CN111835749A - Method for realizing access of single UnionPay system to multiple credit card systems - Google Patents

Method for realizing access of single UnionPay system to multiple credit card systems Download PDF

Info

Publication number
CN111835749A
CN111835749A CN202010648148.1A CN202010648148A CN111835749A CN 111835749 A CN111835749 A CN 111835749A CN 202010648148 A CN202010648148 A CN 202010648148A CN 111835749 A CN111835749 A CN 111835749A
Authority
CN
China
Prior art keywords
credit card
message
unionpay
communication module
mac
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010648148.1A
Other languages
Chinese (zh)
Other versions
CN111835749B (en
Inventor
李成军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Tonglian Financial Services Co Ltd
Original Assignee
Shanghai Tonglian Financial Services Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Tonglian Financial Services Co Ltd filed Critical Shanghai Tonglian Financial Services Co Ltd
Priority to CN202010648148.1A priority Critical patent/CN111835749B/en
Publication of CN111835749A publication Critical patent/CN111835749A/en
Application granted granted Critical
Publication of CN111835749B publication Critical patent/CN111835749B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/03Credit; Loans; Processing thereof
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Economics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Technology Law (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • Development Economics (AREA)
  • Power Engineering (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention relates to a method for realizing the access of a single UnionPay system to a plurality of credit card systems, which comprises the following steps: establishing a UnionPay communication module, a credit card communication module and a logic processing module; independently starting a logic processing module to receive the message; the logic processing module judges the route of the received message, and acquires the source and the destination of the received message, wherein the route comprises a unionpay communication module to a credit card communication module and a credit card communication module to a unionpay communication module; the received message is then MAC checked and PIN decrypted from the message source, and MAC and PIN encryption is regenerated from the message destination. Therefore, the invention realizes the purpose that the bank only accesses one credit card institution number and can still access a plurality of credit card systems by adopting the UnionPay communication module and the credit card communication module as transmission channels and adopting the logic processing module as an intermediate processing means, thereby expanding the card issuing service capability of the bank credit cards.

Description

Method for realizing access of single UnionPay system to multiple credit card systems
Technical Field
The invention relates to the technical field of access systems, in particular to a method for realizing access of a single unionpay system to a plurality of credit card systems.
Background
The market competition of the current credit card is intense, a plurality of credit card systems compete in the market, each credit card system has the advantages, and the Unionpay channel is the largest transaction channel of the credit card systems.
Current unionpay systems are very rigid with respect to access systems and institutions, and a bank can only assign a credit card institution number. The institution number is the only resource for the unionpay channel to trade and settle. The bank can not freely introduce the competition of a plurality of credit card systems, and the card issuing business expansion capability of each bank credit card is seriously restricted.
Therefore, it is necessary to provide a method for accessing a plurality of credit card systems by a single unionpay system, so as to achieve the purpose that a bank only accesses one credit card institution number and can still access a plurality of credit card systems, thereby expanding the card issuing capability of bank credit cards.
Disclosure of Invention
The invention aims to provide a method for realizing the access of a single UnionPay system to a plurality of credit card systems, which realizes the purpose that a bank only accesses one credit card institution number and can still access a plurality of credit card systems, and expands the card issuing service capability of bank credit cards.
In order to solve the problems in the prior art, the invention provides a method for realizing the access of a single unionpay system to a plurality of credit card systems, which comprises the following steps:
establishing three modules which are respectively: the system comprises a Unionpay communication module, a credit card communication module and a logic processing module;
independently starting the logic processing module to receive messages;
judging the route of the received message;
if the source of the received message is the Unionpay communication module, carrying out MAC check and PIN decryption on the received message according to a secret key and an encryption mode which are agreed with the Unionpay system, carrying out regeneration MAC and PIN encryption operation on the decrypted message according to the secret key and the encryption mode which are agreed with the corresponding credit card system, and writing the regenerated MAC and PIN encrypted message into the corresponding credit card communication module;
if the source of the received message is the credit card communication module, MAC verification and PIN decryption are carried out on the received message according to the secret key and the encryption mode which are agreed with the credit card system corresponding to the credit card communication module, MAC and PIN encryption operation is carried out on the decrypted message according to the secret key and the encryption mode which are agreed with the Unionpay system, and the message which is encrypted by the regenerated MAC and PIN is written into the Unionpay communication module.
Optionally, in the method for realizing the access of the single unionpay system to the plurality of credit card systems,
the Unionpay communication module is in communication butt joint with the Unionpay system and comprises a Unionpay message processing pipeline;
each credit card communication module is in communication butt joint with each credit card system respectively, and each credit card communication module comprises a credit card message processing pipeline;
and the logic processing module is used for realizing the message exchange between the Unionpay communication module and the credit card communication module.
Optionally, in the method for realizing the access of the single unionpay system to the plurality of credit card systems,
the Unionpay communication module receives the message of the Unionpay system and writes the received message into the Unionpay message processing pipeline;
and the credit card communication module receives the information of the credit card system and writes the received information into a credit card information processing pipeline.
Optionally, in the method for implementing access of a single unionpay system to multiple credit card systems, the manner of receiving a message and determining a route of the received message includes the following steps:
the logic processing module scans the unionpay message processing pipeline and the credit card message processing pipeline at variable time, and receives messages if messages which are not transmitted by the logic processing module appear;
and the logic processing module judges that the source of the received message is a Unionpay communication module or a credit card communication module according to the 5 th field of the message header of the received message.
Optionally, in the method for realizing the access of the single unionpay system to the plurality of credit card systems,
if the source of the received message is the Unionpay communication module, the first 6 bits or the first 8 bits in the 2 nd domain of the message body are judged to obtain a credit card communication module corresponding to the received message.
Optionally, in the method for implementing access of a single unionpay system to multiple credit card systems, performing MAC check and PIN decryption includes the following steps:
carrying out MAC verification, and carrying out PIN decryption if the verification is successful; and if the verification fails, the PIN decryption is not continuously carried out, and the Unionpay MAC verification failure is returned to the Unionpay communication module or the credit card MAC verification failure is returned to the credit card communication module which sends the message.
Optionally, in the method for implementing access of a single unionpay system to multiple credit card systems, the MAC verification includes the following steps:
calculating and generating a message authentication block according to the type of the received message;
the MAC is calculated based on the agreed key and the message authentication block,
and comparing and calculating to obtain the MAC and the MAC in the received message, if the MAC is consistent with the MAC in the received message, successfully verifying, and otherwise, failing to verify.
Optionally, in the method for implementing access of a single unionpay system to multiple credit card systems, a manner of writing a message encrypted by regenerating MAC and PIN into a corresponding credit card communication module is as follows:
writing the regenerated MAC and PIN encrypted message into a credit card message processing pipeline of a corresponding credit card communication module,
and scanning the credit card message processing pipeline at variable time corresponding to the credit card communication module, and transmitting the scanned message required to be transmitted to the corresponding credit card system.
Optionally, in the method for implementing access of a single unionpay system to multiple credit card systems, a manner of writing a message encrypted by newly generated MAC and PIN into the unionpay communication module is as follows:
writing the regenerated MAC and PIN encrypted message into a Unionpay message processing pipeline of the Unionpay communication module,
the unionpay communication module scans the unionpay message processing pipeline at variable time and transmits the scanned messages which need to be transmitted to the unionpay system.
