CN102034323A - Public traffic one-card service system and implementation method, service platform and point of sale (POS) machine thereof - Google Patents
Public traffic one-card service system and implementation method, service platform and point of sale (POS) machine thereof Download PDFInfo
- Publication number
- CN102034323A CN102034323A CN 201010554551 CN201010554551A CN102034323A CN 102034323 A CN102034323 A CN 102034323A CN 201010554551 CN201010554551 CN 201010554551 CN 201010554551 A CN201010554551 A CN 201010554551A CN 102034323 A CN102034323 A CN 102034323A
- Authority
- CN
- China
- Prior art keywords
- card
- business platform
- pos machine
- identity information
- bus
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 238000012545 processing Methods 0.000 claims description 56
- 238000012360 testing method Methods 0.000 claims description 40
- 239000013589 supplement Substances 0.000 claims description 24
- 230000001502 supplementing effect Effects 0.000 claims description 23
- 230000003993 interaction Effects 0.000 claims description 16
- 229910052709 silver Inorganic materials 0.000 claims description 16
- 239000004332 silver Substances 0.000 claims description 16
- 230000007474 system interaction Effects 0.000 claims description 15
- 235000017166 Bambusa arundinacea Nutrition 0.000 claims description 6
- 235000017491 Bambusa tulda Nutrition 0.000 claims description 6
- 241001330002 Bambuseae Species 0.000 claims description 6
- 235000015334 Phyllostachys viridis Nutrition 0.000 claims description 6
- 239000011425 bamboo Substances 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 claims description 3
- 238000012986 modification Methods 0.000 claims description 2
- 230000004048 modification Effects 0.000 claims description 2
- 230000008569 process Effects 0.000 description 16
- 238000010586 diagram Methods 0.000 description 6
- 238000012795 verification Methods 0.000 description 5
- 238000013475 authorization Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 3
- 230000003213 activating effect Effects 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 238000012937 correction Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000004321 preservation Methods 0.000 description 2
- 230000008929 regeneration Effects 0.000 description 2
- 238000011069 regeneration method Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 239000012467 final product Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/349—Rechargeable cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/28—Pre-payment schemes, e.g. "pay before"
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
Abstract
The invention discloses a public traffic one-card service system and an implementation method and a service platform thereof. The system comprises a point of sale (POS) machine, a personal computer (PC), the service platform and a one-card server, wherein the POS machine is used for sending public traffic one-card identity information to the PC and carrying out corresponding read-write operation on a public one card according to a service command sent by the PC; the PC is used for sending a service request carrying the public traffic one-card identity information to the service platform; the service platform is used for interacting with a third party system and sending a key application request carrying the public traffic one-card identity information to the one-card server according to the service request sent by the PC and sending the service command sent by the one-card server to the PC after succeeding in interacting; and the one-card server is used for feeding the service command back to the service platform according to the key request. The invention expands application of a public traffic one-card service and brings convenience to users.
Description
Technical field
The present invention relates to the network communications technology, particularly relate to a kind of one-card multi-transit service system and its implementation and business platform and POS machine.
Background technology
At present, the Bus Card business is widely used gradually.Fig. 1 is the system construction drawing of Bus Card business in the prior art.Referring to Fig. 1,, mainly comprise in the one-card multi-transit service system: Bus Card card, POS (Point of sales, point of sale) machine and all-purpose card server in order to realize the Bus Card business.Wherein, the Bus Card card is a kind of non-contact radio-frequency card; The all-purpose card server is positioned at Tong Ka company, the identity and the balance amount information of the Bus Card card of this city of maintenance and management or this area, and management POS machine.
At present, the use of Bus Card card mainly is the vote buying of swiping the card at the public transport place.Such as, the POS machine of swiping the card is installed on bus, when needs are bought tickets, only need near the POS machine the Bus Card card, the POS machine will read the information on the Bus Card card, deduct corresponding ticket fee from the Bus Card card, and deposit corresponding information, at last information is directly sent to the all-purpose card server by the POS organizational security.
When needs are supplemented with money for the Bus Card card, need be with the Bus Card card near the POS machine that can supplement with money, this POS chance reads the information in the card, by operating personnel collect supplement cash with money after, artificially revise balance amount information in the Bus Card card by the POS machine, the POS machine directly sends to the all-purpose card server with interaction results.
By above description as can be seen, utilize system shown in Figure 1, the vote buying that can only be used to swipe the card of Bus Card card at the public transport place, like this, though a large number of users all can be carried the Bus Card card in daily life, but the user also can't utilize the Bus Card card to carry out other bankcard consumptions at any time, thereby has limited the application of Bus Card business greatly.
In addition, when at present the Bus Card card being supplemented with money, the user can not finish at any time and supplement operation with money, and must be to the site of supplementing with money of the negligible amounts of appointment, paid supplement cash with money after, could utilize to be positioned at the information that the POS machine maintenance of supplementing the site with money changes card, finish supplementing with money to card.As seen, utilize system shown in Figure 1, the user must arrive to specify and supplement the site with money, and must cash payment supplement with money, thereby for user's use brings very big inconvenience, has reduced professional satisfaction, has limited professional development.
Summary of the invention
Fundamental purpose of the present invention is to provide a kind of one-card multi-transit service system and its implementation, business platform and POS machine, and the application of expansion Bus Card business is for user's use brings convenience.
In order to achieve the above object, technical scheme of the present invention is achieved in that
A kind of one-card multi-transit service system, this system comprises: the Bus Card card, the POS machine, PC, business platform, third party system and all-purpose card server,
The POS machine is used for the Bus Card card is authenticated, and after authentication is passed through, Bus Card card identity information is sent to PC, and the service order according to PC is sent carries out corresponding read-write operation to the Bus Card card;
PC is used for sending the service request of carrying Bus Card card identity information to business platform, and the service order that business platform is sent sends to the POS machine;
Business platform, be used for system interaction with the third party, after the interaction success, the service request of sending according to PC sends the key application request of carrying Bus Card card identity information to the all-purpose card server, and the service order that the all-purpose card server is sent sends to PC;
The all-purpose card server, to the authentication of Bus Card card, authentication is returned service order according to key request to business platform by the back according to the identifying information of the Bus Card card in the key application request.
A kind of service implementation method of system of the present invention, this method comprises:
A, POS machine send to PC with Bus Card card identity information after authentication is passed through to the Bus Card card, PC sends the service request of carrying Bus Card card identity information to business platform; B, business platform and third party's system interaction, after the interaction success, the service request of sending according to PC sends the key application request of carrying Bus Card card identity information to the all-purpose card server; C, all-purpose card server authenticate the Bus Card card according to the identifying information of the Bus Card card in the key application request, after authentication is passed through, return service order according to key request to business platform; D, business platform send to the POS machine by PC with service order; E, POS machine are sent service order according to PC the Bus Card card are carried out corresponding read-write operation.
A kind of business platform comprises: first processing module is used for the system interaction with the third party; Second processing module is used for after the first processing module interaction success, and the service request of sending according to PC sends the key application request of carrying Bus Card card identity information to the all-purpose card server; The 3rd processing module is used for the service order that the all-purpose card server is sent is sent to PC.
This shows that the present invention has the following advantages at least:
1, in the present invention, one-card multi-transit service system with respect to prior art has increased PC, business platform and third party system, the POS machine no longer carries out direct communication with the all-purpose card server, but land business platform by PC, thereby finish and the communicating by letter of third party system and all-purpose card server, particularly, the user can pass through PC, trigger business platform and third party system and carry out information interaction, thereby obtain more service application from the third party system, expanded the application of Bus Card business, for user's use brings convenience.
2, in the present invention, can supplement with money the Bus Card card, and the mode of supplementing with money of the present invention, only need the user that the Bus Card card is put into the POS machine, the POS machine links to each other with PC, corresponding recharge amount of input and payable accounts information get final product on PC, and the present invention just can deduct corresponding recharge amount automatically and supplement with money for the Bus Card card from account.As seen, recharge method of the present invention need not the supplement site of user to appointment, need not the user and carries cash and supplement with money, thereby make the user can realize that whenever and wherever possible the noncash mode carries out the Bus Card card and supplement with money, for user's use brings great convenience.
3, in the present invention, the user only needs the Bus Card card is put into the POS machine, the POS machine links to each other with PC, in commerce system, select the corresponding commodity and the Bus Card card modes of payments by PC, just can utilize the Bus Card card to carry out the payment of shopping online, thereby expanded the application of Bus Card business greatly, for user's use has brought very big convenience.
4, in the present invention, not only between POS machine and the Bus Card card, can finish authentication between all-purpose card server and the POS machine, guarantee the security of its information transmission, and, the POS machine also can with authenticate mutually for the business platform of its service, the all-purpose card server also can authenticate business platform, the mode of authentication is versatile and flexible, such as can being that to utilize the symmetry algorithm encrypting and authenticating also can be to utilize the asymmetric arithmetic encrypting and authenticating, thereby guaranteed that further the present invention realizes the Bus Card service security, has promoted system performance.
5, in the present invention, the CA certificate that can utilize third party authoritative institution to issue comes the data of transmitting between POS machine and the all-purpose card server are carried out encryption and decryption, thereby has further promoted the security of transaction; In addition, the CA certificate that can also utilize third party authoritative institution to issue comes the data of transmitting between POS machine and the all-purpose card server are signed, thereby has guaranteed the non repudiation of transaction.
Description of drawings
Fig. 1 is the system construction drawing of Bus Card business in the prior art;
Fig. 2 is system's basic block diagram of Bus Card business among the present invention;
Fig. 3 is first kind of specific implementation structural drawing of one-card multi-transit service system in the present invention;
Fig. 4 is the process flow diagram of the embodiment of the invention 1;
Fig. 5 is second kind of specific implementation structural drawing of one-card multi-transit service system in the present invention;
Fig. 6 is the process flow diagram of the embodiment of the invention 2;
Fig. 7 is the structural representation of business platform among the present invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with drawings and the specific embodiments.
The present invention proposes a kind of one-card multi-transit service system.Fig. 2 is the basic block diagram of one-card multi-transit service system among the present invention.Referring to Fig. 2, comprise in the basic structure of system of the present invention: the Bus Card card, the POS machine, PC, business platform, third party system and all-purpose card server,
The POS machine is used for the Bus Card card is authenticated, and after authentication is passed through, Bus Card card identity information is sent to PC, and the service order according to PC is sent carries out corresponding read-write operation to the Bus Card card;
PC is used for sending the service request of carrying Bus Card card identity information to business platform, and the service order that business platform is sent sends to the POS machine;
Business platform, be used for system interaction with the third party, after the interaction success, the service request of sending according to PC sends the key application request of carrying Bus Card card identity information to the all-purpose card server, and the service order that the all-purpose card server is sent sends to PC;
The all-purpose card server to the authentication of Bus Card card, after authentication is passed through, returns service order according to key request to business platform according to the identifying information of the Bus Card card in the key application request.
Correspondingly, the invention allows for a kind of service implementation method of utilizing one-card multi-transit service system, the core concept of this method is: the POS machine is after authentication is passed through to the Bus Card card, Bus Card card identity information is sent to PC, and PC sends the service request of carrying Bus Card card identity information to business platform; Business platform and third party's system interaction, after the interaction success, the service request of sending according to PC sends the key application request of carrying Bus Card card identity information to the all-purpose card server; The all-purpose card server authenticates the Bus Card card according to the identifying information of the Bus Card card in the key application request, after authentication is passed through, returns service order according to key request to business platform; Business platform sends to the POS machine by PC with service order; The service order that the POS machine is sent according to PC carries out corresponding read-write operation to the Bus Card card.
As seen, in the present invention, one-card multi-transit service system with respect to prior art has increased PC, business platform and third party system, the POS machine no longer carries out direct communication with the all-purpose card server, but land business platform by PC, thereby finish and the communicating by letter of third party system and all-purpose card server, particularly, the user can pass through PC, trigger business platform and third party system and carry out information interaction, thereby obtain more service application from the third party system, expanded the application of Bus Card business, for user's use brings convenience.
In the present invention, (Certificate Authority, CA) certificate comes the transaction data that transmits between POS machine and the all-purpose card server is carried out encryption and decryption, thereby further promotes the security of transaction can further to utilize e-business certification authorized organization.And, can also utilize CA certificate to come the transaction data that transmits between POS machine and the all-purpose card server is signed, thereby guarantee the non repudiation of transaction.For this reason, in one embodiment of the invention, at first, can make CA certificate respectively for POS machine, business platform and all-purpose card server in advance by the CA center of third party authoritative institution, such as, for the POS machine, can be to generate a pair of public private key pair by the POS machine, by business platform PKI is delivered to the CA center, the CA center utilizes PKI to make the CA certificate of POS machine.The PKI and the certificate information that all comprise use equipment in each CA certificate.Such as, comprise the PKI and the certificate information of all-purpose card server in the CA certificate of all-purpose card server.Secondly, the CA center with the CA certificate of the CA certificate of the CA certificate of POS machine, business platform and all-purpose card server respectively correspondence be distributed to POS machine, business platform and all-purpose card server, and the CA certificate of each POS machine copied to all-purpose card server and business platform, and business platform and all-purpose card server also can obtain the other side's CA certificate mutually.After this, just can utilize CA certificate to realize the encryption and decryption of transaction data and the signature of transaction data.
In specific implementation of the present invention, can utilize one-card multi-transit service system shown in Figure 2 to realize the multiple business application, such as, the noncash at any time of Bus Card card is supplemented with money; Utilize the Bus Card card to carry out shopping online; Utilize the Bus Card card to carry out supermarket bankcard consumption or the like.
Lifting two specific embodiments below describes in detail the Bus Card card noncash specific implementation process of supplementing with money and utilize the Bus Card card to carry out the specific implementation process of shopping online at any time.
Embodiment 1:
Present embodiment describes in detail the Bus Card card noncash specific implementation process of supplementing with money at any time.
Fig. 3 is first kind of specific implementation structural drawing of one-card multi-transit service system in the present invention; Fig. 4 is the process flow diagram of the embodiment of the invention 1.Referring to Fig. 3, when the present invention realized that noncash is supplemented with money at any time to the Bus Card card, the third party system in the system of the present invention was Net silver or third party's payment system (such as Alipay etc.), and at this moment, referring to Fig. 4, this implementation procedure specifically may further comprise the steps:
Step 401: be each professional page binding client install software (OCX) control of business platform.
In this step, the OCX control is to be used for carrying out information interaction with the POS machine, finishes the software of business operation with indication POS machine.Because follow-up POS machine is to be directly connected to PC, therefore, in order to make business platform can control the operation of POS machine, professional page binding O CX control for business platform, be connected to any professional page of business platform by PC when the POS machine after, PC can access the OCX control of page binding, thereby mutual with the POS machine, and indication POS machine is finished business operation.
Step 402: the Bus Card card user is put into the POS machine with card and the POS machine is connected on the PC, and the recharging service page that logs on business platform by PC selects to supplement with money function.
In this step, the POS machine can be connected on the PC by USB interface.
Step 403:PC machine is downloaded the OCX control of binding with the recharging service page from business platform, and the OCX control in this PC activates the POS machine, and detects the POS machine.
The POS machine can send to the all-purpose card server by PC and business platform with the Card Reader request after activating, and the all-purpose card server is carried at the PKI in the own CA certificate in the Card Reader indication and sends to the POS machine by business platform and PC.
Step 404:POS machine is sought card and is handled, and reads the identity information of Bus Card card, according to the identity information that reads the Bus Card card is authenticated, and after authentication is passed through, Bus Card card identity information is sent to PC.
Further, for the non-repudiation that guarantees to conclude the business, may further include following processing in the step 404: the private key of POS machine utilization oneself is signed to the authentication request of the identity information that carries Bus Card card identity information and POS machine self, and send to business platform by PC, business platform utilizes the PKI in the CA certificate of POS machine that authentication request is tested label, test sign successfully after, the private key of business platform utilization oneself is signed to the authentication request of the identity information that carries Bus Card card identity information and POS machine self, and send to the all-purpose card server, PKI in the CA certificate of all-purpose card server by utilizing business platform is tested label to the authentication request of the identity information that carries Bus Card card identity information and POS machine self, test and sign successfully the back identity information of Bus Card card identity information and POS machine is authenticated return authentication success message behind the authentication success.
Step 405:PC machine receives the recharge amount and the accounts information of user's input, sends the charging request of carrying Bus Card card identity information, recharge amount and accounts information to business platform.
Step 406: business platform sends to corresponding Net silver or third party's payment system according to the accounts information in the charging request with the request of withholing.
Step 407: corresponding Net silver or third party's payment system are deducted corresponding recharge amount according to the request of withholing that receives from the account of correspondence, the success message of will withholing returns to business platform.
Step 408: after business platform receives the success message of withholing, send the key application request of supplementing with money of carrying Bus Card card identity information and recharge amount information to the all-purpose card server.
Step 409: the all-purpose card server authenticates this card according to Bus Card card identity information, after authentication is passed through, generates and supplements order with money, utilizes the key of preserving in advance to encrypt supplementing order with money, sends to business platform then.
