CN2929835Y - Intelligent card with financial trade message processing property - Google Patents
Intelligent card with financial trade message processing property Download PDFInfo
- Publication number
- CN2929835Y CN2929835Y CNU2006201204505U CN200620120450U CN2929835Y CN 2929835 Y CN2929835 Y CN 2929835Y CN U2006201204505 U CNU2006201204505 U CN U2006201204505U CN 200620120450 U CN200620120450 U CN 200620120450U CN 2929835 Y CN2929835 Y CN 2929835Y
- Authority
- CN
- China
- Prior art keywords
- module
- card
- smart card
- message processing
- finance
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000012545 processing Methods 0.000 title claims abstract description 26
- 230000010365 information processing Effects 0.000 claims abstract description 8
- 230000015654 memory Effects 0.000 claims description 14
- 230000000694 effects Effects 0.000 abstract description 2
- 238000000034 method Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 6
- 238000012856 packing Methods 0.000 description 6
- 238000013475 authorization Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000011161 development Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000008676 import Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000000203 mixture Substances 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 235000006694 eating habits Nutrition 0.000 description 1
- 238000009472 formulation Methods 0.000 description 1
- 230000003862 health status Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
- 239000000758 substrate Substances 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model discloses an intelligent card with the ability of finance trade message processing, which comprises a CPU control module, a security control module, an input and output interface module, a storage module, a finance-card standard information processing module and an ISO8583 message processing module, wherein the CPU control module is connected with and controls the security control module, the input and output interface module, the storage module, the finance-card standard information processing module and the ISO8583 message processing module respectively. The utility model integrates the message processing function into the intelligent card, the safety of finance trade can be risen to effectively avoid the illegal acts that illegal gains is earned by the utilizing of the safety loophole of the finance trade terminal, the application range of the finance card can be extended to make the finance card trade by personal computers be possible and all the finance trade activities of the cardholder are greatly convenient.
Description
Technical field
The utility model relates to the Electronic Finance transaction system, relates to a kind of smart card with financial-transaction message processing ability specifically.
Background technology
Along with the continuous development of e-finance, the application of smart card is more and more universal.The title of smart card derives from english nouns " Smartcard ", claims integrated circuit card again, i.e. IC-card (Integrated Circuit card).It is embedded in an integrated circuit (IC) chip in the plastic substrate, is packaged into the form of card, and its profile is similar to the magnetic card that covers magnetic stripe.Its appearance just is well received with its extra small volume, advanced person's ic core chip technology and special secrecy provision and the characteristics that can't decode and copy.In some field that smart card uses, they just only provide the protected non-volatile storage.More senior smart card also has microprocessor and internal memory, is used for safe processing and storage, and can be used to use the security application of public keys or shared key algorithm.Non-volatile memories on the smart card is the most valuable resource, can be used for preserving key and digital certificate.Some smart cards have independent cryptographic coprocessor, support the algorithm as RSA, DES and 3DES.Smart card does not comprise battery, only with just be activated when card reader is connected.When it was connected, after carrying out a homing sequence, card was in unactivated state, waited for the command request that receives from client (main frame) application program.Smart card can be divided into can contacting with non-and contacts.Can contact 8 the contact physics of smart card by card reader and smart card and contact communication and work, rely on less than the radiofrequency signal communication within the general distance of 2 feet (60.96 centimetres) but not can contact smart card.The radio communication of contactless smart card is based on being similar to the technology that is used to preserve antiburglary and writes down radio frequency identifiers (RFID) mark of inventory.Along with the development of technology, smart card also can be integrated into portable equipment and suffer.Mobile phone, PDA, PocketPC, USB TOKEN, USB flash disk, MP3 player and mobile memory etc. all belong to portable equipment.A common feature of these equipment is exactly that volume is little, portable, therefore has been subjected to user's favor.At present, smart card is widely used in fields such as phonecard, fiscard, identification card and mobile phone, pay TV.
For the standard smart card, ISO (International Standards Organization) has been specified series of standards, wherein ISO7816-3 has stipulated power supply, signal structure and smart card and such as the message exchange between the such interfacing equipment of terminal, comprise signal rate, voltage level, current values, odd even agreement, working specification, transmission mechanism and with the communicating by letter of smart card.We can say that this standard can guarantee correct transmission data between smart card and terminal, prevents that the communication data between smart card and the terminal from illegally being stolen and distorting.
The EMV standard is bank's chip card application uniform technical standards that three big credit card international organizations (Europay, MasterCard, VISA) unite formulation.The bank card (smart card) that meets the EMV standard has powerful anti-swindle function, and personal information wherein is difficult to be replicated.Compare with magnetic stripe card, the information of EMV standard chips card inside can access better protection, avoid being damaged and malice steal.Information encrypted can reduce holder, trade company and risk of bank greatly in the chip.Simultaneously, it can also store more information, as membership information, reward points, so that personal information such as eating habit and health status.
At present, as " China's finance integrated circuit (IC) calliper model " (being called for short the PBOC standard) of domestic financial industry standard, be under the prerequisite that meets international finance IC-card development trend, on the principle basis of compatible EMV standard, the financial IC card industry standard of formulating in conjunction with domestic actual demand.At present, PBOC 2.0 is newest standards of China's Financial IC-card.
International Organization for Standardization is in the relevant field of bank card, series of standards and standard have been formulated, from the physical features of bank card to recording technique, and bank uses some application standards of bank card all to be included, wherein the ISO8583 standard code standard and the secret interface of data security of exchange message between the bank card application system.Message (Message) between the financial terminals such as bank card switching centre and ATM, EFT/POS is to define according to " ISO 8583:1987BANK CARD ORIGINATED MES SAGES--INTERCHANGEMESSAGE SPECIFICATIONS--CONTENT FOR FINANCIALTRANSACTIONS ", and it has stipulated the message standard of bank card business dealing.All message packets of ISO8583 defined are made up of 128 field domain at most, and all there is unified regulation in each territory, and fixed length and elongated branch are arranged.The ISO8583 message is made up of following three parts: message type identifier (MESSAGE-TYPE-IDENTIFIER), bitmap table (BITMAP) and a series ofly form by the bitmap table predetermined data is first.Bitmap table is the core of 8583 bags, and it is that packing unpacks the key of determining field domain, and the attribute of understanding each field domain then is the basis of filling in data.
At present, generally use financial smart card in the following way: smart card is responsible for handling the EMV/PBOC standard information, and financial transaction terminal is responsible for handling the ISO8583 message, and financial transaction terminal carries out information interaction by network and service provider then.This mode makes the security of transaction depend on the security of financial transaction terminal system to a great extent, in case security breaches appear in the financial transaction terminal system, brings risk will for whole bargain link.The offender may utilize personal computer system's security breaches to try to gain ill-gotten gains.In addition, another drawback of this mode is that fiscard can only be accepted by financial transaction terminal, has limited the usable range of fiscard.
Summary of the invention
In order to overcome above-mentioned shortcoming, the utility model aims to provide a kind of smart card with financial-transaction message processing ability, and portion handles the ISO8583 message within it.
The utility model is realized by following scheme: a kind of smart card with financial-transaction message processing ability, comprise the CPU control module, safety control module, input/output interface module, memory module, fiscard standard information processing module and ISO8583 message processing module (MPM), wherein the CPU control module connects respectively and controls safety control module, input/output interface module, memory module, fiscard standard information processing module, the ISO8583 message processing module (MPM), described ISO8583 message processing module (MPM) is responsible for the raw data of input is organized, pack, and the ISO8583 message bag that receives is unpacked and handles.
Described smart card can be a contact intelligent card, also can be contact type intelligent card.
Described smart card can be integrated in the portable equipment.
Described portable equipment can be mobile phone, PDA, PocketPC, USB TOKEN, USB flash disk, MP3 player or mobile memory.
The beneficial effects of the utility model are: after being integrated into ISO8583 message processing capacity in the smart card, can improve E-Security, effectively prevent to utilize the financial transaction terminal security breaches to try to gain the illegal act of ill-gotten gains; Enlarge the usable range of fiscard, making personal computer accept the fiscard transaction becomes possibility, is very easy to holder's various financial transaction activity.
Description of drawings
Fig. 1 is that current financial smart card application model is described figure.
Fig. 2 describes figure for the utility model application model.
Fig. 3 is the synoptic diagram of a kind of embodiment of the utility model.
Fig. 4 is the synoptic diagram of the another kind of embodiment of the utility model.
Fig. 5 is an illustrative view of functional configuration of the present utility model.
Fig. 6 in the utility model to the message information process flow diagram of packing.
Fig. 7 unpacks process flow diagram in the utility model to message information.
Embodiment
Below in conjunction with the drawings and specific embodiments the utility model is described in further detail:
As shown in Figure 1, financial smart card mainly is responsible for handling the EMV/PBOC standard information at present.Financial transaction terminal mainly is responsible for handling the ISO8583 message information.Both carry out information interaction by network and service provider.
As shown in Figure 2, smart card described in the utility model both had been responsible for handling the EMV/PBOC standard information, be responsible for handling the ISO8583 message information again, thereby make financial transaction terminal and the personal computer all can the processes financial transactions smart card, enlarged its usable range, make things convenient for people to its various financial application of carrying out, and improved E-Security.
As shown in Figure 3, this is a kind of embodiment of the present utility model, and smart card directly is connected with personal computer (also can be financial transaction terminal), then by network access provider one end.Described smart card both had been responsible for handling the EMV/PBOC standard information, was responsible for handling the ISO8583 message information again.The message that will comprise information such as sender, recipient, number and transaction sequence number after described smart card can will be handled by personal computer and network is delivered to serves the provider.Described smart card can be a contact intelligent card, also can be contact type intelligent card (embedded antenna).Correspondingly, is furnished with smart card reader/card reader or receive the device of the signal that smart card sends on the personal computer.By means of the keyboard on the personal computer, can import Transaction Information.
As shown in Figure 4, this is an another kind of embodiment of the present utility model, and smart card has been integrated in the portable mobile apparatus, and portable mobile apparatus is by wireless network link service provider one end.At this moment, smart card exists with the form that is similar to the SIM card in the mobile phone, and described portable mobile apparatus has the function of terminal.Described smart card both had been responsible for handling the EMV/PBOC standard information, was responsible for handling the ISO8583 message information again.The message that will comprise information such as sender, recipient, number and transaction sequence number after described smart card can will be handled by network is delivered to the service provider place.Described portable mobile apparatus can read and the information of storing on the smart card and producing is delivered to service provider one side by wireless network, also can receive and handle the information that sends over from service provider one side.The user imports Transaction Information or sends instruction by means of modes such as the button of portable mobile apparatus, hand-written or speech recognitions.Transaction results is presented on the display screen of portable mobile apparatus.
Certainly, portable equipment also can be connected to personal computer by wired or wireless mode, is connected to network indirectly by personal computer again, is connected to the service provider there by network at last.This embodiment is similar to second kind of embodiment, just has not been described in detail herein.
As shown in Figure 5, smart card mainly comprises following functional module: CPU control module 1, safety control module 2, input/output interface module 3, memory module 4, fiscard standard information processing module 5 and ISO8583 message processing module (MPM) 6.Contain card operating system (COS) firmware on the described smart card.Described memory module 4 can be EEPROM (Electrically Erasable Read Only Memory) or Flash Memory (flash memory) etc., can deposit holder's personal data, as ID (identity number) card No., account No. and the term of validity etc.Described fiscard standard information processing module 5 is responsible for handling the EMV/PBOC standard information.Described ISO8583 message processing module (MPM) 6 is responsible for the raw data of input is organized, packed, and ISO8583 message information bag is sent to service provider there by means of communication, also can the ISO8583 message bag that receive be unpacked, handle conversely.
APDU (Application Protocol Data Units) is used for the cover that smart card is operated is instructed.In order to realize the utility model, need correspondingly expand the APDU instruction set, so that it supports the ISO8583 message in the smart card to handle.As be increased in order of in the smart card ISO8583 message being packed, unpacking etc.
Message type identifier (MESSAGE-TYPE-IDENTIFIER) is the field of one 4 bit digital, indicates the type of transaction of message, and its definition example is as follows:
0100 Authorization class request message (mandate, authority revocation.Inquiry into balance etc.)
0110 Authorization class response message (mandate, authority revocation.Inquiry into balance etc.)
Bitmap table BITMAP is exactly the description to the message message format, and each represents that the data element corresponding with this do not exist or exist with " 0 " or " 1 ", is used for thereafter data element is carried out index.First of bitmap table is made as " 1 ", and expansion bitmap (128 territories) is used in expression, otherwise basic bitmap (64 territories) is only used in expression.Basic bitmap is only used in transaction for the authorization/revocation Authorization class, so first of bitmap table is made as " 0 ".
The data element of ISO8583 standard definition comprises A letter, B binary digit etc.Have in the normative document of ISO8583 these data element more detailed descriptions, and in application, can carry out combination in any basic data type, thus the data type that structure makes new advances.
The program of ISO8583 standard realizes comprising the steps:
1, data element type specification:, describe the attribute of a data element with class ISO 8583 according to the ISO8583 standard code.
2, data element definition: in order to realize general packetization/depacketization interface, when data element is defined, need a kind of general data element type, this type should contain 128 data elements in the ISO8583 standard all kinds that might occur.
3, Message Processing: the packing of ISO8583 and the function performance of explanation message are provided, and different banks can define different transaction message forms.Realize Message Processing with class ISO 8583 MESSAGE, simplified the complicacy of ISO8583 message operation, the interface that a general packing is provided and has unpacked for application.Unpack and pack to handle in program realizes and be similar to two reciprocal operating process.When unpacking, carry out following processing: at first carry out pre-service, type of message identifier and bitmap table in the message that is about to receive are removed, remainder is used for depositing the storage area that unpacks data as what an intact character string was retained in a definition, does not continue to unpack.And in fact when certain application need is specifically visited data element, the real package operation of separating just takes place, and handles function that bit field that only it will be visited for this application explanation.
The basic process of one transaction is such: the portable equipment of smart card or integrated smart card receives raw data, do basic validity checking and pre-service, form the transaction request message, be sent to the service provider system, the service provider system receives transaction request, drive the application corresponding module according to the transaction control information, handle corresponding business, result is returned terminal system and smart card.
Package operation is conciliate in the packing of ISO8583 message information all to be finished in smartcard internal.
As shown in Figure 6, this is a process that the ISO8583 message is packed.At first, step 61 is obtained transaction data.Described transaction data can be imported from the user, also can be generated by system, comprises concrete Transaction Information.Then, step 62, the literary composition of delivering newspaper in the generation.Wherein, comprise and form BITMAP (being bitmap table mentioned above), fill in the Transaction Information territory and calculate substeps such as MAC (Message Authentication Code, Message Authentication Code) territory.Afterwards, step 63 is sent to financial transaction terminal with message.At last, step 64 is sent to service provider's system with message, thereby finishes communication.
Unpacking is a process opposite with packing substantially, referring to Fig. 7.At first, step 71 obtains the message bag that returns from financial transaction terminal and service provider's system.Then, step 72, analytic message.Correspondingly, comprising resolving substeps such as BITMAP, checking mac domain.Next, step 73 is resolved Transaction Information.Afterwards, step 74 is extracted corresponding information and is sent to terminal output.At last, step 75 is upgraded accordingly to the information in blocking, and at financial transaction terminal output corresponding information.
Claims (4)
1. smart card with financial-transaction message processing ability, comprise the CPU control module, safety control module, input/output interface module, memory module, fiscard standard information processing module, the CPU control module connects respectively and controls safety control module, input/output interface module, memory module, fiscard standard information processing module, it is characterized in that: also comprise the ISO8583 message processing module (MPM), the CPU control module connects and control ISO8583 message processing module (MPM), described ISO8583 message processing module (MPM) is organized the raw data of input, pack, and the ISO8583 message bag that receives is unpacked and handles.
2. the smart card with financial-transaction message processing ability according to claim 1 is characterized in that: described smart card is contact intelligent card or contact type intelligent card.
3. the smart card with financial-transaction message processing ability according to claim 1 is characterized in that: described smart card is integrated in the portable equipment.
4. the smart card with financial-transaction message processing ability according to claim 3 is characterized in that: described portable equipment is mobile phone, PDA, PocketPC, USB TOKEN, USB flash disk, MP3 player or mobile memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNU2006201204505U CN2929835Y (en) | 2006-06-22 | 2006-06-22 | Intelligent card with financial trade message processing property |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNU2006201204505U CN2929835Y (en) | 2006-06-22 | 2006-06-22 | Intelligent card with financial trade message processing property |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN2929835Y true CN2929835Y (en) | 2007-08-01 |
Family
ID=38308212
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNU2006201204505U Expired - Lifetime CN2929835Y (en) | 2006-06-22 | 2006-06-22 | Intelligent card with financial trade message processing property |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN2929835Y (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100438409C (en) * | 2006-06-22 | 2008-11-26 | 北京飞天诚信科技有限公司 | Intelligent card with financial-transaction message processing ability and its method |
| CN102521551A (en) * | 2011-12-23 | 2012-06-27 | 大唐微电子技术有限公司 | Personalized IC (integrated circuit) card issuing device and method |
| CN103428080A (en) * | 2012-05-17 | 2013-12-04 | 中国银联股份有限公司 | Data unpacking and data packing method |
-
2006
- 2006-06-22 CN CNU2006201204505U patent/CN2929835Y/en not_active Expired - Lifetime
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100438409C (en) * | 2006-06-22 | 2008-11-26 | 北京飞天诚信科技有限公司 | Intelligent card with financial-transaction message processing ability and its method |
| CN102521551A (en) * | 2011-12-23 | 2012-06-27 | 大唐微电子技术有限公司 | Personalized IC (integrated circuit) card issuing device and method |
| CN102521551B (en) * | 2011-12-23 | 2014-08-20 | 大唐微电子技术有限公司 | Personalized IC (integrated circuit) card issuing device and method |
| CN103428080A (en) * | 2012-05-17 | 2013-12-04 | 中国银联股份有限公司 | Data unpacking and data packing method |
| CN103428080B (en) * | 2012-05-17 | 2016-06-22 | 中国银联股份有限公司 | A kind of data unpack and organize bag method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8151345B1 (en) | Self-authorizing devices | |
| Shelfer et al. | Smart card evolution | |
| US20080017703A1 (en) | Smart card capable of processing financial transaction messages and operating method therein | |
| Fancher | In your pocket: smartcards | |
| CN201622584U (en) | Electronic identification and information read-write device | |
| KR20130108639A (en) | Hand-held self-provisioned pin red communicator | |
| WO2009137076A4 (en) | A one card system | |
| KR101389468B1 (en) | Method for issuing mobile credit card in portable terminal using credit card and credit card for the same | |
| US7845567B2 (en) | Contactless card reader and information processing system | |
| Husemann | The smart card: don't leave home without it | |
| CN101042737B (en) | A smart card and method for creating applications and inserting objects into the smart card | |
| KR20090050582A (en) | Chip card with flash memory to provide digital content | |
| US8276188B2 (en) | Systems and methods for managing storage devices | |
| CN2929835Y (en) | Intelligent card with financial trade message processing property | |
| Mahajan et al. | Smart card: Turning point of technology | |
| CN101799955A (en) | Method for operating double electronic purses | |
| Kose et al. | A Secure design on MIFARE Classic Cards for Ensuring Contactless Payment and Control Services | |
| KR100480516B1 (en) | Smart card module mounted in the wire/wireless communication terminal | |
| Mohammed et al. | Smart card technology: Past, present, and future | |
| Guo et al. | Forensic analysis of skimming devices for credit fraud detection | |
| CN203299924U (en) | Intelligent terminal capable of being embedded with finance IC card | |
| CN101095173A (en) | Card with input elements for entering a PIN code and method of entering a PIN code | |
| US8781119B2 (en) | User-controlled Random-ID generation function for smartcards | |
| Kim et al. | Smart cards: Status, issues, and US adoption | |
| CN103971456A (en) | Intelligent terminal wherein financial IC card can be embedded |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| AV01 | Patent right actively abandoned |
Effective date of abandoning: 20081126 |
|
| C25 | Abandonment of patent right or utility model to avoid double patenting |