TWI615783B - Point-of-sale terminal mode switching method and device - Google Patents

Point-of-sale terminal mode switching method and device Download PDF

Info

Publication number
TWI615783B
TWI615783B TW105143804A TW105143804A TWI615783B TW I615783 B TWI615783 B TW I615783B TW 105143804 A TW105143804 A TW 105143804A TW 105143804 A TW105143804 A TW 105143804A TW I615783 B TWI615783 B TW I615783B
Authority
TW
Taiwan
Prior art keywords
mode
key
pos terminal
external device
point
Prior art date
Application number
TW105143804A
Other languages
Chinese (zh)
Other versions
TW201723946A (en
Inventor
Shaofei Zhang
Qi Wang
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Publication of TW201723946A publication Critical patent/TW201723946A/en
Application granted granted Critical
Publication of TWI615783B publication Critical patent/TWI615783B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephone Function (AREA)
  • Cash Registers Or Receiving Machines (AREA)

Abstract

本發明屬於通信技術領域,公開了一種銷售點終端模式切換方法及裝置,包括:處於第一模式的銷售點POS終端獲取該POS終端的標識資訊;該POS終端根據該標識資訊,生成第一金鑰;該POS終端將生成的該第一金鑰與從外接設備中獲取的第二金鑰進行比較;若該第一金鑰與該第二金鑰相同,則該POS終端從該第一模式切換到第二模式。本發明用以解決現有技術中智慧POS終端無法即時便捷實現模式切換的問題。 The invention belongs to the field of communication technology, and discloses a method and device for switching a point-of-sale terminal mode, including: a point-of-sale POS terminal in a first mode obtains identification information of the POS terminal; and the POS terminal generates a first gold based on the identification information Key; the POS terminal compares the generated first key with a second key obtained from an external device; if the first key is the same as the second key, the POS terminal uses the first mode Switch to the second mode. The invention is used to solve the problem that the smart POS terminal in the prior art cannot implement the mode switching immediately and conveniently.

Description

一種銷售點終端模式切換方法及裝置 Method and device for switching mode of point of sale terminal

本發明屬於通信技術領域,尤其是關於一種銷售點終端模式切換方法及裝置。 The present invention belongs to the field of communication technology, and more particularly, to a method and device for switching mode of a point-of-sale terminal.

POS(銷售點,point of sale)終端是一種結算終端,可以對持卡消費者進行刷卡消費,已廣泛應用於各種商場等消費場合,可有效滿足消費者的持卡消費需要,提高消費者的消費體驗。 A POS (point of sale) terminal is a settlement terminal that can be used to swipe card consumers. It has been widely used in various shopping malls and other consumer occasions. It can effectively meet consumers' card consumption needs and improve consumer Consumer experience.

智慧POS終端是在傳統POS終端的基礎上,增加了智慧平臺和3G(第三代移動通信技術,3rd-Generation)通訊,可相容任何一維碼、二維碼,甚至光波、聲波支付,在空間範圍和業務範圍上,大大增加了刷卡支付的適用範圍。 The smart POS terminal is based on the traditional POS terminal, and adds a smart platform and 3G (3rd-generation mobile communication technology, 3rd-Generation) communication. It is compatible with any one-dimensional code, two-dimensional code, and even light wave and sound wave payment. In terms of space and business scope, the applicable scope of credit card payment has been greatly increased.

智慧POS終端有兩種模式,生產模式和除錯模式。智慧POS終端處於除錯模式時,所有除錯介面打開,安裝應用不需要擁有簽名。終端處於生產模式時,所有除錯介面關閉,安裝的應用必須擁有簽名。現有的智慧POS終端在出廠時一般處於生產模式,若想要切換為除錯模式,只能將該終端寄回廠家,重新刷新系統韌體才能實現,無法實現即時切換,十分不便。 Smart POS terminal has two modes, production mode and debug mode. When the smart POS terminal is in the debug mode, all debug interfaces are opened, and the installation application does not need to have a signature. When the terminal is in production mode, all debugging interfaces are closed, and the installed application must have a signature. Existing smart POS terminals are generally in the production mode when they leave the factory. If you want to switch to the debug mode, you can only send the terminal back to the manufacturer and refresh the system firmware. Real-time switching is not possible, which is very inconvenient.

本發明實施例提供一種銷售點終端模式切換方法及裝置,用以解決現有技術中智慧POS終端無法即時便捷實現模式切換的問題。 Embodiments of the present invention provide a method and a device for switching a point-of-sale terminal mode, which are used to solve the problem that the smart POS terminal cannot switch modes in a timely and convenient manner in the prior art.

本發明實施例提供的銷售點終端模式切換方法包括:處於第一模式的銷售點POS終端獲取該POS終端的標識資訊;該POS終端根據該標識資訊,生成第一金鑰;該POS終端將生成的該第一金鑰與從外接設備中獲取的第二金鑰進行比較;若該第一金鑰與該第二金鑰相同,則該POS終端從該第一模式切換到第二模式。 A method for switching a point of sale terminal mode provided by an embodiment of the present invention includes: a point of sale POS terminal in a first mode obtains identification information of the POS terminal; the POS terminal generates a first key based on the identification information; the POS terminal will generate Compare the first key with the second key obtained from the external device; if the first key is the same as the second key, the POS terminal switches from the first mode to the second mode.

可選的,該POS終端通過下列方式中的部分或全部將該第一模式切換到第二模式:方式一、該POS終端將介面從該第一模式的狀態轉換為該第二模式的狀態;方式二、該POS終端將當前正在使用的該第一模式的數位憑證用該第二模式的數位憑證替換;方式三、該POS終端將該第一模式支援的應用轉換為該第二模式支援的應用。 Optionally, the POS terminal switches the first mode to the second mode in part or all of the following modes: Mode 1. The POS terminal changes the interface from the state of the first mode to the state of the second mode; Method 2: The POS terminal replaces the digital certificate of the first mode currently being used with the digital certificate of the second mode; Method 3. The POS terminal converts the application supported by the first mode into the second mode supported application. application.

