CN103778713B - Financial ic card system - Google Patents
Financial ic card system Download PDFInfo
- Publication number
- CN103778713B CN103778713B CN201210409111.9A CN201210409111A CN103778713B CN 103778713 B CN103778713 B CN 103778713B CN 201210409111 A CN201210409111 A CN 201210409111A CN 103778713 B CN103778713 B CN 103778713B
- Authority
- CN
- China
- Prior art keywords
- financial
- card
- cryptographic algorithm
- bank
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Embodiments provide a kind of financial IC card system.This system includes: financial IC card, for consulting to determine the external cryptographic algorithm of employing and/or domestic cryptographic algorithm with financial terminal, the Financial Information of storage user, this Financial Information includes private key for user and the associated digital certificate information of Web bank, utilizes external cryptographic algorithm and/or domestic cryptographic algorithm to be completed the data interaction between bank backstage by financial terminal;Financial terminal, for consulting to determine the external cryptographic algorithm of employing and/or domestic cryptographic algorithm with financial IC card, read the Financial Information of the user of storage in described financial IC card, with bank's backstage connection, utilize the data interaction between described external cryptographic algorithm and/or domestic cryptographic algorithms' implementation bank backstage and described financial IC card.The embodiment of the present invention can promote the application in financial payment field of the domestic cryptographic algorithm, strengthens safety and the controllability of the financial IC card in financial payment field.
Description
Technical field
The present invention relates to IC(Integrated Circuit Card, integrated circuit card) card technique field, especially
It relates to a kind of card Key(key) the financial IC card system unified.
Background technology
Foreign EMV2000 standard, in 2005, People's Bank of China has promulgated that " China's finance is integrated
Circuit (IC) card specification (2005) " (hereinafter referred to as: PBOC2.0 specification).2010 right
PBOC2.0 specification has been done and has been repaiied volume, has promulgated " China's finance integrated circuit (IC) card specification
(2010) ", this is the latest edition that PBOC2.0 specification is current.
On March 15th, 2011, " People's Bank of China is about advancing finance IC for People's Bank of China's issue
The suggestion of (smart card, smart card) application work " (hereinafter referred to as " suggestion "), determine
Nationwide formally starts the work of bank card chip migrations, and " 12 " period will push forward finance IC comprehensively
Card application, to promote industrial upgrading and the sustainable development of Chinese Bank Card.
The main purpose that financial IC card is promoted is fundamentally to improve the safety of bank card.Due to magnetic stripe card
Technology is simple, and magnetic strip information is easily replicated, and uses magnetic strip information device of copying illegally to replicate bank card magnetic track letter
Breath, stolen holder's sensitive information by electronic channels such as Web banks, by pinhole camera at ATM
Use a hidden recorder the events such as holder's password in terminal to appear in the newspapers repeatly.Forge magnetic stripe card, usurp the case of magnetic strip information
Frequently occur, cause huge loss to holder, card sending mechanism.
At present, financial IC card uses foreign chip substantially, all external cryptographic algorithms of its cryptographic algorithm,
Leave the biggest potential safety hazard.The safety of this type of external cryptographic algorithm is not through domestic cryptographist
With the abundant detection of relevant departments, the most expert proposes with regard to the safety of these algorithms and doubts,
Such as 1024 RSA Algorithms of some algorithm, have been cracked.And safety chip is password
The main carriers of algorithm, foreign chip manufacturer may install back door in safety chip, and back door can lead to
Cross any special measures to start, beam back the various data handled by chip, it is possible to make this chip lose the job energy
Power.Therefore financial IC card based on external cryptographic algorithm system financial order normal to China, the people
Property safety constitutes great potential threat, introduces the most controlled domestic password in financial payment field
Algorithm system has very important meaning.
Meanwhile, existing Web bank passes through USB(Universal Serial BUS, and general serial is total
Line) Key loads the relevant information such as private key for user and associated digital certificate.Ge Jia bank each promotes each
USBKey, in addition to adding USBKey cost price, result in one, user Shou Zhongyige bank
The existence of multiple USBKey in USBKey, i.e. user's hands, adds each bank of holding in user's hands
Financial IC card, the most inconvenient in management.
Summary of the invention
The embodiment provides a kind of financial IC card system, to realize promoting that domestic cryptographic algorithm exists
Application in financial payment field, facilitates user to reduce the volume of holding of USBKey in hands.
A kind of financial IC card system, including:
Financial IC card, for consulting to determine that the external cryptographic algorithm of employing and/or domestic password are calculated with financial terminal
Method, the Financial Information of storage user, this Financial Information includes private key for user and the dependency number of Web bank
Word certificate information, utilize described external cryptographic algorithm and/or domestic cryptographic algorithm to be completed by financial terminal and
Data interaction between bank backstage;
Financial terminal, for consulting to determine that the external cryptographic algorithm of employing and/or domestic password are calculated with financial IC card
Method, reads the Financial Information of the user of storage in described financial IC card, and bank backstage connects, and utilizes institute
State the data between external cryptographic algorithm and/or domestic cryptographic algorithms' implementation bank backstage and described financial IC card
Alternately.
The technical scheme that thered is provided by embodiments of the invention described above is it can be seen that what the embodiment of the present invention provided
The financial IC card system of card Key unification, supports that external cryptographic algorithm and domestic cryptographic algorithm two overlap system
Financial IC card is applied, and supports Web bank's USBKey function simultaneously, can promote that domestic cryptographic algorithm exists
Application in financial payment field, strengthens safety and the controllability of the financial IC card in financial payment field,
Good facilitation is had for the application in financial payment field of the domestic cryptographic algorithm.
Accompanying drawing explanation
In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, institute in embodiment being described below
The accompanying drawing used is needed to be briefly described, it should be apparent that, the accompanying drawing in describing below is only this
Some bright embodiments, for those of ordinary skill in the art, are not paying creative work
Under premise, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
The structure chart of a kind of financial IC card system blocking Key unification that Fig. 1 provides for the embodiment of the present invention one,
In figure, financial IC card 11, financial terminal 12, compound finance PSAM(Purchase Secure
Access Module, consumption safety access module) block 13, card reader 14, user PC(personal
Computer, personal computer) 15 and bank backstage 16.
Detailed description of the invention
For ease of the understanding to the embodiment of the present invention, below in conjunction with accompanying drawing as a example by several specific embodiments
It is further explained explanation, and each embodiment is not intended that the restriction to the embodiment of the present invention.
Embodiment one
The structure chart of a kind of financial IC card system blocking Key unification that this embodiment provides is as it is shown in figure 1, wrap
Include following unit:
User's financial IC card 11 of card Key unification, financial terminal 12, compound finance PSAM card 13, reading
Card device 14, user PC15 and bank backstage 16.Introduce the concrete function of unit separately below:
User's financial IC card 11 of card Key unification, can be a bank finance IC-card, is used for and finance
Terminal 12 consults to determine the external cryptographic algorithm of employing and/or domestic cryptographic algorithm, the finance letter of storage user
Breath, this Financial Information includes private key for user and the associated digital certificate information of Web bank, utilizes above-mentioned
External cryptographic algorithm and/or domestic cryptographic algorithm complete the number between bank backstage 16 by financial terminal 12
According to alternately.This bank finance IC-card 11, for user's routine use, carries out depositing, withdraws the money, transfers accounts, disappears
The business such as take, be provided simultaneously with Web bank's USBKey function.Financial terminal 12 carries out related service
Transaction, connects user PC by insertion card reader 14 and carries out Web bank's related service application.
Financial terminal 12, can be POS(point of sale, point-of-sale terminal) machine, ATM
The terminal unit such as (Automated Tellermachine, ATM) or bank's cabinet face, for and
Financial IC card 11 is consulted to determine the external cryptographic algorithm of employing and/or domestic cryptographic algorithm, reads above-mentioned finance IC
Block the Financial Information of the user of storage in 11, and bank backstage 16 connects, and utilizes above-mentioned external cryptographic algorithm
And/or the data interaction between domestic cryptographic algorithms' implementation bank backstage 16 and above-mentioned finance IC11 card.It is made
With being to provide banking system hardware supported when using financial IC card 11 for user, user is made to deposit
Money, withdraw the money, transfer accounts, the concrete business transaction such as consumption.
Compound finance PSAM card 13, is to insert financial terminal 12 by financial terminal PSAM card slot,
The safety providing financial IC card 11 for financial terminal 12 when the financial IC card 11 with user is traded is protected
Protect, complete the legitimacy certification of transaction between financial terminal 12 and financial IC card 11.Compound finance PSAM
Card 13 is the peace using in banking system, being mutually authenticated with financial terminal 12 for bank finance IC-card 11
Full access modules.Compound finance PSAM card 13 is typically embedded in all kinds of terminal units, except possessing user's gold
Melt outside the safety protection function of IC-card 11, also there is computing function.
Card reader 14, for carrying out Card Reader operation, according to need to user's financial IC card 11 of card Key unification
Seek band digital input keyboard, the Financial Information of the user read is transferred to user PC15.
User PC15, for above-mentioned financial IC card 11 is carried out Card Reader operation, utilizes above-mentioned Financial Information
The private key for user of the Web bank included and associated digital certificate information connect Web bank by network,
User is made to carry out Internet-based banking services.
Bank backstage 16, is the core business system on bank backstage, is responsible for realizing the concrete of financial IC card 11
The core business logic of business, including processing service flow journey and the account of management bank, data, key etc.
Core data.By carrying out data interaction between above-mentioned financial terminal 12 and above-mentioned financial IC card 11, complete
The concrete financial business of above-mentioned financial IC card 11.
When coordinating financial terminal 12 to complete electronic wallet/electronic passbook consumption related service, at stored value card
After the financial IC card 11 of/electronic bankbook user inserts the card reader 14 in financial terminal 12, financial terminal 12
First carry out symmetric cryptographic algorithm to select to consult with financial IC card 11.First financial terminal 12 inquires finance IC
The symmetric cryptographic algorithm type that card 11 is supported, if financial IC card 11 returns supports domestic cryptographic algorithm;Or
Person returns and supports when external cryptographic algorithm and domestic cryptographic algorithm two overlap algorithm, and this time transaction selects to use state
Producing cryptographic algorithm system, otherwise this time transaction selects to use external cryptographic algorithm system.Symmetric cryptographic algorithm
After selecting negotiation to complete, financial terminal 12 notifies that PSAM card system prepares the password that this time transaction is selected and calculates
The use environment of symmetric cryptographic algorithm in law system so that financial terminal 12 is permissible with user's financial IC card 11
Carry out this electronic wallet/electronic passbook relationship trading.
When coordinating financial terminal 12 to complete debit/credit related service, in the finance of debit/credit user
After IC-card 11 inserts the card reader 14 of financial terminal 12, financial terminal 12 sends application choosing to finance IC11 card
Selecting instruction, financial IC card 11 returns file control information to financial terminal 12, wraps in this document control information
Include the domestic algorithm of request and support indicator and the PDOL(Dynamic Data of terminal country code
Authentication Data Object List, Dynamic Data Authentication data object list).Financial terminal
12 perform application initializes, if financial terminal 12 supports domestic cryptographic algorithm, is then being sent to finance IC
The control command of card 11 arranges domestic cryptographic algorithm and supports that indicator is 1, otherwise;It is being sent to finance
The control command of IC-card 11 arranges domestic cryptographic algorithm and supports that indicator is 0.Financial IC card 11 receives
After stating control command, if checking that domestic cryptographic algorithm supports that indicator is 1, and the country of credit card issuer
Code mates with the country code of financial terminal 12, then financial IC card 11 selects to use domestic cryptographic algorithm,
Financial IC card 11 sends to financial terminal 12 and carries the particular data indicating that domestic cryptographic algorithm is relevant--and domestic
The AFL(Authority and Format Identifier of the position of cryptographic algorithm PKI parameter and certificate, awards
Power and format identifier);Otherwise, financial IC card 11 selects to use external cryptographic algorithm, to financial terminal
The particular data indicating that external cryptographic algorithm is relevant is carried in 12 transmissions--external cryptographic algorithm PKI parameter and card
The AFL of the position of book.
By insert card reader 14 connect user PC carry out the application of Web bank related service time, Yong Hujin
Melt the storage information such as Web bank's private key for user and associated digital certificate in IC-card 11, substitute existing online silver
Row USBKey, complete user network go to bank related service application.
In above-mentioned domestic cryptographic algorithm system, symmetric cryptographic algorithm is SM4, and asymmetric cryptographic algorithm is
SM2, message digest algorithm is SM3;Above-mentioned algorithm is domestic algorithm, and country has been passed through in its safety
The safety detection of authorities' tissue, is safe and reliable.
One of ordinary skill in the art will appreciate that: accompanying drawing is the schematic diagram of an embodiment, in accompanying drawing
Module or flow process not necessarily implement necessary to the present invention.
One of ordinary skill in the art will appreciate that: the module in equipment in embodiment can be according to enforcement
Example describes in the equipment being distributed in embodiment, it is also possible to carries out respective change and is disposed other than the present embodiment
In one or more equipment.The module of above-described embodiment can merge into a module, it is also possible to further
Split into multiple submodule.
In sum, the financial IC card system of the card Key unification that the embodiment of the present invention provides, support external
Cryptographic algorithm and domestic cryptographic algorithm two overlap the financial IC card application of system, support Web bank simultaneously
USBKey function.This financial IC card systematic difference, can promote that domestic cryptographic algorithm is in financial payment
Application in field, strengthens safety and the controllability of the financial IC card in financial payment field, domestic close
The extension process of code algorithm financial IC card keeps the existing financial terminal not supporting domestic cryptographic algorithm
Compatibility, have good facilitation for the application in financial payment field of the domestic cryptographic algorithm.
The embodiment of the present invention can facilitate user to reduce the volume of holding of USBKey in hands, promotes Web bank
Safety, being in home-confined utilizes financial IC card and card reader can complete financial IC card related service
With Web bank's related service.
The above, the only present invention preferably detailed description of the invention, but protection scope of the present invention is not
Being confined to this, any those familiar with the art, can in the technical scope that the invention discloses
The change readily occurred in or replacement, all should contain within protection scope of the present invention.Therefore, the present invention
Protection domain should be as the criterion with scope of the claims.
Claims (6)
1. a financial integrated circuit IC-card system, it is characterised in that including:
Financial IC card, for consulting to determine the external cryptographic algorithm of employing and/or domestic cryptographic algorithm with financial terminal, the Financial Information of storage user, this Financial Information includes private key for user and the associated digital certificate information of Web bank, utilizes described external cryptographic algorithm and/or domestic cryptographic algorithm to be completed the data interaction between bank backstage by financial terminal;
Financial terminal, for consulting to determine the external cryptographic algorithm of employing and/or domestic cryptographic algorithm with financial IC card, read the Financial Information of the user of storage in described financial IC card, with bank's backstage connection, utilize the data interaction between described external cryptographic algorithm and/or domestic cryptographic algorithms' implementation bank backstage and described financial IC card;
First described financial terminal inquires the symmetric cryptographic algorithm type that financial IC card is supported, if financial IC card returns supports domestic cryptographic algorithm, or return and support when external cryptographic algorithm and domestic cryptographic algorithm two overlap algorithm, this time transaction selects to use domestic cryptographic algorithm system, and otherwise this time transaction selects to use external cryptographic algorithm system.
Finance integrated circuit IC-card system the most according to claim 1, it is characterised in that described system also includes:
Compound financial consumption secure access module PSAM card, for inserting financial terminal by financial terminal PSAM card slot, it is achieved being mutually authenticated between described financial terminal and described financial IC card, provides safeguard protection to described financial IC card.
Finance integrated circuit IC-card system the most according to claim 1, it is characterised in that described system also includes:
Bank backstage, for by carrying out data interaction between described financial terminal and described financial IC card, completes the concrete financial business of described financial IC card.
Finance integrated circuit IC-card system the most according to claim 1, it is characterised in that described financial terminal includes: point-of-sale terminal POS or ATM ATM or bank's cabinet face terminal.
Finance integrated circuit IC-card system the most according to claim 1, it is characterised in that described domestic cryptographic algorithm includes: symmetric cryptographic algorithm SM4, asymmetric cryptographic algorithm are SM2 and/or message digest algorithm is SM3.
6. according to the financial integrated circuit IC-card system described in any one of claim 1 to 5, it is characterised in that described system also includes:
Card reader, for described financial IC card is carried out Card Reader operation, is transferred to user personal computer by the Financial Information of the user read;
User personal computer, connects Web bank for the private key for user and associated digital certificate information utilizing Web bank that described Financial Information includes by network, makes user carry out Internet-based banking services.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210409111.9A CN103778713B (en) | 2012-10-24 | 2012-10-24 | Financial ic card system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210409111.9A CN103778713B (en) | 2012-10-24 | 2012-10-24 | Financial ic card system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103778713A CN103778713A (en) | 2014-05-07 |
| CN103778713B true CN103778713B (en) | 2016-08-17 |
Family
ID=50570903
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210409111.9A Active CN103778713B (en) | 2012-10-24 | 2012-10-24 | Financial ic card system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103778713B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103871163B (en) * | 2012-12-13 | 2017-05-10 | 航天信息股份有限公司 | Composited financial transaction method and system |
| CN104123646A (en) * | 2014-07-21 | 2014-10-29 | 深圳前海君浩银通科技发展有限公司 | Composite type mobile uKey and electronic wallet payment system |
| CN104320261B (en) * | 2014-11-05 | 2018-06-15 | 北京大唐智能卡技术有限公司 | Identity authentication method, financial smart card and terminal are realized on financial smart card |
| CN104933461A (en) * | 2015-06-17 | 2015-09-23 | 武汉天喻信息产业股份有限公司 | Financial IC card with visual Key function, trading system and trading method |
| CN105245339B (en) * | 2015-09-01 | 2018-09-11 | 青岛丰华时代信息技术有限公司 | A method of signature and encrypted transmission are traded by financial IC card |
| CN105634730B (en) * | 2015-12-29 | 2019-03-12 | 中国建设银行股份有限公司 | A kind of financial IC card key management system |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6829711B1 (en) * | 1999-01-26 | 2004-12-07 | International Business Machines Corporation | Personal website for electronic commerce on a smart java card with multiple security check points |
| FR2856815B1 (en) * | 2003-06-24 | 2005-09-16 | Omega Technology Ltd | METHOD FOR AUTHENTICATING DATA CONTAINED IN A MEMORY OBJECT |
| CN101441722A (en) * | 2007-11-23 | 2009-05-27 | ***股份有限公司 | Non-contact type IC card read-write system and non-contact type IC card read-write machine |
| CN102542323A (en) * | 2010-11-16 | 2012-07-04 | 北京中电华大电子设计有限责任公司 | Multifunctional visual intelligent card |
| CN201946038U (en) * | 2011-01-24 | 2011-08-24 | 郑州信大捷安信息技术有限公司 | Security certificate device of internet-banking remote payment based on dual-interface safety smart card |
-
2012
- 2012-10-24 CN CN201210409111.9A patent/CN103778713B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN103778713A (en) | 2014-05-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103778713B (en) | Financial ic card system | |
| CN100565597C (en) | A kind of system and method for self-recharging | |
| RU2635233C2 (en) | Mechanism allowing use of one-time cards in system intended to accept cards according to standards of international payment industry | |
| CN201910100U (en) | Bus one-card business system, bus one-card business platform and POS (point-of-sale) machine | |
| US8266058B1 (en) | Virtual accounts linked to financial accounts | |
| CN105761389B (en) | A kind of intelligent POS machine of full tunnel | |
| MX2014013530A (en) | Systems and methods for real-time account access. | |
| CN107358436A (en) | Method, the system paid by the digital cash wallet of bank account access registrar | |
| CN102867374B (en) | Bank card applied to on-line banking and on-line banking safety system | |
| CN107330691A (en) | The method and system that a kind of digital cash wallet is paid | |
| JP2004534338A (en) | Electronic cash system for electronic wallet | |
| CN102073969A (en) | Method for realizing debit and credit integrated card | |
| JP2008117079A (en) | Cash payment system, financial institution terminal device, and method of paying cash | |
| CN202795599U (en) | Safety device, apparatus and system with virtual on-chip operation system | |
| CN102521746B (en) | Safely-consuming smart card and method thereof | |
| CN101017582A (en) | Draw money and transfer account method without bank card for automatic teller machine | |
| KR101437235B1 (en) | Method of processing transaction for foreign customers and apparstus performing the same | |
| JP2000242717A (en) | System and method for debit transaction | |
| CN103871163B (en) | Composited financial transaction method and system | |
| CN101699523B (en) | Method for compatibly using CPU card in prepaid terminal using M1 card | |
| US20190034891A1 (en) | Automated transaction system, method for control thereof, and card reader | |
| TWM564763U (en) | Improved security access module | |
| CN103021093B (en) | Multifunctional card system | |
| CN104361677B (en) | It is non-to access money method and self-service device | |
| EP1609122A1 (en) | Smartcard-based value transfer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |