[go: up one dir, main page]

WO2018166163A1 - Procédé de commande de terminal pos, terminal pos, serveur et support d'informations - Google Patents

Procédé de commande de terminal pos, terminal pos, serveur et support d'informations Download PDF

Info

Publication number
WO2018166163A1
WO2018166163A1 PCT/CN2017/102383 CN2017102383W WO2018166163A1 WO 2018166163 A1 WO2018166163 A1 WO 2018166163A1 CN 2017102383 W CN2017102383 W CN 2017102383W WO 2018166163 A1 WO2018166163 A1 WO 2018166163A1
Authority
WO
WIPO (PCT)
Prior art keywords
authorization
feature information
information
feature
tool
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2017/102383
Other languages
English (en)
Chinese (zh)
Inventor
李坚强
刘绍海
蓝万强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wonder Pax Technology (shenzhen) Co Ltd
Original Assignee
Wonder Pax Technology (shenzhen) Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wonder Pax Technology (shenzhen) Co Ltd filed Critical Wonder Pax Technology (shenzhen) Co Ltd
Publication of WO2018166163A1 publication Critical patent/WO2018166163A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/209Monitoring, auditing or diagnose of functioning of ATMs

Definitions

  • the present invention relates to the field of network communications, and in particular, to a POS terminal control method, a POS terminal, a server, and a storage medium.
  • POS terminal point of sale
  • usage groups such as production line personnel, maintenance personnel, application developers, product developers, banks and third-party payment institutions, merchants, etc.
  • the group has different usage scenarios and different requirements for the behavior characteristics of the terminal.
  • the POS terminal control method, POS terminal, server and storage medium disclosed in the present application solve one or more problems involved in the background art.
  • a POS terminal control method includes:
  • a POS terminal control method includes:
  • the first feature information and the authorization data are sent to an authorization machine for encryption
  • a POS terminal includes a memory and a processor, wherein the memory stores instructions that, when executed by the processor, cause the processor to perform the following steps:
  • the authorization success result is sent to the authorization tool
  • a server includes a memory and a processor, the memory storing instructions that, when executed by the processor, cause the processor to perform the following steps:
  • the first feature information and the authorization data are sent to an authorization machine for encryption
  • a computer readable storage medium having stored thereon a computer program that, when executed by a processor, implements the following steps:
  • the authorization success result is sent to the authorization tool
  • the POS terminal control method, the POS terminal, the server, and the storage medium the POS terminal may generate the first feature information according to the instruction of the requesting feature information of the authorization tool, so that each time the state of the POS terminal is to be switched, the POS terminal generates a new one.
  • the first feature information so that even if the first feature information is illegally acquired at a certain authorization, the state of the POS terminal cannot be switched according to the first feature information, thereby ensuring the security of the POS terminal, and further,
  • the POS terminal is authorized by a unified authorization machine instead of being authorized locally at the POS terminal, which improves the security of the POS terminal.
  • the authorization information is encrypted by the authorization machine.
  • the second feature information and the first feature information are used to determine that the authorization information is for the POS terminal, thereby further ensuring the POS terminal.
  • Security security for state switching of POS terminals Sex provides effective protection.
  • FIG. 1 is an application scenario diagram of a POS terminal control method in an embodiment
  • FIG. 2 is an internal structural diagram of a POS terminal in an embodiment
  • FIG. 3 is an internal structural diagram of an authorization server in an embodiment
  • FIG. 4 is a flowchart of a method for controlling a POS terminal in an embodiment
  • FIG. 5 is a timing diagram of a method for controlling a POS terminal in an embodiment
  • FIG. 6 is a state transition diagram of a POS terminal in the embodiment shown in FIG. 1;
  • Figure 7 is a flow chart of the verification step in an embodiment
  • FIG. 8 is a flowchart of a method for controlling a POS terminal in another embodiment
  • FIG. 9 is a structural block diagram of a POS terminal in an embodiment
  • Figure 10 is a structural block diagram of an authorization server in an embodiment.
  • FIG. 1 is an application scenario diagram of a method for controlling a POS terminal in an embodiment.
  • a plurality of POS terminals, a plurality of authorization tools, an authorization server, and an authorization machine are included.
  • the POS terminal can communicate with the authorization tool through a serial port or a USB (Universal Serial Bus), and the authorization tool can communicate with the authorization server through the wireless network, and the authorization server communicates with the authorization machine.
  • USB Universal Serial Bus
  • the POS terminal can also control the characteristics in each state to ensure the security of the data related to the authorization.
  • the POS terminal pre-stores the private key corresponding to the authorized machine.
  • a public key that forms a pair of RSA (Asymmetric Encryption Algorithm) keys with the private key.
  • the authorization tool is a human-computer interaction tool for the user to perform the authorization operation.
  • the authorization tool can be a terminal such as a computer or a mobile phone.
  • the authorization tool can use http (HyperText Transfer Protocol) or https protocol (Hypertext Transfer Protocol over Secure).
  • http HyperText Transfer Protocol
  • https Hypertext Transfer Protocol over Secure
  • the Socket Layer a hypertext transfer protocol for security purposes, communicates with the authorization server and, on the other hand, interacts with the POS terminal via a serial or USB cable.
  • the authorization server is configured to manage the permissions of various types of POS terminals and users who use the authorization tool, receive the authorization request submitted by the authorization tool, and interact with the authorization machine to obtain the authorization information, and then return to the authorization tool and the POS terminal, which may have the following Functions: user management, login management, rights management (the authorization type available to the user in the background, the foreground only shows the available authorization type), external interface management, processing POST request (authorization request), and interaction with the authorized machine.
  • Functions user management, login management, rights management (the authorization type available to the user in the background, the foreground only shows the available authorization type), external interface management, processing POST request (authorization request), and interaction with the authorized machine.
  • Authorization machine used to store the authorized private key, connected to the authorization server, responsible for data encryption, The authorization machine is not connected to the network, so that the physical key in the authorization machine can be ensured that the private key in the authorization machine is not tampered by not being connected to the physical security, thereby ensuring the security of the entire system.
  • the POS terminal may receive an instruction for requesting the feature information sent by the authorization tool, and then generate the first feature information according to the instruction, and return the generated first feature information to the authorization tool.
  • the authorization tool sends the first feature information to the authorization server through the network connection, and the authorization server first checks the first feature information, and when the verification succeeds, sends the first feature information and the authorization data to the authorization machine.
  • the authorization machine may generate the authorization information according to the first feature information and the authorization data, and the authorization machine returns the generated authorization information to the authorization server for storage, and then the authorization server sends the authorization information to the authorization tool through the network, and the authorization tool will The authorization information is returned to the POS terminal, and the POS terminal checks the authorization information.
  • the second feature information in the authorization information is extracted, only when the first feature information and the second feature information are the same.
  • the POS terminal saves the authorization information and returns the authorization to the authorization tool. Fruit, so that the tool may send the authorization state switching instruction to the POS terminal, the POS terminal which can switch the current switching state based on the state.
  • a POS terminal is also provided, the POS terminal including a processor, a storage medium, a memory, and an interface connected through a system bus.
  • An operating system is stored in the storage medium, and computer executable instructions are also stored.
  • a POS terminal control method can be implemented.
  • the interface can be a USB interface or a string, and is used to communicate with an authorization tool through a serial port or a USB, thereby implementing communication with the outside world, and controlling state switching of the POS terminal.
  • the processor is used to improve the calculation and control capabilities, and supports the operation of the entire POS terminal, including the normal operation of the normal use function of the POS terminal and the normal operation of the debugging function of the POS terminal.
  • Memory is used to provide an environment for the operation of the POS terminal control program in the storage medium.
  • a computer readable storage medium having stored thereon a computer program, such as the non-volatile storage medium shown in FIG. 2, wherein the program is implemented by a processor to implement a POS Terminal control method.
  • an authorization server is also provided, the authorization server.
  • An operating system is stored in the storage medium, and computer executable instructions can also be stored.
  • a POS terminal control method can be implemented.
  • the processor is used to increase computing and control capabilities to support the operation of the entire portable electronic device.
  • the memory is used to provide an environment for the operation of the POS terminal control device in the storage medium for network communication with the authorization tool.
  • the USB interface or serial port is used to communicate with the authorized machine.
  • a computer readable storage medium having stored thereon a computer program, such as the non-volatile storage medium shown in FIG. 3, wherein the program is implemented by a processor to implement a POS Terminal control method.
  • FIG. 4 is a flowchart of a method for controlling a POS terminal according to an embodiment. This embodiment is applied to the POS terminal in FIG. 1 to illustrate.
  • the POS terminal runs a POS terminal control program, and the POS terminal control method is used to implement the real-time POS terminal control method.
  • the POS terminal control method may include:
  • S202 Receive an instruction for requesting feature information sent by an authorization tool.
  • the feature information refers to information that can uniquely determine the POS terminal, for example, it may include a serial number when the POS terminal is shipped, and the like.
  • the POS terminal when the current state of the POS terminal needs to be switched, the POS terminal must be authorized.
  • an authorization tool is introduced, and the user can operate the authorization tool to implement authorization for the POS terminal, so as to change the current state of the POS terminal.
  • the authorization tool can communicate with the POS terminal through the serial port or USB. When the communication path is established, the authorization tool can also be used.
  • the handshake message is sent to the POS terminal. After the POS terminal returns a response handshake message to the authorization tool, the communication channel between the authorization tool and the POS terminal is established.
  • S204 Generate first feature information according to the instruction.
  • the POS terminal when the POS terminal needs to switch the current state, the POS terminal needs to obtain the authorization of the authorized machine. Therefore, in order to distinguish the POS terminals, the first feature information that can uniquely represent the operation of the switching state of the POS terminal needs to be sent to the authorization machine. . For this reason, whenever the POS terminal needs to switch When the authorization tool requests the first feature information from the POS terminal, the POS terminal generates first feature information that can uniquely represent the operation of the switching state of the POS terminal.
  • the illegal component Since the unique first feature information is generated before each POS terminal switching state in this step, even if the first feature information is acquired by the illegal component, the illegal component wants to switch the current POS terminal again through the first feature information. In the state, when the state switching is performed again, the POS terminal generates new first feature information, which is different from the first feature information that is illegally acquired. Therefore, the illegal component cannot complete the state switching of the POS terminal, thereby Ensure the security of the POS terminal.
  • the POS terminal may respond to the instruction of the authorization tool for requesting the feature information, and return the newly generated first feature information to the authorization tool.
  • S208 Receive authorization information returned by the authorization device according to the first feature information returned by the authorization tool.
  • the authorization tool after receiving the first feature information, sends the first feature information to the authorization server, and the authorization server sends the authorization data and the first feature information to the authorization data according to the first feature information.
  • the authorization machine encrypts the authorization data and the first feature information to form authorization information, and returns the authorization information to the POS terminal through the authorization server and the authorization tool.
  • the POS terminal After receiving the authorization information, the POS terminal first needs to check the authorization information to ensure that the authorization information has not been tampered with during the transmission process, and secondly, it is determined that the authorization information is for the POS terminal, so in order to determine the The authorization information is for the POS terminal, and since the feature information can uniquely represent the operation of the handover state of the POS terminal, the second characteristic information in the authorization information formed by the authorization machine is extracted here.
  • the POS terminal determines whether the authorization information is available by comparing whether the second feature information is the same as the first feature information. When the second feature information is the same as the first feature information, the authorization information is saved, and the authorization is successful. The results are sent to the authorization tool so that the user can operate Authorization tool to switch the current state of the POS terminal.
  • S214 Receive a state switching instruction of the authorization tool, and switch the current state according to the state switching instruction.
  • the POS terminal may generate the first feature information according to the instruction of the requesting feature information of the authorization tool, so that each time the state of the POS terminal is to be switched, the POS terminal generates new first feature information, so that even When the authorization is performed, the first feature information is illegally acquired, and the POS terminal cannot be switched according to the first feature information, thereby ensuring the security of the POS terminal, and further, the unified authorization machine is used for the POS terminal.
  • Authorization rather than local authorization at the POS terminal, improves the security of the POS terminal.
  • the authorization information is encrypted by the authorization machine.
  • the second feature information and the first feature information are used to determine that the authorization information is for the POS terminal, thereby further ensuring the POS terminal.
  • the security provides an effective guarantee for the security of the state switching of the POS terminal.
  • the step S204 shown in FIG. 4, that is, the step of generating the first feature information according to the instruction may include: generating a random number according to the instruction, and generating the feature information according to the random number and the stored permission feature code.
  • the method may include: determining whether the random number in the second feature information is the same as the random number in the first feature information; When the random number in the second feature information is the same as the random number in the first feature information, it is further determined whether the rights feature code in the second feature is the same as the rights feature code in the first feature information; When the feature code is the same as the authority feature code in the first feature information, returning the same result of the second feature information and the first feature information; when the random number in the second feature information is different from the random number in the first feature information Meanwhile, when the authority feature code in the second feature is different from the rights feature code in the first feature information, the result that the second feature information is different from the first feature information is returned.
  • FIG. 5 is a timing diagram of a method for controlling a POS terminal in an embodiment.
  • the user enters the login account and password through the authorization interface provided by the authorization tool.
  • the authorization tool obtains the login account and password entered and sends it to the authorization server.
  • the authorization server determines that the login account and password are correct, it returns the login to the authorization tool. Successful information.
  • the authorization tool will send the information requesting the verification code ticket to the authorization server again.
  • the authorization server will generate a verification code based on the information and return it to the authorization tool. For example, it can return to the authorization tool corresponding to the authorization tool through the mailbox.
  • the mailbox so that the user can obtain the verification code, or the authorization tool obtains the verification code directly by logging in to the encrypted mailbox for subsequent use.
  • the authorization tool can display the permissions of the login account, etc., to prompt the user for the operation.
  • the POS terminal is powered on, and the authorization tool is connected to the POS terminal through a USB or a serial port to establish a communication channel.
  • a communication channel can be established through a handshake mechanism.
  • the authorization tool can send a handshake message to the POS terminal.
  • the format is as follows:
  • the POS terminal may return corresponding response information, and the format of the packet is as follows:
  • the authorization tool After the communication channel between the authorization tool and the POS terminal is successfully established, the authorization tool requests the POS terminal for the feature information.
  • the following packet format can be used:
  • the POS terminal generates a feature information according to the request, for example, to ensure the feature letter.
  • the POS terminal stores a privilege signature that can uniquely characterize the POS terminal, preferably a serial number, etc., and secondly, in order to uniquely characterize the operation of the POS terminal in the handover state,
  • the random number generating device is set to generate a random number whenever the POS terminal needs to switch states, so that the random number and the rights feature code can uniquely represent the operation of the POS terminal in the switching state.
  • the feature information can be seen in Table 1:
  • the feature information is generated by the POS terminal, the feature information is returned to the authorization tool.
  • the following message may be used:
  • the authorization tool sends the feature information and the verification code mentioned above to the authorization server, and the authorization server may Identifying, by the feature information, an operation of the switching state of the POS terminal, and determining, by the feature code, whether the feature information is tampered with during transmission, or determining whether the authorization tool is an authenticated security authorization tool, wherein
  • the authorization machine After receiving the feature information and the authorization data, the authorization machine encrypts the feature information and the authorization data by using the stored private key to form authorization information, and returns the authorization information to the authorization server, and the authorization server stores the authorization. After the information is returned to the authorization tool, the authorization tool returns the authorization information to the POS terminal.
  • the following message format can be adopted:
  • the authorization data may include information such as an authorization type and a security level. Specifically, the authorization information may be as shown in Table 2:
  • the authorization machine refers to a POS terminal loaded with an authorized private key (RSA private key), and provides an encryption signature service to the authorization server.
  • the authorization machine itself can be considered as a terminal that has passed the latest security standard certification of PCI (Peripheral Component Interconnect), which can ensure that the key is not obtained; the authorized machine and the authorization server are placed together in the security-certified security room.
  • PCI Peripheral Component Interconnect
  • the physical security is ensured; at the same time, the authorization machine and the authorization server do not provide network services to the outside, and only connect to the authorization server through the SUB cable, and the entity outside the security room cannot access the authorized machine.
  • the POS terminal After receiving the authorization information, the POS terminal first verifies the legality of the authorization information, that is, the authorization information is not tampered with during the transmission process, and secondly, it is determined that the authorization information is for the POS terminal,
  • the process may be implemented by using the characteristic information, for example, the feature information in the authorization information may be extracted, and the authorization is determined by determining whether the random number and the rights feature code in the feature information are the same as the stored random number and the rights feature code in the POS terminal. Whether the information is available, when the random number If at least one of the privilege signatures is not the same as the cryptographic number and the privilege signature stored in the POS terminal, the authorization is considered to be unsuccessful. Otherwise, the authorization is considered successful.
  • the POS terminal saves the authorization information and returns an authorization result to the authorization tool, so that the authorization tool can present the authorization result to the user, and switch the POS by sending an instruction to switch the state to the POS terminal.
  • the current state of the terminal The current state of the terminal.
  • FIG. 6 is a state transition diagram of the POS terminal in the embodiment shown in FIG. 1.
  • the POS terminal includes seven states:
  • the application including the factory test program
  • the application can only be run with the vendor firmware level signature, ensuring that any non-vendor-authorized application will not run in this production state.
  • the signature of the OS can be verified.
  • the program for the vendor root key signature can be run.
  • L1 This state is the default factory state, and the terminal has the same characteristics as the traditional terminal feature.
  • Terminal characteristics The terminal in the L0 state enters the L1 state through an authorization operation. The L1 state cannot be rolled back to the L0 state. The safety switch is turned on and the attacked POS terminal will be triggered. The trigger status is released by entering a fixed password. Changing the serial number requires authorization.
  • the terminal can be set to debug state by authorization. The terminal triggers and the trigger information can be displayed on the screen. After the terminal triggers the repair, the status value is not affected.
  • the program for the vendor root key signature can be run.
  • L2 This state is the highest level device state currently defined.
  • Terminal characteristics The terminal in the L2 state can be rolled back to the L1 state by restoring the factory state, and the number of SN (serial number) writes is cleared. The terminal is triggered. After the repair, authorization is required to release the trigger status. Changing the serial number requires authorization. The terminal can be set to debug state by authorization. The terminal triggers and the trigger information can be displayed on the screen. After the terminal triggers the repair, the status value is not affected. The program for the vendor root key signature can be run.
  • Terminal characteristics It is related only to whether the client public key is included, and whether the terminal is in the L0 state, the L1 state, and the L2 state.
  • the security switch is in the open state.
  • the attacked POS terminal will be triggered. After the trigger, the authorized machine needs to clear the trigger. After the clearing, it will remain in the locked state. Machines in any state can enter the locked state.
  • the application signature is verified using the customer's public key.
  • the program for the vendor root key signature can be run.
  • Application Debugging Status This state is mainly provided to application developers to meet the needs of scenarios that require frequent application and terminal debugging.
  • Terminal characteristics Only machines that are in the factory state are allowed to enter this state. The safety switch is in the open state, and the attacked machine will be triggered. After the clearing, the application debugging state is lost, and the re-authorization is required to enter the application debugging state. Does not verify the application signature, can be used for application development debugging. It is allowed to download the customer's public key to the machine. Once the customer's public key is downloaded, the application debug state is automatically revoked and the locked state is entered.
  • Firmware Debug Status This status is mainly provided to the firmware developer to meet the needs of the scenario where the firmware is sent to the terminal for debugging.
  • Terminal characteristics Only machines that are in the factory state are allowed to enter this state. The safety switch is turned on, and the attacked machine will be triggered. After the firmware is cleared, the firmware debug status is lost. Re-authorization is required to enter the firmware debug state. Firmware signatures other than boot are not verified and can be used for firmware development and debugging. It is allowed to download the customer's public key to the machine, and once the downloaded customer's public key is automatically entered into the locked state (the debugging state is no longer available).
  • Trigger state refers to the need for the device to receive an attack or maintenance, the security circuit of the terminal acts, and the sensitive data such as the key of the terminal is automatically deleted.
  • Terminal characteristics The sensitive information inside the terminal is automatically deleted. The screen prompts trigger information. All applications will not run. The firmware or program signed by the vendor root key can be run to facilitate running the diagnostics to diagnose problems. A password (L1 before trigger) or an authorization (L2 before trigger) is required to release the trigger. The terminal cannot be used normally until the trigger status is released.
  • OTP One Time Programmable, which is a type of memory of the MCU, meaning one-time programmable: after the program is burned into the IC, it cannot be changed again
  • the initial value of the area data is 0x00, which can only be written from 0 to 1, not from 1 When it is 0, the power-down data will not disappear.