可選的,該標識資訊包括該POS終端的機構特定授權碼;該POS終端根據該標識資訊,生成第一金鑰,包括:該POS終端將該機構特定授權碼通過不可逆演算法,生成 該第一金鑰。 Optionally, the identification information includes an institution-specific authorization code of the POS terminal; the POS terminal generates a first key based on the identification information, including: the POS terminal generates the institution-specific authorization code through an irreversible algorithm to generate The first key.

可選的,該POS終端通過下列方式從外接設備中獲取第二金鑰:該POS終端向該外接設備發送連接請求;該POS終端在該外接設備同意該連接請求後,向該外界設備發送該第二金鑰獲取請求;該POS終端接收該外界設備發送的該第二金鑰。 Optionally, the POS terminal obtains a second key from an external device in the following ways: the POS terminal sends a connection request to the external device; after the external device agrees to the connection request, the POS terminal sends the external key to the external device A second key acquisition request; the POS terminal receives the second key sent by the external device.

可選的,該第一模式為生產模式,該第二模式為除錯模式。 Optionally, the first mode is a production mode, and the second mode is a debug mode.

一種銷售點終端模式切換裝置,包括:獲取模組,用於獲取處於第一模式的POS終端的標識資訊;生成模組,用於根據該標識資訊,生成第一金鑰;比較模組,用於將生成的該第一金鑰與從外接設備中獲取的第二金鑰進行比較;切換模組,用於若該第一金鑰與該第二金鑰相同,則從該第一模式切換到第二模式。 A point-of-sale terminal mode switching device includes: an acquisition module for acquiring identification information of a POS terminal in a first mode; a generation module for generating a first key based on the identification information; a comparison module for Comparing the generated first key with a second key obtained from an external device; a switching module for switching from the first mode if the first key is the same as the second key Go to the second mode.

可選的,該切換模組具體用於,通過下列方式中的部分或全部將該第一模式切換到第二模式:方式一、將介面從該第一模式的狀態轉換為該第二模式的狀態;方式二、將當前正在使用的該第一模式的數位憑證用該第二模式的數位憑證替換; 方式三、將該第一模式支援的應用轉換為該第二模式支援的應用。 Optionally, the switching module is specifically configured to switch the first mode to the second mode in part or all of the following modes: Mode 1. The interface is changed from the state of the first mode to the state of the second mode. State; mode two, replace the digital voucher of the first mode currently being used with the digital voucher of the second mode; Manner 3: The application supported by the first mode is converted into the application supported by the second mode.

可選的,該標識資訊包括該POS終端的機構特定授權碼;該生成模組具體用於,將該機構特定授權碼通過不可逆演算法,生成該第一金鑰。 Optionally, the identification information includes an institution-specific authorization code of the POS terminal; the generating module is specifically configured to generate the first key by using the institution-specific authorization code through an irreversible algorithm.

可選的,該獲取模組還用於,通過下列方式從外接設備中獲取第二金鑰:向該外接設備發送連接請求;在該外接設備同意該連接請求後,向該外界設備發送該第二金鑰獲取請求;接收該外界設備發送的該第二金鑰。 Optionally, the obtaining module is further configured to obtain a second key from an external device by: sending a connection request to the external device; and after the external device agrees to the connection request, sending the first key to the external device A second key acquisition request; receiving the second key sent by the external device.

可選的,該第一模式為生產模式,該第二模式為除錯模式。 Optionally, the first mode is a production mode, and the second mode is a debug mode.

本發明實施例中,處於第一模式的POS終端,可通過連接到外接設備,將第一模式切換為第二模式。具體為,POS終端獲取自身的終端標識資訊,並根據標識資訊生成第一金鑰。當POS終端獲知有外接設備連接後,從外接設備中獲取第二金鑰,並將第一金鑰與第二金鑰進行比較,若確定第一金鑰與第二金鑰相同,則直接將該POS終端從第一模式切換為第二模式。外接設備可在POS終端出廠時同時配備,使用者需要進行模式切換時,只需將外接設備與POS終端相連,無需將POS終端寄回原廠重刷系統,即可成功切換POS終端的模式,簡便了模式切換的過程和步驟,可即時切換POS終端模式。 In the embodiment of the present invention, the POS terminal in the first mode can be switched to the second mode by connecting to an external device. Specifically, the POS terminal obtains its own terminal identification information and generates a first key based on the identification information. When the POS terminal learns that an external device is connected, it obtains the second key from the external device and compares the first key with the second key. If it is determined that the first key is the same as the second key, it will directly The POS terminal is switched from the first mode to the second mode. The external device can be equipped at the same time when the POS terminal leaves the factory. When users need to switch modes, they only need to connect the external device to the POS terminal, and the POS terminal mode can be successfully switched without sending the POS terminal back to the original factory to re-flash the system. With the process and steps of mode switching, the POS terminal mode can be switched instantly.

S101~S104、S201~S205、S301~S305‧‧‧步驟 S101 ~ S104, S201 ~ S205, S301 ~ S305‧‧‧steps

1‧‧‧獲取模組 1‧‧‧ Get Module

2‧‧‧生成模組 2‧‧‧ Generate Module

3‧‧‧比較模組 3‧‧‧Comparison Module

4‧‧‧切換模組 4‧‧‧Switch Module

為了更清楚地說明本發明實施例中的技術方案,下面將對實施例描述中所需要使用的附圖作簡要介紹,顯而易見地,下面描述中的附圖僅僅是本發明的一些實施例,對於本領域的普通技術人員來講,在不付出創造性勞動性的前提下,還可以根據這些附圖獲得其他的附圖。 In order to explain the technical solutions in the embodiments of the present invention more clearly, the drawings used in the description of the embodiments will be briefly introduced below. Obviously, the drawings in the following description are only some embodiments of the present invention. Those of ordinary skill in the art can obtain other drawings according to these drawings without paying creative labor.

圖1為本發明實施例中銷售點終端模式切換方法的流程圖;圖2為本發明實施例中外接設備為磁條卡的銷售點終端模式切換方法的流程圖;圖3為本發明實施例中外接設備為IC卡的銷售點終端模式切換方法的流程圖;圖4為本發明實施例中銷售點終端模式切換裝置的示意圖。 1 is a flowchart of a method for switching a point of sale terminal mode in an embodiment of the present invention; FIG. 2 is a flowchart of a method for switching a point of sale terminal mode in which an external device is a magnetic stripe card according to an embodiment of the present invention; and FIG. 3 is an embodiment of the present invention A flowchart of a point-of-sale terminal mode switching method for an IC card with an external device; FIG. 4 is a schematic diagram of a point-of-sale terminal mode switching device according to an embodiment of the present invention.

為了使本發明的目的、技術方案和優點更加清楚,下面將結合附圖對本發明作進一步地詳細描述,顯然,所描述的實施例僅僅是本發明一部份實施例,而不是全部的實施例。基於本發明中的實施例,本領域普通技術人員在沒有做出創造性勞動前提下所獲得的所有其它實施例,都屬於本發明保護的範圍。 In order to make the objectives, technical solutions, and advantages of the present invention clearer, the present invention will be described in further detail below with reference to the accompanying drawings. Obviously, the described embodiments are only a part of the embodiments of the present invention, not all the embodiments. . Based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

智能POS終端在開發的過程中,需要對POS的應用程式進行除錯和測試,此時POS終端處於除錯模式,所有介面均打開,可直接安裝任意應用,安裝的應用不需要具有簽名。POS終端在出廠時會換為生成 模式,這種情況下,所有除錯介面均關閉,安裝的應用必須具有生產環境的應用簽名。這樣一來,雖然保障了終端安全,但在查看日誌、查找問題或售後支援等需要切換為除錯模式的情況下,必須將POS終端寄回生產廠家刷新系統韌體才能實現,十分不便。 During the development process of the smart POS terminal, debugging and testing of the POS application are required. At this time, the POS terminal is in the debugging mode, all interfaces are open, and any application can be directly installed. The installed application does not need to have a signature. POS terminals will be replaced with Mode, in which case all debugging interfaces are closed and the installed application must have an application signature for the production environment. In this way, although the security of the terminal is guaranteed, in the case of viewing logs, searching for problems, or after-sales support, it is necessary to switch to the debugging mode, and the POS terminal must be sent back to the manufacturer to refresh the system firmware.

為了解決上述問題,本發明實施例提供了一種銷售點終端模式切換方法,該方法的流程如圖1所示,方法可以包括如下步驟:S101、處於第一模式的銷售點POS終端獲取該POS終端的標識資訊;S102、該POS終端根據該標識資訊,生成第一金鑰;S103、該POS終端將生成的該第一金鑰與從外接設備中獲取的第二金鑰進行比較;S104、若該第一金鑰與該第二金鑰相同,則該POS終端從該第一模式切換到第二模式。 In order to solve the above problem, an embodiment of the present invention provides a method for switching a point-of-sale terminal mode. The process of the method is shown in FIG. S102, the POS terminal generates a first key based on the identification information; S103, the POS terminal compares the generated first key with a second key obtained from an external device; S104, if If the first key is the same as the second key, the POS terminal switches from the first mode to the second mode.

其中,POS終端的第一模式和第二模式是終端所處的兩種不同狀態。可選的,第一模式為生產模式,第二模式為除錯模式。POS終端在生產模式下,安全等級較高,所有介面均封閉,應用必須具有生產環境的證書才能進行安裝。POS終端在除錯模式下,安全等級較低,所有介面均打開,可任意安裝應用。使用者在平時使用POS終端時,POS終端處於生產模式,在一種安全的狀態下供使用者使用,無需使用外接設備,使用者可將外接設備安全收置。當需要在POS終端中安裝應用或調取內部資料時,即需要將POS終端切換為除錯模式,使用者取出外接設備,將其與POS終端相連。POS終端讀取到連接的外接設備,並確定第一金鑰與第二 金鑰相同後,將第一模式切換為第二模式,即使POS終端處於開放的狀態,方便特殊情況下對POS終端除錯使用。 The first mode and the second mode of the POS terminal are two different states in which the terminal is located. Optionally, the first mode is a production mode and the second mode is a debug mode. In the production mode of POS terminal, the security level is high, all interfaces are closed, and the application must have a production environment certificate to install it. The POS terminal has a low security level in the debug mode, all interfaces are open, and applications can be installed at will. When a user uses a POS terminal in normal times, the POS terminal is in a production mode and is used by the user in a safe state. There is no need to use an external device, and the user can safely house the external device. When you need to install applications or retrieve internal data in the POS terminal, you need to switch the POS terminal to the debug mode. The user removes the external device and connects it to the POS terminal. The POS terminal reads the connected external device and determines the first key and the second key After the keys are the same, the first mode is switched to the second mode, even if the POS terminal is open, which is convenient for debugging and using the POS terminal in special cases.

本發明實施例中,處於第一模式的POS終端,可通過連接到外接設備,將第一模式切換為第二模式。具體為,POS終端獲取自身的終端標識資訊,並根據標識資訊生成第一金鑰。當POS終端獲知有外接設備連接後,從外接設備中獲取第二金鑰,並將第一金鑰與第二金鑰進行比較,若確定第一金鑰與第二金鑰相同,則直接將該POS終端從第一模式切換為第二模式。外接設備可在POS終端出廠時同時配備,使用者需要進行模式切換時,只需將外接設備與POS終端相連,無需將POS終端寄回原廠重刷系統,即可成功切換POS終端的模式,簡便了模式切換的過程和步驟,可即時切換POS終端模式。 In the embodiment of the present invention, the POS terminal in the first mode can be switched to the second mode by connecting to an external device. Specifically, the POS terminal obtains its own terminal identification information and generates a first key based on the identification information. When the POS terminal learns that an external device is connected, it obtains the second key from the external device and compares the first key with the second key. If it is determined that the first key is the same as the second key, it will directly The POS terminal is switched from the first mode to the second mode. The external device can be equipped at the same time when the POS terminal leaves the factory. When users need to switch modes, they only need to connect the external device to the POS terminal, and the POS terminal mode can be successfully switched without sending the POS terminal back to the original factory to re-flash the system. With the process and steps of mode switching, the POS terminal mode can be switched instantly.

其中,用於存儲第二金鑰的外接設備可為磁條卡、接觸式IC(積體電路Integrated Circuit)卡、非接觸式IC卡等,也可為移動存儲終端。可在POS終端出廠時為其配備相應的外接設備,其中存儲有第二金鑰。第二金鑰是根據POS終端的標識資訊,根據與第一金鑰相同的演算法計算而成。因此,POS終端中存儲的第一金鑰與其相應的外接設備中存儲的第二金鑰相同。 The external device for storing the second key may be a magnetic stripe card, a contact IC (Integrated Circuit) card, a non-contact IC card, etc., or a mobile storage terminal. The POS terminal can be equipped with a corresponding external device when it leaves the factory, which stores a second key. The second key is calculated based on the identification information of the POS terminal and according to the same algorithm as the first key. Therefore, the first key stored in the POS terminal is the same as the second key stored in its corresponding external device.

上述將POS終端從第一模式切換為第二模式,可以通過下列方式中的部分或全部:方式一、該POS終端將介面從該第一模式的狀態轉換為該第二模式的狀態;方式二、該POS終端將當前正在使用的該第一模式的數位 憑證用該第二模式的數位憑證替換;方式三、該POS終端將該第一模式支援的應用轉換為該第二模式支援的應用。 The above-mentioned switching of the POS terminal from the first mode to the second mode can be performed in part or all of the following ways: Mode 1. The POS terminal changes the interface from the state of the first mode to the state of the second mode; Mode 2 The POS terminal will use the digits of the first mode currently being used The voucher is replaced with the digital voucher of the second mode; in the third method, the POS terminal converts the application supported by the first mode into an application supported by the second mode.

具體來說,對於方式一,介面的第一模式即相應於POS終端的第一模式,即介面處於生產模式的狀態為封閉狀態,不允許外部設備通過介面連接於POS終端,這裡的介面可包括ADB(安卓除錯橋,Android Debug Bridge)介面、USB(通用序列匯流排,Universal Serial Bus)介面等各種POS終端上的介面。介面的第二模式即相應與POS終端的第二模式,介面處於除錯模式的狀態為開放狀態,允許外部設備通過介面連接於POS終端。將POS終端從第一模式切換為第二模式,可以表現為將POS終端的介面從封閉狀態轉換為開放狀態。其次,對於方式二,第一模式的數位憑證為生產模式下的數位憑證,數位憑證的安全級別較高,而第二模式的數位憑證為除錯模式下的數位憑證,安全級別較低。將POS終端從第一模式切換為第二模式,可以表現為將POS終端當前所用的生產模式的數位憑證替換為除錯模式的數位憑證。將生產模式下的數位憑證換為除錯模式下的數位憑證,即降低了POS終端的安全級別,可對其進行調用內部資料等處理。再次,對於方式三,第一模式支援的應用為具有生產環境證書的應用,因為生產模式下POS終端的安全級別高,下載的應用均需攜帶有生產環境證書。將POS終端從第一模式切換為第二模式,可以表現為POS終端將生產模式的應用轉換為除錯模式的應用。切換為除錯模式後,降低了POS終端的安全級別,下載的應用可以不帶有生產環境證書,即此時POS終端中的應用轉換為第二模式支援的應用。以上三種方式為POS終端從第一模式 切換到第二模式的內容,可包括三種中的任意一種或兩種,或全部包括在內。 Specifically, for the first method, the first mode of the interface corresponds to the first mode of the POS terminal, that is, the interface is in a closed state in the production mode, and external devices are not allowed to connect to the POS terminal through the interface. The interface here may include ADB (Android Debug Bridge) interface, USB (Universal Serial Bus, Universal Serial Bus) interface and other interfaces on various POS terminals. The second mode of the interface is the second mode corresponding to the POS terminal. The state of the interface in the debug mode is open, allowing external devices to connect to the POS terminal through the interface. Switching the POS terminal from the first mode to the second mode can be expressed as changing the interface of the POS terminal from a closed state to an open state. Secondly, for the second method, the digital certificate of the first mode is a digital certificate in the production mode, and the digital certificate has a higher security level, while the digital certificate of the second mode is a digital certificate in the debug mode, and the security level is lower. Switching the POS terminal from the first mode to the second mode can be expressed as replacing the digital voucher of the production mode currently used by the POS terminal with the digital voucher of the debug mode. By replacing the digital voucher in production mode with the digital voucher in debug mode, the security level of the POS terminal is reduced, and it can be used to call internal data and other processing. Thirdly, for the third method, the application supported by the first mode is an application with a production environment certificate, because the POS terminal in the production mode has a high security level, and all downloaded applications need to carry a production environment certificate. Switching the POS terminal from the first mode to the second mode can be expressed as a POS terminal converting an application in a production mode to an application in a debugging mode. After switching to the debug mode, the security level of the POS terminal is reduced, and the downloaded application may not have a production environment certificate, that is, the application in the POS terminal is converted to an application supported by the second mode at this time. The above three methods are the first mode for POS terminal The content switched to the second mode may include any one or two of the three, or all of them.

POS終端在除錯模式是處於一種完全開放的狀態,因此,POS終端的模式切換需保證POS終端的安全,使其在安全的情況下被切換,因此,本發明實施例中,POS終端的標識資訊包括POS終端的機構特定授權碼。機構特定授權碼是伺服器為每個POS終端分配的唯一標識碼,可存儲於POS終端中,且為隱藏狀態,即外部設備無法讀取到該機構特定授權碼。 The POS terminal is in a completely open state in the debugging mode. Therefore, the mode switching of the POS terminal needs to ensure the security of the POS terminal so that it can be switched in a safe situation. Therefore, in the embodiment of the present invention, the identity of the POS terminal The information includes an institution-specific authorization code for the POS terminal. The institution-specific authorization code is a unique identification code assigned by the server to each POS terminal. It can be stored in the POS terminal and is hidden, that is, the external device cannot read the institution-specific authorization code.

為了保障POS終端的安全,上述步驟S102可以包括:POS終端將該機構特定授權碼通過不可逆演算法,生成該第一金鑰。 In order to ensure the security of the POS terminal, the above-mentioned step S102 may include: the POS terminal generates the first key by passing the specific authorization code of the institution through an irreversible algorithm.

POS終端獲取自身的機構特定授權碼後,將機構特定授權碼通過不可逆加密演算法生成第一金鑰。不可逆加密演算法在加密過程中不需要使用金鑰,輸入明文即機構特定授權碼後由終端直接經過加密演算法處理成密文,這種加密後的資料是無法被解密的,只有重新輸入明文,並再次經過同樣不可逆的加密演算法處理,得到相同的加密密文並被重新識別後,才能真正解密。不可逆加密演算法不存在金鑰保管和分發問題,因此可用在本發明實施例中POS終端側和外接設備之間配對使用。不可逆加密演算法可為MD5(消息摘要演算法第五版,Message Digest Algorithm 5),可提供資訊的完整性保護。POS終端根據機構特定授權碼生成MD5值,這個MD5值即為該POS終端的第一金鑰。此外,POS終端的標識資訊還可包括POS終端的SN(序號,Serial Number)號和MAC(媒介存取控制,Medium/Media Access Control)位址等資訊。本發明實施例對此不做限制。 外接設備中的第二金鑰也是將該POS終端的機構特定授權碼通過相同的演算法計算得出。因此,一台POS終端的第一金鑰與相應的外接設備中存儲的第二金鑰相同。POS終端通過對比第一金鑰和第二金鑰是否相同,判斷POS終端的安全性是否得以保障。 After the POS terminal obtains its own institution-specific authorization code, it uses the institution-specific authorization code to generate a first key through an irreversible encryption algorithm. The irreversible encryption algorithm does not need to use a key during the encryption process. After inputting the plain text, that is, the organization-specific authorization code, the terminal directly processes the encryption algorithm into cipher text. This encrypted data cannot be decrypted, and only the plain text must be re-entered. , And again after the same irreversible encryption algorithm processing, to get the same encrypted ciphertext and be re-identified before it can be truly decrypted. The irreversible encryption algorithm does not have the problem of key storage and distribution, so it can be used for pairing between the POS terminal side and the external device in the embodiment of the present invention. The irreversible encryption algorithm can be MD5 (Message Digest Algorithm 5), which can provide information integrity protection. The POS terminal generates an MD5 value according to the institution-specific authorization code, and this MD5 value is the first key of the POS terminal. In addition, the identification information of the POS terminal can also include information such as the SN (Serial Number) of the POS terminal and the MAC (Medium / Media Access Control) address. The embodiment of the present invention does not limit this. The second key in the external device is also calculated by the same algorithm of the institution-specific authorization code of the POS terminal. Therefore, the first key of a POS terminal is the same as the second key stored in the corresponding external device. The POS terminal determines whether the security of the POS terminal is guaranteed by comparing whether the first key and the second key are the same.

可選的,POS終端可通過下列方式從外接設備中獲取第二金鑰:該POS終端向該外接設備發送連接請求;該POS終端在該外接設備同意該連接請求後,向該外界設備發送該第二金鑰獲取請求;該POS終端接收該外界設備發送的該第二金鑰。 Optionally, the POS terminal may obtain the second key from the external device in the following ways: the POS terminal sends a connection request to the external device; the POS terminal sends the external key to the external device after the external device agrees to the connection request A second key acquisition request; the POS terminal receives the second key sent by the external device.

具體來說,POS終端與外接設備之間可以有多種連接方式,可以是接觸性連接,也可為非接觸性連接。接觸性連接中,POS終端可直接讀取卡片式外接設備中存儲的第二金鑰,或通過連線獲取移動終端式外接設備中存儲的第二金鑰。若為非接觸性連接,POS終端需向外接設備發送連接請求,外接設備接收到請求後同意連接,並將回饋資訊回復給POS終端。POS終端在接收到外接設備的同意消息後,向外接設備發送第二金鑰獲取請求。外接設備接收到第二金鑰獲取請求,將第二金鑰通過回饋消息回復給POS終端。 Specifically, there can be multiple connection methods between the POS terminal and the external device, which can be a contact connection or a non-contact connection. In the contact connection, the POS terminal can directly read the second key stored in the card-type external device, or obtain the second key stored in the mobile-terminal type external device through the connection. If it is a non-contact connection, the POS terminal needs to send a connection request to the external device. After receiving the request, the external device agrees to connect and returns the feedback information to the POS terminal. After receiving the consent message from the external device, the POS terminal sends a second key acquisition request to the external device. The external device receives the second key acquisition request and returns the second key to the POS terminal through a feedback message.

需要說明的是,本發明實施例中第一模式為生產模式,第二模式為除錯模式僅為舉例,本發明實施例對此不做限制。 It should be noted that, in the embodiment of the present invention, the first mode is a production mode, and the second mode is a debugging mode, which is merely an example, and the embodiment of the present invention does not limit this.

為了更清楚地理解本發明,下面以具體實例對上述流程進行詳細描述。本發明的一種實施例中,智慧終端機處於生產模式,外接設備 為磁條卡,具體步驟如圖2所示,包括: In order to understand the present invention more clearly, the above process will be described in detail below with specific examples. In an embodiment of the present invention, the smart terminal is in a production mode, and the external device is Is a magnetic stripe card, the specific steps are shown in Figure 2, including:

S201、智慧POS終端獲取自身的機構特定授權碼和MAC位址。 S201. The smart POS terminal obtains its own institution-specific authorization code and MAC address.

S202、智慧POS終端根據機構特定授權碼和MAC位址,通過MD5,計算出第一金鑰。 S202. The smart POS terminal calculates the first key through MD5 according to the organization-specific authorization code and MAC address.

