WO2020052383A1 - Fingerprint processing system and method, and fingerprint device - Google Patents

Fingerprint processing system and method, and fingerprint device Download PDF

Info

Publication number
WO2020052383A1
WO2020052383A1 PCT/CN2019/099655 CN2019099655W WO2020052383A1 WO 2020052383 A1 WO2020052383 A1 WO 2020052383A1 CN 2019099655 W CN2019099655 W CN 2019099655W WO 2020052383 A1 WO2020052383 A1 WO 2020052383A1
Authority
WO
WIPO (PCT)
Prior art keywords
fingerprint
module
processing module
applet
fingerprint processing
Prior art date
Application number
PCT/CN2019/099655
Other languages
French (fr)
Chinese (zh)
Inventor
陈柳章
Original Assignee
深圳市文鼎创数据科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市文鼎创数据科技有限公司 filed Critical 深圳市文鼎创数据科技有限公司
Publication of WO2020052383A1 publication Critical patent/WO2020052383A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/448Execution paradigms, e.g. implementations of programming paradigms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/556Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Definitions

  • a second aspect of the embodiments of the present application provides a fingerprint processing method, including:

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Image Input (AREA)

Abstract

The present application is applied to the technical field of data processing, and provided thereby are a fingerprint processing system and method, and a fingerprint device. The system comprises: a fingerprint collection module, an Applet module, and a fingerprint processing module; the fingerprint collection module is used to collect fingerprint data and send the fingerprint data to the fingerprint processing module; the fingerprint processing module is used to process the fingerprint data according to a fingerprint operation instruction of the Applet module, and send the processing result to the Applet module. The present application may solve the problem in existing technology wherein each Applet application respectively adding a function of a fingerprint operation inside of an Applet program leads to a large amount of repeated development and resource waste between different Applet developers.

