CN112532567A - Transaction encryption method and POSP system - Google Patents
Transaction encryption method and POSP systemDownload PDFInfo
- Publication number
- CN112532567A CN112532567ACN201910885070.2ACN201910885070ACN112532567ACN 112532567 ACN112532567 ACN 112532567ACN 201910885070 ACN201910885070 ACN 201910885070ACN 112532567 ACN112532567 ACN 112532567A
- Authority
- CN
- China
- Prior art keywords
- key
- message data
- posp
- pos terminal
- public key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0464—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Cash Registers Or Receiving Machines (AREA)
Abstract
Translated fromChinese
Description
Technical Field
The invention relates to the field of financial transactions, in particular to a transaction encryption method, an encryption system and a POSP front-end server.
Background
In a conventional POS (point of sale) payment system, a dedicated telephone line is used to transmit transaction data, and the use of the dedicated telephone line increases the cost of the POS payment system.
In consideration of the wide popularization of networks, the transaction data transmission of the POS payment system can be realized by using the networks, and how to avoid the transaction data leakage in the network environment becomes an urgent problem to be solved.
Disclosure of Invention
In order to solve the problems, the invention provides a transaction encryption method, an encryption system and a POSP front-end server.
In a first aspect, the present invention provides an apparatus comprising:
receiving first message data of a POS terminal, wherein the first message data is obtained by encrypting transaction data through a public key;
calling a private key corresponding to the public key from a database, and decrypting the first message data by the private key to obtain second message data;
and encrypting the second message data into third message data and returning the third message data to the POS terminal.
In the above transaction encryption method, before the receiving of the first message data of the POS terminal, where the first message data is obtained by public key encryption, the method further includes:
and receiving the check-in of the POS terminal, issuing a ciphertext public key to the POS terminal, and storing a corresponding private key in a database.
The above-mentioned transaction encryption method, before the receiving POS terminal checks in, further includes:
receiving a master key generation request and generating a cipher text master key;
and the ciphertext master key is decrypted by the mother POS to obtain a plaintext master key and is issued to the POS terminal.
In the above transaction encryption method, the public key includes a PIK key, a TDK key, and a MAK key; the PIK key is used for encrypting PIN data in transaction data, the TDK key is a random number, track information in the transaction data is encrypted by using the random number, and the MAK key is used for generating a verification code corresponding to the first message data.
In a second aspect, the present invention provides a transaction encryption method, including:
sending first message data to a POSP server, wherein the first message data is obtained by encrypting transaction data through a public key;
and receiving third message data returned by the POSP based on the first message data.
Before the sending of the first message data to the post server, the transaction encryption method further includes:
signing in to the POSP server;
receiving a ciphertext public key issued by the POSP server;
and decrypting the ciphertext public key by using the plaintext main key to obtain a plaintext public key.
In a third aspect, the present invention provides a transaction encryption method, including:
receiving a ciphertext master key imported by the POSP server;
and decrypting the ciphertext master key by using the key fob key to obtain a plaintext master key.
In a fourth aspect, the invention provides a POSP system, which comprises a POSP server, a mother POS, a POS terminal and an encryption database;
the POSP server is used for issuing a ciphertext master key to the master POS;
the mother POS decrypts the ciphertext master key to obtain a plaintext master key and transmits the plaintext master key to the POS terminal;
the POS terminal is used for signing in to the POSP server, receiving a ciphertext public key returned by the POSP server, decrypting the ciphertext public key by using the plaintext main key to obtain a plaintext public key, and encrypting received transaction data by using the plaintext public key to obtain first message data;
the encrypted database stores a cipher text master key and a private key corresponding to the public key.
In a fifth aspect, the present invention provides an apparatus comprising: memory, a processor and a computer program stored on the memory and executable on the processor, the computer program, when executed by the processor, implementing the steps of the method as claimed in any one of the above.
In a sixth aspect, the invention provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method as defined in any one of the above.
Compared with the prior art, in the transaction encryption method, the first message data received by the POS terminal is the data obtained by encrypting the transaction data through the public key, and the third message data returned to the POS terminal also encrypts the data, so that the probability of the transaction data leakage between the POSP server and the POS terminal is reduced.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and not to limit the invention. In the drawings:
FIG. 1 is a flow chart of a transaction encryption method according to an exemplary embodiment of the invention;
FIG. 2 is a flow chart of a transaction encryption method according to an exemplary embodiment of the present invention;
FIG. 3 is a flow chart of a transaction encryption method according to an exemplary embodiment of the invention;
FIG. 4 is a flowchart illustrating operation of the POSP system according to an exemplary embodiment of the present invention.
Reference numerals:
200-POSP system; 10-mother POS; 20-a POS terminal; 30-POSP server; 40-encrypt the database.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the specific embodiments of the present invention and the accompanying drawings. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a flowchart of a transaction encryption method according to an exemplary embodiment of the present invention, which is executed by a post server, and specifically includes the following steps.
S108: and receiving first message data of the POS terminal, wherein the first message data is obtained by encrypting the transaction data through a public key.
The first message data refers to data obtained by encrypting the transaction data received by the POS terminal through a public key. Specifically, a public key existing in a plaintext form is referred to as a plaintext public key, and a public key existing in a ciphertext form is referred to as a ciphertext public key. In the embodiment of the invention, the keys on the POS terminal are plaintext keys, and the public keys on the database or the encryption database are ciphertext keys, so that the public keys on the POS terminal are plaintext public keys, and the public keys on the database or the encryption database are ciphertext public keys.
Specifically, the public key in S108 is a plaintext public key. The public key comprises a PIK key, a TDK key and a MAK key. Of course, the public key may not be limited to the above-described PIK key, TDK key, and MAK key.
The PIK key is also called as a region PIN key, is a data encryption key and is suitable for a shared network, and the PIK is used for encrypting the PIN which needs to be transmitted between two communication network points, so that the security of the PIN is realized.
TDK is a magnetic track protection secret key and is specially used for encrypting magnetic stripe card swiping transaction magnetic track information. Specifically, the TDK key is a random number, and the track information in the transaction data is encrypted by using the random number.
The MAK is also called a local MAC key, which is a data encryption key, and is used to generate and verify an information Authentication Code (Message Authentication Code) when information is transmitted between two communication nodes, thereby achieving the purpose of information Authentication.
S110: and calling a private key corresponding to the public key from the database, and decrypting the first message data by using the private key to obtain second message data.
The database is an encryptor database, which stores a private key corresponding to the public key. Therefore, the first message data can be decoded by using the private key to obtain the second message data.
S112: and encrypting the second message data into third message data and returning the third message data to the POS terminal.
Specifically, a Unionpay key is called from the database, the second message data is encrypted into third message data by using the Unionpay key, and the third message data is returned to the POS terminal.
Before step S108, step S106 is also included.
S106: and receiving the check-in of the POS terminal, issuing a ciphertext public key to the POS terminal, and storing a corresponding private key in a database.
The POSP server periodically receives the check-in of the POS terminal so as to periodically update the public key in the POS terminal and the private key stored in the database, so that the safety of the transaction is improved.
When the POS terminal signs to the POSP server, the POSP server calls the encryption machine database to generate a public key, the public key is issued to the POS terminal in a form of encryption by the main key, and after the POS terminal receives the ciphertext public key, the main key is arranged on the POS terminal, so that the ciphertext public key can be decrypted to obtain a plaintext public key. Meanwhile, the database of the encryption machine also stores a corresponding private key so as to decrypt the first message data during transaction.
Before step S106, step S102 and step S104 are also included.
S102: and receiving a master key generation request to generate a cipher text master key. Specifically, after receiving a master key generation request input from the user interface, a terminal number, a binding merchant number, and a ciphertext master key are generated.
S104: and the ciphertext master key is decrypted by the mother POS to obtain a plaintext master key and is issued to the POS terminal. The user derives the terminal number, the merchant number and the ciphertext master key corresponding to each terminal to the mother POS, the plaintext master key is obtained through decryption in the mother POS, and the plaintext master key is downloaded to each POS terminal. Specifically, the plaintext master keys on the POS terminals are the same.
And the key card key is used for decrypting the ciphertext master key to obtain a plaintext master key.
Fig. 2 is a flowchart of a transaction encryption method according to an exemplary embodiment of the present invention, where the executing entity is a POS terminal, and specifically, the method includes the following steps.
S208: and sending first message data to the POSP server, wherein the first message data is obtained by encrypting the transaction data through a public key. Specifically, after the POS terminal receives the transaction data, the transaction data is encrypted by using the plaintext public key thereof to obtain first message data, and the first message data is sent to the post server.
S210: and receiving third message data returned by the POSP server based on the first message data. And after receiving the first message data, the POSP server decodes the first message data by using a private key corresponding to the plaintext public key to obtain second message data, encrypts the second message data into third message data by using the Unionpay key, and returns the third message data to the POS terminal.
Steps S202, S204, and S206 are also included before step S208.
S202: and signing in to the POSP server. The POS terminal periodically checks in to the POSP server to periodically update the public key within the POS terminal and the private key stored in the database. Generally, in a unionpay transaction system, a POS terminal signs in to a post server once a day, but certainly, the POS terminal may sign in twice, three times, four times, and the like a day, so that the update frequency of a public key and a private key is increased, and the security of a transaction is improved. Of course, the check-in may be performed once every two days, once every three days, and so on.
S204: and receiving the ciphertext public key issued by the POSP server. And after the POS terminal signs in, the POSP server issues the ciphertext public key to the POS terminal.
S206: and decrypting the ciphertext public key by using the plaintext main key to obtain a plaintext public key. The POS terminal is provided with a master key, and the ciphertext public key is decrypted by using the master key to obtain a plaintext public key.
Fig. 3 is a flowchart of a transaction encryption method according to an exemplary embodiment of the present invention, where the execution subject is a master POS, and specifically, the method includes the following steps.
S302: and receiving the ciphertext master key imported by the POSP server. Specifically, a ciphertext master key, a merchant number, a terminal number and the like imported by the POSP server are received.
S304: and decrypting the ciphertext master key by using the key fob key to obtain a plaintext master key. The key fob key is stored in the key IC card, the key fob initiates a key fob key generation request to the POSP server in advance, and the POSP server calls an encryption machine to generate the key fob key after receiving the key fob key generation request and stores the key fob key in the key IC card. The key card key is used to decrypt the ciphertext master key to generate a plaintext master key.
FIG. 4 is a flowchart illustrating operation of thePOSP system 100 according to an exemplary embodiment of the present invention.POSP system 100 includes POSP server 30, parent POS10, POS terminal 20, and encryption database 40. In the embodiment of the present invention, XXK (yyk) indicates an XXK ciphertext obtained by encrypting an XXK plaintext with YYK, specifically, XXK indicates a key function, and (YYK) indicates an encryption method.
The POSP server 30 is configured to issue a ciphertext master key to the parent POS10, where the ciphertext master key is POSK (ZMK).
Specifically, after registering on the UI interface associated with the POSP server 30 (see S1.1 in fig. 4), a ciphertext master key posk (zmk), a merchant number, a terminal number, and the like are obtained, where the ciphertext master key posk (zmk) is obtained by calling the encryption database 40 for the POSP server 30 (see S1.2 in fig. 4). The POSP then introduces the information of the ciphertext master key POSK (ZMK), the merchant number, the terminal number and the like into the mother POS10 (see S1.3 in FIG. 4), so that the ciphertext master key POSK (ZMK) is stored in the mother POS 10.
The master POS10 decrypts the ciphertext master key POSK (zmk) to obtain the plaintext master key POSK, and transmits the plaintext master key POSK to the POS terminal 20 (see S1.4 in fig. 4). The mother POS10 decrypts the ciphertext master key POSK (zmk) using the key fob key to obtain the plaintext master key POSK. The key fob key is stored in the key fob and can be managed by two persons, for example, the key fob key is 16 bits 32 bytes, each person sets 16 bits separately, and a 16-bit key fob key is generated by combining and or operations.
The POS terminal 20 is configured to sign in to the POS server 30 (see S2.1 in fig. 4), the POS server 30 calls the encryption database 40 to generate a plaintext public key PIK + MAK + TDK after receiving the sign-in (see S2.2 in fig. 4), and encrypts the plaintext public key PIK + MAK + TDK to generate PIK (posk) + MAK (posk) + TDK (posk)), and a corresponding private key PIK (lmk) + MAK (lmk) + TDK (lmk) (see S2.3 in fig. 4), and the POS server 30 sends the ciphertext public key PIK (posk) + MAK (posk) + TDK) (posk) to the POS terminal 20. The POS terminal 20 decrypts the ciphertext public key PIK (POSK) + MAK (POSK) + TDK (POSK) by using the plaintext master key POSK to obtain a plaintext public key PIK + MAK + TDK (see S2.4 in fig. 4), so that the transaction data received thereafter is encrypted by using the plaintext public key PIK + MAK + TDK to obtain first message data (see S3.1 in fig. 4).
It is assumed that the transaction DATA includes PIN DATA, TRACK and traffic cipher DATA PWD, first message DATA1+ DATA (mak), DATA1 XX + PIN (pik) + (TRACK + PWD) (TDK) + YY, where XX and YY identify other unencrypted DATA or other unrepresented encrypted DATA.
The encrypted database 40 stores a ciphertext master key posk (zmk) and a private key PIK (lmk) + MAK (lmk) + TDK (lmk), which corresponds to the public key PIK + MAK + TDK, where TDK may be a random number. After the first message data is transmitted to the POSP server 30 (see S3.2 in fig. 4), the POSP calls a private key pik (lmk) + mak (lmk) + tdk (lmk) in the encryption database 40, wherein the tdk (lmk) is used to decrypt the magnetic track and the service password data, the mak (lmk) is used to verify the verification code of the first message data, and the pik (lmk) is used to decrypt the PIN data, so as to obtain the second message data (see S3.3 and S3.4 in fig. 4). Thereafter, the PIN data is encrypted by zpk (lmk) to obtain and return to the third message data (see S3.5 and S3.6 in fig. 4) and return to the POS terminal 20, and is verified by MAK on the POS terminal 20 (see S3.7 in fig. 4). Wherein ZPK (LMK) is a Unionpay key.
An embodiment of the present invention further provides an apparatus, including: the data verification method comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the computer program realizes the steps of the data verification method when being executed by the processor.
The service management system provided in the embodiment of the present application may further execute the method executed by the apparatus in fig. 1, fig. 2, or fig. 3, and implement the functions of the apparatus in the embodiments shown in fig. 1, fig. 2, or fig. 3, which are not described herein again.
The embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program implements each process of the data calibration method embodiment, and can achieve the same technical effect, and in order to avoid repetition, details are not repeated here. The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the present invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A transaction encryption method, comprising:
receiving first message data of a POS terminal, wherein the first message data is obtained by encrypting transaction data through a public key;
calling a private key corresponding to the public key from a database, and decrypting the first message data by the private key to obtain second message data;
and encrypting the second message data into third message data and returning the third message data to the POS terminal.
2. The transaction encryption method according to claim 1, before the receiving of the first message data of the POS terminal, the first message data being encrypted by a public key, further comprising:
and receiving the check-in of the POS terminal, issuing a ciphertext public key to the POS terminal, and storing a corresponding private key in a database.
3. The transaction encryption method of claim 2, further comprising, prior to the receiving the check-in of the POS terminal:
receiving a master key generation request and generating a cipher text master key;
and the ciphertext master key is decrypted by the mother POS to obtain a plaintext master key and is issued to the POS terminal.
4. The encrypted transaction method according to claim 1, wherein the public key includes a PIK key, a TDK key, and a MAK key; the PIK key is used for encrypting PIN data in transaction data, the TDK key is a random number, track information in the transaction data is encrypted by using the random number, and the MAK key is used for generating a verification code corresponding to the first message data.
5. A transaction encryption method, comprising:
sending first message data to a POSP server, wherein the first message data is obtained by encrypting transaction data through a public key;
and receiving third message data returned by the POSP based on the first message data.
6. The transaction encryption method according to claim 5, further comprising, before said sending the first message data to the POSP server:
signing in to the POSP server;
receiving a ciphertext public key issued by the POSP server;
and decrypting the ciphertext public key by using the plaintext main key to obtain a plaintext public key.
7. A transaction encryption method, comprising:
receiving a ciphertext master key imported by the POSP server;
and decrypting the ciphertext master key by using the key fob key to obtain a plaintext master key.
8. A POSP system is characterized by comprising a POSP server, a mother POS terminal, a POS terminal and an encryption database;
the POSP server is used for issuing a ciphertext master key to the master POS;
the mother POS decrypts the ciphertext master key to obtain a plaintext master key and transmits the plaintext master key to the POS terminal;
the POS terminal is used for signing in to the POSP server, receiving a ciphertext public key returned by the POSP server, decrypting the ciphertext public key by using the plaintext main key to obtain a plaintext public key, and encrypting received transaction data by using the plaintext public key to obtain first message data;
the encrypted database stores a cipher text master key and a private key corresponding to the public key.
9. An apparatus, comprising: memory, processor and computer program stored on the memory and executable on the processor, which computer program, when executed by the processor, carries out the steps of the method according to any one of claims 1 to 7.
10. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910885070.2ACN112532567A (en) | 2019-09-19 | 2019-09-19 | Transaction encryption method and POSP system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910885070.2ACN112532567A (en) | 2019-09-19 | 2019-09-19 | Transaction encryption method and POSP system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112532567Atrue CN112532567A (en) | 2021-03-19 |
Family
ID=74975331
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910885070.2APendingCN112532567A (en) | 2019-09-19 | 2019-09-19 | Transaction encryption method and POSP system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112532567A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113343281A (en)* | 2021-07-09 | 2021-09-03 | 广东电网有限责任公司 | OTP encryption as a service cloud computing method and system oriented to data transaction |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101593389A (en)* | 2009-07-01 | 2009-12-02 | 中国建设银行股份有限公司 | A kind of key management method and system that is used for the POS terminal |
| CN101930644A (en)* | 2009-06-25 | 2010-12-29 | 中国银联股份有限公司 | A method and system for securely and automatically downloading a master key in a bank card payment system |
| CN101964793A (en)* | 2010-10-08 | 2011-02-02 | 上海银联电子支付服务有限公司 | Method and system for transmitting data between terminal and server and sign-in and payment method |
| CN102332981A (en)* | 2011-10-12 | 2012-01-25 | 深圳市沃达通实业有限公司 | Three-layer key encryption method and bank transaction system |
| CN103237005A (en)* | 2013-03-15 | 2013-08-07 | 福建联迪商用设备有限公司 | Method and system for key management |
| CN103701609A (en)* | 2013-03-15 | 2014-04-02 | 福建联迪商用设备有限公司 | Bidirectional authentication method and system for server and operating terminal |
| CN103729946A (en)* | 2013-03-15 | 2014-04-16 | 福建联迪商用设备有限公司 | Key downloading method, key managing method and downloading managing method, device and system |
| US20140344162A1 (en)* | 2013-04-15 | 2014-11-20 | Banque Accord | Method and system for enhancing the security of electronic transactions |
| US20160241523A1 (en)* | 2015-02-12 | 2016-08-18 | Samsung Electronics Co., Ltd. | Secure message transmission apparatus and processing method thereof |
| CN105978856A (en)* | 2016-04-18 | 2016-09-28 | 随行付支付有限公司 | POS (point of sale) machine key downloading method, device and system |
| CN106097608A (en)* | 2016-06-06 | 2016-11-09 | 福建联迪商用设备有限公司 | Remote key download method and system, acquirer and target POS terminal |
| CN107070653A (en)* | 2017-05-05 | 2017-08-18 | 长沙卡友信息服务股份有限公司 | A kind of POS transaction encryptions system, method, POSP front servers and POS terminal |
| CN109547208A (en)* | 2018-11-16 | 2019-03-29 | 交通银行股份有限公司 | Electronic Finance equipment master key online distribution method and system |
- 2019
- 2019-09-19CNCN201910885070.2Apatent/CN112532567A/enactivePending
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101930644A (en)* | 2009-06-25 | 2010-12-29 | 中国银联股份有限公司 | A method and system for securely and automatically downloading a master key in a bank card payment system |
| CN101593389A (en)* | 2009-07-01 | 2009-12-02 | 中国建设银行股份有限公司 | A kind of key management method and system that is used for the POS terminal |
| CN101964793A (en)* | 2010-10-08 | 2011-02-02 | 上海银联电子支付服务有限公司 | Method and system for transmitting data between terminal and server and sign-in and payment method |
| CN102332981A (en)* | 2011-10-12 | 2012-01-25 | 深圳市沃达通实业有限公司 | Three-layer key encryption method and bank transaction system |
| US20160028539A1 (en)* | 2013-03-13 | 2016-01-28 | Fujian Landi Commercial Equipment Co., Ltd. | Key management method and system |
| CN103729946A (en)* | 2013-03-15 | 2014-04-16 | 福建联迪商用设备有限公司 | Key downloading method, key managing method and downloading managing method, device and system |
| CN103714635A (en)* | 2013-03-15 | 2014-04-09 | 福建联迪商用设备有限公司 | POS terminal and terminal master key downloading mode configuration method thereof |
| CN103714634A (en)* | 2013-03-15 | 2014-04-09 | 福建联迪商用设备有限公司 | Method and system for safely downloading terminal master key |
| CN103701609A (en)* | 2013-03-15 | 2014-04-02 | 福建联迪商用设备有限公司 | Bidirectional authentication method and system for server and operating terminal |
| CN103237005A (en)* | 2013-03-15 | 2013-08-07 | 福建联迪商用设备有限公司 | Method and system for key management |
| US20140344162A1 (en)* | 2013-04-15 | 2014-11-20 | Banque Accord | Method and system for enhancing the security of electronic transactions |
| US20160241523A1 (en)* | 2015-02-12 | 2016-08-18 | Samsung Electronics Co., Ltd. | Secure message transmission apparatus and processing method thereof |
| CN105978856A (en)* | 2016-04-18 | 2016-09-28 | 随行付支付有限公司 | POS (point of sale) machine key downloading method, device and system |
| CN106097608A (en)* | 2016-06-06 | 2016-11-09 | 福建联迪商用设备有限公司 | Remote key download method and system, acquirer and target POS terminal |
| CN107070653A (en)* | 2017-05-05 | 2017-08-18 | 长沙卡友信息服务股份有限公司 | A kind of POS transaction encryptions system, method, POSP front servers and POS terminal |
| CN109547208A (en)* | 2018-11-16 | 2019-03-29 | 交通银行股份有限公司 | Electronic Finance equipment master key online distribution method and system |
Non-Patent Citations (1)
| Title |
|---|
| 程序员七哥: "POS秘钥", 《HTTPS://BLOG.CSDN.NET/ZXW136511485/ARTICLE/DETAILS/72763302?LOCATIONNUM=11&FPS=1》* |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113343281A (en)* | 2021-07-09 | 2021-09-03 | 广东电网有限责任公司 | OTP encryption as a service cloud computing method and system oriented to data transaction |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11394561B2 (en) | Digital transaction signing for multiple client devices using secured encrypted private keys | |
| EP3742696B1 (en) | Identity management method, equipment, communication network, and storage medium | |
| US20210367795A1 (en) | Identity-Linked Authentication Through A User Certificate System | |
| US11930103B2 (en) | Method, user device, management device, storage medium and computer program product for key management | |
| US8495383B2 (en) | Method for the secure storing of program state data in an electronic device | |
| US20210028931A1 (en) | Secure distributed key management system | |
| KR101985179B1 (en) | Blockchain based id as a service | |
| US12400027B2 (en) | Common data determining methods, apparatuses, and systems for protecting privacy | |
| CN111431713A (en) | Private key storage method and device and related equipment | |
| CN112766962A (en) | Method for receiving and sending certificate, transaction system, storage medium and electronic device | |
| GB2470281A (en) | Purchase transaction system with encrypted transaction information | |
| CN111901335B (en) | Block chain data transmission management method and system based on middle station | |
| EP4009212A1 (en) | Consent management | |
| CN110401531B (en) | Cooperative signature and decryption system based on SM9 algorithm | |
| CN110602075A (en) | File stream processing method, device and system for encryption access control | |
| KR100848966B1 (en) | Public key based wireless short message security and authentication method | |
| TW200806002A (en) | Message authentication system and message authentication method | |
| CN112532567A (en) | Transaction encryption method and POSP system | |
| CN112929169A (en) | Key negotiation method and system | |
| Kisore et al. | A secure SMS protocol for implementing digital cash system | |
| KR102053993B1 (en) | Method for Authenticating by using Certificate | |
| CN114554485B (en) | Asynchronous session key negotiation and application method, system, electronic equipment and medium | |
| CN116663024A (en) | Block chain-based transaction method, electronic equipment and storage medium | |
| CN115694800A (en) | Data processing method, device, server and storage medium | |
| CN115080986A (en) | Data encryption method, data encryption device, data decryption method, data decryption device and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | Application publication date:20210319 | |
| RJ01 | Rejection of invention patent application after publication |