CN203708493U - Mobile terminal and terminal bank-business security certification system - Google Patents
Mobile terminal and terminal bank-business security certification system Download PDFInfo
- Publication number
- CN203708493U CN203708493U CN201220143754.9U CN201220143754U CN203708493U CN 203708493 U CN203708493 U CN 203708493U CN 201220143754 U CN201220143754 U CN 201220143754U CN 203708493 U CN203708493 U CN 203708493U
- Authority
- CN
- China
- Prior art keywords
- card
- information
- security information
- bank
- mobile
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The utility model provides a mobile terminal and a terminal bank-business security certification system. The mobile terminal comprises a communication part, an IC card slot, an IC card reader, an SIM card reader, an IC card security information verification chip, a data transmitter, a data receiver, and a microcontroller. The IC card slot is disposed on a side surface of the mobile terminal and used for inserting a bank IC card. The IC card reader is used for reading the security information of the bank IC card inserted into a mobile phone. The SIM card reader is used for reading the information of an SIM card of the mobile phone. The IC card security information verification chip is used for the verification of the security information of an IC card. The data transmitter is used for transmitting the security information of the IC card and the information of the SIM card to a background according to a selected mobile banking business after the successful verification of the security information of the IC card. The data receiver is used for receiving the security and business information, which is transmitted by the background and corresponding to the mobile banking business, so as to complete the mobile banking business according to the security and business information corresponding to the mobile banking business.
Description
Technical field
The utility model relates to mobile network security fields, particularly, relates to a kind of mobile terminal and terminal banking security certification system.
Background technology
Mobile banking is the extension of Web bank, and after Ye Shiji Web bank, telephone bank, another facilitates the financial business method of service of bank-user, has the title of " stored value card next to the skin ".Mobile banking has not only extended the service time of bank, has also expanded bank service scope, and still, this has also caused the worry of a lot of secure contexts.
First, the confidentiality of wireless communication is uncontrollable for bank, and wireless communication data is is easily intercepted and captured and cracked by malice.Because mobile phone itself does not possess data encryption feature, in client inputs account and password login Mobile banking on mobile phone, account and code data cause customer capital loss because do not have encryption easily maliciously to be intercepted in the time of wireless transmission; Secondly, now along with the function of smart mobile phone strengthens gradually, virus and wooden horse for smart mobile phone are also more and more, if client's mobile phone is implanted trojan horse program by hacker or Transaction Information message is monitored and smell spy, logon name and login password are easy to be intercepted and captured and steal, do not having under the participation of the medium in kind such as bankbook or card so, hacker can log on banking system and carry out inquiry and the operation of customer information and accounts information etc., and therefore the business of Mobile banking is to have certain security risk.
In addition; when user uses the ordinary terminal (as ATM etc.) of bank; after often occurring inserting bank card, bank card password is got a glimpse of by people; after causing card to be lost, cause very large loss, the cryptosecurity that how to utilize existing equipment and media protection holder is also that financial industry needs the problem solving always.
Utility model content
The main purpose of the utility model embodiment is to provide a kind of mobile terminal and terminal banking security certification system, to solve the cryptosecurity problem of existing mobile banking service.
To achieve these goals, the utility model embodiment provides a kind of mobile terminal, described terminal comprises communications portion, display screen, described terminal also comprises: IC-card socket groove, IC-card card reader, SIM card card reader, IC-card security information proofing chip, data source, data sink, and microcontroller, wherein, described microcontroller respectively with described IC-card socket groove, IC-card card reader, SIM card card reader, IC-card security information proofing chip, data source, data sink connects, IC-card socket groove, be arranged at described mobile terminal side, be used for inserting bank IC card, IC-card card reader, for reading the IC-card security information of the bank IC card that inserts mobile phone, SIM card card reader, for reading the SIM card information of described mobile phone, IC-card security information proofing chip, verifies for the IC-card security information to described, data source, after being proved to be successful, is sent to backstage according to the mobile banking service of selecting by described IC-card security information and SIM card information for the IC-card security information to described, data sink, for receive that described backstage sends with the corresponding security information of described mobile banking service and business information, with according to completing described mobile banking service with the corresponding security information of described mobile banking service and business information.
