WO2023093140A1 - Nfc card data read-write method and apparatus, electronic device and storage medium - Google Patents

Nfc card data read-write method and apparatus, electronic device and storage medium Download PDF

Info

Publication number
WO2023093140A1
WO2023093140A1 PCT/CN2022/112791 CN2022112791W WO2023093140A1 WO 2023093140 A1 WO2023093140 A1 WO 2023093140A1 CN 2022112791 W CN2022112791 W CN 2022112791W WO 2023093140 A1 WO2023093140 A1 WO 2023093140A1
Authority
WO
WIPO (PCT)
Prior art keywords
nfc card
nfc
chip
card data
written
Prior art date
Application number
PCT/CN2022/112791
Other languages
French (fr)
Chinese (zh)
Inventor
袁志翔
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2023093140A1 publication Critical patent/WO2023093140A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K17/00Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
    • G06K17/0003Automatic card files incorporating selecting, conveying and possibly reading and/or writing operations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K17/00Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations

Definitions

  • Embodiments of the present disclosure relate to the technical field of NFC, and in particular, to a method, device, electronic device, and storage medium for reading and writing NFC card data.
  • NFC Near Field Communication, short-range wireless communication technology
  • NFC is a wireless connection technology that provides easy, safe and rapid communication. Compared with other connection methods in the wireless world, NFC is a short-distance private communication method. It plays a huge role in the fields of access control, public transportation, and mobile payment.
  • NFC NFC analog cards
  • embodiments of the present disclosure provide a method, device, electronic device and storage medium for reading and writing NFC card data.
  • an embodiment of the present disclosure provides a method for reading and writing NFC card data, which is applied to an NFC mobile terminal, the NFC mobile terminal has a built-in SE chip, and the method includes:
  • the NFC card reading device When receiving the NFC card data reading request from the NFC card reading device, the NFC card reading device is authenticated by the SE chip, and after the NFC card reading device is authenticated, the NFC The card reading device sends the NFC card data.
  • an embodiment of the present disclosure provides a device for reading and writing NFC card data
  • the NFC mobile terminal has a built-in SE chip
  • the device includes:
  • Parsing module is configured to parse out the NFC card data to be written from the NFC card data write request when receiving the NFC card data write request;
  • a write module is configured to write the NFC card data to be written into the SE chip
  • the authentication module is configured to authenticate the NFC card reader through the SE chip when receiving the NFC card data reading request from the NFC card reader;
  • the sending module is configured to send the NFC card data to the NFC card reading device after the authentication of the NFC card reading device is passed.
  • an embodiment of the present disclosure provides an electronic device, including: a processor and a memory, the processor is used to execute the program for reading and writing the NFC card data stored in the memory, so as to realize any one of the first aspect The method for reading and writing the NFC card data.
  • an embodiment of the present disclosure provides a storage medium, the storage medium stores one or more programs, and the one or more programs can be executed by one or more processors to implement any A method for reading and writing NFC card data.
  • the NFC card data to be written is written into the SE chip through the NFC mobile terminal, and when the NFC card data reading request from the NFC card reading device is received, the NFC card is read through the SE chip
  • the device authenticates, and sends the NFC card data to the NFC card reader after the authentication is passed, so that when the NFC mobile terminal is close to the NFC card reader, the NFC card reader can obtain the NFC card data, which is useful in some applications.
  • realize the NFC card reader device to obtain personalized NFC card data, and then realize certain operations based on the personalized NFC card data, such as displaying the cover of the personalized NFC card, playing a personalized prompt sound, etc.
  • the NFC mobile terminal stores the NFC card data in the SE chip, and the SE chip has functions such as safe storage and data safe transmission, the method provided by the embodiments of the present disclosure can effectively guarantee the security of the NFC card data and prevent the NFC card data from being stolen. Malicious disclosure.
  • FIG. 1 is a schematic diagram of a system architecture involved in an embodiment of the present disclosure
  • Fig. 2 is the flow chart of an embodiment of a method for reading and writing NFC card data provided by an embodiment of the present disclosure
  • Fig. 3 is the embodiment flowchart of another kind of NFC card data reading and writing method provided by the embodiment of the present disclosure
  • Fig. 4 is the embodiment flowchart of another kind of NFC card data reading and writing method that the embodiment of the present disclosure provides;
  • Fig. 5 is the embodiment flowchart of another kind of NFC card data reading and writing method provided by the embodiment of the present disclosure
  • Fig. 6 is an embodiment flow chart of another method for reading and writing NFC card data provided by an embodiment of the present disclosure
  • FIG. 7 is a block diagram of an embodiment of a device for reading and writing NFC card data provided by an embodiment of the present disclosure
  • FIG. 8 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure.
  • FIG. 1 it is a schematic diagram of a system architecture involved in an embodiment of the present disclosure.
  • the system architecture shown in FIG. 1 includes: a mobile terminal 10 , a security server 20 , and a card reading device 30 .
  • the mobile terminal 10 has built-in NFC chip 11, SE (Secure Element, security unit) chip 12, security module 13, and upper layer application 14. It can be understood that the built-in NFC chip 11 in the mobile terminal 10 means that the mobile terminal 10 is equipped with an NFC function, that is, the mobile terminal 10 can interact with an NFC card reader device. Accordingly, the mobile terminal 10 is referred to as NFC in the following. mobile terminal 10.
  • the SE chip 12 may also be called a security unit or a security chip. It can include two parts: security hardware and security software, wherein the security hardware includes a secure operating environment, secure storage, security algorithms, security interfaces, etc., and the security software provides a secure interaction mechanism to ensure that commands and data between the SE chip 12 and the outside interaction security. Based on the SE chip 12, security functions such as secure processing, secure calculation, and secure storage of data can be performed, and functions such as device identity authentication, data encrypted transmission, and sensitive information protection can be realized.
  • the SE chip 12 can have multiple implementation forms, including but not limited to: being placed in the motherboard of the NFC mobile terminal 10 or in the NFC chip 11 as an embedded security chip, installed in the NFC mobile terminal as a payment type SD card On the terminal 10, installed on the NFC mobile terminal 10 as a SIM (Subscriber Identity Module) card or a UICC (Universal Integrated Circuit Card, communication integrated circuit card) card, etc.
  • SIM Subscriber Identity Module
  • UICC Universal Integrated Circuit Card, communication integrated circuit card
  • the security module 13 may be software or hardware, or may be implemented in a combination of software and hardware, which is not limited in the embodiments of the present disclosure. In the embodiment of the present disclosure, the security module 13 can be used to assist the interaction between the upper layer application 14 and the security server 20 , and assist the authentication between the SE chip 12 and the security server 20 or the card reading device 30 .
  • Upper layer applications 14 include applications that provide NFC card functions, such as wallet applications.
  • the security server 20 may be a single server, or may be a server cluster composed of multiple servers, and only one server is taken as an example in FIG. 1 . Further, the security server 20 may be a dedicated server configured to ensure information security, or may be another server integrated with an information security guarantee function, which is not limited in this embodiment of the present disclosure.
  • the card reading device 30 has a built-in NFC chip (not shown in the figure), which means that the card reading device 30 is equipped with an NFC reading function. Accordingly, the card reading device 30 is referred to below as It is an NFC card reader device 30 .
  • Fig. 1 the number of devices in Fig. 1 is only for illustration. According to actual needs, the system architecture 100 may include any number of networks and devices.
  • FIG. 2 it is a flow chart of an embodiment of a method for reading and writing NFC card data provided by an embodiment of the present disclosure.
  • this process can be applied to an NFC mobile terminal, such as the mobile terminal 10 shown in FIG. 1 .
  • the process may include the following steps:
  • Step 201 when the NFC mobile terminal receives the NFC card data writing request, it parses the NFC card data to be written from the NFC card data writing request, and writes the NFC card data to be written into the SE chip.
  • the user can initiate a data writing request to the NFC card through the upper-layer application 14 installed on the NFC mobile terminal 10.
  • the embodiment of the present disclosure is called Write request for NFC card data.
  • the NFC card data may include personalized data set by the user on the NFC card, such as card cover, card name, card prompt sound, and so on.
  • the upper-level application 14 can provide a visual interface for the user to input the NFC card data to be written, and after inputting the above-mentioned NFC card data, trigger the visual interface for indicating The button that initiates the NFC card data write request, such as "submit button”, "OK button”, etc.
  • the upper layer application 14 detects that the above-mentioned button is triggered, it can generate an NFC card data writing request, and the NFC card data writing request carries the NFC card data input by the user on the above-mentioned visual interface.
  • the NFC mobile terminal 10 When the NFC mobile terminal 10 receives the above-mentioned NFC card data writing request, it can parse out the NFC card data to be written, and then write the NFC card data to be written into the SE chip 12 .
  • the NFC mobile terminal 10 writes the NFC card data into the SE chip 12, which can effectively guarantee the security of the NFC card data, especially It is a scenario involving some personalized data, which can protect the user's private information from being leaked to the greatest extent.
  • the NFC mobile terminal 10 specifically writes the NFC card data to be written into the SE chip 12
  • the NFC card data As for how the NFC mobile terminal 10 specifically writes the NFC card data to be written into the SE chip 12, it will be explained in the embodiments shown in FIG. 3 and FIG. 4 below, and will not be described in detail here.
  • Step 202 when the NFC mobile terminal receives the NFC card data reading request from the NFC card reading device, it authenticates the NFC card reading device through the SE chip, and sends the NFC card data to the NFC card reading device after the authentication is passed .
  • the NFC card reader device 30 can initiate a read request for indicating to read NFC card data to the NFC mobile terminal 10 based on the NFC function. In the example, it is called NFC card data read request.
  • the NFC mobile terminal 10 When the NFC mobile terminal 10 receives the NFC card data reading request from the NFC card reading device 30, at first the NFC card reading device 30 is authenticated by the SE chip 12, to determine whether the NFC card reading device 30 has the ability to read the NFC card data of the NFC mobile terminal. 10 on the read authority of the simulated NFC card; Afterwards, when determining that the authentication passes through, that is, when determining that the NFC card reader 30 has the read authority to the simulated NFC card on the NFC mobile terminal 10, the NFC mobile terminal 10 will The NFC card data stored in the SE chip 12 is sent to the NFC card reading device 30 .
  • the SE chip can implement functions such as data encryption and transmission. Therefore, after the SE chip 12 determines that the authentication has passed, it can encrypt the stored NFC card data and send it to the NFC chip 11, and then the NFC The chip 11 forwards the encrypted NFC card data to the NFC card reading device 30 through the NFC function. Through this processing, it can be effectively guaranteed that the NFC card data will not be leaked during the transmission process.
  • the NFC mobile terminal 10 authenticates the NFC card reader device through the SE chip 12, and after the authentication is passed, sends the NFC card data stored in the SE chip 12 to the NFC card reader device 30, hereinafter through the figure
  • the embodiment shown in 6 is described, and will not be described in detail here.
  • steps 201 and 202 described above does not represent its necessary execution order.
  • the method for writing NFC card data or the method for reading NFC card data provided by the present disclosure can be used respectively.
  • the NFC card data to be written is written into the SE chip through the NFC mobile terminal, and when the NFC card data reading request from the NFC card reading device is received, the NFC card is read through the SE chip
  • the device authenticates, and sends the NFC card data to the NFC card reader after the authentication is passed, so that when the NFC mobile terminal is close to the NFC card reader, the NFC card reader can obtain the NFC card data, which is useful in some applications.
  • realize the NFC card reader device to obtain personalized NFC card data, and then realize certain operations based on the personalized NFC card data, such as displaying the cover of the personalized NFC card, playing a personalized prompt sound, etc.
  • the NFC mobile terminal stores the NFC card data in the SE chip, and the SE chip has functions such as safe storage and data safe transmission, the method provided by the embodiments of the present disclosure can effectively guarantee the security of the NFC card data and prevent the NFC card data from being stolen. Malicious disclosure.
  • FIG. 3 it is an embodiment flowchart of another kind of NFC card data reading and writing method that the embodiment of the present disclosure provides, and the flow process shown in this Fig. 3 can comprise the following steps on the basis of the flow process shown in above-mentioned Fig. 2:
  • Step 301 when the NFC mobile terminal receives the NFC card data writing request, it parses out the NFC card data to be written from the NFC card data writing request.
  • Step 302 the NFC mobile terminal authenticates the SE chip.
  • Step 303 after the NFC mobile terminal confirms that the SE chip is authenticated, writes the NFC card data to be written into the SE chip.
  • the NFC mobile terminal 10 can first authenticate the SE chip 12, and after confirming that the SE chip 12 has passed the authentication, then write the NFC The card data is written into the SE chip 12.
  • the security of the NFC card data can be further improved, and the NFC card data can be prevented from being wrongly written into the illegal SE chip 12 due to an illegal attack on the NFC mobile terminal 10, resulting in leakage of the NFC card data.
  • Step 304 when the NFC mobile terminal receives the NFC card data reading request from the NFC card reading device, it authenticates the NFC card reading device through the SE chip.
  • Step 305 after the NFC mobile terminal determines that the NFC card reader has passed the authentication, it sends the NFC card data to the NFC card reader.
  • step 301 As for the detailed description of step 301, step 304, and step 305, reference may be made to the relevant description in the embodiment shown in FIG. 2 above, and details are not repeated here.
  • the SE chip is authenticated by the NFC mobile terminal. After the authentication is passed, the NFC card data to be written is written into the SE chip.
  • the NFC card reader device is authenticated through the SE chip, and the NFC card data is sent to the NFC card reader device after the authentication is passed, so that when the NFC mobile terminal is close to the NFC card reader device, the NFC card reader The device can obtain NFC card data, which is to realize the NFC card reading device to obtain personalized NFC card data in some application scenarios, and then realize certain operations based on the personalized NFC card data, such as displaying the personalized NFC card cover, Playing personalized prompts, etc.
  • the NFC mobile terminal stores the NFC card data in the SE chip, and stores the NFC card data in the SE chip after the SE chip is authenticated, so , the method provided by the embodiment of the present disclosure can effectively guarantee the security of the NFC card data, and prevent the NFC card data from being maliciously leaked.
  • FIG. 4 it is an embodiment flow chart of another kind of NFC card data reading and writing method that the embodiment of the present disclosure provides, and the flow process shown in this Fig. 4 is based on the flow process shown in above-mentioned Fig. 2 and Fig.
  • a kind of realization mode that SE chip is authenticated may comprise the following steps:
  • Step 401 when the NFC mobile terminal receives the NFC card data writing request, it parses out the NFC card data to be written from the NFC card data writing request.
  • Step 402 the NFC mobile terminal sends the CPLC value of the SE chip and the data of the NFC card to the security server.
  • the CPLC value represents the ID of the SE chip, and each SE chip has a unique CPLC value.
  • the NFC mobile terminal 10 can encode the NFC card data according to the corresponding file format, assign a corresponding identification and upload it to the security server 20 .
  • the file format includes but is not limited to picture, text, audio and so on.
  • the identification can be used to characterize the type, quantity, etc. of the NFC card data.
  • Step 403 the security server authenticates the SE chip based on the CPLC value and using a preset authentication process.
  • the security server 20 can know which SE chip is to be authenticated. That is to say, the security server 20 authenticates the SE chip corresponding to the received CPLC value, such as the SE chip 12 . Wherein, the security server 20 can use a preset authentication process to authenticate the SE chip 12 corresponding to the received CPLC value.
  • the aforementioned preset authentication process is an authentication process defined by the GPC protocol.
  • GPC protocol For a specific authentication process, reference may be made to relevant descriptions in the prior art, and details are not repeated here.
  • step 404 the security server writes the NFC card data into the SE chip after determining that the SE chip has been authenticated.
  • the security server 20 After the security server 20 determines that the SE chip 12 is authenticated, it first issues a check instruction to the NFC mobile terminal 10, and the check instruction is used to instruct to check whether there is an NFC code to be written in the SE chip 12.
  • the target smart card application (applet) and security domain corresponding to the card data are used to instruct to check whether there is an NFC code to be written in the SE chip 12.
  • the security server 20 writes the NFC card data into the target smart card application program in the SE chip 12 .
  • the security server 20 can send a CAP data packet to the NFC mobile terminal 10, and the NFC mobile terminal 10 can instantiate the above-mentioned target smart card application in the SE chip 12 based on the CAP data packet. Afterwards, the security server 20 writes the NFC card data into the target smart card application program in the SE chip 12 .
  • CAP data packet refers to a file with a suffix of .cap, which can be understood as a logic code file written according to the JAVA CARD protocol.
  • an executable file called a smart card application can be generated by an instantiation instruction.
  • the smart card application is responsible for the data interaction logic with the card reader device.
  • the display interface of the upper layer application 14 can output a prompt message for prompting the user that the NFC card data is saved successfully.
  • FIG. 5 it is an embodiment flowchart of another kind of NFC card data reading and writing method that the embodiment of the present disclosure provides, and the flow process shown in this Fig. 5 is based on the flow process shown in above-mentioned Fig. 2 and Fig. 3, emphatically describes another
  • An implementation of authenticating an SE chip may include the following steps:
  • Step 501 when the NFC mobile terminal receives the NFC card data writing request, it parses out the NFC card data to be written from the NFC card data writing request.
  • Step 502 the NFC mobile terminal sends a key acquisition request to the security server, and the key acquisition request carries the CPLC value of the SE chip.
  • Step 503 the security server returns the SE chip key corresponding to the received CPLC value to the NFC mobile terminal.
  • Step 504 the NFC mobile terminal authenticates the SE chip based on the received SE chip key and uses a preset authentication process.
  • the SE chip keys mentioned above include but are not limited to ENC keys, MAC keys, DEK keys, etc.
  • the aforementioned preset authentication process is the same as the authentication process mentioned in the embodiment shown in FIG. 4 .
  • the security server 20 authenticates the SE chip 12 in the process shown in FIG. 4
  • the NFC mobile terminal 10 authenticates the SE chip 12 authentication. Accordingly, in the process shown in FIG. 4 , the NFC mobile terminal 10 first sends a key acquisition request to the security server 20 , and the key acquisition request carries the CPLC value of the SE chip 12 to request to acquire the SE chip key of the SE chip 12 . Afterwards, after receiving the key acquisition request, the security server 20 returns to the NFC mobile terminal 10 the SE chip key corresponding to the received CPLC value, that is, the key of the SE chip 12 . After that, the NFC mobile terminal 10 authenticates the SE chip 12 based on the received SE chip key and uses a preset authentication process.
  • Step 505 after the NFC mobile terminal confirms that the SE chip is authenticated, writes the NFC card data to be written into the SE chip.
  • the NFC mobile terminal 10 After the NFC mobile terminal 10 determines that the SE chip 12 is authenticated, it first checks whether there is a target smart card application program and a security domain corresponding to the NFC card data to be written in the SE chip 12 .
  • the NFC mobile terminal 10 writes the NFC card data into the target smart card application program in the SE chip 12 .
  • the NFC mobile terminal 10 can download the CAP data packet from the security server 20, then instantiate the above-mentioned target smart card application program in the SE chip 12 based on the CAP data packet, and then, the NFC mobile terminal 10 writes the NFC card data into the target smart card application in the SE chip 12.
  • the NFC mobile terminal authenticates its built-in SE chip.
  • FIG. 6 it is a flowchart of an embodiment of another method for reading and writing NFC card data provided by an embodiment of the present disclosure.
  • the process shown in Fig. 6 is based on the process shown in Fig. 2 above, emphatically describing the NFC mobile terminal at the same time.
  • the interaction process between NFC card readers may include the following steps:
  • Step 601 when the NFC mobile terminal receives the NFC card data write request, it parses the NFC card data to be written from the NFC card data write request, and writes the NFC card data to be written into the SE chip.
  • Step 602 When receiving the NFC card data reading request from the NFC card reading device, the NFC mobile terminal sends an acquisition request to the NFC card reading device.
  • the acquisition request above is used to instruct to acquire the valid contactless key of the target smart card application program stored in the NFC card reading device.
  • Step 603 the NFC mobile terminal receives a valid non-contact key from the NFC card reading device.
  • Step 604 the NFC mobile terminal compares the received effective non-connected key with the target effective non-connected key stored in the NFC mobile terminal, if the two are found to be consistent, step 605 is performed; if the two are found to be inconsistent, then end the process.
  • Step 605 the NFC mobile terminal determines that the authentication of the NFC card reading device is passed.
  • Step 606 the NFC mobile terminal sends the NFC card data to the NFC card reading device.
  • the effective contactless keys of different smart card application programs are different. If the NFC card reader device 30 holds the effective contactless key of the target smart card application program in the SE chip 12, it means that the NFC card reader device 30 applies the target smart card key to the target smart card. The program has read permissions. Therefore, the NFC mobile terminal 10 can authenticate the NFC card reader 30 by determining whether the NFC card reader 30 holds a valid contactless key of the target smart card application in the SE chip 12 .
  • the NFC card reader 30 can first send a select command to the NFC mobile terminal 10, and the select command is used to indicate the smart card where the NFC card data to be read is obtained.
  • the AID of the application wherein, the select command is received by the NFC chip 11 in the NFC mobile terminal 10 and passed to the SE chip 12 .
  • the SE chip 12 responds to the above select command, sends the AID of the smart card application program to the NFC chip 11 in the NFC mobile terminal 10 , and the NFC chip 11 transmits it to the NFC card reading device 30 .
  • the target smart card application program in the SE chip 12 can authenticate the NFC card reading device 30 .
  • the SE chip 12 sends an acquisition request to the NFC chip 11 through the target smart card application program, and the above acquisition request is used to indicate acquisition of the target effective contactless key of the target smart card application program stored in the NFC card reader device, and the NFC chip 11 will The acquisition request is passed to the NFC card reading device 30, so that the NFC card reading device 30 returns the corresponding valid contactless key based on the above-mentioned received AID.
  • the NFC mobile terminal 10 receives the effective non-contact key from the NFC card reading device 30, and compares the received effective non-contact key with the target effective non-connection key stored in the NFC mobile terminal 10, if the comparison results in If the two are consistent, step 605 is executed; if the two are not consistent, the process ends.
  • the above data interaction logic since only the NFC chip 11 and the SE chip 12 are required to participate, even if the NFC mobile terminal 10 is turned off, the above data interaction logic can be executed normally.
  • Step 605 the NFC mobile terminal determines that the authentication of the NFC card reading device is passed.
  • Step 606 the NFC mobile terminal sends the NFC card data to the NFC card reading device.
  • the NFC mobile terminal authenticates the NFC card reader device, so that only the authentication passes, that is, the legal NFC card reader device can obtain the NFC card data, effectively guaranteeing the NFC card data
  • the security can prevent NFC card data from being maliciously leaked.
  • FIG. 7 it is a block diagram of an embodiment of an NFC card data reading and writing device provided by an embodiment of the present disclosure.
  • the device can be applied to an NFC mobile terminal, and the NFC mobile terminal has a built-in SE chip.
  • the device includes: an analysis module 71 , a writing module 72 , an authentication module 73 and a sending module 74 .
  • the parsing module 71 is configured to parse out the NFC card data to be written from the NFC card data write request when receiving the NFC card data write request;
  • Writing module 72 is configured to write the NFC card data to be written into the SE chip
  • the authenticating module 73 is configured to authenticate the NFC card reading device by the SE chip when receiving the NFC card data reading request from the NFC card reading device;
  • the sending module 74 is configured to send the NFC card data to the NFC card reading device after the authentication of the NFC card reading device is passed.
  • the authentication module 73 is also used to: authenticate the SE chip before writing the NFC card data to be written into the SE chip;
  • the writing module 72 is configured to execute the step of writing the NFC card data to be written into the SE chip after it is determined that the SE chip is authenticated.
  • the authentication module 73 when the authentication module 73 authenticates the SE chip, it includes: sending the CPLC value of the SE chip to a security server, so that the security server And use the preset authentication process to authenticate the SE chip.
  • the writing module 72 is specifically used for:
  • the NFC card data to be written is sent to the security server, so that the security server will pass the NFC card data to be written by the security server after determining that the SE chip is authenticated. written to the SE chip.
  • the authentication module 73 includes (not shown in the figure):
  • a key acquisition unit configured to send a key acquisition request to a security server, the key acquisition request carrying the CPLC value of the SE chip, so that the security server returns the received CPLC value to the NFC mobile terminal Corresponding SE chip key;
  • the authentication unit is configured to authenticate the SE chip based on the received SE chip key and use a preset authentication process.
  • the writing module 72 includes:
  • a determination unit is configured to determine whether there is a smart card application program corresponding to the NFC card data to be written in the SE chip;
  • the writing unit is configured to write the NFC card data to be written into the target smart card application if it is determined that there is a target smart card application corresponding to the NFC card data to be written in the SE chip middle;
  • An acquisition unit configured to acquire a CAP data packet if it is determined that the target smart card application program does not exist in the SE chip;
  • the instantiation unit is configured to instantiate the target smart card application program on the SE chip based on the CAP data packet.
  • the authentication module 73 includes (not shown in the figure):
  • An acquisition unit configured to send an acquisition request to the NFC card reader, the acquisition request being used to indicate acquisition of the effective contactless key of the target smart card application stored in the NFC card reader;
  • a receiving unit configured to receive an effective non-contact key from the NFC card reading device
  • the comparison unit is configured to compare the received valid contactless key with the target valid contactless key of the target smart card application stored in the NFC mobile terminal;
  • the determining unit is configured to determine that the authentication of the NFC card reading device passes if the comparison shows that the two are consistent; if the comparison shows that the two are inconsistent, then it is determined that the authentication of the NFC card reading device fails.
  • FIG. 8 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure.
  • the electronic device 800 shown in FIG. 8 includes: at least one processor 801 , a memory 802 , at least one network interface 804 and other user interfaces 803 .
  • Various components in the electronic device 800 are coupled together through a bus system 805 .
  • the bus system 805 is used to realize connection and communication between these components.
  • the bus system 805 also includes a power bus, a control bus and a status signal bus.
  • the various buses are labeled as bus system 805 in FIG. 8 for clarity of illustration.
  • the user interface 803 may include a display, a keyboard or a pointing device (for example, a mouse, a trackball (trackball)), a touch panel or a touch screen, and the like.
  • a keyboard or a pointing device for example, a mouse, a trackball (trackball)
  • a touch panel or a touch screen and the like.
  • the memory 802 in the embodiment of the present disclosure may be a volatile memory or a nonvolatile memory, or may include both volatile and nonvolatile memories.
  • the non-volatile memory can be read-only memory (Read-OnlyMemory, ROM), programmable read-only memory (ProgrammableROM, PROM), erasable programmable read-only memory (ErasablePROM, EPROM), electrically erasable Programming read-only memory (Electrically EPROM, EEPROM) or flash memory.
  • the volatile memory may be random access memory (Random Access Memory, RAM), which acts as an external cache.
  • RAM Static RAM
  • DRAM Dynamic RAM
  • DRAM Synchronous DRAM
  • SDRAM Double Data Rate Synchronous Dynamic Random Access Memory
  • DoubleDataRate SDRAM DDRSDRAM
  • Enhanced Synchronous Dynamic Random Access Memory Enhanced SDRAM, ESDRAM
  • Synchronous Connection Dynamic Random Access Memory Synchronous Connection Dynamic Random Access Memory
  • DirectRambusRAM Direct Memory Bus Random Access Memory Access memory
  • the memory 802 stores the following elements, executable units or data structures, or their subsets, or their extended sets: an operating system 8021 and an application program 8022 .
  • the operating system 8021 includes various system programs, such as framework layer, core library layer, driver layer, etc., which are set to realize various basic services and handle hardware-based tasks.
  • the application program 8022 includes various application programs, such as a media player (MediaPlayer), a browser (Browser), etc., and is configured to implement various application services. Programs for realizing the methods of the embodiments of the present disclosure may be included in the application program 8022 .
  • the processor 801 by calling the program or instruction stored in the memory 802, specifically, the program or instruction stored in the application program 8022, the processor 801 is used to execute the method steps provided by each method embodiment, for example including :
  • the NFC card reading device When receiving the NFC card data reading request from the NFC card reading device, the NFC card reading device is authenticated by the SE chip, and after the NFC card reading device is authenticated, the NFC The card reading device sends the NFC card data.
  • the methods disclosed in the foregoing embodiments of the present disclosure may be applied to the processor 801 or implemented by the processor 801 .
  • the processor 801 may be an integrated circuit chip with signal processing capability. In the implementation process, each step of the above method may be completed by an integrated logic circuit of hardware in the processor 801 or instructions in the form of software.
  • the above-mentioned processor 801 may be a general-purpose processor, a digital signal processor (Digital Signal Processor, DSP), an application-specific integrated circuit (Application Specific Integrated Circuit, ASIC), an off-the-shelf programmable gate array (Field Programmable Gate Array, FPGA) or other programmable logic devices, discrete gates or Transistor logic devices, discrete hardware components.
  • DSP Digital Signal Processor
  • ASIC Application Specific Integrated Circuit
  • FPGA Field Programmable Gate Array
  • a general-purpose processor may be a microprocessor, or the processor may be any conventional processor, or the like.
  • the steps of the methods disclosed in the embodiments of the present disclosure may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software units in the decoding processor.
  • the software unit may be located in a mature storage medium in the field such as random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, register.
  • the storage medium is located in the memory 802, and the processor 801 reads the information in the memory 802, and completes the steps of the above method in combination with its hardware.
  • the processing unit can be implemented in one or more application specific integrated circuits (Application Specific Integrated Circuits, ASIC), digital signal processor (Digital Signal Processing, DSP), digital signal processing device (DSP Device, DSPD), programmable Logic device (Programmable Logic Device, PLD), Field-Programmable Gate Array (Field-Programmable Gate Array, FPGA), general-purpose processor, controller, microcontroller, microprocessor, other devices used to perform the functions described in this application electronic unit or its combination.
  • ASIC Application Specific Integrated Circuits
  • DSP Digital Signal Processing
  • DSP Device digital signal processing device
  • DSPD digital signal processing device
  • PLD programmable Logic Device
  • Field-Programmable Gate Array Field-Programmable Gate Array
  • FPGA Field-Programmable Gate Array
  • the electronic device provided by this embodiment can be an electronic device as shown in Figure 8, which can perform all the steps of the method for reading and writing NFC card data in Figure 2-6, and then realize the reading of NFC card data in Figure 2-6
  • the relevant descriptions in Figure 2-6 for details, which are not described here for brevity.
  • the embodiment of the present disclosure also provides a storage medium (computer-readable storage medium).
  • the storage medium here stores one or more programs.
  • the storage medium may include a volatile memory, such as a random access memory; the memory may also include a non-volatile memory, such as a read-only memory, a flash memory, a hard disk or a solid-state disk; the memory may also include the above-mentioned types of memory combination.
  • One or more programs in the storage medium can be executed by one or more processors, so as to realize the above method for reading and writing NFC card data executed on the electronic device side.
  • the processor is used to execute the read-write program of the NFC card data stored in the memory, so as to realize the following steps in the read-write method of the NFC card data performed on the electronic device side:
  • the NFC card reading device When receiving the NFC card data reading request from the NFC card reading device, the NFC card reading device is authenticated by the SE chip, and after the NFC card reading device is authenticated, the NFC The card reading device sends the NFC card data.
  • RAM random access memory
  • ROM read-only memory
  • EEPROM electrically programmable ROM
  • EEPROM electrically erasable programmable ROM
  • registers hard disk, removable disk, CD-ROM, or any other Any other known storage medium.

