Background technology
Bank card (BANK Card) is more and more universal as the means of payment, common bank card paying system comprises point of sales terminal (Point Of Sale, POS), POS receives single system (POSP), code keypad (PINPAD) and hardware encipher machine (Hardware and Security Module, HSM).Wherein POS terminal can accept bank card information, has communication function, and the equipment that the instruction accepting teller completes financial transaction information and exchanges for information about; POS receives single system and manages concentratedly POS terminal, comprises parameter downloads, and key is downloaded, and accepts, processes or forward the transaction request of POS terminal, and to POS terminal loopback transaction results information, is the system of centralized management and transaction processing; Code keypad (PIN PAD) is that the key relevant to various financial transaction carries out safe storage protection, and is encrypted the safety equipment of protection to PIN; Hardware encipher machine (HSM) is the peripheral hardware devices be encrypted transmission data, for the encryption and decryption of PIN, the correctness verifying message and document source and storage key.Personal identification code (PersonalIdentification Number, PIN), i.e. personal identification number is the data message identifying holder's identity legitimacy in on-line transaction, and in cyber-net system, any link does not allow to occur in mode expressly; Terminal master key (Terminal Master Key, TMK), during POS terminal work, to the master key that working key is encrypted, encrypting storing is in system database; POS terminal is widely used in bank card and pays occasion, and such as manufacturer's shopping, hotel accommodations etc. are a kind of indispensable modernization means of payment, has incorporated the various occasions of people's life.Bank card; particularly debit card; generally all be provided with PIN by holder; carrying out in payment process; POS terminal is except above sending the data such as the magnetic track information of bank card; also want holder to input the identity legitimacy of PIN for issuing bank checking holder, guarantee bank card safety of payment, the property safety of protection holder.Reveal to prevent PIN or be cracked; require from terminal to issuing bank in whole information interactive process; whole process carries out safety encipher protection to PIN; do not allow any link in computer network system; PIN occurs in mode expressly, and the POS terminal therefore accepting input PIN at present all requires to be equipped with key management system.
The key code system of POS terminal is divided into secondary: terminal master key (TMK) and working key (WK).Wherein TMK is encrypted protection to WK.Every platform POS terminal has unique TMK, must have safeguard protection, guarantee can only write device and participate in calculate, can not read; TMK is a very crucial root key, if TMK is intercepted, working key is just cracked than being easier to, by serious threat bank card safety of payment.So can secure download TMK to POS terminal, become the key of whole POS terminal security.Conclude existing TMK download scenarios below as follows:
1, the female POS scheme of key: user receives the single system hardware encipher machine traffic encryption key the same with key female POS input at POS.POS terminal receives single system initiating terminal master key download request by the female POS of key to POS, POS receives single system and drives hardware encipher machine stochastic generation terminal master key, and by traffic encryption key encrypted transmission to the female POS of key, POS terminal is transferred to again after the female POS traffic encryption key deciphering of key, POS terminal obtains terminal master key expressly, be saved in POS terminal code keypad, thus realize POS terminal and POS and receive the synchronous of terminal master key between single system.
2, IC-card decrypt scheme: user injects the same traffic encryption key in POS receipts single system hardware encipher machine with IC-card.IC-card is inserted POS terminal by user, POS terminal receives single system initiating terminal master key download request to POS, POS receives single system and drives hardware encipher machine stochastic generation terminal master key, and by traffic encryption key encrypted transmission to POS terminal, traffic encryption key decryption terminal master key ciphertext in POS terminal IC-card, obtain terminal master key expressly, be saved in POS terminal code keypad, thus realize POS terminal and POS and receive the synchronous of terminal master key between single system.
Above-mentioned two schemes has following shortcoming: terminal master key expressly appears at outside safety equipment, for taking precautions against Key Exposure risk, the download of terminal master key must control to carry out at the safe machine room of administrative center, by manually concentrating download terminal master key, thus bring " maintenance centre's machine room workload is large; Will transport to administrative center's safe machine room download key after equipment dispatches from the factory and just can be deployed to trade company, transportation cost rises; In order to concentrate under fill key, need a large amount of staff and working time, maintenance cost is large, maintenance period is long " etc. problem.
Summary of the invention
For solving the problems of the technologies described above, the technical scheme that the present invention adopts provides a kind of method of quick position terminal master key failed download, comprises step:
S1, the rise time of recording transmission security key TK in collect and transmit cipher key T K process in POS terminal and the first proof test value;
S2, the importing time obtaining transmission security key TK in server importing transmission security key TK process when remote download terminal master key TMK failure and the second proof test value, then enter step S3;
S3, described first proof test value and the second proof test value to be compared, judge that whether comparison result is consistent, if so, enter step S4, if not, then enter step S5;
TK is consistent with server transmission security key TK for S4, judgement POS terminal transmission security key, determines to there is downloading process mistake or communication failure;
POS terminal transmission security key TK and server transmission security key TK is inconsistent for S5, judgement, determines to there is importing process mistake.
Another technical solution used in the present invention is: the system providing a kind of quick position terminal master key failed download, comprise: the first logging modle, for recording rise time and first proof test value of transmission security key TK in collect and transmit cipher key T K process in POS terminal; Second logging modle, imports importing time and second proof test value of transmission security key TK in transmission security key TK process for obtaining server when remote download terminal master key TMK is failed; Contrast module, for described first proof test value and the second proof test value being compared, judges that whether comparison result is consistent; First diagnostic module, for when contrasting module and judging that comparing result is consistent, judges that POS terminal transmission security key TK is consistent with server transmission security key TK, determines to there is downloading process mistake or communication failure; Second opinion module, for when contrasting module and judging that comparing result is inconsistent, judges that POS terminal transmission security key TK is consistent with server transmission security key TK, determines to there is importing process mistake.
The invention has the beneficial effects as follows: can the reason of quick position mistake, the present invention contrasts by providing importing time of transmitting secret key TK and TK proof test value to KMS service end when gathering the generation daily record and failed download of transmitting the TK data that the terminal device of secret key TK provides, log packet is containing the data such as rise time, proof test value (KCV) of the secret key TK of many group transmission in multi collect, by the TK proof test value on contrast terminal device and the TK proof test value of KMS server end and temporal information, thus determine whether to lead to errors because proof test value is inconsistent; And due to proof test value inconsistent, just can the reason of mistake of the different links such as quick position TK data acquisition, transmission and importing.
Embodiment
By describing technology contents of the present invention, structural attitude in detail, realized object and effect, accompanying drawing is coordinated to be explained in detail below in conjunction with embodiment.
For solving the technical matters existed in background technology, the present invention adopts a kind of new master key download scenarios, TK(Transmission Key is produced at random by POS terminal, transmission security key), TK after producing is stored in the code keypad of POS terminal, and TK is sent to KMS(Key Management System, key management system, for office terminal master key TMK by transmission mode required under various application scenarios) in.
As POS terminal application download terminal master key TMK, KMS system uses TK ciphering terminal master key TMK, and the terminal master key ciphertext after encryption is sent to POS terminal, POS terminal is decrypted master key ciphertext with TK after receiving, obtain terminal master key TMK, and terminal master key TMK is kept in code keypad.
So, by TK ciphering terminal master key TMK, enable TMK carry out remote transmission, facilitate the secure download of TMK.
In some scenarios, operating terminal is adopted to gather the TK of POS terminal generation, and be responsible for TK being transferred to MTMS system (Material Tracking Management System by operating terminal, Tracing Material system, mainly use in plant produced), TK is managed by MTMS systematic unity, and TK is sent to corresponding KMS system, described course of conveying is by CA center (Certificate Authority, certificate authority, adopt Public Key Infrastructure public key infrastructure technology, network ID authentication service is provided specially, be responsible for signing and issuing and managing digital certificate, and there is third party's trust authority that is authoritative and fairness) differentiate operating terminal, the identity of MTMS system and KMS system.Adopt the rights management that operating terminal collection TK can facilitate the acquisition operations of TK (can realize a key collection etc.) and TK to gather; Adopt MTMS system conveniently to TK unified management, data search and the download of POS terminal during after-sales service later can be facilitated, can realize, by manufacture order bulk transfer TK, facilitating the transfer management of TK by MTMS system, prevent TK from misinformating to the object of mistake; Introducing CA center can prevent pseudo-terminal and pseudo-KMS system from stealing TK.
Owing to producing TK at random by POS terminal and the TK after producing be stored in the code keypad of POS terminal and need terminal to support the function of remote download TMK this kind of downloading mode that TK is sent to KMS system by transmission mode required under various application scenarios, a lot of link can be introduced in centre, when remote download TMK failure, be difficult to link and the Producing reason of quick position mistake generation.
Just the technical scheme that the present invention overcomes the problems referred to above is described in detail below.
Refer to Fig. 1, be the structured flowchart of the system 100 of a kind of quick position terminal master key failed download in one embodiment of the present invention, it comprises the first logging modle 10, second logging modle 20, contrast module 30, first diagnostic module 40 and second opinion module 50.
Described first logging modle 10 for recording rise time and first proof test value of transmission security key TK in collect and transmit cipher key T K process in POS terminal.