  • BBRAM Battery Backup Random Access Memory, specifically to the POS terminal, is an area protected by the trigger circuit. Once the terminal is attacked, the content of the area will be automatically erased, so it is often used to store sensitive data such as transaction keys. Similar to SDRAM, the data can be arbitrarily rewritten, powered by battery, and the data will be cleared after the POS terminal triggers.
  • the OTP area is accessible only by the terminal firmware, and no one can read, write or rewrite by any means. Therefore, sufficient safety can be ensured.
  • the POS terminal After the POS terminal sends the first feature information to the authorization tool, it waits cyclically to receive the authorization information. If the authorization information is received, and the authorization information is valid, the authorization is executed, and the operating system is started. If the waiting timeout occurs, Start the operating system directly, and if the authorization information is invalid, continue to cycle to receive the authorization information.
  • the POS terminal is first characterized by a privilege signature that can be uniquely characterized by the POS terminal stored in the POS terminal, and the POS terminal is uniquely characterized by the generation of a random number.
  • the random number and the privilege signature can uniquely represent the operation of the POS terminal in the switching state, so that the feature information is timed to be obtained by the illegal component. Since the feature information of the POS terminal switching state operation is different, the illegal component cannot be POS.
  • the terminal performs state switching to ensure the security of the POS terminal.
  • FIG. 7 is a flowchart of a verification step in an embodiment. After the step S208 in the embodiment shown in FIG. 4, the verification device returns an authorization machine to generate according to the first feature information. After the steps of the authorization information, it may also include:
  • S502 Separate the authorization information to obtain the original text and the digital signature.
  • the authorization device encrypts the first feature information and the authorization data, and the first feature information is used for convenience of description.
  • the authorization data is called the original text
  • the RSA key of the encryption process uses a 2048 bit key
  • the authorization machine first performs a one-way hash (HSAH) operation on the original text to obtain the message digest A, and then the message is stored through the stored private key.
  • the abstract A is signed to obtain the digital signature A, and the digital signature A and the original text are sequentially sent as authorization information to the authorization server, the authorization tool, and the POS terminal. Therefore, after obtaining the authorization information, the POS terminal first needs to separate the authorization information to obtain a digital signature and an original text.
  • S504 Decrypt the digital signature by authorizing the public key to obtain the first digest.
  • the digital signature Since the public key corresponding to the private key is stored in the POS terminal, after the digital signature is obtained, the digital signature is decrypted by the authorized public key to obtain a corresponding first digest.
  • S506 Perform a one-way hash operation on the original text to obtain a second abstract.
  • FIG. 8 is a flowchart of a method for controlling a POS terminal in another embodiment.
  • the method is applied to the authorization server shown in FIG. 1.
  • the method may include:
  • S602 Receive first feature information that is sent by the authorization tool and is obtained from the POS terminal.
  • the authorization tool when the authorization tool needs to switch the state of the POS terminal, the first feature information is first applied to the POS terminal, and the first feature information is sent to the authorization server.
  • the authorization server After receiving the first feature information, the authorization server first checks the first feature information to ensure the validity of the first feature information. For example, it may be verified whether the sequence number in the first feature information is The serial number of the POS terminal managed by the authorization server, if yes, the continuation check whether the random number is the same as the random number in the first feature information sent by the POS terminal last time Etc. to ensure the legitimacy of the first feature information.
  • the authorization server may authorize the corresponding POS terminal, for example, may form an authorization type, a security level, etc., and send the authorization data together with the first feature information to the authorization machine for encryption. Processing, so as to ensure that the authorization information is not tampered with during transmission.
  • S608 Receive authorization information formed by encrypting the first feature information and the authorization data returned by the authorization machine.
  • the authorized machine In order to protect the legality of the authorized private key in the authorized machine, the authorized machine is generally set to be unable to be networked, so that the authorized private key in the authorized machine will not be tampered with, but in this way, the authorized machine cannot directly send the authorization information to the POS.
  • the terminal therefore, the authorization opportunity first sends the authorization information to the authorization server to which it is physically connected, and the authorization server transmits the authorization information to the POS terminal.
  • S610 Send the authorization information to the POS terminal by using an authorization tool, so that the POS terminal performs state switching.
  • the authorization machine is set to an unnetworked state, so that the validity of the authorized private key can be ensured.
  • the authorization data and the first feature information are encrypted by the authorization machine, thereby ensuring that the authorization information is not available during the transmission process. ⁇ modified.
  • the method may further include: sending a verification code to the authorization tool after the account of the authorization tool is successfully logged in. This process is to provide a two-tiered warranty to ensure the legitimacy of the authorization tool.
  • the authorization tool when the authorization tool sends the first feature information acquired from the POS terminal to the authorization server, the authorization tool simultaneously sends the verification method to the authorization server, so that the method further includes receiving the verification code sent by the authorization tool.
  • the step S604, before the step of verifying the feature information may further include: comparing the verification code with the saved verification code; and when the verification code is equal to the saved verification code, verifying the feature information; When the verification code is not equal to the saved verification code, the authorization is sent to the authorization tool. Failure information.
  • the authorization server first compares the verification code with the stored verification code after receiving the first feature information and the verification code. When it is equal, the authorization tool is considered to be legal. Otherwise, the authorization tool is considered to be illegal, so that the authorization operation is not performed.
  • the legality of the authorization tool is verified by the login account and the password, but also the legality of the authorization tool is verified again by a verification code, so that even if the login account and the password are tampered with, the illegal elements are in another non- When the login is performed on the authorized tool, the corresponding verification code cannot be obtained, thereby preventing the POS terminal from being illegally falsified, and the security of the POS terminal is further improved by the double-layer guarantee mechanism of the login account and the verification code.
  • steps in the flowcharts of FIGS. 4, 7, and 8 above are displayed once in accordance with the indication of the arrows, these steps are not necessarily performed once in the order indicated by the arrows. Except as explicitly stated herein, the execution of these steps is not strictly limited, and may be performed in other sequences. Moreover, at least some of the steps in FIG. 4, FIG. 7, and FIG. 8 may include a plurality of sub-steps or stages, which are not necessarily performed at the same time, but may be executed at different times. The order of execution is not necessarily performed sequentially, but may be performed alternately or alternately with at least a portion of the sub-steps or stages of other steps or other steps.
  • a POS terminal is further provided.
  • the internal structure of the POS terminal may correspond to the structure shown in FIG. 2.
  • Each of the following modules may be partially or partially implemented by software, hardware or The combination is implemented.
  • the POS terminal includes:
  • the first receiving module 101 is configured to receive an instruction for requesting feature information sent by the authorization tool, receive the authorization information returned by the authorization device according to the first feature information, and receive a state switching instruction of the authorization tool.
  • the feature information generating module 102 is configured to generate first feature information according to the instruction.
  • the extracting module 103 is configured to extract second feature information in the authorization information when the authorization information verification is successful.
  • the first sending module 104 is configured to return the first feature information to the authorization tool, and in the second special When the sign information is the same as the first feature information, the authorization information is saved, and the authorization success result is sent to the authorization tool.
  • the state switching module 105 is configured to switch the current state according to the state switching instruction.
  • the feature information generating module 102 includes: a random number generating unit configured to generate a random number according to the instruction.
  • the feature information generating unit is configured to generate feature information according to the random number and the stored rights feature code.
  • the device may further include: a determining module, configured to determine whether the random number in the second feature information is the same as the random number in the first feature information; and when the random number in the second feature information is random with the first feature information When the numbers are the same, proceed to determine whether the rights feature code in the second feature is the same as the rights feature code in the first feature information; when the rights feature code in the second feature is the same as the rights feature code in the first feature information, Returning the same result of the second feature information and the first feature information; when the random number in the second feature information is different from the random number in the first feature information, or when the rights feature code in the second feature is the first When the authority feature codes in the feature information are different, the result that the second feature information is different from the first feature information is returned.
  • a determining module configured to determine whether the random number in the second feature information is the same as the random number in the first feature information; and when the random number in the second feature information is random with the first feature information When the numbers are the same, proceed to determine whether the rights feature code in
  • the apparatus may further comprise: a separation module for separating the authorization information to obtain the original text and the digital signature. And a decryption module, configured to decrypt the digital signature by authorizing the public key to obtain the first digest.
  • a hash operation module is configured to perform a one-way hash operation on the original text to obtain a second abstract.
  • the first sending module 104 is further configured to: when the first digest and the second digest are equal, continue to succeed when the authorization information is verified, and then save the authorization information, and send the authorization success result to the authorization tool; when the first digest and the first When the two digests are not equal, the information indicating that the authorization failed is output.
  • an authorization server is further provided, and the internal structure of the authorization server may correspond to the structure shown in FIG. 3.
  • Each of the following modules may be partially or partially implemented by software, hardware or The combination is implemented.
  • the authorization server includes:
  • the second receiving module 201 is configured to receive the first feature information that is sent by the authorization tool and is obtained from the POS terminal.
  • the verification module 202 is configured to verify the first feature information.
  • the second sending module 203 is configured to send the first feature information and the authorization data to the authorization machine for encryption when the first feature information is successfully verified.
  • the second receiving module 201 is further configured to receive the authorization information formed by encrypting the first feature information and the authorization data returned by the authorization machine.
  • the second sending module 203 is further configured to send the authorization information to the POS terminal by using an authorization tool, so that the POS terminal performs state switching.
  • the second sending module 203 is further configured to send a verification code to the authorization tool after the account of the authorization tool is successfully logged in.
  • the second receiving module 201 is further configured to receive a verification code sent by the authorization tool.
  • the apparatus can also include a comparison module for comparing the verification code to the saved verification code.
  • the verification module 202 is further configured to verify the feature information when the verification code is equal to the saved verification code.
  • the second sending module 203 is further configured to: when the verification code is not equal to the saved verification code, send information that the authorization fails to the authorization tool.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).

Landscapes

  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Cash Registers Or Receiving Machines (AREA)

Abstract

L'invention concerne un procédé de commande de terminal de point de vente (POS), un terminal POS, un serveur et un support d'informations. Le procédé consiste : à recevoir une instruction de requête d'informations de caractéristiques envoyée par un outil d'autorisation (S202) ; à générer des premières informations de caractéristiques en fonction de l'instruction (S204) ; à renvoyer les premières informations de caractéristique à l'outil d'autorisation (S206) ; à recevoir des informations d'autorisation renvoyées par l'outil d'autorisation et générées par la machine d'autorisation selon les premières informations de caractéristiques (S208) ; puis à extraire, lorsque les informations d'autorisation sont vérifiées avec succès, des secondes informations de caractéristiques dans les informations d'autorisation (S210) ; à envoyer ensuite, lorsque les secondes informations de caractéristiques sont les mêmes que les premières informations de caractéristiques, après que les informations d'autorisation sont sauvegardées, un résultat de réussite d'autorisation à l'outil d'autorisation (S212) ; et à recevoir une instruction de commutation d'état de l'outil d'autorisation, et à commuter l'état en cours selon l'instruction de commutation d'état (S214).
PCT/CN2017/102383 2017-03-14 2017-09-20 Procédé de commande de terminal pos, terminal pos, serveur et support d'informations Ceased WO2018166163A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710150926.2 2017-03-14
CN201710150926.2A CN107133512B (zh) 2017-03-14 2017-03-14 Pos终端控制方法和装置

Publications (1)

Publication Number Publication Date
WO2018166163A1 true WO2018166163A1 (fr) 2018-09-20

Family

ID=59721896

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/102383 Ceased WO2018166163A1 (fr) 2017-03-14 2017-09-20 Procédé de commande de terminal pos, terminal pos, serveur et support d'informations

Country Status (2)

Country Link
CN (1) CN107133512B (fr)
WO (1) WO2018166163A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI725623B (zh) * 2019-11-15 2021-04-21 倍加科技股份有限公司 基於管理者自發行票券的點對點權限管理方法

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107133512B (zh) * 2017-03-14 2020-07-28 万达百汇科技(深圳)有限公司 Pos终端控制方法和装置
CN107835170B (zh) * 2017-11-04 2021-04-20 上海动联信息技术股份有限公司 一种智能Pos设备安全授权拆机系统及方法
CN109509314A (zh) * 2018-12-15 2019-03-22 深圳市捷诚技术服务有限公司 Pos终端的模式切换方法、装置、存储介质以及pos终端
CN111899443B (zh) * 2020-08-13 2022-08-05 深圳大势智能科技有限公司 传统pos机在智能pos机上调试的方法及装置
CN116938471A (zh) * 2023-07-14 2023-10-24 百富计算机技术(深圳)有限公司 一种pos机安全授权部署方法、装置及存储介质

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102855560A (zh) * 2011-06-29 2013-01-02 国民技术股份有限公司 一种移动支付方法及系统
CN103295341A (zh) * 2013-05-16 2013-09-11 中国工商银行股份有限公司 Pos安全认证装置、系统及pos装置安全认证方法
CN105117665A (zh) * 2015-07-16 2015-12-02 福建联迪商用设备有限公司 一种终端产品模式与开发模式安全切换的方法及系统
CN105930718A (zh) * 2015-12-29 2016-09-07 中国银联股份有限公司 一种销售点终端模式切换方法及装置
EP3109817A1 (fr) * 2015-06-25 2016-12-28 Mastercard International Incorporated Systemes, procedes, dispositifs et supports lisibles par ordinateur pour surveiller des transactions de paiement mobile de proximite
CN107133512A (zh) * 2017-03-14 2017-09-05 万达百汇科技(深圳)有限公司 Pos终端控制方法和装置

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6047264A (en) * 1996-08-08 2000-04-04 Onsale, Inc. Method for supplying automatic status updates using electronic mail
CN101166085B (zh) * 2007-09-24 2012-03-07 飞天诚信科技股份有限公司 远程解锁方法和系统
CN105306210B (zh) * 2014-08-01 2020-06-23 腾讯科技(深圳)有限公司 一种利用应用程序实现授权的方法、装置及系统
CN105721413B (zh) * 2015-09-08 2018-05-29 腾讯科技(深圳)有限公司 业务处理方法及装置
CN106372531B (zh) * 2016-08-30 2018-11-02 福建联迪商用设备有限公司 一种授权获取终端攻击报警信息日志方法和系统

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102855560A (zh) * 2011-06-29 2013-01-02 国民技术股份有限公司 一种移动支付方法及系统
CN103295341A (zh) * 2013-05-16 2013-09-11 中国工商银行股份有限公司 Pos安全认证装置、系统及pos装置安全认证方法
EP3109817A1 (fr) * 2015-06-25 2016-12-28 Mastercard International Incorporated Systemes, procedes, dispositifs et supports lisibles par ordinateur pour surveiller des transactions de paiement mobile de proximite
CN105117665A (zh) * 2015-07-16 2015-12-02 福建联迪商用设备有限公司 一种终端产品模式与开发模式安全切换的方法及系统
CN105930718A (zh) * 2015-12-29 2016-09-07 中国银联股份有限公司 一种销售点终端模式切换方法及装置
CN107133512A (zh) * 2017-03-14 2017-09-05 万达百汇科技(深圳)有限公司 Pos终端控制方法和装置

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI725623B (zh) * 2019-11-15 2021-04-21 倍加科技股份有限公司 基於管理者自發行票券的點對點權限管理方法

Also Published As

Publication number Publication date
CN107133512A (zh) 2017-09-05
CN107133512B (zh) 2020-07-28

Similar Documents

Publication Publication Date Title
CN110677418B (zh) 可信声纹认证方法、装置、电子设备及存储介质
TWI667586B (zh) 用以核對uefi認證變量變化之系統及方法
US10474823B2 (en) Controlled secure code authentication
US10009173B2 (en) System, device, and method of secure entry and handling of passwords
WO2018166163A1 (fr) Procédé de commande de terminal pos, terminal pos, serveur et support d'informations
WO2021219086A1 (fr) Procédé et système de transmission de données basés sur une chaîne de blocs
CN112671720A (zh) 一种云平台资源访问控制的令牌构造方法、装置及设备
CN110795126A (zh) 一种固件安全升级系统
CN110688660B (zh) 一种终端安全启动的方法及装置、存储介质
CN109639427A (zh) 一种数据发送的方法及设备
TW201109969A (en) Method and system for securely updating field upgradeable units
CN103051451A (zh) 安全托管执行环境的加密认证
WO2013107362A1 (fr) Procédé et système de protection des données
WO2019051839A1 (fr) Procédé et dispositif de traitement de données
KR100751428B1 (ko) 일회용 비밀번호 생성방법과 일회용 비밀번호 인증 시스템
CN110210863A (zh) 区块链安全交易方法、装置、电子设备及存储介质
CN108256355A (zh) 一种带外刷新bios时验证bios完整性的方法及装置
CN104463584B (zh) 实现移动端App安全支付的方法
CN115129332A (zh) 固件烧录方法、计算机设备及可读存储介质
CN113794571A (zh) 一种基于动态口令的认证方法、装置及介质
CN111901304B (zh) 移动安全设备的注册方法和装置、存储介质、电子装置
CN116561734A (zh) 一种验证方法、装置、计算机及计算机配置系统
WO2021077504A1 (fr) Procédé permettant de protéger l'intégrité d'un logiciel dans un appareil pour un scénario de continuité
CN113194090A (zh) 鉴权方法、鉴权装置、终端设备及计算机可读存储介质
CN118075022A (zh) 小程序登录方法、装置、电子设备及存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17900710

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 20/01/2020)

122 Ep: pct application non-entry in european phase

Ref document number: 17900710

Country of ref document: EP

Kind code of ref document: A1