CN109417481A - Safety is improved by the temporary key of the virtual non-contact card of software in mobile phone - Google Patents
Safety is improved by the temporary key of the virtual non-contact card of software in mobile phone Download PDFInfo
- Publication number
- CN109417481A CN109417481A CN201780033635.3A CN201780033635A CN109417481A CN 109417481 A CN109417481 A CN 109417481A CN 201780033635 A CN201780033635 A CN 201780033635A CN 109417481 A CN109417481 A CN 109417481A
- Authority
- CN
- China
- Prior art keywords
- mobile device
- instantaneous
- identifier
- idn
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Mobile Radio Communication Systems (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
One kind allows the trusted application (TA) in the mobile device to execute the method and system with the transaction of the reader equipped with master key (MK) for providing export key (DK) to mobile device, and trusted application (TA) and reader are suitable for securely communicating using the communication protocol of adaptation using the master key (MK) and the export key (DK).
Description
Invention field
The present invention relates to a kind of for providing export key (DK) to mobile device with allow in the mobile device can
Letter application (TA) executes the method with the transaction of the reader equipped with master key (MK), trusted application (TA) and reader
Equipment is suitable for using the master key (MK) and the export using the communication protocol (such as near-field communication (NFC) agreement) of adaptation
Key (DK) securely communicates.
The present invention can be used for increasing the safety of the software simulation of contactless smart card in NFC (near-field communication) mobile phone
Property.HCE (host card mold is quasi-), which is introduced to NFC phone, allows software to simulate contactless smart card, rather than relies on physics intelligence
It can the suitable usim card of card chip or physical installation in the phone.This software-based method is greatly reduced moves to NFC
Mobile phone distributes the complexity of virtual non-contact card.
It has been recognized that supporting the default security of the mobile phone (equipment for being based particularly on Android) of NFC standard
Property is not high.Evidence shows the imperative operation system safety by removing Android phone to equipment " brush machine (rooting) "
Property is relatively easy, once recognizing this point, attacker can read any data from phone.This weakness may be let out
It is exposed at any encryption key used in the virtual non-contact card of software, which is used only the standard security in mobile phone
Property.However, possess in the mobile phone virtual card effectiveness and commercial interest it is still noticeable.
Non-contact card usually uses in the public transport ticket for automatic charging.Therefore, a large amount of money is blocked with these
Transaction, so their safety is extremely important.If the key of transport card system is leaked, the traffic program owner
Replacement blocks and potential loss caused by fraud is prevented just to become very expensive.Therefore, to the concern of the safety of physical smart card
Based on non-contact card.
Periodically implement new security feature in mobile phone of new generation.For example, credible performing environment (TEE) is appropriately enabled
Phone in provide safe execution and storage environment, and be proved to be able to resist software-based attack.However,
It it may be easily affected by advanced hardware attack.In addition, there is a kind of new software-based mechanism to be called " whitepack " encryption compiler,
It can be to potential attacker successfully hiding data and application software internal component.To the attacks of these software approach
It proposes, and is currently analyzed.All new security features are all advantageous and disadvantage.
The purpose of all these safety measures or be to defeat the attacker for desiring access to encryption key in equipment, Huo Zheru
If fruit failure, make successfully attack so not practicable that be difficult to complete for a long time in terms of time and required resource.
Modern symmetric key non-contact RF ID card is commonly used to handle in its transportation network in public transport plan operator
Automatic charging.When they use physical contactless card, such as the business of the Desfire EV1 intelligent card chip based on NXP
Product, they get used to the very high-caliber safety assurance of processing.
By analyzing in detail, these commercial products are proved to have very strong resistance to attacker.It is attached in order to help
Add safety measure horizontal close to identical guarantee, other than above-mentioned security feature is used only, it is also proposed that the execution of virtual card
And storage.
When using TEE or whitepack encryption or other security features to store and execute virtual non-contact card, bus operation
The risk that quotient faces will be the key that virtual card is extracted from mobile phone.Due to the complexity and attack sheet of physics and logic
The property of body, this process will spend the time quantum that can not ignore.It means that if key is actually to extract from phone
, then it may be used to carry out fraudulent trading on transport infrastructure.Therefore, a kind of easily to limit in virtual card
The method of key useful life will be beneficial, accordingly even when key is extracted, they can not be used.
In order to keep this invention useful, need to have existing based on compatible and implementable in non-contacting environment
Minimum influence in terms of the change of software infrastructure.In addition, validity needs any network independently of mobile phone to connect
It connects, because it cannot be guaranteed that phone is able to access that network when non-contact transaction starts.
Goal of the invention
According to the first aspect of the invention, the present invention relates to one kind for providing export key (DK) to mobile device to permit
Perhaps the trusted application (TA) in the described mobile device executes the method with the transaction of the reader equipped with master key (MK),
Trusted application (TA) and reader are suitable for using the master key (MK) and the export using near-field communication (NFC) agreement
Key (DK) safely communicates, this method comprises:
Pass through combination hardware associated component (such as the unique identifier of the integrated circuit (IC) used in a mobile device
(UID)) and software associated component (such as timestamp), to obtain the first instantaneous identifier (IDn) for mobile device,
Emit the first instantaneous identifier (IDn) for mobile device to provisioning server,
It is calculated using the first instantaneous identifier (IDn) of master key (MK) and mobile device for the first of mobile device
Instantaneous export key (DKn),
Mobile device is sent by the calculated first instantaneous export key (DKn), to allow the credible of mobile device to answer
Key (DKn) is instantaneously exported and equipped with the reading of master key (MK) using described first during determining time interval with (TA)
Device is taken safely to communicate.