In the step 408, business platform can further utilize self private key to sign to supplementing key application request with money, and then sends to the all-purpose card server; In the step 409, the all-purpose card server can further utilize the PKI in the CA certificate of business platform to test label to supplementing key application request with money, test sign successfully after, regeneration is supplemented order with money.In the step 409, the all-purpose card server can be to utilize the PKI in the CA certificate of POS machine to encrypt supplementing order with money, and utilizes the private key in the CA certificate of all-purpose card server oneself to sign and send to business platform then supplementing order with money.
Step 410: business platform is supplemented this with money order and is sent to PC, and the OCX control in the PC is supplemented this with money order and sent to the POS machine.
Here, after business platform receives and supplements order with money, at first utilize the PKI in the CA certificate of all-purpose card server to test label to supplementing order with money, test sign successfully after, just will supplement order with money and send to PC.
Step 411:POS machine is supplemented with money for the Bus Card card according to supplementing order with money, promptly revises the balance amount information in the Bus Card card.
Here, the POS machine receive after the encryption supplement order with money after, at first utilize the private key of oneself to be decrypted to supplementing order with money, supplement order with money thereby obtain.
So far, then finished and utilized the POS machine easily the Bus Card card to be supplemented with money at any time, and what use when supplementing with money is Net silver or third party's payment system, make in cash and supplement with money to the site of supplementing with money of appointment and need not the user.
Accurate for the information that further guarantees the Bus Card card that Tong Ka company place's all-purpose card server is safeguarded, the present invention can further include following steps 412-413.
The key that the utilization of step 412:POS machine is preserved is in advance encrypted the current balance amount information of Bus Card card, sends to the all-purpose card server by PC and business platform.
This step specific implementation can be: the POS machine can be to utilize the PKI in the CA certificate of all-purpose card server that the current balance amount information of Bus Card card is encrypted, and can further utilize the private key of POS self that the current balance amount information of Bus Card card is signed, send to business platform by PC then, business platform utilizes the PKI in the CA certificate of POS machine that the current balance amount information of Bus Card card is tested label, test sign successfully after, at first utilize the private key of business platform self that the current balance amount information of Bus Card card is signed, send to the all-purpose card server then.
Step 413: the key that the all-purpose card server further utilizes preservation is decrypted the balance amount information of the Bus Card card that receives, the balance amount information of the Bus Card card of preserving according to the information updating self after the deciphering.
Correspondingly, a kind of specific implementation of this step comprises: the PKI in the CA certificate of all-purpose card server by utilizing business platform is tested label to the current balance amount information of Bus Card card, test sign successfully after, utilize the private key of self that the current balance amount information of Bus Card card is decrypted, the balance amount information of the Bus Card card of preserving according to the information updating self after the deciphering.
Embodiment 2:
Present embodiment describes in detail and utilizes the Bus Card card to carry out the specific implementation process of shopping online.
Fig. 5 is second kind of specific implementation structural drawing of one-card multi-transit service system in the present invention; Fig. 6 is the process flow diagram of the embodiment of the invention 2.Referring to Fig. 5, when the present invention utilized the Bus Card card to carry out shopping online at any time, the third party system in the system of the present invention was and the signatory commerce system of business platform that at this moment, referring to Fig. 6, this implementation procedure specifically may further comprise the steps:
Step 601: be each professional page binding client install software (OCX) control of business platform.
In this step, the OCX control is to be used for carrying out information interaction with the POS machine, finishes the software of business operation with indication POS machine.Because follow-up POS machine is to be directly connected to PC, therefore, in order to make business platform can control the operation of POS machine, professional page binding O CX control for business platform, be connected to any professional page of business platform by PC when the POS machine after, PC can access the OCX control of page binding, thereby mutual with the POS machine, and indication POS machine is finished business operation.
Step 602: the Bus Card card user logs on commerce system by PC, selects the commodity of required purchase, and selects to use the payment of Bus Card card.
Step 603: commerce system generates corresponding goods orders and sends to business platform according to user's selection.
The amount of money that comprises the commodity of required purchase in this goods orders, i.e. payment information.
Step 604: business platform is opened the consumption service page after receiving goods orders.
Step 605: the user puts into the POS machine with the Bus Card card and the POS machine is connected on the PC, logs on the consumption service page of business platform by PC.
In this step, the POS machine can be connected on the PC by USB interface.
Step 606:PC machine is downloaded the OCX control of binding with the consumption service page from business platform, and the OCX control in this PC activates the POS machine, and detects the POS machine.
The POS machine can send to the all-purpose card server by PC and business platform with the Card Reader request after activating, and the all-purpose card server is carried at the PKI in the own CA certificate in the Card Reader indication and sends to the POS machine by business platform and PC.
Step 607:POS machine is sought card and is handled, and reads the identity information of Bus Card card, according to the identity information that reads the Bus Card card is authenticated, and after authentication is passed through, Bus Card card identity information is sent to PC.
Further, for the non-repudiation that guarantees to conclude the business, may further include following processing in the step 607: the private key of POS machine utilization oneself is signed to the authentication request of the identity information that carries Bus Card card identity information and POS machine self, and send to business platform by PC, business platform utilizes the PKI in the CA certificate of POS machine that the authentication request of the identity information that carries Bus Card card identity information and POS machine self is tested label, test sign successfully after, the private key of business platform utilization oneself is signed to the authentication request of the identity information that carries Bus Card card identity information and POS machine self, and send to the all-purpose card server, PKI in the CA certificate of all-purpose card server by utilizing business platform is tested label to the authentication request of the identity information that carries Bus Card card identity information and POS machine self, test and sign successfully, the return authentication success message.
Step 608:PC machine sends the Payment Request of carrying Bus Card card identity information to business platform.
Step 609: after business platform receives Payment Request, send the payment key application request of carrying Bus Card card identity information, payment information to the all-purpose card server.
Step 610: the all-purpose card server authenticates this mass transit card according to Bus Card card identity information, after authentication is passed through, utilizes the key of preserving in advance that the order of withholing is encrypted, and sends to business platform then.
In the step 609, business platform can further utilize self private key that payment key application request is signed, and then sends to the all-purpose card server; In the step 610, the all-purpose card server can further utilize the PKI in the CA certificate of business platform that label are tested in payment key application request, test sign successfully after, the regeneration order of withholing.Here, the all-purpose card server can be to utilize the PKI in the CA certificate of POS machine that the order of withholing is encrypted, and utilizes private key in the CA certificate of all-purpose card server oneself that the order of withholing is signed to send to business platform then.
Step 611: business platform sends to PC with this order of withholing, and the OCX control in the PC sends to the POS machine with this order of withholing.Here, after business platform receives the order of withholing, can at first utilize the PKI in the CA certificate of all-purpose card server that label are tested in the order of withholing, test sign successfully after, the order of just will withholing sends to PC.
Step 612:POS machine is according to withholing order, and the corresponding amount of money of deduction is promptly revised the balance amount information in the Bus Card card from the Bus Card card.Here, after the POS machine receives the order of withholing after the encryption, at first utilize the private key of oneself that the order of withholing is decrypted, thereby obtain the order of withholing.
So far, then finished and utilize the POS machine to carry out shopping online at any time easily.
Accurate for the information that further guarantees the Bus Card card that Tong Ka company place's all-purpose card server is safeguarded, the present invention can further include following steps 613-614.
The key that the utilization of step 613:POS machine is preserved is in advance encrypted the current balance amount information of Bus Card card, sends to the all-purpose card server by PC and business platform.
This step specific implementation can be: the POS machine can be to utilize the PKI in the CA certificate of all-purpose card server that the current balance amount information of Bus Card card is encrypted, and can further utilize the private key of POS self that the current balance amount information of Bus Card card is signed, send to business platform by PC then, business platform utilizes the PKI in the CA certificate of POS machine that the current balance amount information of Bus Card card is tested label, test sign successfully after, at first utilize the private key of business platform self that the current balance amount information of Bus Card card is signed, send to the all-purpose card server then.
Step 614: the key that the all-purpose card server further utilizes preservation is decrypted the balance amount information of the Bus Card card that receives, the balance amount information of the Bus Card card of preserving according to the information updating self after the deciphering.
Correspondingly, a kind of specific implementation of this step comprises: the PKI in the CA certificate of all-purpose card server by utilizing business platform is tested label to the current balance amount information of Bus Card card, test sign successfully after, utilize the private key of self that the current balance amount information of Bus Card card is decrypted, the balance amount information of the Bus Card card of preserving according to the information updating self after the deciphering.
Need to prove, in order to realize this ca authentication, the present invention need carry out following processing in advance: with the POS machine is example, submit to the registration of POS machine to set up request to authentication center (CA), CA sets up the log-on message of this POS machine, registering result is comprised that reference number and authorization code return to the POS machine, at last to POS machine distribution CA certificate, the distribution approach of this CA certificate has multiple, such as, a kind of is the outer distribution of band, i.e. offline mode, the CA certificate of distributing to the POS machine is stored in the storage medium, and the POS machine obtains corresponding C A certificate from this storage medium; Another kind is distribution in the band, and the POS machine is connected to CA, provides reference number and authorization code to CA, and CA sends to the POS machine with CA certificate after verifying that this reference number and authorization code are correctly, and like this, the POS machine has then obtained CA certificate.
Also need to prove, in order further to increase the security of system of the present invention, guarantee the interests of business platform and POS machine, can not be by imitated, in a preferred embodiment of the present invention, can also increase the mutual authentication process between business platform and the POS machine, the POS machine be connected to business platform prepare the Bus Card card supplemented with money with shopping online before, must carry out the authentication between platform and the POS earlier, the key of business platform is placed in the encryption equipment, and the key of POS machine is placed in the main control MCU; The POS machine is issued the business platform authenticating identity with the secret key encryption authentication information, and business platform is confirmed identity with secret key decryption; Vice versa, and business platform is issued POS machine authenticating identity with the secret key encryption authentication information, POS machine secret key decryption authenticating identity.After both sides' authentication, supplement with money again or shopping online operation, if a side is arranged not by authenticating then forbid carrying out other operations.The method of concrete two-way authentication can comprise following two kinds of methods:
Method one, when the POS machine is connected to business platform by PC, the POS machine send to be differentiated instruction by PC to business platform; After business platform receives and differentiates instruction, produce random number R B (random number length can be half of cryptographic algorithm block length), send to the POS machine by PC; The POS machine produces random number RA (random number length can be half of cryptographic algorithm block length), with the PKI K1 of business platform to RA and RB encrypt obtain Token1=Enc (RA||RB, K1), the POS machine sends to business platform with Token1 by PC; Business platform obtains RA ' and RB ' with the private key K2 deciphering Token1 of self, compares RB ' and RB, and as the authentification failure of inconsistent then business platform to the POS machine, end is mutual with this POS machine; As unanimity, then business platform produces random number R C, with the PKI K3 of POS machine to RA ' and RC encrypt obtain Token2=Enc (RA ' || RC K1), sends to the POS machine with Token2 by PC; The POS machine with self private key K4 deciphering Token2 after, relatively whether RA ' consistent with RA, as the authentification failure of inconsistent then POS to business platform, finish and business platform alternately; Then POS is to the authentication success of business platform machine as unanimity, and then two-way discriminating is passed through, otherwise two-way discriminating is not passed through.
When method two, business platform initialization or distribution, the certificate CER_T that sign and issue at the private key Tv of storage service platform oneself and CA center.The certificate CER_R that sign and issue at the private key Rv of POS machine storage POS machine oneself and CA center.The POS machine sends to business platform by PC and differentiates request instruction; Business platform produces random number R B, sends to the POS machine by PC; The POS machine produces random number RA, and the private key Rv of usefulness oneself signs to RA||RB||UID and obtains SgnData1, and wherein, UID is ID number of POS machine, and data block Token1=RA||RB||UID||SgnData1||CER_R is sent to business platform by PC; Business platform is used to CA center requests authentication certificate CER_R, pass through as checking, public key verifications digital signature SgnData1 with POS machine in this certificate, then finish authentication if the verification passes to the POS machine, carry out next step operation, otherwise the POS identity differentiates and does not pass through that this discrimination process is ended;
Business platform is used the private key Tv of oneself that RA||UID is signed and is obtained SgnData2, and RA||UID||SgnData2||CER_T is sent to the POS machine by PC; The POS machine is by the certificate CER_T of PC to CA center requests checking business platform, if the verification passes, public key verifications digital signature SgnData2 with business platform in this certificate, then finish authentication if the verification passes to business platform, otherwise the business platform authentication is not passed through, and this discrimination process is ended.
Mutual authentication process between above-mentioned business platform and the POS machine is for flow process shown in Figure 4, can occur in the step 402, promptly when the POS machine logs on the recharging service page of business platform by PC, carry out above-mentioned mutual authentication process, carry out subsequent step behind the authentication success.For flow process shown in Figure 6, can occur in the step 605, promptly when the POS machine logs on the consumption service page of business platform by PC, carry out above-mentioned mutual authentication process, behind the authentication success, carry out subsequent step.
The idiographic flow of the inventive method when realizing that recharging service and shopping online are professional more than described.
In the business realizing of reality, the present invention comprises any one or multiple combination in the following concrete system implementation at least for the specific implementation details of one-card multi-transit service system:
A, non repudiation and security in order to realize concluding the business, the POS machine was further used for before the Bus Card card being carried out corresponding read-write operation, the private key that utilizes oneself is signed to the authentication request of the identity information that carries Bus Card card identity information and POS machine self, and sends to business platform by PC;
Described business platform further utilizes the PKI in the CA certificate of POS machine that authentication request is tested label, test sign successfully after, the private key of business platform utilization oneself is signed to the authentication request of carrying Bus Card card identity information and POS identity information, and sends to the all-purpose card server;
Described all-purpose card server further utilizes the PKI in the CA certificate of business platform that the authentication request of the identity information that carries Bus Card card identity information and POS machine is tested label, tests to sign successful back the identity information of Bus Card card identity information and POS machine is authenticated.
B, the non repudiation in order to realize concluding the business, described business platform send to the all-purpose card server after further utilizing self private key that key application request is signed again; Correspondingly, described all-purpose card server further utilizes the PKI in the CA certificate of business platform that label are tested in key application request, test sign successfully after, carry out again and describedly return service order to business platform;
C, the non repudiation in order to realize concluding the business return to business platform after the private key in the described all-purpose card server by utilizing all-purpose card server CA certificate is signed to service order; Correspondingly, described business platform utilizes the PKI in the CA certificate of all-purpose card server that service order is tested label, test sign successfully after, just service order is sent to PC.
One, in order to guarantee the security of information between POS machine and the all-purpose card server, in the specific implementation of system of the present invention, can carry out encryption to transmitted information, concrete system's implementation comprises:
The all-purpose card server further before returning service order to business platform, utilizes the PKI in the CA certificate of POS machine that this service order is encrypted; At this moment, correspondingly, POS machine inside can comprise: antenna, module for reading and writing, security module and processing module, and preferably, module for reading and writing, security module and processing module can be integrated in the chip; Wherein,
Module for reading and writing is used to read the identity information of Bus Card card, is transmitted to security module by processing module;
Security module, according to Bus Card card identity information, the Bus Card card is authenticated, after authentication is passed through, by processing module Bus Card card identity information is sent to PC, and the private key of preserving the POS machine in the key district of inaccessible, the service order that utilizes this private key that processing module is sent is decrypted, and the data after the deciphering are returned to processing module;
Processing module, the service order that PC is sent is transmitted to security module, and according to the service order that security module is returned, the control module for reading and writing carries out corresponding read-write operation to the Bus Card card.
Two, in the specific implementation of system of the present invention, can utilize system of the present invention to realize easily mass transit card all-purpose card card being supplemented with money at any time, and need not the user supplement the site with money and make and supplement with money in cash to specifying, at this moment, third party system in the system of the present invention is Net silver or third party's payment system, comprising:
Net silver or third party's payment system specifically are according to the request of withholing that receives, the corresponding recharge amount of deduction from the account of correspondence, and the success message of will withholing returns to business platform;
PC, specifically be used to be linked to the recharging service page of described business platform, from this page, download the OCX control, recharge amount and accounts information according to user's input, generation is as the charging request of described service request and send to business platform, utilize the OCX control, the order of supplementing with money as service order that the all-purpose card server is sent by business platform sends to the POS machine;
Business platform, after receiving charging request, the request of will withholing sends to described Net silver or third party's payment system, after receiving the success message of withholing, carries out to the all-purpose card server and sends the key application request of supplementing with money of carrying Bus Card card identity information;
Described POS machine, supplement order with money according to what PC was sent, revise the balance amount information in the Bus Card card, revise successfully after, utilize the key of preserving that the current balance amount information of Bus Card card is encrypted, send to the all-purpose card server by PC and business platform;
The all-purpose card server further utilizes the key preserved that the balance amount information of the Bus Card card that receives is decrypted, the balance amount information of the Bus Card card of preserving according to the information correction self after the deciphering.
Three, in the specific implementation of system of the present invention, can utilize mass transit card all-purpose card card to carry out shopping online, at this moment, the third party system in the system of the present invention is a commerce system, concrete system's implementation comprises:
Commerce system specifically after detecting user commodity of selecting by PC and the information of using the payment of Bus Card card, generates corresponding goods orders and sends to business platform;
Business platform is further used for after receiving goods orders, opens the consumption service page, after receiving the Payment Request that PC sends, carries out to the all-purpose card server and sends the payment key application request of carrying Bus Card card identity information;
Described PC, be used to be linked to the consumption service page of business platform, from the consumption service page, download the OCX control, Payment Request is sent to business platform as described service request, according to the instruction of OCX control, the order of withholing as service order that business platform is sent sends to the POS machine;
Described POS machine, the balance amount information in the Bus Card card is revised in the order of withholing of sending according to PC, revise successfully after, utilize the key of preserving that the current balance amount information of Bus Card card is encrypted, send to the all-purpose card server by PC and business platform;
The all-purpose card server further utilizes the key preserved that the balance amount information of the Bus Card card that receives is decrypted, the balance amount information of the Bus Card card of preserving according to the information correction self after the deciphering.
In mode two, three, preferably, described POS machine utilizes the PKI in the CA certificate of all-purpose card server that the current balance amount information of Bus Card card is encrypted; Described all-purpose card server, self the private key of utilize preserving is decrypted the balance amount information of the Bus Card card that receives.
Four, can not can be carried out two-way authentication between system business platform of the present invention and the POS machine by imitated for the interests that guarantee business platform and POS machine, concrete system's implementation comprises:
Described POS machine, further when being connected to business platform by PC, utilize secret key encryption self identity information of preserving and send to PC, utilize the key preserved in advance that the identity information of the business platform that receives is decrypted, according to the information after the deciphering business platform is authenticated, after the two-way authentication of POS machine and business platform success, carry out described Bus Card card identity information is sent to PC;
PC, further the identity information with the POS machine that receives sends to business platform, and the identity information of the business platform that receives is sent to the POS machine;
Described business platform, further utilize the key preserved in advance that the identity information of the POS machine that receives is decrypted, according to the information after the deciphering POS machine is authenticated, utilize the identity information of the secret key encryption self of preserving in advance and send to PC, after the two-way authentication success of POS machine and business platform, carry out described to all-purpose card server transmission key application processing of request; Wherein,
Described POS machine is encrypted the key that self identity information uses and is the PKI in the CA certificate of business platform or other predefined keys, and the key that the identity information of business platform is decrypted is private key or other predefined keys of POS machine; Described business platform is decrypted use to the identity information of POS machine key is self private key or other predefined keys, encrypts the key that self identity information uses and is the PKI in the CA certificate of POS or other predefined keys.
The invention allows for a kind of business platform, referring to Fig. 7, this business platform comprises: first processing module 701 is used for the system interaction with the third party; Second processing module 702 is used for after the first processing module interaction success, and the service request of sending according to PC sends the key application request of carrying Bus Card card identity information to the all-purpose card server; The 3rd processing module 703 is used for the service order that the all-purpose card server is sent is sent to PC.
Among the present invention, for the non repudiation that guarantees to conclude the business, information transmitted can sign and test to sign and handle between business platform and the POS machine, and is same, information transmitted also can sign and test to sign and handle between business platform and the all-purpose card server, and concrete a kind of realization can comprise:
Described second processing module 702 comprises that first tests the bamboo slips used for divination or drawing lots module, and the authentication request of carrying Bus Card card identity information and POS identity information that is used for utilizing the PKI of the CA certificate of POS machine that PC is sent is tested label; And/or, be used for send described key application request to the all-purpose card server before, utilize the private key of business platform that key application request is signed;
Described the 3rd processing module 703 comprises that second tests the bamboo slips used for divination or drawing lots module, be used for described first test the bamboo slips used for divination or drawing lots module test sign successfully after, utilize the private key of business platform that the authentication request of carrying Bus Card card identity information and POS identity information is signed, and send to the all-purpose card server; And/or, be used for utilizing the PKI of the CA certificate of all-purpose card server that service order is tested label, test and service order is sent to PC after signing successfully.
Utilize business platform of the present invention, can realize the Bus Card card is supplemented with money, and realize utilizing the Bus Card card to carry out shopping online, a kind of concrete realization can comprise:
Described first processing module comprises: supplement processing sub with money, after receiving charging request, the request of will withholing sends to described Net silver or third party's payment system, determines after receiving the success message of withholing and described third party's system interaction success; And/or the transaction processing submodule is determined after receiving the goods orders that commerce system sends and described third party's system interaction success.
The invention allows for a kind of POS machine, it is characterized in that, comprising: antenna, and
Module for reading and writing is used to read the identity information of Bus Card card, is transmitted to security module by processing module; Security module, according to Bus Card card identity information, the Bus Card card is authenticated, after authentication is passed through, by processing module Bus Card card identity information is sent to PC, and the service order that utilizes key that processing module is sent is decrypted, and the data after the deciphering are returned to processing module; Processing module is issued security module with the service order that PC is sent, and the service order control module for reading and writing after the deciphering of returning according to security module carries out corresponding read-write operation to the Bus Card card.
Described security module is used for preserving in the key district of inaccessible the private key of POS machine, and this private key is corresponding to the PKI of the CA certificate of POS machine, and utilizes this private key to carry out the described service order that processing module is sent to be decrypted; And/or described security module is further used for utilizing the private key of POS machine that the authentication request of carrying Bus Card card identity information and POS identity information is signed, and sends to PC by processing module; And/or described security module is further used for utilizing the PKI in the CA certificate of all-purpose card server that the current balance amount information of Bus Card card is encrypted, and sends to PC by processing module.
In the present invention, can be connected or the internet carries out above-mentioned information interaction by TCP/IP between business platform and the PC; Can carry out information interaction by internet or special line between business platform and the third party system (such as Net silver, third party's payment system or commerce system).
In a word, the above only is preferred embodiment of the present invention, and non-limiting protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.All should be included within protection scope of the present invention.
Claims (18)
1. an one-card multi-transit service system is characterized in that, this system comprises: Bus Card card, POS machine, PC, business platform, third party system and all-purpose card server.
The POS machine is used for the Bus Card card is authenticated, and after authentication is passed through, Bus Card card identity information is sent to PC, and the service order according to PC is sent carries out corresponding read-write operation to the Bus Card card;
PC is used for sending the service request of carrying Bus Card card identity information to business platform, and the service order that business platform is sent sends to the POS machine;
Business platform, be used for system interaction with the third party, after the interaction success, the service request of sending according to PC sends the key application request of carrying Bus Card card identity information to the all-purpose card server, and the service order that the all-purpose card server is sent sends to PC;
The all-purpose card server authenticates the Bus Card card according to the identifying information of the Bus Card card in the key application request, after authentication is passed through, returns service order according to key request to business platform.
2. card system according to claim 1, it is characterized in that, the private key that described POS machine is further used for utilizing oneself is signed to the authentication request of the identity information that carries Bus Card card identity information and POS machine self, and sends to business platform by PC;
Described business platform further utilizes the PKI in the CA certificate of POS machine that authentication request is tested label, test sign successfully after, the private key of business platform utilization oneself is signed to the authentication request of carrying Bus Card card identity information and POS identity information, and sends to the all-purpose card server;
Described all-purpose card server further utilizes the PKI in the CA certificate of business platform that the authentication request of the identity information that carries Bus Card card identity information and POS machine is tested label, tests to sign successful back the identity information of Bus Card card identity information and POS machine is authenticated.
3. card system according to claim 1 is characterized in that, described business platform sends to the all-purpose card server after further utilizing self private key that key application request is signed again; Correspondingly, described all-purpose card server further utilizes the PKI in the CA certificate of business platform that label are tested in key application request, test sign successfully after, carry out again and describedly return service order to business platform;
And/or,
After signing to service order, private key in the described all-purpose card server by utilizing all-purpose card server CA certificate returns to business platform; Correspondingly, described business platform utilizes the PKI in the CA certificate of all-purpose card server that service order is tested label, test sign successfully after, just carry out described service order is sent to PC.
4. Bus Card according to claim 1 system is characterized in that, described all-purpose card server further before returning service order to business platform, utilizes the PKI in the CA certificate of POS machine that this service order is encrypted;
Described POS machine comprises: antenna, module for reading and writing, security module and processing module; Wherein,
Module for reading and writing is used to read the identity information of Bus Card card, is transmitted to security module by processing module;
Security module, according to Bus Card card identity information, the Bus Card card is authenticated, after authentication is passed through, by processing module Bus Card card identity information is sent to PC, and the private key of preserving the POS machine in the key district of inaccessible, the service order that utilizes this private key that processing module is sent is decrypted, and the data after the deciphering are returned to processing module;
Processing module, the service order that PC is sent is transmitted to security module, the service order after the deciphering of returning according to security module, the control module for reading and writing carries out corresponding read-write operation to the Bus Card card.
5. Bus Card according to claim 1 system is characterized in that,
When described third party system was Net silver or third party's payment system, this Net silver or third party's payment system were used for according to the withholing request that receives, and deducted corresponding recharge amount from the account of correspondence, and the success message of will withholing returns to business platform;
Correspondingly, described PC, be used to be linked to the recharging service page of described business platform, download the OCX control that this page is bound in advance, recharge amount and accounts information according to user's input, generation is as the charging request of described service request and send to business platform, utilizes the OCX control, and the order of supplementing with money as service order that the all-purpose card server is sent by business platform sends to the POS machine;
Correspondingly, business platform, after receiving charging request, the request of will withholing sends to described Net silver or third party's payment system, after receiving the success message of withholing, carry out to the all-purpose card server and send the key application request of supplementing with money of carrying Bus Card card identity information;
Correspondingly, described POS machine is supplemented order with money according to what PC was sent, revise the balance amount information in the Bus Card card, after revising successfully, utilize the key of preserving that the current balance amount information of Bus Card card is encrypted, send to the all-purpose card server by PC and business platform;
Correspondingly, the all-purpose card server further utilizes the key preserved that the balance amount information of the Bus Card card that receives is decrypted, the balance amount information of the Bus Card card of preserving according to the information updating self after the deciphering;
Perhaps,
When described third party system was commerce system, this commerce system generated corresponding goods orders and sends to business platform after being used to detect commodity that the user selects by PC and the information of using the payment of Bus Card card;
Correspondingly, business platform is further used for opening the consumption service page after successfully receiving goods orders, after receiving the Payment Request that PC sends, carry out to the all-purpose card server and send the payment key application request of carrying Bus Card card identity information;
Correspondingly, described PC, be used to be linked to the consumption service page of described business platform, download the OCX control that this consumption service page is bound in advance, Payment Request is sent to business platform as described service request, according to the instruction of OCX control, the order of withholing as service order that business platform is sent sends to the POS machine;
Correspondingly, described POS machine, the order of withholing of sending according to PC, revise the balance amount information in the Bus Card card, after revising successfully, utilize the key of preserving that the current balance amount information of Bus Card card is encrypted, send to the all-purpose card server by PC and business platform;
Correspondingly, the all-purpose card server further utilizes the key preserved that the balance amount information of the Bus Card card that receives is decrypted, the balance amount information of the Bus Card card of preserving according to the information updating self after the deciphering.
6. one-card multi-transit service system according to claim 5 is characterized in that, described POS machine utilizes the PKI in the CA certificate of all-purpose card server that the current balance amount information of Bus Card card is encrypted;
Described all-purpose card server, self the private key of utilize preserving is decrypted the balance amount information of the Bus Card card that receives.
7. according to the arbitrary described one-card multi-transit service system of claim 1~6, it is characterized in that,
Described POS machine, further when being connected to business platform by PC, utilize secret key encryption self identity information of preserving in advance to send to PC, utilize the key preserved in advance that the identity information of the business platform that receives is decrypted, according to the information after the deciphering business platform is authenticated, after the two-way authentication of POS machine and business platform success, carry out described Bus Card card identity information is sent to PC;
PC, further the identity information with the POS machine that receives sends to business platform, and the identity information of the business platform that receives is sent to the POS machine;
Described business platform, further utilize the key preserved in advance that the identity information of the POS machine that receives is decrypted, according to the information after the deciphering POS machine is authenticated, utilize the identity information of the secret key encryption self of preserving in advance and send to PC, after the two-way authentication success of POS machine and business platform, carry out described to all-purpose card server transmission key application processing of request; Wherein,
Described POS machine is encrypted the key that self identity information uses and is the PKI in the CA certificate of business platform or other predefined keys, and the key that the identity information of business platform is decrypted is private key or other predefined keys of POS machine; Described business platform is decrypted use to the identity information of POS machine key is self private key or other predefined keys, encrypts the key that self identity information uses and is the PKI in the CA certificate of POS or other predefined keys.
8. the service implementation method of the described system of claim 1 is characterized in that, this method comprises:
A, POS machine send to PC with Bus Card card identity information after authentication is passed through to the Bus Card card, PC sends the service request of carrying Bus Card card identity information to business platform;
B, business platform and third party's system interaction, after the interaction success, the service request of sending according to PC sends the key application request of carrying Bus Card card identity information to the all-purpose card server;
C, all-purpose card server authenticate the Bus Card card according to the identifying information of the Bus Card card in the key application request, after authentication is passed through, return service order according to key request to business platform;
D, business platform send to the POS machine by PC with service order;
The service order that E, POS machine are sent according to PC carries out corresponding read-write operation to the Bus Card card.
9. method according to claim 8 is characterized in that, before the steps A, further comprises:
The private key of POS machine utilization oneself is signed to the authentication request of the identity information that carries Bus Card card identity information and POS machine self, and sends to business platform by PC;
Business platform utilizes the PKI in the CA certificate of POS machine that authentication request is tested label, test sign successfully after, the private key of business platform utilization oneself is signed to the authentication request of carrying Bus Card card identity information and POS identity information, and sends to the all-purpose card server;
PKI in the CA certificate of all-purpose card server by utilizing business platform is tested label to the authentication request of the identity information that carries Bus Card card identity information and POS machine, test and sign successfully the back identity information of Bus Card card identity information and POS machine is authenticated, behind the authentication success, carry out described steps A.
10. method according to claim 8 is characterized in that, among the step B, business platform further comprised send key application request to the all-purpose card server before: business platform utilizes self private key that key application request is signed; Correspondingly, further comprise between step B and the step C: the PKI in the CA certificate of all-purpose card server by utilizing business platform is tested label to key application request, test sign successfully after, execution in step C;
And/or,
Among the step C, the all-purpose card server further comprised before business platform returns service order: utilize the private key in the all-purpose card server CA certificate that service order is signed; Correspondingly, further comprise between step C and the step D: business platform utilizes the PKI in the CA certificate of all-purpose card server that service order is tested label, test sign successfully after, execution in step D.
11. method according to claim 8 is characterized in that,
In step C, according to key request before business platform returns service order, further comprise: the key that the all-purpose card server by utilizing is preserved is in advance encrypted service order; In step e, further comprise: after the POS machine receives the service order that PC sends, at first service order is decrypted according to the key of preserving in advance; Wherein,
The all-purpose card server is PKI or other predefined keys of the CA certificate of POS machine to the service order encrypted secret key; The POS machine is self private key or other predefined keys to the key of service order deciphering.
12. method according to claim 8 is characterized in that,
When described third party system is Net silver or third party's payment system,
Before steps A, further comprise: PC is linked to the recharging service page of business platform, downloads the OCX control that this page is bound in advance, activates the POS machine, receives the recharge amount and the accounts information of user's input;
Described service request is the charging request of carrying Bus Card card identity information, recharge amount and accounts information;
In step B, the step of described business platform and third party's system interaction comprises: business platform is according to the accounts information in the charging request, the request of will withholing sends to Net silver or third party's payment system, Net silver or third party's payment system are deducted corresponding debt according to recharge amount in the account of correspondence, and return the success message of withholing to business platform;
Described service order is for supplementing order with money;
Described step e comprises: the POS machine is revised the balance amount information in the Bus Card card according to supplementing order with money;
Perhaps,
When described third party system is commerce system,
Before steps A, further comprise: commerce system receives the user and uses Bus Card card payment information by the merchandise news and the selection of the required purchase of PC selection, PC is linked to the consumption service page of business platform, downloads the OCX control that this page is bound in advance, activates the POS machine;
Among the step B, described business platform comprises with the step of third party's system interaction: commerce system generates corresponding goods orders and sends to business platform, comprises the payment information that needs in this goods orders;
Described key application request is the payment key application request of carrying Bus Card card identity information and payment information;
Described service order is the order of withholing;
Described step e comprises: the POS machine is according to the balance amount information in the order modification Bus Card card of withholing.
13. method according to claim 12 is characterized in that, further comprises after the step e:
The POS machine utilizes the PKI in the CA certificate of all-purpose card server that the current balance amount information of Bus Card card is encrypted, the private key that utilizes POS self sends to business platform by PC then to the current balance amount information of Bus Card card is signed;
Business platform utilizes PKI in the CA certificate of POS machine to the current balance amount information of Bus Card card is tested label, test sign successfully after, at first utilize the private key of business platform self that the current balance amount information of Bus Card card is signed, send to the all-purpose card server then;
PKI in the CA certificate of all-purpose card server by utilizing business platform is tested label to the current balance amount information of Bus Card card, test sign successfully after, utilize the private key of self that the current balance amount information of Bus Card card is decrypted, the balance amount information of the Bus Card card of preserving according to the information updating self after the deciphering.
14. a business platform is characterized in that, comprising:
First processing module is used for the system interaction with the third party;
Second processing module is used for after the first processing module interaction success, and the service request of sending according to PC sends the key application request of carrying Bus Card card identity information to the all-purpose card server;
The 3rd processing module is used for the service order that the all-purpose card server is sent is sent to PC.
15. business platform according to claim 14 is characterized in that,
Described second processing module comprises that first tests the bamboo slips used for divination or drawing lots module, and the authentication request of carrying Bus Card card identity information and POS identity information that is used for utilizing the PKI of the CA certificate of POS machine that PC is sent is tested label; And/or, be used for send described key application request to the all-purpose card server before, utilize the private key of business platform that key application request is signed;
Described the 3rd processing module comprises that second tests the bamboo slips used for divination or drawing lots module, be used for described first test the bamboo slips used for divination or drawing lots module test sign successfully after, utilize the private key of business platform that the authentication request of carrying Bus Card card identity information and POS identity information is signed, and send to the all-purpose card server; And/or, be used for utilizing the PKI of the CA certificate of all-purpose card server that service order is tested label, test and service order is sent to PC after signing successfully.
16., it is characterized in that described first processing module comprises according to claim 14 or 15 described business platforms:
Supplement processing sub with money, the request of will withholing after receiving charging request sends to described Net silver or third party's payment system, determines after receiving the success message of withholing and described third party's system interaction success;
And/or,
The transaction processing submodule is determined after receiving the goods orders that commerce system sends and described third party's system interaction success.
17. a POS machine is characterized in that, comprising: antenna, and
Module for reading and writing is used to read the identity information of Bus Card card, is transmitted to security module by processing module;
Security module, according to Bus Card card identity information, the Bus Card card is authenticated, after authentication is passed through, by processing module Bus Card card identity information is sent to PC, and the service order that utilizes key that processing module is sent is decrypted, and the data after the deciphering are returned to processing module;
Processing module is issued security module with the service order that PC is sent, and the service order control module for reading and writing after the deciphering of returning according to security module carries out corresponding read-write operation to the Bus Card card.
18. POS machine according to claim 17, it is characterized in that, described security module is used for preserving in the key district of inaccessible the private key of POS machine, the PKI of the CA certificate of the corresponding POS machine of this private key, and utilize the described service order that processing module is sent of this private key execution to be decrypted;
And/or described security module is further used for utilizing the private key of POS machine that the authentication request of carrying Bus Card card identity information and POS identity information is signed, and sends to PC by processing module;
And/or described security module is further used for utilizing the PKI in the CA certificate of all-purpose card server that the current balance amount information of Bus Card card is encrypted, and sends to PC by processing module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010105545514A CN102034323B (en) | 2009-12-01 | 2010-11-23 | Public traffic one-card service system and implementation method, service platform and point of sale (POS) machine thereof |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910238774A CN101739771A (en) | 2009-12-01 | 2009-12-01 | One-card multi-transit service system and method for realizing same |
| CN200910238774.7 | 2009-12-01 | ||
| CN2010105545514A CN102034323B (en) | 2009-12-01 | 2010-11-23 | Public traffic one-card service system and implementation method, service platform and point of sale (POS) machine thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102034323A true CN102034323A (en) | 2011-04-27 |
| CN102034323B CN102034323B (en) | 2012-11-28 |
Family
ID=42146120
Family Applications (3)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910238774A Pending CN101739771A (en) | 2009-12-01 | 2009-12-01 | One-card multi-transit service system and method for realizing same |
| CN2010105545514A Expired - Fee Related CN102034323B (en) | 2009-12-01 | 2010-11-23 | Public traffic one-card service system and implementation method, service platform and point of sale (POS) machine thereof |
| CN2010206191688U Expired - Fee Related CN201910100U (en) | 2009-12-01 | 2010-11-23 | Bus one-card business system, bus one-card business platform and POS (point-of-sale) machine |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910238774A Pending CN101739771A (en) | 2009-12-01 | 2009-12-01 | One-card multi-transit service system and method for realizing same |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010206191688U Expired - Fee Related CN201910100U (en) | 2009-12-01 | 2010-11-23 | Bus one-card business system, bus one-card business platform and POS (point-of-sale) machine |
Country Status (3)
| Country | Link |
|---|---|
| CN (3) | CN101739771A (en) |
| HK (1) | HK1134751A2 (en) |
| WO (1) | WO2011066704A1 (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103400460A (en) * | 2013-07-22 | 2013-11-20 | 孙伟 | Mobile POS (point of sale) machine, card business realizing system and method |
| CN103400461A (en) * | 2013-07-22 | 2013-11-20 | 孙伟 | POS (point-of-sale) machine, card service realization system and method |
| CN105184983A (en) * | 2015-09-01 | 2015-12-23 | 成都智控科技有限公司 | Long-distance electricity selling system based on general-purpose card |
| CN106296145A (en) * | 2016-08-05 | 2017-01-04 | 广东岭南通股份有限公司 | Transportation card the Internet recharge method and device |
| WO2017166067A1 (en) * | 2016-03-29 | 2017-10-05 | 李昕光 | Recharging system |
Families Citing this family (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101739771A (en) * | 2009-12-01 | 2010-06-16 | 孙伟 | One-card multi-transit service system and method for realizing same |
| CN102467796B (en) * | 2011-11-18 | 2014-08-27 | 陈飞 | Bus card recharging system based on identification |
| CN102542225A (en) * | 2011-12-05 | 2012-07-04 | 天津市通卡公用网络系统有限公司 | Cross-platform smart card online operating system and method |
| CN102799916A (en) * | 2012-07-17 | 2012-11-28 | 福建物联天下信息科技有限公司 | Information sharing method based on radio frequency identification |
| CN103684768A (en) * | 2012-09-10 | 2014-03-26 | 中国银联股份有限公司 | POS system and method for bidirectional authentication in POS system |
| CN103400266A (en) * | 2013-07-22 | 2013-11-20 | 孙伟 | Dual-interface card module combination equipment and card service implementation system and method |
| CN104700261B (en) | 2013-12-10 | 2018-11-27 | 中国银联股份有限公司 | The safe networking initial method and its system of POS terminal |
| CN105184970B (en) * | 2015-08-27 | 2018-09-04 | 余荣军 | Bus IC card network payment system and its method of payment |
| CN105185002B (en) * | 2015-09-09 | 2018-06-12 | 建亿通(北京)数据处理信息有限公司 | Mobile terminal, business platform and card operation system |
| CN105184565A (en) * | 2015-09-09 | 2015-12-23 | 建亿通(北京)数据处理信息有限公司 | Card business realizing method, business platform and system |
| CN105160776B (en) * | 2015-09-09 | 2017-07-21 | 建亿通(北京)数据处理信息有限公司 | City one-card card, business platform, card operation system and implementation method |
| CN106997529B (en) | 2016-01-25 | 2021-12-24 | 创新先进技术有限公司 | Credit payment method and device based on mobile terminal eSE |
| CN106485490A (en) * | 2016-10-19 | 2017-03-08 | 济南浪潮高新科技投资发展有限公司 | A kind of POS mode of payment realized based on OCX control |
| CN106384234A (en) * | 2016-10-31 | 2017-02-08 | 济南浪潮高新科技投资发展有限公司 | Method of realizing fund payment risk management based on POS machine |
| CN106682894A (en) * | 2016-11-30 | 2017-05-17 | 广东工业大学 | National all-purpose card interconnection and intercommunication payment method based on mobile phone NFC |
| CN107093241A (en) * | 2017-05-02 | 2017-08-25 | 支码开门科技有限公司 | Electric locking and lock control method |
| CN107749085A (en) * | 2017-10-25 | 2018-03-02 | 北京匡恩网络科技有限责任公司 | Ticket card, method and machinable medium using ticket card |
| CN108053200A (en) * | 2017-12-28 | 2018-05-18 | 新开普电子股份有限公司 | City one-card manages system |
| CN110460562A (en) * | 2018-05-08 | 2019-11-15 | 无锡酷银科技有限公司 | A kind of long-range Activiation method of POS terminal and system |
| CN110414982A (en) * | 2019-07-10 | 2019-11-05 | 武汉城市一卡通有限公司 | A kind of all-purpose card method of commerce and system |
| CN110532788B (en) * | 2019-08-09 | 2023-03-10 | 广州科伊斯数字技术有限公司 | Encryption method for rotary display LED screen |
| CN110830486B (en) * | 2019-11-13 | 2022-11-25 | 深圳市亲邻科技有限公司 | Card reading and writing method and device based on multi-terminal communication and multi-terminal communication system |
| CN112862480B (en) * | 2021-01-25 | 2023-05-30 | 支付宝(杭州)信息技术有限公司 | Traffic card processing method and device based on near field communication |
| CN114038132A (en) * | 2021-11-11 | 2022-02-11 | 武汉天喻信息产业股份有限公司 | Offline collection terminal, system and collection and cash withdrawal method based on internet access |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1547144A (en) * | 2003-12-10 | 2004-11-17 | 北京矽谷学人科技有限公司 | Internet safety payment system |
| JP2005050263A (en) * | 2003-07-31 | 2005-02-24 | Matsushita Electric Ind Co Ltd | Portable terminal and service processing method |
| US7096494B1 (en) * | 1998-05-05 | 2006-08-22 | Chen Jay C | Cryptographic system and method for electronic transactions |
| CN1853189A (en) * | 2003-06-04 | 2006-10-25 | 运通卡国际股份有限公司 | Customer authentication in e-commerce transactions |
| CN101436332A (en) * | 2008-12-19 | 2009-05-20 | 福建今日特价网络有限公司 | Payment system and method |
| CN201910100U (en) * | 2009-12-01 | 2011-07-27 | 孙伟 | Bus one-card business system, bus one-card business platform and POS (point-of-sale) machine |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| NZ546789A (en) * | 2002-03-14 | 2008-01-31 | Euronet Worldwide Inc | A system and method for purchasing goods and services through data network access points over a point of sale network |
| CN2938244Y (en) * | 2006-04-11 | 2007-08-22 | 北京兴华邦科技有限公司 | Intelligent card POS apparatus |
| CN101458853A (en) * | 2007-12-11 | 2009-06-17 | 结行信息技术(上海)有限公司 | On-line POS system and smart card on-line payment method |
-
2009
- 2009-12-01 CN CN200910238774A patent/CN101739771A/en active Pending
-
2010
- 2010-01-25 HK HK10100783A patent/HK1134751A2/en not_active IP Right Cessation
- 2010-02-26 WO PCT/CN2010/000245 patent/WO2011066704A1/en active Application Filing
- 2010-11-23 CN CN2010105545514A patent/CN102034323B/en not_active Expired - Fee Related
- 2010-11-23 CN CN2010206191688U patent/CN201910100U/en not_active Expired - Fee Related
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7096494B1 (en) * | 1998-05-05 | 2006-08-22 | Chen Jay C | Cryptographic system and method for electronic transactions |
| CN1853189A (en) * | 2003-06-04 | 2006-10-25 | 运通卡国际股份有限公司 | Customer authentication in e-commerce transactions |
| JP2005050263A (en) * | 2003-07-31 | 2005-02-24 | Matsushita Electric Ind Co Ltd | Portable terminal and service processing method |
| CN1547144A (en) * | 2003-12-10 | 2004-11-17 | 北京矽谷学人科技有限公司 | Internet safety payment system |
| CN101436332A (en) * | 2008-12-19 | 2009-05-20 | 福建今日特价网络有限公司 | Payment system and method |
| CN201910100U (en) * | 2009-12-01 | 2011-07-27 | 孙伟 | Bus one-card business system, bus one-card business platform and POS (point-of-sale) machine |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103400460A (en) * | 2013-07-22 | 2013-11-20 | 孙伟 | Mobile POS (point of sale) machine, card business realizing system and method |
| CN103400461A (en) * | 2013-07-22 | 2013-11-20 | 孙伟 | POS (point-of-sale) machine, card service realization system and method |
| CN103400460B (en) * | 2013-07-22 | 2017-06-06 | 建亿通(北京)数据处理信息有限公司 | Mobile POS, the system and method for card business realizing |
| CN105184983A (en) * | 2015-09-01 | 2015-12-23 | 成都智控科技有限公司 | Long-distance electricity selling system based on general-purpose card |
| CN108038961A (en) * | 2015-09-01 | 2018-05-15 | 陈国栋 | Long-range electricity-selling system based on all-purpose card |
| CN108038963A (en) * | 2015-09-01 | 2018-05-15 | 吴杰 | Using the long-range electricity-selling system based on all-purpose card of ARM9 processors |
| CN108091039A (en) * | 2015-09-01 | 2018-05-29 | 陈国栋 | The higher long-range electricity-selling system based on all-purpose card of safety and reliability |
| CN108038963B (en) * | 2015-09-01 | 2019-12-20 | 吴杰 | Remote electricity selling system based on all-purpose card and adopting ARM9 processor |
| CN108038961B (en) * | 2015-09-01 | 2021-07-27 | 陈国栋 | Remote electricity selling system based on all-purpose card |
| WO2017166067A1 (en) * | 2016-03-29 | 2017-10-05 | 李昕光 | Recharging system |
| CN106296145A (en) * | 2016-08-05 | 2017-01-04 | 广东岭南通股份有限公司 | Transportation card the Internet recharge method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2011066704A1 (en) | 2011-06-09 |
| CN102034323B (en) | 2012-11-28 |
| CN101739771A (en) | 2010-06-16 |
| HK1134751A2 (en) | 2010-05-07 |
| CN201910100U (en) | 2011-07-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102034323B (en) | Public traffic one-card service system and implementation method, service platform and point of sale (POS) machine thereof | |
| US20230206217A1 (en) | Digital asset distribution by transaction device | |
| RU2648944C2 (en) | Methods, devices, and systems for secure provisioning, transmission and authentication of payment data | |
| CN110462663A (en) | For indicating the static token system and method for dynamic authentic credential | |
| CN202067336U (en) | Payment device and system for realizing network security certification | |
| US20030130955A1 (en) | Secure transaction systems | |
| CN108476227A (en) | System and method for equipment push supply | |
| CN108665263B (en) | Multi-dimensional bar code action payment method, buyer device and payment servo mechanism | |
| CN106462843A (en) | Master applet for secure remote payment processing | |
| CN105590214A (en) | Payment method and payment system based on virtual card | |
| CA2815529A1 (en) | Integration of verification tokens with portable computing devices | |
| CN101686225A (en) | Methods of data encryption and key generation for on-line payment | |
| CN101685512A (en) | Computer, payment system and method thereof for realizing on-line payment | |
| CN103198405A (en) | Intelligent payment method and system based on camera scanning verification | |
| CN101138242A (en) | An interactive television system | |
| JP2016076262A (en) | Method of paying for product or service in commercial website via internet connection and corresponding terminal | |
| CN109716373A (en) | Cipher authentication and tokenized transaction | |
| CN104182875A (en) | Payment method and payment system | |
| CN101223729B (en) | Updating a mobile payment device | |
| CN105260884A (en) | POS machine key distributing method and device | |
| US20020095580A1 (en) | Secure transactions using cryptographic processes | |
| Thangamuthu | A survey on various online payment and billing techniques | |
| JP2004164597A (en) | Method for purchasing goods and services | |
| Markantonakis et al. | Smart cards for Banking and Finance | |
| CN116802661A (en) | Token-based out-of-chain interaction authorization |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: JIANYITONG (BEIJING) DATA PROCESSING INFORMATION C Free format text: FORMER OWNER: SUN WEI Effective date: 20141102 Free format text: FORMER OWNER: HE ZONGSHENG Effective date: 20141102 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100005 DONGCHENG, BEIJING TO: 100020 CHAOYANG, BEIJING |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20141102 Address after: 100020 Beijing city Chaoyang District East Third Ring Road No. 19 green building room 1709A Patentee after: Billion through (Beijing) data processing information Co., Ltd. Address before: 100005 Beijing Dongcheng District Jinbao Street No. 2 Ya'an Residence Internazionale South Building Room 402 Patentee before: Sun Wei Patentee before: He Zongsheng |
|
| DD01 | Delivery of document by public notice |
Addressee: Billion through (Beijing) data processing information Co., Ltd. Document name: Notification to Pay the Fees |
|
| DD01 | Delivery of document by public notice | ||
| DD01 | Delivery of document by public notice |
Addressee: Billion through (Beijing) data processing information Co., Ltd. Document name: Notification of Termination of Patent Right |
|
| DD01 | Delivery of document by public notice | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20121128 Termination date: 20181123 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |