[go: up one dir, main page]

CN119693002A - NFC-based transaction security identification method, device, equipment and storage medium - Google Patents

NFC-based transaction security identification method, device, equipment and storage medium Download PDF

Info

Publication number
CN119693002A
CN119693002A CN202411770422.7A CN202411770422A CN119693002A CN 119693002 A CN119693002 A CN 119693002A CN 202411770422 A CN202411770422 A CN 202411770422A CN 119693002 A CN119693002 A CN 119693002A
Authority
CN
China
Prior art keywords
position information
transaction
nfc
information
intelligent terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202411770422.7A
Other languages
Chinese (zh)
Inventor
黄金煌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Unigroup Tsingteng Microsystems Co Ltd
Original Assignee
Beijing Unigroup Tsingteng Microsystems Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Unigroup Tsingteng Microsystems Co Ltd filed Critical Beijing Unigroup Tsingteng Microsystems Co Ltd
Priority to CN202411770422.7A priority Critical patent/CN119693002A/en
Publication of CN119693002A publication Critical patent/CN119693002A/en
Pending legal-status Critical Current

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

本申请涉及NFC技术领域,尤其提供一种基于NFC的交易安全判别方法、装置、设备和存储介质,该方法应用于智能终端的NFC控制器中,由于NFC控制器在执行非接触式刷卡交易的过程中,获取到指示智能终端中SIM卡的用户位置的第一位置信息、指示智能终端的用户位置的第二位置信息,指示刷卡设备位置的第三位置信息,并且根据上述三个位置信息判断当前交易是否处于安全交易环境。将多方的位置信息在NFC控制器上实现融合,并作为交易过程的安全判决依据,可以有效保障用户及运营方的资产安全。

The present application relates to the field of NFC technology, and in particular provides a transaction security determination method, device, equipment and storage medium based on NFC. The method is applied to the NFC controller of the smart terminal. During the process of performing contactless card swiping transactions, the NFC controller obtains the first location information indicating the user location of the SIM card in the smart terminal, the second location information indicating the user location of the smart terminal, and the third location information indicating the location of the card swiping device, and determines whether the current transaction is in a secure transaction environment based on the above three location information. The location information of multiple parties is integrated on the NFC controller and used as the basis for security determination of the transaction process, which can effectively protect the asset security of users and operators.

