1220496 玖、發明說明: 【發明所屬之技術領域】 本發明是有關於一種金融交易系統,特別是有關於一 種利用終端機(terminal)與智慧卡(smart card)來進行金融交 5 易,並具備有分散式處理架構之金融交易系統。 【先前技術】 智慧卡即是-晶片卡(IC card),是在一張***大小的 塑膠卡片上内嵌-積體電路晶片,除了具備有記憶儲存功 能以外,更可以進行資料的處理、計算等功能,由於其安 10 辣與功能性相較於以往的磁條式卡片為佳,因此已逐漸 被廣泛地應用在例如電計、儲值卡,個人身份認證卡等 各式卡片上。特別是在金融交易系統中,一般商家常是利 用終端機(或稱讀卡機)來讀取智慧卡上的資料,以便進行金 錢的交易以及資料的記錄等動作。 15 在以往的金融交易系統架構中,由於智慧卡上僅具備 有個人的基本認證資料,因此是以終端機作為主角(刪叫 ,並在其中建置許多不同功能的應用程式,以便利用每一 應用式來取得智慧卡上之資料後進行特定的計算與執行 力月b例如紅利積點、分期付款等,並在資料處理的過程 20 巾’透過遠端的主機進行個人身份的認證與查驗動作。然 上述杀構之缺點在於當商家欲進行新的促銷活動,或 疋=為需求提高,而需要進行應用程式的更新、升級時, 必而分別針對每一台終端機進行應用程式的更新,因此需 要耗費大量的時間與人力。 4 5 隨著智慧卡的逐漸演進,現今智慧卡上除了具有記 體來儲存個人基本認證資料外,更具有微處理器、卡片; 業系統(card 〇perating system,c〇SWx及非揮發性記憶體 ^•V0latile memory)等,因此亦可將多個應用程式安裝在 :慧卡上,並透過應用程式介面(Αρι)來與作業系統進行通 成’使得智慧卡本身猶如—小型電腦,故#智慧卡插設於 終端機中時,丨自身即能進行f料的計算與處理卫作。' 10 15 因此,以往「終端機」對「智慧卡」的主從(master_ slave)架構,已轉而由「智慧卡」對「終端機」的主從架構 ,換s之,終端機的角色變為智慧卡與遠端主機間的傳輸 介面,關於將智慧卡作為主動角色以及其相關的通訊協定 ,已揭露於美國專利第6,157,966號專利案中,在此不再贅 述。由於此種作法是將所有的應用程式皆安裝在智慧卡上 ,礙於智慧卡之儲存容量有限以及與作業系統間之相容性 等問題,因此程式的開發必需花費較長時間,且當應用程 式的大小逐漸增加時,更顯出其困擾。 【發明内容】 因此’本發明之目的在於提供一種便於應用程式開發 、撰寫’並容易進行應用程式之升級、更新的金融交易系 20 統。 於疋’本發明之金融交易系統之一較佳實施例主要包 含有一智慧卡與一終端機。該智慧卡具有一處理器,以及 複數供該處理器執行之應用程式,該終端機具有一以lS〇 7816協定與該等應用程式進行通訊之應用程式介面,該應 5 1220496 用程式介面能受使用者之控制 而選擇該等應用程式其中之 5 因此’在該較佳實施例中,本發明亦提供一種終端機 ”智慧卡間資料處理的方法,其步驟是:a)透過該終端機 之-應用程式介面選擇該等應用㈣其巾之—。透過該 終端機輸人-參數,以初純被擇定之該應難式。c)Z 被擇定之該應㈣式處理該參數,且該終端機處於一等待 狀態。D)由被敎之該應用程式所執行之—狀態回應訊息 至該終端機。E)該終端機依據該訊息執行特定功能。 15 本發明利用該應用程式介面來選擇該智慧卡上特定的 該應用程式後,並再利用該應用程式介面即把相關參數傳 送至已被擇定之應用程式,並等待應用㈣執行狀態的回 應,再依據應用程式回傳之運行狀態執行特定的功能,換 言之,本發明内容乃將有關加值服務的運算内容與過程(如紅 利積點的運算,特惠内容與贈品的運算決定…等等)放在智慧 卡的應用程式裡,而終端機的應用程式則只負責根據回傳值 判斷應命令終端機本身做何動作或者再次觸發智慧卡程式 做下一個運算。如此一來,資料處理的工作將被有效地分 20 散至終端機與智慧卡上,故不論終端機之應用程式介面或 冬慧卡上的應用程式,其程式開發、撰寫的時間大為縮短 ,進行程式更新、升級的動作時更可省卻大量時間。 【實施方式】 有關本發明之前述及其他技術内容、特點與功效,在 以下配合參考圖式之一較佳實施例的詳細說明中,將可清 6 1220496 楚的明白。 5 參閱圖1與圖2,本發明金融交易系統之較佳實施例包 含一智慧卡1、一終端機2,以及一遠端主機3。智慧卡1 具有一微處理器11、一隨機存取記憶體(RAM)12、一唯讀 記憶體(ROM)13、一非揮發性記憶體(non-violate memory) 14 、 ^片介面單元15,以及一加密模組(cryptographic module)16 〇 唯讀記憶體13中儲存有複數電腦程式碼,包含有卡片 作業系統(C0S)111(見圖 3)、JCRE(java card nmtime 10 15 environment),以及必要的驅動程式等等,可供微處理器n 加以捉取、執行。非揮發性記憶體14,例如EEPR0M,是 用來儲存應用程式113(見圖3)。卡片介面單元15則可以是 接觸式的介面,或是一近接式介面,或一無線介面等等 。本實施例中’卡片介面單元15即是指一接觸式介面,可 以直接與終端冑2相接觸,以進行資料或信號的傳遞。加 密模組16是用來執行加㈣輯演算,以提高金融交易的安 全性。 20 ,閱圖3’在本實施例中,由於智慧七中之電腦程式 碼是依據之規範,因此,其制程式⑴是 以—的型式存在’並透過應用程式介面 片作業系統⑴進行函數的呼叫等動作。卡 乍業以⑴之功能—般包含例如權案管理、輸入/輸出 (1/〇),以及安全性的管理與控制等等。此外,每一岸用程 是_彳卜㈣峨,㈣值、信用、紅利 7 1220496 積點計算等功能。 參閱圖4,終端機2具有一處理器21、一唯讀記憶體 22、一顯示器23、一第一介面單元24、一第二介面單元25 ,以及一輸入單元26。唯讀記憶體22中亦儲存有複數電腦 5 程式碼,可供處理器21執行以控制顯示器23以及其它週 邊。第一介面單元24是指一應用程式介面(API),是用來與 智慧卡1進行通訊,其遵循ISO 7816之協定,特別是, IS07816-3中定義了智慧卡1的電信號和傳輸協議,而 IS07816-4則定義了智慧卡1與外界交互的界面等,由於此 10 為國際標準,並為熟習此技者所能輕易了解者,故在此不 再贅述。 要說明的是,在ISO 7816-3的協定架構下,定義了 T=0與T=1兩種通訊方法,本實施例中,特別是指τ=〇的 非同步(asynchronous)、半雙工(half-duplex)與位元組導向 15 (byte oriented)的通訊標準。此外,ISO 7816-4亦定義了應 用程式資料單元(Application Protocol Data Unit,以下簡稱 APDU)。 參閱圖5,APDU是智慧卡1與終端機2間的資料通訊 格式,不論是從智慧卡1或終端機2發出的命令,或者是 20 回應訊息均稱為APDU,換言之,APDU包含了命令 (command)格式之APDU以及回應(response)格式的APDU 兩種,命令格式之APDU封包具有「CLA、INS、PI、P2、 Lc、Data Field及Le」欄位,而回應格式之APDU封包則 具有「Data Field、SW1及SW2」攔位。 1220496 在命令格式的APDU中,「CLA」是指class byte,是用 來識別命令的類別,「INS」是指instruction code,是用來 下達給予應用程式的指令,「P1」、「P2」分別是指第一、第 二個指令參數,「Lc」是說明下一欄位「Data Field」的長度 5 ,「Data field」是資料欄位,「Le」是回傳資料的長度。 在回應格式的APDU中,「Data Field」是回傳的資料攔 位,當然,若無需回傳資料,此欄即為空白,「SW1」與「 SW2」是指執行狀態參數(status word),可以藉此告知達行 的結果,例如成功、無錯誤(no error)、失敗…等等。 10 如下表所示,為一般常被使用之命令格式的APDU,第 一介面單元24即會透過這此命令來下達指令給智慧卡1, 以進行特定的功能,其中例如「Put Data」是用來將終端機 2所讀入的資料傳送至智慧卡1上,「Get Data」是用來將智 慧卡1上的資料讀出,「Select AID」是用來選擇應用程式 15 ,而「verify PIN」是用來進行個人識別碼(PIN)的認證…。1220496 发明 Description of the invention: [Technical field to which the invention belongs] The present invention relates to a financial transaction system, and more particularly to a financial transaction using a terminal and a smart card. Financial transaction system with decentralized processing architecture. [Prior technology] Smart card is an IC card, which is a chip integrated with a integrated circuit chip on a plastic card the size of a credit card. In addition to having a memory storage function, it can also process and calculate data. And other functions, because its security and functionality are better than previous magnetic stripe cards, it has gradually been widely used in various types of cards such as electricity meters, stored-value cards, personal identification cards and so on. Especially in financial transaction systems, general merchants often use terminals (or card readers) to read the data on smart cards in order to perform transactions such as money transactions and data recording. 15 In the previous financial transaction system architecture, since the smart card only had basic personal authentication information, the terminal was used as the protagonist (deleted, and many applications with different functions were built in order to use each Use the app to obtain specific data on the smart card and perform specific calculations and executions. For example, bonus points, installment payments, etc., and during the data processing process, perform personal identity authentication and verification through a remote host. However, the disadvantage of the above-mentioned killing structure is that when the merchant wants to carry out new promotional activities, or when the application needs to be updated and upgraded for the sake of increasing demand, the application must be updated for each terminal separately. Therefore, it takes a lot of time and manpower. 4 5 With the gradual evolution of smart cards, in addition to the memory on the smart card to store personal basic authentication information, the smart card also has a microprocessor, card; industry system (card 〇perating system) , 〇SWx and non-volatile memory ^ • V0latile memory), so you can also install multiple applications on: And through the application program interface (Αρι) to communicate with the operating system 'makes the smart card itself like a small computer, so when the #smart card is inserted in the terminal, it can calculate and process the data. 10 15 Therefore, in the past, the master-slave structure of the "smart card" to the "smart card" has been changed to the master-slave structure of the "smart card" to the "terminal", in other words, the terminal The role of the smart card becomes the transmission interface between the smart card and the remote host. The use of the smart card as the active role and its related communication protocols has been disclosed in US Patent No. 6,157,966 and will not be repeated here. This method is to install all applications on the smart card. Due to the limited storage capacity of the smart card and compatibility with the operating system, the development of the program must take a long time. When the size increases gradually, it will become more troubled. [Summary of the Invention] Therefore, the object of the present invention is to provide an application development and writing convenience and application Upgraded and updated financial transaction system 20. Yu's one preferred embodiment of the financial transaction system of the present invention mainly includes a smart card and a terminal. The smart card has a processor and a plurality of processors for the processor to execute Application program, the terminal has an application program interface that communicates with these applications using the ISO 7816 protocol. The application interface can be controlled by the user, and 5 of these applications can be selected. Therefore, ' In the preferred embodiment, the present invention also provides a method for processing data between smart cards on a terminal, the steps of which are: a) selecting these applications through the terminal's-application program interface-through The terminal loses input-parameters, which should be determined by the initial purity. c) Z is selected to process the parameter in the response mode, and the terminal is in a waiting state. D) The status response message executed by the app that was executed by the app to the terminal. E) The terminal performs a specific function according to the message. 15 The present invention uses the application program interface to select a specific application program on the smart card, and then uses the application program interface to transmit related parameters to the selected application program, and waits for a response from the application / executing state, Then perform specific functions according to the running status of the application. In other words, the content of the present invention is to calculate the content and process of value-added services (such as the calculation of bonus points, the calculation of special content and gifts ... etc.) In the application of the smart card, the application of the terminal is only responsible for judging what action the terminal should perform or trigger the smart card program to perform the next operation based on the return value. In this way, the data processing work will be effectively distributed to the terminal and the smart card. Therefore, regardless of the terminal's application program interface or the application on the Donghui card, the time for program development and writing is greatly reduced. , You can save a lot of time when performing program updates and upgrades. [Embodiment] The foregoing and other technical contents, features, and effects of the present invention will be clearly understood in the following detailed description of a preferred embodiment with reference to the accompanying drawings. 5 Referring to FIG. 1 and FIG. 2, the preferred embodiment of the financial transaction system of the present invention includes a smart card 1, a terminal 2 and a remote host 3. The smart card 1 has a microprocessor 11, a random access memory (RAM) 12, a read-only memory (ROM) 13, a non-violate memory 14 and a tablet interface unit 15 And a cryptographic module 16 〇 read-only memory 13 stores a plurality of computer code, including a card operating system (C0S) 111 (see Figure 3), JCRE (java card nmtime 10 15 environment), And necessary drivers and so on, which can be captured and executed by the microprocessor n. Non-volatile memory 14, such as EEPROM, is used to store application programs 113 (see Figure 3). The card interface unit 15 may be a contact interface, a proximity interface, or a wireless interface. In this embodiment, the 'card interface unit 15' refers to a contact interface, which can directly contact the terminal 胄 2 for data or signal transmission. The encryption module 16 is used to perform encryption calculations to improve the security of financial transactions. 20, see Figure 3 'In this embodiment, because the computer code in Wisdom Seven is based on the norms, its production program exists in the form of-and functions are performed through the application program interface operating system. Call and other actions. The card industry has functions such as rights management, input / output (1/0), and security management and control. In addition, the use of each bank is _ 彳 彳 Saga, value, credit, bonus 7 1220496 points calculation functions. Referring to FIG. 4, the terminal 2 has a processor 21, a read-only memory 22, a display 23, a first interface unit 24, a second interface unit 25, and an input unit 26. The read-only memory 22 also stores a plurality of computer 5 codes, which can be executed by the processor 21 to control the display 23 and other peripherals. The first interface unit 24 refers to an application program interface (API), which is used to communicate with the smart card 1. It follows the ISO 7816 agreement. In particular, IS07816-3 defines the electrical signals and transmission protocols of the smart card 1. IS07816-4 defines the interface between the smart card 1 and the outside world. Since this 10 is an international standard and can be easily understood by those skilled in the art, it will not be repeated here. It should be noted that under the protocol architecture of ISO 7816-3, two communication methods, T = 0 and T = 1, are defined. In this embodiment, specifically, asynchronous, half-duplex with τ = 0. (Half-duplex) and byte-oriented communication standards. In addition, ISO 7816-4 also defines the Application Protocol Data Unit (APDU). Referring to FIG. 5, APDU is a data communication format between smart card 1 and terminal 2. Whether it is a command issued from smart card 1 or terminal 2 or a 20 response message is called APDU. In other words, APDU contains commands ( APDU in command format and APDU in response format. APDU packets in command format have the fields "CLA, INS, PI, P2, Lc, Data Field, and Le", while APDU packets in response format have " Data Field, SW1 and SW2 ". 1220496 In the APDU of the command format, "CLA" refers to the class byte, which is used to identify the type of the command, "INS" refers to the instruction code, and is used to issue instructions to the application. "P1" and "P2" respectively It refers to the first and second command parameters. "Lc" is the length 5 of the next field "Data Field", "Data field" is the data field, and "Le" is the length of the returned data. In the response format APDU, "Data Field" is the data block for return. Of course, if there is no need to return data, this column is blank. "SW1" and "SW2" refer to the execution status parameter (status word). It can be used to inform the bank of the results, such as success, no error, failure ... and so on. 10 As shown in the following table, it is a commonly used command format APDU. The first interface unit 24 will issue instructions to the smart card 1 through this command to perform specific functions. For example, "Put Data" is used To transfer the data read by terminal 2 to smart card 1. "Get Data" is used to read the data on smart card 1. "Select AID" is used to select application 15 and "verify PIN" "Is used for personal identification number (PIN) authentication ...
Command Class INS PI P2 Lc Data Le Put Data 85 DB 00 or block number Tag or 00 Lgth Data - Get Data 85 CB 00 or block number Tag or 00 -or Lgth -or tags Lgth Select AID 00 A4 04 00 Lgth ADI - Update PIN 85 21 00 00 Lgth PIN - Verify PIN 85 8F 00 00 Lgth PIN - Get Response 00 CO 00 00 _ - Lgth Get Challenge 00 84 00 00 - - 08 External Authentication 00 82 00 00 08 Data - Internal Authentication 00 88 00 00 08 Rnd - Initiate Session 85 1A Terminal type Key number 08 or 10 Data 麵 9 1220496Command Class INS PI P2 Lc Data Le Put Data 85 DB 00 or block number Tag or 00 Lgth Data-Get Data 85 CB 00 or block number Tag or 00 -or Lgth -or tags Lgth Select AID 00 A4 04 00 Lgth ADI-Update PIN 85 21 00 00 Lgth PIN-Verify PIN 85 8F 00 00 Lgth PIN-Get Response 00 CO 00 00 _-Lgth Get Challenge 00 84 00 00--08 External Authentication 00 82 00 00 08 Data-Internal Authentication 00 88 00 00 08 Rnd-Initiate Session 85 1A Terminal type Key number 08 or 10 Data area 9 1220496
Set Status 85 F0 40 OF AID lgth AID - Put Key 85 D8 00 81 Lgth Data - Generate Diversified key 85 8E 00 Key Number 0A Cardho lder ID - Initialize Update 85 50 00 00 08 Data - External Authenticate 81 82 00 00 0A Data - 特別的是,除了上述的命令之外,本發明之第一介面 單元24另行定義了四個指令:「AOC—Display」、「 AOC一Getkey」、「AOC JPrint」、「AOC一GetPad」。這些指令只 有在智慧卡1上之應用程式113被選擇後,才能夠被執行, 5 其中,「AOC—Display」是能使得終端機2中之處理器21將 資料顯示在顯示器23上。「AOC_Getkey」是用來讀入輸入 單元26所輸入之資料。「AOC_Print」是使處理器21將資 料交由印表機4列印。「AOC_GetPad」用以將輸入資料加密 後再讀入。關於本段中各個指令的發送與執行,將在下文 10 中作進一步說明。 另一方面’第二介面單元25指的是用來與遠端主機3 進行通訊的網路介面單元,其遵循IS〇 8583的金融交易卡 訊息交換格式標準’此標準是用來便於遠端主機3對於廣 域網路中傳輸的***、現金卡、金融卡等交易訊息進行 15 監測、擷取和解碼等動作,由於此非本發明之重點,因此 不再贅述。輸入單元20則是指一控制面板,可供操作而選 擇終端機2所要進行的功能,例如開、關機、扣款…等動 作。 遠端主機3是透過一網路與終端機2相連線,例如網 際網路’但並不以此為限,遠端主機3亦包含許多後端處 10 20 1220496 理的應用程式以及一資料庫(圖未示),此資料庫中存有許多 使用者的個人資料,可供進行身份認證、比對,因此遠端 主機3可以依據終端機2所發出的要求進行後端處理,並 將結果回傳給終端機2。 5 10 參閱圖6,顯示的是終端機2上之第一介面單元24、 智慧卡1上的應用程式113,以及應用程式113執行後之各 個狀態三者間的相互關係,以下並配合圖7進行說明: 當進行金融交易時,例如一位女士講買了 一筆款項總 額為15GG元之物品’且目前她所消費的商店中,舉辦有特 殊的優惠活動,其特惠對象為:女性^婚姻狀態為已婚。 特惠内容為1「母親節」當日,消費_千元以下者,商 品六折優待’若消費一千元以上者,除商品六折優待之外 ’另贈送獎品'一個。 