用(或者操作系统)当前登录账号的限制,如果登录账号不符合要求则拒绝访问;门禁卡应用的访问控制策略可以指示在门禁开门场景下,只有指定ID的门禁POS机才能访问该门禁卡应用;NFC应用的访问控制策略可以指示该NFC应用只有验证过POS证书验证后才能访问;NFC应用的访问控制策略可以指示该NFC应用对终端设备的其他要求,例如终端是否root,当终端被root后拒绝访问。
三、用户使用策略及策略执行条件
NFC应用的用户使用策略是当检测到终端存在多个与POS类型匹配的NFC应用时,为了确保后续交易流程能顺利执行,卡片管理单元预先要求用户对多个NFC应用的优先级进行排序时进行的设置。策略执行条件则是用于根据用户使用策略决定的最高优先级应用与实际交易时选择的NFC应用存在冲突时用于使终端判断是否进行交易或如何继续进行交易的依据。
示例性地,用户可以设定“银行卡刷卡时优先使用距离还款日最远的信用卡进行交易”作为用户使用策略,“不允许使用次优先级卡片进行交易”作为策略执行条件。在交易时,当终端根据SELECT PPSE指令判断出当前银行卡刷卡场景时,按照当前日期和用户使用策略对各信用卡应用进行优先级排序,并将至少包含优先级最高的NFC应用的信息返回给POS。当POS通过第一业务指令指示的NFC应用不是根据用户使用策略确定的优先级最
高的NFC应用时,终端可根据策略执行条件拒绝本次交易。
比如,不同商家针对不同发卡行的银行卡会有不同的优惠活动,银行卡应用的用户使用策略可以根据银行卡应用的发卡行的优惠活动进行设置。卡片管理单元在选择与POS类型匹配的NFC应用时,若多个银行卡应用均与该POS类型匹配,则卡片管理单元可将优惠较大的银行卡应用的优先级设置的较高,并优先选择优先级较高的银行卡应用来执行此次交易。
再比如,若终端存在多个与某地公交POS类型匹配公交卡应用(两个公交卡AID信息相同,但是两个公交卡应用分别保存在SE和TEE中),则卡片管理单元检测到这种可能会带来NFC应用选择冲突的场景后,触发用户进行用户使用策略和策略执行条件的设置。用户可以设置“优先使用余额较多/较少的公交卡”为用户使用策略,“允许使用次优先级公交卡”。这样,当终端接收到该公交POS机发送的第一业务指令(SELECT AID指令)后,卡片管理单元可以根据用户使用策略的指示,将第一业务指令优先发送给优先级较高的公交卡应用(例如保存在SE中的公交卡应用),并且在对该应用选择失败或交易失败的情况下,根据策略执行条件,使用次优先级的公交卡应用再次进行交易。
当然,如果卡片管理单元在选择与POS类型匹配的NFC应用时有多个NFC应用与该POS类型匹配,卡片管理单元也可指示用户选择多个NFC应用中的一个NFC应用作为优先级最高的应用进行交易。
下面以一个具体示例对NFC应用的使用要求,以及卡片管理单元如何结合第一业务指令和NFC应用的使用要求选择与POS对应的NFC应用。
假设终端中安装有银行卡应用A、银行卡应用B、公交卡应用C、公交卡应用D和门禁卡应用E。银行卡应用A保存在SE中,且银行卡应用A的身份验证要求指示终端在进行指纹验证后才能成功完成交易;银行卡应用B保存在TEE或REE中,银行卡应用B的访问限制要求指示终端在亮屏后可直接访问银行卡应用B;公交卡应用C的访问限制要求指示终端(all user)可直接访问公交卡应用C;公交卡应用D的访问限制要求指示用户可通过终端中的某个钱包应用或操作系统(处于user1登录状态)直接访问公交卡应用D;门禁卡应用E的访问限制要求指示只有指定ID的门禁POS机才能访问门禁卡应用E。对于终端中安装的这五个NFC应用,因为银行卡A、B,都与银行PoS类型匹配,能够进行银行卡交易,公交卡C、D安装在不同的NFCEE,但是AID相同,与公交PoS类型匹配,则卡片管理单元检测到这种情况后,触发用户设置如下用户使用策略及策略执行条件:在进行公交刷卡交易时优先使用余额较多的公交卡应用(用户使用策略),且允许使用次优先级的公交卡应用(策略执行条件);在进行信用卡支付交易时优先使用还款日较远的信用卡应用(用户使用策略),且不允许使用次优先级的公交卡应用(策略执行条件)。
为了清楚地表示五个NFC应用的使用条件,将上述五个NFC应用的使用条件以表格形式体现出来,详见下表1。
表1
那么,在使用终端进行交易时存在如下场景:
场景一、
终端在息屏状态下与门禁卡POS机接触,门禁卡POS机向终端发送第一业务指令(携ID)。卡片管理单元接收到第一业务指令后,确定与该门禁卡POS机对应的NFC应用,且门禁卡POS机指示POS选择门禁卡应用E,且门禁卡POS机的ID为门禁卡应用E的使用要求指示的指定ID,此时卡片管理单元将第一业务指令发送给门禁卡应用E,门禁卡应用E执行此次交易。
场景二、
终端在亮屏状态下与银行卡POS机接触,银行卡POS机向终端发送SELECT PPSE指令。卡片管理单元接收到SELECT PPSE指令后,确定与该银行卡POS机类型匹配的NFC应用为银行卡应用A和银行卡应用B,且结合当前日期,银行卡应用A的还款日晚于银行卡应用B的还款日,卡片管理单元确定此次交易使用银行卡应用A。由于银行卡应用A的使用要求指示终端在进行身份验证后才可访问,因此卡片管理单元需在终端进行身份验证后再将第一业务指令发送给银行卡应用A,银行卡应用A执行此次交易。
场景三、
终端在亮屏状态下打开钱包应用,并与公交卡POS机接触,公交卡POS机向终端发送第一业务指令。卡片管理单元接收到第一业务指令后,确定与该公交卡POS机对应的NFC应用为公交卡应用C和公交卡应用D。卡片管理单元确认公交卡应用C的余额为45元,公交卡应用D的余额为67元。由于用户设置在进行公交刷卡交易时优先使用余额较多的公交卡应用,因此,卡片管理单元确定此次交易使用公交卡应用D。卡片管理单元将第一业务指令发送给公交卡应用D。
此外,由于all user可直接访问公交卡应用C,而只有user1才可访问公交卡应用D。因此,若终端中的登录用户为user2,那么尽管公交卡应用D的余额大于公交卡应用C的余额,卡片管理单元此时也会选择公交卡应用C执行本次交易。
场景四、
除了上述场景之外,POS还可向终端发送多个NFC应用(例如银行卡应用)的优惠信息以及交易金额信息,或者POS通过第二业务指令获取到终端中安装的多个NFC应用并对每个NFC应用的优惠力度进行排序,或者,卡片管理单元通过互联网或其他方式获取银行卡优惠信息,结合POS发送的商户信息,基于优惠力度对银行卡应用进行优先级排序。那么卡片管理单元在向POS返回与POS类型匹配的NFC应用时,可参照每个NFC应用
的优惠力度,倾向优惠力度较大的NFC应用。
以上四种场景仅为一种具体示例,实际实现时存在多种应用场景,卡片管理单元可以根据第一业务指令和/或每个NFC应用的使用要求选择与POS对应的NFC应用来执行第一交易。
S505中,第一NFC应用接收第一业务指令,其中,第一NFC应用接收到的第一业务指令可以是卡片管理单元发送的,也可以是NFC控制器发送的。即,在第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易之前,卡片管理单元将第一业务指令发送给第一NFC应用;或者,卡片管理单元指示NFC控制器将第一业务指令发送给第一NFC应用。第一NFC应用接收第一业务指令后,对POS发送的第一业务指令进行响应,从而执行第一交易。
也就是说,第一NFC应用接收到的第一业务指令可以是卡片管理单元发送的,也可以是卡片管理单元指示NFC控制器发送的。在不同的实现场景下,可以采用这两种实现方式中的任一种,本申请实施例对此不做具体限定。图5中仅示出了第一业务指令由卡片管理单元发送给第一NFC应用这一种实现方式。
当由卡片管理单元向第一NFC应用发送第一业务指令时,卡片管理单元与第一NFC应用的交互过程可以有多种实现方式。比如,卡片管理单元将业务指令发送(如通过向SE传输数据的HCI协议)至保存有第一NFC应用的NFCEE,然后由NFCEE负责将业务指令分发至第一NFC应用,并将第一NFC应用发送的响应消息返回给卡片管理单元;再比如,保存有第一NFC应用的NFCEE设置有指定接口,卡片管理单元可通过指定接口(如TEE中用于访问TA的Client API)直接与第一NFC应用进行交互。
同样需要说明的是,在本申请实施例提供的终端交易方法中,将第一业务指令发送至第一NFC应用后,第一NFC应用执行第一交易的过程与现有技术相同,因此本申请实施例中对第一交易的具体执行过程不再赘述。
此外,在采用本申请实施例提供的终端交易方法选择第一NFC应用以及后续执行第一交易的过程中,终端与POS的交互均通过NFC控制器执行。也就是说,第一NFC应用、卡片管理单元或者终端中的其他模块、单元不会直接将响应消息发送给POS,而是将响应消息发送给NFC控制器,然后由NFC控制器发送给POS;POS也不会直接将业务指令发送给第一NFC应用、卡片管理单元或者终端中的其他模块、单元,而是将业务指令发送给NFC控制器,再由NFC控制器发送给第一NFC应用、卡片管理单元或者终端中的其他模块、单元。
此外,在某些交易场景下(例如银行卡支付交易),在终端中的NFC控制器接收POS发送的第一业务指令之前,还包括:NFC控制器接收POS发送的第二业务指令;NFC控制器将第二业务指令发送给卡片管理单元。
其中,第二业务指令可以是前述SELECT PPSE指令。当存在多个与POS类型匹配的NFC应用时,POS可以根据第二业务指令响应中携带的信息进行第一NFC应用的选择。
卡片管理单元在接收到第二业务指令后,卡片管理单元可以根据第二业务指令与第二对照关系,确定多个NFC应用中与第二业务指令类型匹配的至少一个NFC应用。其中,第二对照关系用于指示第二业务指令与多个NFC应用的匹配关系。终端中的每个NFC应用可以向卡片管理单元指示与自身类型匹配的第二业务指令的类型,卡片管理单元即可根
据与每个NFC应用类型匹配的第二业务指令生成第二对照关系。
在确定与第二业务指令类型匹配的至少一个NFC应用之后,当与第二业务指令类型匹配的至少一个NFC应用的数量为多个时,卡片管理单元可以根据用户使用策略确定所述至少一个NFC应用的优先级,并根据至少一个NFC应用的优先级对第二业务指令进行响应。对于如何响应第二业务指令,有两种处理方式:
一、卡片管理单元向POS发送第二业务指令的第二响应消息,该第二响应消息用于指示多个NFC应用中与POS类型匹配的至少一个NFC应用,使得POS根据第二响应消息生成第一业务指令。
二、卡片管理单元将第二业务指令发送给至少一个NFC应用中的指定NFC应用所在的NFCEE进行处理,并接收对第二业务指令的第二响应消息,将第二响应消息发送给POS,使得POS根据第二响应消息生成第一业务指令。第二响应消息用于指示保存在NFCEE中的、与POS类型匹配的M个NFC应用,M≥1,M个NFC应用中包含指定NFC应用。
其中,指定NFC应用可以是至少一个NFC应用中优先级最高的NFC应用。
下面,对第一种处理方式和第二种处理方式分别进行详细介绍。
第一种处理方式:
具体地,在第一种处理方式中,第二响应消息由卡片管理单元根据第二对照关系构造并发送:卡片管理单元在接收到第二业务指令后,根据第二对照关系确定与该POS类型匹配的至少一个NFC应用。若至少一个NFC应用的数量为多个,卡片管理单元还可根据该至少一个NFC应用的用户使用策略对该至少一个NFC应用的优先级进行排序。然后,卡片管理单元向POS发送第二响应消息,以指示与POS类型匹配的至少一个NFC应用以及该至少一个NFC应用的优先级排序。
第二种处理方式:
具体地,在第二种处理方式中,卡片管理单元在接收到第二业务指令后,首先根据第二对照关系确定与该POS类型匹配的至少一个NFC应用,然后根据该至少一个NFC应用的用户使用策略对该至少一个NFC应用的优先级进行排序,并将第二业务指令发送至至少一个NFC应用中优先级最高的NFC应用(即指定NFC应用)所在的NFCEE,然后由该NFCEE中的相关应用(如PPSE应用)对该第二业务指令进行响应。具体地,第二响应消息用于指示保存在该NFCEE中的、与POS类型匹配的M个NFC应用,M≥1。不难理解,M个NFC应用中至少包含指定NFC应用。
此外,若M个NFC应用的数量为多个,(即除了指定NFC应用外,指定NFC应用所在的NFCEE中还保存有其他与POS类型匹配的NFC应用),第二响应消息中还可包含M个NFC应用的优先级排序信息。
需要说明的是,在第二种处理方式中,第二响应消息指示的M个NFC应用为指定NFC应用所在的NFCEE中保存的、与POS类型匹配的NFC应用;而在第一种处理方式中,第二响应消息指示的至少一个NFC应用为终端中的所有NFCEE中保存的、与POS类型匹配的NFC应用。也就是说,M个NFC应用的数量小于等于至少一个NFC应用的数量。例如,REE中保存的与POS类型匹配的NFC应用为应用1和应用2,TEE中保存的与POS类型匹配的NFC应用为应用3,SE中保存的与POS类型匹配的NFC应用为应用4、应用5和应用6。其中,应用5为六个与POS类型匹配的NFC应用中优先级最高的NFC应用(即指定NFC应用)。那么,若采用第一种处理方式,第二响应消息用于指示应用1、应用2、
应用3、应用4、应用5和应用6这六个NFC应用及其优先级排序信息;若采用第二种处理方式,第二响应消息用于指示应用4、应用5和应用6这三个NFC应用及其优先级排序信息。
无论采用上述两种处理方式中的哪种处理方式,POS均可根据接收到的第二响应消息获知与自身类型匹配的NFC应用。然后,POS结合自身能力从第二响应消息中指示的NFC应用中选择用于执行第一交易的NFC应用,并通过执行S502向终端发送第一业务指令以指示POS选择的NFC应用。通常,POS会结合自身能力选择双方(POS和终端)共同支持的NFC应用中优先级最高的NFC应用。
终端中的卡片管理单元在接收到第一业务指令后,根据第一业务指令中指示的NFC应用的不同,卡片管理单元的处理操作会有如下两种情况:
第一种情况:
在第一种情况中,第一业务指令中指示的NFC应用为第二响应消息中指示的、与POS类型匹配的NFC应用中优先级最高的NFC应用。卡片管理单元在接收到第一业务指令后,即可根据第一业务指令,确定该最高优先级的NFC应用为执行第一交易的第一NFC应用,并在该第一NFC应用的使用条件满足的情况下将第一业务指令发送至第一NFC应用(所在的NFCEE)。
举例来说,在银行卡刷卡场景下,终端向POS发送的第二响应消息指示与银行POS机类型匹配的NFC应用为银行卡应用A、银行卡应用B、银行卡应用C,且卡片管理单元根据用户使用策略确定的优先级排序是银行卡应用A>银行卡应用B>银行卡应用C。当POS接收到第二响应消息后,POS结合自身能力选择银行卡应用A用于执行第一交易,则POS通过第一业务指令向终端指示选择银行卡应用A执行第一交易。卡片管理单元在接收到第一业务指令后,确定银行卡应用A为用于执行第一交易的第一NFC应用,并将第一业务指令发送至银行卡应用A(所在的NFCEE)。
第二种情况:
在第二种情况中,第一业务指令中指示的NFC应用为第二响应消息中指示的、与POS类型匹配的NFC应用中次优先级的NFC应用。卡片管理单元在接收到第一业务指令后,判断出第一业务指令指示的NFC应用不是最高优先级的NFC应用,此时卡片管理单元需要根据策略执行条件判断用户是否允许使用次优先级的NFC应用执行第一交易。若用户设置的策略执行条件允许使用次优先级的NFC应用执行第一交易,则卡片管理单元将第一业务指令中指示的次优先级的NFC应用作为执行第一交易的第一NFC应用,并在该第一NFC应用的使用条件满足的情况下将第一业务指令发送至该第一NFC应用(所在的NFCEE);若用户设置的策略执行条件不允许使用次优先级的NFC应用执行第一交易,则第一交易终止/失败,或者终端再次提醒用户进行策略执行条件的设置(即提醒用户再次确认是否允许使用次优先级的NFC应用执行第一交易)。
举例来说,在银行卡刷卡场景下,终端向POS发送的第二响应消息指示与银行POS机类型匹配的NFC应用为银行卡应用A、银行卡应用B、银行卡应用C,且卡片管理单元根据用户使用策略确定的优先级排序是银行卡应用A>银行卡应用B>银行卡应用C。当POS接收到第二响应消息后,POS结合自身能力选择银行卡应用B用于执行第一交易,则POS通过第一业务指令向终端指示选择银行卡应用B执行第一交易。卡片管理单元在接收到第一业务指令后,判断出第一业务指令指示的银行卡应用B不是最高优先级的NFC应
用(银行卡应用A),此时若用户设置的策略执行条件允许使用次优先级的NFC应用执行第一交易,则卡片管理单元将银行卡应用B作为执行第一交易的第一NFC应用,并将第一业务指令发送至银行卡应用B(所在的NFCEE),若用户设置的策略执行条件不允许使用次优先级的NFC应用执行第一交易,则第一交易终止/失败,或者终端再次提醒用户进行策略执行条件的设置(即提醒用户再次确认是否允许使用次优先级的NFC应用执行第一交易)。
上述通过第二业务指令的第二响应消息的方式主要针对有多个NFC应用与POS类型匹配的场景。POS在向终端发起第一交易时,POS首先向终端发送第二业务指令,终端在接收到第二业务指令后,向POS发送第二业务指令的第二响应消息,包含与POS类型匹配的NFC应用信息以及优先级排序信息。然后,POS可根据第二响应消息结合自身能力选择用于执行第一交易的NFC应用,并通过第一业务指令向终端指示POS选择的NFC应用。终端在接收到第一业务指令后根据第一业务指令指示的NFC应用是否为最高优先级的NFC应用,并结合策略执行条件最终确定用于执行第一交易的第一NFC应用,并将第一业务指令发送至第一NFC应用(所在的NFCEE)。
以上对本申请实施例的介绍是以第一NFC应用的使用要求已满足这一条件为前提的,那么S505中,如果第一NFC应用的使用要求未满足,终端可执行一些操作使得第一NFC应用的使用要求得到满足:如果第一NFC应用的使用要求未满足,则终端执行第一NFC应用的预处理流程,该预处理流程用于使得第一NFC应用的使用要求得到满足;然后,第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易。
其中,预处理流程可以由卡片管理单元执行,也可以由卡片管理单元通知第一NFC应用对应的钱包应用执行。
同样地,第一NFC应用接收的第一业务指令可以是卡片管理单元发送的,也可以是卡片管理单元指示NFC控制器发送的。即,在第一NFC应用接收第一业务指令并根据第一业务指令执行第一交易之前,卡片管理单元可将第一业务指令发送给第一NFC应用或者卡片管理单元可指示NFC控制器将第一业务指令发送给第一NFC应用。然后第一NFC应用接收第一业务指令,并对POS发送的第一业务指令进行响应,从而执行第一交易。
可选地,在第一NFC应用接收所述第一业务指令之前,卡片管理单元可触发POS重新发送第一业务指令;NFC控制器接收POS重新发送的第一业务指令;NFC控制器将POS重新发送的第一业务指令发送给第一NFC应用;或者,NFC控制器将POS重新发送的第一业务指令发送给卡片管理单元;第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易,具体可通过如下方式实现:第一NFC应用接收NFC控制器发送的第一业务指令,并对POS发送的第一业务指令进行响应,从而执行第一交易;或者,第一NFC应用接收卡片管理单元发送的第一业务指令,并对POS发送的第一业务指令进行响应,从而执行第一交易。
采用上述方案,卡片管理单元可在第一NFC应用接收第一业务指令之前触发POS重新发送第一业务指令。然后,第一NFC应用可以从卡片管理单元或NFC控制器接收POS重新发送的第一业务指令。
如前面的示例所述,第一NFC应用的使用要求可以指示终端在执行用户身份验证(如CDCVM)后第一NFC应用才可完成交易流程。那么,终端在第一NFC应用的使用要求未满足的情况下执行第一NFC应用的预处理流程,具体实现方式可以是:如果卡片管理单
元判断第一NFC应用的使用要求指示终端需执行CDCVM,且终端未执行CDCVM,则终端触发POS执行Try Again流程,并触发执行CDCVM。需要说明的是,终端在执行CDCVM(或POS执行Try Again流程)时,POS可能会提示用户进行再次贴卡或进行身份验证后贴卡,用户是按照终端提示进行操作即可。
采用上述实现方式,不仅可以完成第一NFC应用的预处理流程,使得第一NFC应用的使用要求得到满足,还可以通过现有的Try Again流程的处理机制避免前述交易时延问题,提升了用户体验。
POS执行Try Again流程时,POS重新返回执行交易预处理后等待读卡的状态,终端执行CDCVM。等终端完成CDCVM、第一NFC应用记录CDCVM已执行的结果后,用户将终端靠近POS,POS与终端建立了NFC射频连接后重新发送第一业务指令,进行NFC应用的选择。终端中的卡片管理单元通过对照第一业务指令和第一对照关系,仍会选择第一NFC应用执行第一交易,此时由于终端已执行CDCVM,卡片管理单元可以直接将第一业务指令发送给第一NFC应用,然后由第一NFC应用执行第一交易。
由于POS执行Try Again流程后,终端与等待读卡的POS建立NFC射频连接后POS会重新发送第一业务指令,因而在通过上述方案,可以避免现有技术中出现的交易超时问题,提升了用户体验;而且,由于上述方案利用现有的Try Again流程的处理机制中的POS重新回到等待读卡状态为终端提供执行CDCVM的契机,因而不必对POS进行改动(即可以利用不支持CDCVM的POS实现终端执行CDCVM),可以适用于现有的、不支持CDCVM的POS。此外,对于终端的用户来说,无需手动对银行卡进行选择,仅需第一次靠近POS后按照提示配合终端进行CDCVM即可,因而对于终端的用户来说,采用上述方案也会使用户操作变得简单。
现有技术中,如果卡应用在初始交易处理过程的响应中附带状态字“6986”,支持CDCVM的POS解析到该状态字后会执行Try Again流程。本申请实施例中,让POS执行Try Again流程的操作可以由终端触发,具体方式可以是:卡片管理单元将第一业务指令发送给第一NFC应用;第一NFC应用将第一业务指令的第一响应消息发送给POS;第一NFC应用接收POS发送的第三业务指令,第三业务指令用于进行初始交易处理;卡片管理单元获取第一NFC应用对第三业务指令的第三响应消息;卡片管理单元判断第三响应消息中是否包含指定状态字,指定状态字用于卡片管理单元判断POS是否支持CDCVM;若包含,则卡片管理单元指示NFC控制器将第三响应消息发送给POS,以触发POS执行Try Again流程;若不包含,则卡片管理单元截留第三响应消息或卡片管理单元指示NFC控制器截留第三响应消息,以触发POS执行(现有技术中为解决卡片意外掉落等问题而设计的)Try Again流程。
示例性地,第三业务指令可以是GPO指令,第三响应消息可以是GPO RESPONSE消息。当然,本申请实施例中的第三业务指令和第三响应消息的类型不限于此示例中的类型,其他可用于进行初始交易处理的指令也可视为第三业务指令,其他可用于进行初始交易处理响应的消息也可视为第三响应消息。
其中,指定状态字可以是现有技术中用于触发POS执行Try Again流程的状态字“6986”。与现有技术不同的是,指定状态字在本申请实施例中的作用与状态字“6986”在现有技术中的作用不同。
现有技术中,状态字“6986”用于指示NFC应用要求执行CDCVM后才可完成交易流
程,但终端还未执行CDCVM。
本申请实施例中,卡片管理单元在将第一业务指令发送给第一NFC应用前已判断出第一NFC应用的使用要求指示终端需执行CDCVM,且终端未执行CDCVM。由于POS向终端发送的第三业务指令会指示自身的性能信息以及本次交易的条件,第一NFC应用可根据第三业务指令判断POS是否支持CDCVM这一验证方式。如果POS支持CDCVM,第一NFC应用在第三响应消息中携带指定状态字(例如,状态字“6986”),如果POS不支持CDCVM,第一NFC应用在第三响应消息中携带其他状态字(例如,指示响应成功的状态字“9000”)。那么,在本申请实施例中,卡片管理单元在判断第三响应消息中是否包含指定状态字后,可以确定POS是否支持CDCVM,并在POS支持和不支持CDCVM的情况下采用不同的方式触发POS执行Try Again流程。
当判断出POS支持CDCVM时(状态字“6986”),卡片管理单元指示NFC控制器将第三响应消息发送给POS,以触发POS执行Try Again流程。这种触发POS执行Try Again流程的方式与现有技术类似,POS解析到第三响应消息携带的指定状态字后,确定终端未执行CDCVM,则会触发POS执行Try Again流程,返回执行交易预处理后等待读卡的状态,等待终端完成CDCVM。
当判断出POS不支持CDCVM(其他状态字,如“9000”)时,卡片管理单元截留第三响应消息或卡片管理单元指示NFC控制器截留第三响应消息,以触发POS执行Try Again流程。采用这种方式,由于POS不支持CDCVM,卡片(第一NFC应用)的身份验证要求虽然强制要求进行身份验证后才能完成交易,但卡片不会选择CDCVM作为本次交易的持卡人验证方式,因此也就不会出现CDCVM场景下特有的状态字“6986”,而是会在响应中确定本次使用联机PIN或签名的方式进行CVM。此时卡片管理单元将第三响应消息截留,POS在设定时长内未收到第三响应消息的情况下确定第三业务指令未得到响应,则会执行Try Again流程。需要说明的是,POS执行Try Again流程后,POS会重新提示终端执行CDCVM。终端在执行CDCVM时,可以由卡片管理单元执行,或者由卡片管理单元唤起管理第一NFC应用的钱包应用执行,或者由卡片管理单元指示NFC控制器执行。
需要说明的是,终端在执行CDCVM(或POS执行Try Again流程)时,POS可能会提示用户进行再次贴卡或进行身份验证后贴卡,用户是按照终端提示进行操作即可。此外,卡片管理单元触发POS执行Try Again流程前可以对POS本次发起的第一交易进行标记,这样做的好处是:一、卡片管理单元在接收到第一NFC应用发送的第二响应消息后,可以根据该标记确定需要触发发起第一交易的POS执行Try Again流程;二、若第一交易因要执行CDCVM的原因导致交易失败,可以在该POS重新发起交易时,检测到上一次被标记的交易/状态存在,终端接收到SELECT PPSE指令,判断出是银行卡刷卡场景后,直接选择与该标记对应的第一NFC应用执行此次交易并将POS发送的业务指令路由至第一NFC应用,而不必再次执行选择与该POS对应的NFC应用这一操作。
本申请实施例中,卡片管理单元负责管理终端中安装的多个NFC应用,并保存有多个NFC应用的信息,例如多个NFC应用分别对应的使用要求、用于指示多个NFC应用与多个业务指令之间的一一对应关系的第一对照关系。NFC控制器在接收到POS发送的业务指令后,可将业务指令路由至卡片管理单元,并由卡片管理单元对此次交易进行NFC应用的选择和控制。那么,在终端选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易之前,卡片管理单元可以向NFC控制器发送第一消息,该第一
消息用于指示NFC控制器将接收到的业务指令发送至卡片管理单元。这样的话NFC控制器接收到的、POS发送的所有业务指令都直接路由到卡片管理单元,便于卡片管理单元进行NFC应用的选择和控制。
当NFC控制器接收到第一消息后,可对路由表中的路由信息进行设置,从而将POS发送的业务指令路由到卡片管理单元。
此外,NFC控制器的路由信息在特殊情形下还可以有不同的设置。比如,在终端关机前设置路由信息均指向公交卡应用,并设置该公交卡应用为激活状态,那么在这种设置下,终端关机后仍可实现公交刷卡交易。再比如,在卡片管理单元接收到第一业务指令并选择第一NFC应用后,可设置路由信息指向保存第一NFC应用的NFCEE,在第一交易完成后,可设置路由信息指向卡片管理单元,从而使得终端再次执行交易时POS仍将第一业务指令发送至卡片管理单元进行NFC应用的选择。
以上对本申请实施例的介绍主要针对快速刷卡交易。如前所述,POS与终端的交易方式有两种:主动选卡交易和快速刷卡交易。那么,针对主动选卡交易方式,如果在S401中终端与POS接触之前,终端接收用户选择第二NFC应用的指令,那么S402中终端选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易的一种具体实现方式可以是:如果第二NFC应用与POS类型不匹配,则终端选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易。
其中,第二NFC应用为用户在终端与POS接触之前,为即将发起的第一交易手动选择的NFC应用。也就是说,用户在终端发起第一交易之前,手动选择第二NFC应用执行即将发起的第一交易。那么,在终端判断第二NFC应用与POS类型不匹配的情况下,终端可以自主选择一个与POS类型匹配的第一NFC应用执行第一交易,从而在用户手动选择的第二NFC应用与POS类型不匹配的情况下,避免用户手动切换NFC应用、POS端重新发起交易等操作所带来的用户体验较差的问题。
示例性地,在终端发起公交刷卡交易这种第一交易之前,用户手动选择了银行卡应用来执行第一交易。终端在发起第一交易后,判断银行卡应用与公交POS机类型不匹配,此时终端可以选择与公交POS机类型匹配的公交卡应用来执行第一交易。
此外,针对主动选卡交易方式,如果在S401中终端与POS建立NFC射频连接之前,终端接收用户选择第三NFC应用的指令,那么在终端与销售终端POS建立NFC射频连接之后,在用户选择的第三NFC应用与POS类型匹配的情况下,终端可以选择第三NFC应用并在第三NFC应用的使用条件已满足时执行第一交易。
采用这种方式,可以满足用户的不同场景下的使用需求,优先使用用户手动选择的第三NFC应用来执行POS此次发起的第一交易。
同样需要说明的是,在用户选择的第三NFC应用与POS类型匹配的情况下,终端中的卡片管理单元仍需对第三NFC应用的使用条件进行判断,若第三NFC应用的使用条件满足,则第三NFC应用接收第一业务指令并在第一NFC应用的使用条件已满足时执行第一交易;若第三NFC应用的使用条件未满足,则还需执行预处理流程使得第三NFC应用的使用条件得到满足后,才将第一业务指令发送给第三NFC应用。这些执行步骤和实现方式与前面描述的由第一NFC应用执行第一交易时的执行步骤和实现方式相同,此处不再赘述。
结合以上对本申请实施例的描述,本申请实施例中的卡片管理单元为可视为终端的操
作系统中的一个模块,其中可以保存有第一对照关系、第一业务指令以及终端中的多个NFC应用分别对应的使用要求。卡片管理单元可以实现如下操作:为POS发起的交易选择与该POS对应的NFC应用,实现对该NFC应用的跨存储位置(SE/TEE/REE)的激活以及业务指令的路由;进行各NFC应用的使用要求的检查与预处理;为了解决同类型NFC应用的选择冲突进行各NFC应用的用户使用策略及策略执行条件的个性化配置;在用户手动选择的NFC应用与POS类型不匹配时进行冲突处理并为此次交易自动选择类型匹配的NFC应用。可以理解的是,由于卡片管理单元在NFC应用选择过程中起到重要作用,因此当卡片管理单元实现在TEE中时,交易的安全性更高。
采用本申请实施例提供的NFC终端交易方法,由于执行POS发起的第一交易的NFC应用为终端支持的、与该POS对应且使用条件已满足的第一NFC应用。因此,使用第一NFC应用执行第一交易可以使得第一交易执行完成,避免现有技术中由于选择的NFC应用与POS类型不匹配而导致的用户体验较差的问题。此外,采用本申请实施例提供的终端交易方法还可以避免由于NFC应用的使用条件未满足而导致的POS从交易预处理开始重新发起交易的情形,提升了用户体验。
本申请实施例在终端中引入了卡片管理单元这一模块,可用于对终端中安装的(保存在不同NFCEE中、由不同的钱包应用管理的)所有NFC应用进行管理,从而在终端进行NFC应用选择时出现冲突(即存在多个NFC应用与POS类型匹配)的情况下提供了一系列解决方案。与现有技术相比,终端的用户体验得到了提升。
第一,在终端层面,终端中存在多个钱包应用。现有技术的方案中仅能选择默认钱包应用。那么,当POS发起门禁开门交易时,若门禁卡应用由钱包A管理,默认NFC应用由钱包B管理,用户需要手动切换钱包应用。本申请实施例中,卡片管理单元保存有第一对照关系以及多个NFC应用的使用要求,其中多个NFC应用可以由不同的钱包应用管理,也可以保存在不同的NFCEE中。因此,卡片管理单元对管理第一NFC应用的钱包应用没有限制,也就不会存在现有技术中存在的手动切换钱包应用的问题。
第二,在钱包应用层面,不同的NFC应用有不同的使用要求。若使用默认NFC应用执行交易,难以同时保证该默认NFC应用的使用要求已满足且该默认NFC应用与POS类型匹配。本申请实施例中,卡片管理单元选择的第一NFC应用是与POS类型匹配的NFC应用,且由于卡片管理单元中保存有第一NFC应用的使用要求,因而卡片管理单元可以根据第一NFC应用的使用要求进行判断,从而确定第一NFC应用的使用要求已满足,或者终端执行预处理流程使得第一NFC应用的使用要求得到满足,保证第一交易能够执行。
第三,在与POS类型匹配的NFC应用的数量为多个时(例如银行卡刷卡场景下),现有技术方案会选择默认NFC应用执行交易,而本申请实施例中可以根据与POS类型匹配的多个NFC应用的用户使用策略,灵活地选择用于执行交易的NFC应用,例如选择优惠力度最大的银行卡应用或者选择还款日较远的信用卡应用。
基于以上实施例,本申请实施例还提供一种终端交易方法,该方法可视为图4或图5所示方法的一个具体示例。参见图6,该方法包括如下步骤:
1、NFC Adaptor向NFCC发送路由信息。
其中,NFC Adaptor可视为卡片管理单元的一个具体示例。路由信息可视为第一消息的一个具体示例。NFCC在接收到第一消息后可获知:若接收到POS发送的业务指令,则将业务指令发送至NFC Adaptor。
2、NFC应用向NFC Adaptor发送注册信息。
其中,注册信息可以包含NFC应用的使用要求以及用于指示多个NFC应用与多个业务指令之间的一一对应关系的第一对照关系。注册信息还可以包含用于指示第二业务指令与多个NFC应用的对应关系的第二对照关系;
3、NFC Adaptor保存各NFC应用的注册信息;进行防冲突检测与设置;进行用户使用策略的配置。
其中,防冲突检测与设置即检测各NFC应用的使用条件是否冲突以及各NFC应用的使用优先级等信息。
4、NFC Adaptor向NFCC配置支持的所有RF参数。
通过执行步骤4,NFCC通过支持的所有RF参数可以获知终端支持的所有通信类型,从而在与POS建立射频通信后进行相应处理:对于终端支持的交易类型,将业务指令路由至NFC Adaptor;对于终端不支持的通信类型,则响应错误信息。
例如,NFC Adaptor在接收到终端中安装的所有NFC应用的注册消息后获知:终端中安装有银行卡应用和门禁卡应用,但未安装公交卡应用,然后NFC Adaptor将银行卡应用和门禁卡应用的RF参数发送至NFCC。那么,当用户手持终端接触公交POS机时,如果终端不支持公交POS的RF技术,则不会与公交POS机建立NFC射频连接。
5、POS和NFCC通过射频发现过程建立NFC射频连接。
6、POS向NFCC发送第一业务指令。
7、NFCC收到第一业务指令后根据路由信息的指示将第一业务指令发送至NFC Adaptor。
8、NFC Adaptor根据第一业务指令以及各NFC应用的注册信息确定与POS对应的NFC应用,并判断该NFC应用的使用条件是否满足:若使用条件已满足则执行步骤9;若使用条件未满足则执行预处理流程,然后执行步骤9。
9、NFC Adaptor向步骤8中确定的NFC应用发送第一业务指令。
可选地,步骤9中,也可由NFC Adaptor指示NFCC向步骤8中确定的NFC应用发送第一业务指令。
10、第一NFC应用在接收到第一业务指令后与POS进行NFC射频连接,从而执行此次交易。
在图6所示方法中,虚线框中的步骤1~步骤4为用户贴卡前执行的前置步骤,主要用于终端进行参数设置等操作;步骤5~步骤10为用户贴卡后的执行步骤,通过执行步骤6~步骤10可选择出与POS对应的NFC应用来执行此次交易。步骤10中通过NFC应用与POS进行NFC射频连接来执行交易的具体操作与现有技术相同,此处不再赘述。
需要说明的是,图6所示的终端交易方法可视为图4或图5所示方法的一个具体示例,图6所示的终端交易方法中未详尽描述的实现方式可参见图4或图5所示方法中的相关描述。
在图6所示方法的步骤8中,若使用条件未满足,卡片管理单元需执行预处理流程,然后再执行步骤9。在这种情况下,步骤7和步骤8的具体实现过程可以如图7所示:
1、NFC Adaptor接收到POS发送的第一业务指令。
图7的步骤1中,NFC Adaptor接收到POS发送的第一业务指令可视为图6中的步骤6和步骤7。
2、确定与POS对应的NFC应用要求执行CDCVM后,判断终端是否已执行CDCVM,若CDCVM已执行,则执行步骤3并执行现有技术的业务交互流程;若CDCVM未执行,则执行步骤4以及后续操作。
3、NFC Adaptor将第一业务指令发送给NFC应用。
4、NFC Adaptor对本次交易进行标记,以便后续对本次交易的响应消息进行解析。
5、NFC Adaptor向NFC应用发送第一业务指令。
6、NFC应用向NFC Adaptor发送第一业务消息的第一响应消息。
7、NFC Adaptor向POS发送第一响应消息。
8、NFC Adaptor接收POS发送的第三业务指令。
其中,第三业务指令可视为前述的GPO消息。
9、NFC Adaptor向NFC应用发送第三业务指令。
10、NFC应用向NFC Adaptor发送第三业务指令的第三响应消息。
11、NFC Adaptor在接收到第三响应消息后,对标记过的第三响应消息进行解析。
12、NFC Adaptor判断第三响应消息中是否携带状态字“6986”,若携带,则执行步骤13,若不携带,则执行步骤14。
13、NFC Adaptor将第三响应消息发送给POS。
14、NFC Adaptor截留第三响应消息。
在图7所示方法中,NFC Adaptor和POS的交互均通过NFCC进行,为了简化流程图,图7中用NFC Adaptor和POS之间以虚线示意的NFCC来简单表示NFC Adaptor和POS通过NFCC通信的过程。
需要说明的是,图7所示方法可视为图6所示方法中的步骤7和步骤8的一个具体示例,图7所示方法中未详尽描述的实现方式可参见图6所示方法中的相关描述,或者参见图4或图5所示方法中的相关描述。
本申请实施例提供的终端交易方法不仅适用于图6或图7所示的快速刷卡交易场景,还适用于主动选卡交易场景。在主动选卡交易场景下,本申请实施例提供的终端交易方法的一个具体示例可如图8所示:
1、NFC Adaptor接收到POS发送的第一业务指令。
图8的步骤1中,NFC Adaptor接收到POS发送的第一业务指令可视为图6中的步骤6和步骤7。
2、判断用户是否手动选择了一个NFC应用,若是,则执行步骤3,若否,则此场景属于图6所示的快速刷卡交易场景。
3、判断用户选择的NFC应用与POS类型是否匹配,若匹配,则执行步骤4,若不匹配则执行步骤5。
4、确定使用用户选择的NFC应用执行此次交易,然后执行步骤6。
5、确定使用根据第一业务指令确定的与POS类型匹配的NFC应用执行交易。
6、检测NFC应用的使条件是否满足;若满足则执行步骤7,若不满足则在执行预处理流程后执行步骤7。
其中,预处理流程的具体步骤可参见图7所示方法,此处不再赘述。
7、NFC Adaptor向执行此次交易的NFC应用发送第一业务指令。
在图8所示方法中,NFC Adaptor和POS的交互均通过NFCC进行,为了简化流程图,
图8中未示出NFC Adaptor和POS通过NFCC进行交互的过程。
需要说明的是,在图4或图5所示的终端交易方法的相关描述中已介绍过主动选卡交易场景下的具体实现方案。图8所示方法可视为图4或图5所示方法的一个具体示例,图8所示方法中未详尽描述的实现方式可参见图4或图5所示方法中的相关描述。
采用本申请实施例提供的终端交易方法,由于执行POS发起的第一交易的NFC应用为终端选择的、与该POS对应且使用条件已满足的第一NFC应用。因此,使用第一NFC应用执行第一交易可以使得第一交易执行完成,避免现有技术中由于选择的NFC应用与POS类型不匹配而导致的用户体验较差的问题。此外,采用本申请实施例提供的终端交易方法还可以在NFC应用的身份验证要求未满足的情况下通过触发POS执行预处理流程,在不对POS进行改动的情况下使得NFC应用的身份验证要求得到满足,提升了用户体验。
基于同一发明构思,本申请实施例提供一种终端,该终端可以实现图4对应的实施例提供的方法。参阅图9所示,该终端900包括:射频连接模块901和执行模块902。其中,
射频连接模块901,用于与POS建立NFC射频连接,启动第一交易。
执行模块902,用于选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易。
其中,第一NFC应用可以为SE中安装的NFC应用,或者第一NFC应用可以为TEE中安装的NFC应用,或者第一NFC应用可以为REE中安装的NFC应用。
在用户主动选卡交易的情形下,在一种可能的实现方式中,终端900还包括第一收发模块,第一收发模块用于在射频连接模块901启动第一交易之前,接收用户选择第二NFC应用的指令;执行模块902在选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易时,具体用于:如果第二NFC应用与POS类型不匹配,则选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易。
在一种可能的实现方式中,执行模块902包括NFC控制器、卡片管理单元和第一NFC应用。执行模块902在选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易时,具体用于:NFC控制器接收POS发送的第一业务指令。NFC控制器将第一业务指令发送给终端中的卡片管理单元,卡片管理单元保存有第一对照关系和终端中的多个NFC应用分别对应的使用要求,第一对照关系用于指示多个NFC应用与多个业务指令之间的一一对应关系,第一NFC应用为多个NFC应用中的一个。卡片管理单元根据第一业务指令和第一对照关系,选择多个NFC应用中与POS对应的第一NFC应用。如果第一NFC应用的使用要求已满足,第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易。
其中,多个NFC应用分别对应的使用要求包含以下信息中的一种或多种:多个NFC应用分别对应的身份验证要求;多个NFC应用分别对应的访问控制策略;多个NFC应用分别对应的用户使用策略及策略执行条件。
在一种可能的实现方式中,NFC控制器还用于:在接收POS发送的第一业务指令之前,接收POS发送的第二业务指令。将第二业务指令发送给卡片管理单元。
卡片管理单元还用于:
根据第二业务指令与第二对照关系,确定多个NFC应用中与第二业务指令类型匹配的至少一个NFC应用,第二对照关系用于指示第二业务指令与多个NFC应用的匹配关系。
向POS发送第二业务指令的第二响应消息,第二响应消息用于指示多个NFC应用中与POS类型匹配的至少一个NFC应用,使得POS根据第二响应消息生成第一业务指令;或者,将第二业务指令发送给至少一个NFC应用中的指定NFC应用所在的NFCEE,并接收对第二业务指令的第二响应消息,将第二响应消息发送给POS,使得POS根据第二响应消息生成第一业务指令,第二响应消息用于指示保存在NFCEE中的、与POS类型匹配的M个NFC应用,M≥1,M个NFC应用中包含指定NFC应用。
在一种可能的实现方式中,卡片管理单元还用于:在第一NFC应用接收第一业务指令,并根据第一业务指令执行第一交易之前,将第一业务指令发送给第一NFC应用或者指示NFC控制器将第一业务指令发送给第一NFC应用。
为了在第一NFC应用的使用条件未满足的情况下,实现执行第一交易,在一种可能的实现方式中,执行模块902还用于:在第一NFC应用的使用要求未满足时,执行第一NFC应用的预处理流程,预处理流程用于使得第一NFC应用的使用要求得到满足。第一NFC应用还用于:接收第一业务指令,并根据第一业务指令执行第一交易。
在一种可能的实现方式中,卡片管理单元还用于:在第一NFC应用在接收第一业务指令,并根据第一业务指令执行第一交易之前,将第一业务指令发送给第一NFC应用或者指示NFC控制器将第一业务指令发送给第一NFC应用。
在一种可能的实现方式中,卡片管理单元还用于:在第一NFC应用接收第一业务指令之前,触发POS重新发送第一业务指令。
NFC控制器还用于:接收POS重新发送的第一业务指令。将POS重新发送的第一业务指令发送给第一NFC应用;或者,将POS重新发送的第一业务指令发送给卡片管理单元。
第一NFC应用在接收第一业务指令,并根据第一业务指令执行第一交易时,具体用于:接收NFC控制器发送的第一业务指令,并对POS发送的第一业务指令进行响应,从而执行第一交易;或者,接收卡片管理单元发送的第一业务指令,并对POS发送的第一业务指令进行响应,从而执行第一交易。
在一种可能的实现方式中,执行模块902在执行第一NFC应用的预处理流程时,具体用于:如果卡片管理单元判断第一NFC应用的使用要求指示终端需执行CDCVM,且终端未执行CDCVM,则执行模块902触发POS执行Try Again流程,并触发终端执行CDCVM。
在一种可能的实现方式中,执行模块902在触发POS执行Try Again流程时,具体用于:卡片管理单元将第一业务指令发送给第一NFC应用。第一NFC应用将第一业务指令的第一响应消息发送给POS。第一NFC应用接收POS发送的第三业务指令,第三业务指令用于进行初始交易处理。卡片管理单元获取第一NFC应用对第三业务指令的第三响应消息。卡片管理单元判断第三响应消息中是否包含指定状态字,指定状态字用于卡片管理单元判断POS是否支持CDCVM。若包含,则卡片管理单元指示NFC控制器将第三响应消息发送给POS,以触发POS执行Try Again流程;若不包含,则卡片管理单元截留第三响应消息或卡片管理单元指示NFC控制器截留第三响应消息,以触发POS执行Try Again流程。
在一种可能的实现方式中,NFC控制器还用于:在执行模块902选择与POS对应的第一NFC应用并在第一NFC应用的使用条件已满足时执行第一交易之前,接收卡片管理单元发送的第一消息,第一消息用于指示NFC控制器将接收到的业务指令发送至卡片管理
单元。
本申请实施例提供的终端900也可以实现主动选卡交易。在一种可能的实现方式中,终端900还包括:第二收发模块,用于在射频连接模块901与POS建立NFC射频连接之前,接收用户选择第三NFC应用的指令。执行模块902还用于:在射频连接模块901与POS建立NFC射频连接之后,如果第三NFC应用与POS类型匹配,选择第三NFC应用并在第三NFC应用的使用条件已满足时执行第一交易。
其中,第二收发模块可以是和第一收发模块相同的模块,也可以是不同的第一收发模块的模块。
需要说明的是,本申请实施例中对模块的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。在本申请的实施例中的各功能模块可以集成在一个处理模块中,也可以是各个模块单独物理存在,也可以两个或两个以上模块集成在一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。
所述集成的模块如果以软件功能模块的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)或处理器(processor)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、ROM、RAM、磁碟或者光盘等各种可以存储程序代码的介质。
同样需要说明的是,终端900可以实现图4对应的实施例提供的方法。终端900中未详细描述的实现方式可以参照图4对应的实施例提供的方法中的相关描述。
基于同一发明构思,本申请实施例还提供了一种终端,该终端采用图4对应的实施例提供的方法,可以是与图9所示的终端900相同的设备。参阅图10所示,终端1000包括:收发机1001、处理器1002和存储器1003。其中,收发机1001、处理器1002和存储器1003通过总线连接,以便实现数据交换。
其中,该收发机1001用于支持终端1000与上述实施例中的POS之间收发信息。存储器1003用于存储终端1000的程序代码和数据。处理器1002用于调用存储器1003中存储的程序代码和数据,执行图4所示方法中的处理过程和/或用于本申请所描述的技术的其他过程。
需要说明的是,图9所示的终端900中的射频连接模块901可视为收发机1001中集成的模块,也可以对应独立的感应芯片;图9所示的终端900中的执行模块902可视为处理器1002中集成的模块,也可以对应独立的处理芯片。具体地,图9所示的终端900中的卡片管理单元和第一NFC应用可以视为处理器1002中集成的模块,也可以对应独立的处理芯片;图9所示的终端900中的NFC控制器可以视为收发机1001中集成的模块,也可以对应独立的感应芯片,可选地,NFC控制器也可以视为处理器1002中集成的模块;图9所示的终端900中的第一收发模块和第二收发模块可以视为收发机1001中集成的模块。
此外,终端1000还可以包括其他接口,例如光纤链路接口、以太网接口、微波链路接口、铜线接口等,用以实现终端1000与其他设备(例如,POS)的交互。
可选的,处理器1002可以是中央处理器、ASIC、现场可编程门阵列(field-
programmable gate array,FPGA)或复杂可编程逻辑器件(complex programmable logic device,CPLD)。
需要说明的是,图10示出的终端1000中仅包含一个收发机1001、一个处理器1002和一个存储器1003。实际实现时,收发机1001、处理器1002和存储器1003的数量可以为一个,也可以为多个。
同样说明的是,图10示出的终端1000可以实现图4对应的实施例提供的方法,也可以是与图9所示的终端900相同的设备。因此,终端1000未详细描述的实现方式可以参照图4对应的实施例提供的方法中的相关描述或者图9所示的终端900中的相关描述。
本申请实施例中还提供了一种计算机存储介质,该存储介质中存储软件程序,该软件程序在被一个或多个处理器读取并执行时可实现上述实施例中的终端交易方法。
综上,本申请实施例提供一种终端交易方法及终端。采用本申请实施例提供的方案,由于执行POS发起的第一交易的NFC应用为终端选择的、与该POS对应且使用条件已满足的第一NFC应用。因此,使用第一NFC应用执行第一交易可以使得第一交易执行完成,避免现有技术中由于选择的NFC应用与POS类型不匹配而导致的用户体验较差的问题。
本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。
本申请是参照根据本申请实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。
显然,本领域的技术人员可以对本申请实施例进行各种改动和变型而不脱离本申请实施例的精神和范围。这样,倘若本申请实施例的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。
Claims (32)
- 一种终端交易方法,其特征在于,包括:所述终端与销售终端POS建立近场通信NFC射频连接,启动第一交易;所述终端选择与所述POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行所述第一交易。
- 如权利要求1所述的方法,其特征在于,在所述终端与销售终端POS建立NFC射频连接之前,还包括:所述终端接收用户选择第二NFC应用的指令;所述终端选择与所述POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行所述第一交易,具体包括:如果所述第二NFC应用与所述POS类型不匹配,则所述终端选择与所述POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行所述第一交易。
- 如权利要求1或2所述的方法,其特征在于,所述终端选择与所述POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行所述第一交易,具体包括:所述终端中的NFC控制器接收所述POS发送的第一业务指令;所述NFC控制器将所述第一业务指令发送给所述终端中的卡片管理单元,所述卡片管理单元保存有第一对照关系和所述终端中的多个NFC应用分别对应的使用要求,所述第一对照关系用于指示所述多个NFC应用与多个业务指令之间的一一对应关系,所述第一NFC应用为所述多个NFC应用中的一个;所述卡片管理单元根据所述第一业务指令和所述第一对照关系,选择所述多个NFC应用中与所述POS对应的所述第一NFC应用;如果所述第一NFC应用的使用要求已满足,所述第一NFC应用接收所述第一业务指令,并根据所述第一业务指令执行第一交易。
- 如权利要求3所述的方法,其特征在于,在所述终端中的NFC控制器接收所述POS发送的第一业务指令之前,还包括:所述NFC控制器接收所述POS发送的第二业务指令;所述NFC控制器将所述第二业务指令发送给所述卡片管理单元;所述卡片管理单元根据所述第二业务指令与第二对照关系,确定多个NFC应用中与所述第二业务指令类型匹配的至少一个NFC应用,所述第二对照关系用于指示所述第二业务指令与所述多个NFC应用的匹配关系;所述卡片管理单元向所述POS发送所述第二业务指令的第二响应消息,所述第二响应消息用于指示所述多个NFC应用中与所述POS类型匹配的至少一个NFC应用,使得所述POS根据所述第二响应消息生成所述第一业务指令;或者,所述卡片管理单元将所述第二业务指令发送给所述至少一个NFC应用中的指定NFC应用所在的近场通信执行环境NFCEE,并接收对所述第二业务指令的第二响应消息,将所述第二响应消息发送给所述POS,使得所述POS根据所述第二响应消息生成所述第一业务指令,所述第二响应消息用于指示保存在所述NFCEE中的、与所述POS类型匹配的M个NFC应用,M≥1,所述M个NFC应用中包含所述指定NFC应用。
- 如权利要求3或4所述的方法,其特征在于,在所述第一NFC应用接收所述第一 业务指令,并根据所述第一业务指令执行所述第一交易之前,还包括:所述卡片管理单元将所述第一业务指令发送给所述第一NFC应用;或者,所述卡片管理单元指示所述NFC控制器将所述第一业务指令发送给所述第一NFC应用。
- 如权利要求3~5任一项所述的方法,其特征在于,还包括:如果所述第一NFC应用的使用要求未满足,则所述终端执行所述第一NFC应用的预处理流程,所述预处理流程用于使得所述第一NFC应用的使用要求得到满足;所述第一NFC应用接收所述第一业务指令,并根据所述第一业务指令执行第一交易。
- 如权利要求6所述的方法,其特征在于,在所述第一NFC应用接收所述第一业务指令,并根据所述第一业务指令执行第一交易之前,还包括:所述卡片管理单元将所述第一业务指令发送给所述第一NFC应用;或者,所述卡片管理单元指示所述NFC控制器将所述第一业务指令发送给所述第一NFC应用。
- 如权利要求6或7所述的方法,其特征在于,在所述第一NFC应用接收所述第一业务指令之前,还包括:所述卡片管理单元触发所述POS重新发送所述第一业务指令;所述NFC控制器接收所述POS重新发送的所述第一业务指令;所述NFC控制器将所述POS重新发送的所述第一业务指令发送给所述第一NFC应用;或者,所述NFC控制器将所述POS重新发送的所述第一业务指令发送给所述卡片管理单元;所述第一NFC应用接收所述第一业务指令,并根据所述第一业务指令执行第一交易,具体包括:所述第一NFC应用接收所述NFC控制器发送的所述第一业务指令,并对所述POS发送的所述第一业务指令进行响应,从而执行所述第一交易;或者,所述第一NFC应用接收所述卡片管理单元发送的所述第一业务指令,并对所述POS发送的所述第一业务指令进行响应,从而执行所述第一交易。
- 如权利要求6~8任一项所述的方法,其特征在于,如果所述第一NFC应用的使用要求未满足,则所述终端执行所述第一NFC应用的预处理流程,具体包括:如果所述卡片管理单元判断所述第一NFC应用的使用要求指示所述终端需执行设备持卡人验证方法CDCVM,且所述终端未执行CDCVM,则所述终端触发所述POS执行Try Again流程,并触发执行CDCVM。
- 如权利要求9所述的方法,其特征在于,所述终端触发所述POS执行Try Again流程,具体包括:所述卡片管理单元将所述第一业务指令发送给所述第一NFC应用;所述第一NFC应用将所述第一业务指令的第一响应消息发送给所述POS;所述第一NFC应用接收所述POS发送的第三业务指令,所述第三业务指令用于进行初始交易处理;所述卡片管理单元获取所述第一NFC应用对所述第三业务指令的第三响应消息;所述卡片管理单元判断所述第三响应消息中是否包含指定状态字,所述指定状态字用于所述卡片管理单元判断所述POS是否支持CDCVM;若包含,则所述卡片管理单元指示所述NFC控制器将所述第三响应消息发送给所述POS,以触发所述POS执行Try Again流程;若不包含,则所述卡片管理单元截留所述第 三响应消息或所述卡片管理单元指示所述NFC控制器截留所述第三响应消息,以触发所述POS执行Try Again流程。
- 如权利要求3~10任一项所述的方法,其特征在于,在所述终端选择与所述POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行所述第一交易之前,还包括:所述NFC控制器接收所述卡片管理单元发送的第一消息,所述第一消息用于指示所述NFC控制器将接收到的业务指令发送至所述卡片管理单元。
- 如权利要求1~11任一项所述的方法,其特征在于,在所述终端与所述POS建立NFC射频连接之前,还包括:所述终端接收用户选择第三NFC应用的指令;在所述终端与所述POS建立NFC射频连接之后,还包括:如果所述第三NFC应用与所述POS类型匹配,则所述终端选择所述第三NFC应用并在所述第三NFC应用的使用条件已满足时执行所述第一交易。
- 如权利要求3~12任一项所述的方法,其特征在于,所述多个NFC应用分别对应的使用要求包含以下信息中的一种或多种:所述多个NFC应用分别对应的身份验证要求;所述多个NFC应用分别对应的访问控制策略;所述多个NFC应用分别对应的用户使用策略及策略执行条件。
- 如权利要求1~13任一项所述的方法,其特征在于,所述第一NFC应用为安全单元SE中安装的NFC应用,或者所述第一NFC应用为可信执行环境TEE中安装的NFC应用,或者所述第一NFC应用为富执行环境REE中安装的NFC应用。
- 一种终端,其特征在于,包括:射频连接模块,用于与POS建立NFC射频连接,启动第一交易;执行模块,用于选择与所述POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行所述第一交易。
- 如权利要求15所述的终端,其特征在于,还包括:第一收发模块,用于在所述射频连接模块启动第一交易之前,接收用户选择第二NFC应用的指令;所述执行模块在选择与所述POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行所述第一交易时,具体用于:如果所述第二NFC应用与所述POS类型不匹配,则选择与所述POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行所述第一交易。
- 如权利要求15或16所述的终端,其特征在于,所述执行模块包括NFC控制器、卡片管理单元和所述第一NFC应用;所述执行模块在选择与所述POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行所述第一交易时,具体用于:所述NFC控制器接收所述POS发送的第一业务指令;所述NFC控制器将所述第一业务指令发送给所述终端中的卡片管理单元,所述卡片管理单元保存有第一对照关系和所述终端中的多个NFC应用分别对应的使用要求,所述第一对照关系用于指示所述多个NFC应用与多个业务指令之间的一一对应关系,所述第一NFC 应用为所述多个NFC应用中的一个;所述卡片管理单元根据所述第一业务指令和所述第一对照关系,选择所述多个NFC应用中与所述POS对应的所述第一NFC应用;如果所述第一NFC应用的使用要求已满足,所述第一NFC应用接收所述第一业务指令,并根据所述第一业务指令执行第一交易。
- 如权利要求17所述的终端,其特征在于,所述NFC控制器还用于:在接收所述POS发送的第一业务指令之前,接收所述POS发送的第二业务指令;将所述第二业务指令发送给所述卡片管理单元;所述卡片管理单元还用于:根据所述第二业务指令与第二对照关系,确定多个NFC应用中与所述第二业务指令类型匹配的至少一个NFC应用,所述第二对照关系用于指示所述第二业务指令与所述多个NFC应用的匹配关系;向所述POS发送所述第二业务指令的第二响应消息,所述第二响应消息用于指示所述多个NFC应用中与所述POS类型匹配的至少一个NFC应用,使得所述POS根据所述第二响应消息生成所述第一业务指令;或者,将所述第二业务指令发送给所述至少一个NFC应用中的指定NFC应用所在的NFCEE,并接收对所述第二业务指令的第二响应消息,将所述第二响应消息发送给所述POS,使得所述POS根据所述第二响应消息生成所述第一业务指令,所述第二响应消息用于指示保存在所述NFCEE中的、与所述POS类型匹配的M个NFC应用,M≥1,所述M个NFC应用中包含所述指定NFC应用。
- 如权利要求17或18所述的终端,其特征在于,所述卡片管理单元还用于:在所述第一NFC应用接收所述第一业务指令,并根据所述第一业务指令执行第一交易之前,将所述第一业务指令发送给所述第一NFC应用或者指示所述NFC控制器将所述第一业务指令发送给所述第一NFC应用。
- 如权利要求17~19任一项所述的终端,其特征在于,所述执行模块还用于:在所述第一NFC应用的使用要求未满足时,执行所述第一NFC应用的预处理流程,所述预处理流程用于使得所述第一NFC应用的使用要求得到满足;所述第一NFC应用还用于:接收所述第一业务指令,并根据所述第一业务指令执行第一交易。
- 如权利要求20所述的终端,其特征在于,所述卡片管理单元还用于:在所述第一NFC应用在接收所述第一业务指令,并根据所述第一业务指令执行第一交易之前,将所述第一业务指令发送给所述第一NFC应用或者指示所述NFC控制器将所述第一业务指令发送给所述第一NFC应用。
- 如权利要求20或21所述的终端,其特征在于,所述卡片管理单元还用于:在所述第一NFC应用接收所述第一业务指令之前,触发所述POS重新发送所述第一业务指令;所述NFC控制器还用于:接收所述POS重新发送的所述第一业务指令;将所述POS重新发送的所述第一业务指令发送给所述第一NFC应用;或者,将所述POS重新发送的所述第一业务指令发送给所述卡片管理单元;所述第一NFC应用在接收所述第一业务指令,并根据所述第一业务指令执行第一交易 时,具体用于:接收所述NFC控制器发送的所述第一业务指令,并对所述POS发送的所述第一业务指令进行响应,从而执行所述第一交易;或者,接收所述卡片管理单元发送的所述第一业务指令,并对所述POS发送的所述第一业务指令进行响应,从而执行所述第一交易。
- 如权利要求20~22任一项所述的终端,其特征在于,所述执行模块在执行所述第一NFC应用的预处理流程时,具体用于:如果所述卡片管理单元判断所述第一NFC应用的使用要求指示所述终端需执行CDCVM,且所述终端未执行CDCVM,则所述执行模块触发所述POS执行Try Again流程,并触发所述终端执行CDCVM。
- 如权利要求23所述的终端,其特征在于,所述执行模块在触发所述POS执行Try Again流程时,具体用于:所述卡片管理单元将所述第一业务指令发送给所述第一NFC应用;所述第一NFC应用将所述第一业务指令的第一响应消息发送给所述POS;所述第一NFC应用接收所述POS发送的第三业务指令,所述第三业务指令用于进行初始交易处理;所述卡片管理单元获取所述第一NFC应用对所述第三业务指令的第三响应消息;所述卡片管理单元判断所述第三响应消息中是否包含指定状态字,所述指定状态字用于所述卡片管理单元判断所述POS是否支持CDCVM;若包含,则所述卡片管理单元指示所述NFC控制器将所述第三响应消息发送给所述POS,以触发所述POS执行Try Again流程;若不包含,则所述卡片管理单元截留所述第三响应消息或所述卡片管理单元指示所述NFC控制器截留所述第三响应消息,以触发所述POS执行Try Again流程。
- 如权利要求17~24任一项所述的终端,其特征在于,所述NFC控制器还用于:在所述执行模块选择与所述POS对应的第一NFC应用并在所述第一NFC应用的使用条件已满足时执行所述第一交易之前,接收所述卡片管理单元发送的第一消息,所述第一消息用于指示所述NFC控制器将接收到的业务指令发送至所述卡片管理单元。
- 如权利要求15~25任一项所述的终端,其特征在于,还包括:第二收发模块,用于在所述射频连接模块与所述POS建立NFC射频连接之前,接收用户选择第三NFC应用的指令;所述执行模块还用于:在所述射频连接模块与所述POS建立NFC射频连接之后,如果所述第三NFC应用与所述POS类型匹配,选择所述第三NFC应用并在所述第三NFC应用的使用条件已满足时执行所述第一交易。
- 如权利要求17~26任一项所述的终端,其特征在于,所述多个NFC应用分别对应的使用要求包含以下信息中的一种或多种:所述多个NFC应用分别对应的身份验证要求;所述多个NFC应用分别对应的访问控制策略;所述多个NFC应用分别对应的用户使用策略及策略执行条件。
- 如权利要求15~27任一项所述的终端,其特征在于,所述第一NFC应用为SE中安装的NFC应用,或者所述第一NFC应用为TEE中安装的NFC应用,或者所述第一NFC 应用为REE中安装的NFC应用。
- 一种终端,其特征在于,包括:存储器,用于存储计算机程序;处理器,用于执行所述存储器中存储的计算机程序,以使得所述终端执行如权利要求1~14中任一项所述的方法。
- 一种计算机可读存储介质,其特征在于,包括程序或指令,当所述程序或指令在计算机上运行时,如权利要求1~14中任一项所述的方法被执行。
- 一种通信系统,其特征在于,包括:如权利要求15~28任一项所述的终端和POS;所述POS用于与所述终端交互,使得所述终端执行如权利要求1~14中任一项所述的方法。
- 一种计算机程序产品,其特征在于,当所述计算机程序产品在计算机上运行时,使得计算机执行如权利要求1~14中任一项所述的方法。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201780064074.3A CN109844789B (zh) | 2017-09-28 | 2017-11-30 | 一种终端交易方法及终端 |
EP17926750.5A EP3680844A4 (en) | 2017-09-28 | 2017-11-30 | TRANSACTION PROCEDURE FOR TERMINAL DEVICE AND TERMINAL DEVICE |
US16/650,720 US11334862B2 (en) | 2017-09-28 | 2017-11-30 | Terminal transaction method, and terminal |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710900511 | 2017-09-28 | ||
CN201710900511.2 | 2017-09-28 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019061801A1 true WO2019061801A1 (zh) | 2019-04-04 |
Family
ID=65900528
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2017/114007 WO2019061801A1 (zh) | 2017-09-28 | 2017-11-30 | 一种终端交易方法及终端 |
Country Status (4)
Country | Link |
---|---|
US (1) | US11334862B2 (zh) |
EP (1) | EP3680844A4 (zh) |
CN (1) | CN109844789B (zh) |
WO (1) | WO2019061801A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114638605A (zh) * | 2019-09-18 | 2022-06-17 | 华为技术有限公司 | 近距离无线通信的方法和电子设备 |
Families Citing this family (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10922678B2 (en) * | 2018-04-24 | 2021-02-16 | Visa International Service Association | System, method and computer program product for automatic and remote control of NFC transaction processing |
CN110475233B (zh) * | 2018-05-09 | 2021-09-10 | 腾讯科技(深圳)有限公司 | 资源转移方法、装置、计算机设备及存储介质 |
FR3089382B1 (fr) * | 2018-11-30 | 2020-11-27 | St Microelectronics Rousset | Traitement nfc rapide |
KR20210039109A (ko) * | 2019-10-01 | 2021-04-09 | 삼성전자주식회사 | 데이터를 송/수신하는 전자 장치 및 그 방법 |
US11423384B1 (en) * | 2019-10-31 | 2022-08-23 | United Services Automobile Association (Usaa) | Systems and methods for payment method selection |
FR3105663B1 (fr) * | 2019-12-23 | 2022-09-09 | St Microelectronics Rousset | Configuration d'une transaction dans un dispositif électronique sans contact |
US11651361B2 (en) * | 2019-12-23 | 2023-05-16 | Capital One Services, Llc | Secure authentication based on passport data stored in a contactless card |
FR3105662B1 (fr) | 2019-12-23 | 2021-11-26 | St Microelectronics Rousset | Configuration d'une transaction dans un dispositif électronique sans contact |
EP3986004B1 (en) * | 2020-10-13 | 2023-10-04 | Nxp B.V. | Nfc device and method of operating the same |
CN112069848B (zh) * | 2020-11-12 | 2021-04-30 | 深圳市汇顶科技股份有限公司 | 用于nfc卡模拟模式的选卡方法、芯片、终端和存储介质 |
CN116210059A (zh) * | 2020-11-12 | 2023-06-02 | 维萨国际服务协会 | 使用条件式阻塞和非阻塞查询调用系统和方法的方法和系统 |