Description

NFC-based transaction security discrimination method, NFC-based transaction security discrimination device, NFC-based transaction security discrimination equipment and storage medium
Technical Field
The present application relates to the field of Near Field Communication (NFC) technology, and in particular, to a method, apparatus, device, and storage medium for discriminating transaction security based on NFC.
Background
In recent years, more and more functions of the intelligent terminal are provided, and besides the functions of Bluetooth communication, GPS positioning navigation and the like, the intelligent terminal has an NFC function. NFC is integrated and evolved by non-contact radio frequency identification (Radio Frequency Identification, RFID) and interconnection technology, and the NFC can be identified and data exchanged with compatible equipment in a short distance by combining the functions of an induction card reader, an induction card and point-to-point on a single chip. An intelligent terminal with NFC functionality may also be referred to as an NFC device.
While NFC devices are popular, the NFC transaction process still has the problem of information security leakage or malicious third parties to opportunistically snoop personal privacy information. For example, in a position far away from both sides of the NFC device, after the transaction information of the NFC device of the consumer is obtained by disguising as the NFC card swiping device, the malicious third party completes the subsequent transaction process based on the transaction information of the NFC device, which poses a serious threat to the transaction security of the user.
Disclosure of Invention
In order to solve the technical problems, the application provides a transaction safety judging method, device, equipment and storage medium based on NFC, which are used for realizing fusion of position information of multiple parties on an NFC controller and taking the position information as a safety judging basis of a transaction process, so that the asset safety of users and operators can be effectively ensured.
In a first aspect, the application provides a transaction security discriminating method based on NFC, which is applied to an NFC controller of an intelligent terminal, and the method comprises the steps of acquiring first position information, second position information and third position information in the process of executing a non-contact card swiping transaction, wherein the first position information is used for indicating the position information of a SIM card in the intelligent terminal, the second position information is used for indicating the position information of the intelligent terminal, and the third position information is used for indicating the position information of card swiping equipment; based on the first location information, the second location information, and the third location information, it is determined whether the current transaction is in a secure transaction environment.
The application provides a transaction safety judging device based on NFC, which is configured in an NFC controller of an intelligent terminal and comprises an information acquisition module, a safety judging module and a safety judging module, wherein the information acquisition module is used for acquiring first position information, second position information and third position information in the process of executing a non-contact card swiping transaction, the first position information is used for indicating the position information of a SIM card in the intelligent terminal, the second position information is used for indicating the position information of the intelligent terminal, the third position information is used for indicating the position information of card swiping equipment, and the safety judging module is used for judging whether the current transaction is in a safety transaction environment or not based on the first position information, the second position information and the third position information.
In a third aspect, the application provides an electronic device comprising an NFC-based transaction security discrimination device, the electronic device comprising one or more processors, storage means for storing one or more programs, which when executed by the one or more processors cause the one or more processors to implement the NFC-based transaction security discrimination method as in the first aspect described above.
In a fourth aspect, the present application provides a storage medium, which may be a computer-readable storage medium, having stored thereon a computer program which, when executed by a processor, implements the NFC-based transaction security discrimination method as in the first aspect described above.
In a fifth aspect, embodiments of the present application provide a computer program product comprising a computer program or instructions which, when executed by a processor, implement a method of NFC-based transaction security discrimination as in any of the first aspects above.
Compared with the prior art, the technical scheme provided by the embodiment of the application has the following advantages:
The embodiment of the application provides a transaction security discriminating method, a device, equipment and a storage medium based on NFC, which are applied to an NFC controller of an intelligent terminal, and because the NFC controller performs non-contact card swiping transaction, acquiring first position information indicating the position of the SIM card in the intelligent terminal, second position information indicating the position of the intelligent terminal and third position information indicating the position of the card swiping equipment, and judging whether the current transaction is in a safe transaction environment according to the three position information. The multi-party position information is fused on the NFC controller and used as a safety judgment basis in the transaction process, so that the information safety of users and operators can be effectively ensured.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
In order to more clearly illustrate the embodiments of the application or the technical solutions of the prior art, the drawings which are used in the description of the embodiments or the prior art will be briefly described, and it will be obvious to a person skilled in the art that other drawings can be obtained from these drawings without inventive effort.
Fig. 1 is a flow chart of a transaction security discriminating method based on NFC according to an embodiment of the present application;
Fig. 2 is a schematic flow chart of an optimized transaction security discriminating method based on NFC according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a transaction security discriminating system according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an NFC-based transaction security discriminating apparatus according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order that the above objects, features and advantages of the application will be more clearly understood, a further description of the application will be made. It should be noted that, without conflict, the embodiments of the present application and features in the embodiments may be combined with each other.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present application, but the present application may be practiced otherwise than as described herein, and it is apparent that the embodiments in the specification are only some, rather than all, of the embodiments of the present application.
The term "including" and variations thereof as used herein are intended to be open-ended, i.e., including, but not limited to. The term "based on" is based at least in part on. The term "one embodiment" means "at least one embodiment," another embodiment "means" at least one additional embodiment, "and" some embodiments "means" at least some embodiments. Related definitions of other terms will be given in the description below.
It should be noted that the terms "first," "second," and the like herein are merely used for distinguishing between different devices, modules, or units and not for limiting the order or interdependence of the functions performed by such devices, modules, or units.
It should be noted that references to "one", "a plurality" and "a plurality" in this disclosure are intended to be illustrative rather than limiting, and those skilled in the art will appreciate that "one or more" is intended to be construed as "one or more" unless the context clearly indicates otherwise.