Described second logging modle 20 imports importing time and second proof test value of transmission security key TK in transmission security key TK process for obtaining server when remote download terminal master key TMK is failed.Wherein, described server comprises KMS system.
Described contrast module 30, for described first proof test value and the second proof test value being compared, judges that whether comparison result is consistent.
Described first diagnostic module 40, for when contrasting module and judging that comparing result is consistent, judges that POS terminal transmission security key TK is consistent with server transmission security key TK, determines to there is downloading process mistake or communication failure.
Described second opinion module 50, for when contrasting module and judging that comparing result is inconsistent, judges that POS terminal transmission security key TK and server transmission security key TK is inconsistent, determines to there is importing process mistake.
In the present embodiment, described first diagnostic module 40 also has the diagnosis mistake of downloading process or the function of communication failure, and the module realizing this function mainly comprises network detection module, the 3rd diagnostic module, the first judge module and the 4th diagnostic module.
Described network detection module is for detecting communication network whether connection failure.
Described 3rd diagnostic module is used for when described network detection module Sampling network connection failure, it is determined that the presence of communication failure.
Described first judge module is used for when described network detection module Sampling network successful connection, judges that whether POS terminal transmission security key TK is corresponding with sequence number.
Described 4th diagnostic module is used for judging POS terminal transmission security key TK and sequence number not to it is determined that the presence of downloading process mistake time corresponding when the first judge module.
In the present embodiment, the complete rear notice debugging module executable operations of described second opinion module 50, described debugging module specifically comprises the second judge module and the 5th diagnostic module.
Described second judge module is for judging whether the rise time is later than the importing time.
Described 5th diagnostic module is used for when described second judge module judges that the rise time is later than the importing time, judge that the transmission security key TK of POS terminal does not import to server end, then find according to collection daily record the transmission security key TK do not imported, described collection daily record records the mapping relations of rise time and transmission security key TK.
In the present embodiment, the abbreviation of described proof test value to be the KCV of transmission security key TK, KCV be Key CheckValue and keycheck value, KCV is the keycheck value obtained by certain algorithm.
Refer to Fig. 2, Fig. 2 is the main flowchart of the method for a kind of quick position terminal master key failed download in an embodiment of the invention, and the method comprising the steps of:
Step S1, the rise time of recording transmission security key TK in collect and transmit cipher key T K process in POS terminal and the first proof test value;
Step S2, the importing time obtaining transmission security key TK in server importing transmission security key TK process when remote download terminal master key TMK failure and the second proof test value, then enter step S3;
Step S3, described first proof test value and the second proof test value to be compared, judge that whether comparison result is consistent, if so, enter step S4, if not, then enter step S5;
TK is consistent with server transmission security key TK for step S4, judgement POS terminal transmission security key, determines to there is downloading process mistake or communication failure;
POS terminal transmission security key TK and server transmission security key TK is inconsistent for step S5, judgement, determines to there is importing process mistake.
Wherein, comprise downloading process mistake or communication failure finding step after described step S4, specifically comprise:
S41, detect communication network whether connection failure, if so, enter step S42, if not, enter step S43;
S42, it is determined that the presence of communication failure;
S43, judge that whether POS terminal transmission security key TK is corresponding with sequence number, if not, enter step S44;
S44, it is determined that the presence of downloading process mistake.
Wherein, comprise importing process mistake finding step after described step S5, specifically comprise:
S51, judge whether the rise time is later than the importing time, if so, enters step S52;
The transmission security key TK of S52, judgement POS terminal does not import to server end, and then find according to collection daily record the transmission security key TK do not imported, described collection daily record records the mapping relations of rise time and transmission security key TK.
The invention has the beneficial effects as follows: can the reason of quick position mistake, the present invention contrasts by providing importing time of transmitting secret key TK and TK proof test value to KMS service end when gathering the generation daily record and failed download of transmitting the TK data that the terminal device of secret key TK provides, log packet is containing the data such as rise time, proof test value (KCV) of the secret key TK of many group transmission in multi collect, by the TK proof test value on contrast terminal device and the TK proof test value of KMS server end and temporal information, thus determine whether to lead to errors because proof test value is inconsistent; And due to proof test value inconsistent, just can the reason of mistake of the different links such as quick position TK data acquisition, transmission and importing.
The foregoing is only embodiments of the invention; not thereby the scope of the claims of the present invention is limited; every utilize instructions of the present invention and accompanying drawing content to do equivalent structure or equivalent flow process conversion; or be directly or indirectly used in other relevant technical fields, be all in like manner included in scope of patent protection of the present invention.