CN108629186A - A kind of embedded-type security applied to Android system pays POS machine and method - Google Patents
A kind of embedded-type security applied to Android system pays POS machine and method Download PDFInfo
- Publication number
- CN108629186A CN108629186A CN201710179201.6A CN201710179201A CN108629186A CN 108629186 A CN108629186 A CN 108629186A CN 201710179201 A CN201710179201 A CN 201710179201A CN 108629186 A CN108629186 A CN 108629186A
- Authority
- CN
- China
- Prior art keywords
- processing module
- signature
- firmware
- secure processing
- machine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000000034 method Methods 0.000 title claims abstract description 15
- 238000012545 processing Methods 0.000 claims abstract description 56
- 238000001514 detection method Methods 0.000 claims abstract description 20
- 238000004891 communication Methods 0.000 claims abstract description 18
- 238000003860 storage Methods 0.000 claims abstract description 18
- 238000005520 cutting process Methods 0.000 claims abstract description 7
- 230000007246 mechanism Effects 0.000 claims description 10
- 230000006870 function Effects 0.000 claims description 8
- 238000007789 sealing Methods 0.000 claims description 5
- 230000006378 damage Effects 0.000 claims description 2
- 230000001960 triggered effect Effects 0.000 claims description 2
- 230000009977 dual effect Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 4
- 238000012360 testing method Methods 0.000 description 4
- GCKMFJBGXUYNAG-HLXURNFRSA-N Methyltestosterone Chemical compound C1CC2=CC(=O)CC[C@]2(C)[C@@H]2[C@@H]1[C@@H]1CC[C@](C)(O)[C@@]1(C)CC2 GCKMFJBGXUYNAG-HLXURNFRSA-N 0.000 description 2
- 241001122767 Theaceae Species 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 238000007639 printing Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012011 method of payment Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 230000011218 segmentation Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 239000011800 void material Substances 0.000 description 1
- 208000008918 voyeurism Diseases 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/86—Secure or tamper-resistant housings
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07G—REGISTERING THE RECEIPT OF CASH, VALUABLES, OR TOKENS
- G07G1/00—Cash registers
- G07G1/12—Cash registers electronically operated
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mathematical Physics (AREA)
- Cash Registers Or Receiving Machines (AREA)
Abstract
A kind of embedded-type security applied to Android system pays POS machine and method, including, application system, it includes wireless communication module, display screen, camera, battery, loud speaker and the buzzer of application processing module and connection application processing module that the application system, which uses Android system, the application system,;Security system, the security system include secure processing module and the connection printer of secure processing module, serial communication, touch modules, code keyboard, the close chip of state, magnetic stripe reader, IC card reader and non-connect card reader;The secure processing module includes tearing machine self-destruction unit, startup self-detection unit, firmware upgrade unit, EEPROMC/FLASH storage units open and preventing cutting machine unit have the characteristics that the security performance of raising system.
Description
Technical field
The present invention relates to intelligent POS machine system, more particularly to a kind of embedded-type security applied to Android system pays POS
Machine and method.
Background technology
Traditional payment devices are in order to ensure the peace of holder's sensitive information, especially personal identification number and bank card information
Entirely, closed embedded safety system is all used.The measure of all kinds of anti-physics, logical attack is implemented on hardware and software.
As client realizes payment devices the growth of more intelligent use demands, one side Android system with its largely at
Ripe commercial intelligent use attracts clients.The increasing income property of another aspect Android system causes it to be very easy to be attacked by hacker
It hits, all exposes a large amount of system vulnerability every year.
So how open Android system and embedded-type security payment are integrated, before security of system of guaranteeing payment
It puts, realizes that more flexible business applications are paying bank problems to be solved in the industry.
Invention content
The purpose of the present invention one is to provide a kind of embedded-type security payment POS machine applied to Android system, has and carry
The characteristics of security performance of high system.
The present invention above-mentioned purpose technical scheme is that:
A kind of embedded-type security applied to Android system pays POS machine, including,
Application system, it includes that application processing module and connection are applied that the application system, which uses Android system, the application system,
Wireless communication module, display screen, camera, battery, loud speaker and the buzzer of processing module;
Security system, the security system include secure processing module and the connection printer of secure processing module, serial communication,
Touch modules, code keyboard, the close chip of state, magnetic stripe reader, IC card reader and non-connect card reader;
The secure processing module includes
Tear machine self-destruction unit open, the sealing state for detecting machine or more shell is described to tear machine open certainly when detecting improper dismounting
Ruin unit output and destroy signal, the memory module in system receives destroy signal after erase encryption file;
Startup self-detection unit, when machine is switched on, secure processing module, which is read, surveys firmware signature and original signatures match, when not
Timing, security system are in down state;
Firmware upgrade unit, when firmware upgrade packet is downloaded, the secure processing module obtains the first signature file of upgrade package,
Obtain the second signature file after the completion of downloading, and by the first signature file and the second signature file and firmware original signatures match,
When inconsistent, the secure processing module deletes upgrade package.
By using above-mentioned technical proposal, dual system built in the POS is respectively the application system and peace using Android system
Total system, using the open and multiple functional of Android system, make the operation smoothnesses of pos machines, operation pages, it is comfortable easily
Feature can automatically switch to security system by application system and connect when pos machines proceed to the functional facilities that security system is taken over
Pipe the characteristics of to play including operator's safety of payment, and further includes tearing machine self-destruction unit, startup self-detection open in the security system
Unit and firmware upgrade unit, the comprehensive supervision and protection constructed to the hardware construction to pos machines, software.
Further, the secure processing module includes EEPROMC storage units/FLASH storage units, when receiving pin
When ruining signal, the secure processing module can wipe the storage information of EEPROMC storage units/FLASH storage units.
By using above-mentioned technical proposal, it is independently arranged storage unit and by system to being supervised from storage unit
Control, the independently arranged storage unit of one side make encryption file may be provided at convenient for agreeing to management in storage unit, lead to simultaneously
Secure processing module is crossed to can delete the private data in storage unit after the destruction signal for receiving feedback, to prevent
Confidential information leaks.
Further, the secure processing module includes preventing cutting machine unit, described to prevent that cutting machine unit includes
Authority signature certificate and authority signature private spoon are written by the mechanism that producer allows;
Signed APK, and the APK that signed includes signature description information, authority signature data, authority signature public affairs spoon certificate, machine
The private spoon of structure signature and signature header file;
When the APK that signed needs to be installed to secure processing module, the side, which cuts machine unit, can extract the label for the APK that signed
Name file, and proofreaded with authority signature certificate and authority signature private spoon, when identical, allow to install.
By using above-mentioned technical proposal, first between the pos Ji You mechanisms there are one two-way license the step of, respectively by
Associated mechanisms are approved by producer(Can be industrial and commercial bank, agricultural bank etc.)And the process of associated mechanisms approved maker, in pre- typing
When mechanism can be by the authority signature certificate of itself and authority signature private spoon(It is edited by mechanism), just can be protected by the setting of private spoon
The uniqueness of the private spoon of card, when needing to install the APK of signal, public spoon that can be Jing Guo mechanism is verified and verifies two with private spoon, this
Sample, to ensure the safety of system, prevents pos from illegally being distorted since private spoon is unique, steals the system visitor in pos machines
Family.
The purpose of the present invention one is to provide a kind of embedded-type security method of payment applied to Android system have and improve
The characteristics of safe security performance of system.
The present invention above-mentioned purpose technical scheme is that:
A method of the embedded-type security being applied to Android system is paid, and is included the following steps,
It is respectively the application system and security system using Android system that two systems, which are arranged, wherein
Application system includes and controls application processing module and connect the wireless communication module of application processing module, display screen, take the photograph
As head, battery, loud speaker and buzzer;
Security system includes and controls secure processing module and connect the printer of secure processing module, serial communication, touch mould
Block, code keyboard, the close chip of state, magnetic stripe reader, IC card reader and non-connect card reader;
Also it is also configured in the security system,
It is described to tear machine self-destruction list open when detecting improper dismounting by tearing the sealing state of the upper lower casing of machine self-destruction unit detection open
Signal is destroyed in member output, the memory module in system receives destroy signal after erase encryption file;
Start startup self-detection unit upon power-up, is read by secure processing module and survey firmware signature and original signatures match, when
When mismatch, security system is in down state;
When firmware upgrade, secure processing module obtains the first signature file of upgrade package, and the second signature is obtained after the completion of downloading
File, and by the first signature file and the second signature file and firmware original signatures match, when inconsistent, the safe handling mould
Block deletes upgrade package.
By using above-mentioned technical proposal, dual system built in the POS is respectively the application system and peace using Android system
Total system, using the open and multiple functional of Android system, make the operation smoothnesses of pos machines, operation pages, it is comfortable easily
Feature can automatically switch to security system institute when pos machines proceed to the functional facilities that security system is taken over by application system
The characteristics of to play including operator's safety of payment, and further include tearing machine self-destruction unit, booting open in the security system in taking over
Self-test unit and firmware upgrade unit, the comprehensive supervision and protection constructed to the hardware construction to pos machines, software.
Further, the detection method of the startup self-detection unit includes the following steps successively,
Secure Boot read the signature file of firmware and the sys pk of system public affairs spoon;
With sys pk decrypted signature file acquisition digest value V1;
Secure Boot calculate firmware digest value V2;
Compare V1 and V2, when equal, firmware normal operation, whens not equal, system is unavailable.
Further, the detection method of the firmware upgrade unit includes the following steps successively,
Secure Boot read the signature file of upgrade package and the sys pk of system public affairs spoon;
With sys pk decrypted signature file acquisition digest value V1;
Secure Boot calculate firmware digest value V2;
Compare V1 and V2, when equal, firmware upgrade normal operation deletes upgrade package whens not equal.
Further, when touch event is triggered, the trigger command of the input is judged whether by security system at this time
Start random cipher when being for payment function and input keyboard, when no, which is returning to application system.
In conclusion the invention has the advantages that:
1. using dual system and by dual system be divided into it is safe with it is dangerous, by the switching between system, to realize for being
The processing for safety of uniting;
2. with tearing machine self-destruction ability open, machine is illegally torn open by detection, for example shell is dismantled by people, screw is unscrewed leads to shell of attending class
Between there is gap so that system enter down state, prevent the additional additional firmware of personnel, steal system encryption letter
Breath.
3. having illegal update protective capability, improper upgrade package is prevented or downloading process upgrade package is tampered again feelings
Condition occurs.
4. also having the function of to prevent cutting machine.
Description of the drawings
Fig. 1 is the system connection block diagram of POS machine;
Fig. 2 is secure processing module block diagram;
Fig. 3 is the method flow diagram of booting or firmware self-test;
Fig. 4 is to prevent cutting machine schematic diagram;
Fig. 5 is dual system switching principle figure.
Specific implementation mode
Below in conjunction with attached drawing, invention is further described in detail.
Embodiment 1,
A kind of embedded-type security applied to Android system pays POS machine, which uses dual system framework, respectively apply
System and security system, wherein a CPU can be used in the POS machine, and a secure and trusted region is hewed out in this CPU
Carry out editing safety system, certainly, dual processors can be also set in POS machine, application system and security system is completely isolated.
Shown in referring to Fig.1, which may be used newest Android 5.X systems, to ensure that it is smaller that Android has
Loophole, and that there is the experience of good screen operation, abundant hardware and numerous developers can download is more for Android system
Application, the Android system connect pos machines in wireless communication module, display screen, camera, battery, loud speaker and buzzing
Device is realized and is controlled interface application, but is easy by more hacker attack with open its of Android, thus provided with
Independent safe system, the security system include secure processing module and connect the printer of secure processing module, serial communication,
Touch modules, code keyboard, the close chip of state, magnetic stripe reader, IC card reader and it is non-connect card reader, using printing in this way
Machine, serial communication, touch modules, code keyboard, the close chip of state, magnetic stripe reader, IC card reader and it is non-connect card reader whole
It is taken over by security system, to ensure that the safety of payment.
With reference to shown in Fig. 2, which further includes tearing machine self-destruction unit, startup self-detection unit, firmware upgrade list open
Member, EEPROMC/FLASH storage units and anti-cut machine unit, wherein tearing machine self-destruction unit open mainly prevents lawless people pair from setting
It is standby to carry out refitted vehicles, breaking-proof switch is set in POS machine, and under normal circumstances, terminal can be used normally, and be not in appoint
What warning message, has a rest once illegal tea occurs, for example shell is dismantled by people or screw is unscrewed that upper lower casing is caused gap occur,
System will be considered that malice tears machine open, and by tea method, system can be eliminated to be stored in EEPROMC/FLASH storage units breaking-proof switch at this time
Data, to ensure the safety of user information.
Startup self-detection unit, when machine is switched on, secure processing module, which is read, surveys firmware signature and original signatures match, when
When mismatch, security system is in down state, prevents from being that firmware is tampered the feelings for causing security system to be plagiarized in shutdown
Condition occurs.
Firmware upgrade unit, when firmware upgrade packet is downloaded, the secure processing module obtains the first signature of upgrade package
File obtains the second signature file after the completion of downloading, and the first signature file and the second signature file is signed with firmware original
Matching, when inconsistent, the secure processing module deletes firmware upgrade packet.
It is anti-to cut machine unit with reference to shown in Fig. 4, include the producer by allowing in production(Including Bank of China, industrial and commercial bank,
Agricultural bank etc.)The private spoon of written agency signature and mechanism public affairs spoon certificate on secure processing module, when needs are installed newly
When signature APK, which includes signature description information, authority signature data, authority signature public affairs spoon certificate, manufacturer's correlation
Information and signature header file, secure processing module can extract signature file from the APK that signed, which includes at least
Authority signature public affairs spoon certificate and authority signature private spoon pass through the mechanism of sign public spoon certificate and authority signature private spoon and producer's typing
The public spoon certificate of signature and authority signature private spoon compare, when these segmentation symbols match, the factory being mounted on where corresponding authority signature public affairs spoon certificate
Under the catalogue of family, the APK is not allowed to install when not meeting.
Embodiment 2,
A method of the embedded-type security being applied to Android system is paid, which uses dual system framework, respectively applies
System and security system, wherein a CPU can be used in the POS machine, and a secure and trusted region is hewed out in this CPU
Carry out editing safety system, certainly, dual processors can be also set in POS machine, application system and security system is completely isolated.
Shown in referring to Fig.1, which may be used newest Android 5.X systems, to ensure that it is smaller that Android has
Loophole, and that there is the experience of good screen operation, abundant hardware and numerous developers can download is more for Android system
Application, the Android system connect pos machines in wireless communication module, display screen, camera, battery, loud speaker and buzzing
Device is realized and is controlled interface application, but is easy by more hacker attack with open its of Android, thus provided with
Independent safe system, the security system include secure processing module and connect the printer of secure processing module, serial communication,
Touch modules, code keyboard, the close chip of state, magnetic stripe reader, IC card reader and it is non-connect card reader, using printing in this way
Machine, serial communication, touch modules, code keyboard, the close chip of state, magnetic stripe reader, IC card reader and it is non-connect card reader whole
It is taken over by security system, to ensure that the safety of payment.The secure processing module is also configured with by tearing machine self-destruction unit open
The sealing state of lower casing in detection, it is described to tear the output of machine self-destruction unit open and destroy signal when detecting improper dismounting, in system
Memory module receive destroy signal after erase encryption file;Start startup self-detection unit upon power-up, passes through safe handling
Module, which is read, surveys firmware signature and original signatures match, and when mismatching, security system is in down state;Work as firmware upgrade
When secure processing module obtain the first signature file of upgrade package, the second signature file is obtained after the completion of downloading, and by first
Signature file and the second signature file and firmware original signatures match, when inconsistent, the secure processing module deletes upgrade package.
With reference to shown in Fig. 3, the method for booting/firmware self-test is as follows,
It downloads and completes in booting or firmware;
Secure Boot read the signature file of firmware and the sys pk of system public affairs spoon;
With sys pk decrypted signature file acquisition digest value V1;
The scenes Secure Boot calculate firmware digest value V2;
Compare V1 and V2, when equal, firmware normal operation or machine normal boot-strap are deleted whens not equal and download firmware or be
It unites unavailable.
The generation step of general signature file is, using SHA256 standards or more than the algorithm of standard calculate abstract,
To obtain unique mark, mark is encrypted in the RSA Algorithm by 2048 or more and obtains ciphertext, to generate with text of signing
Part.
Referring to Figure 5, the specific working mode of the POS machine, first device power-up power on, and application system can be examined automatically
Safety and the stability for surveying Android system, Android system included testing agency when this is general, when verification result is out of question,
Security system can verify firmware signature, and for checking whether firmware signature is tampered, above-mentioned two kinds are verified any one appearance
When problem, to ensure the safety and stablization of system, POS is made to be in down state.Verify it is errorless after can carry out after operate,
Application for non-pay function, the non-pay function include display, communication, camera etc., there is Android system supervision;For
The application of payment function be security system supervision, payment function include printer, serial communication, touch modules, code keyboard,
The close chip of state, magnetic stripe reader, IC card reader and it is non-connect card reader etc., for touch display screen, the POS machine is provided with independence
Touch detection module, under normal circumstances touch function handled by application system, the touch event quilt in terms of being related to number
When triggering, it is directly switch to security system, detects whether to pay by security system, if "Yes", security system can drop out void
Quasi- keyboard directly can carry out the input of PIN in touch screen.When PIN is inputted, inputted using the random keyboard of safety.It touches
Screen connection safety chip is touched, when in input PIN states, the PIN information of input is handled and encrypted by safety chip.PIN is defeated
Enter and do not support to show in plain text, and uses asterisk(*)Instead of preventing other people from peeping.If "no" feeds back to Android system, after
Continuous operation.
This specific embodiment is only explanation of the invention, is not limitation of the present invention, people in the art
Member can as needed make the present embodiment the modification of not creative contribution after reading this specification, but as long as at this
It is all protected by Patent Law in the right of invention.
Claims (7)
1. a kind of embedded-type security applied to Android system pays POS machine, it is characterised in that:Including,
Application system, it includes that application processing module and connection are applied that the application system, which uses Android system, the application system,
Wireless communication module, display screen, camera, battery, loud speaker and the buzzer of processing module;
Security system, the security system include secure processing module and the connection printer of secure processing module, serial communication,
Touch modules, code keyboard, the close chip of state, magnetic stripe reader, IC card reader and non-connect card reader;
The secure processing module includes
Tear machine self-destruction unit open, the sealing state for detecting machine or more shell is described to tear machine open certainly when detecting improper dismounting
Ruin unit output and destroy signal, the memory module in system receives destroy signal after erase encryption file;
Startup self-detection unit, when machine is switched on, secure processing module, which is read, surveys firmware signature and original signatures match, when not
Timing, security system are in down state;
Firmware upgrade unit, when firmware upgrade packet is downloaded, the secure processing module obtains the first signature file of upgrade package,
Obtain the second signature file after the completion of downloading, and by the first signature file and the second signature file and firmware original signatures match,
When inconsistent, the secure processing module deletes upgrade package.
2. a kind of embedded-type security applied to Android system according to claim 1 pays POS machine, it is characterised in that:
The secure processing module includes EEPROMC storage units/FLASH storage units, when receiving destruction signal, the safety
Processing module can wipe the storage information of EEPROMC storage units/FLASH storage units.
3. a kind of embedded-type security applied to Android system according to claim 1 pays POS machine, it is characterised in that:
The secure processing module includes preventing cutting machine unit, described to prevent that cutting machine unit includes
Authority signature certificate and authority signature private spoon are written by the mechanism that producer allows;
Signed APK, and the APK that signed includes signature description information, authority signature data, authority signature public affairs spoon certificate, machine
The private spoon of structure signature and signature header file;
When the APK that signed needs to be installed to secure processing module, the side, which cuts machine unit, can extract the label for the APK that signed
Name file, and proofreaded with authority signature certificate and authority signature private spoon, when identical, allow to install.
4. a kind of method that embedded-type security applied to Android system is paid, it is characterised in that:Including,
It is respectively the application system and security system using Android system that two systems, which are arranged, wherein
Application system includes and controls application processing module and connect the wireless communication module of application processing module, display screen, take the photograph
As head, battery, loud speaker and buzzer;
Security system includes and controls secure processing module and connect the printer of secure processing module, serial communication, touch mould
Block, code keyboard, the close chip of state, magnetic stripe reader, IC card reader and non-connect card reader;
Also it is also configured in the security system,
It is described to tear machine self-destruction list open when detecting improper dismounting by tearing the sealing state of the upper lower casing of machine self-destruction unit detection open
Signal is destroyed in member output, the memory module in system receives destroy signal after erase encryption file;
Start startup self-detection unit upon power-up, is read by secure processing module and survey firmware signature and original signatures match, when
When mismatch, security system is in down state;
When firmware upgrade, secure processing module obtains the first signature file of upgrade package, and the second signature is obtained after the completion of downloading
File, and by the first signature file and the second signature file and firmware original signatures match, when inconsistent, the safe handling mould
Block deletes upgrade package.
5. requiring the method that a kind of embedded-type security applied to Android system described in 4 is paid according to right, feature exists
In:The detection method of the startup self-detection unit includes the following steps successively,
Secure Boot read the signature file of firmware and the sys pk of system public affairs spoon;
With sys pk decrypted signature file acquisition digest value V1;
Secure Boot calculate firmware digest value V2;
Compare V1 and V2, when equal, firmware normal operation, whens not equal, system is unavailable.
6. requiring the method that a kind of embedded-type security applied to Android system described in 4 is paid according to right, feature exists
In:The detection method of the firmware upgrade unit includes the following steps successively,
Secure Boot read the signature file of upgrade package and the sys pk of system public affairs spoon;
With sys pk decrypted signature file acquisition digest value V1;
Secure Boot calculate firmware digest value V2;
Compare V1 and V2, when equal, firmware upgrade normal operation deletes upgrade package whens not equal.
7. requiring the method that a kind of embedded-type security applied to Android system described in 4 is paid according to right, feature exists
In:When touch event is triggered, the trigger command of the input determines whether payment function by security system at this time, when being
When, start random cipher and input keyboard, when no, which is returning to application system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710179201.6A CN108629186A (en) | 2017-03-23 | 2017-03-23 | A kind of embedded-type security applied to Android system pays POS machine and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710179201.6A CN108629186A (en) | 2017-03-23 | 2017-03-23 | A kind of embedded-type security applied to Android system pays POS machine and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108629186A true CN108629186A (en) | 2018-10-09 |
Family
ID=63706704
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710179201.6A Withdrawn CN108629186A (en) | 2017-03-23 | 2017-03-23 | A kind of embedded-type security applied to Android system pays POS machine and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108629186A (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101266706A (en) * | 2008-04-09 | 2008-09-17 | 拉卡啦(北京)电子支付技术服务有限公司 | On-demand customized payment terminal |
| CN201331812Y (en) * | 2008-12-31 | 2009-10-21 | 东莞市建邦计算机软件有限公司 | Urban and rural micro-payment system |
| US20120124658A1 (en) * | 2010-11-17 | 2012-05-17 | David Brudnicki | System and Method for Providing Secure Data Communication Functionality to a Variety of Applications on a Portable Communication Device |
| CN103049694A (en) * | 2013-01-14 | 2013-04-17 | 上海慧银信息科技有限公司 | Core safety architecture implementation method of intelligent financial transaction terminal |
| CN105488924A (en) * | 2015-12-11 | 2016-04-13 | 福建新大陆支付技术有限公司 | POS high-end application system and solving method |
| CN105957276A (en) * | 2016-05-17 | 2016-09-21 | 福建新大陆支付技术有限公司 | Android system-based intelligent POS security system, starting method and data management control method |
| CN205656721U (en) * | 2016-05-17 | 2016-10-19 | 福建新大陆支付技术有限公司 | Based on intelligence POS safety circuit of android system |
| CN106327184A (en) * | 2016-08-22 | 2017-01-11 | 中国科学院信息工程研究所 | Intelligent mobile terminal payment system and intelligent mobile terminal payment method based on safe hardware isolation |
-
2017
- 2017-03-23 CN CN201710179201.6A patent/CN108629186A/en not_active Withdrawn
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101266706A (en) * | 2008-04-09 | 2008-09-17 | 拉卡啦(北京)电子支付技术服务有限公司 | On-demand customized payment terminal |
| CN201331812Y (en) * | 2008-12-31 | 2009-10-21 | 东莞市建邦计算机软件有限公司 | Urban and rural micro-payment system |
| US20120124658A1 (en) * | 2010-11-17 | 2012-05-17 | David Brudnicki | System and Method for Providing Secure Data Communication Functionality to a Variety of Applications on a Portable Communication Device |
| CN103049694A (en) * | 2013-01-14 | 2013-04-17 | 上海慧银信息科技有限公司 | Core safety architecture implementation method of intelligent financial transaction terminal |
| CN105488924A (en) * | 2015-12-11 | 2016-04-13 | 福建新大陆支付技术有限公司 | POS high-end application system and solving method |
| CN105957276A (en) * | 2016-05-17 | 2016-09-21 | 福建新大陆支付技术有限公司 | Android system-based intelligent POS security system, starting method and data management control method |
| CN205656721U (en) * | 2016-05-17 | 2016-10-19 | 福建新大陆支付技术有限公司 | Based on intelligence POS safety circuit of android system |
| CN106327184A (en) * | 2016-08-22 | 2017-01-11 | 中国科学院信息工程研究所 | Intelligent mobile terminal payment system and intelligent mobile terminal payment method based on safe hardware isolation |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12067553B2 (en) | Methods for locating an antenna within an electronic device | |
| JP4079200B2 (en) | External equipment | |
| CN108629206B (en) | Secure encryption method, encryption machine and terminal equipment | |
| US20080052539A1 (en) | Inline storage protection and key devices | |
| CN107003866A (en) | The safety establishment of encrypted virtual machine from encrypted template | |
| US20030009687A1 (en) | Method and apparatus for validating integrity of software | |
| WO2019209630A1 (en) | File processing method and system, and data processing method | |
| JP2001216046A (en) | Device security mechanism based on registered password | |
| GB2508251A (en) | Preventing tampering of device firmware by validation before boot | |
| CN109657448A (en) | A kind of method, apparatus, electronic equipment and storage medium obtaining Root authority | |
| CN101416129B (en) | field device | |
| CN108038385A (en) | A kind of data processing method, mobile terminal and computer-readable medium | |
| CN104364791A (en) | PC security using BIOS/(U)EFI extensions | |
| CN110069266A (en) | Application upgrade method, apparatus, computer equipment and storage medium | |
| CN103873238A (en) | Safety protection method of software integrity of cryptographic machine | |
| US20050091516A1 (en) | Secure attention instruction central processing unit and system architecture | |
| KR102768823B1 (en) | Prevent tampering via computer | |
| EP1811460B1 (en) | Secure software system and method for a printer | |
| CN108629186A (en) | A kind of embedded-type security applied to Android system pays POS machine and method | |
| CN104573564B (en) | Management method under a kind of system of BIOS administrator's passwords | |
| CN111858114B (en) | Device starting exception handling and device starting control method, device and system | |
| CN209785060U (en) | Internet of things safety payment platform | |
| EP3244375A1 (en) | Microcontroller for secure starting with firewall | |
| Kurdziel et al. | An SCA security supplement compliant radio architecture | |
| Petrlic | Integrity protection for automated teller machines |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20201202 Address after: Room 401, building 1, floor 4, no.6, Chaoyang Men Wai Street, Chaoyang District, Beijing 100020 057 Applicant after: Beijing huierfeng Information System Co., Ltd Address before: 301700 South Building 318, C18 building, North Branch of Fuyuan Road, Wuqing District, Tianjin. Applicant before: VERIFONE (CHINA) INFORMATION SYSTEM Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210531 Address after: 318, South Building, building C18, entrepreneurship headquarters base, North Fuyuan Road, development zone, Wuqing District, Tianjin Applicant after: VERIFONE (CHINA) INFORMATION SYSTEM Co.,Ltd. Address before: Room 401, building 1, floor 4, no.6, Chaoyang Men Wai Street, Chaoyang District, Beijing 100020 057 Applicant before: Beijing huierfeng Information System Co., Ltd |
|
| TA01 | Transfer of patent application right | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20181009 |
|
| WW01 | Invention patent application withdrawn after publication |