Described mobile banking application apparatus also comprises: mobile banking service selector, is connected with described microcontroller, for select described mobile banking service by predetermined way; Silent status arranges circuit, is connected, for being silent status by other function setting outside the basic telephone signal receiving function of described mobile phone and basic network communication function with described microcontroller.
Described IC-card security information proofing chip specifically for: the key information of described IC-card security information and described mobile phone storage is verified; Mate with described key information if the result is described IC-card security information, represent described IC-card security information to be proved to be successful.
What mobile banking service information receiving unit received at least comprises with the corresponding security information of described mobile banking service: the effective time of random cipher and described random cipher.
The utility model embodiment also provides a kind of terminal banking security certification system, described system comprises above-mentioned terminal, bank IC card, bank backstage, Mobile banking's server, communication between described terminal, bank backstage, Mobile banking's server is used session key, wherein, described bank backstage comprises: end message authentication unit, verify for described IC-card security information and SIM card information; Mobile banking service information transmitting unit, after the IC-card security information to described and SIM card Information Authentication success, transmission and the corresponding security information of described mobile banking service and business information are to described terminal; Described Mobile banking server completes described mobile banking service according to the corresponding security information of described mobile banking service and business information.
By means of technique scheme one of at least, after the bank IC card that inserts mobile phone is verified, IC-card security information and SIM card information are sent to backstage, after backstage is to IC-card security information and SIM card Information Authentication success, backstage sends and the corresponding security information of mobile banking service and business information, with the mobile banking service that gone to bank at cellular network, like this, by increasing bank IC card and the checking to bank IC card, increase the fail safe of mobile phone Internet-based banking services.
Accompanying drawing explanation
In order to be illustrated more clearly in the utility model embodiment or technical scheme of the prior art, below the accompanying drawing of required use during embodiment is described is briefly described, apparently, accompanying drawing in the following describes is only embodiment more of the present utility model, for those of ordinary skills, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is according to the flow chart of the terminal banking safety certifying method of the utility model embodiment;
Fig. 2 is according to the structured flowchart of the mobile terminal of the utility model embodiment;
Fig. 3 is according to the structured flowchart of mobile banking's application apparatus 2 of the utility model embodiment;
Fig. 4 is according to the concrete structure block diagram of mobile banking's application apparatus 2 of the utility model embodiment;
Fig. 5 is according to the outside drawing of the mobile terminal of the utility model embodiment;
Fig. 6 a, 6b are the internal logic structure schematic diagrames according to the mobile terminal of the utility model embodiment;
Fig. 7 is according to the structured flowchart of the terminal banking security certification system of the utility model embodiment;
Fig. 8 is according to the structured flowchart on the bank backstage 73 of the utility model embodiment;
Fig. 9 is according to the configuration diagram of the terminal banking security certification system of the utility model embodiment;
Figure 10 is according to the terminal banking security certification system of the utility model embodiment operational flowchart of transferring accounts;
Figure 11 is the flow process that realizes ATM enchashment according to the terminal banking security certification system of the utility model embodiment.
Embodiment
Below in conjunction with the accompanying drawing in the utility model embodiment, the technical scheme in the utility model embodiment is clearly and completely described, obviously, described embodiment is only the utility model part embodiment, rather than whole embodiment.Based on the embodiment in the utility model, those of ordinary skills are not making the every other embodiment obtaining under creative work prerequisite, all belong to the scope of the utility model protection.
In order to address the above problem, the utility model embodiment provides a kind of terminal banking safety certifying method, mobile terminal and system.Below in conjunction with accompanying drawing, the utility model is elaborated.
Embodiment mono-
The utility model embodiment provides a kind of terminal banking safety certifying method, and as shown in Figure 1, the method comprises:
Step 101, obtains the IC-card security information of bank IC card and the SIM card information of mobile phone of inserting mobile phone;
Step 102, verifies IC-card security information;
Step 103, after IC-card security information is proved to be successful, is sent to backstage according to the mobile banking service of selecting by IC-card security information and SIM card information;
Step 104, backstage is verified IC-card security information and SIM card information;
Step 105, after backstage is to IC-card security information and SIM card Information Authentication success, backstage transmission and the corresponding security information of mobile banking service and business information are to terminal;
Step 106, completes mobile banking service according to the corresponding security information of mobile banking service and business information.
After the bank IC card that inserts mobile phone is verified, IC-card security information and SIM card information are sent to backstage, after backstage is to IC-card security information and SIM card Information Authentication success, backstage sends and the corresponding security information of mobile banking service and business information, with the mobile banking service that gone to bank at cellular network, like this, by increasing bank IC card and the checking to bank IC card, increase the fail safe of mobile phone Internet-based banking services, than prior art, by the utility model embodiment, the fail safe of Internet-based banking services is better.
Above-mentioned bank IC card is the IC-card mating with this mobile phone.
After bank IC card is inserted into mobile phone, select in the following way mobile banking service: first, select mobile banking service by predetermined way; Afterwards, be silent status by other function setting outside the basic telephone signal receiving function of mobile phone and basic network communication function.
Particularly, in the time that bank IC card inserts mobile phone, whether mobile phone page prompts enters safe mobile phone Bank application, and the predetermined way of confirmation can be long by dial key, treat that the mobile phone page occurs that Mobile banking's application welcome page represents to enter Bank application, user can select mobile banking service.Preferably, for safety, safe mobile phone Bank application can only can use this kind of mode to enter, and in other application of application start period mobile phone, except basic telephone signal receiving function and basic network communication function reservation operation, other functions are applied all in silent status.If there is incoming call prompting, and select to receive calls, safe mobile phone Bank application will automatically be closed and exit, and after end of conversation, user need login again.
Above-mentioned IC-card security information is verified and comprised: the key information of IC-card security information and mobile phone storage is verified; Mate with key information if the result is IC-card security information, represent IC-card security information to be proved to be successful.
Backstage is verified and is comprised IC-card security information and SIM card information: judge whether IC-card security information and SIM card information are binding relationship; If so, represent IC-card security information and SIM card Information Authentication success.
After IC-card security information and SIM card Information Authentication success, what backstage sent at least comprises with the corresponding security information of mobile banking service: the effective time of random cipher and described random cipher.If random cipher does not correctly use within effective time, this random cipher lost efficacy.
Authentication to bank IC card and SIM card of checking by above-mentioned mobile phone to bank IC card, backstage and have the random cipher of effective time, can further improve the fail safe of mobile banking service.
Embodiment bis-
The utility model embodiment also provides a kind of mobile terminal, is preferably used for realizing the above embodiments one.As shown in Figure 2, this terminal comprises communications portion 1 and mobile banking's application apparatus 2.
As shown in Figure 3, this mobile banking's application apparatus 2 comprises: IC-card socket groove 21 (not shown), IC-card card reader 22, SIM card card reader 23, IC-card security information proofing chip 24, data source 25, data sink 26 and microcontroller 27, wherein, microcontroller is connected with IC-card card reader, SIM card card reader, IC-card security information proofing chip, data source, data sink respectively
IC-card socket groove 21, is arranged at mobile terminal side, for inserting bank IC card;
IC-card card reader 22, for obtaining the IC-card security information of the bank IC card that inserts mobile phone;
SIM card card reader 23, for obtaining the SIM card information of mobile phone;
IC-card security information proofing chip 24, for verifying IC-card security information;
Data source 25, for after IC-card security information is proved to be successful, is sent to backstage according to the mobile banking service of selecting by IC-card security information and SIM card information;
Data sink 26, for receive backstage send with the corresponding security information of mobile banking service and business information so that user is according to completing mobile banking service with the corresponding security information of mobile banking service and business information.
Can be found out by above description, after the bank IC card of insertion mobile phone being verified by IC-card security information proofing chip, IC-card security information and SIM card information are sent to backstage by data source, after backstage is to IC-card security information and SIM card Information Authentication success, data sink receives backstage and sends and the corresponding security information of mobile banking service and business information, with the mobile banking service that gone to bank at cellular network, like this, by increasing bank IC card and the checking to bank IC card, increase the fail safe of mobile phone Internet-based banking services, than prior art, by the utility model embodiment, the fail safe of Internet-based banking services is better.
As shown in Figure 4, above-mentioned mobile banking application apparatus also comprises:
Mobile banking service selector 28, is connected with microcontroller, for selecting mobile banking service by predetermined way;
Silent status arranges circuit 29, is connected, for being silent status by other function setting outside the basic telephone signal receiving function of mobile phone and basic network communication function with microcontroller.
Particularly, IC-card security information proofing chip 24 specifically for: the key information of IC-card security information and mobile phone storage is verified; Mate with key information if the result is IC-card security information, represent IC-card security information to be proved to be successful.
What data sink received at least comprises with the corresponding security information of mobile banking service: the effective time of random cipher and random cipher.
Below provide an example.
Fig. 5 is according to the outside drawing of the mobile terminal of the utility model embodiment, and as shown in Figure 5, this mobile terminal 51 comprises:
By responding to, touch screen, IC-card socket 511 form this mobile terminal, basic cell phone apparatus module, and this product support contact reads extraneous chip card 512; Touch screen is the input of major transaction information and the output device of transaction results, and product support mobile banking demand can realize the functions such as cell phone network is checked account, transferred accounts, remittance.
IC-card socket is placed in limit, mobile phone left side, and card read head is embedded on interior of mobile phone circuit board, for reading bank's card image.The application of embedded in mobile phone Mobile banking, this applies outside independent and intelligent mobile phone system, is preserved and is controlled by special chip, without the safety problem of worrying smart mobile phone wooden horse and so on, completes physics and the isolation of dual safety in logic.
Equipment is specified special key 513, for example multiplexing dial key, in the time of bank's intellective IC card interventional instrument, whether page prompts enters safe mobile phone Bank application, confirmation mode is pressed dial key for long, treats that the mobile phone page occurs that Mobile banking's application welcome page represents to enter Bank application.Safe mobile phone Bank application only can use this kind of mode to enter, and in other application of application start period mobile phone, except basic telephone signal receiving function and basic network communication function reservation operation, other functions are applied all in silent status.If there is incoming call prompting, and select to receive calls, safe mobile phone Bank application will automatically be closed and exit, and after end of conversation, user need login again.Can further improve like this fail safe of mobile banking service.
Fig. 6 a, 6b are the internal logic structure schematic diagrames according to the mobile terminal of the utility model embodiment, as shown in Fig. 6 a, 6b:
This mobile terminal is double circuit board, and positive (shown in Fig. 6 a) is B plate, and reverse side (shown in Fig. 6 b) is A plate.Wherein, B plate comprises touch screen display module 201, touch screen controller 202, A plate comprises that between SIM card draw-in groove 203, communication module 204, bank IC card draw-in groove 205, main control module 206, memory module 207, security module 208, supply module 209, two plates, using winding displacement to connect communicates by letter.
This mobile terminal is take basic mobile terminal as main body, increase the safe mobile phone Bank application function being independent of outside cell phone intelligent system, its module connects take main control module 206 as core, provide energy by supply module 209 for device, main control module 206 is controlled SIM card draw-in groove 203 and is obtained SIM card information, and realize mobile communication by communication module 204, connect memory module 207 and obtain intelligent system information and customer data.Main control module 206 is connected with touch screen controller 202 with B plate winding displacement by A plate winding displacement, by touch screen controller control touch screen display module 201 display system information, touch screen controller 202 also comprises that touch screen button feeds back to main control module 206 and processes user profile to accept user's basic operation.Main control module 206 is by connecting security module 208 Real-time Obtaining bank IC card groove 205 states, the information of whether inserting to obtain card, in the time meeting Mobile banking's application start condition, main control module is by the Mobile banking's application starting in security module 208, and intelligent mobile phone system and the related application thereof of mourning in silence in memory module 207, in order to guarantee the safe operation of Mobile banking's application.
Below describe above-mentioned module in detail.
Touch screen display module 201, is mainly used in the input of Transaction Information and the output device of transaction results, and user shows by touch screen, carries out phone operation or Net silver operation.
Touch screen controller 202, is mainly used in carrying out touch screen management and guarantees input message safety, and is responsible for processing special key startup safety network bank application function, completes the random switching of cell-phone function and mobile internet bank function.
SIM card draw-in groove 203, uses SIM card information for reading communication, realizes mobile communication function together with remote communication module, should support existing all mobile network's format analysis.
Communication module 204 for realizing mobile network communication, can complete mobile communication business together with SIM card.
Bank IC card draw-in groove 205; for this terminal and chip card communicates and the critical component of data transaction; can be associated with security module 208; be used for guaranteeing based on communicating by letter normally between bank's intellective IC card and terminal; obtain card certificate data, assisted the safe handling process in transaction and process of exchange.
Main control module 206, for the core of this termination function scheduling, possess software and the hardware configuration composition of operating system, the application program and the smart mobile phone application program that meet all kinds of passwords generation demands can be installed on to memory module 207, and switchable device pattern is to start safety network bank function.For realizing function of the present utility model, equipment bottom is hardware device and intelligent system platform, hardware components should possess the association's of encryption processing capacity and basic communications device required function, and issuing bank possesses absolute control authority to the safety network bank application on intelligent system platform; Possess trading processing application module in application layer, be responsible for application schedules and processing in the whole safety input device based on bank's intellective IC card in process of exchange.
Memory module 207, for the storage of support equipment extension application and provide large capacity storage space in order to place client personal document.
Security module 208, applies and realizes its encrypting and decrypting computing for storage security Net silver, and memory device certificate.This security module 208 is supported the basic cryptographic calculation such as RSA, DES, and can be according to the sensitive information of bank's demand storage area; Have safeguard function simultaneously, in the time running into malicious attack, can initiatively empty data and can not divulge a secret with assurance.In specific implementation process, this module also should meet following hsrdware requirements:
(1) unique sequence number;
(2) chip hardware fail safe obtains the authentication of EAL4 level;
(3) the anti-tamper design of chip, has the measure that prevents that SEMA/DEMA, SPA/DPA, DFA and sequential from attacking;
(4) data security storage, high-low pressure detects, height frequency detecting;
(5) real random number generator: utilize the electromagnetism white noise of chip internal to produce, can not repeat;
(6) hardware encipher coprocessor: internal hardware logical circuit is realized symmetry algorithm 3DES, and encryption/decryption speed is fast.
Supply module 209, provides equipment required electric power, is generally 3.7V3000mA lithium battery.
Embodiment tri-
The utility model embodiment also provides a kind of terminal banking security certification system, and this system preferably includes the mobile terminal in above-described embodiment two.As shown in Figure 7, this system comprises: mobile terminal 71, bank IC card 72, bank backstage 73, Mobile banking's server 74, wherein, the communication between mobile terminal, bank backstage, Mobile banking's server is used session key.
Wherein, as shown in Figure 8, bank backstage 73 comprises:
End message authentication unit 731, verifies for IC-card security information and SIM card information;
Mobile banking service information transmitting unit 732, for after to IC-card security information and SIM card Information Authentication success, sends with the corresponding security information of mobile banking service and business information to terminal.
Mobile banking's server completes mobile banking service according to the corresponding security information of mobile banking service and business information.
By bank backstage to inserting the bank IC card of mobile phone and the checking of SIM card information, and transmission and the corresponding security information of mobile banking service and business information, with the mobile banking service that gone to bank at cellular network, like this, by increasing bank IC card and the checking to bank IC card, increase the fail safe of mobile phone Internet-based banking services, than prior art, by the utility model embodiment, the fail safe of Internet-based banking services is better.
In practical operation, as shown in Figure 9, by chip card that holder holds (, above-mentioned bank IC card) 307, holder's hold is with the mobile terminal 306 of safety network bank application, stable mobile wireless network, receive user profile by mobile network service 305, and by secured communication channel independently 304 and mobile banking's background communication, between mobile network service 305 and secured communication channel 304, belong to and be closed with Network Communication in spider lines, mobile bank system is confirmed user identity by authentication module 303, then enter accounting processing module 302 and carry out Business Processing, in the time that needs use payment function, system also will provide payment authentication module 301 to compare to the accounts information of card user, to guarantee safety.
Figure 10 is that wherein, mobile terminal can be referring to Fig. 6 a, 6b according to the terminal banking security certification system of the utility model embodiment operational flowchart of transferring accounts, and its operating process is as follows:
Step 100, user inserts the card into bank IC card draw-in groove 205, long by Secure Application control button, touch screen controller 202 is crossed information exchange B plate winding displacement and conducts to the main control module 206 of A plate, main control module 206 starts the equipment moving Bank application in security module 208, and touch screen display module 201 points out user to require typing card to log in password;
Step 101, user by logging in password by 201 typings of touch screen display module under mobile banking's applied environment, and security module 208, by calling bank IC card draw-in groove 205, is sent check request to card;
Step 102, card carries out cryptographic check by personal identification number checking command, and by the built-in key of external authentication flow process comparison device security module 208, if success, carrying out internal authentication operation uses the built-in key of card to use 3DES calculating verification msg to send to equipment to verify, if all success, reads card certificate information and terminal certificate information, and produces signature value;
Step 103, communication module 204 is called the interior SIM card information realization of SIM card draw-in groove 203 wireless communication, information is sent to mobile network service, mobile network service is crossed Intranet cable network passage by information exchange and is submitted in secured communication channel, and the information that secured communication channel sends end message by private wire network ruton road again offers bank backstage;
Step 104, the information that the authentication module calibration equipment on bank backstage sends is also confirmed card and whether equipment is bound;
Step 105, if confirmed binding relationship, and after confirming that card and terminal certificate are correct, issue server signature information and server certificate information by uploading information channel, after terminal has been verified, send the session key being formed by 16 byte random numbers that produces of security module 208, and upload to mobile banking's background identity identification module and store, its subsequent communications is used session key to communicate protection, until user exits mobile banking's application;
Step 106, after consulting successfully, user selects the money transfer transactions input amount of money and other business information;
Step 107, security module 208 is obtained accounts information in IC-card by bank IC card draw-in groove 205, and uses the initialization operation of transferring accounts to obtain checking data and use session key to upload to mobile banking backstage by data transmission channel;
Step 108, mobile banking's background authentication checking data, if successfully Account Transaction History is transferred to security module 208 by session key protection, module is carried out the operation of transferring accounts, if transaction verification data upload mobile banking backstage is returned in success;
Step 109, checking data is verified on mobile banking backstage again, is shown in touch screen display module 201 if the successfully prompting of transferring accounts is returned in success;
Step 110, user checks Transaction Information, clicks and confirms, closing the transaction on screen.
Figure 11 is the flow process that realizes ATM enchashment according to the terminal banking security certification system of the utility model embodiment, and as shown in figure 11, this flow process comprises:
Step 110, user inserts the card into 205 bank IC card draw-in grooves, long by Secure Application control button, 202 touch screen controllers are crossed information exchange B plate winding displacement and conduct to the main control module 206 of A plate, main control module 206 starts the equipment moving Bank application in security module 208, and 201 promptings of touch screen display module require typing card to log in password;
Step 111, user by logging in password by 201 typings of touch screen display module under mobile banking's applied environment, security module 208 is called bank IC card draw-in groove 205, and card is sent to check request, completes bank's backstage identifying procedure that Figure 10 describes after verification succeeds;
Step 112, successfully, after login, user selects operation item, selects ATM cryptographic service according to prompting, is sent to bank's backstage accounting processing module, and is confirmed whether to open this function by the request of guarded communication passage ATM cryptographic service;
Step 113, sends message if opened and informs terminal, and terminal shows interim password entry information on touch screen display module 201, and user confirms by touch screen;
Step 114, information is transmitted bank backstage by terminal, after bank's backstage payment authentication module comparison information, sends interim password, shows interim password on touch screen display module 201, and point out interim password maximum effective time;
Step 115, holder is inserted in bank card ATM terminal within effective time, selects enchashment function;
Step 116, holder is according to the interim password of prompting typing;
Step 117, ATM will send payment system on transaction data, and payment authentication module is carried out interim password legitimacy and is checked;
Step 118, after interim password is checked successfully, in the processing of withholing of backstage account system;
Step 119, ATM tells paper money according to the result of withholing, and closes the trade.
Above-mentioned interim password can be random 6 random numbers that generate in backstage, and effective time is set on backstage voluntarily, and guarantees that the random number of adjacent twice generation is inconsistent.
By the utility model embodiment, can solve the problem that uses mobile banking in mobile network environment, can meet SSL escape way and set up demand, meet following mobile bank system safety requirements, and having realized ATM password mobilism, the risk while having reduced ATM enchashment has also further guaranteed the safety of user's fund.
In sum, the utility model embodiment relies on mobile internet, take the key of bank IC card self and certificate as core, realizes SSL network service by the terminal certificate of binding, has solved holder's Verify Your Identity questions under mobile payment scene; By relying on the communication port of stability and safety, can also realize the function of ATM password dynamic-configuration, improve significantly the fail safe of people in the time carrying out the conventional use of bank card, substantially realize card theft protection function.
In the utility model, related application key and certificate are bank and independently control and protect, and fail safe and controllability are higher, therefore, have improved significantly the picket's function to fake equipment and card, can stop to a great extent the generation of fraud.
One of ordinary skill in the art will appreciate that all or part of step realizing in above-described embodiment method can carry out the hardware that instruction is relevant by program and complete, this program can be stored in a computer read/write memory medium, such as ROM/RAM, magnetic disc, CD etc.
Above-described specific embodiment; the purpose of this utility model, technical scheme and beneficial effect are further described; institute is understood that; the foregoing is only specific embodiment of the utility model; and be not used in limit protection range of the present utility model; all within spirit of the present utility model and principle, any modification of making, be equal to replacement, improvement etc., within all should being included in protection range of the present utility model.
Claims (4)
1. a mobile terminal, described mobile terminal comprises communications portion, display screen, it is characterized in that, described mobile terminal also comprises: IC-card socket groove, IC-card card reader, SIM card card reader, IC-card security information proofing chip, data source, data sink and microcontroller
Wherein, described microcontroller is connected with described IC-card card reader, SIM card card reader, IC-card security information proofing chip, data source, data sink respectively,
IC-card socket groove, is arranged at described mobile terminal side, for inserting bank IC card;
IC-card card reader, for reading the IC-card security information of the bank IC card that inserts mobile phone;
SIM card card reader, for reading the SIM card information of described mobile phone;
IC-card security information proofing chip, verifies for the IC-card security information to described;
Data source, after being proved to be successful, is sent to backstage according to the mobile banking service of selecting by described IC-card security information and SIM card information for the IC-card security information to described;
Data sink, for receive that described backstage sends with the corresponding security information of described mobile banking service and business information, with according to completing described mobile banking service with the corresponding security information of described mobile banking service and business information.
2. mobile terminal according to claim 1, is characterized in that, described mobile terminal also comprises:
Silent status arranges circuit, is connected, for being silent status by other function setting outside the basic telephone signal receiving function of described mobile phone and basic network communication function with described microcontroller.
3. mobile terminal according to claim 1, is characterized in that, described IC-card security information proofing chip specifically for:
The key information of described IC-card security information and described mobile phone storage is verified; Mate with described key information if the result is described IC-card security information, represent described IC-card security information to be proved to be successful.
4. a terminal banking security certification system, it is characterized in that, described system comprises: mobile terminal, bank IC card, bank backstage and Mobile banking's server, described mobile terminal comprises: IC-card socket groove, IC-card card reader, SIM card card reader, IC-card security information proofing chip, data source, data sink and microcontroller
Wherein, described microcontroller is connected with described IC-card card reader, SIM card card reader, IC-card security information proofing chip, data source, data sink respectively,
IC-card socket groove, is arranged at described mobile terminal side, for inserting bank IC card;
IC-card card reader, for reading the IC-card security information of the bank IC card that inserts mobile phone;
SIM card card reader, for reading the SIM card information of described mobile phone;
IC-card security information proofing chip, verifies for the IC-card security information to described;
Data source, after being proved to be successful, is sent to backstage according to the mobile banking service of selecting by described IC-card security information and SIM card information for the IC-card security information to described;
Data sink, for receive that described backstage sends with the corresponding security information of described mobile banking service and business information, with according to completing described mobile banking service with the corresponding security information of described mobile banking service and business information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201220143754.9U CN203708493U (en) | 2012-04-06 | 2012-04-06 | Mobile terminal and terminal bank-business security certification system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201220143754.9U CN203708493U (en) | 2012-04-06 | 2012-04-06 | Mobile terminal and terminal bank-business security certification system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN203708493U true CN203708493U (en) | 2014-07-09 |
Family
ID=51058868
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201220143754.9U Expired - Lifetime CN203708493U (en) | 2012-04-06 | 2012-04-06 | Mobile terminal and terminal bank-business security certification system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN203708493U (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104331999A (en) * | 2014-10-17 | 2015-02-04 | 中国农业银行股份有限公司四川省分行 | System and method for enabling mobile terminal to drive peripherals to finish payment and card writing, fund transferring and electronic cash redepositing of financial IC card |
| CN106355118A (en) * | 2016-08-31 | 2017-01-25 | 新智数字科技有限公司 | IC card reader |
| CN106570697A (en) * | 2016-10-31 | 2017-04-19 | 北京小米移动软件有限公司 | Mobile terminal payment verification method and device, and safety certificate tool |
-
2012
- 2012-04-06 CN CN201220143754.9U patent/CN203708493U/en not_active Expired - Lifetime
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104331999A (en) * | 2014-10-17 | 2015-02-04 | 中国农业银行股份有限公司四川省分行 | System and method for enabling mobile terminal to drive peripherals to finish payment and card writing, fund transferring and electronic cash redepositing of financial IC card |
| CN106355118A (en) * | 2016-08-31 | 2017-01-25 | 新智数字科技有限公司 | IC card reader |
| CN106570697A (en) * | 2016-10-31 | 2017-04-19 | 北京小米移动软件有限公司 | Mobile terminal payment verification method and device, and safety certificate tool |
| CN106570697B (en) * | 2016-10-31 | 2020-01-10 | 北京小米移动软件有限公司 | Mobile terminal payment verification method and device and security authentication tool |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101465019B (en) | Method and system for implementing network authentication | |
| US20160117673A1 (en) | System and method for secured transactions using mobile devices | |
| JP5562964B2 (en) | Contactless authentication system and method used for settlement | |
| US7788500B2 (en) | Biometric authentication device and terminal | |
| US20130226812A1 (en) | Cloud proxy secured mobile payments | |
| US20150142666A1 (en) | Authentication service | |
| CN100533459C (en) | Data safety reading method and safety storage apparatus thereof | |
| US20110103586A1 (en) | System, Method and Device To Authenticate Relationships By Electronic Means | |
| US20150142669A1 (en) | Virtual payment chipcard service | |
| CN102202300A (en) | System and method for dynamic password authentication based on dual channels | |
| US20150142667A1 (en) | Payment authorization system | |
| CN106169091B (en) | A kind of fiscard and its application method | |
| WO2007138469A2 (en) | Ic card with otp client | |
| CN102710611A (en) | Network security authentication method and system | |
| CN102665208B (en) | Mobile terminal, terminal banking safety certifying method and system | |
| CN203708493U (en) | Mobile terminal and terminal bank-business security certification system | |
| CN104320261A (en) | Method for achieving identity authentication through financial smart card, financial smart card and terminal | |
| KR101103189B1 (en) | System and Method for Issueing Public Certificate of Attestation using USIM Information and Recording Medium | |
| AU2022263770B2 (en) | Method for controlling a smart card | |
| EP4083825A1 (en) | Method for controlling a smart card | |
| US20240211929A1 (en) | Method for controlling a smart card | |
| KR102247450B1 (en) | Method for Providing Transacting Linked Authentication Code by using Near Field Communication | |
| KR102078319B1 (en) | Method for Processing Electronic Signature based on Universal Subscriber Identity Module at a Telegraph Operator | |
| KR102076313B1 (en) | Method for Processing Electronic Signature based on Universal Subscriber Identity Module of Mobile Device | |
| KR102149313B1 (en) | Method for Processing Electronic Signature based on Universal Subscriber Identity Module |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CU01 | Correction of utility model |
Correction item: Claims Correct: Documents submitted in July 16, 2014 False: Documents submitted in February 20, 2013 Number: 28 Page: Description Volume: 30 |
|
| CU03 | Publication of corrected utility model |
Correction item: Claims Correct: Documents submitted in July 16, 2014 False: Documents submitted in February 20, 2013 Number: 28 Volume: 30 |
|
| ERR | Gazette correction |
Free format text: CORRECT: CLAIMS; FROM: DOCUMENTS SUBMITTED ON FEBRUARY 20, 2013 TO: DOCUMENTS SUBMITTED ON JULY 16, 2014 |
|
| RECT | Rectification | ||
| CX01 | Expiry of patent term | ||
| CX01 | Expiry of patent term |
Granted publication date: 20140709 |