According to the second aspect of the invention, the present invention relates to a kind of for allowing the trusted application (TA) in mobile device to make
It with the method for near-field communication (NFC) agreement and reader secure communication, is protected, is read by symmetric cryptography wherein communicating
Taking device equipment includes master key, and mobile device includes export key, wherein this method comprises:
Pass through combination hardware associated component (such as the unique identifier of the integrated circuit (IC) used in a mobile device
(UID)) and software associated component (such as timestamp), to obtain the first instantaneous identifier (IDn) for mobile device,
To provisioning server transmitting for the first instantaneous identifier (IDn) of mobile device, provisioning server includes that master is close
Key (MK),
It is calculated using the first instantaneous identifier (IDn) of master key (MK) and mobile device for the first of mobile device
Instantaneous export key (DKn),
Mobile device is sent by the calculated first instantaneous export key (DKn),
The first instantaneous identifier (IDn) is sent to reader by mobile device,
By checking the software associated component of the first instantaneous identifier (IDn), inspection first is instantaneous in reader
The validity of identifier (IDn),
If the first instantaneous identifier (IDn) is effectively, pass through master key and the first instantaneous mark in reader
It accords with (IDn) and calculates the first instantaneously export key (DKn),
Send the message of encryption to mobile device using the first instantaneous export key (DKn) in reader,
The message of encryption is decrypted in a mobile device, so that the identity of mobile device is authenticated, and
If the identity of mobile device is certified, mobile device is allowed to use near field communication protocols and reader
Safely communicate.
According to the third aspect of the invention we, the present invention relates to a kind of for allowing the trusted application (TA) in mobile device to make
With the communication protocol of adaptation and the system of reader secure communication, it is protected wherein communicating by symmetric cryptography, this is
System includes: reader comprising master key;And mobile device comprising identifier, such as use in a mobile device
Integrated circuit (IC) unique ID (UID);And provisioning server comprising for providing export key for mobile device
Master key,
Wherein, the mobile device in system includes:
It is suitable for through combination hardware associated component (such as the unique identification of integrated circuit used in mobile device (IC)
Symbol (UID)) and software associated component (such as timestamp) answered come first instantaneous identifier (IDn) for obtaining for mobile device
With,
For the device to provisioning server transmitting for the first instantaneous identifier (IDn) of mobile device, supply service
Device includes master key (MK),
Wherein, provisioning server includes:
For being calculated using the first instantaneous identifier (IDn) of master key (MK) and mobile device for mobile device
The device of first instantaneous export key (DKn),
For sending the calculated first instantaneous export key (DKn) to from provisioning server in the device of mobile device,
Mobile device further include:
For receiving and storing the first instantaneous export key (DKn) to allow mobile device to use the communication protocol of adaptation
The device safely communicated with reader.
According to the fourth aspect of the invention, the present invention relates to a kind of for allowing the trusted application (TA) in mobile device to make
With the system of near-field communication (NFC) agreement and reader secure communication, wherein the communication is protected by symmetric cryptography,
The system includes: reader comprising master key;And mobile device comprising identifier, such as in a mobile device
Unique ID (UID) of the integrated circuit (IC) used;And provisioning server comprising close for providing export for mobile device
The master key of key,
Wherein, the mobile device in system includes:
It is suitable for through combination hardware associated component (such as the unique identification of integrated circuit used in mobile device (IC)
Symbol (UID)) and software associated component (such as timestamp) answered come first instantaneous identifier (IDn) for obtaining for mobile device
With,
For the device to provisioning server transmitting for the first instantaneous identifier (IDn) of mobile device, supply service
Device includes master key (MK),
Wherein, provisioning server includes:
For being calculated using the first instantaneous identifier (IDn) of master key (MK) and mobile device for mobile device
The device of first instantaneous export key (DKn),
For sending the device of the calculated first instantaneous export key (DKn) to mobile device,
Mobile device further include:
For the device of the first instantaneous identifier (IDn) to be sent to reader using NFC protocol,
Wherein, reader includes:
For checking the first instantaneous identifier by checking the software associated component of the first instantaneous identifier (IDn)
(IDn) device of validity, and
Based on when the first instantaneous identifier (IDn) is effective by using master key and the first instantaneous identifier (IDn)
The first device for instantaneously exporting key (DKn) is calculated,
For encrypting the device of message using the first instantaneous export key (DKn),
For sending the device of the message of encryption to mobile device,
Mobile device, comprising:
For decrypt from the message of the received encryption of reader to authenticate the device of the identity of mobile device, with
And
For allowing mobile device to use near field communication protocols and reader when the identity of mobile device is certified
The device safely communicated.
The detailed description of invention
The invention proposes a kind of for limiting the validity of the key of the virtual non-contact card of installation in the mobile phone
Mechanism, as limitation the pregnable time window of specific key means.It means that by by this method with based on attached
The security feature (such as TEE or whitepack encryption) of adding system is used in combination, and the attacker that key is extracted in success from phone will be unable to
Using the key, because the validity of the key is expired.
According to the present invention, when only reader includes effective ID and effectively exports key, mobile device and reader
Communication between equipment be only it is possible, wherein reader include master key and examine mobile device ID and export key
Validity device.
It, can be in conjunction with master key (in reader in order to improve the safety communicated between mobile device and reader
On) be restricted using the time window of export key (on virtual card).This means that mobile device is received determining first
Effective first instantaneous export key (DKn) in time interval.At the end of the validity of the first instantaneous export key (DKn),
Mobile device cannot reuse the first instantaneous export key (DKn) and communicate with reader.In order to allow mobile device and read
Device equipment is taken to communicate, mobile device receives another instantaneous export key (DKn+1) that replacement first instantaneously exports key (DKn).
Another instantaneous export key (DKn+1) can be used until its validity terminates, or until it by it is another instantaneously export it is close
Key (DKn+2) replacement.
In order to allow mobile device to receive the sequence (DKn, DKn+1, DKn+2 etc.) of export key, mobile device should be able to
Enough sequences for generating unique ID for mobile device.According to the present invention, mobile device includes for generating instantaneous identifier
(ID) application, each instantaneous identifier (ID) have the finite time section that wherein instantaneous identifier (ID) effectively determines.
