Method for safely downloading master key automatically in bank card payment system and system thereof

A payment system, safe and automatic technology, applied in the payment system structure, transmission system, point-of-sale network system, etc., can solve the problems of large carrying links, security risks, and plaintext input security loopholes, etc., to solve security loopholes and high security. Effect

Active Publication Date: 2010-12-29
CHINA UNIONPAY
View PDF7 Cites 44 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0017] There are serious security holes in plaintext input, and it is easy to obtain, especially through manual operations
[0018] Although the import of IC ciphertext and parent POS has partially solved the security risks in the transmission process, there are still relatively large security risks in the storage and carrying of the transmission key IC card and parent POS
[0019] All the above TMK download methods require manual intervention to directly operate the POS terminal, that is, technical support personnel are required to go to the site where the POS terminal is deployed to complete the download task, and the labor cost is relatively high, especially when the number of POS terminals is relatively large and the fault terminal is serious in the case of

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for safely downloading master key automatically in bank card payment system and system thereof
  • Method for safely downloading master key automatically in bank card payment system and system thereof
  • Method for safely downloading master key automatically in bank card payment system and system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] In order to solve the defects existing in the above existing TMK downloading process, the present invention proposes a method for safely and automatically downloading TMK. The download of TMK is completely controlled and managed by TMS, and the data exchange with the POS terminal is automatically completed. During the entire exchange process, no manual intervention is required, which not only greatly reduces labor costs, but also ensures the safety and reliability of the TMK transmission process.

[0032] In order to ensure the safe transmission of TMK, this method introduces an asymmetric encryption algorithm of public and private keys. The idea of ​​this encryption algorithm is: first, the TMS calls the encryption machine to generate a pair of public and private keys, in which the private key is stored in the encryption machine, and the public key is stored in the TMS database for downloading by the POS terminal. The download process is shown as follows: figure 2 As ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for safely automatically downloading a terminal master key TMK in a bank card payment system and a system thereof. The bank card payment system comprises a point of sales (POS) terminal, a terminal management system (TMS), a password keyboard and a hardware security machine. The method comprises that: the TMS calls the security machine to generate a pair of public and private keys; the POS terminal calls the password keyboard to randomly generate the terminal master key TMK, and encrypts the TMK by using the public key of the TMS and uploads the encrypted TMK to the TMS; and the TMS calls the security machine and decrypts the TMK by using the private key and stores the decrypted TMK. The TMK is randomly generated, the transmission process is closed, a TMK plaintext cannot appear outside safe storage equipment and is encrypted by the public key in the transmission process, and a TMK ciphertext can only be decrypted in the security machine of the TMS, so that the method and the system have high safety.

Description

technical field [0001] The invention relates to a bank card payment system, in particular to a security protection method for a master key in the bank card payment system. Background technique [0002] Bank card (Bank Card) is becoming more and more popular as a payment tool. The usual bank card payment system includes point of sale terminal (Point Of Sale: POS), terminal management system (Terminal Management System: TMS), password keyboard (PIN PAD) and Hardware encryption machine (Hardware and SecurityModule: HSM). [0003] Among them, the POS terminal can accept bank card information, has communication function, and accepts the instructions of the teller to complete the exchange of financial transaction information and related information; the TMS system centrally manages the subordinate POS terminals, including parameter downloading, key downloading, A centralized management and transaction processing system that accepts, processes or forwards transaction requests from...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G07G1/14H04L29/06G07F7/10G06Q20/00
CPCG06Q20/355G07F7/088G07G1/14G06Q20/20
Inventor 董立赵健吴亮陈贤强
Owner CHINA UNIONPAY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap