CN108564361B - Information processing method, device and equipment - Google Patents
Information processing method, device and equipment Download PDFInfo
- Publication number
- CN108564361B CN108564361B CN201810394687.XA CN201810394687A CN108564361B CN 108564361 B CN108564361 B CN 108564361B CN 201810394687 A CN201810394687 A CN 201810394687A CN 108564361 B CN108564361 B CN 108564361B
- Authority
- CN
- China
- Prior art keywords
- verification code
- sim card
- mobile terminal
- confirmed
- stk
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3229—Use of the SIM of a M-device as secure element
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Signal Processing (AREA)
- Finance (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Telephone Function (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses an information processing method, an information processing device and information processing equipment, wherein the method comprises the following steps: the SIM card installed on the mobile terminal displays an STK window on an interface of the mobile terminal through an STK active command, and the STK window displays safety operation data related to any safety operation and an input control for inputting a verification code; after receiving the verification code to be confirmed acquired by the mobile terminal from the input control and the operation information triggered by the safety operation data, the SIM card determines whether to verify the verification code to be confirmed according to the operation information; and after the SIM card confirms that the verification code to be confirmed is verified, verifying the verification code to be confirmed by utilizing the verification code generated in advance, and processing safety operation according to a verification result. Therefore, the mode that the user inputs the random verification code is added in the process of processing the safety operation, so that the threat of others to the safety of the user information by means of counterfeiting the confirmation information is prevented, the safety of the user information is ensured to a certain extent, and the safety of the safety operation is also improved.
Description
Technical Field
The present application relates to the field of data processing, and in particular, to an information processing method, apparatus, and device.
Background
The existing SIM (Subscriber Identity Module) card of a mobile phone can support the loading of various security applications, and can provide security functions such as digital signature, encryption and decryption, etc. through the security applications. Since the SIM Card does not have a display device and physical keys, the active command of the STK (SIM Card Tool) is generally used to display information and "confirm" and "cancel" keys of the physical keys when providing the above security functions.
However, since the display of information and the physical key function realized by using the active command of the STK are realized by depending on the built-in application of the mobile phone system, once the authority (usually called root) of the mobile phone system is forcibly raised, malicious software has an opportunity to pretend to be the display and physical key functions of the information processed by the built-in application of the mobile phone system, so that the step of confirming the information by the user, which should pop up the STK window, is tampered by the malicious software, and the information security of the user is threatened.
Disclosure of Invention
In view of this, embodiments of the present application provide an information processing method, apparatus, and device to solve the problem that in the prior art, security risk exists in information of a user.
In order to solve the above problem, the technical solution provided by the embodiment of the present application is as follows:
in a first aspect, the present application provides an information processing method applied to a SIM card installed on a mobile terminal, including:
the SIM card displays an STK window on an interface of the mobile terminal through an STK active command, and safety operation data related to any safety operation and an input control for inputting a verification code are displayed on the STK window;
after receiving the verification code to be confirmed acquired by the mobile terminal from the input control and the operation information triggered by the safety operation data, the SIM card determines whether to verify the verification code to be confirmed according to the operation information;
and after the SIM card confirms to verify the verification code to be confirmed, verifying the verification code to be confirmed by using the verification code generated in advance, and processing the safety operation according to a verification result.
In an optional implementation manner, before the SIM card displays an STK window on the interface of the mobile terminal through an STK active command, the method further includes:
and establishing a secure connection between the SIM card and the mobile terminal, wherein the secure connection is used for secure communication between the SIM card and the mobile terminal.
In an optional implementation manner, before verifying the verification code to be confirmed by using the pre-generated verification code, the method further includes:
based on the secure connection, the SIM card and the mobile terminal generate a verification code through a preset algorithm, and the verification code is used for verifying the verification code to be confirmed.
In an optional implementation manner, the determining whether to verify the verification code to be confirmed according to the operation information includes:
if the operation information is determination information, the SIM card determines to verify the verification code to be determined;
correspondingly, the verifying the verification code to be confirmed by using the pre-generated verification code, and processing the security operation according to the verification result includes:
the SIM card matches a pre-generated verification code with the verification code to be confirmed, and if the matching is successful, the safety operation is executed; otherwise, the security operation is terminated.
In an optional implementation manner, the determining whether to verify the verification code to be confirmed according to the operation information includes:
if the operation information is cancellation information, the SIM card determines that the verification code to be confirmed is not verified;
correspondingly, the method further comprises the following steps:
and if the SIM card determines that the verification code to be confirmed is not verified, terminating the safety operation.
In a second aspect, the present application provides an information processing method applied to a mobile terminal with an SIM card installed therein, the method including:
the mobile terminal displays a pre-generated verification code on an interface, and displays an STK window on the interface after receiving an STK active command from the SIM card; the STK window is displayed with safety operation data related to any safety operation and an input control for inputting a verification code;
after receiving the verification code to be confirmed in the input control and the operation information triggered by the safety operation data, the mobile terminal forwards the verification code to be confirmed and the operation information to the SIM card, so that the SIM card determines whether to verify the verification code to be confirmed according to the operation information, and processes the safety operation according to a verification result.
In an optional implementation manner, the mobile terminal displays a pre-generated verification code on an interface, and after receiving an STK active command from the SIM card, before displaying an STK window on the interface, the method further includes:
and the mobile terminal establishes a secure connection with the SIM card, wherein the secure connection is used for secure communication between the SIM card and the mobile terminal.