Description

一种指纹处理系统、方法及指纹设备Fingerprint processing system, method and fingerprint device 技术领域Technical field
本申请属于数据处理技术领域,尤其涉及一种指纹处理系统、方法及指纹设备。The present application belongs to the field of data processing technology, and particularly relates to a fingerprint processing system, method, and fingerprint device.
背景技术Background technique
随着科技的发展,指纹设备逐渐在人们的生活和工作中得到应用。指纹设备主要用于采集用户的指纹,对指纹进行验证判断用户是否具备相应的权限,例如Java智能卡可通过对用户的指纹进行验证判断用户是否具备支付的权限。With the development of technology, fingerprint devices are gradually applied in people's lives and work. The fingerprint device is mainly used to collect a user's fingerprint and verify the fingerprint to determine whether the user has the corresponding authority. For example, a Java smart card can determine whether the user has the authority to pay by verifying the user's fingerprint.
当前,部分指纹设备的指纹采集、存储和验证都是由指纹采集模块进行处理,然后由指纹采集模块返回验证结果到指纹设备的处理器中,这使得指纹设备的安全性较差,当指纹采集模块被恶意替换,由替换的模块返回验证结果到指纹设备的处理器时,可以让入侵者越过指纹验证直接操作智能卡。Currently, the fingerprint collection, storage, and verification of some fingerprint devices are processed by the fingerprint collection module, and then the fingerprint collection module returns the verification results to the processor of the fingerprint device, which makes the fingerprint device less secure. The module was maliciously replaced. When the replaced module returns the verification result to the processor of the fingerprint device, the intruder can bypass the fingerprint verification and directly operate the smart card.
对于这种情况,研究人员提出了将指纹采集和指纹验证分离的做法,指纹采集模块只负责指纹信息的采集,由指纹设备的Java虚拟机中各个需要指纹验证的Applet应用进行指纹验证。In this case, the researchers proposed to separate fingerprint collection and fingerprint verification. The fingerprint collection module is only responsible for the collection of fingerprint information. Fingerprint verification is performed by each Applet application in the Java virtual machine of the fingerprint device that requires fingerprint verification.
由于一个指纹设备中可以存在多个Applet应用,虽然由Applet应用进行指纹验证的方案可以提高指纹设备的安全性,但是各个Applet开发者都需要学习指纹验证的知识,在Applet程序内部增加指纹操作的函数,这造成不同的Applet开发者之间的大量重复开发和资源浪费。Because there can be multiple Applet applications in a fingerprint device, although the fingerprint verification scheme by the Applet application can improve the security of the fingerprint device, each Applet developer needs to learn the knowledge of fingerprint verification and increase the fingerprint operation inside the Applet program. Functions, which cause a lot of repeated development and waste of resources between different Applet developers.
综上所述,现有技术中各个Applet应用分别在Applet程序内部增加指纹操作的函数,导致了不同的Applet开发者之间的大量重复开发和资源浪费。In summary, in the prior art, each applet application adds a fingerprint operation function inside the applet program, which results in a lot of repeated development and waste of resources between different applet developers.
技术问题technical problem
有鉴于此,本申请实施例提供了一种指纹处理系统、方法及指纹设备,以解决现有技术中各个Applet应用分别在Applet程序内部增加指纹操作的函数,导致了不同的Applet开发者之间的大量重复开发和资源浪费的问题。In view of this, the embodiments of the present application provide a fingerprint processing system, method, and fingerprint device to solve the problem that each Applet application in the prior art adds a fingerprint operation function inside the Applet program, which has led to differences among different Applet developers. The problem of a lot of repeated development and waste of resources.
技术解决方案Technical solutions
本申请实施例的第一方面提供了一种指纹处理系统,包括:指纹采集模块、Applet模块和指纹处理模块;A first aspect of the embodiments of the present application provides a fingerprint processing system, including: a fingerprint collection module, an Applet module, and a fingerprint processing module;
所述指纹采集模块用于采集指纹数据并将所述指纹数据发送至所述指纹处理模块;The fingerprint collection module is configured to collect fingerprint data and send the fingerprint data to the fingerprint processing module;
所述指纹处理模块用于根据所述Applet模块的指纹操作指令对所述指纹数据进行处理,并将处理结果发送至所述Applet模块。The fingerprint processing module is configured to process the fingerprint data according to a fingerprint operation instruction of the Applet module, and send a processing result to the Applet module.
本申请实施例的第二方面提供了一种指纹处理方法,包括:A second aspect of the embodiments of the present application provides a fingerprint processing method, including:
发送指纹操作指令至指纹处理模块;Send a fingerprint operation instruction to the fingerprint processing module;
接收所述指纹处理模块根据所述指纹操作指令对指纹采集模块发送的指纹数据进行处理后返回的处理结果。Receive the processing result returned by the fingerprint processing module after processing the fingerprint data sent by the fingerprint collection module according to the fingerprint operation instruction.
本申请实施例的第三方面提供了一种指纹设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现如上述方法的步骤。A third aspect of the embodiments of the present application provides a fingerprint device, including a memory, a processor, and a computer program stored in the memory and executable on the processor. When the processor executes the computer program, Implement the steps of the method as described above.
本申请实施例的第四方面提供了一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,所述计算机程序被处理器执行时实现如上述方法的步骤。A fourth aspect of the embodiments of the present application provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program, and when the computer program is executed by a processor, implements steps of the foregoing method.
有益效果Beneficial effect
本申请的指纹处理系统中,在指纹采集模块和Applet模块之外设置指纹处理模块,指纹处理模块负责根据Applet模块的指纹操作指令对指纹数据进行处理,将指纹数据的采集和验证分开,提高指纹设备的安全性,同时,Applet模块在进行指纹操作时调用指纹处理模块即可完成所需的指纹操作,开发者开发Applet模块时内无需编写指纹操作的内容,解决了现有技术中各个Applet应用分别在Applet程序内部增加指纹操作的函数,导致了不同的Applet开发者之间的大量重复开发和资源浪费的问题。In the fingerprint processing system of the present application, a fingerprint processing module is provided in addition to the fingerprint collection module and the Applet module. The fingerprint processing module is responsible for processing fingerprint data according to the fingerprint operation instructions of the Applet module, separating fingerprint data collection and verification, and improving fingerprints. The security of the device. At the same time, the applet module can complete the required fingerprint operation by calling the fingerprint processing module during the fingerprint operation. The developer does not need to write the content of the fingerprint operation when developing the applet module, which solves the various applet applications in the prior art Adding fingerprint operation functions inside Applet programs, respectively, has caused a lot of repeated development and waste of resources between different Applet developers.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the embodiments or the description of the prior art will be briefly introduced below. Obviously, the drawings in the following description are only for the present application. For some embodiments, for those of ordinary skill in the art, other drawings can be obtained according to these drawings without paying creative labor.
图1是本申请实施例提供的一种指纹处理系统的系统结构示意图;FIG. 1 is a schematic diagram of a system structure of a fingerprint processing system according to an embodiment of the present application; FIG.
图2是本申请实施例提供的一种指纹处理方法的实现流程示意图;FIG. 2 is a schematic flowchart of a fingerprint processing method provided by an embodiment of the present application; FIG.
图3是本申请实施例提供的指纹设备的示意图。FIG. 3 is a schematic diagram of a fingerprint device according to an embodiment of the present application.
本发明的实施方式Embodiments of the invention
以下描述中,为了说明而不是为了限定,提出了诸如特定系统结构、技术之类的具体细节,以便透彻理解本申请实施例。然而,本领域的技术人员应当清楚,在没有这些具体细节的其它实施例中也可以实现本申请。在其它情况中,省略对众所周知的系统、装置、电路以及方法的详细说明,以免不必要的细节妨碍本申请的描述。In the following description, for the purpose of illustration rather than limitation, specific details such as a specific system structure and technology are provided in order to thoroughly understand the embodiments of the present application. However, it should be clear to a person skilled in the art that the present application can also be implemented in other embodiments without these specific details. In other cases, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary details.
为了说明本申请所述的技术方案,下面通过具体实施例来进行说明。In order to explain the technical solution described in this application, specific examples are used for description below.
应当理解,当在本说明书和所附权利要求书中使用时,术语“包括”指示所描述特征、整体、步骤、操作、元素和/或组件的存在,但并不排除一个或多个其它特征、整体、步骤、操作、元素、组件和/或其集合的存在或添加。It should be understood that when used in this specification and the appended claims, the term "comprising" indicates the presence of described features, integers, steps, operations, elements and / or components, but does not exclude one or more other features , The whole, steps, operations, elements, components, and / or their presence or addition.
还应当理解,在此本申请说明书中所使用的术语仅仅是出于描述特定实施例的目的而并不意在限制本申请。如在本申请说明书和所附权利要求书中所使用的那样,除非上下文清楚地指明其它情况,否则单数形式的“一”、“一个”及“该”意在包括复数形式。It should also be understood that the terminology used in the description of this application is for the purpose of describing particular embodiments only and is not intended to limit the application. As used in this specification and the appended claims, the singular forms "a", "an" and "the" are intended to include the plural forms unless the context clearly indicates otherwise.
还应当进一步理解,在本申请说明书和所附权利要求书中使用的术语“和/或”是指相关联列出的项中的一个或多个的任何组合以及所有可能组合,并且包括这些组合。It should be further understood that the term "and / or" used in the specification of the application and the appended claims refers to any combination of one or more of the items listed in association and all possible combinations, and includes these combinations .
如在本说明书和所附权利要求书中所使用的那样,术语“如果”可以依据上下文被解释为“当...时”或“一旦”或“响应于确定”或“响应于检测到”。类似地,短语“如果确定”或“如果检测到[所描述条件或事件]”可以依据上下文被解释为意指“一旦确定”或“响应于确定”或“一旦检测到[所描述条件或事件]”或“响应于检测到[所描述条件或事件]”。As used in this specification and the appended claims, the term "if" can be construed as "when" or "once" or "in response to a determination" or "in response to a detection" depending on the context . Similarly, the phrase "if determined" or "if [the described condition or event] is detected" can be interpreted, depending on the context, to mean "once determined" or "in response to the determination" or "once [the condition or event described ] "Or" In response to [Description of condition or event] detected ".
具体实现中,本申请实施例中描述的移动终端包括但不限于诸如具有触摸敏感表面(例如,触摸屏显示器和/或触摸板)的移动电话、膝上型计算机或平板计算机之类的其它便携式设备。还应当理解的是,在某些实施例中,上述设备并非便携式通信设备,而是具有触摸敏感表面(例如,触摸屏显示器和/或触摸板)的台式计算机。In specific implementation, the mobile terminal described in the embodiments of the present application includes, but is not limited to, other portable devices such as a mobile phone, a laptop computer, or a tablet computer with a touch-sensitive surface (for example, a touch screen display and / or a touch pad). . It should also be understood that, in some embodiments, the aforementioned device is not a portable communication device, but a desktop computer with a touch-sensitive surface (eg, a touch screen display and / or a touch pad).
在接下来的讨论中,描述了包括显示器和触摸敏感表面的移动终端。然而,应当理解的是,移动终端可以包括诸如物理键盘、鼠标和/或控制杆的一个或多个其它物理用户接口设备。In the following discussion, a mobile terminal including a display and a touch-sensitive surface is described. However, it should be understood that the mobile terminal may include one or more other physical user interface devices such as a physical keyboard, mouse, and / or joystick.
移动终端支持各种应用程序,例如以下中的一个或多个:绘图应用程序、演示应用程序、文字处理应用程序、网站创建应用程序、盘刻录应用程序、电子表格应用程序、游戏应用程序、电话应用程序、视频会议应用程序、电子邮件应用程序、即时消息收发应用程序、锻炼支持应用程序、照片管理应用程序、数码相机应用程序、数字摄影机应用程序、web浏览应用程序、数字音乐播放器应用程序和/或数字视频播放器应用程序。The mobile terminal supports various applications, such as one or more of the following: drawing applications, presentation applications, word processing applications, website creation applications, disc burning applications, spreadsheet applications, gaming applications, phones Applications, video conferencing applications, email applications, instant messaging applications, exercise support applications, photo management applications, digital camera applications, digital camera applications, web browsing applications, digital music player applications And / or digital video player applications.
可以在移动终端上执行的各种应用程序可以使用诸如触摸敏感表面的至少一个公共物理用户接口设备。可以在应用程序之间和/或相应应用程序内调整和/或改变触摸敏感表面的一个或多个功能以及终端上显示的相应信息。这样,终端的公共物理架构(例如,触摸敏感表面)可以支持具有对用户而言直观且透明的用户界面的各种应用程序。Various applications that can be executed on the mobile terminal may use at least one common physical user interface device such as a touch-sensitive surface. One or more functions of the touch-sensitive surface and corresponding information displayed on the terminal may be adjusted and / or changed between applications and / or within corresponding applications. In this way, the terminal's common physical architecture (eg, touch-sensitive surface) can support a variety of applications with user interfaces that are intuitive and transparent to the user.
另外,在本申请的描述中,术语“第一”、“第二”、“第三”等仅用于区分描述,而不能理解为指示或暗示相对重要性。In addition, in the description of the present application, the terms “first”, “second”, “third” and the like are only used to distinguish descriptions, and cannot be understood to indicate or imply relative importance.
实施例一:Embodiment one:
图1示出了本发明第一实施例提供的一种指纹处理系统的结构图,为了便于说明,仅示出了与本实施例相关的部分:FIG. 1 shows a structural diagram of a fingerprint processing system provided by a first embodiment of the present invention. For ease of description, only parts related to this embodiment are shown:
本发明第一实施例提供了一种指纹处理系统,包括:指纹采集模块101、Applet模块103和指纹处理模块102;A first embodiment of the present invention provides a fingerprint processing system, including: a fingerprint collection module 101, an Applet module 103, and a fingerprint processing module 102;
所述指纹采集模块101用于采集指纹数据并将所述指纹数据发送至所述指纹处理模块102;The fingerprint collection module 101 is configured to collect fingerprint data and send the fingerprint data to the fingerprint processing module 102;
所述指纹处理模块102用于根据所述Applet模块103的指纹操作指令对所述指纹数据进行处理,并将处理结果发送至所述Applet模块。The fingerprint processing module 102 is configured to process the fingerprint data according to a fingerprint operation instruction of the Applet module 103, and send a processing result to the Applet module.
指纹采集模块101用于采集用户的指纹数据,指纹处理模块102用于对指纹数据进行处理,得到对应的处理结果,Applet模块103可实现各种预置的程序功能,当其实现功能的过程中需要进行指纹操作时,可以通过通信接口调用指纹处理模块102,指纹处理模块102对指纹采集模块101采集的指纹数据进行处理,得到处理结果后发送给Applet模块103,Applet模块103根据处理结果实现功能,例如,当Applet模块103实现支付功能时,需要通过指纹验证判断用户的身份,此时可以调用指纹处理模块102对指纹采集模块采集的指纹数据进行指纹验证,若指纹处理模块102返回验证通过的处理结果,则Applet模块103进行支付操作,若指纹处理模块102返回验证不通过的处理结果,则Applet模块103禁止支付操作。The fingerprint collection module 101 is used to collect the user's fingerprint data, and the fingerprint processing module 102 is used to process the fingerprint data to obtain the corresponding processing results. The Applet module 103 can implement various preset program functions. When fingerprint operation is needed, the fingerprint processing module 102 can be called through the communication interface. The fingerprint processing module 102 processes the fingerprint data collected by the fingerprint acquisition module 101 and sends the processed result to the Applet module 103. The Applet module 103 implements the function according to the processing result For example, when the Applet module 103 implements the payment function, it is necessary to determine the user's identity through fingerprint verification. At this time, the fingerprint processing module 102 can be called to perform fingerprint verification on the fingerprint data collected by the fingerprint acquisition module. If the fingerprint processing module 102 returns a verification result, If the result is processed, the Applet module 103 performs a payment operation. If the fingerprint processing module 102 returns a processing result that fails the verification, the Applet module 103 prohibits the payment operation.
进一步地,所述Applet模块103和所述指纹采集模块101设置于指纹设备内;Further, the Applet module 103 and the fingerprint collection module 101 are disposed in a fingerprint device;
所述指纹处理模块102设置于所述指纹设备内,或者设置于与所述指纹设备连接的外部设备内。The fingerprint processing module 102 is disposed in the fingerprint device or in an external device connected to the fingerprint device.
其中,指纹设备可以为Java智能卡、指纹Key或者其他指纹设备。The fingerprint device may be a Java smart card, a fingerprint key, or another fingerprint device.
指纹处理模块102可以设置在指纹设备内,或者设置于与指纹设备连接的外部设备内,例如,当指纹设备为Java智能卡时,将指纹处理模块102设置在Java智能卡中,指纹处理模块102此时可以为在Java虚拟机中运行的应用程序,或者,也可以将指纹处理模块102设置于其他可以与Java智能卡进行通信的外部设备(例如读卡器)中。The fingerprint processing module 102 can be set in a fingerprint device or an external device connected to the fingerprint device. For example, when the fingerprint device is a Java smart card, the fingerprint processing module 102 is set in a Java smart card. It may be an application program running in a Java virtual machine, or the fingerprint processing module 102 may be set in other external devices (such as a card reader) that can communicate with the Java smart card.
本申请实施例一的指纹处理系统中,在指纹采集模块101和Applet模块103之外设置指纹处理模块102,指纹处理模块102负责根据Applet模块103的指纹操作指令对指纹数据进行处理,将指纹数据的采集和验证分开,提高指纹设备的安全性。In the fingerprint processing system of the first embodiment of the present application, a fingerprint processing module 102 is provided in addition to the fingerprint collection module 101 and the applet module 103. The fingerprint processing module 102 is responsible for processing fingerprint data according to the fingerprint operation instruction of the applet module 103, The collection and verification are separated to improve the security of the fingerprint device.
同时,Applet模块103在进行指纹操作时调用指纹处理模块102即可完成所需的指纹操作,开发者开发Applet模块103时无需编写指纹操作的内容,不同的开发者开发不同的Applet模块时调用相同的指纹处理模块即可,避免因开发者的水平参差不齐导致的安全漏洞,也避免各个Applet开发者重复开发。At the same time, the Applet module 103 calls the fingerprint processing module 102 to complete the required fingerprint operation during the fingerprint operation. The developer does not need to write the content of the fingerprint operation when developing the Applet module 103. Different developers call the same when developing different Applet modules. The fingerprint processing module can be used to avoid security vulnerabilities caused by uneven levels of developers, and to avoid repeated development by various Applet developers.
当更换指纹采集模块101,需要对指纹处理算法进行更新时,只需要指纹处理模块102进行算法更新,不需要每个Applet模块103都进行算法更新。When the fingerprint collection module 101 is replaced and the fingerprint processing algorithm needs to be updated, only the fingerprint processing module 102 needs to be updated with the algorithm, and it is not necessary for each Applet module 103 to perform the algorithm update.
综上所述,本实施例一的指纹处理系统简化了开发工作,提高了开发效率和指纹验证功能的稳定性,解决了现有技术中各个Applet应用分别在Applet程序内部增加指纹操作的函数,导致了不同的Applet开发者之间的大量重复开发和资源浪费的问题。In summary, the fingerprint processing system of the first embodiment simplifies the development work, improves the development efficiency and the stability of the fingerprint verification function, and solves the problem that each applet application in the prior art adds a fingerprint operation function inside the applet program. This caused a lot of repeated development and waste of resources among different Applet developers.
实施例二:Embodiment two:
下面对本申请实施例二提供的一种指纹处理方法进行描述,请参阅附图2,本申请实施例二中的指纹处理方法包括:The following describes a fingerprint processing method provided in Embodiment 2 of the present application. Please refer to FIG. 2. The fingerprint processing method in Embodiment 2 of the present application includes:
步骤S201、发送指纹操作指令至指纹处理模块;Step S201: Send a fingerprint operation instruction to the fingerprint processing module;
当Applet模块需要进行指纹操作以实现功能时,可将指纹操作指令发送至指纹处理模块,由指纹处理模块对指纹采集模块采集的指纹数据进行处理。When the Applet module needs to perform fingerprint operation to realize the function, it can send fingerprint operation instructions to the fingerprint processing module, and the fingerprint processing module processes the fingerprint data collected by the fingerprint collection module.
指纹操作指令包括:指纹验证指令、指纹添加指令和指纹删除指令,指纹处理模块根据指纹操作指令执行对应的指纹验证操作、指纹添加操作和指纹删除操作。The fingerprint operation instructions include: a fingerprint verification instruction, a fingerprint addition instruction, and a fingerprint deletion instruction. The fingerprint processing module executes the corresponding fingerprint verification operation, fingerprint addition operation, and fingerprint deletion operation according to the fingerprint operation instruction.
步骤S202、接收所述指纹处理模块根据所述指纹操作指令对指纹采集模块发送的指纹数据进行处理后返回的处理结果。Step S202: Receive a processing result returned by the fingerprint processing module after processing the fingerprint data sent by the fingerprint collection module according to the fingerprint operation instruction.
指纹处理模块根据指纹操作指令对指纹数据进行处理,得到对应的处理结果,并将处理结果返回Applet模块,Applet模块根据处理结果实现其功能。The fingerprint processing module processes the fingerprint data according to the fingerprint operation instruction, obtains the corresponding processing result, and returns the processing result to the Applet module, and the Applet module implements its function according to the processing result.
进一步地,在所述发送指纹操作指令至指纹处理模块之前还包括:Further, before sending the fingerprint operation instruction to the fingerprint processing module, the method further includes:
A1、与所述指纹处理模块协商生成协商密钥;A1. Negotiate with the fingerprint processing module to generate a negotiation key.
Applet模块和指纹处理模块预先进行协商可得到协商密钥,在协商生成协商密钥的过程中,Applet模块与指纹处理模块互相交换信息,假设Applet模块带有信息A,指纹处理模块带有信息B,Applet模块与指纹处理模块进行信息交换之后双方均持有信息A+B,Applet模块与指纹处理模块分别使用信息A+B调用安全接口生成协商密钥,由于输入安全接口的信息都是信息A+B,因此Applet模块与指纹处理模块分别生成的协商密钥为相同的密钥。The Applet module and the fingerprint processing module can obtain the negotiation key through pre-negotiation. During the process of generating the negotiation key through negotiation, the Applet module and the fingerprint processing module exchange information with each other. It is assumed that the Applet module carries information A and the fingerprint processing module carries information B. After the Applet module and the fingerprint processing module exchange information, both parties hold information A + B. The applet module and the fingerprint processing module respectively use the information A + B to call the secure interface to generate the negotiation key. Because the information entered into the secure interface is all information A + B, so the negotiation keys generated by the Applet module and the fingerprint processing module are the same key.
A2、使用协商密钥对所述指纹处理模块发送的认证信息进行加密,并将加密后的所述认证信息发送至所述指纹处理模块进行认证;A2. Use the negotiation key to encrypt the authentication information sent by the fingerprint processing module, and send the encrypted authentication information to the fingerprint processing module for authentication;
当Applet模块请求调用指纹处理模块时,指纹处理模块发送认证信息至Applet模块,Applet模块使用协商密钥对认证信息进行加密,并将加密后的认证信息发送至指纹处理模块进行认证,指纹处理模块使用协商密钥对加密后的认证信息进行解密,判断解密后的认证信息与指纹处理模块发送的认证信息是否一致,当两者一致时,认证成功,指纹处理模块发送认证成功的信息至Applet模块并与Applet模块建立会话,否则认证失败。When the Applet module requests to call the fingerprint processing module, the fingerprint processing module sends authentication information to the Applet module. The Applet module uses the negotiation key to encrypt the authentication information, and sends the encrypted authentication information to the fingerprint processing module for authentication. The fingerprint processing module The negotiated key is used to decrypt the encrypted authentication information to determine whether the decrypted authentication information is consistent with the authentication information sent by the fingerprint processing module. When the two are consistent, the authentication is successful, and the fingerprint processing module sends the authentication success information to the Applet module. And establish a session with the Applet module, otherwise authentication fails.
认证信息可以为随机生成的随机数。The authentication information may be a randomly generated random number.
协商密钥可采取持续化存储的存储方式进行存储,当指纹设备掉电时协商密钥不丢失,当指纹设备上电时,无需重新协商生成协商密钥。The negotiation key can be stored in a persistent storage mode. The negotiation key is not lost when the fingerprint device is powered off. When the fingerprint device is powered on, there is no need to renegotiate to generate a negotiation key.
进一步地,在所述将加密后的所述认证信息发送至所述指纹处理模块进行认证之后还包括:Further, after the sending the encrypted authentication information to the fingerprint processing module for authentication, the method further includes:
与所述指纹处理模块协商生成会话密钥。Negotiate with the fingerprint processing module to generate a session key.
为了进一步保证信息安全,Applet模块与指纹处理模块建立会话后,可协商生成会话密钥,会话密钥的生成方式可根据实际情况进行选择,例如,可以选择通过随机生成的方式生成会话密钥。To further ensure information security, after the Applet module establishes a session with the fingerprint processing module, a session key can be generated through negotiation. The method for generating the session key can be selected according to the actual situation. For example, the session key can be generated randomly.
会话密钥可采取临时存储的存储方式进行存储,当指纹设备掉电时会话密钥丢失,指纹设备上电时,需再次协商生成新的会话密钥。The session key can be stored in a temporary storage mode. When the fingerprint device is powered off, the session key is lost. When the fingerprint device is powered on, it is necessary to negotiate to generate a new session key.
进一步地,所述发送指纹操作指令至指纹处理模块具体包括:Further, the sending the fingerprint operation instruction to the fingerprint processing module specifically includes:
B1、通过所述会话密钥对所述指纹操作指令进行加密;B1. Encrypt the fingerprint operation instruction by using the session key.
协商生成会话密钥之后,Applet模块使用会话密钥对指纹操作指令进行加密。After the session key is generated through negotiation, the Applet module uses the session key to encrypt the fingerprint operation instruction.
B2、发送加密后的所述指纹操作指令至所述指纹处理模块。B2. Send the encrypted fingerprint operation instruction to the fingerprint processing module.
加密之后再将指纹操作指令发送至指纹处理模块,指纹处理模块对指纹操作指令进行解密,并在解密后根据指纹操作指令对指纹数据进行处理,返回处理结果至Applet模块,处理结果可包括:指纹操作指令无效、指纹数据无效、指纹验证成功、指纹验证失败、指纹添加成功、指纹添加失败、指纹删除成功和指纹删除失败等。After encryption, the fingerprint operation instruction is sent to the fingerprint processing module. The fingerprint processing module decrypts the fingerprint operation instruction, and then processes the fingerprint data according to the fingerprint operation instruction after decryption. The processing result is returned to the Applet module. The processing result may include: The operation instructions are invalid, the fingerprint data is invalid, the fingerprint verification succeeds, the fingerprint verification fails, the fingerprint addition succeeds, the fingerprint addition fails, the fingerprint deletion succeeds, and the fingerprint deletion fails.
本实施例二提供的指纹处理方法中,Applet模块可调用指纹处理模块对指纹采集模块采集的指纹数据进行处理,Applet模块自身不进行指纹操作,从而简化了开发工作,提高了开发效率和指纹验证功能的稳定性,解决了现有技术中各个Applet应用分别在Applet程序内部增加指纹操作的函数,导致了不同的Applet开发者之间的大量重复开发和资源浪费的问题。In the fingerprint processing method provided in the second embodiment, the Applet module can call the fingerprint processing module to process the fingerprint data collected by the fingerprint collection module. The Applet module does not perform fingerprint operation itself, thereby simplifying development work, improving development efficiency and fingerprint verification. The stability of the function solves the problem that each applet application in the prior art adds a fingerprint operation function inside the applet program, which causes a lot of repeated development and resource waste between different applet developers.
同时,为了保证Applet模块与指纹处理模块的通信安全,可以设置协商密钥和会话密钥。At the same time, in order to ensure the communication security between the Applet module and the fingerprint processing module, a negotiation key and a session key can be set.
通过协商密钥可以对Applet模块的身份进行识别,保证Applet模块安全调用指纹处理模块。The identity of the Applet module can be identified through the negotiation key, and the Applet module is guaranteed to call the fingerprint processing module securely.
通过会话密钥可对Applet模块发送的数据进行加密,避免Applet模块与指纹处理模块的通信过程被窃听时Applet模块发送的数据被恶意使用。The session key can be used to encrypt the data sent by the Applet module to prevent malicious use of the data sent by the Applet module when the communication process between the Applet module and the fingerprint processing module is eavesdropped.
应理解,上述实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。It should be understood that the size of the sequence numbers of the steps in the above embodiments does not mean the order of execution. The execution order of each process should be determined by its function and internal logic, and should not constitute any limitation on the implementation process of the embodiments of the present application.
实施例三:Embodiment three:
图3是本申请实施例三提供的指纹设备的示意图。如图3所示,该实施例的指纹设备3包括:处理器30、存储器31以及存储在所述存储器31中并可在所述处理器30上运行的计算机程序32。所述处理器30执行所述计算机程序32时实现上述指纹处理方法实施例中的步骤,例如图2所示的步骤S201至S202。FIG. 3 is a schematic diagram of a fingerprint device provided in Embodiment 3 of the present application. As shown in FIG. 3, the fingerprint device 3 of this embodiment includes a processor 30, a memory 31, and a computer program 32 stored in the memory 31 and executable on the processor 30. When the processor 30 executes the computer program 32, the steps in the embodiment of the fingerprint processing method are implemented, for example, steps S201 to S202 shown in FIG. 2.
所述指纹设备3可以是桌上型计算机、笔记本、掌上电脑及云端服务器等计算设备。所述指纹设备可包括,但不仅限于,处理器30、存储器31。本领域技术人员可以理解,图3仅仅是指纹设备3的示例,并不构成对指纹设备3的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件,例如所述指纹设备还可以包括输入输出设备、网络接入设备、总线等。The fingerprint device 3 may be a computing device such as a desktop computer, a notebook, a palmtop computer, and a cloud server. The fingerprint device may include, but is not limited to, a processor 30 and a memory 31. Those skilled in the art can understand that FIG. 3 is only an example of the fingerprint device 3, and does not constitute a limitation on the fingerprint device 3. It may include more or less components than shown in the figure, or combine some components, or different components. For example, the fingerprint device may further include an input / output device, a network access device, a bus, and the like.
所称处理器30可以是中央处理单元(Central Processing Unit,CPU),还可以是其他通用处理器、数字信号处理器 (Digital Signal Processor,DSP)、专用集成电路 (Application Specific Integrated Circuit,ASIC)、现成可编程门阵列 (Field-Programmable Gate Array,FPGA) 或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。The processor 30 may be a central processing unit (Central Processing Unit (CPU), or other general-purpose processors, digital signal processors (DSPs), and application-specific integrated circuits (Applications) Specific Integrated Circuit (ASIC), off-the-shelf Programmable Gate Array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. A general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
所述存储器31可以是所述指纹设备3的内部存储单元,例如指纹设备3的硬盘或内存。所述存储器31也可以是所述指纹设备3的外部存储设备,例如所述指纹设备3上配备的插接式硬盘,智能存储卡(Smart Media Card, SMC),安全数字(Secure Digital, SD)卡,闪存卡(Flash Card)等。进一步地,所述存储器31还可以既包括所述指纹设备3的内部存储单元也包括外部存储设备。所述存储器31用于存储所述计算机程序以及所述指纹设备所需的其他程序和数据。所述存储器31还可以用于暂时地存储已经输出或者将要输出的数据。The memory 31 may be an internal storage unit of the fingerprint device 3, such as a hard disk or a memory of the fingerprint device 3. The memory 31 may also be an external storage device of the fingerprint device 3, such as a plug-in hard disk, a smart media card (SMC), and a secure digital (SD) provided on the fingerprint device 3. 1. flash card Card) and so on. Further, the memory 31 may include both an internal storage unit of the fingerprint device 3 and an external storage device. The memory 31 is configured to store the computer program and other programs and data required by the fingerprint device. The memory 31 may also be used to temporarily store data that has been output or is to be output.
所属领域的技术人员可以清楚地了解到,为了描述的方便和简洁,仅以上述各功能单元、模块的划分进行举例说明,实际应用中,可以根据需要而将上述功能分配由不同的功能单元、模块完成,即将所述装置的内部结构划分成不同的功能单元或模块,以完成以上描述的全部或者部分功能。实施例中的各功能单元、模块可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中,上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。另外,各功能单元、模块的具体名称也只是为了便于相互区分,并不用于限制本申请的保护范围。上述系统中单元、模块的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that, for the convenience and brevity of the description, only the above-mentioned division of functional units and modules is used as an example. In practical applications, the above functions can be allocated by different functional units according to needs. Module completion, that is, dividing the internal structure of the device into different functional units or modules to complete all or part of the functions described above. Each functional unit and module in the embodiment may be integrated into one processing unit, or each unit may exist separately physically, or two or more units may be integrated into one unit. The integrated unit may be hardware. It can be implemented in the form of software functional units. In addition, the specific names of the functional units and modules are only for the convenience of distinguishing from each other, and are not used to limit the protection scope of the present application. For specific working processes of the units and modules in the foregoing system, reference may be made to corresponding processes in the foregoing method embodiments, and details are not described herein again.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述或记载的部分,可以参见其它实施例的相关描述。In the above embodiments, the description of each embodiment has its own emphasis. For a part that is not detailed or recorded in an embodiment, reference may be made to related descriptions of other embodiments.
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。Those of ordinary skill in the art may realize that the units and algorithm steps of each example described in connection with the embodiments disclosed herein can be implemented by electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the technical solution. Professional technicians can use different methods to implement the described functions for each specific application, but such implementation should not be considered to be beyond the scope of this application.
在本申请所提供的实施例中,应该理解到,所揭露的装置/指纹设备和方法,可以通过其它的方式实现。例如,以上所描述的装置/指纹设备实施例仅仅是示意性的,例如,所述模块或单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通讯连接可以是通过一些接口,装置或单元的间接耦合或通讯连接,可以是电性,机械或其它的形式。In the embodiments provided in this application, it should be understood that the disclosed devices / fingerprint devices and methods may be implemented in other ways. For example, the device / fingerprint device embodiments described above are only schematic. For example, the division of the modules or units is only a logical function division. In actual implementation, there may be another division manner, such as multiple units Or components can be combined or integrated into another system, or some features can be ignored or not implemented. In addition, the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, which may be electrical, mechanical or other forms.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, may be located in one place, or may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the objective of the solution of this embodiment.
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each of the units may exist separately physically, or two or more units may be integrated into one unit. The above integrated unit may be implemented in the form of hardware or in the form of software functional unit.
所述集成的模块/单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请实现上述实施例方法中的全部或部分流程,也可以通过计算机程序来指令相关的硬件来完成,所述的计算机程序可存储于一计算机可读存储介质中,该计算机程序在被处理器执行时,可实现上述各个方法实施例的步骤。其中,所述计算机程序包括计算机程序代码,所述计算机程序代码可以为源代码形式、对象代码形式、可执行文件或某些中间形式等。所述计算机可读介质可以包括:能够携带所述计算机程序代码的任何实体或装置、记录介质、U盘、移动硬盘、磁碟、光盘、计算机存储器、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、电载波信号、电信信号以及软件分发介质等。需要说明的是,所述计算机可读介质包含的内容可以根据司法管辖区内立法和专利实践的要求进行适当的增减,例如在某些司法管辖区,根据立法和专利实践,计算机可读介质不包括电载波信号和电信信号。When the integrated module / unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, this application implements all or part of the processes in the method of the above embodiment, and can also be completed by a computer program instructing related hardware. The computer program can be stored in a computer-readable storage medium. The computer When the program is executed by a processor, the steps of the foregoing method embodiments can be implemented. The computer program includes computer program code, and the computer program code may be in a source code form, an object code form, an executable file, or some intermediate form. The computer-readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a mobile hard disk, a magnetic disk, an optical disk, a computer memory, a read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), electric carrier signals, telecommunication signals, and software distribution media. It should be noted that the content contained in the computer-readable medium can be appropriately increased or decreased according to the requirements of legislation and patent practice in the jurisdictions. For example, in some jurisdictions, the computer-readable medium Excludes electric carrier signals and telecommunication signals.
以上所述实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围,均应包含在本申请的保护范围之内。The above-mentioned embodiments are only used to describe the technical solution of the present application, but are not limited thereto. Although the present application has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that they can still implement the foregoing implementations. The technical solutions described in the examples are modified, or some of the technical features are equivalently replaced; and these modifications or replacements do not deviate the essence of the corresponding technical solutions from the spirit and scope of the technical solutions of the embodiments of the application, and should be included in Within the scope of this application.

Claims (12)

  1. 一种指纹处理系统,其特征在于,包括:指纹采集模块、Applet模块和指纹处理模块;A fingerprint processing system, comprising: a fingerprint collection module, an applet module, and a fingerprint processing module;
    所述指纹采集模块用于采集指纹数据并将所述指纹数据发送至所述指纹处理模块;The fingerprint collection module is configured to collect fingerprint data and send the fingerprint data to the fingerprint processing module;
    所述指纹处理模块用于根据所述Applet模块的指纹操作指令对所述指纹数据进行处理,并将处理结果发送至所述Applet模块。The fingerprint processing module is configured to process the fingerprint data according to a fingerprint operation instruction of the Applet module, and send a processing result to the Applet module.
  2. 如权利要求1所述的一种指纹处理系统,其特征在于,所述Applet模块和所述指纹采集模块设置于指纹设备内;The fingerprint processing system according to claim 1, wherein the Applet module and the fingerprint collection module are disposed in a fingerprint device;
    所述指纹处理模块设置于所述指纹设备内,或者设置于与所述指纹设备连接的外部设备内。The fingerprint processing module is disposed in the fingerprint device or in an external device connected to the fingerprint device.
  3. 如权利要求2所述的一种指纹处理系统,其特征在于,所述指纹设备具体为Java智能卡或指纹Key。The fingerprint processing system according to claim 2, wherein the fingerprint device is a Java smart card or a fingerprint key.
  4. 一种指纹处理方法,其特征在于,包括:A fingerprint processing method, comprising:
    发送指纹操作指令至指纹处理模块;Send a fingerprint operation instruction to the fingerprint processing module;
    接收所述指纹处理模块根据所述指纹操作指令对指纹采集模块发送的指纹数据进行处理后返回的处理结果。Receive the processing result returned by the fingerprint processing module after processing the fingerprint data sent by the fingerprint collection module according to the fingerprint operation instruction.
  5. 如权利要求4所述的指纹处理方法,其特征在于,在发送指纹操作指令至指纹处理模块之前还包括:The fingerprint processing method according to claim 4, further comprising: before sending the fingerprint operation instruction to the fingerprint processing module:
    与所述指纹处理模块协商生成协商密钥;Negotiate with the fingerprint processing module to generate a negotiation key;
    使用协商密钥对所述指纹处理模块发送的认证信息进行加密,并将加密后的所述认证信息发送至所述指纹处理模块进行认证。Use the negotiation key to encrypt the authentication information sent by the fingerprint processing module, and send the encrypted authentication information to the fingerprint processing module for authentication.
  6. 如权利要求5所述的指纹处理方法,其特征在于,在所述与所述指纹处理模块协商生成协商密钥之后还包括:The fingerprint processing method according to claim 5, further comprising: after generating the negotiation key through negotiation with the fingerprint processing module:
    以持久化存储的存储方式对所述协商密钥进行存储。Storing the negotiation key in a persistent storage storage manner.
  7. 如权利要求5所述的指纹处理方法,其特征在于,在所述将加密后的所述认证信息发送至所述指纹处理模块进行认证之后还包括:The fingerprint processing method according to claim 5, further comprising: after sending the encrypted authentication information to the fingerprint processing module for authentication:
    与所述指纹处理模块协商生成会话密钥。Negotiate with the fingerprint processing module to generate a session key.
  8. 如权利要求7所述的指纹处理方法,其特征在于,所述发送指纹操作指令至指纹处理模块具体包括:The fingerprint processing method according to claim 7, wherein the sending a fingerprint operation instruction to the fingerprint processing module comprises:
    通过所述会话密钥对所述指纹操作指令进行加密;Encrypting the fingerprint operation instruction by using the session key;
    发送加密后的所述指纹操作指令至所述指纹处理模块。Sending the encrypted fingerprint operation instruction to the fingerprint processing module.
  9. 如权利要求7所述的指纹处理方法,其特征在于,在所述与所述指纹处理模块协商生成会话密钥之后还包括:The fingerprint processing method according to claim 7, further comprising: after generating a session key through negotiation with the fingerprint processing module:
    以临时存储的存储方式对所述会话密钥进行存储。The session key is stored in a temporarily stored storage manner.
  10. 如权利要求4至9中任一项所述的指纹处理方法,其特征在于,所述指纹操作指令包括:指纹验证指令、指纹添加指令和指纹删除指令。The fingerprint processing method according to any one of claims 4 to 9, wherein the fingerprint operation instruction comprises a fingerprint verification instruction, a fingerprint addition instruction, and a fingerprint deletion instruction.
  11. 一种指纹设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现如权利要求4至10任一项所述方法的步骤。A fingerprint device includes a memory, a processor, and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the computer program according to claims 4 to 4 when executing the computer program. 10 steps of the method of any of the ten.
  12. 一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现如权利要求4至10任一项所述方法的步骤。A computer-readable storage medium storing a computer program, wherein when the computer program is executed by a processor, the steps of the method according to any one of claims 4 to 10 are implemented.
PCT/CN2019/099655 2018-09-11 2019-08-07 Fingerprint processing system and method, and fingerprint device WO2020052383A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811059123.7 2018-09-11
CN201811059123.7A CN109324843B (en) 2018-09-11 2018-09-11 Fingerprint processing system and method and fingerprint equipment

Publications (1)

Publication Number Publication Date
WO2020052383A1 true WO2020052383A1 (en) 2020-03-19

Family

ID=65264849

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/099655 WO2020052383A1 (en) 2018-09-11 2019-08-07 Fingerprint processing system and method, and fingerprint device

Country Status (2)

Country Link
CN (1) CN109324843B (en)
WO (1) WO2020052383A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109324843B (en) * 2018-09-11 2020-12-11 深圳市文鼎创数据科技有限公司 Fingerprint processing system and method and fingerprint equipment
CN114257564B (en) * 2021-12-22 2024-03-26 山东小葱数字科技有限公司 Method and device for generating same fingerprint by different fingerprint computing systems

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016029761A1 (en) * 2014-08-28 2016-03-03 北京握奇智能科技有限公司 Secure intelligent terminal device and information processing method
CN107908940A (en) * 2017-11-06 2018-04-13 深圳市文鼎创数据科技有限公司 The method and terminal device of a kind of fingerprint recognition
CN108389049A (en) * 2018-01-08 2018-08-10 北京握奇智能科技有限公司 Identity identifying method, device and mobile terminal
CN109324843A (en) * 2018-09-11 2019-02-12 深圳市文鼎创数据科技有限公司 A kind of finger prints processing system, method and fingerprint equipment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8121955B2 (en) * 2003-01-16 2012-02-21 Oracle America, Inc. Signing program data payload sequence in program loading
CN101340285A (en) * 2007-07-05 2009-01-07 杭州中正生物认证技术有限公司 Method and system for identity authentication by finger print USBkey
CN108090341A (en) * 2017-12-15 2018-05-29 深圳市文鼎创数据科技有限公司 Java card control method and java card

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016029761A1 (en) * 2014-08-28 2016-03-03 北京握奇智能科技有限公司 Secure intelligent terminal device and information processing method
CN107908940A (en) * 2017-11-06 2018-04-13 深圳市文鼎创数据科技有限公司 The method and terminal device of a kind of fingerprint recognition
CN108389049A (en) * 2018-01-08 2018-08-10 北京握奇智能科技有限公司 Identity identifying method, device and mobile terminal
CN109324843A (en) * 2018-09-11 2019-02-12 深圳市文鼎创数据科技有限公司 A kind of finger prints processing system, method and fingerprint equipment

Also Published As

Publication number Publication date
CN109324843A (en) 2019-02-12
CN109324843B (en) 2020-12-11

Similar Documents

Publication Publication Date Title
US10846696B2 (en) Apparatus and method for trusted execution environment based secure payment transactions
US10073985B2 (en) Apparatus and method for trusted execution environment file protection
WO2018177124A1 (en) Service processing method and device, data sharing system and storage medium
CN107431924B (en) Device theft protection associating device identifiers with user identifiers
US20180103017A1 (en) Service processing method and electronic device
WO2020192698A1 (en) Data secure backup and secure recovery methods, and electronic device
US20140075502A1 (en) Resource management of execution environments
US20160314082A1 (en) Application access control method and electronic apparatus implementing the same
US11888980B2 (en) Stateless service-mediated security module
JP6552714B2 (en) Data processing method and system, and wearable electronic device
KR102030858B1 (en) Digital signing authority dependent platform secret
CN108400868B (en) Seed key storage method and device and mobile terminal
US20090089881A1 (en) Methods of licensing software programs and protecting them from unauthorized use
WO2020244068A1 (en) Image processing method and apparatus, electronic device, and storage medium
CN109635572A (en) A kind of contract signing method, apparatus and terminal device based on block chain
US20230379155A1 (en) Identity Information Processing Method, Device, and System
US9129098B2 (en) Methods of protecting software programs from unauthorized use
WO2020052383A1 (en) Fingerprint processing system and method, and fingerprint device
CN106788996A (en) A kind of operating system password remapping method and system
US20230198760A1 (en) Verified presentation of non-fungible tokens
CN112153038B (en) Method and device for secure login, authentication terminal and readable storage medium
US10462113B1 (en) Systems and methods for securing push authentications
WO2019178981A1 (en) Password management method and device employing customized rules, terminal apparatus, and storage medium
CN111259411B (en) Block chain management method, device, electronic equipment and readable storage medium
CN108171063A (en) Method, terminal and the computer readable storage medium of access safety element

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19860033

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 13.08.2021)

122 Ep: pct application non-entry in european phase

Ref document number: 19860033

Country of ref document: EP

Kind code of ref document: A1