S203、智慧POS終端讀取磁條卡的磁軌資訊,獲取第二金鑰。 S203. The smart POS terminal reads the track information of the magnetic stripe card to obtain a second key.

S204、智慧POS終端將第一金鑰與第二金鑰進行對比,若不同,則執行步驟S203;若相同,則執行步驟S205。 S204. The smart POS terminal compares the first key with the second key. If they are different, step S203 is performed; if they are the same, step S205 is performed.

S205、智慧POS終端將生產模式切換為除錯模式。 S205. The smart POS terminal switches the production mode to a debugging mode.

本發明的另一種實施例中,智慧終端機處於生產模式,外接設備為IC卡,具體步驟如圖3所示,包括: In another embodiment of the present invention, the smart terminal is in a production mode, and the external device is an IC card. The specific steps are shown in FIG. 3, including:

S301、智慧POS終端獲取自身的機構特定授權碼和MAC位址。 S301. The smart POS terminal obtains its own institution-specific authorization code and MAC address.

S302、智慧POS終端根據機構特定授權碼和MAC位址,通過MD5,計算出第一金鑰。 S302. The smart POS terminal calculates the first key through MD5 according to the organization-specific authorization code and MAC address.

S303、智慧POS通過NFC(近場通信,near field communication)技術,讀取IC卡指定Tag(標籤)中存儲的第二金鑰。 S303. The smart POS reads a second key stored in a designated tag of the IC card through NFC (near field communication) technology.

S304、智慧POS終端將第一金鑰與第二金鑰進行對比,若不同,則執行步驟S303;若相同,則執行步驟S305。 S304. The smart POS terminal compares the first key with the second key. If they are different, step S303 is performed; if they are the same, step S305 is performed.

S305、智慧POS終端將生產模式切換為除錯模式。 S305. The smart POS terminal switches the production mode to a debugging mode.

基於相同的技術構思,本發明實施例還提供基於銷售點終端 模式切換裝置,如圖4所示,包括獲取模組1,用於獲取處於第一模式的POS終端的標識資訊;生成模組2,用於根據該標識資訊,生成第一金鑰;比較模組3,用於將生成的該第一金鑰與從外接設備中獲取的第二金鑰進行比較;切換模組4,用於若該第一金鑰與該第二金鑰相同,則從該第一模式切換到第二模式。 Based on the same technical concept, the embodiment of the present invention further provides a point-of-sale terminal The mode switching device, as shown in FIG. 4, includes an acquisition module 1 for acquiring identification information of the POS terminal in the first mode; a generation module 2 for generating a first key based on the identification information; a comparison module Group 3 is used to compare the generated first key with a second key obtained from an external device; switching module 4 is used to: if the first key is the same as the second key, The first mode is switched to the second mode.

可選的,切換模組4具體用於,通過下列方式中的部分或全部將該第一模式切換到第二模式:方式一、將介面從該第一模式的狀態轉換為該第二模式的狀態;方式二、將當前正在使用的該第一模式的數位憑證用該第二模式的數位憑證替換;方式三、將該第一模式支援的應用轉換為該第二模式支援的應用。 Optionally, the switching module 4 is specifically configured to switch the first mode to the second mode in part or all of the following modes: Mode 1. The interface is changed from the state of the first mode to the state of the second mode. State; method two, replace the digital certificate of the first mode currently being used with the digital certificate of the second mode; method three, convert the application supported by the first mode to the application supported by the second mode.

可選的,標識資訊包括該POS終端的機構特定授權碼;生成模組2具體用於,將該機構特定授權碼通過不可逆演算法,生成該第一金鑰。 Optionally, the identification information includes an institution-specific authorization code of the POS terminal; the generating module 2 is specifically configured to generate the first key by using the institution-specific authorization code through an irreversible algorithm.

可選的,獲取模組1還用於,通過下列方式從外接設備中獲取第二金鑰:向該外接設備發送連接請求; 在該外接設備同意該連接請求後,向該外界設備發送該第二金鑰獲取請求;接收該外界設備發送的該第二金鑰。 Optionally, the obtaining module 1 is further configured to obtain a second key from an external device in the following manner: sending a connection request to the external device; After the external device agrees to the connection request, it sends the second key acquisition request to the external device; and receives the second key sent by the external device.

可選的,第一模式為生產模式,該第二模式為除錯模式。 Optionally, the first mode is a production mode, and the second mode is a debug mode.

本發明是參照根據本發明實施例的方法、設備(系統)、和電腦程式產品的流程圖和/或方框圖來描述的。應理解可由電腦程式指令實現流程圖和/或方框圖中的每一流程和/或方框、以及流程圖和/或方框圖中的流程和/或方框的結合。可提供這些電腦程式指令到通用電腦、專用電腦、嵌入式處理機或其他可程式設計資料處理設備的處理器以產生一個機器,使得通過電腦或其他可程式設計資料處理設備的處理器執行的指令產生用於實現在流程圖一個流程或多個流程和/或方框圖一個方框或多個方框中指定的功能的裝置。 The present invention is described with reference to flowcharts and / or block diagrams of methods, devices (systems), and computer program products according to embodiments of the present invention. It should be understood that each process and / or block in the flowchart and / or block diagram, and a combination of the process and / or block in the flowchart and / or block diagram may be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to generate a machine for instructions executed by the processor of the computer or other programmable data processing device Means are generated for implementing the functions specified in one or more of the flowcharts and / or one or more of the block diagrams.

這些電腦程式指令也可存儲在能引導電腦或其他可程式設計資料處理設備以特定方式工作的電腦可讀記憶體中,使得存儲在該電腦可讀記憶體中的指令產生包括指令裝置的製造品,該指令裝置實現在流程圖一個流程或多個流程和/或方框圖一個方框或多個方框中指定的功能。 These computer program instructions can also be stored in computer readable memory that can guide a computer or other programmable data processing device to work in a specific manner, so that the instructions stored in the computer readable memory produce a manufactured article including a command device The instruction device implements the functions specified in a flowchart or a plurality of processes and / or a block or a plurality of blocks in the block diagram.

這些電腦程式指令也可裝載到電腦或其他可程式設計資料處理設備上,使得在電腦或其他可程式設計設備上執行一系列操作步驟以產生電腦實現的處理,從而在電腦或其他可程式設計設備上執行的指令提供用於實現在流程圖一個流程或多個流程和/或方框圖一個方框或多個方框中指定的功能的步驟。 These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operating steps can be performed on the computer or other programmable equipment to generate computer-implemented processing, and thus on the computer or other programmable equipment The instructions executed on the steps provide steps for implementing the functions specified in one or more of the flowcharts and / or one or more of the block diagrams.

儘管已描述了本發明的優選實施例,但本領域內的技術人員 一旦得知了基本創造性概念,則可對這些實施例作出另外的變更和修改。所以,所附申請專利範圍意欲解釋為包括優選實施例以及落人本發明範圍的所有變更和修改。 Although preferred embodiments of the invention have been described, those skilled in the art will appreciate Once the basic creative concepts are known, additional changes and modifications can be made to these embodiments. Therefore, the scope of the appended patent applications is intended to be construed as including the preferred embodiments and all changes and modifications that fall within the scope of the invention.

顯然,本領域的技術人員可以對本發明進行各種改動和變型而不脫離本發明的精神和範圍。這樣,倘若本發明的這些修改和變型屬於本發明申請專利範圍及其等同技術的範圍之內,則本發明也意圖包含這些改動和變型在內。 Obviously, those skilled in the art can make various modifications and variations to the present invention without departing from the spirit and scope of the present invention. In this way, if these modifications and variations of the present invention fall within the scope of the patent application for the present invention and the scope of the equivalent technology, the present invention also intends to include these modifications and variations.

S101~S104‧‧‧步驟 S101 ~ S104‧‧‧step

Claims (10)

一種銷售點終端模式切換方法,其特徵在於,包括:處於第一模式的銷售點POS終端獲取該POS終端的標識資訊;該POS終端根據該標識資訊,生成第一金鑰;該POS終端將生成的該第一金鑰與從外接設備中獲取的第二金鑰進行比較;若該第一金鑰與該第二金鑰相同,則該POS終端從該第一模式切換到第二模式。 A point-of-sale terminal mode switching method, comprising: a point-of-sale POS terminal in a first mode obtains identification information of the POS terminal; the POS terminal generates a first key based on the identification information; the POS terminal will generate Compare the first key with the second key obtained from the external device; if the first key is the same as the second key, the POS terminal switches from the first mode to the second mode. 如請求項1所述的銷售點終端模式切換方法,其中,該POS終端通過下列方式中的部分或全部將該第一模式切換到第二模式:方式一、該POS終端將介面從該第一模式的狀態轉換為該第二模式的狀態;方式二、該POS終端將當前正在使用的該第一模式的數位憑證用該第二模式的數位憑證替換;方式三、該POS終端將該第一模式支援的應用轉換為該第二模式支援的應用。 The point-of-sale terminal mode switching method according to claim 1, wherein the POS terminal switches the first mode to the second mode through some or all of the following methods: Method 1. The POS terminal changes the interface from the first The state of the mode is changed to the state of the second mode; mode two, the POS terminal replaces the digital certificate of the first mode currently being used with the digital certificate of the second mode; mode three, the POS terminal replaces the first mode The application supported by the mode is converted into an application supported by the second mode. 如請求項1所述的銷售點終端模式切換方法,其中,該標識資訊包括該POS終端的機構特定授權碼;該POS終端根據該標識資訊,生成第一金鑰,包括:該POS終端將該機構特定授權碼通過不可逆演算法,生成該第一金鑰。 The point-of-sale terminal mode switching method according to claim 1, wherein the identification information includes an institution-specific authorization code of the POS terminal; and the POS terminal generates a first key based on the identification information, including: The institution-specific authorization code generates the first key through an irreversible algorithm. 如請求項1所述的銷售點終端模式切換方法,其中,該POS終端通過下 列方式從外接設備中獲取第二金鑰:該POS終端向該外接設備發送連接請求;該POS終端在該外接設備同意該連接請求後,向該外界設備發送該第二金鑰獲取請求;該POS終端接收該外界設備發送的該第二金鑰。 The point of sale terminal mode switching method according to claim 1, wherein the POS terminal is Obtain a second key from an external device in a column manner: the POS terminal sends a connection request to the external device; the POS terminal sends the second key acquisition request to the external device after the external device agrees to the connection request; the The POS terminal receives the second key sent by the external device. 如請求項1至4中任一所述的銷售點終端模式切換方法,其中,該第一模式為生產模式,該第二模式為除錯模式。 The point-of-sale terminal mode switching method according to any one of claims 1 to 4, wherein the first mode is a production mode and the second mode is a debug mode. 一種銷售點終端模式切換裝置,其特徵在於,包括:獲取模組,用於獲取處於第一模式的POS終端的標識資訊;生成模組,用於根據該標識資訊,生成第一金鑰;比較模組,用於將生成的該第一金鑰與從外接設備中獲取的第二金鑰進行比較;切換模組,用於若該第一金鑰與該第二金鑰相同,則從該第一模式切換到第二模式。 A point-of-sale terminal mode switching device, comprising: an acquisition module for acquiring identification information of a POS terminal in a first mode; a generating module for generating a first key based on the identification information; comparison A module for comparing the generated first key with a second key obtained from an external device; a switching module for switching from the first key if the first key is the same as the second key The first mode is switched to the second mode. 如請求項6所述的銷售點終端模式切換裝置,其中,該切換模組具體用於,通過下列方式中的部分或全部將該第一模式切換到第二模式:方式一、將介面從該第一模式的狀態轉換為該第二模式的狀態;方式二、將當前正在使用的該第一模式的數位憑證用該第二模式的數位憑證替換;方式三、將該第一模式支援的應用轉換為該第二模式支援的應用。 The point-of-sale terminal mode switching device according to claim 6, wherein the switching module is specifically configured to switch the first mode to the second mode through some or all of the following methods: Method one, changing the interface from the The state of the first mode is changed to the state of the second mode; the second method is to replace the digital certificate of the first mode currently being used with the digital certificate of the second mode; the third method is to support the application of the first mode Switch to an application supported by this second mode. 如請求項6所述的銷售點終端模式切換裝置,其中,該標識資訊包括該POS終端的機構特定授權碼; 該生成模組具體用於,將該機構特定授權碼通過不可逆演算法,生成該第一金鑰。 The point-of-sale terminal mode switching device according to claim 6, wherein the identification information includes an institution-specific authorization code of the POS terminal; The generating module is specifically configured to generate the first key by using the specific authorization code of the institution through an irreversible algorithm. 如請求項6所述的銷售點終端模式切換裝置,其中,該獲取模組還用於,通過下列方式從外接設備中獲取第二金鑰:向該外接設備發送連接請求;在該外接設備同意該連接請求後,向該外界設備發送該第二金鑰獲取請求;接收該外界設備發送的該第二金鑰。 The point-of-sale terminal mode switching device according to claim 6, wherein the acquisition module is further configured to obtain a second key from an external device by: sending a connection request to the external device; agreeing to the external device After the connection request, send the second key acquisition request to the external device; receive the second key sent by the external device. 如請求項6至9中任一所述的銷售點終端模式切換裝置,其中,該第一模式為生產模式,該第二模式為除錯模式。 The point-of-sale terminal mode switching device according to any one of claims 6 to 9, wherein the first mode is a production mode and the second mode is a debug mode.
TW105143804A 2015-12-29 2016-12-29 Point-of-sale terminal mode switching method and device TWI615783B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201511017102.5A CN105930718A (en) 2015-12-29 2015-12-29 Method and apparatus for switching point-of-sale (POS) terminal modes

Publications (2)

Publication Number Publication Date
TW201723946A TW201723946A (en) 2017-07-01
TWI615783B true TWI615783B (en) 2018-02-21

Family

ID=56839997

Family Applications (1)

Application Number Title Priority Date Filing Date
TW105143804A TWI615783B (en) 2015-12-29 2016-12-29 Point-of-sale terminal mode switching method and device

Country Status (2)

Country Link
CN (1) CN105930718A (en)
TW (1) TWI615783B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107133512B (en) * 2017-03-14 2020-07-28 万达百汇科技(深圳)有限公司 POS terminal control method and device
CN109509314A (en) * 2018-12-15 2019-03-22 深圳市捷诚技术服务有限公司 Mode switching method, device, storage medium and the POS terminal of POS terminal

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103716155A (en) * 2013-03-15 2014-04-09 福建联迪商用设备有限公司 Method and operation terminal for automatically maintaining POS terminal
TW201415389A (en) * 2012-08-31 2014-04-16 Vernon Redwood Communications system, computing devices and methods for securely exchanging data
WO2015105869A1 (en) * 2014-01-10 2015-07-16 Elo Touch Solutions, Inc. Multi-mode point-of-sale device
CN105117665A (en) * 2015-07-16 2015-12-02 福建联迪商用设备有限公司 Method and system for safely switching between terminal product mode and development mode

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102521935B (en) * 2011-12-15 2013-12-11 福建联迪商用设备有限公司 Method and apparatus for state detection of POS machine
CN102420692A (en) * 2011-12-28 2012-04-18 广州杰赛科技股份有限公司 Safety authentication method and system of universal serial bus (USB) key of client terminal based on cloud computation

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201415389A (en) * 2012-08-31 2014-04-16 Vernon Redwood Communications system, computing devices and methods for securely exchanging data
CN103716155A (en) * 2013-03-15 2014-04-09 福建联迪商用设备有限公司 Method and operation terminal for automatically maintaining POS terminal
WO2015105869A1 (en) * 2014-01-10 2015-07-16 Elo Touch Solutions, Inc. Multi-mode point-of-sale device
CN105117665A (en) * 2015-07-16 2015-12-02 福建联迪商用设备有限公司 Method and system for safely switching between terminal product mode and development mode

Also Published As

Publication number Publication date
CN105930718A (en) 2016-09-07
TW201723946A (en) 2017-07-01

Similar Documents

Publication Publication Date Title
CN101771754B (en) Mobile terminal and method for near-field communication thereof
CN105761067B (en) Intelligent POS machine security module and starting method thereof
US20160103716A1 (en) Method for using shared device in apparatus capable of operating two operating systems
CN103793815A (en) Mobile intelligent terminal acquirer system and method suitable for bank cards and business cards
CN104182874A (en) All-purpose card device, all-purpose card system and card information loading method
US11880823B2 (en) Server-side contactless card activation
JP2022553463A (en) Secure authentication based on identity data stored on contactless cards
CN109376824A (en) Dynamic Two-dimensional code generating method and system
TW201519126A (en) Mobile payment method and system
JP2023521997A (en) Determination of specific conditions for contactless card activation
KR20230142505A (en) URL-based authentication for payment cards
CN105117908A (en) Transaction payment prompt method and electronic equipment
TWI615783B (en) Point-of-sale terminal mode switching method and device
CN107437997B (en) Radio frequency communication device and method
JP2023507619A (en) Secure authentication based on passport data stored on contactless cards
CN108243402B (en) Method and device for reading and writing smart card
CN205160564U (en) System security starting drive and intelligent terminal
CN109075974A (en) The binding authentication method and fingerprint recognition system in fingerprint algorithm library and fingerprint sensor
KR20120100342A (en) Security token device and rf module and method of authentication usable in smartphone and pc
KR20240026922A (en) Cryptographic authentication to control access to storage devices
KR20240023613A (en) System and method for scalable cryptographic authentication of contactless cards
CN103248487A (en) Near field communication authentication method, certificate authorization center and near field communication equipment
US11776340B2 (en) Electronic device authentication method, and apparatus according thereto
KR102195931B1 (en) Method and system for smartphone payment based on bluetooth communication
CN203502986U (en) Double-chip intelligent card supporting national crypto algorithm