Optionally, in the method for realizing the access of the single unionpay system to the plurality of credit card systems,
and the messages in the unionpay message processing pipeline and the credit card message processing pipeline are messages which have generated MAC and PIN encryption.
In the method for realizing the access of the single UnionPay system to the multiple credit card systems, the UnionPay communication module and the credit card communication module are used as transmission channels, and the logic processing module is used as an intermediate processing means, so that the purpose that a bank only accesses one credit card institution number and can still access the multiple credit card systems is realized, and the card issuing service capability of the bank credit cards is expanded.
Drawings
Fig. 1 is a flowchart of a method for implementing a single unionpay system accessing multiple credit card systems according to an embodiment of the present invention.
Detailed Description
The following describes in more detail embodiments of the present invention with reference to the schematic drawings. The advantages and features of the present invention will become more apparent from the following description. It is to be noted that the drawings are in a very simplified form and are not to precise scale, which is merely for the purpose of facilitating and distinctly claiming the embodiments of the present invention.
Hereinafter, if the method described herein comprises a series of steps, the order of such steps presented herein is not necessarily the only order in which such steps may be performed, and some of the described steps may be omitted and/or some other steps not described herein may be added to the method.
At present, the unionpay system is very strict on access system and institution management, and only one credit card institution number can be allocated to one bank. The institution number is the only resource for the unionpay channel to trade and settle. The bank can not freely introduce the competition of a plurality of credit card systems, and the card issuing business expansion capability of each bank credit card is seriously restricted.
Therefore, there is a need to provide a method for accessing multiple credit card systems by a single unionpay system, as shown in fig. 1, where fig. 1 is a flowchart of a method for accessing multiple credit card systems by a single unionpay system according to an embodiment of the present invention, the method includes the following steps:
establishing three modules which are respectively: the system comprises a Unionpay communication module, a credit card communication module and a logic processing module;
independently starting the logic processing module to receive messages;
judging the route of the received message;
if the source of the received message is the Unionpay communication module, carrying out MAC check and PIN decryption on the received message according to a secret key and an encryption mode which are agreed with the Unionpay system, carrying out regeneration MAC and PIN encryption operation on the decrypted message according to the secret key and the encryption mode which are agreed with the corresponding credit card system, and writing the regenerated MAC and PIN encrypted message into the corresponding credit card communication module;
if the source of the received message is the credit card communication module, MAC verification and PIN decryption are carried out on the received message according to the secret key and the encryption mode which are agreed with the credit card system corresponding to the credit card communication module, MAC and PIN encryption operation is carried out on the decrypted message according to the secret key and the encryption mode which are agreed with the Unionpay system, and the message which is encrypted by the regenerated MAC and PIN is written into the Unionpay communication module.
The invention adopts the UnionPay communication module and the credit card communication module as transmission channels and adopts the logic processing module as an intermediate processing means, thereby realizing the purpose that a bank only accesses one credit card institution number and can still access a plurality of credit card systems, and expanding the card issuing service capability of bank credit cards.
Furthermore, the Unionpay communication adopts an international standard ISO8583 message protocol as a basic protocol, and the Unionpay communication protocol standard is formulated on the basis, wherein the technical specification refers to the technical specification of the Chinese Unionpay bank card exchange system, part 2, the message interface standard, the technical specification of the Chinese Unionpay bank card exchange system, part 4, the data safety transmission control standard, and the invention meets the above specifications. The Unionpay message interface specification is a public transparent protocol specification, and based on the Unionpay communication interface specification, the method can completely realize the re-disassembly of all Unionpay messages and the formation of different credit card transaction routes.
Preferably, all terms used in the present invention are to be interpreted as follows:
MTI: a message type; PIN: a personal identification code of the cardholder; MAC: a Message Authentication Code; MAB: message Authentication Block; and (3) card BIN: a card number segment, wherein 6 bits or 8 bits in front of the card number are intercepted as a card number segment (the 2 nd field in the message body is taken in the scheme); ISO 8583: the financial transaction card original message-transaction message specification is a message format and a transaction flow defined by the international organization for standardization, so that different systems can exchange transaction request and response information; the international algorithm is as follows: the DES encryption algorithm is a block cipher, data is encrypted by taking 64 bits as blocks, the length of a key of the DES encryption algorithm is 56 bits, and the same algorithm is used for encryption and decryption; and (3) a national secret algorithm: a domestic cryptographic algorithm identified by the national cryptology Bureau; routing table: configuring a corresponding credit card system IP, an address, a message source ID and a message target ID according to the card BIN, wherein the corresponding credit card system IP, the address, the message source ID and the message target ID are decision bases for the distribution of the Unionpay transaction; naming a pipeline: the named pipe, also called FIFO file, is a special type of file that exists in the file system in the form of a file name, but behaves similar to an anonymous pipe; message source: the 5 th field in the message header is a message source ID; message destination: the 4 th field in the message header is the message target ID.
Preferably, in the method for realizing the access of the single unionpay system to the plurality of credit card systems,
the UnionPay communication module is in communication butt joint with the UnionPay system, the butt joint communication mode can adopt a TCP simplex long connection mode, the UnionPay communication module comprises a UnionPay message processing pipeline, and the UnionPay message processing pipeline is a named pipeline;
each credit card communication module is in communication butt joint with each credit card system respectively, the butt joint communication mode can adopt a TCP duplex short connection mode or a TCP simplex long connection mode, each credit card communication module comprises a credit card message processing pipeline, and the credit card message processing pipeline is another named pipeline;
the logic processing module is used for realizing the message exchange of the Unionpay communication module and the credit card communication module, and the message exchange is mainly realized through a Unionpay message processing pipeline and a credit card message processing pipeline.
Usually, the union pay communication module receives the message of the union pay system, and writes the received message into a union pay message processing pipeline; and the credit card communication module receives the information of the credit card system and writes the received information into a credit card information processing pipeline.
In the method, after receiving the message, it is further required to determine whether the transaction is supported, including the following steps:
and comparing and judging the 0 field, the 3 field, the 25 field and the 70 field of the received message with the system definition, if the received message is not supported, rejecting the transaction, filling 40 in the 39 field, writing an IPC structure into a Unionpay message processing pipeline or a credit card message processing pipeline, and if the received message is supported, continuously judging the routing of the received message and the subsequent steps.
Preferably, the method of receiving a message and determining the route of the received message comprises the steps of:
the logic processing module scans the unionpay message processing pipeline and the credit card message processing pipeline at variable time, and receives messages if messages which are not transmitted by the logic processing module appear;
and the logic processing module judges whether the source of the received message is a Unionpay communication module or a credit card communication module according to the 5 th field of the message header of the received message.
If the source of the received message is the Unionpay communication module, the first 6 bits or the first 8 bits in the 2 nd domain of the message body are judged to obtain a credit card communication module corresponding to the received message, and a credit card system and a credit card message processing pipeline corresponding to the credit card communication module are obtained by the credit card system. In the invention, the first 6 bits or the first 8 bits in the 2 nd field of the message body are card BINs. Specifically, the routing table is looked up according to the card BIN to configure the corresponding credit card system IP, address, message source ID, message destination ID, etc.
Further, the MAC checksum PIN decryption includes the following steps:
carrying out MAC verification, and carrying out PIN decryption if the verification is successful; and if the verification fails, the PIN decryption is not continuously carried out, and the Unionpay MAC verification failure is returned to the Unionpay communication module or the credit card MAC verification failure is returned to the credit card communication module which sends the message.
Preferably, the MAC check includes the steps of:
selecting different message domains according to the type (0 domain: MTI) of the received message and calculating by adopting a cryptographic algorithm to generate a message authentication block;
the MAC is calculated based on the agreed key and the message authentication block,
and comparing and calculating to obtain the MAC and the MAC in the received message, if the MAC is consistent with the MAC in the received message, successfully verifying, and otherwise, failing to verify.
Further, the calculation rule of the cryptographic algorithm is as follows: dividing the data after the MAC character selection processing into 128-bit blocks according to 128 bits until the last block of the data, wherein the bit number of the data is less than or equal to 128 bits, and complementing binary 0 when the bit number is less than 128 bits, thereby obtaining a Message Authentication Block (MAB).
The PIN decryption mode is as follows: and determining the algorithm type according to the algorithm type of the 53-domain name, acquiring the key, decrypting by using a specified algorithm, if the PIN is failed to be solved, returning the PIN to be failed, and if the PIN is successfully solved, performing the next operation.
Further, the manner of generating MAC and PIN encryption is as follows:
MAC is calculated per message target ID: and acquiring the encryption mode of the target system according to the message target ID, and recalculating the MAC according to the encryption mode (international algorithm or national cryptographic algorithm) and the encryption key of the target system.
Recalculating the PIN by message target ID: and acquiring the encryption mode of the target system according to the message target ID, and regenerating the PIN according to the encryption mode (international algorithm or national cryptographic algorithm) and the encryption key of the target system, for example, calculating by using the plaintext + 2 nd field after the original PIN is decrypted.
Preferably, in the method for implementing access of a single unionpay system to multiple credit card systems, the method for writing the regenerated MAC and PIN encrypted message into the corresponding credit card communication module is as follows:
writing the regenerated MAC and PIN encrypted message into a credit card message processing pipeline of a corresponding credit card communication module,
and scanning the credit card message processing pipeline at variable time corresponding to the credit card communication module, and transmitting the scanned message required to be transmitted to the corresponding credit card system.
The mode of writing the message of regenerating MAC and PIN encryption into the Unionpay communication module is as follows:
writing the regenerated MAC and PIN encrypted message into a Unionpay message processing pipeline of the Unionpay communication module,
the unionpay communication module scans the unionpay message processing pipeline at variable time and transmits the scanned messages which need to be transmitted to the unionpay system.
Optionally, in the method for realizing the access of the single unionpay system to the plurality of credit card systems,
and the messages in the unionpay message processing pipeline and the credit card message processing pipeline are messages which have generated MAC and PIN encryption.
In one embodiment, the credit card communication module monitors a credit card message processing pipeline of the credit card module, packages the received message into ISO8583, then sends the message to a corresponding credit card system by adopting TCP short connection, unpacks the message into an IPC structure after receiving an ISO8583 message returned by the credit card system, sets a message target ID as a UnionPay, and writes the message source ID into the IPC structure to be written into a logic processing module ID.
In summary, in the method for realizing the access of a single unionpay system to a plurality of credit card systems provided by the invention, the unionpay communication module and the credit card communication module are used as transmission channels, and the logic processing module is used as an intermediate processing means, so that the purpose that a bank only accesses one credit card institution number and still can access a plurality of credit card systems is realized, and the card issuing service capability of the bank credit cards is expanded.
The above description is only a preferred embodiment of the present invention, and does not limit the present invention in any way. It will be understood by those skilled in the art that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (10)

1. A method for realizing access of a single unionpay system to a plurality of credit card systems is characterized by comprising the following steps:
establishing three modules which are respectively: the system comprises a Unionpay communication module, a credit card communication module and a logic processing module;
independently starting the logic processing module to receive messages;
judging the route of the received message;
if the source of the received message is the Unionpay communication module, carrying out MAC check and PIN decryption on the received message according to a secret key and an encryption mode which are agreed with the Unionpay system, carrying out regeneration MAC and PIN encryption operation on the decrypted message according to the secret key and the encryption mode which are agreed with the corresponding credit card system, and writing the regenerated MAC and PIN encrypted message into the corresponding credit card communication module;
if the source of the received message is the credit card communication module, MAC verification and PIN decryption are carried out on the received message according to the secret key and the encryption mode which are agreed with the credit card system corresponding to the credit card communication module, MAC and PIN encryption operation is carried out on the decrypted message according to the secret key and the encryption mode which are agreed with the Unionpay system, and the message which is encrypted by the regenerated MAC and PIN is written into the Unionpay communication module.
2. The method of enabling a single union pay system to access multiple credit card systems of claim 1,
the Unionpay communication module is in communication butt joint with the Unionpay system and comprises a Unionpay message processing pipeline;
each credit card communication module is in communication butt joint with each credit card system respectively, and each credit card communication module comprises a credit card message processing pipeline;
and the logic processing module is used for realizing the message exchange between the Unionpay communication module and the credit card communication module.
3. The method of enabling a single union pay system to access multiple credit card systems of claim 2,
the Unionpay communication module receives the message of the Unionpay system and writes the received message into the Unionpay message processing pipeline;
and the credit card communication module receives the information of the credit card system and writes the received information into a credit card information processing pipeline.
4. A method for enabling a single union pay system to access multiple credit card systems as claimed in claim 3, wherein the means for receiving messages and determining the routing of the received messages comprises the steps of:
the logic processing module scans the unionpay message processing pipeline and the credit card message processing pipeline at variable time, and receives messages if messages which are not transmitted by the logic processing module appear;
and the logic processing module judges that the source of the received message is a Unionpay communication module or a credit card communication module according to the 5 th field of the message header of the received message.
5. The method of enabling a single union pay system to access multiple credit card systems of claim 4,
if the source of the received message is the Unionpay communication module, the first 6 bits or the first 8 bits in the 2 nd domain of the message body are judged to obtain a credit card communication module corresponding to the received message.
6. The method of claim 1, wherein performing MAC checksum PIN decryption comprises the steps of:
carrying out MAC verification, and carrying out PIN decryption if the verification is successful; and if the verification fails, the PIN decryption is not continuously carried out, and the Unionpay MAC verification failure is returned to the Unionpay communication module or the credit card MAC verification failure is returned to the credit card communication module which sends the message.
7. The method of claim 1, wherein the MAC check comprises the steps of:
calculating and generating a message authentication block according to the type of the received message;
the MAC is calculated based on the agreed key and the message authentication block,
and comparing and calculating to obtain the MAC and the MAC in the received message, if the MAC is consistent with the MAC in the received message, successfully verifying, and otherwise, failing to verify.
8. The method of claim 2 for enabling a single union pay system to access multiple credit card systems, wherein the writing of the regenerated MAC and PIN encrypted messages to the corresponding credit card communication modules is performed by:
writing the regenerated MAC and PIN encrypted message into a credit card message processing pipeline of a corresponding credit card communication module,
and scanning the credit card message processing pipeline at variable time corresponding to the credit card communication module, and transmitting the scanned message required to be transmitted to the corresponding credit card system.
9. The method of claim 2 for enabling a single union pay system to access multiple credit card systems, wherein the regenerated MAC and PIN encrypted messages are written to the union pay communication module as follows:
writing the regenerated MAC and PIN encrypted message into a Unionpay message processing pipeline of the Unionpay communication module,
the unionpay communication module scans the unionpay message processing pipeline at variable time and transmits the scanned messages which need to be transmitted to the unionpay system.
10. The method of enabling a single union pay system to access multiple credit card systems of claim 2,
and the messages in the unionpay message processing pipeline and the credit card message processing pipeline are messages which have generated MAC and PIN encryption.
CN202010648148.1A 2020-07-07 2020-07-07 Method for realizing access of single UnionPay system to multiple credit card systems Active CN111835749B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010648148.1A CN111835749B (en) 2020-07-07 2020-07-07 Method for realizing access of single UnionPay system to multiple credit card systems

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010648148.1A CN111835749B (en) 2020-07-07 2020-07-07 Method for realizing access of single UnionPay system to multiple credit card systems

Publications (2)

Publication Number Publication Date
CN111835749A true CN111835749A (en) 2020-10-27
CN111835749B CN111835749B (en) 2022-09-02

Family

ID=72900441

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010648148.1A Active CN111835749B (en) 2020-07-07 2020-07-07 Method for realizing access of single UnionPay system to multiple credit card systems

Country Status (1)

Country Link
CN (1) CN111835749B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113536335A (en) * 2021-06-11 2021-10-22 上海胡桃网络科技有限公司 Payment system state cryptographic algorithm dynamic updating method

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1334541A (en) * 2001-09-03 2002-02-06 何长杰 Method and system for procesisng different bank cards
US20050065877A1 (en) * 2003-09-23 2005-03-24 Cleary Michael J. Method and system for distribution of unactivated bank account cards
CN101276447A (en) * 2007-03-29 2008-10-01 黄金富 Payment system and method of electronic purse capable of loading multiple credit card and debit card
CN101853453A (en) * 2009-04-03 2010-10-06 中兴通讯股份有限公司 System and method for realizing mobile payment
CN102890810A (en) * 2004-08-31 2013-01-23 ***股份有限公司 Novel bank card transaction exchange system
US20140297435A1 (en) * 2013-03-28 2014-10-02 Hoiling Angel WONG Bank card secured payment system and method using real-time communication technology
US20140358777A1 (en) * 2013-05-31 2014-12-04 How Kiap Gueh Method for secure atm transactions using a portable device
US9037865B1 (en) * 2013-03-04 2015-05-19 Ca, Inc. Method and system to securely send secrets to users
US20170364911A1 (en) * 2014-12-12 2017-12-21 Cryptomathic Ltd Systems and method for enabling secure transaction
CN107516204A (en) * 2017-08-31 2017-12-26 四川长虹电器股份有限公司 Internet bank docking system and docking calculation
WO2018096559A1 (en) * 2016-11-22 2018-05-31 Ezetap Mobile Solutions Pvt. Ltd. System and method for translation and authentication of secure pin and sensitive data
CN108431843A (en) * 2016-11-30 2018-08-21 华为技术有限公司 A kind of transaction processing method and device
CN108537520A (en) * 2017-03-03 2018-09-14 银联数据服务有限公司 A kind of method and apparatus of access Third-party payment transaction
CN109246188A (en) * 2018-08-03 2019-01-18 银联数据服务有限公司 A method of supporting the system traded by all kinds of means and by all kinds of means trading processing
US20190347630A1 (en) * 2017-01-05 2019-11-14 Shikhar Gahlaut System and method for conducting electronic transactions through personal electronic transaction card
CN111160902A (en) * 2013-12-02 2020-05-15 万事达卡国际股份有限公司 Method and system for secure delivery of remote notification service messages to mobile devices without secure elements

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1334541A (en) * 2001-09-03 2002-02-06 何长杰 Method and system for procesisng different bank cards
US20050065877A1 (en) * 2003-09-23 2005-03-24 Cleary Michael J. Method and system for distribution of unactivated bank account cards
CN102890810A (en) * 2004-08-31 2013-01-23 ***股份有限公司 Novel bank card transaction exchange system
CN101276447A (en) * 2007-03-29 2008-10-01 黄金富 Payment system and method of electronic purse capable of loading multiple credit card and debit card
CN101853453A (en) * 2009-04-03 2010-10-06 中兴通讯股份有限公司 System and method for realizing mobile payment
US9037865B1 (en) * 2013-03-04 2015-05-19 Ca, Inc. Method and system to securely send secrets to users
US20140297435A1 (en) * 2013-03-28 2014-10-02 Hoiling Angel WONG Bank card secured payment system and method using real-time communication technology
US20140358777A1 (en) * 2013-05-31 2014-12-04 How Kiap Gueh Method for secure atm transactions using a portable device
CN111160902A (en) * 2013-12-02 2020-05-15 万事达卡国际股份有限公司 Method and system for secure delivery of remote notification service messages to mobile devices without secure elements
US20170364911A1 (en) * 2014-12-12 2017-12-21 Cryptomathic Ltd Systems and method for enabling secure transaction
WO2018096559A1 (en) * 2016-11-22 2018-05-31 Ezetap Mobile Solutions Pvt. Ltd. System and method for translation and authentication of secure pin and sensitive data
CN108431843A (en) * 2016-11-30 2018-08-21 华为技术有限公司 A kind of transaction processing method and device
US20190347630A1 (en) * 2017-01-05 2019-11-14 Shikhar Gahlaut System and method for conducting electronic transactions through personal electronic transaction card
CN108537520A (en) * 2017-03-03 2018-09-14 银联数据服务有限公司 A kind of method and apparatus of access Third-party payment transaction
CN107516204A (en) * 2017-08-31 2017-12-26 四川长虹电器股份有限公司 Internet bank docking system and docking calculation
CN109246188A (en) * 2018-08-03 2019-01-18 银联数据服务有限公司 A method of supporting the system traded by all kinds of means and by all kinds of means trading processing

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113536335A (en) * 2021-06-11 2021-10-22 上海胡桃网络科技有限公司 Payment system state cryptographic algorithm dynamic updating method
CN113536335B (en) * 2021-06-11 2024-07-09 上海胡桃网络科技有限公司 Dynamic updating method for national cryptographic algorithm of payment system

Also Published As

Publication number Publication date
CN111835749B (en) 2022-09-02

Similar Documents

Publication Publication Date Title
US10666428B2 (en) Efficient methods for protecting identity in authenticated transmissions
CN107240017B (en) Block chain transaction management system and method
EP0292790B1 (en) Controlling the use of cryptographic keys via generating station established control values
AU2015277000C1 (en) Efficient methods for authenticated communication
US20200127825A1 (en) Revocation of cryptographic keys in the absence of a trusted central authority
EP3324355B1 (en) Contract agreement method, agreement verification method, contract agreement system, agreement verification device, contract agreement device, contract agreement program and agreement verification program
US7073066B1 (en) Offloading cryptographic processing from an access point to an access point server using Otway-Rees key distribution
KR102205654B1 (en) Authentication method in a distributed circumstance
CN117579281A (en) Method and system for ownership verification using blockchain
CN107040369A (en) Data transmission method, apparatus and system
US7386705B2 (en) Method for allocating processor resources and system for encrypting data
CN107682364B (en) A kind of license chain privacy method of commerce
CN106301769A (en) Quantum key output intent, storage consistency verification method, Apparatus and system
US10142119B2 (en) Communication method and apparatus using changing destination and return destination ID's
JPH09116534A (en) Security level controller and network communication system
JPH118620A (en) System and method for efficiently executing authentication of communication channel and facilitating detection of illegal forgery
CN113095826B (en) Hidden communication method and system based on block chain multi-signature
CN102236939B (en) Access method for radio frequency communication with low-frequency magnetic communication
US12021869B2 (en) Embedding credentials in network addresses
CN111835749B (en) Method for realizing access of single UnionPay system to multiple credit card systems
CN116757698B (en) Encryption method and system for improving payment security performance
US20230027010A1 (en) Secret code verification protocol
CN106301771B (en) A kind of data transmission encryption device realized based on EMMC interface
CN113411347B (en) Transaction message processing method and processing device
KR20200134187A (en) Authentication method in a distributed circumstance

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant