[go: up one dir, main page]

CN101533539B - Method for inputting password and device thereof - Google Patents

Method for inputting password and device thereof Download PDF

Info

Publication number
CN101533539B
CN101533539B CN200910079882.4A CN200910079882A CN101533539B CN 101533539 B CN101533539 B CN 101533539B CN 200910079882 A CN200910079882 A CN 200910079882A CN 101533539 B CN101533539 B CN 101533539B
Authority
CN
China
Prior art keywords
instruction
password
password input
user
smart card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN200910079882.4A
Other languages
Chinese (zh)
Other versions
CN101533539A (en
Inventor
陆舟
于华章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Feitian Technologies Co Ltd
Original Assignee
Feitian Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Feitian Technologies Co Ltd filed Critical Feitian Technologies Co Ltd
Priority to CN200910079882.4A priority Critical patent/CN101533539B/en
Publication of CN101533539A publication Critical patent/CN101533539A/en
Priority to PCT/CN2010/071001 priority patent/WO2010102577A1/en
Priority to US12/812,042 priority patent/US8777100B2/en
Application granted granted Critical
Publication of CN101533539B publication Critical patent/CN101533539B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了一种密码输入方法及设备,涉及信息安全领域,解决了用户输入的密码容易被截获的问题。接收读卡器发送的操作指令,检测所述操作指令是否为密码校验指令,如果所述操作指令不是密码校验指令,则将所述操作指令发送给智能卡;如果所述操作指令为所述密码校验指令,则接收用户输入的密码,将所述用户输入的密码封装到所述密码校验指令中并将封装有所述用户输入密码的密码校验指令发送给智能卡。本发明主要用于密码输入过程中,提高密码输入的安全性,使密码在输入过程中不易被截获。

Figure 200910079882

The invention discloses a password input method and equipment, relates to the field of information security, and solves the problem that passwords input by users are easily intercepted. Receive the operation instruction sent by the card reader, detect whether the operation instruction is a password verification instruction, if the operation instruction is not a password verification instruction, then send the operation instruction to the smart card; if the operation instruction is the The password verification instruction receives the password input by the user, encapsulates the password input by the user into the password verification instruction, and sends the password verification instruction encapsulated with the user input password to the smart card. The invention is mainly used in the password input process to improve the security of the password input and make the password difficult to be intercepted during the input process.

Figure 200910079882

Description

密码输入方法及设备Password input method and equipment

技术领域 technical field

本发明涉及信息安全领域,尤其涉及密码输入方法及设备。  The invention relates to the field of information security, in particular to a password input method and equipment. the

背景技术Background technique

近几年来,随着电子商务的飞速发展以及我国商业化进程的深入,越来越多的人在金融交易时选择电子支付,所谓电子支付是指从事电子商务交易的当事人,包括消费者、厂商和金融机构,通过信息网络,使用安全的信息传输手段,采用数字化方式进行的货币支付或资金流转。该种支付方式与传统的支付方式相比较,具有方便、快捷、高效、经济的优势,使人们在较短的时间内便可以完成支付过程。  In recent years, with the rapid development of e-commerce and the deepening of my country's commercialization process, more and more people choose electronic payment in financial transactions. The so-called electronic payment refers to the parties engaged in e-commerce transactions, including consumers, manufacturers, etc. And financial institutions, through the information network, use safe means of information transmission, and use digital methods for currency payment or capital transfer. Compared with the traditional payment method, this payment method has the advantages of convenience, speed, efficiency and economy, so that people can complete the payment process in a relatively short period of time. the

目前,用户使用的自动取款机、商场消费中使用的POS机的支付方式都属于该种电子支付方式。使用该种支付方式时,用户输入的密码一般直接由消费终端(如:计算机)接收,并由消费终端将用户输入的密码通过互联网络发送到银行服务中心,由银行服务中心对用户输入的密码进行校验。由于该消费终端是连接在互联网中的,在用户将密码输入所述消费终端的过程中,所输入的密码很容易被非法用监控并截获,并且在所述消费终端将用户输入的密码通过互联网络发送到银行服务中心的过程中,所述用户输入的密码更易被非法用户截获,使用户输入的密码的安全性较低。  At present, the payment methods of automatic teller machines used by users and POS machines used in shopping malls are all electronic payment methods. When using this payment method, the password entered by the user is generally received directly by the consumer terminal (such as a computer), and the consumer terminal sends the password entered by the user to the bank service center through the Internet, and the bank service center accepts the password entered by the user. Verify. Since the consumption terminal is connected to the Internet, when the user enters the password into the consumption terminal, the input password is easily monitored and intercepted by illegal users, and the password entered by the user is passed through the Internet at the consumption terminal. During the process of sending the network to the bank service center, the password input by the user is more likely to be intercepted by illegal users, which makes the password input by the user less secure. the

发明内容Contents of the invention

本发明提供一种密码输入方法及设备,使密码在输入过程中不易被截获,提高密码输入的安全性。  The invention provides a password input method and equipment, which make the password difficult to be intercepted during the input process and improve the security of the password input. the

为达到上述目的,本发明采用如下技术方案:  To achieve the above object, the present invention adopts the following technical solutions:

一种密码输入方法,包括:  A password input method, including:

接收读卡器发送的操作指令;  Receive the operation instruction sent by the card reader;

检测所述操作指令是否为密码校验指令;  Detecting whether the operation instruction is a password verification instruction;

如果所述操作指令不是所述密码校验指令,则将所述操作指令发送给智能卡;  If the operation instruction is not the password verification instruction, then send the operation instruction to the smart card;

如果所述操作指令为所述密码校验指令,则接收用户输入的密码;  If the operation instruction is the password verification instruction, then receive the password input by the user;

将所述用户输入的密码封装到所述密码校验指令中;  Encapsulating the password input by the user into the password verification instruction;

将封装有所述用户输入密码的密码校验指令发送给智能卡;  Send the password verification instruction encapsulated with the password input by the user to the smart card;

接收所述智能卡返回的所述密码校验指令的执行结果;  Receive the execution result of the password verification instruction returned by the smart card;

将所述密码校验指令的执行结果发送给所述读卡器。  Send the execution result of the password verification instruction to the card reader. the

一种密码输入设备,包括:  A password input device, comprising:

第一通信模块,用于接收读卡器发送的操作指令,还用于将所述密码校验指令的执行结果发送给所述读卡器;  The first communication module is used to receive the operation instruction sent by the card reader, and is also used to send the execution result of the password verification instruction to the card reader;

指令监测模块,用于检测所述操作指令是否为密码校验指令;  An instruction monitoring module is used to detect whether the operation instruction is a password verification instruction;

输入模块,用于在检测到所述操作指令为密码校验指令时,接收用户输入的密码;  The input module is used to receive the password input by the user when detecting that the operation instruction is a password verification instruction;

指令修改模块,用于将所述用户输入的密码封装到所述密码校验指令中;  An instruction modification module, configured to encapsulate the password input by the user into the password verification instruction;

第二通信模块,用于将封装有所述用户输入密码的密码校验指令发送给智能卡,还用于接收所述智能卡返回的所述密码校验指令的执行结果;  The second communication module is used to send the password verification instruction encapsulated with the password input by the user to the smart card, and is also used to receive the execution result of the password verification instruction returned by the smart card;

所述第二通信模块还用于在检测到所述操作指令不是密码校验指令时,将所述操作指令发送给智能卡。  The second communication module is further configured to send the operation instruction to the smart card when detecting that the operation instruction is not a password verification instruction. the

采用上述方案后,当进行电子支付时,用户输入的密码直接由所述密码输入设备接收,然后将所述用户输入的密码发送给智能卡,由所述智能卡完成所述用户输入密码的认证。在密码输入、传输的过程中,所述用户输入的密码都没有与连接到互联网络的消费终端(如:计算机)接触,防止了非法用户通过所述消费终端监控用户输入密码,降低了截获所述用户输入密码的可能性,提 高了用户密码输入过程的安全性。  After adopting the above scheme, when making electronic payment, the password input by the user is directly received by the password input device, and then the password input by the user is sent to the smart card, and the smart card completes the authentication of the password input by the user. In the process of password input and transmission, the password input by the user is not in contact with the consumption terminal (such as: computer) connected to the Internet, which prevents illegal users from monitoring the user input password through the consumption terminal, and reduces the cost of interception. The possibility of the user inputting the password is described, and the security of the user password input process is improved. the

附图说明 Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。  In order to more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. For those skilled in the art, other drawings can also be obtained according to these drawings without any creative effort. the

图1为本发明实施例1密码输入方法的流程图;  Fig. 1 is the flowchart of the password input method of embodiment 1 of the present invention;

图2为本发明实施例1密码输入设备的组成框图;  Fig. 2 is the composition block diagram of the password input device of embodiment 1 of the present invention;

图3为本发明实施例2密码输入方法的流程图;  Fig. 3 is the flowchart of the password input method of embodiment 2 of the present invention;

图4为本发明实施例2密码输入设备的组成框图。  FIG. 4 is a block diagram of a password input device according to Embodiment 2 of the present invention. the

具体实施方式 Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。  The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention. the

实施例1  Example 1

本发明实施例提供一种密码输入方法,如图1所示,该方法包括:  The embodiment of the present invention provides a password input method, as shown in Figure 1, the method includes:

101、密码输入设备接收读卡器发送的操作指令,该操作指令的格式符合7816规范(该规范为国际智能卡规范),它包括以下几个部分:CLA、INS、P1、P2、LC、DATA;  101. The password input device receives the operation instruction sent by the card reader. The format of the operation instruction conforms to the 7816 specification (this specification is the international smart card specification), and it includes the following parts: CLA, INS, P1, P2, LC, DATA;

其中,CLA(ClAss,类)字节,表示指令类型,其长度为一个字节;INS(INStructic,命令)字节,其长度为一个字节,一个INS字段表示一个特定的指令,即指令名;P1和P2(Parameters 1 and 2,两个参数)字节,P1、 P2的长度分别是一个字节,用于检验INS字段,或者用于输入数据;LC(Lengthof Command parameters,可选字段指令参数),LC是命令数据字段的字节数;DATA,数据字段即指令数据,其长度为LC的值;概括地,CLA、INS、P1、P2可以称为指令头,LC为指令参数,DATA部分为指令数据;  Among them, the CLA (ClAss, class) byte indicates the instruction type, and its length is one byte; the INS (INStructic, command) byte, its length is one byte, and an INS field indicates a specific instruction, that is, the instruction name ; P1 and P2 (Parameters 1 and 2, two parameters) bytes, the length of P1 and P2 is one byte respectively, used to check the INS field, or used to input data; LC (Length of Command parameters, optional field instructions parameters), LC is the number of bytes in the command data field; DATA, the data field is the command data, and its length is the value of LC; in general, CLA, INS, P1, and P2 can be called command headers, LC is the command parameter, and DATA Part of it is instruction data;

102、当所述密码输入设备接收到所述读卡器发送的操作指令后,对所述操作指令进行检测,根据所述操作指令的指令头中的指令类型判断所述操作指令是否为密码校验指令;如果所述操作指令不是密码校验指令,则执行步骤103;如果所述操作密码是密码校验指令,则执行步骤104;  102. After the password input device receives the operation instruction sent by the card reader, it detects the operation instruction, and judges whether the operation instruction is a password verification according to the instruction type in the instruction header of the operation instruction. verification instruction; if the operation instruction is not a password verification instruction, then execute step 103; if the operation password is a password verification instruction, then execute step 104;

103、密码输入设备将所述操作指令发送给智能卡,以便智能卡根据所述操作指令进行相应的操作,结束步骤的执行;  103. The password input device sends the operation instruction to the smart card, so that the smart card performs corresponding operations according to the operation instruction, and ends the execution of the steps;

104、所述密码输入设备接收用户输入的密码,所述用户输入的密码有两种方式,第一种,在一定时间范围内,用户通过密码输入设备自带的键盘输入密码时,密码输入设备接收所述键盘输入的数据并将所述数据作为用户输入的密码;第二种,经过一段时间后,用户没有通过所述键盘输入密码,则密码输入设备自动产生一串随机数,并将所述随机数作为用户输入的密码;  104. The password input device receives the password input by the user. There are two ways for the password input by the user. The first method is that within a certain time range, when the user enters the password through the keyboard that comes with the password input device, the password input device Receive the data input by the keyboard and use the data as the password input by the user; second, after a period of time, if the user does not enter the password through the keyboard, the password input device automatically generates a string of random numbers, and The above random number is used as the password entered by the user;

105、当所述密码输入设备接收完所述用户输入的密码后,将所述用户输入的密码封装到所述密码校验指令中;  105. After the password input device receives the password input by the user, encapsulate the password input by the user into the password verification instruction;

106、密码输入设备将封装有所述用户输入密码的密码校验指令发送给智能卡,以便智能卡对所述输入密码进行认证。  106. The password input device sends a password verification instruction encapsulated with the password input by the user to the smart card, so that the smart card authenticates the input password. the

本发明实施例还提供一种密码输入设备,如图2所示,该设备包括:  The embodiment of the present invention also provides a password input device, as shown in Figure 2, the device includes:

第一通信模块21、指令检测模块22、输入模块23、指令修改模块24、第二通信模块25。  A first communication module 21 , an instruction detection module 22 , an input module 23 , an instruction modification module 24 , and a second communication module 25 . the

所述密码输入设备通过第一通信模块21接收读卡器发送的操作指令,该操 作指令包括指令头、指令参数和指令数据,所述指令头携带的信息为指令类型和指令名等,指令参数为所述指令数据的字节数;当密码输入设备接收到所述读卡器发送的操作指令后,利用指令检测模块22检测所述操作指令的指令头中的指令类型是否为密码校验指令;若所述操作指令不是密码校验指令,则将所述操作指令通过第二通信模块25发送给智能卡;若所述操作指令为密码校验指令,则通过输入模块23接收用户输入的密码;在输入模块23接收完用户输入的密码后,利用指令修改模块24将所述输入密码封装到所述密码校验指令中;并通过第二通信模块25将封装有所述输入密码的密码校验指令发送给智能卡。  The password input device receives the operation instruction sent by the card reader through the first communication module 21, the operation instruction includes an instruction header, instruction parameters and instruction data, the information carried by the instruction header is instruction type and instruction name, etc., the instruction The parameter is the number of bytes of the instruction data; after the password input device receives the operation instruction sent by the card reader, utilizes the instruction detection module 22 to detect whether the instruction type in the instruction header of the operation instruction is password verification instruction; if the operation instruction is not a password verification instruction, then the operation instruction is sent to the smart card by the second communication module 25; if the operation instruction is a password verification instruction, then the password input by the user is received by the input module 23 ; After the input module 23 has received the password of the user's input, utilize the instruction modification module 24 to encapsulate the input password into the password verification instruction; The verification command is sent to the smart card. the

其中,所述输入模块24接收的用户输入的密码有两种形式,第一种,在一定时间范围内,用户通过密码输入设备自带的键盘输入密码时,密码输入设备将键盘输入的数据作为用户输入的密码;第二种,经过一段时间后,用户没有通过所述键盘输入密码,则密码输入设备自动产生一串随机数,并将所述随机数作为用户输入的密码。  Wherein, the password input by the user received by the input module 24 has two forms. The first type is that within a certain time range, when the user inputs the password through the keyboard provided by the password input device, the password input device uses the data entered by the keyboard as The password input by the user; the second type, after a period of time, if the user does not input the password through the keyboard, the password input device automatically generates a string of random numbers, and uses the random number as the password input by the user. the

本发明实施例中,用户输入的密码由所述密码输入设备接收,而不是由连接到互联网络中的消费终端接收,避免了非法用户通过互联网络监控所述消费终端将用户输入的密码截获的可能性,提高了用户输入密码的安全性;并且密码输入设备将用户输入的密码经封装后发送给所述智能卡,而不是由所述连接到互联网络的消费终端发送给所述智能卡,防止了用户输入的密码传输的过程中被非法用户截获,提高了用户输入密码的安全性。  In the embodiment of the present invention, the password input by the user is received by the password input device instead of the consumption terminal connected to the Internet, which avoids the possibility that the password input by the user is intercepted by an illegal user monitoring the consumption terminal through the Internet. Possibility, improve the security of the password input by the user; and the password input device sends the password input by the user to the smart card after encapsulation, instead of being sent to the smart card by the consumer terminal connected to the Internet, preventing The password input by the user is intercepted by an illegal user during transmission, which improves the security of the password input by the user. the

实施例2  Example 2

本发明实施例提供一种密码输入方法,如图3所示,该方法包括:  The embodiment of the present invention provides a password input method, as shown in Figure 3, the method includes:

301、所述密码输入设备在接收读卡器发送的操作指令之前,需要分别与读卡器和智能卡建立数据通信连接,该连接的具体步骤为:  301. Before the password input device receives the operation instruction sent by the card reader, it needs to establish a data communication connection with the card reader and the smart card respectively. The specific steps of the connection are:

密码输入设备接收读卡器发送的复位信号并将所述复位信号发送给所述智能卡,将所述复位信号发送给所述智能卡之后,密码输入设备接收所述智能卡发送的复位应答信息并将所述复位应答信号发送给所述读卡器,将所述密码输入设备将所述复位应答信息发送给所述读卡器后,所述密码输入设备接收所述读卡器发送的协议和参数选择指令并将所述协议和参数选择指令发送给所述智能卡,执行完上述步骤后,所述密码输入设备分别与读卡器和智能卡之间建立了数据通信连接;  The password input device receives the reset signal sent by the card reader and sends the reset signal to the smart card. After sending the reset signal to the smart card, the password input device receives the reset response information sent by the smart card and sends the reset signal to the smart card. The reset response signal is sent to the card reader, and after the password input device sends the reset response information to the card reader, the password input device receives the protocol and parameter selection sent by the card reader instruction and send the protocol and parameter selection instructions to the smart card, after performing the above steps, the password input device respectively establishes a data communication connection with the card reader and the smart card;

302、当所述密码输入设备分别与所述读卡器之间建立数据通信连接之后,所述密码输入设备接收所述读卡器发送的操作指令,该操作指令的格式符合7816规范(该规范为国际智能卡规范),它包括以下几个部分:CLA、INS、P1、P2、LC、DATA;  302. After the data communication connection is established between the password input device and the card reader respectively, the password input device receives the operation instruction sent by the card reader, and the format of the operation instruction conforms to the 7816 specification (this specification It is an international smart card specification), which includes the following parts: CLA, INS, P1, P2, LC, DATA;

其中,CLA(ClAss,类)字节,表示指令类型,其长度为一个字节;INS(INStructic,命令)字节,其长度为一个字节,一个INS字段表示一个特定的指令,即指令名;P1和P2(Parameters 1 and 2,两个参数)字节,P1、P2的长度分别是一个字节,用于检验INS字段,或者用于输入数据;LC(Lengthof Command parameters,可选字段指令参数),LC是命令数据字段的字节数;DATA,数据字段即指令数据,其长度为LC的值;概括地,CLA、INS、P1、P2可以称为指令头,LC为指令参数,DATA部分为指令数据;  Among them, the CLA (ClAss, class) byte indicates the instruction type, and its length is one byte; the INS (INStructic, command) byte, its length is one byte, and an INS field indicates a specific instruction, that is, the instruction name ; P1 and P2 (Parameters 1 and 2, two parameters) bytes, the length of P1 and P2 is one byte respectively, used to check the INS field, or to input data; LC (Length of Command parameters, optional field command parameters), LC is the number of bytes in the command data field; DATA, the data field is the command data, and its length is the value of LC; in general, CLA, INS, P1, and P2 can be called command headers, LC is the command parameter, and DATA Part of it is instruction data;

303、当所述密码输入设备接收到所述读卡器发送的操作指令后,需要检测所述操作指令的指令头携带的指令类型是否为密码校验指令;若果所述操作指令不是所述密码校验指令,则执行步骤304;若所述操作指令是所述密码校验指令,则执行步骤305;  303. After the password input device receives the operation instruction sent by the card reader, it needs to detect whether the instruction type carried in the instruction header of the operation instruction is a password verification instruction; if the operation instruction is not the password verification instruction, then execute step 304; if the operation instruction is the password verification instruction, then execute step 305;

304、密码输入设备将所述操作指令发送给智能卡,以便智能卡根据所述操 作指令进行相应的操作,执行步骤309;  304. The password input device sends the operation instruction to the smart card, so that the smart card performs corresponding operations according to the operation instruction, and executes step 309;

305、密码输入设备播放密码输入的提示信息,提示用户可以输入密码了,该密码输入提示信息可以是语音播放或者屏幕播放或者语音播放和屏幕播放相结合;  305. The password input device plays password input prompt information to prompt the user to enter the password. The password input prompt information can be voice playback or screen playback or a combination of voice playback and screen playback;

306、用户接收到所述密码输入设备播放的密码输入提示信息后,若在一定时间范围内通过所输密码输入设备自带的键盘输入密码,则所述密码输入设备接收所述用户通过键盘输入的数据并将所述数据作为用户输入的密码,若在一定时间范围内没有通过所述键盘输入密码,密码输入设备将自动产生一串随机数据,并将所述随机数作为用户输入的密码;  306. After the user receives the password input prompt information played by the password input device, if the user enters the password through the keyboard provided by the password input device within a certain time range, the password input device receives the user's input through the keyboard. If the password is not input through the keyboard within a certain time frame, the password input device will automatically generate a string of random data, and use the random number as the password input by the user;

307、密码输入设备将接收到的所述用户输入的密码封装到所述密码校验指令中,同时密码输入设备提示状态信息,如正在处理中,请稍候等;  307. The password input device encapsulates the received password input by the user into the password verification instruction, and at the same time, the password input device prompts status information, if it is being processed, please wait a moment;

其中,将用户输入的密码封装在所述密码校验指令中的过程,以所述读卡器发送的操作指令为00200000021234为例说明:操作指令的指令头为00200000,其中CLA为00、INS为20、P1为00、P2为00,表示该操作指令为密码校验指令;指令参数LC为02,表示该操作指令的指令数据为2个字节,1234为该操作指令的指令数据DATA,具体封装过程如下:  Wherein, the process of encapsulating the password input by the user in the password verification instruction is illustrated by taking the operation instruction sent by the card reader as 00200000021234 as an example: the instruction header of the operation instruction is 00200000, where CLA is 00 and INS is 20. P1 is 00 and P2 is 00, indicating that the operation instruction is a password verification instruction; the instruction parameter LC is 02, indicating that the instruction data of the operation instruction is 2 bytes, and 1234 is the instruction data DATA of the operation instruction, specifically The encapsulation process is as follows:

密码输入设备删除所述读卡器发送的密码校验指令的指令参数02和指令数据1234,密码输入设备将所述用户输入的密码补充到所述密码校验指令的指令数据部分,以用户输入的密码为112233为例,所述指令数据补充完成后,将当前用户输入密码的对应的参数添加到所述密码校验指令的指令参数部分中,实现密码校验指令参数的更新,将用户输入的密码封装到所述密码校验指令中的密码校验指令的内容为0020000003112233;  The password input device deletes the instruction parameter 02 and the instruction data 1234 of the password verification instruction sent by the card reader, and the password input device supplements the password input by the user to the instruction data part of the password verification instruction, and uses the user input The password is 112233 as an example. After the instruction data is supplemented, the corresponding parameters of the password input by the current user are added to the instruction parameter part of the password verification instruction to realize the update of the password verification instruction parameters, and the user input The content of the password verification instruction encapsulated into the password verification instruction is 0020000003112233;

进一步的,在将用户输入的密码封装到密码校验指令中之前,还可以对用 户输入的密码进行算法变换,然后将算法变换后的用户输入的密码封装到密码校验指令中;可以使用现有技术中的任一种加密算法或哈希算法都可以对用户输入的密码进行算法变换操作,例如,密码输入设备接收到的用户输入的密码为4321,使用SHA1算法(Secure Hash Algorithm 1,安全哈希算法)进行加密计算,得到运算结果abcd5678,则指令参数为04,指令数据为abcd5678,则生成的密码校验指令的内容为0020000004abcd5678。  Further, before the password input by the user is encapsulated into the password verification instruction, the password input by the user can also be transformed into an algorithm, and then the password entered by the user after the algorithm transformation is encapsulated into the password verification instruction; Any encryption algorithm or hash algorithm in the prior art can perform an algorithm transformation operation on the password input by the user. For example, the password input by the user input device is 4321, using the SHA1 algorithm (Secure Hash Algorithm 1, Secure Hash Algorithm) is encrypted and calculated to obtain the operation result abcd5678, then the instruction parameter is 04, the instruction data is abcd5678, and the content of the generated password verification instruction is 0020000004abcd5678. the

308、完成所述用户输入的密码的封装后,所述密码输入设备将封装有所述用户输入密码的校验指令发送给智能卡,便于所述智能卡对用户输入的密码进行认证;  308. After the encapsulation of the password input by the user is completed, the password input device sends a verification instruction encapsulated with the password input by the user to the smart card, so that the smart card can authenticate the password input by the user;

309、所述密码输入设备接收所述智能卡返回的所述指令的执行结果,当智能卡接收的是密码校验指令时,返回的是用户输入的密码的认证结果,该结果包括用户输入的密码正确和用户输入的密码不正确;当所述智能卡接收的是非密码校验指令,返回的就是操作指令的执行结果;  309. The password input device receives the execution result of the instruction returned by the smart card. When the smart card receives a password verification instruction, it returns the authentication result of the password input by the user, and the result includes that the password input by the user is correct. and the password entered by the user is incorrect; when the smart card receives a non-password verification command, what is returned is the execution result of the operation command;

310、密码输入设备将接收到的智能卡发送的所述指令的执行结果发送给所述读卡器,以便使所述读卡器根据指令执行的结果进行下一步的操作。  310. The password input device sends the received execution result of the instruction sent by the smart card to the card reader, so that the card reader performs the next operation according to the instruction execution result. the

本发明实施例还提供一种密码输入设备,如图4所示,该设备包括:第一通信模块41、第二通信模块42、指令检测模块43、播放模块44、输入模块45、指令修改模块46、算法变换模块47;  The embodiment of the present invention also provides a password input device, as shown in Figure 4, the device includes: a first communication module 41, a second communication module 42, an instruction detection module 43, a playback module 44, an input module 45, an instruction modification module 46. Algorithm transformation module 47;

在所述密码输入设备接收读卡器发送的操作指令之前,所述读卡器和所述智能卡需要分别与所述密码输入设备之间建立数据通信连接。第一通信模块41用于实现所述读卡器与所述密码输入设备之间的数据通信连接;第二通信模块42用于实现所述智能卡与所述密码输入设备之间的数据通信连接;当所述读卡器和所述智能卡分别与所述密码输入设备之间建立数据通信连接后,所述第一 通信模块41还用于接收读卡器发送的操作指令,所述操作指令包括指令头、指令参数和指令数据;  Before the password input device receives the operation instruction sent by the card reader, the card reader and the smart card need to respectively establish a data communication connection with the password input device. The first communication module 41 is used to realize the data communication connection between the card reader and the password input device; the second communication module 42 is used to realize the data communication connection between the smart card and the password input device; After the card reader and the smart card respectively establish a data communication connection with the password input device, the first communication module 41 is also used to receive the operation instruction sent by the card reader, and the operation instruction includes an instruction header, command parameters and command data;

当接收到读卡器发送的操作指令后,所述密码输入设备通过指令检测模块43检测所述读卡器发送的操作指令的指令头中所携带的指令类型是否为密码校验指令;当检测到所述操作指令为密码校验指令时,密码输入设备通过播放模块44播放提示用户输入密码的提示信息,该提示信息可以是语音播放或者屏幕显示或者语音播放和屏幕显示相结合;当播放模块44播放完提示用户输入的密码信息后,所述密码输入设备利用输入模块45接收用户输入的密码;并将输入模块接收到的密码通过指令修改模块46封装到所述密码校验指令中;在对用户输入的密码进行封装的同时所述播放模块44播放密码处理状态信息如:正在处理中,请稍候等;当所述用户输入密码封装完成以后,所述密码输入设备通过第二通信模块42将封装有所述输入密码的密码校验指令发送给智能卡;  After receiving the operation instruction sent by the card reader, the password input device detects whether the instruction type carried in the instruction header of the operation instruction sent by the card reader through the instruction detection module 43 is a password verification instruction; When the operation instruction is a password verification instruction, the password input device plays the prompt information that prompts the user to input the password through the playback module 44, and the prompt information can be voice playback or screen display or voice playback and screen display combined; when the playback module 44 After playing the password information that prompts the user to input, the password input device utilizes the input module 45 to receive the password input by the user; and the password received by the input module is encapsulated into the password verification instruction through the instruction modification module 46; While the password input by the user is encapsulated, the playback module 44 plays the password processing status information such as: processing, please wait; when the user input password is encapsulated, the password input device passes through the second communication module 42. Send the password verification instruction encapsulated with the input password to the smart card;

智能卡对接收到的用户输入密码进行认证,并将所认证的结果返回给所述密码输入设备,所述密码输入设备利用所述第二通信模块42接收所述智能卡返回的所述密码校验指令的执行结果;并通过第一通信模块41将所述密码校验指令的执行结果发送给所述读卡器,以便读卡器根据密码认证的结果进行下一步的操作。  The smart card authenticates the received user input password, and returns the authenticated result to the password input device, and the password input device uses the second communication module 42 to receive the password verification instruction returned by the smart card and send the execution result of the password verification instruction to the card reader through the first communication module 41, so that the card reader can perform the next operation according to the result of the password verification. the

在所述操作指令不为密码校验指令时,密码输入设备通过所述第二通信模块42将所述操作指令发送给智能卡,以便所述智能卡根据所述操作指令进行相应的操作;在智能卡执行完所述操作指令后,向所述密码输入设备发送所述操作指令执行的结果时,所述密码输入设备通过所述第二通信模块42接收所述操作指令执行的结果;并通过所述第一通信模块41将所述操作指令执行的结果发送给所述读卡器,以便所述读卡器根据所述操作指令执行的结果,进行下一步 的操作。  When the operation instruction is not a password verification instruction, the password input device sends the operation instruction to the smart card through the second communication module 42, so that the smart card performs corresponding operations according to the operation instruction; After the operation instruction is finished, when sending the execution result of the operation instruction to the password input device, the password input device receives the execution result of the operation instruction through the second communication module 42; A communication module 41 sends the result of the execution of the operation instruction to the card reader, so that the card reader performs the next operation according to the result of the execution of the operation instruction. the

其中,所述用户输入的密码有两种形式,第一种,当用户接收到所述密码输入设备播放的密码输入提示信息后,在一定时间范围内通过密码输入设备自带的键盘输入密码,所述输入模块45接收所述键盘输入的数据并将所述键盘输入的数据作为用户输入的密码;第二种,当用户接收到所述密码输入设备播放的密码输入提示信息后,在一定时间范围内没有通过所述键盘输入密码,所述密码输入设备将自动产生一串随机数,所述输入模块接收所述随机数并将所述随机数作为用户输入的密码;  Wherein, the password input by the user has two forms, the first one, after the user receives the password input prompt information played by the password input device, enters the password through the keyboard of the password input device within a certain period of time, The input module 45 receives the data input by the keyboard and uses the data input by the keyboard as the password input by the user; the second type, when the user receives the password input prompt information played by the password input device, within a certain period of time If there is no password input through the keyboard within the scope, the password input device will automatically generate a string of random numbers, and the input module receives the random numbers and uses the random numbers as the password input by the user;

其中,实现所述读卡器和所述智能卡分别与所述密码输入设备之间建立数据通信连接时包括:所述密码输入设备利用第一通信模块41接收所述读卡器发送的复位信号,并通过第二通信模块42将所述复位信号发送给所述智能卡;当将所述读卡器发送的复位信号发送给智能卡后,所述密码输入设备利用第二通信模块42接收所述智能卡发送的复位应答信息,并通过第一通信模块41将所述复位应答信号发送给所述读卡器;当将智能卡发送的复位应答信息发送给读卡器后,所述密码输入设备利用第一通信模块41接收所述读卡器发送的协议和参数选择指令,并通过第二通信模块42将所述协议和参数选择指令发送给所述智能卡;当将所述协议和参数选择指令发送给所述智能卡后,读卡器和智能卡分别与所述密码输入设备之间建立了数据通信连接;  Wherein, when establishing a data communication connection between the card reader and the smart card and the password input device respectively includes: the password input device uses the first communication module 41 to receive the reset signal sent by the card reader, And send the reset signal to the smart card through the second communication module 42; when the reset signal sent by the card reader is sent to the smart card, the password input device uses the second communication module 42 to receive the smart card to send reset response information, and send the reset response signal to the card reader through the first communication module 41; when the reset response information sent by the smart card is sent to the card reader, the password input device uses the first communication Module 41 receives the protocol and parameter selection instructions sent by the card reader, and sends the protocol and parameter selection instructions to the smart card through the second communication module 42; when the protocol and parameter selection instructions are sent to the After the smart card, a data communication connection is established between the card reader and the smart card and the password input device respectively;

其中,所述指令修改模块46用于将所述输入密码封装到所述密码校验指令中时包括:所述密码输入设备通过所述指令修改模块46将所述读卡器发送的密码校验指令的指令参数和指令数据删除;当删除完所述密码校验指令的指令参数和指令数据后,所述指令修改模块46还用于将用户输入的密码补充到所述指令数据部分;当所述用户输入的密码补充道所述指令数据部分后,所述指令修 改模块46还用于将所述指令参数更新为所述用户输入的密码对应的参数。  Wherein, when the instruction modification module 46 is used to encapsulate the input password into the password verification instruction, it includes: the password input device uses the instruction modification module 46 to verify the password sent by the card reader. Delete the command parameters and command data of the command; after deleting the command parameters and command data of the password verification command, the command modification module 46 is also used to supplement the password entered by the user to the command data part; when the After the password input by the user is added to the instruction data part, the instruction modification module 46 is also used to update the instruction parameter to the parameter corresponding to the password input by the user. the

其中,在所述指令修改模块46将所述用户输入密码封装到所述密码校验指令中之前,还可以对用户输入的密码进行算法变换,如图4虚线部分所示,算法变换模块47,用于将用户输入的密码进行算法变换,对用户输入的密码进行算法变换的方法包括加密和哈希;当所述算法变换模块47将用户输入的数据进行算法变换操作后,所述指令修改模块46将所述读卡器发送的密码校验指令的指令参数和指令数据删除;当删除完所述密码校验指令的指令参数和指令数据后,所述指令修改模块46还用于将算法变换后的用户输入的密码补充到所述指令数据部分;当所述算法变换后的用户输入的密码补充到所述指令数据部分后,所述指令修改模块46还用于将所述指令参数更新为所述算法变换后的用户输入的密码对应的参数。  Wherein, before the instruction modification module 46 encapsulates the user input password into the password verification instruction, the password input by the user may also be algorithmically transformed, as shown in the dotted line in Figure 4, the algorithm transformation module 47, For carrying out algorithm transformation to the password input by the user, the method for carrying out algorithm transformation to the password input by the user includes encryption and hashing; after the algorithm transformation module 47 performs the algorithm transformation operation on the data input by the user, the instruction modification module 46 delete the instruction parameter and instruction data of the password verification instruction sent by the card reader; after deleting the instruction parameter and instruction data of the password verification instruction, the instruction modification module 46 is also used to transform the algorithm After the password input by the user is added to the instruction data part; when the algorithm-transformed user input password is added to the instruction data part, the instruction modification module 46 is also used to update the instruction parameter to The parameter corresponding to the password input by the user after the algorithm transformation. the

本发明实施例中,在密码输入设备接收读卡器发送的操作指令之前,实现密码输入设备分别与读卡器和智能卡之间的数据通信连接,保证了输入的密码可以及时准确的在读卡器和智能卡之间进行传输。用户输入的密码直接由所述密码输入设备接收,而不是由所述连接到互联网络中的消费终端接收,避免了非法用户监控所述消费终端截获所述用户输入的密码,提高了用户输入密码的安全性;并且由所述密码输入设备将用户输入的密码转发给所述智能卡,而不是由所述连接到互联网络中的消费终端发送给所述智能卡,防止了非法用户通过互联网络将用户输入的密码截获,提高了用户输入密码的安全性;并且由所述智能卡对用户输入的密码进行认证,将所述用户输入密码的认证结果转发给读卡器,由所述读卡器根据所述执行结果与连接到互联网络的消费终端进行通信,防止了非法用户通过监控所述消费终端截获所述用户输入的密码,提高了用户输入密码的安全性。  In the embodiment of the present invention, before the password input device receives the operation command sent by the card reader, the data communication connection between the password input device and the card reader and the smart card is respectively realized, so as to ensure that the input password can be timely and accurately stored in the card reader. to and from the smart card. The password input by the user is directly received by the password input device, rather than by the consumption terminal connected to the Internet, which prevents illegal users from monitoring the consumption terminal and intercepting the password input by the user, and improves the password input by the user. security; and the password entered by the user is forwarded to the smart card by the password input device instead of being sent to the smart card by the consumer terminal connected to the Internet, preventing illegal users from sending the user's password through the Internet The password input is intercepted, which improves the security of the password input by the user; and the password input by the user is authenticated by the smart card, and the authentication result of the password input by the user is forwarded to the card reader, and the card reader according to the The execution result is communicated with the consumption terminal connected to the Internet, which prevents illegal users from intercepting the password input by the user by monitoring the consumption terminal, and improves the security of the password input by the user. the

通过以上的实施例的描述,所属领域的技术人员可以清楚地了解到本发明可借助软件加必需的通用硬件的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在可读取的存储介质中,如计算机的软盘,硬盘或光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述的方法。  Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be implemented by means of software plus necessary general-purpose hardware, and of course also by hardware, but in many cases the former is a better implementation mode . Based on this understanding, the essence of the technical solution of the present invention or the part that contributes to the prior art can be embodied in the form of a software product, and the computer software product is stored in a readable storage medium, such as a floppy disk of a computer , a hard disk or an optical disk, etc., including several instructions for enabling a computer device (which may be a personal computer, server, or network device, etc.) to execute the methods described in various embodiments of the present invention. the

以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应以权利要求的保护范围为准。  The above is only a specific embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Anyone skilled in the art can easily think of changes or substitutions within the technical scope disclosed in the present invention. Should be covered within the protection scope of the present invention. Therefore, the protection scope of the present invention should be based on the protection scope of the claims. the

Claims (10)

1.一种密码输入方法,其特征在于,包括:1. A password input method, characterized in that, comprising: 接收读卡器发送的操作指令;Receive the operation instruction sent by the card reader; 检测所述操作指令是否为密码校验指令;Detecting whether the operation instruction is a password verification instruction; 如果所述操作指令不是密码校验指令,则将所述操作指令发送给智能卡;If the operation instruction is not a password verification instruction, then send the operation instruction to the smart card; 如果所述操作指令为所述密码校验指令,则接收用户输入的密码;If the operation instruction is the password verification instruction, receiving the password input by the user; 将所述用户输入的密码封装到所述密码校验指令中;encapsulating the password input by the user into the password verification instruction; 将封装有所述用户输入密码的密码校验指令发送给智能卡;Sending the password verification instruction encapsulated with the password input by the user to the smart card; 接收所述智能卡返回的所述密码校验指令的执行结果;receiving the execution result of the password verification instruction returned by the smart card; 将所述密码校验指令的执行结果发送给所述读卡器。Send the execution result of the password verification instruction to the card reader. 2.根据权利要求1所述的密码输入方法,其特征在于,当所述操作指令为密码校验指令时,该方法还包括:播放密码输入的提示信息或者状态信息。2. The password input method according to claim 1, wherein when the operation instruction is a password verification instruction, the method further comprises: playing prompt information or status information for password input. 3.根据权力要求1所述的密码输入方法,其特征在于,在将所述用户输入的密码封装到所述密码校验指令中之前,该方法还包括:对用户输入的密码进行算法变换;3. The password input method according to claim 1, characterized in that, before encapsulating the password input by the user into the password verification instruction, the method further comprises: performing algorithm transformation on the password input by the user; 4.根据权力要求1所述的密码输入方法,其特征在于,将所述输入密码封装到所述密码校验指令中包括:4. The password input method according to claim 1, wherein encapsulating the input password into the password verification instruction comprises: 删除所述密码校验指令的指令参数和指令数据;Deleting the command parameters and command data of the password verification command; 将所述输入密码补充到所述密码校验指令的指令数据部分;Supplementing the input password to the instruction data part of the password verification instruction; 将所述密码校验指令的指令参数更新为当前指令数据对应的参数。The instruction parameter of the password verification instruction is updated to a parameter corresponding to the current instruction data. 5.根据权利要求1所述的密码输入方法,其特征在于,在接收读卡器发送的操作指令之前,该方法还包括:5. The password input method according to claim 1, characterized in that, before receiving the operation instruction sent by the card reader, the method further comprises: 接收所述读卡器发送的复位信号;receiving a reset signal sent by the card reader; 将所述复位信号发送给所述智能卡;sending the reset signal to the smart card; 接收所述智能卡发送的复位应答信息;receiving reset response information sent by the smart card; 将所述复位应答信号发送给所述读卡器;sending the reset response signal to the card reader; 接收所述读卡器发送的协议和参数选择指令;Receive the protocol and parameter selection instructions sent by the card reader; 将所述协议和参数选择指令发送给所述智能卡。Sending the protocol and parameter selection instructions to the smart card. 6.一种密码输入设备,其特征在于,包括:6. A password input device, characterized in that, comprising: 第一通信模块,用于接收读卡器发送的操作指令;还用于将所述密码校验指令的执行结果发送给所述读卡器;The first communication module is used to receive the operation instruction sent by the card reader; it is also used to send the execution result of the password verification instruction to the card reader; 指令监测模块,用于检测所述操作指令是否为密码校验指令;An instruction monitoring module, configured to detect whether the operation instruction is a password verification instruction; 输入模块,用于在检测到所述操作指令为密码校验指令时,接收用户输入的密码;An input module, configured to receive a password input by a user when detecting that the operation instruction is a password verification instruction; 指令修改模块,用于将所述用户输入的密码封装到所述密码校验指令中;An instruction modification module, configured to encapsulate the password input by the user into the password verification instruction; 第二通信模块,用于将封装有所述用户输入密码的密码校验指令发送给智能卡;还用于接收所述智能卡返回的所述密码校验指令的执行结果;The second communication module is used to send the password verification instruction encapsulated with the password input by the user to the smart card; and is also used to receive the execution result of the password verification instruction returned by the smart card; 所述第二通信模块还用于在检测到所述操作指令不是密码校验指令时,将所述操作指令发送给智能卡。The second communication module is further configured to send the operation instruction to the smart card when detecting that the operation instruction is not a password verification instruction. 7.根据权利要求6所述的密码输入设备,其特征在于,还包括:7. The password input device according to claim 6, further comprising: 播放模块,用于在所述操作指令为密码校验指令时,播放密码输入的提示信息或者状态信息。The playing module is used to play prompt information or status information of password input when the operation instruction is a password verification instruction. 8.根据权利要求6所述的密码输入设备,其特征在于,还包括:8. The password input device according to claim 6, further comprising: 算法变换模块,用于在将所述用户输入的密码封装到所述密码校验指令中之前对用户输入的密码进行算法变换。The algorithm conversion module is configured to perform algorithm conversion on the password input by the user before encapsulating the password input by the user into the password verification instruction. 9.根据权利要求6所述的密码输入设备,其特征在于,9. The password input device according to claim 6, characterized in that, 所述指令修改模块还用于删除所述密码校验指令的指令参数和指令数据;The instruction modification module is also used to delete the instruction parameters and instruction data of the password verification instruction; 所述指令修改模块还用于将所述输入密码补充到所述密码校验指令的指令数据部分;The instruction modification module is also used to supplement the input password to the instruction data part of the password verification instruction; 所述指令修改模块还用于将所述密码校验指令的指令参数更新为当前指令数据对应的参数。The instruction modifying module is further configured to update the instruction parameters of the password verification instruction to parameters corresponding to the current instruction data. 10.根据权利要求6所述的密码输入设备,其特征在于,10. The password input device according to claim 6, characterized in that, 所述第一通信模块还用于接收所述读卡器发送的复位信号;The first communication module is also used to receive a reset signal sent by the card reader; 所述第二通信模块还用于将所述复位信号发送给所述智能卡;The second communication module is further configured to send the reset signal to the smart card; 所述第二通信模块还用于接收所述智能卡发送的复位应答信息;The second communication module is also used to receive reset response information sent by the smart card; 所述第一通信模块还用于将所述复位应答信号发送给所述读卡器;The first communication module is further configured to send the reset response signal to the card reader; 所述第一通信模块还用于接收所述读卡器发送的协议和参数选择指令;The first communication module is also used to receive protocol and parameter selection instructions sent by the card reader; 所述第二通信模块还用于将所述协议和参数选择指令发送给所述智能卡。The second communication module is further configured to send the protocol and parameter selection instructions to the smart card.
CN200910079882.4A 2009-03-13 2009-03-13 Method for inputting password and device thereof Expired - Fee Related CN101533539B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN200910079882.4A CN101533539B (en) 2009-03-13 2009-03-13 Method for inputting password and device thereof
PCT/CN2010/071001 WO2010102577A1 (en) 2009-03-13 2010-03-12 Method and device for password inputting
US12/812,042 US8777100B2 (en) 2009-03-13 2010-03-12 Method for inputting a password and a device therefor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200910079882.4A CN101533539B (en) 2009-03-13 2009-03-13 Method for inputting password and device thereof

Publications (2)

Publication Number Publication Date
CN101533539A CN101533539A (en) 2009-09-16
CN101533539B true CN101533539B (en) 2014-04-30

Family

ID=41104113

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200910079882.4A Expired - Fee Related CN101533539B (en) 2009-03-13 2009-03-13 Method for inputting password and device thereof

Country Status (1)

Country Link
CN (1) CN101533539B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8777100B2 (en) * 2009-03-13 2014-07-15 Feitian Technologies Co., Ltd. Method for inputting a password and a device therefor
CN106992858B (en) * 2017-04-06 2020-05-19 四川科道芯国智能技术股份有限公司 Data processing method and device
CN115273428A (en) * 2022-07-29 2022-11-01 广东浦尔顿科技有限公司 Car fills electric pile charge detection alarm system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1474336A (en) * 2003-07-26 2004-02-11 孙诗瑶 Cipher input method and device for financial transaction by reading card
KR20070069344A (en) * 2005-12-28 2007-07-03 매그나칩 반도체 유한회사 Smart card security method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1474336A (en) * 2003-07-26 2004-02-11 孙诗瑶 Cipher input method and device for financial transaction by reading card
KR20070069344A (en) * 2005-12-28 2007-07-03 매그나칩 반도체 유한회사 Smart card security method

Also Published As

Publication number Publication date
CN101533539A (en) 2009-09-16

Similar Documents

Publication Publication Date Title
JP6648110B2 (en) System and method for authenticating a client to a device
JP6653268B2 (en) System and method for communicating strong authentication events on different channels
US8527758B2 (en) Systems and methods for facilitating user identity verification over a network
US20130139222A1 (en) Authentication of mobile device
CN107609866B (en) Electronic payment and electronic cash collection method and device based on virtual currency
CN104639534A (en) Website safety information uploading method and browser device
JP2022527798A (en) Systems and methods for efficient challenge response authentication
CN104573554A (en) Method for loading safety key storage hardware and browser client device
CN111131420B (en) Electronic resource transfer method, device and storage medium
CN104079562B (en) A kind of safety certifying method and relevant apparatus based on payment terminal
CN103839157A (en) Electronic payment method, device and system
CN103220281A (en) Information processing method and system
TWI539392B (en) Secure payment system based on Internet and safe payment method
CN101620705A (en) Safety certificate method and system for Internet banking
WO2016058556A1 (en) Service processing method and device
TW202201310A (en) Payment token application method, equipment, system and server
JP2023507568A (en) System and method for protection against malicious program code injection
CN111404695A (en) Token request verification method and device
CN101533539B (en) Method for inputting password and device thereof
WO2016086708A1 (en) Payment verification method, apparatus and system
TW201021498A (en) Authentication system utilizing image authentication code and method thereof
CN103136881B (en) Method of payment and payment system
CN116132072B (en) Method and system for security authentication of network information
US9235832B1 (en) Systems and methods for detecting transactions originating from an unauthenticated ATM device
CN105321069A (en) Method and device for realizing remote payment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20140430