Abstract

The present disclosure relates to an NFC card data read-write method and apparatus, an electronic device, and a storage medium. The method comprises: when receiving an NFC card data write request, an NFC mobile terminal analyzing NFC card data to be written from the NFC card data write request, and writing said NFC card data into a built-in SE chip; when receiving an NFC card data read request from an NFC card reading device, authenticating the NFC card reading device by means of the SE chip, and sending the NFC card data to the NFC card reading device after the authentication is passed.

Description

NFC卡片数据的读写方法、装置、电子设备及存储介质NFC card data reading and writing method, device, electronic equipment and storage medium
本公开要求于2021年11月29日提交中国专利局、申请号为202111447166.4、发明名称“NFC卡片数据的读写方法、装置、电子设备及存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本公开中。This disclosure claims the priority of the Chinese patent application with the application number 202111447166.4 and the invention title "NFC card data reading and writing method, device, electronic equipment and storage medium" submitted to the China Patent Office on November 29, 2021, and its entire content Incorporated by reference in this disclosure.
技术领域technical field
本公开实施例涉及NFC技术领域,尤其涉及一种NFC卡片数据的读写方法、装置、电子设备及存储介质。Embodiments of the present disclosure relate to the technical field of NFC, and in particular, to a method, device, electronic device, and storage medium for reading and writing NFC card data.
背景技术Background technique
NFC(Near Field Communication,近距离无线通讯技术)是一种提供轻松、安全、迅速的通信的无线连接技术,与无线世界中的其他连接方式相比,NFC是一种近距离的私密通信方式,在门禁、公交、手机支付等领域内发挥着巨大的作用。NFC (Near Field Communication, short-range wireless communication technology) is a wireless connection technology that provides easy, safe and rapid communication. Compared with other connection methods in the wireless world, NFC is a short-distance private communication method. It plays a huge role in the fields of access control, public transportation, and mobile payment.
随着NFC模拟卡片(简称NFC)卡片在上述领域的应用以及个性化时代的逐步发展,越来越多的用户选择对NFC卡片进行个性化设置,例如设置卡片名称、个性化封面、个性化提示音等。With the application of NFC analog cards (referred to as NFC) cards in the above fields and the gradual development of the era of personalization, more and more users choose to personalize NFC cards, such as setting card names, personalized covers, and personalized reminders. sound etc.
然而,在现有技术中,上述个性化设置仅仅能够对用户自身可见,而无法被读卡设备读取,从而无法在用户“刷卡”时发挥出个性化应用价值。However, in the prior art, the above-mentioned personalized settings can only be seen by the user himself, but cannot be read by the card reading device, so that the personalized application value cannot be exerted when the user "swipes the card".
发明内容Contents of the invention
鉴于此,为解决上述的技术问题,本公开实施例提供一种NFC卡片数据的读写方法、装置、电子设备及存储介质。In view of this, in order to solve the above technical problems, embodiments of the present disclosure provide a method, device, electronic device and storage medium for reading and writing NFC card data.
第一方面,本公开实施例提供一种NFC卡片数据的读写方法,应用于NFC移动终端,所述NFC移动终端内置有SE芯片,所述方法包括:In the first aspect, an embodiment of the present disclosure provides a method for reading and writing NFC card data, which is applied to an NFC mobile terminal, the NFC mobile terminal has a built-in SE chip, and the method includes:
当接收到NFC卡片数据写入请求时,从所述NFC卡片数据写入请求中解析出待写入的NFC卡片数据,将所述待写入的NFC卡片数据写入所述SE芯片;When receiving the NFC card data writing request, parse the NFC card data to be written from the NFC card data writing request, and write the NFC card data to be written into the SE chip;
当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过所述SE芯片对所述NFC读卡设备进行鉴权,并在对所述NFC读卡设备鉴权通过后向所述NFC读卡设备发送所述NFC卡片数据。When receiving the NFC card data reading request from the NFC card reading device, the NFC card reading device is authenticated by the SE chip, and after the NFC card reading device is authenticated, the NFC The card reading device sends the NFC card data.
第二方面,本公开实施例提供一种NFC卡片数据的读写装置,所述NFC移动终端内置有SE芯片,所述装置包括:In a second aspect, an embodiment of the present disclosure provides a device for reading and writing NFC card data, the NFC mobile terminal has a built-in SE chip, and the device includes:
解析模块,设置为当接收到NFC卡片数据写入请求时,从所述NFC卡片数据写入请求中解析出待写入的NFC卡片数据;Parsing module is configured to parse out the NFC card data to be written from the NFC card data write request when receiving the NFC card data write request;
写入模块,设置为将所述待写入的NFC卡片数据写入所述SE芯片;A write module is configured to write the NFC card data to be written into the SE chip;
鉴权模块,设置为当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过所述SE芯片对所述NFC读卡设备进行鉴权;The authentication module is configured to authenticate the NFC card reader through the SE chip when receiving the NFC card data reading request from the NFC card reader;
发送模块,设置为在对所述NFC读卡设备鉴权通过后向所述NFC读卡设备发送所述 NFC卡片数据。The sending module is configured to send the NFC card data to the NFC card reading device after the authentication of the NFC card reading device is passed.
第三方面,本公开实施例提供一种电子设备,包括:处理器和存储器,所述处理器用于执行所述存储器中存储的NFC卡片数据的读写程序,以实现第一方面中任一项所述的NFC卡片数据的读写方法。In a third aspect, an embodiment of the present disclosure provides an electronic device, including: a processor and a memory, the processor is used to execute the program for reading and writing the NFC card data stored in the memory, so as to realize any one of the first aspect The method for reading and writing the NFC card data.
第四方面,本公开实施例提供一种存储介质,所述存储介质存储有一个或者多个程序,所述一个或者多个程序可被一个或者多个处理器执行,以实现第一方面中任一项所述的NFC卡片数据的读写方法。In a fourth aspect, an embodiment of the present disclosure provides a storage medium, the storage medium stores one or more programs, and the one or more programs can be executed by one or more processors to implement any A method for reading and writing NFC card data.
本公开实施例提供的技术方案,通过NFC移动终端将待写入的NFC卡片数据写入SE芯片,当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过SE芯片对NFC读卡设备进行鉴权,并在鉴权通过后向NFC读卡设备发送NFC卡片数据,实现了在NFC移动终端贴近NFC读卡设备时,NFC读卡设备能够获取到NFC卡片数据,这为在一些应用场景下,实现NFC读卡设备获取个性化的NFC卡片数据,进而基于个性化的NFC卡片数据实现某些操作,例如显示个性化NFC卡片封面、播放个性化提示音等提供了技术基础;并且,由于NFC移动终端将NFC卡片数据存储在SE芯片中,而SE芯片具备安全存储、数据安全传输等功能,因此,本公开实施例提供的方法能够有效保障NFC卡片数据的安全,防止NFC卡片数据被恶意泄露。In the technical solution provided by the embodiments of the present disclosure, the NFC card data to be written is written into the SE chip through the NFC mobile terminal, and when the NFC card data reading request from the NFC card reading device is received, the NFC card is read through the SE chip The device authenticates, and sends the NFC card data to the NFC card reader after the authentication is passed, so that when the NFC mobile terminal is close to the NFC card reader, the NFC card reader can obtain the NFC card data, which is useful in some applications. In the scenario, realize the NFC card reader device to obtain personalized NFC card data, and then realize certain operations based on the personalized NFC card data, such as displaying the cover of the personalized NFC card, playing a personalized prompt sound, etc. to provide a technical basis; and, Since the NFC mobile terminal stores the NFC card data in the SE chip, and the SE chip has functions such as safe storage and data safe transmission, the method provided by the embodiments of the present disclosure can effectively guarantee the security of the NFC card data and prevent the NFC card data from being stolen. Malicious disclosure.
附图说明Description of drawings
图1为本公开实施例涉及的一种系统架构示意图;FIG. 1 is a schematic diagram of a system architecture involved in an embodiment of the present disclosure;
图2为本公开实施例提供的一种NFC卡片数据的读写方法的实施例流程图;Fig. 2 is the flow chart of an embodiment of a method for reading and writing NFC card data provided by an embodiment of the present disclosure;
图3为本公开实施例提供的另一种NFC卡片数据的读写方法的实施例流程图;Fig. 3 is the embodiment flowchart of another kind of NFC card data reading and writing method provided by the embodiment of the present disclosure;
图4为本公开实施例提供的又一种NFC卡片数据的读写方法的实施例流程图;Fig. 4 is the embodiment flowchart of another kind of NFC card data reading and writing method that the embodiment of the present disclosure provides;
图5为本公开实施例提供的再一种NFC卡片数据的读写方法的实施例流程图;Fig. 5 is the embodiment flowchart of another kind of NFC card data reading and writing method provided by the embodiment of the present disclosure;
图6为本公开实施例提供的再一种NFC卡片数据的读写方法的实施例流程图;Fig. 6 is an embodiment flow chart of another method for reading and writing NFC card data provided by an embodiment of the present disclosure;
图7为本公开实施例提供的一种NFC卡片数据的读写装置的实施例框图;7 is a block diagram of an embodiment of a device for reading and writing NFC card data provided by an embodiment of the present disclosure;
图8为本公开实施例提供的一种电子设备的结构示意图。FIG. 8 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure.
具体实施方式Detailed ways
为使本公开实施例的目的、技术方案和优点更加清楚,下面将结合本公开实施例中的附图,对本公开实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本公开一部分实施例,而不是全部的实施例。基于本公开中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本公开保护的范围。In order to make the purpose, technical solutions and advantages of the embodiments of the present disclosure clearer, the technical solutions in the embodiments of the present disclosure will be clearly and completely described below in conjunction with the drawings in the embodiments of the present disclosure. Obviously, the described embodiments It is a part of the embodiments of the present disclosure, but not all of them. Based on the embodiments in the present disclosure, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present disclosure.
为便于理解本公开实施例,下面首先对本公开实施例涉及的系统架构做出示例性说明。In order to facilitate understanding of the embodiments of the present disclosure, an exemplary description of the system architecture involved in the embodiments of the present disclosure is firstly described below.
参见图1,为本公开实施例涉及的一种系统架构示意图。如图1所示的系统架构中包括:移动终端10、安全服务器20,以及读卡设备30。Referring to FIG. 1 , it is a schematic diagram of a system architecture involved in an embodiment of the present disclosure. The system architecture shown in FIG. 1 includes: a mobile terminal 10 , a security server 20 , and a card reading device 30 .
其中,移动终端10内置有NFC芯片11、SE(Secure Element,安全单元)芯片12、安全模块13,以及上层应用14。可以理解的是,移动终端10内置有NFC芯片11则意味着移动终端10配备有NFC功能,也即移动终端10能够与NFC读卡设备进行交互,据此,下述将移动终端10称为NFC移动终端10。Wherein, the mobile terminal 10 has built-in NFC chip 11, SE (Secure Element, security unit) chip 12, security module 13, and upper layer application 14. It can be understood that the built-in NFC chip 11 in the mobile terminal 10 means that the mobile terminal 10 is equipped with an NFC function, that is, the mobile terminal 10 can interact with an NFC card reader device. Accordingly, the mobile terminal 10 is referred to as NFC in the following. mobile terminal 10.
SE芯片12,也可称为安全单元或者安全芯片。可包括安全硬件和安全软件两个部分,其中,安全硬件包括安全的运行环境、安全存储、安全算法、安全接口等,安全软件提供安全的交互机制,确保SE芯片12与外部之间命令和数据的交互安全。基于SE芯片12对数据进行安全处理、安全计算、安全存储等安全功能,可实现设备的身份认证,数 据加密传输、敏感信息保护等功能。The SE chip 12 may also be called a security unit or a security chip. It can include two parts: security hardware and security software, wherein the security hardware includes a secure operating environment, secure storage, security algorithms, security interfaces, etc., and the security software provides a secure interaction mechanism to ensure that commands and data between the SE chip 12 and the outside interaction security. Based on the SE chip 12, security functions such as secure processing, secure calculation, and secure storage of data can be performed, and functions such as device identity authentication, data encrypted transmission, and sensitive information protection can be realized.
可选的,SE芯片12可具有多种实现形式,包括但不限于:作为一个嵌入式安全芯片置于NFC移动终端10的主板中或者NFC芯片11中、作为一个支付型SD卡安装于NFC移动终端10上、作为SIM(Subscriber Identity Module,用户身份识别模块)卡或者UICC(Universal Integrated Circuit Card,通信集成电路卡)卡安装于NFC移动终端10上、等等。Optionally, the SE chip 12 can have multiple implementation forms, including but not limited to: being placed in the motherboard of the NFC mobile terminal 10 or in the NFC chip 11 as an embedded security chip, installed in the NFC mobile terminal as a payment type SD card On the terminal 10, installed on the NFC mobile terminal 10 as a SIM (Subscriber Identity Module) card or a UICC (Universal Integrated Circuit Card, communication integrated circuit card) card, etc.
安全模块13可以为软件,也可以为硬件,还可以采取软件、硬件相结合的形式实现,本公开实施例对此不做限制。本公开实施例中,安全模块13可用于协助上层应用14与安全服务器20之间的交互,以及协助SE芯片12与安全服务器20或者读卡设备30之间的鉴权。The security module 13 may be software or hardware, or may be implemented in a combination of software and hardware, which is not limited in the embodiments of the present disclosure. In the embodiment of the present disclosure, the security module 13 can be used to assist the interaction between the upper layer application 14 and the security server 20 , and assist the authentication between the SE chip 12 and the security server 20 or the card reading device 30 .
上层应用14包括提供NFC卡片功能的应用,例如钱包应用。Upper layer applications 14 include applications that provide NFC card functions, such as wallet applications.
安全服务器20可以是单独的一台服务器,也可以是由多台服务器组成的服务器集群,图1中仅以一台服务器为例。进一步的,安全服务器20可以是专门的,设置为保障信息安全的服务器,也可以是集成有信息安全保障功能的其他服务器,本公开实施例对此不做限制。The security server 20 may be a single server, or may be a server cluster composed of multiple servers, and only one server is taken as an example in FIG. 1 . Further, the security server 20 may be a dedicated server configured to ensure information security, or may be another server integrated with an information security guarantee function, which is not limited in this embodiment of the present disclosure.
与NFC移动终端10相应的,读卡设备30内置有NFC芯片(图中未示出),这则意味着读卡设备30配置有NFC读取功能,据此,下述将读卡设备30称为NFC读卡设备30。Corresponding to the NFC mobile terminal 10, the card reading device 30 has a built-in NFC chip (not shown in the figure), which means that the card reading device 30 is equipped with an NFC reading function. Accordingly, the card reading device 30 is referred to below as It is an NFC card reader device 30 .
可以理解的是,图1中设备的数目仅是示意。根据实际需要,系统架构100可以包括任意数目的网络和设备。It can be understood that the number of devices in Fig. 1 is only for illustration. According to actual needs, the system architecture 100 may include any number of networks and devices.
下面基于图1所示系统架构并结合附图以具体实施例对本公开提供的NFC卡片数据的读写方法做出解释说明,实施例并不构成对本公开实施例的限定。The method for reading and writing NFC card data provided by the present disclosure is explained below with specific embodiments based on the system architecture shown in FIG. 1 and in conjunction with the accompanying drawings. The embodiments do not constitute limitations on the embodiments of the present disclosure.
参见图2,为本公开实施例提供的一种NFC卡片数据的读写方法的实施例流程图。作为一个实施例,该流程可应用于NFC移动终端,例如图1中所示例的移动终端10。如图2所示,该流程可包括以下步骤:Referring to FIG. 2 , it is a flow chart of an embodiment of a method for reading and writing NFC card data provided by an embodiment of the present disclosure. As an embodiment, this process can be applied to an NFC mobile terminal, such as the mobile terminal 10 shown in FIG. 1 . As shown in Figure 2, the process may include the following steps:
步骤201、NFC移动终端当接收到NFC卡片数据写入请求时,从NFC卡片数据写入请求中解析出待写入的NFC卡片数据,将待写入的NFC卡片数据写入SE芯片。 Step 201, when the NFC mobile terminal receives the NFC card data writing request, it parses the NFC card data to be written from the NFC card data writing request, and writes the NFC card data to be written into the SE chip.
以图1所示系统架构100为例,在一些实施例中,用户可通过NFC移动终端10上安装的上层应用14发起对NFC卡片的数据写入请求,为描述方便,本公开实施例中称为NFC卡片数据写入请求。这里,NFC卡片数据可以包括用户对NFC卡片设置的个性化数据,例如卡片封面、卡片名称、卡片提示音、等等。Taking the system architecture 100 shown in FIG. 1 as an example, in some embodiments, the user can initiate a data writing request to the NFC card through the upper-layer application 14 installed on the NFC mobile terminal 10. For the convenience of description, the embodiment of the present disclosure is called Write request for NFC card data. Here, the NFC card data may include personalized data set by the user on the NFC card, such as card cover, card name, card prompt sound, and so on.
具体的,作为一个可选的实现方式,上层应用14可提供一个可视化界面,以供用户输入待写入的NFC卡片数据,并在输入上述NFC卡片数据后,触发该可视化界面上的用于指示发起NFC卡片数据写入请求的按钮,例如“提交按钮”、“确定按钮”等。上层应用14在检测到上述按钮被触发时,可生成NFC卡片数据写入请求,并且该NFC卡片数据写入请求携带用户在上述可视化界面上输入的NFC卡片数据。Specifically, as an optional implementation, the upper-level application 14 can provide a visual interface for the user to input the NFC card data to be written, and after inputting the above-mentioned NFC card data, trigger the visual interface for indicating The button that initiates the NFC card data write request, such as "submit button", "OK button", etc. When the upper layer application 14 detects that the above-mentioned button is triggered, it can generate an NFC card data writing request, and the NFC card data writing request carries the NFC card data input by the user on the above-mentioned visual interface.
NFC移动终端10在接收到上述NFC卡片数据写入请求时,可从中解析出待写入的NFC卡片数据,然后将待写入的NFC卡片数据写入SE芯片12。When the NFC mobile terminal 10 receives the above-mentioned NFC card data writing request, it can parse out the NFC card data to be written, and then write the NFC card data to be written into the SE chip 12 .
由上述描述可知,基于SE芯片可对数据进行安全存储,实现敏感信息包含等功能,因此,NFC移动终端10将NFC卡片数据写入SE芯片12中,能够有效保障NFC卡片数据的安全性,尤其是涉及到一些个性化数据的场景下,能够最大限度地保护用户隐私信息不被泄露。As can be seen from the above description, based on the SE chip, data can be safely stored, and functions such as sensitive information inclusion can be realized. Therefore, the NFC mobile terminal 10 writes the NFC card data into the SE chip 12, which can effectively guarantee the security of the NFC card data, especially It is a scenario involving some personalized data, which can protect the user's private information from being leaked to the greatest extent.
至于NFC移动终端10具体是如何将待写入的NFC卡片数据写入SE芯片12的,在下文图3和图4所示实施例中进行解释,这里暂不详述。As for how the NFC mobile terminal 10 specifically writes the NFC card data to be written into the SE chip 12, it will be explained in the embodiments shown in FIG. 3 and FIG. 4 below, and will not be described in detail here.
步骤202、NFC移动终端当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过SE芯片对NFC读卡设备进行鉴权,并在鉴权通过后向NFC读卡设备发送NFC卡片数据。 Step 202, when the NFC mobile terminal receives the NFC card data reading request from the NFC card reading device, it authenticates the NFC card reading device through the SE chip, and sends the NFC card data to the NFC card reading device after the authentication is passed .
本公开实施例中,当NFC移动终端10贴近NFC读卡设备30时,NFC读卡设备30可 基于NFC功能向NFC移动终端10发起用于指示读取NFC卡片数据的读取请求,本公开实施例中称为NFC卡片数据读取请求。In the embodiment of the present disclosure, when the NFC mobile terminal 10 is close to the NFC card reader device 30, the NFC card reader device 30 can initiate a read request for indicating to read NFC card data to the NFC mobile terminal 10 based on the NFC function. In the example, it is called NFC card data read request.
NFC移动终端10在接收到来自NFC读卡设备30的NFC卡片数据读取请求时,首先通过SE芯片12对NFC读卡设备30进行鉴权,以确定NFC读卡设备30是否具备对NFC移动终端10上模拟的NFC卡片的读取权限;之后,当确定鉴权通过,也即确定NFC读卡设备30具备对NFC移动终端10上模拟的NFC卡片的读取权限时,NFC移动终端10再将SE芯片12中存储的NFC卡片数据发送给NFC读卡设备30。When the NFC mobile terminal 10 receives the NFC card data reading request from the NFC card reading device 30, at first the NFC card reading device 30 is authenticated by the SE chip 12, to determine whether the NFC card reading device 30 has the ability to read the NFC card data of the NFC mobile terminal. 10 on the read authority of the simulated NFC card; Afterwards, when determining that the authentication passes through, that is, when determining that the NFC card reader 30 has the read authority to the simulated NFC card on the NFC mobile terminal 10, the NFC mobile terminal 10 will The NFC card data stored in the SE chip 12 is sent to the NFC card reading device 30 .
可选的,由上述描述可知,SE芯片可实现数据加密传输等功能,因此,SE芯片12在确定鉴权通过后,可将存储的NFC卡片数据进行加密后发送给NFC芯片11,再由NFC芯片11通过NFC功能将加密后的NFC卡片数据转发给NFC读卡设备30。通过该种处理,可以有效保障NFC卡片数据在传输过程中不被泄露。Optionally, it can be seen from the above description that the SE chip can implement functions such as data encryption and transmission. Therefore, after the SE chip 12 determines that the authentication has passed, it can encrypt the stored NFC card data and send it to the NFC chip 11, and then the NFC The chip 11 forwards the encrypted NFC card data to the NFC card reading device 30 through the NFC function. Through this processing, it can be effectively guaranteed that the NFC card data will not be leaked during the transmission process.
至于NFC移动终端10是如何通过SE芯片12对NFC读卡设备进行鉴权,并在鉴权通过后,将SE芯片12中存储的NFC卡片数据发送给NFC读卡设备30的,在下文中通过图6所示实施例进行说明,这里暂不详述。As for how the NFC mobile terminal 10 authenticates the NFC card reader device through the SE chip 12, and after the authentication is passed, sends the NFC card data stored in the SE chip 12 to the NFC card reader device 30, hereinafter through the figure The embodiment shown in 6 is described, and will not be described in detail here.
需要说明的是,上述所描述的步骤201和步骤202的执行顺序并不代表其必然的执行顺序,当需要向NFC移动终端中写入NFC卡片数据,或者需要从NFC移动终端读取NFC卡片数据时,分别采用本公开提供的NFC卡片数据的写方法或者NFC卡片数据的读方法即可。It should be noted that the execution order of steps 201 and 202 described above does not represent its necessary execution order. When it is necessary to write NFC card data to the NFC mobile terminal, or to read NFC card data from the NFC mobile terminal , the method for writing NFC card data or the method for reading NFC card data provided by the present disclosure can be used respectively.
本公开实施例提供的技术方案,通过NFC移动终端将待写入的NFC卡片数据写入SE芯片,当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过SE芯片对NFC读卡设备进行鉴权,并在鉴权通过后向NFC读卡设备发送NFC卡片数据,实现了在NFC移动终端贴近NFC读卡设备时,NFC读卡设备能够获取到NFC卡片数据,这为在一些应用场景下,实现NFC读卡设备获取个性化的NFC卡片数据,进而基于个性化的NFC卡片数据实现某些操作,例如显示个性化NFC卡片封面、播放个性化提示音等提供了技术基础;并且,由于NFC移动终端将NFC卡片数据存储在SE芯片中,而SE芯片具备安全存储、数据安全传输等功能,因此,本公开实施例提供的方法能够有效保障NFC卡片数据的安全,防止NFC卡片数据被恶意泄露。In the technical solution provided by the embodiments of the present disclosure, the NFC card data to be written is written into the SE chip through the NFC mobile terminal, and when the NFC card data reading request from the NFC card reading device is received, the NFC card is read through the SE chip The device authenticates, and sends the NFC card data to the NFC card reader after the authentication is passed, so that when the NFC mobile terminal is close to the NFC card reader, the NFC card reader can obtain the NFC card data, which is useful in some applications. In the scenario, realize the NFC card reader device to obtain personalized NFC card data, and then realize certain operations based on the personalized NFC card data, such as displaying the cover of the personalized NFC card, playing a personalized prompt sound, etc. to provide a technical basis; and, Since the NFC mobile terminal stores the NFC card data in the SE chip, and the SE chip has functions such as safe storage and data safe transmission, the method provided by the embodiments of the present disclosure can effectively guarantee the security of the NFC card data and prevent the NFC card data from being stolen. Malicious disclosure.
参见图3,为本公开实施例提供的另一种NFC卡片数据的读写方法的实施例流程图,该图3所示流程在上述图2所示流程的基础上,可包括以下步骤:Referring to Fig. 3, it is an embodiment flowchart of another kind of NFC card data reading and writing method that the embodiment of the present disclosure provides, and the flow process shown in this Fig. 3 can comprise the following steps on the basis of the flow process shown in above-mentioned Fig. 2:
步骤301、NFC移动终端当接收到NFC卡片数据写入请求时,从NFC卡片数据写入请求中解析出待写入的NFC卡片数据。 Step 301, when the NFC mobile terminal receives the NFC card data writing request, it parses out the NFC card data to be written from the NFC card data writing request.
步骤302、NFC移动终端对SE芯片进行鉴权。 Step 302, the NFC mobile terminal authenticates the SE chip.
步骤303、NFC移动终端在确定对SE芯片鉴权通过后,将待写入的NFC卡片数据写入SE芯片。 Step 303, after the NFC mobile terminal confirms that the SE chip is authenticated, writes the NFC card data to be written into the SE chip.
通过步骤302和步骤303的描述可见,在一些优选的实施例中,NFC移动终端10可先对SE芯片12进行鉴权,在确定对SE芯片12鉴权通过后,再将待写入的NFC卡片数据写入SE芯片12。It can be seen from the description of step 302 and step 303 that, in some preferred embodiments, the NFC mobile terminal 10 can first authenticate the SE chip 12, and after confirming that the SE chip 12 has passed the authentication, then write the NFC The card data is written into the SE chip 12.
通过该种处理,可以进一步提高NFC卡片数据的安全性,防止因NFC移动终端10遭受非法攻击,而错误地将NFC卡片数据写入非法SE芯片12,导致NFC卡片数据泄露。Through this kind of processing, the security of the NFC card data can be further improved, and the NFC card data can be prevented from being wrongly written into the illegal SE chip 12 due to an illegal attack on the NFC mobile terminal 10, resulting in leakage of the NFC card data.
至于NFC移动终端10是如何对SE芯片进行鉴权的,在下文中通过图4和图5两个不同的实施例进行解释说明,这里暂不详述。As for how the NFC mobile terminal 10 authenticates the SE chip, it will be explained below through two different embodiments shown in FIG. 4 and FIG. 5 , which will not be described in detail here.
步骤304、NFC移动终端当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过SE芯片对NFC读卡设备进行鉴权。 Step 304, when the NFC mobile terminal receives the NFC card data reading request from the NFC card reading device, it authenticates the NFC card reading device through the SE chip.
步骤305、NFC移动终端在确定对NFC读卡设备鉴权通过后,向NFC读卡设备发送NFC卡片数据。 Step 305, after the NFC mobile terminal determines that the NFC card reader has passed the authentication, it sends the NFC card data to the NFC card reader.
至于步骤301、步骤304以及步骤305的详细描述,可以参见上述图2所示实施例中的相关描述,这里不再赘述。As for the detailed description of step 301, step 304, and step 305, reference may be made to the relevant description in the embodiment shown in FIG. 2 above, and details are not repeated here.
本公开实施例提供的技术方案,通过NFC移动终端对SE芯片进行鉴权,在鉴权通过后,将待写入的NFC卡片数据写入SE芯片,当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过SE芯片对NFC读卡设备进行鉴权,并在鉴权通过后向NFC读卡设备发送NFC卡片数据,实现了在NFC移动终端贴近NFC读卡设备时,NFC读卡设备能够获取到NFC卡片数据,这为在一些应用场景下,实现NFC读卡设备获取个性化的NFC卡片数据,进而基于个性化的NFC卡片数据实现某些操作,例如显示个性化NFC卡片封面、播放个性化提示音等提供了技术基础;并且,由于NFC移动终端将NFC卡片数据存储在SE芯片中,且是在对SE芯片鉴权通过后才将NFC卡片数据存储至SE芯片中的,因此,本公开实施例提供的方法能够有效保障NFC卡片数据的安全,防止NFC卡片数据被恶意泄露。In the technical solution provided by the embodiments of the present disclosure, the SE chip is authenticated by the NFC mobile terminal. After the authentication is passed, the NFC card data to be written is written into the SE chip. When the NFC card from the NFC card reading device is received When a data reading request is requested, the NFC card reader device is authenticated through the SE chip, and the NFC card data is sent to the NFC card reader device after the authentication is passed, so that when the NFC mobile terminal is close to the NFC card reader device, the NFC card reader The device can obtain NFC card data, which is to realize the NFC card reading device to obtain personalized NFC card data in some application scenarios, and then realize certain operations based on the personalized NFC card data, such as displaying the personalized NFC card cover, Playing personalized prompts, etc. provides a technical basis; and, because the NFC mobile terminal stores the NFC card data in the SE chip, and stores the NFC card data in the SE chip after the SE chip is authenticated, so , the method provided by the embodiment of the present disclosure can effectively guarantee the security of the NFC card data, and prevent the NFC card data from being maliciously leaked.
参见图4,为本公开实施例提供的又一种NFC卡片数据的读写方法的实施例流程图,该图4所示流程在上述图2和图3所示流程的基础上,着重描述一种对SE芯片进行鉴权的实现方式,可包括以下步骤:Referring to Fig. 4, it is an embodiment flow chart of another kind of NFC card data reading and writing method that the embodiment of the present disclosure provides, and the flow process shown in this Fig. 4 is based on the flow process shown in above-mentioned Fig. 2 and Fig. A kind of realization mode that SE chip is authenticated may comprise the following steps:
步骤401、NFC移动终端在接收到NFC卡片数据写入请求时,从NFC卡片数据写入请求中解析出待写入的NFC卡片数据。Step 401, when the NFC mobile terminal receives the NFC card data writing request, it parses out the NFC card data to be written from the NFC card data writing request.
步骤402、NFC移动终端将SE芯片的CPLC值和NFC卡片数据发送至安全服务器。Step 402, the NFC mobile terminal sends the CPLC value of the SE chip and the data of the NFC card to the security server.
CPLC值代表SE芯片的ID,每个SE芯片都有唯一的CPLC值。The CPLC value represents the ID of the SE chip, and each SE chip has a unique CPLC value.
可选的,NFC移动终端10可按照对应的文件格式将NFC卡片数据进行编码,并赋予对应的标识后上传至安全服务器20。这里,文件格式包括但不限于图片、文本、音频等。标识可用于表征NFC卡片数据的类型、数量等。Optionally, the NFC mobile terminal 10 can encode the NFC card data according to the corresponding file format, assign a corresponding identification and upload it to the security server 20 . Here, the file format includes but is not limited to picture, text, audio and so on. The identification can be used to characterize the type, quantity, etc. of the NFC card data.
需要说明的是,本公开实施例中对NFC移动终端10将SE芯片12的CPLC值和NFC卡片数据发送至安全服务器20的执行顺序不做限制。It should be noted that, in the embodiment of the present disclosure, there is no limitation on the execution order of the NFC mobile terminal 10 sending the CPLC value of the SE chip 12 and the NFC card data to the security server 20 .
步骤403、安全服务器基于CPLC值并利用预设的鉴权流程对SE芯片进行鉴权。Step 403, the security server authenticates the SE chip based on the CPLC value and using a preset authentication process.
由上述描述可知,CPLC值代表SE芯片的ID,因此,安全服务器20接收到CPLC值后,可知晓对哪一SE芯片进行鉴权。这也就是说,安全服务器20对接收到CPLC值对应的SE芯片,例如SE芯片12进行鉴权。其中,安全服务器20可利用预设的鉴权流程对接收到CPLC值对应的SE芯片12进行鉴权。It can be known from the above description that the CPLC value represents the ID of the SE chip. Therefore, after receiving the CPLC value, the security server 20 can know which SE chip is to be authenticated. That is to say, the security server 20 authenticates the SE chip corresponding to the received CPLC value, such as the SE chip 12 . Wherein, the security server 20 can use a preset authentication process to authenticate the SE chip 12 corresponding to the received CPLC value.
可选的,上述预设的鉴权流程为GPC协议所定义的鉴权流程。具体的鉴权流程可参见现有技术中的相关说明,这里不再赘述。Optionally, the aforementioned preset authentication process is an authentication process defined by the GPC protocol. For a specific authentication process, reference may be made to relevant descriptions in the prior art, and details are not repeated here.
步骤404、安全服务器在确定对SE芯片鉴权通过后,将NFC卡片数据写入SE芯片。In step 404, the security server writes the NFC card data into the SE chip after determining that the SE chip has been authenticated.
在一些实施例中,安全服务器20在确定对SE芯片12鉴权通过后,首先向NFC移动终端10下发查看指令,该查看指令用于指示查看SE芯片12中是否存在与待写入的NFC卡片数据对应的目标智能卡应用程序(applet)和安全域。In some embodiments, after the security server 20 determines that the SE chip 12 is authenticated, it first issues a check instruction to the NFC mobile terminal 10, and the check instruction is used to instruct to check whether there is an NFC code to be written in the SE chip 12. The target smart card application (applet) and security domain corresponding to the card data.
若存在,则安全服务器20将NFC卡片数据写入SE芯片12中的目标智能卡应用程序中。If it exists, the security server 20 writes the NFC card data into the target smart card application program in the SE chip 12 .
若不存在,安全服务器20可向NFC移动终端10下发CAP数据包,NFC移动终端10可基于该CAP数据包在SE芯片12中实例化上述目标智能卡应用程序。之后,安全服务器20将NFC卡片数据写入SE芯片12中的目标智能卡应用程序中。If not, the security server 20 can send a CAP data packet to the NFC mobile terminal 10, and the NFC mobile terminal 10 can instantiate the above-mentioned target smart card application in the SE chip 12 based on the CAP data packet. Afterwards, the security server 20 writes the NFC card data into the target smart card application program in the SE chip 12 .
上述CAP数据包指后缀名为.cap的文件,可以理解为根据JAVA CARD协议编写的逻辑代码文件,载入SE芯片12后可以通过实例化指令生成被称为智能卡应用程序的可运行文件。智能卡应用程序负责与读卡设备的数据交互逻辑。The above-mentioned CAP data packet refers to a file with a suffix of .cap, which can be understood as a logic code file written according to the JAVA CARD protocol. After being loaded into the SE chip 12, an executable file called a smart card application can be generated by an instantiation instruction. The smart card application is responsible for the data interaction logic with the card reader device.
此外,在成功将NFC卡片数据写入SE芯片中的目标智能卡应用程序时,上层应用14的显示界面可输出用于提示用户NFC卡片数据保存成功的提示消息。In addition, when the NFC card data is successfully written into the target smart card application program in the SE chip, the display interface of the upper layer application 14 can output a prompt message for prompting the user that the NFC card data is saved successfully.
通过图4所示流程,实现了由安全服务器对NFC移动终端内置的SE芯片进行鉴权。Through the process shown in FIG. 4 , the authentication of the SE chip built in the NFC mobile terminal by the security server is realized.
参见图5,为本公开实施例提供的再一种NFC卡片数据的读写方法的实施例流程图,该图5所示流程在上述图2和图3所示流程的基础上,着重描述另一种对SE芯片进行鉴权的实现方式,可包括以下步骤:Referring to Fig. 5, it is an embodiment flowchart of another kind of NFC card data reading and writing method that the embodiment of the present disclosure provides, and the flow process shown in this Fig. 5 is based on the flow process shown in above-mentioned Fig. 2 and Fig. 3, emphatically describes another An implementation of authenticating an SE chip may include the following steps:
步骤501、NFC移动终端在接收到NFC卡片数据写入请求时,从NFC卡片数据写入请求中解析出待写入的NFC卡片数据。Step 501, when the NFC mobile terminal receives the NFC card data writing request, it parses out the NFC card data to be written from the NFC card data writing request.
步骤502、NFC移动终端向安全服务器发送密钥获取请求,密钥获取请求携带SE芯片的CPLC值。Step 502, the NFC mobile terminal sends a key acquisition request to the security server, and the key acquisition request carries the CPLC value of the SE chip.
步骤503、安全服务器向NFC移动终端返回与接收到的CPLC值对应的SE芯片密钥。Step 503, the security server returns the SE chip key corresponding to the received CPLC value to the NFC mobile terminal.
步骤504、NFC移动终端基于接收到的SE芯片密钥并利用预设的鉴权流程对SE芯片进行鉴权。Step 504, the NFC mobile terminal authenticates the SE chip based on the received SE chip key and uses a preset authentication process.
上述SE芯片密钥包括但不限于ENC密钥、MAC密钥、DEK密钥等。The SE chip keys mentioned above include but are not limited to ENC keys, MAC keys, DEK keys, etc.
上述预设的鉴权流程同图4所示实施例中提及的鉴权流程相同。The aforementioned preset authentication process is the same as the authentication process mentioned in the embodiment shown in FIG. 4 .
图5所示流程与图4所示流程不同的是:图4所示流程由安全服务器20对SE芯片12进行鉴权,而图5所示流程中,由NFC移动终端10对SE芯片12进行鉴权。据此,在图4所示流程中,NFC移动终端10首先向安全服务器20发送密钥获取请求,密钥获取请求携带SE芯片12的CPLC值,以请求获取SE芯片12的SE芯片密钥。之后,安全服务器20在接收到该密钥获取请求后,则向NFC移动终端10返回与接收到的CPLC值对应的SE芯片密钥,也即SE芯片12的密钥。再之后,NFC移动终端10基于接收到的SE芯片密钥并利用预设的鉴权流程对SE芯片12进行鉴权。The difference between the process shown in FIG. 5 and the process shown in FIG. 4 is that the security server 20 authenticates the SE chip 12 in the process shown in FIG. 4 , while in the process shown in FIG. 5 , the NFC mobile terminal 10 authenticates the SE chip 12 authentication. Accordingly, in the process shown in FIG. 4 , the NFC mobile terminal 10 first sends a key acquisition request to the security server 20 , and the key acquisition request carries the CPLC value of the SE chip 12 to request to acquire the SE chip key of the SE chip 12 . Afterwards, after receiving the key acquisition request, the security server 20 returns to the NFC mobile terminal 10 the SE chip key corresponding to the received CPLC value, that is, the key of the SE chip 12 . After that, the NFC mobile terminal 10 authenticates the SE chip 12 based on the received SE chip key and uses a preset authentication process.
步骤505、NFC移动终端在确定对SE芯片鉴权通过后,将待写入的NFC卡片数据写入SE芯片。Step 505, after the NFC mobile terminal confirms that the SE chip is authenticated, writes the NFC card data to be written into the SE chip.
在一些实施例中,NFC移动终端10在确定对SE芯片12鉴权通过后,首先查看SE芯片12中,是否存在与待写入的NFC卡片数据对应的目标智能卡应用程序和安全域是否存在。In some embodiments, after the NFC mobile terminal 10 determines that the SE chip 12 is authenticated, it first checks whether there is a target smart card application program and a security domain corresponding to the NFC card data to be written in the SE chip 12 .
若存在,则NFC移动终端10将NFC卡片数据写入SE芯片12中的目标智能卡应用程序中。If it exists, the NFC mobile terminal 10 writes the NFC card data into the target smart card application program in the SE chip 12 .
若不存在,NFC移动终端10可从安全服务器20处下载CAP数据包,之后基于该CAP数据包在SE芯片12中实例化上述目标智能卡应用程序,再之后,NFC移动终端10将NFC卡片数据写入SE芯片12中的目标智能卡应用程序中。If it does not exist, the NFC mobile terminal 10 can download the CAP data packet from the security server 20, then instantiate the above-mentioned target smart card application program in the SE chip 12 based on the CAP data packet, and then, the NFC mobile terminal 10 writes the NFC card data into the target smart card application in the SE chip 12.
通过图5所示流程,实现了由NFC移动终端对自身内置的SE芯片进行鉴权。Through the process shown in FIG. 5 , the NFC mobile terminal authenticates its built-in SE chip.
参见图6,为本公开实施例提供的再一种NFC卡片数据的读写方法的实施例流程图,该图6所示流程在上述图2所示流程的基础上,着重描述NFC移动终端同NFC读卡器之间的交互流程,可包括以下步骤:Referring to Fig. 6, it is a flowchart of an embodiment of another method for reading and writing NFC card data provided by an embodiment of the present disclosure. The process shown in Fig. 6 is based on the process shown in Fig. 2 above, emphatically describing the NFC mobile terminal at the same time. The interaction process between NFC card readers may include the following steps:
步骤601、NFC移动终端在接收到NFC卡片数据写入请求时,从NFC卡片数据写入请求中解析出待写入的NFC卡片数据,将待写入的NFC卡片数据写入SE芯片。 Step 601, when the NFC mobile terminal receives the NFC card data write request, it parses the NFC card data to be written from the NFC card data write request, and writes the NFC card data to be written into the SE chip.
步骤602、NFC移动终端在接收到来自NFC读卡设备的NFC卡片数据读取请求时,向NFC读卡设备发送获取请求。Step 602: When receiving the NFC card data reading request from the NFC card reading device, the NFC mobile terminal sends an acquisition request to the NFC card reading device.
上述获取请求用于指示获取NFC读卡设备中存储的目标智能卡应用程序的有效非接密钥。The acquisition request above is used to instruct to acquire the valid contactless key of the target smart card application program stored in the NFC card reading device.
步骤603、NFC移动终端接收来自NFC读卡设备的有效非接密钥。 Step 603, the NFC mobile terminal receives a valid non-contact key from the NFC card reading device.
步骤604、NFC移动终端将接收到的有效非接密钥与NFC移动终端中存储的目标有效非接密钥进行比较,若比较出两者一致,则执行步骤605;若比较出两者不一致,则结束流程。 Step 604, the NFC mobile terminal compares the received effective non-connected key with the target effective non-connected key stored in the NFC mobile terminal, if the two are found to be consistent, step 605 is performed; if the two are found to be inconsistent, then end the process.
步骤605、NFC移动终端确定对NFC读卡设备鉴权通过。 Step 605, the NFC mobile terminal determines that the authentication of the NFC card reading device is passed.
步骤606、NFC移动终端向NFC读卡设备发送NFC卡片数据。 Step 606, the NFC mobile terminal sends the NFC card data to the NFC card reading device.
不同智能卡应用程序的有效非接密钥是不同的,若NFC读卡设备30持有SE芯片12中目标智能卡应用程序的有效非接密钥,则意味着NFC读卡设备30对该目标智能卡应用程序具有读取权限。因此,NFC移动终端10可通过确定NFC读卡设备30是否持有SE芯片12中目标智能卡应用程序的有效非接密钥来对NFC读卡设备30进行鉴权。The effective contactless keys of different smart card application programs are different. If the NFC card reader device 30 holds the effective contactless key of the target smart card application program in the SE chip 12, it means that the NFC card reader device 30 applies the target smart card key to the target smart card. The program has read permissions. Therefore, the NFC mobile terminal 10 can authenticate the NFC card reader 30 by determining whether the NFC card reader 30 holds a valid contactless key of the target smart card application in the SE chip 12 .
具体的,当NFC移动终端10贴近NFC读卡设备30时,NFC读卡设备30可先向NFC移动终端10发送一个select指令,该select指令用于指示获取待读取的NFC卡片数据所在的智能卡应用程序的AID。其中,该select指令由NFC移动终端10中的NFC芯片11接收到,并传递给SE芯片12。Specifically, when the NFC mobile terminal 10 is close to the NFC card reader 30, the NFC card reader 30 can first send a select command to the NFC mobile terminal 10, and the select command is used to indicate the smart card where the NFC card data to be read is obtained. The AID of the application. Wherein, the select command is received by the NFC chip 11 in the NFC mobile terminal 10 and passed to the SE chip 12 .
之后,SE芯片12响应上述select指令,将智能卡应用程序的AID发送给NFC移动终端10中的NFC芯片11,并由NFC芯片11传递给NFC读卡设备30。Afterwards, the SE chip 12 responds to the above select command, sends the AID of the smart card application program to the NFC chip 11 in the NFC mobile terminal 10 , and the NFC chip 11 transmits it to the NFC card reading device 30 .
进一步的,在NFC读卡设备30接收到上述AID之后,SE芯片12中的目标智能卡应用程序可对NFC读卡设备30进行鉴权。Further, after the NFC card reading device 30 receives the above-mentioned AID, the target smart card application program in the SE chip 12 can authenticate the NFC card reading device 30 .
具体的,SE芯片12通过目标智能卡应用程序向NFC芯片11发送获取请求,上述获取请求用于指示获取NFC读卡设备中存储的目标智能卡应用程序的目标有效非接密钥,NFC芯片11将该获取请求传递给NFC读卡设备30,使得NFC读卡设备30基于上述接收到的AID返回对应的有效非接密钥。Specifically, the SE chip 12 sends an acquisition request to the NFC chip 11 through the target smart card application program, and the above acquisition request is used to indicate acquisition of the target effective contactless key of the target smart card application program stored in the NFC card reader device, and the NFC chip 11 will The acquisition request is passed to the NFC card reading device 30, so that the NFC card reading device 30 returns the corresponding valid contactless key based on the above-mentioned received AID.
进一步的,NFC移动终端10接收来自NFC读卡设备30的有效非接密钥,将接收到的有效非接密钥与NFC移动终端10中存储的目标有效非接密钥进行比较,若比较出两者一致,则执行步骤605;若比较出两者不一致,则结束流程。Further, the NFC mobile terminal 10 receives the effective non-contact key from the NFC card reading device 30, and compares the received effective non-contact key with the target effective non-connection key stored in the NFC mobile terminal 10, if the comparison results in If the two are consistent, step 605 is executed; if the two are not consistent, the process ends.
此外,在上述数据交互逻辑中,由于只需要NFC芯片11和SE芯片12参与,因此,即使NFC移动终端10处于关机状态,也可保证上述数据交互逻辑正常执行。In addition, in the above data interaction logic, since only the NFC chip 11 and the SE chip 12 are required to participate, even if the NFC mobile terminal 10 is turned off, the above data interaction logic can be executed normally.
步骤605、NFC移动终端确定对NFC读卡设备鉴权通过。 Step 605, the NFC mobile terminal determines that the authentication of the NFC card reading device is passed.
步骤606、NFC移动终端向NFC读卡设备发送NFC卡片数据。 Step 606, the NFC mobile terminal sends the NFC card data to the NFC card reading device.
通过图6所示流程,实现了NFC移动终端对NFC读卡设备进行鉴权,从而使得只有鉴权通过,也即合法的NFC读卡设备才能够获取到NFC卡片数据,有效保障了NFC卡片数据的安全,能够防止NFC卡片数据被恶意泄露。Through the process shown in Figure 6, the NFC mobile terminal authenticates the NFC card reader device, so that only the authentication passes, that is, the legal NFC card reader device can obtain the NFC card data, effectively guaranteeing the NFC card data The security can prevent NFC card data from being maliciously leaked.
参见图7,为本公开实施例提供的一种NFC卡片数据的读写装置的实施例框图。作为一个实施例,该装置可应用于NFC移动终端,该NFC移动终端内置有SE芯片。如图7所示,该装置包括:解析模块71、写入模块72、鉴权模块73以及发送模块74。Referring to FIG. 7 , it is a block diagram of an embodiment of an NFC card data reading and writing device provided by an embodiment of the present disclosure. As an embodiment, the device can be applied to an NFC mobile terminal, and the NFC mobile terminal has a built-in SE chip. As shown in FIG. 7 , the device includes: an analysis module 71 , a writing module 72 , an authentication module 73 and a sending module 74 .
其中,解析模块71,设置为当接收到NFC卡片数据写入请求时,从所述NFC卡片数据写入请求中解析出待写入的NFC卡片数据;Wherein, the parsing module 71 is configured to parse out the NFC card data to be written from the NFC card data write request when receiving the NFC card data write request;
写入模块72,设置为将所述待写入的NFC卡片数据写入所述SE芯片;Writing module 72, is configured to write the NFC card data to be written into the SE chip;
鉴权模块73,设置为当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过所述SE芯片对所述NFC读卡设备进行鉴权;The authenticating module 73 is configured to authenticate the NFC card reading device by the SE chip when receiving the NFC card data reading request from the NFC card reading device;
发送模块74,设置为在对所述NFC读卡设备鉴权通过后向所述NFC读卡设备发送所述NFC卡片数据。The sending module 74 is configured to send the NFC card data to the NFC card reading device after the authentication of the NFC card reading device is passed.
在一可能的实施方式中,所述鉴权模块73还用于:在所述将所述待写入的NFC卡片数据写入所述SE芯片之前,对所述SE芯片进行鉴权;In a possible implementation manner, the authentication module 73 is also used to: authenticate the SE chip before writing the NFC card data to be written into the SE chip;
所述写入模块72,设置为在确定对所述SE芯片鉴权通过后执行所述将所述待写入的NFC卡片数据写入所述SE芯片的步骤。The writing module 72 is configured to execute the step of writing the NFC card data to be written into the SE chip after it is determined that the SE chip is authenticated.
在一可能的实施方式中,所述鉴权模块73在对所述SE芯片进行鉴权时,包括:将所述SE芯片的CPLC值发送至安全服务器,以使所述安全服务器基于所述CPLC值并利用预设的鉴权流程对所述SE芯片进行鉴权。In a possible implementation manner, when the authentication module 73 authenticates the SE chip, it includes: sending the CPLC value of the SE chip to a security server, so that the security server And use the preset authentication process to authenticate the SE chip.
在一可能的实施方式中,所述写入模块72具体用于:In a possible implementation manner, the writing module 72 is specifically used for:
将所述待写入的NFC卡片数据发送至所述安全服务器,以使所述安全服务器在确定对所述SE芯片鉴权通过后,由所述安全服务器将所述待写入的NFC卡片数据写入所述SE芯片。The NFC card data to be written is sent to the security server, so that the security server will pass the NFC card data to be written by the security server after determining that the SE chip is authenticated. written to the SE chip.
在一可能的实施方式中,所述鉴权模块73包括(图中未示出):In a possible implementation manner, the authentication module 73 includes (not shown in the figure):
密钥获取单元,设置为向安全服务器发送密钥获取请求,所述密钥获取请求携带所述SE芯片的CPLC值,以使所述安全服务器向所述NFC移动终端返回与接收到的CPLC值对应的SE芯片密钥;A key acquisition unit configured to send a key acquisition request to a security server, the key acquisition request carrying the CPLC value of the SE chip, so that the security server returns the received CPLC value to the NFC mobile terminal Corresponding SE chip key;
鉴权单元,设置为基于接收到的所述SE芯片密钥并利用预设的鉴权流程对所述SE芯片进行鉴权。The authentication unit is configured to authenticate the SE chip based on the received SE chip key and use a preset authentication process.
