Gold card transaction management system and method
By using asymmetric encryption and one-time password technology, the problems of cardholder identity verification and card security in gold card transactions have been solved, thereby improving the security and liquidity of gold card transactions.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- 庄连豪
- Filing Date
- 2022-06-01
- Publication Date
- 2026-06-26
AI Technical Summary
Existing gold card trading systems cannot effectively verify cardholder identity, and radio frequency identification technology poses risks of easy leakage of personal data and easy theft of cards, affecting the fairness and liquidity of transactions.
It employs an asymmetric encryption algorithm and a one-time password. Through information exchange between the information device and the gold card, public and private keys are generated for encryption and decryption. Combined with a hash operator and a random generator, the uniqueness and security of the card are ensured. The transaction server verifies the card serial number and member serial number to confirm the cardholder's identity and handles the loss reporting process when the card is stolen or lost.
This ensures that the user in a transaction is the cardholder, prevents card theft, enhances transaction security and liquidity, and ensures the uniqueness and identity verification of the gold card.
Smart Images

Figure CN117196834B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to a gold card transaction management system and method, and more particularly to a gold card transaction management system and method that utilizes an asymmetric encryption algorithm for transaction management. Background Technology
[0002] With the development of technology and the internet, gold trading is no longer like traditional transactions, which rely on certificates of authenticity, quality assurance certificates, or markings engraved on the gold itself to identify its authenticity. Instead, gold is embedded in cards equipped with radio frequency identification (RFID) technology to record transaction history, thereby ensuring the fairness of gold transactions and guaranteeing the authenticity of the gold. However, while RFID technology brings convenience, it also brings problems such as the easy leakage of personal data, tracking, and theft or forgery of data.
[0003] Furthermore, neither traditional physical gold transactions nor gold card transactions using RFID technology can easily prove that the person holding the gold is the owner. Also, if a gold card is lost and misused by unscrupulous individuals, it is difficult to prove their identity. Therefore, how to ensure that gold cards equipped with RFID technology can identify the cardholder, the composition of the gold, and related information when the card is used for a transaction, lost, or misused, and effectively accelerate the circulation of gold transactions, is a problem that needs to be solved. Summary of the Invention
[0004] In view of the above problems, based on years of experience in related industries, the inventor has made improvements to the gold card transaction management system and method. Therefore, the main objective of this invention is to provide a gold card transaction management system and method that enables the identification of the user of the gold card transaction as the cardholder and the composition and related history of the gold, whether the gold card is used for a transaction or is accidentally lost or stolen, and effectively speeds up the circulation of gold transactions.
[0005] To achieve the above objectives, the present invention provides a gold card transaction management method for retrieving gold information from a gold card and conducting transactions. First, an information device sends a decryption request with a first identification code to a gold card. The gold card generates a second identification code based on the decryption request and feeds back the second identification code and a card serial number stored in memory to the information device. Second, the information device automatically selects and transmits the card serial number, a member serial number, and a device serial number to a transaction server. The transaction server then compares the aforementioned serial numbers with a verification list. If any one of the serial numbers or their combination matches... If the information is recorded in the checklist, an encryption request is generated and transmitted to the information device. Then, based on the encryption request, the information device automatically selects one or a combination of the first identification code, second identification code, card serial number, or member serial number using an asymmetric encryption algorithm, converting them into a corresponding public key and a private key, and transmits the public key to the gold card. Next, the gold card executes a preset cryptographic hash function to encrypt the gold information using the public key, generating encrypted data which is then transmitted to the information device. Finally, the information device uses the private key to decrypt the encrypted data to obtain the gold information.
[0006] Furthermore, to ensure that the user operating the system of this invention is indeed the holder of the gold card, the system can be configured so that the information device at least selects to transmit the membership number and card number to the transaction server, so that the transaction server can verify whether the user's membership number has been logged into the gold card. Next, to ensure the uniqueness of the user operating the system of this invention and the gold card being sensed, the system can be configured so that the information device at least converts the first identification code and the second identification code into corresponding public and private keys. Since the first identification code and the second identification code are generated at the moment, they are difficult to be stolen midway or later.
[0007] Furthermore, to prevent the gold card from being stolen, the gold card can be pre-embedded with a hash operator and a random number generator to execute a preset encrypted hash function to encrypt the second identification code and the card serial number, generate hash data, and then transmit it to the information device. In this way, the user of the system of the present invention can only obtain the second identification code and the card serial number by decrypting it using a preset hash value pre-stored in the cardholder's membership account.
[0008] Furthermore, before the information device transmits the public key to the gold card, the public key is converted into a public key fingerprint through an encrypted hash function, and then the public key fingerprint is transmitted to the gold card, which then encrypts the gold information using the public key fingerprint.
[0009] Furthermore, when the information device sends a lost card request to the transaction server, the transaction server encrypts the card serial number with the latest public key based on the lost card request. Then, when the transaction server confirms whether the card serial number is recorded in the checklist, it requests the information device to send the latest private key for decryption.
[0010] Furthermore, the first identification code and the second identification code are respectively a randomly generated 128-bit scrambled code, or a one-time cipher based on a time-based one-time cipher algorithm, or a combination thereof.
[0011] Furthermore, the one-time password of the first identification code is generated by the information device using one or a combination of the member serial number or the device serial number and a current timestamp, by executing an encrypted hash function.
[0012] Furthermore, the one-time password of the second identification code is generated by the gold card using the card serial number and a current timestamp, by executing the preset encrypted hash function.
[0013] Furthermore, when the gold card receives the decryption request, or when the transaction server confirms that one or a combination of the card serial number, the member serial number, or the device serial number is not recorded in the verification list, the gold card will emit different colors of light depending on the situation.
[0014] This invention also provides a gold card transaction management system for conducting transactions using gold information, comprising:
[0015] A gold card, having a wireless communication element that stores information about the gold and a card serial number;
[0016] A transaction server has a comparison module for generating an encrypted request when verifying that one or a combination of a card serial number, a member serial number, or a device serial number is recorded in a checklist.
[0017] An information device, connected to the gold card and the transaction server, has the following features:
[0018] A sensing unit is provided for transmitting a decryption request having a first identification code to the wireless communication element, the wireless communication element generating a second identification code based on the decryption request, and transmitting the second identification code and the card serial number to the information device.
[0019] A user interface module for automatically selecting one or a combination of the card serial number, the member serial number, or the device serial number to transmit to the transaction server;
[0020] An encryption / decryption module is provided for automatically selecting, based on the encryption request, one or a combination thereof—the first identification code, the second identification code, the card serial number, or the member serial number—using an asymmetric encryption algorithm to convert them into a corresponding public key and a private key, and transmitting the public key to the gold card through the sensing unit; and
[0021] When the wireless communication element executes a preset encryption hash function to encrypt the gold information with the public key to generate encrypted data, and transmits the encrypted data to the information device, the encryption / decryption module uses the private key to decrypt the encrypted data to obtain the gold information.
[0022] Furthermore, the user interface module at least selects to transmit the card serial number and the membership serial number to the transaction server.
[0023] Furthermore, when the encryption / decryption module generates the public key and the private key, it at least selects to convert the first identifier and the second identifier into the public key and the private key.
[0024] Furthermore, before the wireless communication element transmits the second identification code and the card serial number to the information device, the wireless communication element executes the preset encryption hash function to encrypt the second identification code and the card serial number, generate a hash data and transmit it to the information device. The encryption / decryption module then decrypts the data according to a preset hash value to obtain the second identification code and the card serial number.
[0025] Furthermore, before the information device transmits the public key to the gold card, the public key is converted into a public key fingerprint through an encrypted hash function, and then the public key fingerprint is transmitted to the gold card. The wireless communication element then encrypts the gold information using the public key fingerprint.
[0026] Furthermore, the transaction server has a lost card reporting module, which, when the information device sends a lost card reporting request to the transaction server, encrypts the card serial number with the latest public key based on the lost card reporting request. Then, when the comparison module confirms whether the card serial number is recorded in the checklist, it requests the information device to send the latest private key for decryption.
[0027] Furthermore, the first identification code and the second identification code are respectively a randomly generated 128-bit scrambled code, or a one-time cipher based on a time-based one-time cipher algorithm, or a combination thereof.
[0028] Furthermore, the one-time password of the first identification code is generated by the encryption / decryption module using one or a combination of the member serial number or the device serial number and a current timestamp, by executing an encrypted hash function.
[0029] Furthermore, the one-time password of the second identification code is generated by the wireless communication element using the card serial number and a current timestamp to execute the preset encrypted hash function.
[0030] Furthermore, the gold card has a light-emitting element that emits different colors of light in response to different conditions.
[0031] Furthermore, to prevent the gold card from being stolen, physical anti-theft measures can be adopted. When the gold card is disassembled and damaged by external force, the internal induction coil and circuit of the wireless communication element are also destroyed. In this way, the data inside the card cannot be copied or used, making it difficult for people to steal it.
[0032] Furthermore, to prevent the gold card from being misused if the cardholder accidentally loses it, the transaction server can encrypt the card serial number of the lost gold card with the public key of the last time it was detected based on a loss report request, and enable the user operating the system of this invention to transmit the private key generated when the gold card was last detected for decryption.
[0033] Furthermore, to facilitate cardholder management of the public key and improve the efficiency of the gold card in encrypting gold information, the public key is converted into a public key fingerprint through an encrypted hash function before the information device transmits the public key to the gold card, thereby shortening the length of the public key. The public key fingerprint is then transmitted to the gold card to improve the efficiency of the gold card encryption.
[0034] Furthermore, when a user wishes to trade their own gold card, they can perform the above steps through the information device and the gold card to access their member account and obtain gold information. Then, they can use the user interface module to set up their member account, trade gold cards, record commemorative videos, report lost gold cards, and so on. In this way, the gold card can become a pass to log in to the transaction management system of this invention, and the transaction management system of this invention will only recognize this gold card as the gold card for this designated transaction. Attached Figure Description
[0035] Figure 1 This is a system architecture diagram of the present invention;
[0036] Figure 2 This is a flowchart of the gold card transaction management method of the present invention;
[0037] Figure 3 This is a schematic diagram of an embodiment of the present invention (I);
[0038] Figure 4 This is a schematic diagram (II) illustrating an embodiment of the present invention.
[0039] Figure 5 This is a schematic diagram (iii) illustrating an embodiment of the present invention.
[0040] Figure 6 This is a schematic diagram (four) illustrating an embodiment of the present invention;
[0041] Figure 7 This is a schematic diagram (V) illustrating an embodiment of the present invention;
[0042] Figure 8 This is a schematic diagram (six) illustrating an embodiment of the present invention;
[0043] Figure 9 This is a schematic diagram (seven) illustrating an embodiment of the present invention;
[0044] Figure 10 This is a schematic diagram (eight) illustrating an embodiment of the present invention.
[0045] Explanation of reference numerals in the attached figures
[0046] 1 Information device 11 User interface module
[0047] 12 sensing units
[0048] 13 storage units
[0049] 14 Encryption / Decryption Modules
[0050] 2 gold cards 21 wireless communication components
[0051] 22 Light-emitting elements
[0052] 3 Transaction Servers 31 Comparison Module
[0053] 32 Databases
[0054] 33 Loss Reporting Module
[0055] S1 Inductive Gold Card
[0056] S2 Gold Card Response Information Device
[0057] S3 transmits verification information to the transaction server.
[0058] S4 verifies whether the user is a Gold Card holder.
[0059] S5 generates public and private keys.
[0060] S6 encrypts gold information.
[0061] S7 decrypts encrypted data. Detailed Implementation
[0062] Please see Figure 1 , Figure 1The system architecture diagram of the present invention is shown in the figure. The gold card transaction management system of the present invention has an information device 1, a gold card 2 and a transaction server 3. The aforementioned devices are interconnected. The information device 1 can be one of a mobile phone, a tablet computer, a personal computer, etc., but is not limited thereto.
[0063] The information device 1 includes a user interface module 11, a sensing unit 12, a storage unit 13, and an encryption / decryption module 14. The aforementioned modules and units are interconnected. The user interface module 11 and the encryption / decryption module 14 can be driven by a processor. The processor can be one or a combination of a central processing unit (CPU), a graphics processing unit (GPU), a microprocessor (MPU), or a microcontroller (MCU), but is not limited thereto.
[0064] Continuing on the above, the user interface module 11 can be a mobile application (APP) or a webpage hosted on a web browser, allowing users to connect to the transaction server 3 via the network through the information device 1 and receive information generated by the user's operation of the information device 1; the sensing unit 12 can be a reader with the function of scanning one-dimensional or two-dimensional barcodes, or using near-field communication (NFC) or radio frequency identification (RFID) for sensing, to read the information stored in one-dimensional barcodes, two-dimensional barcodes, wireless communication elements, etc.; the storage unit 13 can be a solid-state disk (SSD), a hard disk drive (HDD), a static random access memory (SRAM), a random access memory (DRAM), or a cloud hard drive. The device may be equipped with one or a combination of the following: a drive, etc., for storing electronic data; the encryption / decryption module 14 may be used to generate a key using an asymmetric encryption algorithm or a hash encryption algorithm, and to encrypt or decrypt using the key or a memory hash value.
[0065] The gold card 2 has a wireless communication element 21, which can embed multiple logic gates such as a hash arithmetic unit and a random number generator, and stores a card serial number and a preset encrypted hash function. Its data structure can be {Count, Card ID, Data}, where Count is the number of times the gold card 2 has been read, Card ID can be a card serial number corresponding to a membership number of the cardholder, and Data can be gold information, which may include one or a combination of a gold product serial number, a gold weight, a gold purity, a gold purchase time, a gold raw material source, or an exchange rate at the time of gold purchase.
[0066] The transaction server 3 has a comparison module 31, a database 32 and a loss reporting module 33. The aforementioned modules are interconnected. The comparison module 31 and the loss reporting module 33 can be driven by another processor. The processor can be one or a combination of a central processing unit (CPU), a graphics processing unit (GPU), a microprocessor (MPU), or a micro control unit (MCU), but is not limited thereto.
[0067] Continuing from the above, the comparison module 31 can be used to verify whether the data transmitted by the information device 1 is consistent with the data stored in the database 32; the database 32 can be one or a combination of a solid state disk (SSD), a hard disk drive (HDD), a static random access memory (SRAM), a random access memory (DRAM), or a cloud drive, for storing electronic data; the loss reporting module 33 can be used to encrypt the gold card 2 when the cardholder loses it, so as to protect the gold card 2 from being stolen by unscrupulous persons.
[0068] Please see Figure 2 The above is a flowchart of the gold card transaction management method of the present invention, and can be consulted for further information. Figure 1 As shown in the figure, the gold card transaction management method of the present invention is as follows:
[0069] Inductive Gold Card S1: Please refer to Figure 3The figure shows an embodiment of the present invention (I). As shown, when a user wants to know the current value of the gold card 2, they can log into a member account through the user interface module 11 via the operating information device 1 and place the gold card 2 within the sensing range of the sensing unit 12. The sensing unit 12 will then send a decryption request for a first identification code generated by the encryption / decryption module 14 to the gold card 2. The first identification code has a one-time nature and can be one or a combination of a randomly generated 128-bit random number or a one-time password based on a time-based one-time password algorithm (TOTP). More specifically, the one-time password can be generated by the encryption / decryption module 14 using one or a combination of a member serial number or a device serial number in the storage unit 13 and a current timestamp, performing an encrypted hash function. The member serial number can be the account number, password, or biometric identification corresponding to the user's member account, and the device serial number can be the device number of the information device 1 currently operated by the user.
[0070] Gold Card Response Information Device S2: When Gold Card 2 receives a decryption request, Wireless Communication Element 21 can generate a second identification code based on the decryption request through a pre-embedded hash operator and random generator, and transmit the second identification code and a card serial number to Information Device 1. The second identification code can be a randomly generated 128-bit scrambled code, or a one-time password based on the Time-Based One-Time Cipher Algorithm (TOTP), or a combination thereof. More specifically, the one-time password can be generated by Wireless Communication Element 21 using the card serial number and the current timestamp to execute a preset encrypted hash function.
[0071] Transmit verification information to transaction server S3: When information device 1 receives the second identification code and card serial number, it automatically selects one or a combination of card serial number, member serial number, or device serial number through user interface module 11 to transmit to transaction server 3.
[0072] Verify if the user is a Gold Cardholder (S4): Please refer to the following: Figure 4The following is a schematic diagram of the implementation of the present invention (II). As shown in the figure, when the transaction server 3 receives one or a combination of card serial number, member serial number, or device serial number, the comparison module 31 compares one or a combination of card serial number, member serial number, or device serial number with a checklist in the database 32. When the comparison module 31 confirms that one or a combination of card serial number, member serial number, or device serial number is recorded in the checklist (the comparison operation is performed by the transaction server 3 and the progress is displayed by the information device 1), an encrypted request is generated and transmitted to the information device 1. The checklist may include basic information of the user's member account (such as name, telephone number, ID card number, etc.) or one or a combination of member serial number, card serial number of the gold card 2 held by the user, and device serial number of the information device 1 held by the user, but is not limited thereto.
[0073] Generate public and private S5 keys: Please refer to the following documentation. Figure 5 The following is a schematic diagram of the implementation of the present invention (III). As shown in the figure, when the information device 1 receives an encryption request, the encryption / decryption module 14 automatically selects one or a combination of the first identification code, the second identification code, the card serial number, or the member serial number based on the encryption request and converts them into a public key and a private key that correspond to each other. The public key is then transmitted to the gold card 2 through the sensing unit 12 and stored in the transaction server 3 through the user interface module 11. The asymmetric encryption algorithm can be one of RSA, ElGamal, Rabin, DSA, or ECDSA.
[0074] Encrypting gold information with S6: Please refer to the following: Figure 6 The following is a schematic diagram of the implementation of the present invention (IV). As shown in the figure, when the gold card 2 receives the public key, the wireless communication element 21 executes a preset encryption hash function through a pre-embedded hash operator and random generator to encrypt the gold information with the public key and generate encrypted data, and then transmits the encrypted data to the information device 1.
[0075] S7 Decrypting encrypted data: When the information device 1 receives encrypted data, the encryption / decryption module 14 uses the private key to decrypt the encrypted data to obtain gold information. In this way, the user can know the value of the gold card 2, such as the weight of gold, time, and price at the time of purchase. Furthermore, the user interface module 11 can retrieve the real-time gold price from the trading server 3 so that the user can know the net profit brought by the gold card 2.
[0076] In one embodiment, when the information device 1 receives the second identification code and the card serial number, the user interface module 11 selects to transmit at least the membership serial number and the card serial number to the transaction server 3. In this way, the transaction server 3 can confirm whether the user is the holder of the gold card 2 by using the membership serial number of the user who wants to know the value of the gold card 2 and the card serial number of the gold card 2 that has been sensed. If so, the subsequent steps can continue; if not, the information device 1 displays an error notification. In another embodiment, the user can also manually select to transmit one or a combination of the card serial number, membership serial number, or device serial number to the transaction server 3 through the user interface module 11.
[0077] In one embodiment, when the transaction server 3 confirms that the user is the cardholder of the gold card 2 and sends an encryption request to the information device 1, the encryption / decryption module 14 converts at least the first identification code and the second identification code into corresponding public and private keys. In this way, the information device 1 can use the one-time first identification code and the second identification code to generate one-time public and private keys to ensure the uniqueness of the user who wants to know the value of the gold card 2 and the gold card 2 that is sensed. In another embodiment, the user can also manually select to send one or a combination of the first identification code, the second identification code, the card serial number, or the membership serial number to the transaction server 3 through the user interface module 11.
[0078] In one embodiment, before the gold card 2 transmits the second identification code and card serial number to the information device 1, a preset encryption hash function is executed in advance through a pre-embedded hash operator and random generator to encrypt the second identification code and card serial number, generate hash data, and transmit it to the information device 1. Then, the encryption / decryption module 14 decrypts the data according to a preset hash value in the storage unit 13. If the preset hash value is the same as that recorded in the cardholder's membership account, the second identification code and card serial number can be obtained.
[0079] In one embodiment, before the information device 1 transmits the public key to the gold card 2, the public key is converted into a public key fingerprint using an encryption hash function, and then the public key fingerprint is transmitted to the gold card 2. The wireless communication element 21 can then encrypt the gold information using the public key fingerprint. Subsequently, the encryption / decryption module 14 can also decrypt the public key fingerprint based on the preset hash value in the storage unit 13 to obtain the gold information. The encryption hash function can be a Secure Hash Algorithm (SHA). In this way, the cardholder can easily manage the public key, and the efficiency of the gold card 2 in encrypting the gold information can also be improved.
[0080] In one embodiment, please refer to the following: Figure 7The following is a schematic diagram of the implementation of the present invention (V). As shown in the figure, when a user wants to trade the gold card 2 he / she owns, he / she can perform the above steps through the information device 1 and the gold card 2 to enter the member account and obtain gold information. Then, by using the user interface module 11, he / she can perform functions such as member account settings, trading gold cards, recording commemorative videos and audios, and reporting lost gold cards. In this way, the gold card 2 can become a pass to log in to the transaction management system of the present invention. The transaction management system of the present invention also recognizes only this gold card 2 as the gold card 2 designated for this transaction.
[0081] In one embodiment, please refer to the following: Figure 8 Figure 6 illustrates an implementation of the present invention. As shown, when a cardholder loses their gold card 2, the information device 1 can transmit a loss report request to the transaction server 3. Based on the loss report request, the loss report module 33 encrypts the card serial number of the lost gold card 2 with the latest public key in the database 32, that is, the public key generated when the cardholder last sensed the loss of the gold card 2. Thus, when the transaction server 3 confirms whether the card serial number is recorded in the checklist, since the card serial number has been encrypted, it requests the information device 1 to transmit the private key generated when the gold card 2 was last sensed for decryption. If the private key exists, the loss report record is deleted; otherwise, the information device 1 is refused access.
[0082] In one embodiment, please refer to the following: Figure 9 Figure 7 illustrates the implementation of the present invention. As shown, when a user senses a gold card 2' that is not in their possession through the information device 1, the user interface module 11 transmits the card serial number and membership serial number to the transaction server 3. Then, the comparison module 31 compares the card serial number, membership serial number, and verification list to confirm whether the user is the holder of the gold card 2'. If so, the subsequent steps can continue; if not, the information device 1 displays an error notification.
[0083] In one embodiment, please refer to the following: Figure 10 Figure 8 shows an embodiment of the present invention. When the user senses the gold card 2 through the information device 1, the light-emitting element 22 will emit different colors of light to notify the user in different situations, so that the user can intuitively identify whether the operation is correct. For example, when the gold card 2 receives a decryption request, the light-emitting element 22 will emit a blue display light; and when the information device 1 displays an error notification, the light-emitting element 22 will also emit a red warning light at the same time, so that the user knows that this is an incorrect operation.
[0084] In one embodiment, the wireless communication element 21 has an easy-tear line, which is composed of multiple disconnect slits and multiple low-strength connecting bodies interlaced together. When the gold card 2 is disassembled and damaged by external force, the wireless communication element 21 is split into a combined connecting part and a circuit part according to the easy-tear line. In this way, the internal induction coil and circuit are damaged, and the data inside the card cannot be copied or used.
[0085] As described above, the gold card transaction management system and method of the present invention mainly send a one-time decryption request to the gold card through an information device to obtain the card serial number stored in the gold card, and transmit the member serial number and card serial number to the transaction server for verification. When the transaction server verifies that the user is the cardholder of the gold card, the information device generates corresponding public and private keys, which are used by the gold card to encrypt and decrypt the gold information stored in the memory. In this way, the system can determine that the user is the cardholder and conduct transactions based on the gold information. After implementation, the present invention can indeed achieve the goal of enabling gold cards equipped with radio frequency identification technology to identify the user of the gold card transaction as the cardholder and the composition and related history of the gold, whether the card is being transacted, lost, or stolen, and effectively accelerate the circulation of gold transactions.
[0086] However, the above description is only a preferred embodiment of the present invention and is not intended to limit the scope of the present invention; any equivalent changes and modifications made by those skilled in the art without departing from the spirit and scope of the present invention should be covered within the patent scope of the present invention.
Claims
1. A method for managing gold card transactions, for retrieving gold information from a gold card and conducting transactions, characterized in that, include: An information device transmits a decryption request with a first identification code to the gold card; The gold card generates a second identification code based on the decryption request, and transmits the second identification code and a card serial number to the information device; The information device automatically selects one or a combination of the card serial number, a member serial number, or a device serial number to transmit to a transaction server. When the transaction server confirms that one or a combination of the card serial number, the member serial number, or the device serial number is recorded in a checklist, it generates an encryption request and transmits it to the information device. Based on the encryption request, the information device automatically selects one or a combination of the first identification code, the second identification code, the card serial number, or the member serial number using an asymmetric encryption algorithm, converts them into a corresponding public key and a private key, and transmits the public key to the gold card. The gold card executes a preset cryptographic hash function, encrypts the gold information using the public key to generate encrypted data, and transmits the encrypted data to the information device; and The information device uses the private key to decrypt the encrypted data in order to obtain the gold information.
2. The gold card transaction management method as described in claim 1, characterized in that, The information device at least selects to transmit the card serial number and the membership serial number to the transaction server.
3. The gold card transaction management method as described in claim 1, characterized in that, When the information device generates the public key and the private key, it at least selects to convert the first identification code and the second identification code into the public key and the private key.
4. The gold card transaction management method as described in claim 1, characterized in that, Before the gold card transmits the second identification code and the card serial number to the information device, the gold card executes the preset encryption hash function to encrypt the second identification code and the card serial number, generate a hash data and transmit it to the information device. The information device then decrypts the data according to a preset hash value to obtain the second identification code and the card serial number.
5. The gold card transaction management method as described in claim 1, characterized in that, Before the information device transmits the public key to the gold card, the public key is converted into a public key fingerprint through an encrypted hash function, and then the public key fingerprint is transmitted to the gold card. The gold card then encrypts the gold information using the public key fingerprint.
6. The gold card transaction management method as described in claim 1, characterized in that, When the information device sends a lost card request to the transaction server, the transaction server encrypts the card serial number with the latest public key based on the lost card request. Then, when the transaction server confirms whether the card serial number is recorded in the checklist, it requests the information device to send the latest private key for decryption.
7. The gold card transaction management method as described in claim 1, characterized in that, The first identification code and the second identification code are respectively a randomly generated 128-bit scrambled code, or a one-time cipher based on a time-based one-time cipher algorithm, or a combination thereof.
8. The gold card transaction management method as described in claim 7, characterized in that, The one-time password of the first identification code is generated by the information device using one or a combination of the member serial number or the device serial number and a current timestamp, by executing an encrypted hash function.
9. The gold card transaction management method as described in claim 7, characterized in that, The one-time password for the second identification code is generated by the gold card using the card serial number and a current timestamp, and the execution of the preset encrypted hash function.
10. The gold card transaction management method as described in claim 1, characterized in that, When the gold card receives the decryption request, or when the transaction server confirms that one or a combination of the card serial number, the member serial number, or the device serial number is not recorded in the checklist, the gold card will emit different colors of light depending on the situation.
11. A gold card transaction management system for conducting transactions using gold information, characterized in that, include: A gold card, having a wireless communication element that stores information about the gold and a card serial number; A transaction server has a comparison module for generating an encrypted request when verifying that one or a combination of a card serial number, a member serial number, or a device serial number is recorded in a checklist. An information device, connected to the gold card and the transaction server, has the following features: A sensing unit is provided for transmitting a decryption request having a first identification code to the wireless communication element, the wireless communication element generating a second identification code based on the decryption request, and transmitting the second identification code and the card serial number to the information device. A user interface module for automatically selecting one or a combination of the card serial number, the member serial number, or the device serial number to transmit to the transaction server; An encryption / decryption module is provided for automatically selecting, based on the encryption request, one or a combination thereof—the first identification code, the second identification code, the card serial number, or the member serial number—using an asymmetric encryption algorithm to convert them into a corresponding public key and a private key, and transmitting the public key to the gold card through the sensing unit; and When the wireless communication element executes a preset encryption hash function to encrypt the gold information with the public key to generate encrypted data, and transmits the encrypted data to the information device, the encryption / decryption module uses the private key to decrypt the encrypted data to obtain the gold information.
12. The gold card transaction management system as described in claim 11, characterized in that, The user interface module at least selects to send the card serial number and the membership serial number to the transaction server.
13. The gold card transaction management system as described in claim 11, characterized in that, When the encryption / decryption module generates the public key and the private key, it at least selects to convert the first identifier and the second identifier into the public key and the private key.
14. The gold card transaction management system as described in claim 11, characterized in that, Before the wireless communication element transmits the second identification code and the card serial number to the information device, the wireless communication element executes the preset encryption hash function to encrypt the second identification code and the card serial number, generate a hash data and transmit it to the information device. The encryption and decryption module then decrypts the data according to a preset hash value to obtain the second identification code and the card serial number.
15. The gold card transaction management system as described in claim 11, characterized in that, Before the information device transmits the public key to the gold card, the public key is converted into a public key fingerprint through an encrypted hash function, and then the public key fingerprint is transmitted to the gold card. The wireless communication element then encrypts the gold information using the public key fingerprint.
16. The gold card transaction management system as described in claim 11, characterized in that, The transaction server has a lost card reporting module, which, when the information device sends a lost card reporting request to the transaction server, encrypts the card serial number with the latest public key based on the lost card reporting request. Then, when the comparison module confirms whether the card serial number is recorded in the checklist, it requests the information device to send the latest private key for decryption.
17. The gold card transaction management system as described in claim 11, characterized in that, The first identification code and the second identification code are respectively a randomly generated 128-bit scrambled code, or a one-time cipher based on a time-based one-time cipher algorithm, or a combination thereof.
18. The gold card transaction management system as described in claim 17, characterized in that, The one-time password for the first identification code is generated by the encryption / decryption module using one or a combination of the member serial number or the device serial number and a current timestamp, by executing an encrypted hash function.
19. The gold card transaction management system as described in claim 17, characterized in that, The one-time password for the second identification code is generated by the wireless communication element using the card serial number and a current timestamp, by executing the preset encrypted hash function.
20. The gold card transaction management system as described in claim 11, characterized in that, The gold card has a light-emitting element that emits different colors of light depending on the situation.