Application in mobile device by the hardware component for being used for instantaneous identifier by combination and is used for instantaneous identifier
Component software generates the first instantaneous identifier (IDn).The hardware component of instantaneous identifier is, for example, used in mobile device
The unique identifier (UID) of integrated circuit (IC).Component software is, for example, timestamp.
It is using the advantages of hardware component and component software, for single mobile device, unique instantaneous mark can be generated
Know the sequence (IDn, IDn+1, IDn+2 etc.) of symbol.The software-related portion of instantaneous identifier (ID) can be used for examining instantaneous mark
Accord with the validity of (ID).For example, executing the inspection to instantaneous identifier (ID) validity in reader.Reader
In verifier can for example by examine instantaneous identifier (IDx) whether the array (IDx-2, IDx-1, IDx) with identifier
In other instantaneous identifiers unanimously determine instantaneous identifier (IDx) whether effectively.If the validity of instantaneous ID can not be built
Vertical, then reader can stop the communication with mobile device.
According to one embodiment, the present invention includes following part:
Mobile phone, it includes one or more Special safeties for the software that protection is executed for virtual non-contact card
Sign, which includes encryption key and other sensitive datas;
The specific structure of the instantaneous ID of virtual card is combined with the export key in virtual card;
Reader, having includes the validity check device in reader terminal software, the validity check
Device examines the validity of the instantaneous ID of virtual card;
Provisioning server is used to calculate new instantaneous ID and export key for virtual card, and uses mobile phone
One or more additional security features send them to virtual card.
A kind of mobile phone with NFC, can support HCE to trade, and the virtual card for being equipped with protection installation is soft
One or more security features of part application.
A part of application provides user interface and network communication (and other function), and grasps in open Android
Make to run in system environments.Protection of the another part of application by one or more additional security features, these additional peaces
The execution of full feature protection virtual card simulation, and store encryption key and other sensitive datas.
Associated export key is created the present invention is based on creating special instantaneous ID for virtual card, and for virtual card.
This ID structure includes the details of ID validity itself within it.The data are made by the validity check device in reader terminal
With, the efficacy data which reads virtual card, extracts instantaneous ID, and assessed virtually before handling any financial transaction
The validity of card.
According to an embodiment of the invention, following steps can be followed to obtain instantaneous identifier (ID).
Instantaneous identifier (ID) is made of two adjacent parts, to form the UID of 7 bytes:
Subscription account: 3 bytes
The timestamp of calculating: 4 bytes
Validity check device in reader terminal analyzes the data being encapsulated in instantaneous identifier (ID), and carries out following
It examines:
Is subscription account effective?
Is the timestamp of calculating in correct range?
Subscription account is the sequence reference number for indicating to possess the account of the subscriber of specific virtual card, and can be by making
It is verified with standard account to verify, such as is supplied to blacklist and the white list inspection of reader verifier by server, or
It may be individual check bit.
The timestamp of calculating be from January 1st, 2015 to the instantaneous identifier (ID) for the virtual card be created when
Between put expired number of seconds.Using the timestamp of " life span " the value checking computation being stored in reader whether correct
In range." life span " value defines the validity period from instantaneous identifier (ID) is created from it.For life span
The representative value of parameter is one day.
Then, " current time stamp " is calculated as the number of seconds from January 1st, 2015 to that time by reader verifier.Such as
The timestamp that the instantaneous identifier of fruit (ID) calculates is greater than current time stamp plus the summation of lifetime value, then instantaneous identifier
(ID) it is considered as effective.
If subscriber's account and instantaneous identifier (ID) are all effectively, verifier gives virtual card processing to reader end
Hold the next stage of Checking Software.Otherwise, virtual card is rejected, and is handled and stopped.
When mobile phone is placed in the field NFC of reader terminal, instantaneous identifier (ID) is provided by mobile phone.Occur
When such case, phone can be showed according to 14443 consensus standard of ISO.As a part of the standard, phone must be in " erosion control
Dash forward " instantaneous identifier (ID) is provided to reader during the stage, it being capable of correctly continuous business to read device.Standard suggestion is read
The instantaneous identifier (ID) for taking device to assume that phone provides at this stage is random, and should not be used to additional place
Reason.This means that reader must request the true instantaneous identifier (ID) of virtual card first, or instantaneous identifier (ID) with
The transmitting of some other modes.
In an embodiment of the present invention, virtual card application will provide unique identifier (UID) and some other control numbers
According to, such as:
Virtual card issuer ID
The main version of virtual card
The minor release of card
Process instruction
What the form in response to meeting the APDU (application packet data unit) of ISO 7816 by reader terminal was sent
" selection AID " order, the data are delivered to reader together with the instantaneous identifier (ID) for virtual card.The response is
Condition responsive APDU may then serve as the input for the checkout procedure in reader terminal.
In complete embodiment of the invention, instantaneous identifier (ID) and export key are supplied to by provisioning server by one
The application based on mobile phone of a or more additional security feature protection.
Examplary key diversity schemes for the contactless system based on generally symmetrical key along following Route Work,
Although other methods are also available, and the present invention also works together with these other methods.
1. each card has unique identifying number (UID).
2. the UID uses master key encryption, to generate new key --- Diversified Keys.This is complete in the place of safety
At.
3. key derived from is injected into non-contact card, and is used for the content of encrypted card.
4. when being stuck at reader terminal in use, it can show its UID to reader.
5. the export key that reader re-creates card using the master key being locally stored and the UID provided from card.
6. then, reader is read and more neocaine using Diversified Keys.
The present invention works in a similar way, but increases the following:
In step 1, server calculates the instantaneous identifier (ID) for virtual card based on above structure.
Step 2 be it is identical, for virtual card instantaneous export key use for card scheme diversified algorithm and meter
The instantaneous identifier (ID) calculated generates.This is executed on provisioning server (such as HSM) in security context.
In step 3, using standard security transmission method, instantaneous identifier (ID) and export key are safely passed to
Virtual card in the TEE of mobile phone.When effectively life cycle is expired for the instantaneous identifier (ID) of specific virtual card, it will go out
Existing such case.The life cycle of instantaneous identifier (ID) in virtual card can track by server or by mobile phone.If
It is just generated by server tracks, new instantaneous identifier (ID) and is sent to phone.If it is tracked by phone, phone
Instantaneous identifier (ID) cipher key combinations that can please be look for novelty to staging server.
As described above, instantaneous identifier (ID) verifier being mounted in contactless reader executes between step 4 and 5
Validity check.This instantaneous identifier (ID) verifier needs a small amount of software code to realize, and independently of reader
Any other service logic of middle realization.In this way, reader can easily be examined when the course of receiving starts
The validity of virtual card, and if the instantaneous identifier (ID) of virtual card is expired, stop.
Claims (14)
1. one kind is for providing export key (DK) to mobile device to allow the trusted application (TA) in the mobile device to hold
The method of row and the transaction of the reader equipped with master key (MK), the trusted application (TA) and the reader
It is securely communicated suitable for the communication protocol using adaptation using the master key (MK) and the export key (DK), the side
Method includes:
It is related by the hardware for combining the unique identifier (UID) of integrated circuit (IC) used in for example described mobile device
The software associated component of component and such as timestamp, to obtain the first instantaneous identifier (IDn) for the mobile device,
Emit the described first instantaneous identifier (IDn) for the mobile device to provisioning server,
It is calculated using the described first instantaneous identifier (IDn) of the master key (MK) and the mobile device for the shifting
Instantaneous export key (DKn) of the first of dynamic equipment,
The mobile device is sent from the provisioning server by the calculated first instantaneous export key (DKn), to allow
The trusted application (TA) of the mobile device uses the described first instantaneous export key during determining time interval
(DKn) it is safely communicated with the reader equipped with the master key (MK).
2. according to the method described in claim 1, wherein, the trusted application (TA) and the reader are suitable for using close
Field communication (NFC) agreement is securely communicated using the master key (MK) and the export key (DK).
3. according to the method described in claim 1, wherein, the trusted application (TA) and the reader are suitable for utilizingIt is securely communicated using the master key (MK) and the export key (DK).
4. method according to claim 1,2 or 3, comprising:
It is related by the hardware for combining the unique identifier (UID) of integrated circuit (IC) used in for example described mobile device
The software associated component of component and such as timestamp, to obtain another instantaneous identifier (IDn+1) for the mobile device,
- Xiang Suoshu provisioning server emits another instantaneous identifier (IDn+1) for the mobile device,
It is calculated using another instantaneous identifier (IDn+1) of the master key (MK) and the mobile device for described
Another instantaneous export key (DKn+1) of mobile device,
- Xiang Suoshu mobile device sends calculated another instantaneous export key (DKn+1),
Key (DKn) is exported with another instantaneous export key (DKn+1) replacement described first is instantaneous, to allow the shifting
The trusted application (TA) of dynamic equipment during determining time interval using another instantaneous export key (DKn+1) with
Equipped with the reader secure communication of the master key (MK).
5. method according to claim 1 to 4, wherein the first instantaneous identifier (IDn) and described another
Identifier (IDn+1) includes the business datum provided by the trusted application (TA) when a flash.
6. the method according to any one of claims 1 to 5, wherein the trusted application (TA) is in the mobile device
Credible performing environment (TEE) in operation.
7. method according to any of the preceding claims, wherein the trusted application (TA) is wallet application, and
The transaction with the reader includes the transfer of value of money.
8. a kind of for allowing the trusted application (TA) in mobile device to pacify using near-field communication (NFC) agreement and reader
The method of full communication, wherein the communication is protected by symmetric cryptography, and the reader includes master key, and
The mobile device includes export key, wherein the described method includes:
It is related by the hardware for combining the unique identifier (UID) of integrated circuit (IC) used in for example described mobile device
The software associated component of component and such as timestamp, to obtain the first instantaneous identifier (IDn) for the mobile device,
The described first instantaneous identifier (IDn) to provisioning server transmitting for the mobile device, the provisioning server
Including the master key (MK),
It is calculated using the described first instantaneous identifier (IDn) of the master key (MK) and the mobile device for the shifting
Instantaneous export key (DKn) of the first of dynamic equipment,
The mobile device is sent from the provisioning server by the calculated first instantaneous export key (DKn),
The first instantaneous identifier (IDn) is sent to the reader by the mobile device,
By checking the software associated component of the first instantaneous identifier (IDn), examined in the reader
The validity of the first instantaneous identifier (IDn),
If the first instantaneous identifier (IDn) is effectively, by the master key and described in the reader
First instantaneous identifier (IDn) calculates the described first instantaneous export key (DKn),
It is encrypted in the reader using the described first instantaneous export key (DKn) with being sent to the mobile device
Message,
The encryption message is decrypted in the mobile device, so that the identity of the mobile device is authenticated, and
If the identity of the mobile device is certified, the mobile device is allowed to use near field communication protocols safety
Ground is communicated with the reader.
9. according to the method described in claim 8, including:
It is related by the hardware for combining the unique identifier (UID) of integrated circuit (IC) used in for example described mobile device
The software associated component of component and such as timestamp, to obtain another instantaneous identifier (IDn+1) for the mobile device,
- Xiang Suoshu provisioning server emits another instantaneous identifier (IDn+1) for the mobile device,
It is calculated using another instantaneous identifier (IDn+1) of the master key (MK) and the mobile device for described
Another instantaneous export key (DKn+1) of mobile device,
- Xiang Suoshu mobile device sends calculated another instantaneous export key (DKn+1),
With instantaneous export key (DKn) of another instantaneous export key (DKn+1) replacement described first.