15 因此如步驟701,當店員將此智慧卡 20 插設入終端機, 後,終端機2會對智慧卡1進行認證動作,並同時得知知 慧卡1上的應用程式113,例如智慧卡^上現建置有三個^ 同的應隸式113,—個應用程式是「母親節」優惠活動的 應用程式、另—個應用程式是計算紅利積點的應用程式, 最後-個制程式収年終折扣的應_式,因此在顯示 态23上會顯示出三種應用程式113, 、 因此店員能透過終端機2上的輸入單元%來選擇 親節」特惠活動之應_式112,此時終端機2 面單元24即«命令格式之_ 應用程式⑴,在智慧卡1接収指令後,即會以回應^ 11 之APDU來進行回應。 5 在應用程式113被選擇後,第 ΑΡηττ社入仏 布"面早το 24即發出 APDU才曰令’詢問智慧卡1下一 丨^ 慧卡}之靡田 、為何。另一方面,在智 '、、 應用私式113被選擇後,即會操取針於决接上 之非揮性記憶1 14中的個人美太心操取館存於智慧卡1 是否符本#料,以確認卡友的身份 疋否付二於女性」以及「已婚」兩個條件。 接著,步驟702為—選擇性的步 式之徭,知“ ㈣性的步驟,在選擇完應用程 人^了一的動作’其目的是在避免不 10 入 - 貝枓的女全性。透過第一 "面早7L 24,智慧卡1上的加宗 > 么模、、且16會要求終端機2進Set Status 85 F0 40 OF AID lgth AID-Put Key 85 D8 00 81 Lgth Data-Generate Diversified key 85 8E 00 Key Number 0A Cardho lder ID-Initialize Update 85 50 00 00 08 Data-External Authenticate 81 82 00 00 0A Data- In particular, in addition to the above-mentioned commands, the first interface unit 24 of the present invention additionally defines four instructions: "AOC-Display", "AOC-Getkey", "AOC JPrint", and "AOC-GetPad". These instructions can be executed only after the application 113 on the smart card 1 is selected. 5 Among them, "AOC-Display" enables the processor 21 in the terminal 2 to display data on the display 23. "AOC_Getkey" is used to read in the data entered by the input unit 26. "AOC_Print" causes the processor 21 to hand over the data to the printer 4 for printing. "AOC_GetPad" is used to encrypt the input data before reading it in. The sending and execution of each instruction in this paragraph will be further explained in the following 10. On the other hand, the “second interface unit 25” refers to a network interface unit for communicating with the remote host 3, and it complies with the standard of the financial transaction card message exchange format of IS08583. This standard is used to facilitate the remote host 3 Perform monitoring, capture, and decoding of transaction information such as credit cards, cash cards, and financial cards transmitted over a wide area network. Since this is not the focus of the present invention, it will not be repeated here. The input unit 20 refers to a control panel, which can be operated to select functions to be performed by the terminal 2, such as turning on, turning off, debiting, etc. The remote host 3 is connected to the terminal 2 through a network, such as the Internet, but it is not limited to this. The remote host 3 also includes many back-end 10 20 1220496 applications and data. Database (not shown). This database stores the personal data of many users, which can be used for identity authentication and comparison. Therefore, the remote host 3 can perform back-end processing according to the requirements issued by the terminal 2. The result is transmitted back to terminal 2. 5 10 Refer to FIG. 6, which shows the relationship between the first interface unit 24 on the terminal 2, the application 113 on the smart card 1, and the various states after the application 113 is executed. Explanation: When conducting a financial transaction, for example, a lady talked about buying an item with a total amount of 15GG yuan ', and currently she has special promotions in the stores she consumes. The special object is: women ^ marital status Is married. The special content is 1 "Mother's Day", if you spend less than one thousand yuan, 40% off the merchandise. If you spend more than one thousand yuan, in addition to the 40% off the merchandise, you will get a bonus. 15 Therefore, in step 701, when the clerk inserts the smart card 20 into the terminal, the terminal 2 will perform an authentication action on the smart card 1, and at the same time, know the application 113 on the smart card 1, such as a smart card. There are three ^ same application types 113 on the ^, one application is an application for "Mother's Day" promotions, the other application is an application for calculating bonus points, and the last one is a program. The application of year-end discount is displayed, so three applications 113 are displayed on display state 23. Therefore, the store clerk can select the parent-child festival through the input unit% on the terminal 2 "Special event application 112", at this time the terminal The unit 2 of the machine 2 is the «application format of the command format". After the smart card 1 receives the command, it will respond with an APDU of ^ 11. 5 After the application 113 is selected, the ΑΡηττ company enters the distribution " face as early as το 24 and sends out an APDU before ordering 'to inquire about the smart card 1 next 丨 ^ smart card} and why. On the other hand, after the “Smart”, “Applied Private” 113 is selected, the personal beauty center in the non-volatile memory 1 14 will be used to determine whether it is stored in the smart card 1 or not. # 料 , Confirm the identity of the cardholder, whether to pay two women "and" married "two conditions. Next, step 702 is-the step of selective steps, knowing "the nature of the steps, after selecting the application, the action of the person is one step," the purpose of which is to avoid the inferiority of the female gender. The first " face 7L 24 as early as possible, plus Zong on smart card 1 > Mod mode, and 16 will require the terminal 2 to enter
仃識別碼的認證,當麩 A •… …在遇證的過程中’可以採用對稱 险或非對稱性的解密機制來進行。 15 在應用程式⑴已對使用者之身份進行確認後,確認使 用者符合於特惠活動所欲實施的對象,因此應用程式ιΐ3即 以回應格式之APDU進行回應,同時要求輸入消費金額, /驟703 ’當店員透過輸入單元26輸入交易金額^元後 ’此一資料即會藉由第一介面單% 24傳送至前述已被擇定 之應用程式113上,以進行應用程式113的初始化 20 (initialization),以及相關的計算、處理動作,如步驟7〇4, 〇 當然,若尚需其它資料,例如需要終端機2之唯讀記 憶體22中所存有之機型、地點資料,或是消費時間(由計時 器得知,圖未示)等資料,則智慧卡丨上之應用程式113會 再發出命令袼式之APDU,以便再由終端機2回傳所需的資 12 10 料至智慧卡1上,上述步驟會反覆進行,如步驟705,直至 此應用程式113已接收到所有需要的資料後,即會依據此應 用私式113所设定的規則,例如一定的消費總額、一定期間 的消費時間點、消費者之等級等,對於資料進行處理、計 算’若當資料達到一定條件後,即提供特定的優惠活動。 一在處理的過程中,如圖6所示,終端機2是處於等待 待應用程式113執行至程式編寫所設定之其中之-狀 、P回應目刖之執行狀態(status word)至終端機2,告 知終端機2下_步要執行的動作(例如輸人參數、列印或顯 不等等)’直至所有動作已被執行完畢為止。 步驟706亦是一選擇性的步驟,若在資料處理的過程 中三或是資料處理完成後,尚需進行身份的確認或是需要 _ 丁後端的處理,應用程式113可以利用APDU發出後端 15 處_要求給終端機2,終端機2即會將此要求以助㈣二 的協定傳送至遠端本嬙 式 機 當遠端主機3上的應用程 1 )進行處理後,再將結果回傳至終端機2,最後再 由終端機2以預宗从Ατ^ 联傻再 預疋的APDU回傳資料至智慧卡j。 步驟7〇7,當智禁 , 完畢後,㈣傳^慧卡上的制程式113已將資料處理 20 單元Μ上L U型式)至終端機2之第—介面 本實知例中,第一介面單元24之功处^ 能夠擷取輸入單元 恥,除了 卡!外,當知所輸人的資料以及將資料傳送至智慧 a,、 1之應用程式113將結果回傳後,第一入 面早疋24即將咨♦丨你 弟 乂丨 17將貝枓傳送至處理器21上,使 更侍處理盗21能 4不"23上’或是利用—外接於終端機 13 5 2之印表機4(如圖1所示)直接列印輸出。 上述終端機2與智慧卡丨間之資料處理與交遞,有別 、專綠上讀端機為主角的處理模式,亦 為主角的處理模式。換言之,傳統上以終端機為主=時, 所有的應隸式㈣置在終錢上,智慧卡僅作提供資料 =用。以智慧卡為主_,終端機僅回應智慧卡上應用程 :進行資料處理後之命令要求。根據前例,當終端機程式( 第-介面單元24)收到智慧卡! 一回傳值後,經過事先定好 =規則’仍然再次發出詢問智慧+ i下一步驟的Apmj命 4、要回傳值不是End 〇f Serviee,仍需繼續詢問智慧卡下 步驟)’智慧卡1收到這一命令後,經過内部運算,發現 還而輸入又易金額’於是將此訊息包含在回應# 裡 15 〜$機& A (;# -介面單元24)收到此回應值,經過事先定 好,規則,要求操作人員輸入交易金額並發出ApDU命令 將^易金額傳給智慧卡! ’智慧卡i收到這一命令後,經過 内P運开,兀成整個特惠服務,並於回應APDU中包含服務 ::及其他資訊(如特惠結果)的訊號;終端機程式(第一介面 單70 24)收到此_回傳值後,經過事先定好的規則,判讀回 20 傳值為服務中了及要求列印帳單,因此便發出命令要求終端 機動作。 本發明利用設置在終端機2上的第一介面單元24,當 认擇曰慧卡1上特定的應用程式113後,第一介面單元24 即把輸入單7〇 26所輸入的資料傳送至已被擇定之應用程式 113(第-介面單元24毋需了解資料代表的意義),並等待應 14 用耘式113執行狀態的回應,再依據應用程式u :狀態執行特定的功能,例如列印、顔示、提供進一= 規二!此終端*2上之程式僅需健存基本的狀態判別 10 15 ㈣’即疋依據智慧卡i之應用程式113的回傳值來判斷下 :步^,此步驟可能是_要求智慧卡丨之制程式ιΐ3進 仃運异’或疋使終端機2進行列印、顯示或上傳資料至 端主機3等功能,且終端機2程式是以應用程式介面的形 式存在於終端機上2’即第-介面單A 24。本發明内容乃 將有關加值服務的運算内容與過程(如紅利積點的運算,特惠 内容與贈品的運算決定."料)放在智慧卡的應用程式裡^ 終端機的應用程式則只負責根據回傳值判斷應命令終端機 本身做何動作或者再次觸發智慧卡程式做下一個運算。如 此一來,資料處理的工作將被有效地分散至終端機與智慧 卡上因此,不δΒβ終端機2之第一介面單元24或智慧卡1 上的應用程式113’其程式開發、撰寫的時間大為縮短,進 行程式更新、升級的動作時更可省卻大量時間,確實達到 本發明之目的。 20 惟以上所述者,僅為本發明之較佳實施例而已,當不 能以此限定本發明實施之範圍,即大凡依本發明申請專利 範圍及發明說明書内容所作之簡單的等效變化與修飾,皆 應仍屬本發明專利涵蓋之範圍内。 【圓式簡單說明】 圖1是一示意圖,說明本發明金融交易系統之一較佳 實施例; 15 1220496 圖2是一示意圖,說明該較佳實施例中之一智慧卡; 圖3是一示意圖,說明該智慧卡之軟體架構; 圖4是一示意圖,說明該較佳實施例中之一終端機; 圖5是一示意圖,說明APDU之資料格式; 5 圖6是一示意圖,說明本發明智慧卡與終端機間之資 料處理方法;以及 圖7是一流程圖,說明本發明智慧卡與終端機間之資 料處理方法的步驟。 16 1220496 【圖式之主要元件代表符號說明】 1 智慧卡 112 應用程式介面 2 終端機 113 應用程式 3 遠端主機 21 處理器 11 微處理器 22 唯讀記憶體 12 隨機存取記憶體 23 顯示器 13 唯讀記憶體 24 第一介面單元 14 非揮發性記憶體 25 第二介面單元 15 卡片介面單元 26 輸入單元 16 加密模組 701 〜707 步驟 111 卡片作業系統 17仃 Identification code authentication, when bran A…… in the process of getting a certificate ’, it can be performed using a symmetrical or asymmetric decryption mechanism. 15 After the application has confirmed the identity of the user, it is confirmed that the user meets the target of the special activity. Therefore, the application ιΐ3 responds with an APDU in the response format, and asks for the amount of consumption, / Step 703 'When the clerk enters the transaction amount ^ yuan through the input unit 26', this information will be transmitted to the previously selected application 113 through the first interface order% 24 to initialize the application 113 20 (initialization) , And related calculation and processing actions, such as step 704, 〇 Of course, if other data is needed, such as the model, location data, or consumption time (for example, the data stored in the read-only memory 22 of the terminal 2) Learned from the timer, not shown in the figure) and other information, the application 113 on the smart card will issue a command APDU again, so that the terminal 2 can return the required data 12 10 to the smart card 1 Above, the above steps will be repeated, such as step 705, until the application 113 has received all the required data, it will follow the rules set by the application private 113, such as a A certain amount of consumption, a certain period of time, the level of the consumer, etc., to process and calculate the data ’If the data reaches a certain condition, a specific preferential activity will be provided. First, in the process of processing, as shown in FIG. 6, the terminal 2 is waiting for the execution of the application program 113 to execute the status (status word) of the P response item to the terminal 2 , Tell the terminal 2 to perform the next _step actions (such as input parameters, print or display, etc.) 'until all actions have been performed. Step 706 is also an optional step. If during the data processing process or after the data processing is completed, identity verification or processing is required, the application program 113 can use the APDU to send back-end 15 The request is sent to the terminal 2 and the terminal 2 will send this request to the remote local device with the help of the second protocol. When the application 1 on the remote host 3 is processed, the result will be returned. To terminal 2 and finally, terminal 2 sends back the data from Aτ ^ to the smart card and sends it to the smart card j in advance. Step 707. When the smart ban is completed, the program 113 on the smart card has processed the data (20 units M on the LU type) to the 2nd interface of the terminal 2. In this example, the first interface The power of unit 24 ^ Can capture input unit shame, except for cards! In addition, once you know the data of the person you entered and send the data to Wisdom a, 1, application 113 returns the result, the first entry is as early as 24 咨 即将 丨 your brother 丨 17 will be sent to 枓On the processor 21, the attendant 21 can be printed on the printer 21 ("shown in Fig. 1") or directly using the printer 4 (shown in Fig. 1) externally connected to the terminal 13 5 2. The above-mentioned data processing and delivery between the terminal 2 and the smart card are different from the processing mode of the protagonist and the processing mode of the protagonist. In other words, when a terminal is traditionally used, all applications should be placed on the final money, and the smart card is only used to provide information. Smart card is the main method. The terminal only responds to the application program on the smart card: the command request after data processing. According to the previous example, when the terminal program (the-interface unit 24) receives the smart card! After returning the value, it is determined in advance = Rule 'Still sending the inquiry wisdom again + i The next step of Apmj is 4. If the return value is not End 〇f Serviee, you need to continue to inquire the next step of the smart card)' Smart card 1 After receiving this command, after internal calculations, it was found that the amount is still entered and easy to exchange, so this message is included in the response # 15 ~ $ 机 & A (; #-Interface unit 24) After receiving this response value, Defined in advance, the rules require the operator to enter the transaction amount and issue an ApDU command to pass the easy amount to the smart card! 'Smart card i received this order, and opened it by internal P, forming the entire preferential service, and in response to the APDU signal including service :: and other information (such as preferential results); terminal program (first interface Note 70 24) After receiving this _ return value, after pre-determined rules, it reads back that the 20 return value is in service and requires printing of the bill, so it issues an order to request the terminal to operate. In the present invention, the first interface unit 24 provided on the terminal 2 is used. When the specific application program 113 on the smart card 1 is selected, the first interface unit 24 transmits the data entered in the input form 7026 to the The selected application 113 (the-interface unit 24 does not need to know the meaning of the data), and waits for the response of the execution status of the application 113, and then performs specific functions according to the application u: status, such as printing, Appearance, provide advance one = rule two! The program on this terminal * 2 only needs to save the basic state judgment 10 15 ㈣ 'That is to judge based on the return value of the application 113 of the smart card i: step ^, this step may be _requiring a smart card 丨Make programs 3, run different, or make terminal 2 print, display, or upload data to terminal host 3 and other functions, and terminal 2 programs exist on the terminal 2 in the form of an application program interface. -Interface sheet A 24. The content of this invention is to put the calculation content and process of value-added services (such as the calculation of bonus points, the calculation of preferential content and gifts. &Quot; material) in the application of the smart card ^ The application of the terminal is only Responsible for judging what action the terminal itself should do or trigger the smart card program to do the next operation based on the return value. In this way, the data processing work will be effectively distributed to the terminal and the smart card. Therefore, it is not the first interface unit 24 of the δΒβ terminal 2 or the application program 113 'on the smart card 1. Its program development and writing time It is greatly shortened, and a lot of time can be saved when performing program update and upgrade operations, and the object of the present invention is indeed achieved. 20 However, the above are only the preferred embodiments of the present invention. When the scope of the present invention cannot be limited by this, that is, the simple equivalent changes and modifications made according to the scope of the patent application and the contents of the invention specification , All should still fall within the scope of the invention patent. [Circular brief description] Figure 1 is a schematic diagram illustrating a preferred embodiment of the financial transaction system of the present invention; 15 1220496 Figure 2 is a schematic diagram illustrating a smart card in the preferred embodiment; Figure 3 is a schematic diagram To illustrate the software architecture of the smart card; Figure 4 is a schematic diagram illustrating a terminal in the preferred embodiment; Figure 5 is a schematic diagram illustrating the data format of the APDU; 5 Figure 6 is a schematic diagram illustrating the wisdom of the present invention The data processing method between the card and the terminal; and FIG. 7 is a flowchart illustrating the steps of the data processing method between the smart card and the terminal of the present invention. 16 1220496 [Description of the main components of the diagram] 1 Smart card 112 Application program interface 2 Terminal 113 Application 3 Remote host 21 Processor 11 Microprocessor 22 Read-only memory 12 Random access memory 23 Display 13 Read-only memory 24 First interface unit 14 Non-volatile memory 25 Second interface unit 15 Card interface unit 26 Input unit 16 Encryption module 701 to 707 Step 111 Card operating system 17