A kind of terminal and the method processing payment transactionTechnical field
The present invention relates to NFC (Near Field Communication, near-field communication) technical field, specialDo not relate to a kind of mobile terminal with NFC function and the method processing payment transaction.
Background technology
NFC (Near Field Communication, near-field communication), is a kind of short-range channel radioLetter technology, makes to carry out contactless point between electronic equipment in short distance (in ten centimetres) rightPoint data transmission exchange data.Owing to near-field communication has natural security and with low cost, convenientEasy-to-use, therefore, NFC technique is considered to have great application prospect in fields such as mobile-phone payments.
NFC technique principal character is as follows:
(1) for the closely wireless communication technology of secure communication (within 10cm).
(2) rf frequency: 13.56MHz.
(3) radio frequency is compatible: ISO 14443, ISO 15693, Felica (contact type intelligent card) markAccurate.
(4) data transmission bauds: 106kbit/s, 212kbit/s, 424kbit/s.
Near-field communication technology is by Nokia (Nokia), Philips (Philips), Sony (Sony)The standard that cooperation is formulated, promotes under TS 102 190 framework at ISO 18092, ECMA 340 and ETSIStandardization, is also compatible with that widely used ISO 14443 Type-A, B and Felica standard is non-to be connect simultaneouslyThe architecture of touch smart card.The modulation scheme of near field communication standard specified in more detail near-field communication equipment,Coding, the frame format of transmission speed and RF (radio frequency) interface, and actively and passive near field communication modeInitialization scheme needed for data collision controls in initialization procedure and condition, further define transmission associationView, starts and method for interchanging data etc. including agreement.The mode of operation of NFC device has following three kinds:
Mode card (Card emulation): this pattern is the most just comparable to one and uses RFID (radio frequencyIdentify) IC-card of technology.Present substantial amounts of IC-card (including credit card) occasion can be substituted, such asSwipe the card in market, mass transit card, gate inhibition's control, ticket, admission ticket etc..Under this kind of mode, there is one greatlyAdvantage, that is, card is powered by the RF territory of contactless card reader, even if host's equipment (asMobile phone) do not have electricity to work.
Ad hoc mode (P2P mode): this pattern and Infrared Difference are few, can be used for data exchange, thoughSo transmission range is comparatively short, but the operation that transmission is set up is the most convenient, and quickly, power consumption is relatively low for speed.Just can realize between digital camera, PDA (personal digital assistant), computer, mobile phone quicklyData point-to-point transmission, such as exchange music, picture, video clip, transmission network configuration, terminal configurationDeng or synchronize phone directory, message registration, note etc..
Card reader pattern (Reader/writer mode): use as contactless card reader, such as from posterOr read relevant information on Exhibition Information electronic tag.
Safe unit in near-field communication functional module of the prior art, is that a kind of disposal ability is the strongestSingle-chip microcomputer, the longest when processing encryption and decryption computing.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of terminal and the method processing payment transaction, to increaseThe strong encryption and decryption ability of terminal processes NFC device.
In order to solve above-mentioned technical problem, the invention provides a kind of terminal, including: near-field communication functionModule and processing module, wherein, the safe unit in described near-field communication functional module and described process mouldBlock connects, and in described safe unit, storage has the mobile payment security application including user's payment information,
Described mobile payment security is applied, and after being used for receiving payment request, is sent by user's payment informationTo described processing module;After receiving the user profile ciphertext that described processing module sends, send described useFamily information ciphertext;
Described processing module, obtains user profile ciphertext for being encrypted computing according to user's payment information,Described user profile ciphertext is sent to the application of described mobile payment security.
Further, above-mentioned terminal also has a following feature:
Described mobile payment security is applied, after being additionally operable to receive transaction results ciphertext, by described transaction knotReally ciphertext and decryption information are sent to described processing module;Store the transaction record that described processing module returns;
Described processing module, is additionally operable to be decrypted described transaction results ciphertext according to described decryption information,Transaction record after deciphering is returned to the application of described mobile payment security.
Further, above-mentioned terminal also has a following feature:
In the mainboard of the integrated described mobile terminal of described safe unit, by bus with described processing module evenConnect,
Described safe unit uses single line connection protocol mode or near-field communication wireline interface to lead to described near fieldNear-field communication chip in communication function module connects.
Further, above-mentioned terminal also has a following feature:
Described safe unit is arranged in safe digital card, by described safe digital card and described process mouldBlock connects, and described safe digital card uses in single line connection protocol mode and described near-field communication functional moduleNear-field communication chip connect.
Further, above-mentioned terminal also has a following feature:
Described safe unit is arranged in Subscriber Identity Module, is connected with described processing module by bus, instituteState Subscriber Identity Module and use single line connection protocol mode and the near-field communication in described near-field communication functional moduleChip connects.
Further, above-mentioned terminal also has a following feature:
Described safe unit is arranged in the near-field communication chip in described near-field communication functional module, passes throughDescribed near-field communication chip or bus are connected with described processing module.
Further, above-mentioned terminal also has following feature: described user's payment information includes:
User profile, key certificate and cryptography information.
In order to solve the problems referred to above, present invention also offers a kind of method processing payment transaction, including:
After receiving payment request, user's payment information is sent to processing module, wherein, described userPayment information includes: user profile, key certificate and cryptography information.
Further, said method also has following feature: also include:
After receiving transaction results ciphertext, described transaction results ciphertext and decryption information are sent to described placeReason module.
Further, said method also has following feature: also include:
Store the transaction record after described processing module returns deciphering.
To sum up, the present invention provides a kind of terminal and the method processing payment transaction, enables NFC device to makeWith more complicated and that function is stronger enciphering and deciphering algorithm, enhance the encryption and decryption ability of NFC device, improveNFC device is as the security of a kind of means of payment.
Accompanying drawing explanation
Fig. 1 is the schematic diagram of the terminal of the embodiment of the present invention;
Fig. 2 is the schematic diagram of the mobile phone of the embodiment of the present invention one;
Fig. 3 is the schematic diagram of the mobile phone of the embodiment of the present invention two;
Fig. 4 is the schematic diagram of the mobile phone of the embodiment of the present invention three;
Fig. 5 is the schematic diagram of the mobile phone of the embodiment of the present invention four;
Fig. 6 is the flow chart of the method for the process payment transaction of the embodiment of the present invention;
Fig. 7 is the Secure Transaction illustraton of model in actual applications of the terminal of the embodiment of the present invention;
Fig. 8 is the flow chart of the process of the Secure Transaction of application example of the present invention.
Detailed description of the invention
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawingEmbodiments of the invention are described in detail.It should be noted that in the case of not conflicting, this ShenEmbodiment in please and the feature in embodiment can mutually be combined.
As it is shown in figure 1, the embodiment of the present invention provides a kind of terminal, including NFC functional module and process mouldBlock, wherein, NFC functional module makes terminal possess the function of near-field communication.
The safe unit in described near-field communication functional module in the present embodiment is with described processing module evenConnecing, in described safe unit (SE), storage has the mobile payment security application including user's payment information,
Described mobile payment security is applied, and after being used for receiving payment request, is sent by user's payment informationTo described processing module;After receiving the user profile ciphertext that described processing module sends, send described useFamily information ciphertext;
Described processing module, obtains user profile ciphertext for being encrypted computing according to user's payment information,Described user profile ciphertext is sent to the application of described mobile payment security.
Wherein, described mobile payment security is applied, after being additionally operable to receive transaction results ciphertext, by describedTransaction results ciphertext and decryption information are sent to described processing module;Store the friendship that described processing module returnsEasily record;
Described processing module, is additionally operable to be decrypted described transaction results ciphertext according to described decryption information,Transaction record after deciphering is returned to the application of described mobile payment security.
Can be connected by ISO7816 bus between SE and processing module in the present embodiment, but alsoIt is not limited to ISO7816 bus, it is possible to use other connected modes.
In this enforcement, SE can will need complex calculation to be processed, particularly enciphering and deciphering algorithm, by referring toOrder passes to processing module, processing module be rapidly completed computing and return result of calculation.The process energy of SEPower is limited, and this embodiment can improve the processing speed of SE, shortens interaction time, and can extend SEEnciphering and deciphering algorithm scope, reduce SE cost, in conjunction with Secure Transaction model, NFC mobile payment schemeSecurity effectively promoted.
Embodiments of the invention are in addition to being applicable to mobile phone, it is also possible to be applicable to PDA, notebook, platformFormula machines etc., as long as equipment has the main control chip that disposal ability is powerful, can be suitable for embodiments of the invention.
The terminal of the present embodiment illustrates as a example by mobile phone, and the NFC nextport hardware component NextPort in mobile phone mainly comprisesThree parts:
1, safe unit (Secure Element, SE), is a SCM system, can store multipleThe application of type, possesses certain operational capability.SE can in the way of chip individualism, it is also possible toIt is built in the near-field communication chip in safe digital card, Subscriber Identity Module or near-field communication functional module.
2, NFC chip, NFC chip is used for realizing non-contacting 13.56M radio communication function, symbolClose ISO14443, ISO15693 and ISO18092 specification, and safe unit confession can be supplied electricity to by antenna feedElectricity.
3, NFC antenna.
According to the position of security component, can there is various embodiments, enumerate four embodiments below:
Embodiment one
SE is integrated in inside cell phone mainboard, is connected to mobile phone baseband by ISO7816 bus and (is equivalent toAbove-mentioned processing module), as shown in Figure 2.
It is the most all to use ISO7816 bus, however not excluded that have and use serial ports, I2C or SPI mouth etc.May.
SE in the present embodiment and the connection of NFC chip, both can use single line connection protocol (SWP)Mode connects, it would however also be possible to employ near-field communication wireline interface connects.
Embodiment two
SE is built in external memory storage, such as in build SD (Secure Digital, safe digital) inIn card, set up by SD card and mobile phone baseband and connect, as shown in Figure 3.
Embodiment three
SE is built in SIM (Subscriber Identity Module, user identifies) card, passes throughISO7816 bus and base band are set up and are connected, as shown in Figure 4.
The connection of the SIM in embodiment two and embodiment three/SD card and NFC chip can useSWP mode connects, and realizes full-duplex communication based on voltage and load modulation principle on SWP single line.
Embodiment four
SE is built into NFC chip, both can be set up by NFC chip and the connection of base band, alsoCan be set up by ISO7816 bus and base band and connect, as shown in Figure 5.
Fig. 6 is the flow chart of the method for the process payment transaction of the embodiment of the present invention, the method for the present embodimentImplemented by SE, including below step:
S10, receive payment request after, user's payment information is sent to baseband module, wherein, instituteState user's payment information to include: user profile, key certificate and cryptography information.
Further, it is also possible to include step:
S20, receive transaction results ciphertext after, described transaction results ciphertext and decryption information are sent toDescribed baseband module.
It is then possible to store the transaction record after described baseband module returns deciphering, in order to user inquires about.
Fig. 7 is the Secure Transaction illustraton of model in actual applications of the terminal of the present embodiment, this application exampleThe participant of Secure Transaction model mainly by following several classes:
1, NFC terminal user
The NFC mobile phone terminal that terminal use uses, needs first preset mobile payment security application in SE(containing user profile and key certificate), the most just can carry out payment transaction on businessman's Pos machine.
2, businessman Pos machine
Businessman uses the Pos machine specified can carry out payment transaction.
3, user's card sending mechanism
User's card sending mechanism to user NFC mobile phone terminal preset mobile payment security apply time to numberAccording to center requests key certificate and user profile, and write mobile payment security application.
4, business settlement system
Business settlement system during payment transaction to key certificate and the user of data center requests userInformation, is used for verifying user identity, encryption and decryption trading instruction and completing process of exchange.
5, data center
Data center is mainly responsible for record process of exchange, preserves key certificate and the user profile of user.
The Secure Transaction process of this application example mainly includes following step, as shown in Figure 8:
Step 101, the NFC mobile phone terminal of user initiate mobile payment security application to user's card sending mechanismPreset request, user's card sending mechanism by mobile payment security application write NFC mobile phone terminal SE;
Step 102, user's card sending mechanism to data center requests and get personal data (include useFamily information and key certificate);
Personal data is write the shifting in the SE of NFC mobile phone terminal by step 103, user's card sending mechanismDynamic safety of payment application, completes hair fastener flow process.
Step 104, user initiate payment transaction process in businessman, and NFC mobile phone terminal is placed in mode card,Pos machine near businessman;
Step 105, the Pos machine of businessman search NFC mobile phone terminal, and should according to mobile payment securityAID (Application identifier, application identities) number have access to the corresponding mobile payment in SEAfter safety applications, it is possible to control mobile payment security application with instruction and perform each generic operation.
Step 106, when mobile payment security application receives the payment instruction of Pos machine, behaviour will be triggeredMake, extract user profile, by cryptography information, key certificate and user profile by passing to base band,Request is encrypted computing;
After step 107, Baseband Receiver are asked to cryptographic calculation, call BBP and hardware acceleratorComplete cryptographic calculation with the AES specified and obtain user profile ciphertext, then user profile ciphertext is returnedApply back to mobile payment security;
User profile ciphertext is passed to by the application of step 108, mobile payment security by NFC radio communicationBusinessman's Pos machine;
User profile ciphertext and Transaction Information are passed to business settlement system by step 109, businessman's Pos machine;
Step 110, business settlement system are to data center requests the key certificate that gets user and useFamily information;
Step 111, business settlement system use the key certificate decrypted user information ciphertext of user, checkingUser identity.
Step 112, business settlement system complete trading processing, and transaction record is passed to data center,The information of transaction success or failure is returned to businessman's Pos machine.
Transaction results is encrypted by step 113, business settlement system, passes to businessman's Pos machine;
The ciphertext of transaction results is passed to NFC by NFC radio communication by step 114, businessman's Pos machineThe mobile payment security application of mobile phone terminal;
Ciphertext, enciphering and deciphering algorithm and key certificate are passed to base by the application of step 115, mobile payment securityBand;
Step 116, base band complete to decipher computing with the enciphering and deciphering algorithm specified, and are returned to by transaction recordMobile payment security is applied;User just can inquire transaction results.
One of ordinary skill in the art will appreciate that all or part of step in said method can pass through programInstructing related hardware to complete, described program can be stored in computer-readable recording medium, as read-onlyMemory, disk or CD etc..Alternatively, all or part of step of above-described embodiment can also useOne or more integrated circuits realize.Correspondingly, each module/unit in above-described embodiment can useThe form of hardware realizes, it would however also be possible to employ the form of software function module realizes.The present invention is not restricted to appointThe combination of the hardware and software of what particular form.
These are only the preferred embodiments of the present invention, certainly, the present invention also can have other various embodiments,In the case of without departing substantially from present invention spirit and essence thereof, those of ordinary skill in the art work as can be according to thisVarious corresponding change and deformation are made in invention, but these change accordingly and deformation all should belong to the present inventionAppended scope of the claims.