10. method according to claim 8 or claim 9, wherein the first instantaneous identifier (IDn) and described another instantaneous
Identifier (IDn+1) includes the business datum provided by the trusted application (TA).
11. the method according to any one of claim 8 to 10, wherein the trusted application (TA) sets in the movement
Operation in standby credible performing environment (TEE).
12. the method according to any one of claim 8 to 11, wherein the trusted application (TA) is wallet application, and
And include the transfer of value of money with the transaction of the reader.
13. a kind of for allowing the trusted application (TA) in mobile device safely to set with reader using the communication protocol of adaptation
The system of standby communication, wherein the communication is protected by symmetric cryptography, the system comprises: reader, the reading
Taking device equipment includes master key;And mobile device, the mobile device include identifier, such as are made in the mobile device
Unique ID (UID) of integrated circuit (IC);And provisioning server, the provisioning server include for being the movement
Equipment provides the master key of export key,
Wherein, the mobile device in the system includes:
Application, the application are suitable for the unique identification by combining integrated circuit (IC) used in for example described mobile device
The software associated component of the hardware dependent component and such as timestamp that accord with (UID) obtains the first wink for the mobile device
When identifier (IDn),
It is described for the device to provisioning server transmitting for the described first instantaneous identifier (IDn) of the mobile device
Provisioning server includes the master key (MK),
Wherein, the provisioning server includes:
For being calculated using the described first instantaneous identifier (IDn) of the master key (MK) and the mobile device for institute
The device of the first instantaneous export key (DKn) of mobile device is stated,
For sending the mobile device from the provisioning server for the calculated first instantaneous export key (DKn)
Device,
The mobile device further include:
For receiving and storing the described first instantaneous export key (DKn) to allow the mobile device to use the communication of adaptation
The device communicated with reader to protocol security.
14. a kind of for allowing the trusted application (TA) in mobile device to use near-field communication (NFC) agreement and reader
The system of secure communication, wherein the communication is protected by symmetric cryptography, the system comprises: reader, it is described
Reader includes master key;And mobile device, the mobile device include identifier, such as in the mobile device
Unique ID (UID) of the integrated circuit (IC) used;And provisioning server, the provisioning server include for being the shifting
Dynamic equipment provides the master key of export key,
Wherein, the mobile device in the system includes:
Application, the application are suitable for the unique identification by combining integrated circuit (IC) used in for example described mobile device
The software associated component of the hardware dependent component and such as timestamp that accord with (UID) obtains the first wink for the mobile device
When identifier (IDn),
It is described for the device to provisioning server transmitting for the described first instantaneous identifier (IDn) of the mobile device
Provisioning server includes the master key (MK),
Wherein, the provisioning server includes:
For being calculated using the described first instantaneous identifier (IDn) of the master key (MK) and the mobile device for institute
The device of the first instantaneous export key (DKn) of mobile device is stated,
For sending the mobile device from the provisioning server for the calculated first instantaneous export key (DKn)
Device,
The mobile device further include:
For the device of the first instantaneous identifier (IDn) to be sent to the reader using NFC protocol,
Wherein, the reader includes:
For checking that described first is instantaneous by checking the software associated component of the first instantaneous identifier (IDn)
The device of the validity of identifier (IDn), and
For instantaneously being identified when the described first instantaneous identifier (IDn) is effective by using the master key and described first
The device that (IDn) calculates the described first instantaneous export key (DKn) is accorded with,
For instantaneously exporting the device of key (DKn) encryption message using described first,
For sending the device of the message of encryption to the mobile device,
The mobile device includes:
For decrypting the message from the received encryption of the reader to authenticate the identity of the mobile device
Device, and
For allowing the mobile device to use near field communication protocols and institute when the identity of the mobile device is certified
State the device of reader secure communication.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB1609460.9 | 2016-05-30 | ||
| GBGB1609460.9A GB201609460D0 (en) | 2016-05-30 | 2016-05-30 | Increased security through ephemeral keys for software virtual contactless card in a mobile phone |
| PCT/IB2017/000646 WO2017208063A1 (en) | 2016-05-30 | 2017-05-29 | Increased security through ephemeral keys for software virtual contactless card in mobile phone |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109417481A true CN109417481A (en) | 2019-03-01 |
Family
ID=56410729
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201780033635.3A Pending CN109417481A (en) | 2016-05-30 | 2017-05-29 | Safety is improved by the temporary key of the virtual non-contact card of software in mobile phone |
Country Status (5)
| Country | Link |
|---|---|
| EP (1) | EP3465980A1 (en) |
| CN (1) | CN109417481A (en) |
| GB (2) | GB201609460D0 (en) |
| PH (1) | PH12018502545A1 (en) |
| WO (1) | WO2017208063A1 (en) |
Families Citing this family (101)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10546444B2 (en) | 2018-06-21 | 2020-01-28 | Capital One Services, Llc | Systems and methods for secure read-only authentication |
| US10579998B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10489781B1 (en) | 2018-10-02 | 2019-11-26 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10592710B1 (en) | 2018-10-02 | 2020-03-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10607214B1 (en) | 2018-10-02 | 2020-03-31 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| WO2020072583A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for establishing identity for order pick up |
| KR20210066798A (en) | 2018-10-02 | 2021-06-07 | 캐피탈 원 서비시즈, 엘엘씨 | System and method for cryptographic authentication of contactless card |
| US10748138B2 (en) | 2018-10-02 | 2020-08-18 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10992477B2 (en) | 2018-10-02 | 2021-04-27 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10909527B2 (en) | 2018-10-02 | 2021-02-02 | Capital One Services, Llc | Systems and methods for performing a reissue of a contactless card |
| US10565587B1 (en) | 2018-10-02 | 2020-02-18 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10783519B2 (en) | 2018-10-02 | 2020-09-22 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| CA3115107A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10505738B1 (en) | 2018-10-02 | 2019-12-10 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10949520B2 (en) | 2018-10-02 | 2021-03-16 | Capital One Services, Llc | Systems and methods for cross coupling risk analytics and one-time-passcodes |
| CA3115252A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US11210664B2 (en) | 2018-10-02 | 2021-12-28 | Capital One Services, Llc | Systems and methods for amplifying the strength of cryptographic algorithms |
| US10511443B1 (en) | 2018-10-02 | 2019-12-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| CA3115142A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10554411B1 (en) | 2018-10-02 | 2020-02-04 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10771253B2 (en) | 2018-10-02 | 2020-09-08 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| AU2019355878A1 (en) | 2018-10-02 | 2021-02-25 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10771254B2 (en) | 2018-10-02 | 2020-09-08 | Capital One Services, Llc | Systems and methods for email-based card activation |
| US10860814B2 (en) | 2018-10-02 | 2020-12-08 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| MX2021003138A (en) | 2018-10-02 | 2021-05-14 | Capital One Services Llc | Systems and methods for cryptographic authentication of contactless cards. |
| US10797882B2 (en) | 2018-10-02 | 2020-10-06 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10582386B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10542036B1 (en) | 2018-10-02 | 2020-01-21 | Capital One Services, Llc | Systems and methods for signaling an attack on contactless cards |
| CA3108917A1 (en) | 2018-10-02 | 2020-04-09 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US10581611B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| AU2019355110A1 (en) | 2018-10-02 | 2021-04-08 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
| US20200226581A1 (en) | 2019-01-11 | 2020-07-16 | Capital One Services, Llc | Systems and methods for touch screen interface interaction using a card overlay |
| US11037136B2 (en) | 2019-01-24 | 2021-06-15 | Capital One Services, Llc | Tap to autofill card data |
| US10510074B1 (en) | 2019-02-01 | 2019-12-17 | Capital One Services, Llc | One-tap payment using a contactless card |
| US10467622B1 (en) | 2019-02-01 | 2019-11-05 | Capital One Services, Llc | Using on-demand applications to generate virtual numbers for a contactless card to securely autofill forms |
| US11120453B2 (en) | 2019-02-01 | 2021-09-14 | Capital One Services, Llc | Tap card to securely generate card data to copy to clipboard |
| US10425129B1 (en) | 2019-02-27 | 2019-09-24 | Capital One Services, Llc | Techniques to reduce power consumption in near field communication systems |
| US10523708B1 (en) | 2019-03-18 | 2019-12-31 | Capital One Services, Llc | System and method for second factor authentication of customer support calls |
| US10643420B1 (en) | 2019-03-20 | 2020-05-05 | Capital One Services, Llc | Contextual tapping engine |
| US10535062B1 (en) | 2019-03-20 | 2020-01-14 | Capital One Services, Llc | Using a contactless card to securely share personal data stored in a blockchain |
| US10984416B2 (en) | 2019-03-20 | 2021-04-20 | Capital One Services, Llc | NFC mobile currency transfer |
| US10438437B1 (en) | 2019-03-20 | 2019-10-08 | Capital One Services, Llc | Tap to copy data to clipboard via NFC |
| US10970712B2 (en) | 2019-03-21 | 2021-04-06 | Capital One Services, Llc | Delegated administration of permissions using a contactless card |
| US10467445B1 (en) | 2019-03-28 | 2019-11-05 | Capital One Services, Llc | Devices and methods for contactless card alignment with a foldable mobile device |
| US11521262B2 (en) | 2019-05-28 | 2022-12-06 | Capital One Services, Llc | NFC enhanced augmented reality information overlays |
| US10516447B1 (en) | 2019-06-17 | 2019-12-24 | Capital One Services, Llc | Dynamic power levels in NFC card communications |
| US10871958B1 (en) | 2019-07-03 | 2020-12-22 | Capital One Services, Llc | Techniques to perform applet programming |
| US11392933B2 (en) | 2019-07-03 | 2022-07-19 | Capital One Services, Llc | Systems and methods for providing online and hybridcard interactions |
| US11694187B2 (en) | 2019-07-03 | 2023-07-04 | Capital One Services, Llc | Constraining transactional capabilities for contactless cards |
| US10713649B1 (en) | 2019-07-09 | 2020-07-14 | Capital One Services, Llc | System and method enabling mobile near-field communication to update display on a payment card |
| US10498401B1 (en) | 2019-07-15 | 2019-12-03 | Capital One Services, Llc | System and method for guiding card positioning using phone sensors |
| US10885514B1 (en) | 2019-07-15 | 2021-01-05 | Capital One Services, Llc | System and method for using image data to trigger contactless card transactions |
| US11182771B2 (en) | 2019-07-17 | 2021-11-23 | Capital One Services, Llc | System for value loading onto in-vehicle device |
| US10733601B1 (en) | 2019-07-17 | 2020-08-04 | Capital One Services, Llc | Body area network facilitated authentication or payment authorization |
| US10832271B1 (en) | 2019-07-17 | 2020-11-10 | Capital One Services, Llc | Verified reviews using a contactless card |
| US11521213B2 (en) | 2019-07-18 | 2022-12-06 | Capital One Services, Llc | Continuous authentication for digital services based on contactless card positioning |
| US10506426B1 (en) | 2019-07-19 | 2019-12-10 | Capital One Services, Llc | Techniques for call authentication |
| US10541995B1 (en) | 2019-07-23 | 2020-01-21 | Capital One Services, Llc | First factor contactless card authentication system and method |
| EP4038587A4 (en) | 2019-10-02 | 2023-06-07 | Capital One Services, LLC | Client device authentication using contactless legacy magnetic stripe data |
| US11113685B2 (en) | 2019-12-23 | 2021-09-07 | Capital One Services, Llc | Card issuing with restricted virtual numbers |
| US11651361B2 (en) | 2019-12-23 | 2023-05-16 | Capital One Services, Llc | Secure authentication based on passport data stored in a contactless card |
| US10657754B1 (en) | 2019-12-23 | 2020-05-19 | Capital One Services, Llc | Contactless card and personal identification system |
| US10862540B1 (en) | 2019-12-23 | 2020-12-08 | Capital One Services, Llc | Method for mapping NFC field strength and location on mobile devices |
| US11615395B2 (en) | 2019-12-23 | 2023-03-28 | Capital One Services, Llc | Authentication for third party digital wallet provisioning |
| US10885410B1 (en) | 2019-12-23 | 2021-01-05 | Capital One Services, Llc | Generating barcodes utilizing cryptographic techniques |
| US10733283B1 (en) | 2019-12-23 | 2020-08-04 | Capital One Services, Llc | Secure password generation and management using NFC and contactless smart cards |
| US10853795B1 (en) | 2019-12-24 | 2020-12-01 | Capital One Services, Llc | Secure authentication based on identity data stored in a contactless card |
| US11200563B2 (en) | 2019-12-24 | 2021-12-14 | Capital One Services, Llc | Account registration using a contactless card |
| US10664941B1 (en) | 2019-12-24 | 2020-05-26 | Capital One Services, Llc | Steganographic image encoding of biometric template information on a card |
| US10757574B1 (en) | 2019-12-26 | 2020-08-25 | Capital One Services, Llc | Multi-factor authentication providing a credential via a contactless card for secure messaging |
| US10909544B1 (en) | 2019-12-26 | 2021-02-02 | Capital One Services, Llc | Accessing and utilizing multiple loyalty point accounts |
| US11038688B1 (en) | 2019-12-30 | 2021-06-15 | Capital One Services, Llc | Techniques to control applets for contactless cards |
| US11455620B2 (en) | 2019-12-31 | 2022-09-27 | Capital One Services, Llc | Tapping a contactless card to a computing device to provision a virtual number |
| US10860914B1 (en) | 2019-12-31 | 2020-12-08 | Capital One Services, Llc | Contactless card and method of assembly |
| US11210656B2 (en) | 2020-04-13 | 2021-12-28 | Capital One Services, Llc | Determining specific terms for contactless card activation |
| US10861006B1 (en) | 2020-04-30 | 2020-12-08 | Capital One Services, Llc | Systems and methods for data access control using a short-range transceiver |
| US11222342B2 (en) | 2020-04-30 | 2022-01-11 | Capital One Services, Llc | Accurate images in graphical user interfaces to enable data transfer |
| US11030339B1 (en) | 2020-04-30 | 2021-06-08 | Capital One Services, Llc | Systems and methods for data access control of personal user data using a short-range transceiver |
| US11823175B2 (en) | 2020-04-30 | 2023-11-21 | Capital One Services, Llc | Intelligent card unlock |
| US10915888B1 (en) | 2020-04-30 | 2021-02-09 | Capital One Services, Llc | Contactless card with multiple rotating security keys |
| US10963865B1 (en) | 2020-05-12 | 2021-03-30 | Capital One Services, Llc | Augmented reality card activation experience |
| US11100511B1 (en) | 2020-05-18 | 2021-08-24 | Capital One Services, Llc | Application-based point of sale system in mobile operating systems |
| US11063979B1 (en) | 2020-05-18 | 2021-07-13 | Capital One Services, Llc | Enabling communications between applications in a mobile operating system |
| US11062098B1 (en) | 2020-08-11 | 2021-07-13 | Capital One Services, Llc | Augmented reality information display and interaction via NFC based authentication |
| US11482312B2 (en) | 2020-10-30 | 2022-10-25 | Capital One Services, Llc | Secure verification of medical status using a contactless card |
| US11165586B1 (en) | 2020-10-30 | 2021-11-02 | Capital One Services, Llc | Call center web-based authentication using a contactless card |
| US11373169B2 (en) | 2020-11-03 | 2022-06-28 | Capital One Services, Llc | Web-based activation of contactless cards |
| US11216799B1 (en) | 2021-01-04 | 2022-01-04 | Capital One Services, Llc | Secure generation of one-time passcodes using a contactless card |
| US11682012B2 (en) | 2021-01-27 | 2023-06-20 | Capital One Services, Llc | Contactless delivery systems and methods |
| US11562358B2 (en) | 2021-01-28 | 2023-01-24 | Capital One Services, Llc | Systems and methods for near field contactless card communication and cryptographic authentication |
| US11687930B2 (en) | 2021-01-28 | 2023-06-27 | Capital One Services, Llc | Systems and methods for authentication of access tokens |
| US11792001B2 (en) | 2021-01-28 | 2023-10-17 | Capital One Services, Llc | Systems and methods for secure reprovisioning |
| US11438329B2 (en) | 2021-01-29 | 2022-09-06 | Capital One Services, Llc | Systems and methods for authenticated peer-to-peer data transfer using resource locators |
| US11777933B2 (en) | 2021-02-03 | 2023-10-03 | Capital One Services, Llc | URL-based authentication for payment cards |
| US11637826B2 (en) | 2021-02-24 | 2023-04-25 | Capital One Services, Llc | Establishing authentication persistence |
| US11245438B1 (en) | 2021-03-26 | 2022-02-08 | Capital One Services, Llc | Network-enabled smart apparatus and systems and methods for activating and provisioning same |
| US11961089B2 (en) | 2021-04-20 | 2024-04-16 | Capital One Services, Llc | On-demand applications to extend web services |
| US11935035B2 (en) | 2021-04-20 | 2024-03-19 | Capital One Services, Llc | Techniques to utilize resource locators by a contactless card to perform a sequence of operations |
| US11902442B2 (en) | 2021-04-22 | 2024-02-13 | Capital One Services, Llc | Secure management of accounts on display devices using a contactless card |
| US11354555B1 (en) | 2021-05-04 | 2022-06-07 | Capital One Services, Llc | Methods, mediums, and systems for applying a display to a transaction card |
| US12041172B2 (en) | 2021-06-25 | 2024-07-16 | Capital One Services, Llc | Cryptographic authentication to control access to storage devices |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101902476A (en) * | 2010-07-27 | 2010-12-01 | 浙江大学 | Method for authenticating identity of mobile peer-to-peer user |
| US8447984B1 (en) * | 2004-06-25 | 2013-05-21 | Oracle America, Inc. | Authentication system and method for operating the same |
| US20130179351A1 (en) * | 2012-01-09 | 2013-07-11 | George Wallner | System and method for an authenticating and encrypting card reader |
| CN103268249A (en) * | 2012-03-04 | 2013-08-28 | 深圳市家富通汇科技有限公司 | Method and apparatus for emulating multiple cards in mobile devices |
| CN105279649A (en) * | 2014-06-12 | 2016-01-27 | 恩智浦有限公司 | Method for configuring secure element, and configurable secure element |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8103804B2 (en) * | 2008-11-12 | 2012-01-24 | Flexera Software, Inc. | Method and system for embedded regenerative licensing |
| US20130042112A1 (en) * | 2011-02-12 | 2013-02-14 | CertiVox Ltd. | Use of non-interactive identity based key agreement derived secret keys with authenticated encryption |
| TW201525759A (en) * | 2013-12-31 | 2015-07-01 | Sage Information Systems Co Ltd | Authentication system and authentication method of computer software, and one-time password generator for authenticating the computer software |
| CN104618467B (en) * | 2015-01-20 | 2018-12-14 | 西安电子科技大学 | A kind of effective and resisting denying based on Android platform falls down rescue skills and system |
-
2016
- 2016-05-30 GB GBGB1609460.9A patent/GB201609460D0/en not_active Ceased
-
2017
- 2017-05-29 WO PCT/IB2017/000646 patent/WO2017208063A1/en unknown
- 2017-05-29 CN CN201780033635.3A patent/CN109417481A/en active Pending
- 2017-05-29 EP EP17805942.4A patent/EP3465980A1/en not_active Withdrawn
- 2017-05-29 GB GB201708573A patent/GB2551907B/en not_active Expired - Fee Related
-
2018
- 2018-12-03 PH PH12018502545A patent/PH12018502545A1/en unknown
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8447984B1 (en) * | 2004-06-25 | 2013-05-21 | Oracle America, Inc. | Authentication system and method for operating the same |
| CN101902476A (en) * | 2010-07-27 | 2010-12-01 | 浙江大学 | Method for authenticating identity of mobile peer-to-peer user |
| US20130179351A1 (en) * | 2012-01-09 | 2013-07-11 | George Wallner | System and method for an authenticating and encrypting card reader |
| CN103268249A (en) * | 2012-03-04 | 2013-08-28 | 深圳市家富通汇科技有限公司 | Method and apparatus for emulating multiple cards in mobile devices |
| CN105279649A (en) * | 2014-06-12 | 2016-01-27 | 恩智浦有限公司 | Method for configuring secure element, and configurable secure element |
Also Published As
| Publication number | Publication date |
|---|---|
| GB201708573D0 (en) | 2017-07-12 |
| EP3465980A1 (en) | 2019-04-10 |
| GB2551907B (en) | 2019-11-20 |
| PH12018502545A1 (en) | 2019-04-08 |
| GB201609460D0 (en) | 2016-07-13 |
| WO2017208063A1 (en) | 2017-12-07 |
| GB2551907A (en) | 2018-01-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109417481A (en) | Safety is improved by the temporary key of the virtual non-contact card of software in mobile phone | |
| CN104217327B (en) | A kind of financial IC card internet terminal and its method of commerce | |
| US8368516B2 (en) | Secure data exchange with a transponder | |
| US20190012672A1 (en) | Method and system for enhancing the security of a transaction | |
| CN101419652B (en) | Software and hardware combined program protecting method | |
| US10182062B2 (en) | Software tampering detection and reporting process | |
| CN108304902B (en) | Ultra-lightweight mobile RFID system bidirectional authentication method | |
| CN107925572A (en) | Secure binding of the software application to communicator | |
| US11880832B2 (en) | Method and system for enhancing the security of a transaction | |
| CN103914913B (en) | A kind of application of IC cards scene recognition method and system | |
| CN105160242A (en) | Certificate loading method and certificate updating method of card reader and card reader | |
| CN109120395A (en) | Label data generation method, label and the data processing based on NFC label | |
| CN104240074A (en) | Prepaid card online payment system based on identity authentication and payment method of prepaid card online payment system | |
| Radu et al. | Practical EMV relay protection | |
| CA2940465C (en) | Device and method for securing commands exchanged between a terminal and an integrated circuit | |
| Peng et al. | A secure RFID ticket system for public transport | |
| KR100618316B1 (en) | Rfid authentication system and its method | |
| CN103544418B (en) | A kind of authentication device based on electronic transaction, system and method | |
| KR101522136B1 (en) | Method for Providing End-To-End Authentication Pass Through Assigned Terminal between Card and Server | |
| CN108133366B (en) | payment method and payment system of financial card and mobile terminal | |
| CN105427478A (en) | ATM counterfeit detection instrument motherboard program security handling method | |
| CN116756038A (en) | Automatic bus card service testing method and system | |
| Väisänen et al. | Security analysis and review of digital signature-based low-cost RFID tag authentication | |
| Watanabe | Security analysis of PLAID | |
| Vogl | On Austrian ePassport Security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190301 |