In an optional implementation manner, before the mobile terminal displays the pre-generated verification code on the interface, the method further includes:
based on the secure connection, the mobile terminal and the SIM card generate a verification code through a preset algorithm, and the verification code is used for verifying the verification code to be confirmed.
In an optional implementation manner, before the mobile terminal displays the pre-generated verification code on the interface, the method further includes:
the mobile terminal processes the pre-generated verification code to obtain a processed verification code;
correspondingly, the mobile terminal displays the pre-generated verification code on an interface, specifically:
and the mobile terminal displays the processed verification code on an interface.
In a third aspect, the present application provides an information processing apparatus applied to a SIM card installed on a mobile terminal, the apparatus including:
the command sending unit is used for sending an STK active command to the mobile terminal so as to display an STK window on an interface of the mobile terminal, and safety operation data related to any safety operation and an input control used for inputting a verification code are displayed on the STK window;
the determining unit is used for determining whether to verify the verification code to be confirmed according to the operation information after receiving the verification code to be confirmed acquired by the mobile terminal from the input control and the operation information triggered by the safety operation data;
and the verification and processing unit is used for verifying the verification code to be confirmed by using the verification code generated in advance after the verification of the verification code to be confirmed is determined, and processing the safety operation according to the verification result.
In an optional implementation, the apparatus further includes:
and the secure connection establishing unit is used for establishing secure connection with the mobile terminal, wherein the secure connection is used for secure communication between the SIM card and the mobile terminal.
In an optional implementation, the apparatus further includes:
and the generating unit is used for generating a verification code based on the secure connection and the mobile terminal through a preset algorithm, wherein the verification code is used for verifying the verification code to be confirmed.
In an optional implementation manner, the determining unit includes:
the first determining subunit is configured to determine to verify the verification code to be determined if the operation information is determination information;
correspondingly, the verification and processing unit comprises:
the matching subunit is used for matching the pre-generated verification code with the verification code to be confirmed, and if the matching is successful, the safety operation is executed; otherwise, the security operation is terminated.
In an optional implementation manner, the determining unit includes:
the second determining subunit is configured to determine not to verify the verification code to be confirmed if the operation information is cancellation information;
correspondingly, the device further comprises:
and the termination unit is used for terminating the safety operation if the verification code to be confirmed is determined not to be verified.
In a fourth aspect, the present application provides an information processing apparatus applied to a mobile terminal having a SIM card installed therein, the apparatus including:
the display unit is used for displaying the pre-generated verification code on an interface and displaying an STK window on the interface after receiving an STK active command from the SIM card; the STK window is displayed with safety operation data related to any safety operation and an input control for inputting a verification code;
and the forwarding unit is used for forwarding the verification code to be confirmed and the operation information to the SIM card after receiving the verification code to be confirmed in the input control and the operation information triggered aiming at the safety operation data, so that the SIM card determines whether to verify the verification code to be confirmed according to the operation information and processes the safety operation according to a verification result.
In an optional implementation, the apparatus further includes:
and the secure connection establishing unit is used for establishing secure connection with the SIM card, wherein the secure connection is used for secure communication between the SIM card and the mobile terminal.
In an optional implementation, the apparatus further includes:
and the generating unit is used for generating a verification code based on the safe connection and the SIM card through a preset algorithm, wherein the verification code is used for verifying the verification code to be confirmed.
In an optional implementation, the apparatus further includes:
the processing unit is used for processing the pre-generated verification code to obtain a processed verification code;
correspondingly, the display unit comprises:
and the first display subunit is used for displaying the processed verification code on an interface.
In a fifth aspect, the present application provides an information processing apparatus comprising a memory and a processor,
the memory is used for storing program codes and transmitting the program codes to the processor;
the processor is configured to execute the information processing method according to any one of the first aspect and the second aspect, according to instructions in the program code.
In the application, an SIM card installed on a mobile terminal displays an STK window on an interface of the mobile terminal through an STK active command, wherein safety operation data related to any safety operation and an input control used for inputting a verification code are displayed on the STK window; then, after receiving the verification code to be confirmed acquired by the mobile terminal from the input control and the operation information triggered by the safety operation data, the SIM card determines whether the verification code to be confirmed needs to be verified according to the operation information; and after the verification code to be confirmed is determined to be required to be verified, the SIM card verifies the verification code to be confirmed by using the verification code generated in advance and processes safety operation according to the verification result. Therefore, the method for inputting the random verification code by the user is added in the process of processing the safety operation, so that the threat of others to the safety of the user information in a mode of counterfeiting the confirmation information is prevented, the safety of the user information is ensured to a certain extent, and the safety of the safety operation is also improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.
Fig. 1 is a schematic diagram of a framework of an exemplary application scenario provided in an embodiment of the present application;
fig. 2 is a flowchart of an embodiment of an information processing method according to an embodiment of the present application;
fig. 3 is an interaction flowchart of a method for an App to negotiate an authentication code with an Applet through a secure connection channel according to an embodiment of the present application;
fig. 4 is a schematic diagram illustrating a verification code display method according to an embodiment of the present disclosure;
fig. 5 is an interaction flowchart of an embodiment of an information processing method provided in an embodiment of the present application;
fig. 6 is a schematic structural diagram of an information processing apparatus according to an embodiment of the present application;
fig. 7 is a second schematic structural diagram of an information processing apparatus according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an information processing apparatus according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In order to facilitate understanding of the technical solutions provided by the present application, an application scenario of the present application in practice is described below.
Referring to fig. 1, which is an exemplary view of a practical application of the present application, as shown in fig. 1, the information processing method provided by the present application may be implemented in a mobile terminal 102 installed with a SIM card 101; the SIM card 101, also called as a subscriber identity card or a smart card, is a chip card actually equipped with a microprocessor, and stores therein the information of a digital mobile phone client, an encrypted key, a telephone directory of a subscriber, and other contents, so as to identify the identity of a Global System for mobile communication (GSM) network client and encrypt the voice information of the client during a call. Such as a mobile phone card installed in a mobile phone, an SIM chip built in a bank card, etc.; the mobile terminal 102 refers to a computer device that can be used in mobile, can be equipped with a SIM card and a client, and is changing from a simple communication tool to an integrated information processing platform, such as a smart phone and a tablet computer with multiple application functions.
As shown in fig. 1, in practical applications, when a user triggers any security operation on a mobile terminal 102, for example, the mobile terminal transfers money or pays a fee through the mobile terminal, and the mobile terminal sends the type of the security operation to a SIM card, in the present application, an STK active command is sent to the mobile terminal 102 by using the SIM card 101 installed on the mobile terminal 102, the mobile terminal displays a pre-generated verification code on an interface, and after receiving the STK active command, an STK window 103 containing security operation data and an input control is displayed on the interface. Then, the mobile terminal 102 acquires the to-be-confirmed verification code input by the user and the operation information triggered by the security operation data from the input control, and sends the to-be-confirmed verification code and the operation information to the SIM card 101, so that the SIM card 101 determines whether to verify the to-be-confirmed verification code according to the operation information, and further processes the security operation according to the verification result.
Therefore, the method provided by the application adds the random verification code input by the user for verification in the process of processing the security operation, prevents other people from forging the confirmation information of the user, and improves the security of transaction.
Based on the above application scenarios, the embodiments of the present application provide an information processing method, which will be described in detail below with reference to the accompanying drawings.
Referring to fig. 2, which shows a flowchart of an information processing method provided in an embodiment of the present application, the method may be applied to a SIM card installed on a mobile terminal, as shown in fig. 2, and the method includes:
step 201: and the mobile terminal displays the pre-generated verification code on the interface.
Step 202: the SIM card sends an STK active command to the mobile terminal, and the mobile terminal displays an STK window on an interface after receiving the STK active command, wherein the STK window displays safety operation data related to any safety operation and an input control for inputting a verification code.
In practical application, when a user needs to perform transaction signature by using an application installed on a mobile terminal, in order to ensure the security of user transaction, the authenticity of the user identity is often verified through the interaction between a SIM card and the mobile terminal, so as to implement secure transaction. The SIM card in this application refers to a SIM card supporting a plurality of communication channels, such as a bluetooth SIM card or the like. In the interaction process of the SIM card and the mobile terminal, the SIM card responds to the security operation triggered by the user on the mobile terminal, for example, when the user performs a transfer transaction by using a mobile banking Application (App) installed on the mobile terminal, the user needs to trigger the security operation of a transfer transaction button on a terminal interface to implement the transfer transaction, and once the SIM card knows that the security operation is triggered, first sends an STK active command to the mobile terminal, where the STK command is an interactive instruction of the SIM card and the mobile terminal, and the sending of the STK active command to the mobile terminal by the SIM card means that the STK active command is passed through, the SIM card can instruct the mobile terminal to perform a behavior of displaying an STK window, and security operation data related to any security operation of the user is displayed on the STK window, where the security operation refers to an operation related to user security information, for example, when a user uses a mobile phone App of a certain bank to perform a transfer transaction, operation data related to the transaction of the current transaction, such as information of a bank card transferred by the user, a transaction amount and the like, are displayed on an interface where the user needs to perform the transaction signature, and all the operation data related to the transaction belong to the safety operation data related to the transaction signature performed by the user on the transfer transaction.
In step 201, the mobile terminal displays a pre-generated verification code on the interface, where the pre-generated verification code is negotiated with the SIM card and displayed on the mobile terminal interface in a secure manner when the App needs to perform a security operation, in this application, the STK window on the mobile terminal interface not only displays security operation data related to any security operation, but also displays an input control for the user to input the verification code, and the user can input the verification code to be confirmed in the input control of the verification code in the STK window according to the verification code that is pre-generated and displayed on the mobile terminal interface after processing, so as to facilitate confirmation of the user identity.
In the step 202, before the SIM card sends the STK active command to the mobile terminal so that the mobile terminal displays the STK window on its interface, the present application further provides an optional implementation manner that:
the SIM card establishes a secure connection with a mobile terminal, wherein the secure connection is used for secure communication between the SIM card and the mobile terminal.
In the implementation process, in order to ensure the secure communication between the SIM card and the mobile terminal, a secure connection is established between the SIM card and the mobile terminal. Based on the secure connection, the App installed on the mobile terminal, which needs to use the SIM card to complete the secure operation, can perform secure communication with the secure application Applet installed in the SIM card. The Applet refers to a security application installed on the SIM card, is used for receiving an instruction of an upper computer to complete security operation, and can be matched with the mobile terminal through an STK active command to complete the display of security operation information and obtain a response.
In the process of establishing the secure connection, firstly, the mobile terminal is connected to the SIM card through other channels, such as bluetooth, Near Field Communication (NFC), and the like, then, based on the connection, the App negotiates a channel key with the Applet, and encrypts a Communication command between the App and the Applet by using the channel key, so that the Communication command between the App and the Applet is encrypted by using the channel key and then transmitted, thereby establishing a secure connection between the App and the mobile terminal, and further implementing secure Communication between the SIM card and the mobile terminal.
After the secure connection is established between the SIM card and the mobile terminal, in order to verify the user identity, the present application further provides an optional implementation manner that:
based on the secure connection, the SIM card and the mobile terminal generate a verification code through a preset algorithm, and the verification code is used for verifying the verification code to be confirmed.
In a specific implementation process, in order to verify the identity of a user, an App which is installed on a mobile terminal and needs to use an SIM card to complete security operation negotiates with an Applet through a secure connection channel, generates a verification code in advance through a preset algorithm, performs security processing on the verification code, and displays the verification code on an interface of the mobile terminal, so as to verify the verification code to be confirmed, which is input by the user.
The method for the App to negotiate the verification code with the Applet through the secure connection channel is more, and here, the application provides a method for generating the verification code in advance, which specifically comprises the following steps: firstly, when the SIM card inquires that the current safety operation instruction of the App is a transaction signature, and the safety operation method is that key data are required to be displayed through an STK window and a verification code is required to be verified, a random number R1 is calculated in the Applet, and a specific response code is returned; after receiving the response code, the App generates a random number R2, encrypts R2 by using R1 to obtain a ciphertext C1, and then sends the C1 to the Applet through a verification code negotiation instruction. Meanwhile, obtaining a 4-bit verification code M1 through a special algorithm Calc (R1, R2); after receiving the C1, the Applet decrypts the data by R1 to obtain R2, obtains a 4-bit digital verification code M1 by a specific algorithm Calc (R1, R2), and stores the verification code M1 in the SIM card. Meanwhile, the App displays the verification code M1 on the interface of the mobile terminal in a safe mode.
To facilitate understanding of the method for generating the verification code, referring to fig. 3, which shows an interaction process schematic diagram of a method for an App to negotiate the verification code with an Applet through a secure connection channel according to an embodiment of the present application, where the method may include the following steps:
step 301: when the SIM card inquires that the current safety operation instruction of the App is a transaction signature, the SIM card inquires a safety operation list to determine whether the transaction signature needs to generate a verification code, and if the verification code needs to be generated, a safety application Applet in the SIM card calculates a random number R1.
In practical application, a secure operation list is stored in advance in the SIM card, and the table records which secure operation types correspond to the types that need to generate the verification code for verifying the security of the user information, and which secure operation types do not need to generate the verification code for verifying, for example, if the secure operation type triggered by the user is "transfer", in the secure operation list, it may be recorded that "transfer" is required to generate the verification code for verifying the security of the user information; if the type of the security operation triggered by the user is "query", it may be stated in the security operation list that the "query" is verified without generating a verification code for the security of the user information. That is to say, the security operation list stored in the SIM card records the relationship whether the user information security verification needs to be performed by generating the verification code corresponding to different security operation types triggered by the user, and the specific security operation list may be set according to the application requirements.
Step 302: the Applet returns a specific response code to the App that tells the App that the current security operation requires the authentication code for authentication, and the response code contains R1.
Step 303: after receiving the response code, the App generates a random number R2, encrypts R2 by using R1 to obtain a ciphertext C1, and obtains a 4-bit verification code M1 by using a specific algorithm Calc (R1, R2).
Step 304: the App sends C1 to the Applet via the authentication code negotiation instruction.
Step 305: after receiving the C1, the Applet decrypts the data by R1 to obtain R2, obtains a 4-bit digital verification code M1 by a specific algorithm Calc (R1, R2), and stores the verification code M1 in the SIM card.
Step 306: the App displays the verification code M1 on the interface of the mobile terminal in a safe mode.
It should be noted that, step 303 and step 304 are performed simultaneously, and there is no distinction between sequences, and similarly, step 305 and step 306 also have no distinction between sequences of execution, and may be performed simultaneously.
As for the security mode in step 306, an optional implementation manner provided in the present application is that after the pre-generated verification code is processed by the mobile terminal, a processed verification code is obtained. Correspondingly, the mobile terminal displays the pre-generated verification code on an interface, specifically: and the mobile terminal displays the processed verification code on an interface. The processing of the pre-generated verification code may include various forms, such as converting the verification code into a picture, scrambling the picture, converting the verification code into a mathematical problem, and displaying the verification code in various ways.
For example, as shown in fig. 4, assuming that the verification code generated in advance in the present application is number 5, the mobile terminal may convert the verification code into a mathematical problem for presentation, for example, the verification code generated in advance is displayed on an interface as: 3+ 2? .
By utilizing the method, the secure connection is established between the SIM card and the mobile terminal, based on the secure connection, the SIM card and the mobile terminal generate the verification code through the preset algorithm, and the verification code is displayed on the interface after being processed by the mobile terminal and is used for verifying the verification code to be confirmed input by the user. Therefore, the verification method of the verification code based on the secure connection in the application enables others not to threaten the security of the user information by forging the user confirmation information, and guarantees the security of the user information to a certain extent.
After the user triggers the operation information and inputs the verification code to be confirmed into the STK display window of the mobile terminal, step 203 is executed.
Step 203: after receiving the verification code to be confirmed input by the user in the input control and the operation information triggered by the safety operation data, the mobile terminal forwards the verification code to be confirmed and the operation information to the SIM card.
Step 204: and after receiving the verification code to be confirmed and the operation information, the SIM card determines whether to verify the verification code to be confirmed according to the operation information.
In practical application, a user inputs a verification code to be confirmed in the input control according to the verification code displayed on the interface of the mobile terminal, and triggers operation information according to the safety operation data. After receiving the verification code to be confirmed and the operation information triggered by the safety operation data, the SIM card firstly judges the operation information of the user and then determines whether the verification code to be confirmed needs to be verified according to the judgment result.
The following two possible implementation manners are provided for the judgment result of the SIM card on the operation information of the user:
one possible implementation manner is that if the SIM card determines that the operation information of the user is the determination information, the SIM card determines that the verification code to be confirmed needs to be verified according to the determination information.
Another possible implementation manner is that if the SIM card determines that the operation information of the user is cancellation information, the SIM card determines that the verification code to be confirmed does not need to be verified according to the cancellation information. For example, as shown in fig. 4, if the user clicks the "cancel" button, and performs an operation of canceling the transfer, the SIM card determines that the operation information of the user is cancel information, and further does not need to verify the to-be-confirmed authentication code input by the user.
After the SIM card determines that the verification code to be confirmed needs to be verified, step 205 is executed.
Step 205: and after the SIM card confirms to verify the verification code to be confirmed, verifying the verification code to be confirmed by utilizing the verification code generated in advance, and processing safety operation according to a verification result.
In practical application, after the SIM card determines to verify the verification code to be confirmed, the verification code to be confirmed is verified by using the verification code pre-generated and stored in the SIM card in step 201, and the next security operation is processed according to the verification result.
Wherein, according to the result that the SIM card verifies the verification code to be confirmed, the following security operation process is processed, and the application provides a possible implementation mode:
if the SIM card confirms that the verification code to be confirmed is verified, the SIM card matches a verification code generated in advance with the verification code to be confirmed, and if the matching is successful, safety operation is executed; otherwise, the security operation is terminated.
For example, as shown in fig. 4, it is assumed that the pre-generated verification code is number 5, if the SIM card determines to verify the verification code to be confirmed, the SIM card matches the pre-generated verification code "5" with the verification code to be confirmed input by the user, if the user inputs the calculation result "5" as the verification code to be confirmed input control according to the number question converted by the verification code displayed on the interface, the calculation result may be successfully matched with the pre-generated verification code "5", and the security operation may be executed, otherwise, the security operation is terminated.
In the application, an SIM card installed on a mobile terminal displays an STK window on an interface of the mobile terminal through an STK active command, wherein safety operation data related to any safety operation and an input control used for inputting a verification code are displayed on the STK window; then, after receiving the verification code to be confirmed acquired by the mobile terminal from the input control and the operation information triggered by the safety operation data, the SIM card determines whether the verification code to be confirmed needs to be verified according to the operation information; and after the verification code to be confirmed is determined to be required to be verified, the SIM card verifies the verification code to be confirmed by using the verification code generated in advance and processes safety operation according to the verification result. Therefore, the method and the device prevent others from forging the confirmation information by increasing the mode that the user inputs the random verification code in the process of processing the safety operation, improve the safety of the user information and improve the safety of the safety operation.
For facilitating understanding of the present application, refer to fig. 5, which shows an interaction process schematic diagram for implementing an information processing method provided in an embodiment of the present application, and the interaction process schematic diagram may include the following steps:
step 501: and the mobile terminal displays the pre-generated verification code on the interface.
Step 502: and the SIM card sends the STK active command to the mobile terminal.
Step 503: and after receiving the STK active command, the mobile terminal displays an STK window on the interface.
Step 504: the mobile terminal acquires operation information triggered by the user aiming at the safety operation data and a verification code to be confirmed, which are input in the STK window by the user.
Step 505: and the mobile terminal forwards the verification code to be confirmed and the operation information to the SIM card.
Step 506: after receiving the verification code to be confirmed acquired by the mobile terminal from the input control and the operation information triggered by the safety operation data, the SIM card determines whether to verify the verification code to be confirmed according to the operation information, if so, the step 507 is executed, and if not, the step 509 is executed.
Step 507: the SIM card verifies whether the verification code to be confirmed is correct by using the pre-generated verification code, if so, step 508 is entered, and if not, step 509 is entered.
Step 508: the SIM card performs security operations.
Step 509: the SIM card terminates the security operation.
The method for realizing information processing provided by the embodiment of the application realizes the safety operation of the user on the App of the mobile terminal, and simultaneously verifies the user identity information in the process of executing the safety operation, thereby fully ensuring the safety of the user information and improving the safety of the safety operation.
Referring to fig. 6, the present application further provides an embodiment of an information processing apparatus, including:
a command sending unit 601, configured to send an STK active command to the mobile terminal, so as to display an STK window on an interface of the mobile terminal, where security operation data related to any security operation and an input control for inputting a verification code are displayed on the STK window;
a determining unit 602, configured to determine whether to verify the verification code to be confirmed according to the operation information after receiving the verification code to be confirmed acquired by the mobile terminal from the input control and the operation information triggered for the security operation data;
the verification and processing unit 603 is configured to verify the verification code to be verified by using a pre-generated verification code after the verification of the verification code to be verified is determined, and process the security operation according to a verification result.
Optionally, the apparatus further comprises:
and the secure connection establishing unit is used for establishing secure connection with the mobile terminal, wherein the secure connection is used for secure communication between the SIM card and the mobile terminal.
Optionally, the apparatus further comprises:
and the generating unit is used for generating a verification code based on the secure connection and the mobile terminal through a preset algorithm, wherein the verification code is used for verifying the verification code to be confirmed.
Optionally, the determining unit 602 includes:
the first determining subunit is configured to determine to verify the verification code to be determined if the operation information is determination information;
correspondingly, the verification and processing unit 603 includes:
the matching subunit is used for matching the pre-generated verification code with the verification code to be confirmed, and if the matching is successful, the safety operation is executed; otherwise, the security operation is terminated.
Optionally, the determining unit 602 includes:
the second determining subunit is configured to determine not to verify the verification code to be confirmed if the operation information is cancellation information;
correspondingly, the device further comprises:
and the termination unit is used for terminating the safety operation if the verification code to be confirmed is determined not to be verified.
Referring to fig. 7, the present application further provides an embodiment of an information processing apparatus, including:
a display unit 701, configured to display a pre-generated verification code on an interface, and display an STK window on the interface after receiving an STK active command from the SIM card; the STK window is displayed with safety operation data related to any safety operation and an input control for inputting a verification code;
a forwarding unit 702, configured to forward, after receiving a to-be-confirmed verification code in the input control and operation information triggered for the security operation data, the to-be-confirmed verification code and the operation information to the SIM card, so that the SIM card determines whether to verify the to-be-confirmed verification code according to the operation information, and processes the security operation according to a verification result.
Optionally, the apparatus further comprises:
and the secure connection establishing unit is used for establishing secure connection with the SIM card, wherein the secure connection is used for secure communication between the SIM card and the mobile terminal.
Optionally, the apparatus further comprises:
and the generating unit is used for generating a verification code based on the safe connection and the SIM card through a preset algorithm, wherein the verification code is used for verifying the verification code to be confirmed.
Optionally, the apparatus further comprises:
the processing unit is used for processing the pre-generated verification code to obtain a processed verification code;
accordingly, the display unit 701 includes:
and the first display subunit is used for displaying the processed verification code on an interface.
In the application, an SIM card installed on a mobile terminal displays an STK window on an interface of the mobile terminal through an STK active command, wherein safety operation data related to any safety operation and an input control used for inputting a verification code are displayed on the STK window; then, after receiving the verification code to be confirmed acquired by the mobile terminal from the input control and the operation information triggered by the safety operation data, the SIM card determines whether the verification code to be confirmed needs to be verified according to the operation information; and after the verification code to be confirmed is determined to be required to be verified, the SIM card verifies the verification code to be confirmed by using the verification code generated in advance and processes safety operation according to the verification result. Therefore, the method and the device prevent others from forging the confirmation information by increasing the mode that the user inputs the random verification code in the process of processing the safety operation, improve the safety of the user information and improve the safety of the safety operation.
Correspondingly, an embodiment of the present invention further provides an information processing apparatus, as shown in fig. 8, where the information processing apparatus may include:
a processor 801, a memory 802, an input device 803, and an output device 804. The number of the processors 801 in the information processing apparatus may be one or more, and one processor is exemplified in fig. 8. In some embodiments of the invention, the processor 801, the memory 802, the input device 803 and the output device 804 may be connected by a bus or other means, wherein the connection by the bus is exemplified in fig. 8.
The memory 802 may be used to store software programs and modules, and the processor 801 executes various functional applications and data processing of the information processing apparatus by operating the software programs and modules stored in the memory 802. The memory 802 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function, and the like. Further, the memory 802 may include high speed random access memory and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. The input device 803 may be used to receive input numeric or character information and generate signal inputs relating to user settings and function control of the information processing apparatus.
Specifically, in this embodiment, the processor 801 loads an executable file corresponding to a process of one or more application programs into the memory 802 according to the following instructions, and the processor 801 runs the application programs stored in the memory 802, thereby implementing various functions in the information processing method.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The foregoing detailed description is directed to an information processing method, apparatus, and device provided in an embodiment of the present application, and a specific example is applied in the detailed description to explain the principles and implementations of the present application, and the description of the foregoing embodiment is only used to help understand the method and core ideas of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.
Claims (9)
1. An information processing method applied to a SIM card installed on a mobile terminal, the method comprising:
the SIM card automatically identifies the safety operation triggered by the user;
the SIM card is in safe connection with the mobile terminal and generates a verification code through a preset algorithm, and the verification code is used for verifying the verification code to be confirmed; wherein the process of generating the verification code comprises: when the SIM card inquires that the current security operation instruction of the mobile terminal is a transaction signature, the SIM card inquires a security operation list to confirm whether the transaction signature needs to generate the verification code, and if the verification code needs to be generated, the SIM card calculates a random number R1; the SIM card returns a specific response code to the mobile terminal, wherein the response code comprises the R1 and is used for informing the mobile terminal that the verification code needs to be verified in the current security operation, so that the mobile terminal generates a random number R2 after receiving the response code, encrypts the R2 by using the R1 to obtain a ciphertext C1, obtains a 4-bit verification code M1 through a specific algorithm Calc (R1, R2), and sends the C1 to the SIM card through a verification code negotiation instruction; after the SIM card receives the C1, the SIM card is decrypted through the R1 to obtain R2, and then a 4-bit verification code M1 is obtained through a special algorithm Calc (R1, R2) and stored; the SIM card sends the verification code M1 to the mobile terminal in a secure way and displays the verification code M1 on an interface of the mobile terminal;
the SIM card displays an STK window on an interface of the mobile terminal through an STK active command, and safety operation data related to any safety operation and an input control for inputting a verification code are displayed on the STK window;
after receiving the verification code to be confirmed acquired by the mobile terminal from the input control and the operation information triggered by the safety operation data, the SIM card determines whether to verify the verification code to be confirmed according to the operation information;
and after the SIM card confirms to verify the verification code to be confirmed, verifying the verification code to be confirmed by using the verification code generated in advance, and processing the safety operation according to a verification result.
2. The method of claim 1, wherein before the SIM card displays the STK window on the interface of the mobile terminal through an STK proactive command, the method further comprises:
and establishing a secure connection between the SIM card and the mobile terminal, wherein the secure connection is used for secure communication between the SIM card and the mobile terminal.
3. The method of claim 1, wherein the determining whether to verify the verification code to be confirmed according to the operation information comprises:
if the operation information is determination information, the SIM card determines to verify the verification code to be confirmed;
correspondingly, the verifying the verification code to be confirmed by using the pre-generated verification code, and processing the security operation according to the verification result includes:
the SIM card matches a pre-generated verification code with the verification code to be confirmed, and if the matching is successful, the safety operation is executed; otherwise, the security operation is terminated.
4. The method of claim 1, wherein the determining whether to verify the verification code to be confirmed according to the operation information comprises:
if the operation information is cancellation information, the SIM card determines that the verification code to be confirmed is not verified;
correspondingly, the method further comprises the following steps:
and if the SIM card determines that the verification code to be confirmed is not verified, terminating the safety operation.
5. An information processing method, applied to a mobile terminal equipped with a SIM card, the method comprising:
based on the secure connection, the mobile terminal and the SIM card generate a verification code through a preset algorithm, wherein the verification code is used for verifying the verification code to be confirmed; wherein the process of generating the verification code comprises: when the SIM card inquires that the current security operation instruction of the mobile terminal is a transaction signature, the SIM card inquires a security operation list to confirm whether the transaction signature needs to generate the verification code, and if the verification code needs to be generated, the SIM card calculates a random number R1; the SIM card returns a specific response code to the mobile terminal, wherein the response code comprises the R1 and is used for informing the mobile terminal that the current security operation needs to verify the verification code; after receiving the response code, the mobile terminal generates a random number R2, encrypts the R2 by using the R1 to obtain a ciphertext C1, obtains a 4-bit verification code M1 through a specific algorithm Calc (R1, R2), sends the C1 to the SIM card through a verification code negotiation instruction, so that after the SIM card receives the C1, the SIM card is decrypted by using the R1 to obtain R2, and obtains and stores the 4-bit verification code M1 through the specific algorithm Calc (R1, R2);
the mobile terminal displays a pre-generated verification code on an interface, and displays an STK window on the interface after receiving an STK active command from the SIM card; the STK window is displayed with safety operation data related to any safety operation and an input control for inputting a verification code;
after receiving the verification code to be confirmed in the input control and the operation information triggered by the safety operation data, the mobile terminal forwards the verification code to be confirmed and the operation information to the SIM card, so that the SIM card determines whether to verify the verification code to be confirmed according to the operation information, and processes the safety operation according to a verification result.
6. The method of claim 5, wherein the mobile terminal displays a pre-generated verification code on the interface, and further comprises, after receiving the STK active command from the SIM card and before displaying the STK window on the interface:
and the mobile terminal establishes a secure connection with the SIM card, wherein the secure connection is used for secure communication between the SIM card and the mobile terminal.
7. The method of claim 5, wherein before the mobile terminal displays the pre-generated verification code on the interface, the method further comprises:
the mobile terminal processes the pre-generated verification code to obtain a processed verification code;
correspondingly, the mobile terminal displays the pre-generated verification code on an interface, specifically:
and the mobile terminal displays the processed verification code on an interface.
8. An information processing apparatus, characterized in that the apparatus is applied to a SIM card mounted on a mobile terminal, the apparatus comprising:
the identification unit is used for automatically identifying safety operation triggered by a user;
the generating unit is used for generating a verification code through a preset algorithm with the mobile terminal based on the safety connection, wherein the verification code is used for verifying the verification code to be confirmed;
wherein, the generating unit specifically includes:
the confirming subunit is used for inquiring the safe operation list when the current safe operation instruction of the mobile terminal is inquired as a transaction signature so as to confirm whether the transaction signature needs to generate the verification code;
the calculating subunit is used for calculating a random number R1 when the verification code needs to be generated;
a feedback subunit, configured to return a specific response code to the mobile terminal, where the response code includes the R1, and is used to inform the mobile terminal that the current security operation needs to verify the verification code, so that the mobile terminal generates a random number R2 after receiving the response code, encrypts the R2 with the R1 to obtain a ciphertext C1, obtains a 4-bit verification code M1 through a specific algorithm Calc (R1, R2), and sends the C1 to the SIM card through a verification code negotiation instruction;
the processing subunit is configured to, after receiving the C1, decrypt the C1 to obtain R2, obtain and store a 4-bit verification code M1 through a special algorithm Calc (R1, R2);
a sending subunit, configured to send, in a secure manner, the verification code M1 to the mobile terminal, so as to be displayed on an interface of the mobile terminal;
the command sending unit is used for sending an STK active command to the mobile terminal so as to display an STK window on an interface of the mobile terminal, and safety operation data related to any safety operation and an input control used for inputting a verification code are displayed on the STK window;
the determining unit is used for determining whether to verify the verification code to be confirmed according to the operation information after receiving the verification code to be confirmed acquired by the mobile terminal from the input control and the operation information triggered by the safety operation data;
and the verification and processing unit is used for verifying the verification code to be confirmed by using the verification code generated in advance after the verification of the verification code to be confirmed is determined, and processing the safety operation according to the verification result.
9. An information processing apparatus applied to a mobile terminal mounted with a SIM card, the apparatus comprising:
the generating unit is used for generating a verification code through a preset algorithm with the SIM card based on the safety connection, wherein the verification code is used for verifying the verification code to be confirmed;
wherein, the generating unit specifically includes:
a receiving subunit, configured to receive a specific response code sent by the SIM card, where the response code includes a random number R1, and the response code is used to inform the mobile terminal that the current security operation needs to verify the verification code, where R1 is specifically when the current security operation instruction of the mobile terminal is a transaction signature, the SIM card queries a security operation list to determine whether the transaction signature needs to generate the verification code, and if the verification code needs to be generated, the R1 is obtained through calculation;
the generation subunit is used for generating a random number R2, encrypting the R2 by using the R1 to obtain a ciphertext C1, and obtaining a 4-bit verification code M1 by using a specific algorithm Calc (R1, R2);
the sending subunit is configured to send the C1 to the SIM card through a verification code negotiation instruction, so that after the SIM card receives the C1, the SIM card is decrypted through the R1 to obtain R2, and then a 4-bit verification code M1 is obtained through a special algorithm Calc (R1, R2) and stored;
the display unit is used for displaying the pre-generated verification code on an interface and displaying an STK window on the interface after receiving an STK active command from the SIM card; the STK window is displayed with safety operation data related to any safety operation and an input control for inputting a verification code;
and the forwarding unit is used for forwarding the verification code to be confirmed and the operation information to the SIM card after receiving the verification code to be confirmed in the input control and the operation information triggered aiming at the safety operation data, so that the SIM card determines whether to verify the verification code to be confirmed according to the operation information and processes the safety operation according to a verification result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810394687.XA CN108564361B (en) | 2018-04-27 | 2018-04-27 | Information processing method, device and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810394687.XA CN108564361B (en) | 2018-04-27 | 2018-04-27 | Information processing method, device and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108564361A CN108564361A (en) | 2018-09-21 |
| CN108564361B true CN108564361B (en) | 2020-10-16 |
Family
ID=63537283
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810394687.XA Active CN108564361B (en) | 2018-04-27 | 2018-04-27 | Information processing method, device and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108564361B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111738723B (en) * | 2020-07-04 | 2021-01-29 | 和宇健康科技股份有限公司 | Online secure transaction method and device and readable storage medium |
| CN116233851A (en) * | 2022-12-30 | 2023-06-06 | 中国电信股份有限公司 | A verification method, device, equipment and medium based on a SIM card |
| CN116456339A (en) * | 2023-06-05 | 2023-07-18 | 中国电信股份有限公司 | Authentication management method and device based on SIM card and related equipment |
| CN119420470A (en) * | 2024-08-09 | 2025-02-11 | 中国移动通信有限公司研究院 | Communication method and device, electronic device, storage medium and product |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103825734B (en) * | 2012-11-16 | 2016-11-09 | 深圳市腾讯计算机系统有限公司 | Sensitive operation verification method, terminal device, server and checking system |
| CN106211032A (en) * | 2016-06-28 | 2016-12-07 | 公安部第三研究所 | The pairing of bluetooth SIM and the method for digital signature process is realized based on STK |
| CN106657032B (en) * | 2016-12-05 | 2023-11-14 | 北京博惠城信息科技有限公司 | System and method for realizing identity authentication and data authentication based on secure medium secret short message |
-
2018
- 2018-04-27 CN CN201810394687.XA patent/CN108564361B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN108564361A (en) | 2018-09-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10699277B2 (en) | Security for mobile payment applications | |
| US10699267B2 (en) | Secure account provisioning | |
| CN105260886B (en) | Payment processing method and device, NFC portable terminal and wearable terminal | |
| CN100539581C (en) | Provide a user device with a set of access codes | |
| EP3171310A1 (en) | Biological recognition technology-based mobile payment device, method and apparatus, computer program and recording medium | |
| KR102456959B1 (en) | System and Method for Enabling Secure Authentication | |
| US20120136732A1 (en) | Method and system for account management and electronic wallet access on a mobile device | |
| US20190087814A1 (en) | Method for securing a payment token | |
| CN108616352B (en) | Dynamic password generation method and system based on secure element | |
| CN110278180B (en) | Financial information interaction method, device, equipment and storage medium | |
| CN108564361B (en) | Information processing method, device and equipment | |
| JP2009540458A (en) | Authentication method and authentication system | |
| US20160292676A1 (en) | Cryptographic apparatus | |
| CN111178884A (en) | Information processing method, device, equipment and readable storage medium | |
| CN111652612A (en) | Mobile payment method and device | |
| CN104871186A (en) | Application system for mobile payment and method for providing and using mobile payment tool | |
| US20170337553A1 (en) | Method and appartus for transmitting payment data using a public data network | |
| EP3026620A1 (en) | Network authentication method using a card device | |
| US11405782B2 (en) | Methods and systems for securing and utilizing a personal data store on a mobile device | |
| CN102509217A (en) | Mobile long-distance payment system | |
| CN111127000A (en) | Recharge card information encryption method, device, terminal device and recharge platform | |
| CN105635164A (en) | Method and device for security authentication | |
| CN108768655A (en) | Dynamic password formation method and system | |
| CN111491064B (en) | Voice service identity authentication method and system | |
| WO2014176879A1 (en) | Systems and methods for object processing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |