CN101859453A - Smart card loss reporting method based on short message service and system - Google Patents
Smart card loss reporting method based on short message service and system Download PDFInfo
- Publication number
- CN101859453A CN101859453A CN200910190582A CN200910190582A CN101859453A CN 101859453 A CN101859453 A CN 101859453A CN 200910190582 A CN200910190582 A CN 200910190582A CN 200910190582 A CN200910190582 A CN 200910190582A CN 101859453 A CN101859453 A CN 101859453A
- Authority
- CN
- China
- Prior art keywords
- smart card
- loss
- loss reporting
- command
- portable terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000004891 communication Methods 0.000 claims description 9
- 238000005516 engineering process Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 11
- 230000005540 biological transmission Effects 0.000 description 8
- 238000007726 management method Methods 0.000 description 6
- 238000003860 storage Methods 0.000 description 5
- 238000013475 authorization Methods 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 239000000969 carrier Substances 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 239000012467 final product Substances 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Landscapes
- Telephone Function (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a smart card loss reporting method based on short message service and a system. The method comprises the following steps that: a business system verifies a loss reporting request of a user and then generates a loss reporting command; the business system encrypts the loss reporting command and transmits the encrypted loss reporting command to a mobile terminal; the mobile terminal decrypts the received loss reporting command message and judges whether the command is an smart card execution command, and if the command is an smart card execution command, the mobile terminal transmits the loss reporting command message to the smart card for execution; and the smart card locks the payment function according to the loss reporting command message. Since the loss reporting command is transmitted to the mobile phone in the form of the safety message in the smart card system, the smart card loss reporting method based on the short message service and the system provided by the invention realize the rapid and secure loss reporting of the smart card, and ensure the security of the business data.
Description
Technical field
The present invention relates to a kind of Financial Information safety management technology field, in particular a kind of method and system of reporting the loss by note realization smart card.
Background technology
In the prior art, along with the development of technology, people can be anywhere or anytime by the smart card terminal online, in the terminal or equipment of these portable built-in intelligence cards, can carry out the information transmission by note, GPRS and background server, these smart card devices are common as mobile phone, PDA etc.
Smart card is equipped with CPU and RAM, can a fairly large number of by oneself data and can not interfere with the work of host CPU.But smart card is the data of filter false also, to alleviate the burden of host CPU.Be adapted to the more and communication speed demand of port number occasion faster.
Smart card is a kind of of IC-card (integrated circuit card), and by the difference of embedded chip type, IC-card can be divided three classes:
1. memory card: but the integrated circuit in the card is the programmable read only memory EEPROM that electricity consumption is wiped, and it only has a data storage function, does not have data-handling capacity; The no hardware encrypting of storage card itself is only encrypted on file, is easy to be cracked.
2. logic encryption card: the integrated circuit in the card comprises encryption logic circuit and programmable read only memory EEPROM, and the encryption logic circuit is the safety of data in protection card and the card to a certain extent, but just low level protection can't prevent malicious attack.
3. smart card (CPU card): the integrated circuit in the card comprises central processor CPU, programmable read only memory EEPROM, random access memory ram and is solidificated in card internal operating system COS (Chip Operating System) in the read only memory ROM.Data are divided into the outside and read and the inter-process part in the card, guarantee that data security is reliable in the card.
Smart card operating system is commonly referred to chip operating system COS.COS generally has the security system of oneself, and its security performance is normally weighed the important technology index of COS.The COS function comprises: transfer management, file management, security system, command interpretation etc.On function, the purposes of smart card can be classified as following 4 points: identification; The means of payment; Encrypt/decrypt; Information transmission and preservation.
Can realize network finance management, for example inquiry of bank capital, accounting payment etc. by smart card device.But simultaneously these smart card devices are owing to itself be the communication tool of using always, are easy to lose or stolen, cause smart card in use to have very large risk and hidden danger thus.
In the present smart card device, by the memory contents classification, smart card has two kinds, and a kind of is the certain sensitive information of smart cards for storage, such as the amount of money, authority etc.; A kind of is that smart card is only stored identification system.The former can not report the loss usually, and in a single day the holder loses card, can only bear a loss voluntarily; The latter stops illegal smart card to continue to use by a large amount of blacklist of storage in verification terminal, and this mode all has very high requirement to storage capacity, the search capability of terminal to system-wide blacklist management.
Therefore, prior art does not also have better implementation, to realize the processing of reporting the loss to smart card.
Summary of the invention
The object of the present invention is to provide a kind of smart card based on note to report the loss method and system, the wireless communication technology of utilizing Present Attitude to popularize realizes long-range reporting the loss to the smart card by carriers such as mobile phones; Because this method adopts wireless communication technology, can there be potential safety hazard in data transmission aloft, therefore we introduce cryptographic technique very ripe at present and that be widely used, and business datum is encrypted and authentication, guarantee the safety of business datum.
Technical scheme of the present invention comprises:
A kind of smart card based on note is reported the loss method, and it may further comprise the steps:
A, after operation system checking user's the request of reporting the loss is passed through, generate loss reporting command;
B, by operation system loss reporting command is encrypted the back and send to portable terminal by note;
C, described portable terminal are decrypted the loss reporting command message of receiving, and judge whether to be the smart card execution command, in this way, then send to described smart card and carry out;
D, described smart card are according to described loss reporting command message locking payment function.
Described method, wherein, what encrypt to adopt among the described step B is the private key of operation system, and deciphering is adopted among the described step C is to PKI that should private key.
Described method, wherein, described portable terminal is set to mobile phone, and described smart card setting has the mobile phone wallet function.
Described method, wherein, described step D also comprises: described smart card is changed to disarmed state by the state to identity information and operational order and realizes locking.
A kind of smart card loss report system based on note, it comprises that one has the portable terminal of smart card, and the operation system that is connected with this smart card communication; Wherein, be provided with in the described operation system and be used to verify that the user reports the loss the interface of request, be used for producing loss reporting command by the back, and send loss reporting command message after encrypting to described portable terminal in checking;
Described portable terminal is used for the loss reporting command message of being received is decrypted, and sends this loss reporting command to described smart card;
Described smart card is used to carry out this loss reporting command and locks payment function.
Described system, wherein, described portable terminal is a mobile phone, and described smart card is set to have the smart card of mobile phone wallet function.
Described system, wherein, described encryption/decryption adopts the unsymmetrical key mode.
A kind of smart card based on note provided by the present invention is reported the loss method and system, reports the loss the mode of order to mobile phone owing to adopted safe note to send in smart card system, has realized fast and safely the reporting the loss of smart card guaranteed the safety of business datum.
Description of drawings
Fig. 1 is that the smart card that the present invention is based on note is reported the loss the schematic flow sheet of method;
Fig. 2 is the smart card loss report system synoptic diagram that the present invention is based on note.
Embodiment
Below in conjunction with accompanying drawing, will be described in more detail each preferred embodiment of the present invention.
The smart card method of reporting the loss that the present invention is based on note mainly is to be used for realizing, for the smart card of depositing use in equipment such as mobile phone, intelligent terminal, with the report the loss locking of safety short message mode realization to smart card.Safety note of the present invention is carried out ciphering signature by the public-key cryptographic keys technology, to prevent illegal imitation, illegally to steal, illegally distort etc.
In the existing password technology, be divided into two classes according to the characteristics of key: symmetric cryptographic technique and asymmetric cryptographic technique.Symmetric cryptographic technique is that decruption key is identical with encryption key, and in this system, the secure distribution of key is a difficult point in using.Asymmetric cryptographic technique is public key cryptography technology again, in common key cryptosystem, the user has two keys, one is disclosed PKI (Public Key), the private key (Private Key) that another user is privately owned, both are inequality, are difficult to release another from one, and communicating pair need not prior interchange key just can set up secret communication.
The present invention adopts asymmetric cryptographic technique, and the safety of this public key cryptosyst employing certificate mechanism realization user's identity and user's key is corresponding.Certificate mechanism adopts Public Key Infrastructure (Public Key Infrastructure:PKI) technology.It has comprehensively used multinomial safety techniques and such as digital digest, digital signature to overlap complete certificate management mechanism security service is provided.System need build the authentication center (Certification Authority:CA) of public credibility so that identify user identity, signs and issues digital certificate for the user then.Digital certificate can bind together user identity and user key safely.The user must exchange certificate earlier in operation system, use public and private key to finish operations such as user's authentication, access control, information security transmission then.Above-mentioned implementation is a prior art, and the present invention only for using this technology, therefore repeats no more.
For operability and the security that realizes that smart card is reported the loss, the smart card that the present invention is based on note is reported the loss method and has been carried out protection and authentication and realized security service based on note with cryptographic technique, as shown in Figure 1, may further comprise the steps:
At first portable terminal and operation system keep network insertion, the holder passes through predetermined way, for example phone, webpage or email etc., its corresponding smart card is reported the loss in operating personnel's request to operation system, in such cases, the portable terminal that normally oneself has a smart card occur to be lost or improper situation such as stolen.
Operating personnel at first need to verify holder's identity when receiving this request of reporting the loss smart card, produce loss reporting command by operation system; After by sms center loss reporting command being encrypted then, report the loss the order note to the mobile phone transmission of using smart card; Mobile phone is after receiving that this reports the loss the order note, and deciphering and authorization information if the verification passes, are then carried out the operation of locking smart card: identity information in the smart card and delivery operation instruction are changed to disarmed state.
After smart card is locked, the cellphone subscriber will not be performed by any operation about account of mobile phone input, for example inquire about, transfer accounts or the like.Certainly prerequisite is, need to keep smart card can normally use in mobile phone, mobile phone can be transmitted to smart card after reporting the loss the order note receiving, smart card is after deciphering and authorization information, can carry out the smart card lock program, but not influence the call function of smart card usually.So, can guarantee the security of smart card operation.
The inventive method has solved the problem that smart card can not be reported the loss, difficulty is reported the loss by short message mode; In the process of carrying out the note transmission, there is the potential safety hazard of forging and being distorted in short message content owing to be by aerial transmission, the inventive method is based on above-mentioned consideration, adopt the public key cryptography of present widespread use, short message content is encrypted, realized reporting the loss the security of operation.
One preferred embodiment of the inventive method comprises:
The user enters bank outlets, requires to report the loss its mobile phone wallet function.Bank confirms that according to information such as user identity certificates its request of reporting the loss is legal;
Bank clerk will be reported the loss the cell-phone number of wallet in the input of its administration page, and centring system generates reports the loss order, and uses own encrypted private key one-tenth to have the ciphertext of authentication, sends to mobile phone by note;
Mobile phone is received note, checks whether messaging format is the note that sends to mobile phone wallet, then is transmitted to the smart card of mobile phone wallet in this way;
The mobile phone wallet smart card is decrypted order with bank's PKI of storage, and the deciphering back then identifies mobile phone wallet for locking according to reporting the loss order.
The smart card loss report system that the present invention is based on note as shown in Figure 2, it mainly comprises a portable terminal, as mobile phone, is provided with smart card in this portable terminal, and is connected with the operation system communication; Described smart card can have the mobile phone wallet function.Operation system in the system of the present invention has the user of reception and reports the loss the interface of request, and carries out authentication, after checking is passed through, promptly produces loss reporting command, and adopts user's private key to encrypt the loss reporting command message after portable terminal sends to encryption.Described portable terminal has each module of correspondence that receives this loss reporting command message, and adopts the PKI of bank to be decrypted, and after deciphering, loss reporting command is sent to smart card carry out.Described smart card only need lock information such as wherein identity information and delivery operation instruction and get final product, and this locking is permanent.So can guarantee the operation of reporting the loss to smart card.
The inventive method and system can be by initiatively sending the report the loss function of other communication modes realizations of information, the passive reception order of mobile phone to smart card to mobile phone.The inventive method is utilized the command execution ability of smart card itself, in conjunction with asymmetric key system, realized loss reporting command by safe note transmission, carry out to lock by smart card, the long-range locking that can realize to smart card, it realizes safe and convenient, strong assurance the smart card security of aspect financial payment, using.
Should be understood that, for those of ordinary skills, can be improved according to the above description or conversion, and all these improvement and conversion all should belong to the protection domain of claims of the present invention.
Claims (7)
1. the smart card based on note is reported the loss method, and it may further comprise the steps:
A, after operation system checking user's the request of reporting the loss is passed through, generate loss reporting command;
B, by operation system loss reporting command is encrypted the back and send to portable terminal by note;
C, described portable terminal are decrypted the loss reporting command message of receiving, and judge whether to be the smart card execution command, in this way, then send to described smart card and carry out;
D, described smart card are according to described loss reporting command message locking payment function.
2. method according to claim 1 is characterized in that, what encrypt to adopt among the described step B is the private key of operation system, and deciphering is adopted among the described step C is to PKI that should private key.
3. method according to claim 2 is characterized in that described portable terminal is set to mobile phone, and described smart card setting has the mobile phone wallet function.
4. method according to claim 3 is characterized in that, described step D also comprises: described smart card is changed to disarmed state by the state to identity information and operational order and realizes locking.
5. smart card loss report system based on note, it comprises that one has the portable terminal of smart card, and the operation system that is connected with this smart card communication; It is characterized in that, be provided with in the described operation system and be used to verify that the user reports the loss the interface of request, be used for producing loss reporting command by the back, and send loss reporting command message after encrypting to described portable terminal in checking;
Described portable terminal is used for the loss reporting command message of being received is decrypted, and sends this loss reporting command to described smart card;
Described smart card is used to carry out this loss reporting command and locks payment function.
6. system according to claim 5 is characterized in that, described portable terminal is a mobile phone, and described smart card is set to have the smart card of mobile phone wallet function.
7. system according to claim 6 is characterized in that, described encryption/decryption adopts the unsymmetrical key mode.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910190582A CN101859453A (en) | 2009-09-30 | 2009-09-30 | Smart card loss reporting method based on short message service and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910190582A CN101859453A (en) | 2009-09-30 | 2009-09-30 | Smart card loss reporting method based on short message service and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101859453A true CN101859453A (en) | 2010-10-13 |
Family
ID=42945339
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910190582A Pending CN101859453A (en) | 2009-09-30 | 2009-09-30 | Smart card loss reporting method based on short message service and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101859453A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102170638A (en) * | 2010-12-03 | 2011-08-31 | 北京握奇数据系统有限公司 | Air loss reporting method and equipment |
| CN103198404A (en) * | 2013-04-10 | 2013-07-10 | 深圳市国民电子商务有限公司 | Phone wallet loss reporting method based on short messages and system thereof |
| CN104376467A (en) * | 2014-12-03 | 2015-02-25 | 东信和平科技股份有限公司 | Method and device for controlling non-contact card swiping of intelligent cards on basis of NFC (near field communication) technologies |
| CN104715368A (en) * | 2013-12-16 | 2015-06-17 | 中国移动通信集团公司 | Method, device, system and relevant equipment for logging out electronic wallet |
| CN105205886A (en) * | 2014-06-26 | 2015-12-30 | 青岛海尔智能家电科技有限公司 | Server, access control equipment and management terminal and method for community security and protection |
| CN107093237A (en) * | 2017-04-13 | 2017-08-25 | 乐猫联卫(北京)网络科技有限公司 | One kind reports the loss access card processing alarm management system |
-
2009
- 2009-09-30 CN CN200910190582A patent/CN101859453A/en active Pending
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102170638A (en) * | 2010-12-03 | 2011-08-31 | 北京握奇数据系统有限公司 | Air loss reporting method and equipment |
| CN102170638B (en) * | 2010-12-03 | 2014-04-23 | 北京握奇数据系统有限公司 | Air loss reporting method and equipment |
| CN103198404A (en) * | 2013-04-10 | 2013-07-10 | 深圳市国民电子商务有限公司 | Phone wallet loss reporting method based on short messages and system thereof |
| CN104715368A (en) * | 2013-12-16 | 2015-06-17 | 中国移动通信集团公司 | Method, device, system and relevant equipment for logging out electronic wallet |
| CN105205886A (en) * | 2014-06-26 | 2015-12-30 | 青岛海尔智能家电科技有限公司 | Server, access control equipment and management terminal and method for community security and protection |
| CN104376467A (en) * | 2014-12-03 | 2015-02-25 | 东信和平科技股份有限公司 | Method and device for controlling non-contact card swiping of intelligent cards on basis of NFC (near field communication) technologies |
| CN107093237A (en) * | 2017-04-13 | 2017-08-25 | 乐猫联卫(北京)网络科技有限公司 | One kind reports the loss access card processing alarm management system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10154021B1 (en) | Securitization of temporal digital communications with authentication and validation of user and access devices | |
| CN103001773B (en) | Fingerprint authentication system and fingerprint authentication method based on near field communication (NFC) | |
| CN103714639B (en) | A kind of method and system that realize the operation of POS terminal security | |
| CN100374971C (en) | Securing access to an application service based on a proximity token | |
| US7362869B2 (en) | Method of distributing a public key | |
| CN1689297B (en) | Method of preventing unauthorized distribution and use of electronic keys using a key seed | |
| CN101300808B (en) | Method and arrangement for secure autentication | |
| CN1913427B (en) | System and method for encrypted smart card PIN entry | |
| CN100533459C (en) | Data safe reading method and safe storage device thereof | |
| US20060280297A1 (en) | Cipher communication system using device authentication keys | |
| CN101807994B (en) | Method and system for application data transmission of IC card | |
| CN101770619A (en) | Multiple-factor authentication method for online payment and authentication system | |
| CN101483654A (en) | Method and system for implementing authentication and data safe transmission | |
| CN101561953A (en) | Safe ATM system and operation method thereof | |
| WO2011035515A1 (en) | Identification method and system for wireless payment | |
| WO2018133674A1 (en) | Method of verifying and feeding back bank payment permission authentication information | |
| US20140289129A1 (en) | Method for secure contactless communication of a smart card and a point of sale terminal | |
| CN107332671A (en) | A kind of safety mobile terminal system and method for secure transactions based on safety chip | |
| CN101741565A (en) | Method and system for transmitting IC (integrated circuit)-card application data | |
| CN106096947A (en) | Half off-line anonymous method of payment based on NFC | |
| CN109903052A (en) | A kind of block chain endorsement method and mobile device | |
| CN109600725A (en) | A kind of message encryption method based on SM9 algorithm | |
| CN101964805B (en) | Method, equipment and system for safely sending and receiving data | |
| CN101859453A (en) | Smart card loss reporting method based on short message service and system | |
| CN103699997A (en) | Method, device and electronic equipment for locking mobile payment service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20101013 |