在一可能的实施方式中,所述写入模块72包括:In a possible implementation manner, the writing module 72 includes:
确定单元,设置为确定所述SE芯片中是否存在与所述待写入的NFC卡片数据对应的智能卡应用程序;A determination unit is configured to determine whether there is a smart card application program corresponding to the NFC card data to be written in the SE chip;
写入单元,设置为若确定所述SE芯片中存在与所述待写入的NFC卡片数据对应的目标智能卡应用程序,则将所述待写入的NFC卡片数据写入所述目标智能卡应用程序中;The writing unit is configured to write the NFC card data to be written into the target smart card application if it is determined that there is a target smart card application corresponding to the NFC card data to be written in the SE chip middle;
获取单元,设置为若确定所述SE芯片中不存在所述目标智能卡应用程序,则获取CAP数据包;An acquisition unit configured to acquire a CAP data packet if it is determined that the target smart card application program does not exist in the SE chip;
实例化单元,设置为基于所述CAP数据包在所述SE芯片实例化所述目标智能卡应用程序。The instantiation unit is configured to instantiate the target smart card application program on the SE chip based on the CAP data packet.
在一可能的实施方式中,所述鉴权模块73包括(图中未示出):In a possible implementation manner, the authentication module 73 includes (not shown in the figure):
获取单元,设置为向所述NFC读卡设备发送获取请求,所述获取请求用于指示获取所述NFC读卡设备中存储的所述目标智能卡应用程序的有效非接密钥;An acquisition unit configured to send an acquisition request to the NFC card reader, the acquisition request being used to indicate acquisition of the effective contactless key of the target smart card application stored in the NFC card reader;
接收单元,设置为接收来自所述NFC读卡设备的有效非接密钥;A receiving unit configured to receive an effective non-contact key from the NFC card reading device;
比较单元,设置为将接收到的有效非接密钥与所述NFC移动终端中存储的所述目标智能卡应用程序的目标有效非接密钥进行比较;The comparison unit is configured to compare the received valid contactless key with the target valid contactless key of the target smart card application stored in the NFC mobile terminal;
确定单元,设置为若比较出两者一致,则确定对所述NFC读卡设备鉴权通过;若比较出两者不一致,则确定对所述NFC读卡设备鉴权未通过。The determining unit is configured to determine that the authentication of the NFC card reading device passes if the comparison shows that the two are consistent; if the comparison shows that the two are inconsistent, then it is determined that the authentication of the NFC card reading device fails.
图8为本公开实施例提供的一种电子设备的结构示意图,图8所示的电子设备800包括:至少一个处理器801、存储器802、至少一个网络接口804和其他用户接口803。电子设备800中的各个组件通过总线系统805耦合在一起。可理解,总线系统805用于实现这些组件之间的连接通信。总线系统805除包括数据总线之外,还包括电源总线、控制总线和状态信号总线。但是为了清楚说明起见,在图8中将各种总线都标为总线系统805。FIG. 8 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure. The electronic device 800 shown in FIG. 8 includes: at least one processor 801 , a memory 802 , at least one network interface 804 and other user interfaces 803 . Various components in the electronic device 800 are coupled together through a bus system 805 . It can be understood that the bus system 805 is used to realize connection and communication between these components. In addition to the data bus, the bus system 805 also includes a power bus, a control bus and a status signal bus. However, the various buses are labeled as bus system 805 in FIG. 8 for clarity of illustration.
其中,用户接口803可以包括显示器、键盘或者点击设备(例如,鼠标,轨迹球(trackball))、触感板或者触摸屏等。Wherein, the user interface 803 may include a display, a keyboard or a pointing device (for example, a mouse, a trackball (trackball)), a touch panel or a touch screen, and the like.
可以理解,本公开实施例中的存储器802可以是易失性存储器或非易失性存储器,或可包括易失性和非易失性存储器两者。其中,非易失性存储器可以是只读存储器(Read-OnlyMemory,ROM)、可编程只读存储器(ProgrammableROM,PROM)、可擦除可编程只读存储器(ErasablePROM,EPROM)、电可擦除可编程只读存储器(ElectricallyEPROM,EEPROM)或闪存。易失性存储器可以是随机存取存储器(RandomAccessMemory,RAM),其用作外部高速缓存。通过示例性但不是限制性说明,许多形式的RAM可用,例如静态随机存取存储器(StaticRAM,SRAM)、动态随机存取存储器(DynamicRAM,DRAM)、同步动态随机存取存储器(SynchronousDRAM,SDRAM)、双倍数据速率同步动态随机存取存储器(DoubleDataRate SDRAM,DDRSDRAM)、增强型同步动态随机存取存储器(Enhanced SDRAM,ESDRAM)、同步连接动态随机存取存储器(SynchlinkDRAM,SLDRAM)和直接内存总线随机存取存储器(DirectRambusRAM,DRRAM)。 本文描述的存储器802旨在包括但不限于这些和任意其它适合类型的存储器。It can be understood that the memory 802 in the embodiment of the present disclosure may be a volatile memory or a nonvolatile memory, or may include both volatile and nonvolatile memories. Among them, the non-volatile memory can be read-only memory (Read-OnlyMemory, ROM), programmable read-only memory (ProgrammableROM, PROM), erasable programmable read-only memory (ErasablePROM, EPROM), electrically erasable Programming read-only memory (Electrically EPROM, EEPROM) or flash memory. The volatile memory may be random access memory (Random Access Memory, RAM), which acts as an external cache. By way of illustration and not limitation, many forms of RAM are available such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (Synchronous DRAM, SDRAM), Double Data Rate Synchronous Dynamic Random Access Memory (DoubleDataRate SDRAM, DDRSDRAM), Enhanced Synchronous Dynamic Random Access Memory (Enhanced SDRAM, ESDRAM), Synchronous Connection Dynamic Random Access Memory (SynchlinkDRAM, SLDRAM) and Direct Memory Bus Random Access Memory Access memory (DirectRambusRAM, DRRAM). The memory 802 described herein is intended to include, but is not limited to, these and any other suitable types of memory.
在一些实施方式中,存储器802存储了如下的元素,可执行单元或者数据结构,或者他们的子集,或者他们的扩展集:操作系统8021和应用程序8022。In some implementations, the memory 802 stores the following elements, executable units or data structures, or their subsets, or their extended sets: an operating system 8021 and an application program 8022 .
其中,操作系统8021,包含各种系统程序,例如框架层、核心库层、驱动层等,设置为实现各种基础业务以及处理基于硬件的任务。应用程序8022,包含各种应用程序,例如媒体播放器(MediaPlayer)、浏览器(Browser)等,设置为实现各种应用业务。实现本公开实施例方法的程序可以包含在应用程序8022中。Among them, the operating system 8021 includes various system programs, such as framework layer, core library layer, driver layer, etc., which are set to realize various basic services and handle hardware-based tasks. The application program 8022 includes various application programs, such as a media player (MediaPlayer), a browser (Browser), etc., and is configured to implement various application services. Programs for realizing the methods of the embodiments of the present disclosure may be included in the application program 8022 .
在本公开实施例中,通过调用存储器802存储的程序或指令,具体的,可以是应用程序8022中存储的程序或指令,处理器801用于执行各方法实施例所提供的方法步骤,例如包括:In this embodiment of the present disclosure, by calling the program or instruction stored in the memory 802, specifically, the program or instruction stored in the application program 8022, the processor 801 is used to execute the method steps provided by each method embodiment, for example including :
当接收到NFC卡片数据写入请求时,从所述NFC卡片数据写入请求中解析出待写入的NFC卡片数据,将所述待写入的NFC卡片数据写入SE芯片;When receiving the NFC card data writing request, resolve the NFC card data to be written from the NFC card data writing request, and write the NFC card data to be written into the SE chip;
当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过所述SE芯片对所述NFC读卡设备进行鉴权,并在对所述NFC读卡设备鉴权通过后向所述NFC读卡设备发送所述NFC卡片数据。When receiving the NFC card data reading request from the NFC card reading device, the NFC card reading device is authenticated by the SE chip, and after the NFC card reading device is authenticated, the NFC The card reading device sends the NFC card data.
上述本公开实施例揭示的方法可以应用于处理器801中,或者由处理器801实现。处理器801可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,上述方法的各步骤可以通过处理器801中的硬件的集成逻辑电路或者软件形式的指令完成。上述的处理器801可以是通用处理器、数字信号处理器(DigitalSignalProcessor,DSP)、专用集成电路(ApplicationSpecificIntegratedCircuit,ASIC)、现成可编程门阵列(FieldProgrammableGateArray,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。可以实现或者执行本公开实施例中的公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。结合本公开实施例所公开的方法的步骤可以直接体现为硬件译码处理器执行完成,或者用译码处理器中的硬件及软件单元组合执行完成。软件单元可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。该存储介质位于存储器802,处理器801读取存储器802中的信息,结合其硬件完成上述方法的步骤。The methods disclosed in the foregoing embodiments of the present disclosure may be applied to the processor 801 or implemented by the processor 801 . The processor 801 may be an integrated circuit chip with signal processing capability. In the implementation process, each step of the above method may be completed by an integrated logic circuit of hardware in the processor 801 or instructions in the form of software. The above-mentioned processor 801 may be a general-purpose processor, a digital signal processor (Digital Signal Processor, DSP), an application-specific integrated circuit (Application Specific Integrated Circuit, ASIC), an off-the-shelf programmable gate array (Field Programmable Gate Array, FPGA) or other programmable logic devices, discrete gates or Transistor logic devices, discrete hardware components. Various methods, steps and logic block diagrams disclosed in the embodiments of the present disclosure may be implemented or executed. A general-purpose processor may be a microprocessor, or the processor may be any conventional processor, or the like. The steps of the methods disclosed in the embodiments of the present disclosure may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software units in the decoding processor. The software unit may be located in a mature storage medium in the field such as random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, register. The storage medium is located in the memory 802, and the processor 801 reads the information in the memory 802, and completes the steps of the above method in combination with its hardware.
可以理解的是,本文描述的这些实施例可以用硬件、软件、固件、中间件、微码或其组合来实现。对于硬件实现,处理单元可以实现在一个或多个专用集成电路(Application Specific Integrated Circuits,ASIC)、数字信号处理器(Digital Signal Processing,DSP)、数字信号处理设备(DSP Device,DSPD)、可编程逻辑设备(Programmable Logic Device,PLD)、现场可编程门阵列(Field-Programmable Gate Array,FPGA)、通用处理器、控制器、微控制器、微处理器、用于执行本申请所述功能的其它电子单元或其组合中。It should be understood that the embodiments described herein may be implemented by hardware, software, firmware, middleware, microcode or a combination thereof. For hardware implementation, the processing unit can be implemented in one or more application specific integrated circuits (Application Specific Integrated Circuits, ASIC), digital signal processor (Digital Signal Processing, DSP), digital signal processing device (DSP Device, DSPD), programmable Logic device (Programmable Logic Device, PLD), Field-Programmable Gate Array (Field-Programmable Gate Array, FPGA), general-purpose processor, controller, microcontroller, microprocessor, other devices used to perform the functions described in this application electronic unit or its combination.
对于软件实现,可通过执行本文所述功能的单元来实现本文所述的技术。软件代码可存储在存储器中并通过处理器执行。存储器可以在处理器中或在处理器外部实现。For a software implementation, the techniques described herein are implemented by means of units that perform the functions described herein. Software codes can be stored in memory and executed by a processor. Memory can be implemented within the processor or external to the processor.
本实施例提供的电子设备可以是如图8中所示的电子设备,可执行如图2-6中NFC卡片数据的读写方法的所有步骤,进而实现图2-6中NFC卡片数据的读写方法的技术效果,具体请参照图2-6相关描述,为简洁描述,在此不作赘述。The electronic device provided by this embodiment can be an electronic device as shown in Figure 8, which can perform all the steps of the method for reading and writing NFC card data in Figure 2-6, and then realize the reading of NFC card data in Figure 2-6 For the technical effect of the writing method, please refer to the relevant descriptions in Figure 2-6 for details, which are not described here for brevity.
本公开实施例还提供了一种存储介质(计算机可读存储介质)。这里的存储介质存储有一个或者多个程序。其中,存储介质可以包括易失性存储器,例如随机存取存储器;存储器也可以包括非易失性存储器,例如只读存储器、快闪存储器、硬盘或固态硬盘;存储器还可以包括上述种类的存储器的组合。The embodiment of the present disclosure also provides a storage medium (computer-readable storage medium). The storage medium here stores one or more programs. Wherein, the storage medium may include a volatile memory, such as a random access memory; the memory may also include a non-volatile memory, such as a read-only memory, a flash memory, a hard disk or a solid-state disk; the memory may also include the above-mentioned types of memory combination.
当存储介质中一个或者多个程序可被一个或者多个处理器执行,以实现上述在电子设备侧执行的NFC卡片数据的读写方法。One or more programs in the storage medium can be executed by one or more processors, so as to realize the above method for reading and writing NFC card data executed on the electronic device side.
所述处理器用于执行存储器中存储的NFC卡片数据的读写程序,以实现以下在电子设备侧执行的NFC卡片数据的读写方法的步骤:The processor is used to execute the read-write program of the NFC card data stored in the memory, so as to realize the following steps in the read-write method of the NFC card data performed on the electronic device side:
当接收到NFC卡片数据写入请求时,从所述NFC卡片数据写入请求中解析出待写入的NFC卡片数据,将所述待写入的NFC卡片数据写入SE芯片;When receiving the NFC card data writing request, resolve the NFC card data to be written from the NFC card data writing request, and write the NFC card data to be written into the SE chip;
当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过所述SE芯片对所述NFC读卡设备进行鉴权,并在对所述NFC读卡设备鉴权通过后向所述NFC读卡设备发送所述NFC卡片数据。When receiving the NFC card data reading request from the NFC card reading device, the NFC card reading device is authenticated by the SE chip, and after the NFC card reading device is authenticated, the NFC The card reading device sends the NFC card data.
专业人员应该还可以进一步意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、计算机软件或者二者的结合来实现,为了清楚地说明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各示例的组成及步骤。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本公开的范围。Professionals should further realize that the units and algorithm steps described in conjunction with the embodiments disclosed herein can be implemented by electronic hardware, computer software, or a combination of the two. In order to clearly illustrate the relationship between hardware and software Interchangeability. In the above description, the composition and steps of each example have been generally described according to their functions. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Skilled artisans may implement the described functionality using different methods for each particular application, but such implementation should not be considered beyond the scope of the present disclosure.
结合本文中所公开的实施例描述的方法或算法的步骤可以用硬件、处理器执行的软件模块,或者二者的结合来实施。软件模块可以置于随机存储器(RAM)、内存、只读存储器(ROM)、电可编程ROM、电可擦除可编程ROM、寄存器、硬盘、可移动磁盘、CD-ROM、或技术领域内所公知的任意其它形式的存储介质中。The steps of the methods or algorithms described in connection with the embodiments disclosed herein may be implemented by hardware, software modules executed by a processor, or a combination of both. Software modules can be placed in random access memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, removable disk, CD-ROM, or any other Any other known storage medium.
以上所述的具体实施方式,对本公开的目的、技术方案和有益效果进行了进一步详细说明,所应理解的是,以上所述仅为本公开的具体实施方式而已,并不用于限定本公开的保护范围,凡在本公开的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本公开的保护范围之内。The specific implementations described above further describe the purpose, technical solutions and beneficial effects of the present disclosure in detail. It should be understood that the above descriptions are only specific implementations of the present disclosure and are not intended to limit the scope of the present disclosure Protection scope, within the spirit and principles of the present disclosure, any modification, equivalent replacement, improvement, etc., shall be included in the protection scope of the present disclosure.

Claims (10)

  1. 一种近距离无线通讯技术NFC卡片数据的读写方法,应用于NFC移动终端,所述NFC移动终端内置有SE芯片,所述方法包括:A method for reading and writing NFC card data of short-range wireless communication technology, applied to an NFC mobile terminal, the NFC mobile terminal has a built-in SE chip, and the method includes:
    当接收到NFC卡片数据写入请求时,从所述NFC卡片数据写入请求中解析出待写入的NFC卡片数据,将所述待写入的NFC卡片数据写入所述SE芯片;When receiving the NFC card data writing request, parse the NFC card data to be written from the NFC card data writing request, and write the NFC card data to be written into the SE chip;
    当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过所述SE芯片对所述NFC读卡设备进行鉴权,并在对所述NFC读卡设备鉴权通过后向所述NFC读卡设备发送所述NFC卡片数据。When receiving the NFC card data reading request from the NFC card reading device, the NFC card reading device is authenticated by the SE chip, and after the NFC card reading device is authenticated, the NFC The card reading device sends the NFC card data.
  2. 根据权利要求1所述的方法,其中,在所述将所述待写入的NFC卡片数据写入所述SE芯片之前,所述方法还包括:The method according to claim 1, wherein, before the described NFC card data to be written is written into the SE chip, the method also includes:
    对所述SE芯片进行鉴权;Authenticating the SE chip;
    在确定对所述SE芯片鉴权通过后执行所述将所述待写入的NFC卡片数据写入所述SE芯片的步骤。The step of writing the NFC card data to be written into the SE chip is executed after it is determined that the SE chip is authenticated.
  3. 根据权利要求2所述的方法,其中,所述对所述SE芯片进行鉴权,包括:The method according to claim 2, wherein said authenticating said SE chip comprises:
    将所述SE芯片的CPLC值发送至安全服务器,以使所述安全服务器基于所述CPLC值并利用预设的鉴权流程对所述SE芯片进行鉴权。Sending the CPLC value of the SE chip to a security server, so that the security server authenticates the SE chip based on the CPLC value and using a preset authentication process.
  4. 根据权利要求3所述的方法,其中,所述将所述待写入的NFC卡片数据写入所述SE芯片,包括:The method according to claim 3, wherein said writing said NFC card data to be written into said SE chip comprises:
    将所述待写入的NFC卡片数据发送至所述安全服务器,以使所述安全服务器在确定对所述SE芯片鉴权通过后,由所述安全服务器将所述待写入的NFC卡片数据写入所述SE芯片。The NFC card data to be written is sent to the security server, so that the security server will pass the NFC card data to be written by the security server after determining that the SE chip is authenticated. written to the SE chip.
  5. 根据权利要求2所述的方法,其中,所述对所述SE芯片进行鉴权,包括:The method according to claim 2, wherein said authenticating said SE chip comprises:
    向安全服务器发送密钥获取请求,所述密钥获取请求携带所述SE芯片的CPLC值,以使所述安全服务器向所述NFC移动终端返回与接收到的CPLC值对应的SE芯片密钥;Sending a key acquisition request to the security server, the key acquisition request carrying the CPLC value of the SE chip, so that the security server returns the SE chip key corresponding to the received CPLC value to the NFC mobile terminal;
    基于接收到的所述SE芯片密钥并利用预设的鉴权流程对所述SE芯片进行鉴权。Authenticating the SE chip based on the received SE chip key and using a preset authentication process.
  6. 根据权利要求1所述的方法,其中,所述将所述待写入的NFC卡片数据写入所述SE芯片,包括:The method according to claim 1, wherein said writing said NFC card data to be written into said SE chip comprises:
    确定所述SE芯片中是否存在与所述待写入的NFC卡片数据对应的目标智能卡应用程序;Determine whether there is a target smart card application program corresponding to the NFC card data to be written in the SE chip;
    若是,则将所述待写入的NFC卡片数据写入所述目标智能卡应用程序中;If so, then write the NFC card data to be written in the target smart card application program;
    若否,则获取CAP数据包,基于所述CAP数据包在所述SE芯片中实例化所述目标智能卡应用程序,将所述待写入的NFC卡片数据写入所述目标智能卡应用程序中。If not, then obtain the CAP data packet, instantiate the target smart card application in the SE chip based on the CAP data packet, and write the NFC card data to be written into the target smart card application.
  7. 根据权利要求6所述的方法,其中,所述通过所述SE芯片对所述NFC读卡设备进行鉴权,包括:The method according to claim 6, wherein said authenticating said NFC card reading device through said SE chip comprises:
    向所述NFC读卡设备发送获取请求,所述获取请求用于指示获取所述NFC读卡设备中存储的所述目标智能卡应用程序的有效非接密钥;Send an acquisition request to the NFC card reader, the acquisition request is used to indicate acquisition of the effective contactless key of the target smart card application stored in the NFC card reader;
    接收来自所述NFC读卡设备的有效非接密钥;Receive a valid contactless key from the NFC card reading device;
    将接收到的有效非接密钥与所述NFC移动终端中存储的所述目标智能卡应用程序的目标有效非接密钥进行比较;comparing the received effective non-contact key with the target effective non-connect key of the target smart card application stored in the NFC mobile terminal;
    若比较出两者一致,则确定对所述NFC读卡设备鉴权通过;若比较出两者不一致,则确定对所述NFC读卡设备鉴权未通过。If the two are found to be consistent, it is determined that the authentication of the NFC card reading device has passed; if the two are found to be inconsistent, it is determined that the authentication of the NFC card reading device has not passed.
  8. 一种NFC卡片数据的读写装置,应用于NFC移动终端,所述NFC移动终端内置有SE芯片,所述装置包括:A device for reading and writing NFC card data, applied to an NFC mobile terminal, the NFC mobile terminal has a built-in SE chip, and the device includes:
    解析模块,设置为当接收到NFC卡片数据写入请求时,从所述NFC卡片数据写入请求中解析出待写入的NFC卡片数据;Parsing module is configured to parse out the NFC card data to be written from the NFC card data write request when receiving the NFC card data write request;
    写入模块,设置为将所述待写入的NFC卡片数据写入所述SE芯片;A write module is configured to write the NFC card data to be written into the SE chip;
    鉴权模块,设置为当接收到来自NFC读卡设备的NFC卡片数据读取请求时,通过所述SE芯片对所述NFC读卡设备进行鉴权;The authentication module is configured to authenticate the NFC card reader through the SE chip when receiving the NFC card data reading request from the NFC card reader;
    发送模块,设置为在对所述NFC读卡设备鉴权通过后向所述NFC读卡设备发送所述NFC卡片数据。The sending module is configured to send the NFC card data to the NFC card reading device after the authentication of the NFC card reading device is passed.
  9. 一种电子设备,其中,包括:处理器和存储器,所述处理器用于执行所述存储器中存储的NFC卡片数据的读写程序,以实现权利要求1至7中任一项所述的NFC卡片数据的读写方法。An electronic device, wherein, comprising: a processor and a memory, the processor is used to execute the read-write program of the NFC card data stored in the memory, to realize the NFC card described in any one of claims 1 to 7 How to read and write data.
  10. 一种存储介质,其中,所述存储介质存储有一个或者多个程序,所述一个或者多个程序可被一个或者多个处理器执行,以实现权利要求1至7中任一项所述的NFC卡片数据的读写方法。A storage medium, wherein the storage medium stores one or more programs, and the one or more programs can be executed by one or more processors, so as to realize any one of claims 1 to 7 How to read and write NFC card data.
PCT/CN2022/112791 2021-11-29 2022-08-16 Nfc card data read-write method and apparatus, electronic device and storage medium WO2023093140A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202111447166.4A CN116187362A (en) 2021-11-29 2021-11-29 NFC card data reading and writing method and device, electronic equipment and storage medium
CN202111447166.4 2021-11-29

Publications (1)

Publication Number Publication Date
WO2023093140A1 true WO2023093140A1 (en) 2023-06-01

Family

ID=86435106

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/112791 WO2023093140A1 (en) 2021-11-29 2022-08-16 Nfc card data read-write method and apparatus, electronic device and storage medium

Country Status (2)

Country Link
CN (1) CN116187362A (en)
WO (1) WO2023093140A1 (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067335A (en) * 2011-10-18 2013-04-24 中国移动通信集团公司 Method for realizing information interaction as non-contact mode, correlation equipment and system
CN103188233A (en) * 2011-12-30 2013-07-03 卓望数码技术(深圳)有限公司 Method and system of dispatching and managing multiple applications
CN105184563A (en) * 2015-09-17 2015-12-23 广东欧珀移动通信有限公司 Safe processing method and apparatus for NFC (Near Field Communication) chip
CN105989386A (en) * 2015-02-28 2016-10-05 北京天威诚信电子商务服务有限公司 Method and device for reading and writing radio frequency identification card
CN106470386A (en) * 2015-08-19 2017-03-01 中兴通讯股份有限公司 A kind of near-field communication data transmission method and device
CN106709727A (en) * 2016-12-07 2017-05-24 深圳市久和久科技有限公司 Intelligent card management method and system thereof, terminal and card service management apparatus
US20190303945A1 (en) * 2015-03-13 2019-10-03 Radiius Corp Smartcard Payment System and Method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067335A (en) * 2011-10-18 2013-04-24 中国移动通信集团公司 Method for realizing information interaction as non-contact mode, correlation equipment and system
CN103188233A (en) * 2011-12-30 2013-07-03 卓望数码技术(深圳)有限公司 Method and system of dispatching and managing multiple applications
CN105989386A (en) * 2015-02-28 2016-10-05 北京天威诚信电子商务服务有限公司 Method and device for reading and writing radio frequency identification card
US20190303945A1 (en) * 2015-03-13 2019-10-03 Radiius Corp Smartcard Payment System and Method
CN106470386A (en) * 2015-08-19 2017-03-01 中兴通讯股份有限公司 A kind of near-field communication data transmission method and device
CN105184563A (en) * 2015-09-17 2015-12-23 广东欧珀移动通信有限公司 Safe processing method and apparatus for NFC (Near Field Communication) chip
CN106709727A (en) * 2016-12-07 2017-05-24 深圳市久和久科技有限公司 Intelligent card management method and system thereof, terminal and card service management apparatus

Also Published As

Publication number Publication date
CN116187362A (en) 2023-05-30

Similar Documents

Publication Publication Date Title
US10127751B2 (en) Controlling physical access to secure areas via client devices in a networked environment
US20220209951A1 (en) Authentication method, apparatus and device, and computer-readable storage medium
US20140282992A1 (en) Systems and methods for securing the boot process of a device using credentials stored on an authentication token
US11212283B2 (en) Method for authentication and authorization and authentication server using the same for providing user management mechanism required by multiple applications
US9569602B2 (en) Mechanism for enforcing user-specific and device-specific security constraints in an isolated execution environment on a device
US20070300063A1 (en) Pairing to a Wireless Peripheral Device at the Lock-Screen
US9667626B2 (en) Network authentication method and device for implementing the same
US20140281495A1 (en) Method and apparatus for performing authentication between applications
WO2019134493A1 (en) Subscriber identity module data writing method, device, platform, and storage medium
JP7309261B2 (en) Authentication method for biometric payment device, authentication device for biometric payment device, computer device, and computer program
US20080313471A1 (en) Electronic system and digital right management methods thereof
JP2023526822A (en) Enabling communication between applications on mobile operating systems
US11308238B2 (en) Server and method for identifying integrity of application
CA2607816C (en) Pairing to a wireless peripheral device at the lock-screen
WO2023093140A1 (en) Nfc card data read-write method and apparatus, electronic device and storage medium
CN115935318B (en) Information processing method, device, server, client and storage medium
CN111783115A (en) Data encryption storage method and device, electronic equipment and storage medium
CN114582048B (en) NFC-based vehicle door control method, mobile terminal and vehicle
US20210160081A1 (en) Multiple-Key Verification Information for Mobile Device Identity Document
TWI816017B (en) Method and apparatus for processing authentication information
CN110851881B (en) Security detection method and device for terminal equipment, electronic equipment and storage medium
CN110366161B (en) Card opening method and device, related equipment and storage medium
EP3757922A1 (en) Electronic payment system and method and program using biometric authentication
US10318766B2 (en) Method for the secured recording of data, corresponding device and program
TW202018626A (en) System for verifying user identity when processing digital signature and method thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22897235

Country of ref document: EP

Kind code of ref document: A1