EP4068186A1 (en) | 2021-04-01 | 2022-10-05 | Nxp B.V. | Nfc device, operating method and computer program |
US20230059546A1 (en) * | 2021-08-17 | 2023-02-23 | Mastercard Asia/Pacific Pte. Ltd. | Access Control System |
CN114245295B (zh) * | 2021-12-08 | 2024-07-19 | 武汉天喻信息产业股份有限公司 | 一种多门禁自动切换方法及装置 |
CN114302404A (zh) * | 2021-12-23 | 2022-04-08 | 汇顶科技(成都)有限责任公司 | 近场通信方法、配置方法、nfc主机以及电子设备 |
SE2250552A1 (en) * | 2022-05-06 | 2023-11-07 | Axxtrans | Card holder data extraction |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070203850A1 (en) * | 2006-02-15 | 2007-08-30 | Sapphire Mobile Systems, Inc. | Multifactor authentication system |
US20110191196A1 (en) * | 2010-02-04 | 2011-08-04 | Orr Rick N | System for Interfacing a Client Device with a Point of Sale System |
CN104471600A (zh) * | 2014-04-01 | 2015-03-25 | 华为终端有限公司 | 一种安全单元的管理方法及终端 |
CN104933555A (zh) * | 2015-05-27 | 2015-09-23 | 小米科技有限责任公司 | 模式设置方法及装置 |
CN106855812A (zh) * | 2015-12-08 | 2017-06-16 | 北京三星通信技术研究有限公司 | 配置用户终端的方法和装置 |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2856406A4 (en) * | 2012-05-24 | 2015-12-09 | Google Inc | SYSTEMS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR PROVIDING A CONTACTLESS PROTOCOL |
CN104463255B (zh) | 2013-09-12 | 2018-03-23 | 中国银联股份有限公司 | 用于与nfc芯片自动连接并切换安全载体的切换装置及方法 |
US10445718B2 (en) | 2013-12-27 | 2019-10-15 | Visa International Service Association | Processing a transaction using multiple application identifiers |
ES2753388T3 (es) | 2014-05-07 | 2020-04-08 | Visa Int Service Ass | Interfaz de datos mejorada para comunicaciones sin contacto |
CN105472546B (zh) | 2015-12-31 | 2019-05-24 | 华为技术有限公司 | 近场通信方法及移动终端 |
US10410232B1 (en) * | 2016-07-08 | 2019-09-10 | Harold Lueken | Systems and methods for prioritizing default payment options in virtual wallets |
-
2017
- 2017-11-30 US US16/650,720 patent/US11334862B2/en active Active
- 2017-11-30 WO PCT/CN2017/114007 patent/WO2019061801A1/zh unknown
- 2017-11-30 EP EP17926750.5A patent/EP3680844A4/en active Pending
- 2017-11-30 CN CN201780064074.3A patent/CN109844789B/zh active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070203850A1 (en) * | 2006-02-15 | 2007-08-30 | Sapphire Mobile Systems, Inc. | Multifactor authentication system |
US20110191196A1 (en) * | 2010-02-04 | 2011-08-04 | Orr Rick N | System for Interfacing a Client Device with a Point of Sale System |
CN104471600A (zh) * | 2014-04-01 | 2015-03-25 | 华为终端有限公司 | 一种安全单元的管理方法及终端 |
CN104933555A (zh) * | 2015-05-27 | 2015-09-23 | 小米科技有限责任公司 | 模式设置方法及装置 |
CN106855812A (zh) * | 2015-12-08 | 2017-06-16 | 北京三星通信技术研究有限公司 | 配置用户终端的方法和装置 |
Non-Patent Citations (1)
Title |
---|
See also references of EP3680844A4 |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114638605A (zh) * | 2019-09-18 | 2022-06-17 | 华为技术有限公司 | 近距离无线通信的方法和电子设备 |
EP4024245A4 (en) * | 2019-09-18 | 2022-10-26 | Huawei Technologies Co., Ltd. | NEAR FIELD COMMUNICATION METHOD AND ELECTRONIC DEVICE |
JP2022548910A (ja) * | 2019-09-18 | 2022-11-22 | 華為技術有限公司 | 近距離通信方法及び電子デバイス |
JP7378598B2 (ja) | 2019-09-18 | 2023-11-13 | 華為技術有限公司 | 近距離通信方法及び電子デバイス |
Also Published As
Publication number | Publication date |
---|---|
US20200286061A1 (en) | 2020-09-10 |
US11334862B2 (en) | 2022-05-17 |
EP3680844A4 (en) | 2020-10-28 |
CN109844789B (zh) | 2021-04-20 |
CN109844789A (zh) | 2019-06-04 |
EP3680844A1 (en) | 2020-07-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019061801A1 (zh) | 一种终端交易方法及终端 | |
US11595820B2 (en) | Secure elements broker (SEB) for application communication channel selector optimization | |
EP3942505B1 (en) | Contextual tapping engine | |
ES2753388T3 (es) | Interfaz de datos mejorada para comunicaciones sin contacto | |
US9396468B2 (en) | Apparatus for securing electronic transactions using secure electronic signatures | |
EP4425356A2 (en) | Delegated administration of permissions using a contactless card | |
US11868988B2 (en) | Devices and methods for selective contactless communication | |
US10083443B1 (en) | Persistent authentication of a wearable device | |
US20240063660A1 (en) | Transaction device capable of managing and routing power from an external power source | |
WO2018161224A1 (zh) | 一种数据处理方法及相关装置 | |
US11901970B1 (en) | Near-field communication functionality for partial applications accessed over a network | |
CN116097686A (zh) | 安全元件与移动设备的安全端到端配对 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 17926750 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 2017926750 Country of ref document: EP Effective date: 20200408 |