The transaction security discriminating method based on NFC provided by the embodiment of the application is described in detail below with reference to the accompanying drawings and the detailed description.
Fig. 1 is a flowchart of an NFC-based transaction security determination method according to an embodiment of the present application, where the method may be performed by an NFC-based transaction security determination device, and the NFC-based transaction security determination device may be implemented in software and/or hardware, and the NFC-based transaction security determination device may be configured in an NFC controller of an intelligent terminal.
An embedded security component (Embedded Secure Element, eSE) and an embedded subscriber identity module (Embedded Subscriber Identity Module, eSIM) are included in the smart terminal, which can use two physically independent chips, each of which is powered by its respective operating system. Or the eSE and eSIM use two logically isolated virtual operating systems implemented in software code on the same chip.
The eSE provides a secure environment to store sensitive information, such as encryption keys, and to perform secure operations related to such information. Since the NFC swipe involves user sensitive information, such as a transaction password, the related operation of the NFC transaction is performed with the eSE, in other words, the transaction security discrimination method based on NFC is performed by the eSE in the smart terminal, that is, the NFC controller is deployed in the operating system of the eSE.
Esims are embedded SIM cards that are soldered directly inside the smart terminal, rather than physically removable as in conventional SIM cards. esims support remote configuration, and a user can download a carrier-provided profile over a network to activate a service. The mobile communication system is mainly used in the field of mobile communication, and allows a user to switch operator services more flexibly without physically replacing the SIM card.
The eSE and eSIM are two physically independent chips or two logically isolated virtual operating systems implemented in software code in the same chip. The eSIM is not involved in the NFC transaction process between the NFC controller and the intelligent terminal operating system and between the eSIM and the radio frequency terminal equipment. The intelligent terminal operating system representing the intelligent terminal manufacturer and the eSIM configuration file (profile) representing the mobile operator have no convenient interaction channel, and the user position information managed and controlled by the two parties in the payment field and the mobile communication field cannot be fully utilized and fused in the scenes of NFC card swiping, card reading and the like, so that the purpose of providing more intelligent and safer business ecology for users cannot be achieved. The above-mentioned intelligent terminal may include a handheld intelligent terminal, and common handheld intelligent terminals include a smart phone, a tablet computer, a Personal Digital Assistant (PDA), and the like.
The NFC-based transaction security discrimination method provided by the embodiment of the application is mainly applied to an NFC controller of an intelligent terminal, and the NFC controller is generally deployed in the intelligent terminal such as an intelligent mobile phone, a tablet computer and the like. The NFC controller is a special hardware component and is integrated on a main board of the intelligent terminal, and is used for realizing NFC functions.
The hardware of the NFC controller mainly comprises an NFC chip, an antenna and an interface, wherein the NFC chip is mainly used for processing all communication tasks related to NFC, and the antenna is used for sending and receiving radio frequency signals. The NFC controller is communicated with a main processor of the intelligent terminal through a standard interface (such as SPI and I2C) to realize data transmission and processing.
The software support of the NFC controller mainly comprises drivers and application programming interfaces (Application Programming Interface, API). Operating systems of the intelligent terminal, such as Android, iOS and the like, need corresponding drivers to support the NFC function. The driver is responsible for initializing NFC controllers, managing communication sessions, and handling interrupts. The operating system of the intelligent terminal provides NFC-related APIs allowing application developers to utilize NFC functionality. For example, android provides a NFCADAPTER class that can be used to implement NFC related functions.
In the embodiment of the application, a group of sharing interfaces of the position information are arranged in the NFC controller, so that the intelligent terminal, the card swiping device and the eSIM can realize sharing fusion of the position information respectively managed by the intelligent terminal, the card swiping device and the eSIM through the group of sharing interfaces, and finally, the shared fusion is used as a part of safety decision basis of card swiping transaction in the industry application related to identity identification such as mobile payment, intelligent entrance guard and the like, thereby effectively guaranteeing the asset safety of users and operators.
As shown in fig. 1, the transaction security discriminating method based on NFC provided by the embodiment of the present application mainly includes steps S101 to S102.
S101, acquiring first position information, second position information and third position information in the process of executing non-contact card swiping transaction, wherein the first position information is used for indicating the position information of a SIM card in the intelligent terminal, the second position information is used for indicating the position information of the intelligent terminal, and the third position information is used for indicating the position information of card swiping equipment.
Contactless swipe transactions refer to a payment mode in which a cardholder does not need to insert or swipe a card through a card reader during payment, but rather completes the transaction by bringing a card with contactless communication capabilities into proximity with a swipe device. Contactless swipe transactions are mainly implemented in dependence on NFC technology.
Contactless swipe transactions are mainly applied in the following scenario. And in the mobile payment scene, through NFC, a user can rapidly complete payment on a POS machine supporting NFC. And in the data transmission scene, a user can quickly transmit small data volume information such as contact information, website, pictures and the like between two mobile phones through NFC. And in a tag reading and writing scene, NFC can read and write NFC tags, and the tags are commonly used for advertisements, access control, ticket systems and the like. Device pairing scenario NFC may simplify the pairing process of bluetooth and wireless network communication technology (Wi-Fi) devices, and pairing may be accomplished by tapping. The NFC can be used for identity authentication and access control, such as a staff card, an access control card and the like.
The first position information is used for indicating the position information of the SIM card in the intelligent terminal. The position information of the SIM card comprises user position information of the SIM card. And when the SIM card executes the telecommunication instruction related to the position in the intelligent terminal, acquiring the user position information of the SIM card from the telecommunication instruction.
In the embodiment of the application, a first data transmission channel is established between the NFC controller and the SIM card, and when the NFC controller executes non-contact card swiping transaction, user position information of the SIM card is acquired from the SIM card through the first data transmission channel and is used as first position information.
The second position information is used for indicating the position information of the intelligent terminal, and the position information of the intelligent terminal comprises user position information provided by the intelligent terminal. Further, the location information of the intelligent terminal can be obtained by (1) base station positioning, namely, determining the location information of the intelligent terminal through communication between the intelligent terminal and a nearby mobile network base station. Each base station has a unique identification code, and the position information of the intelligent terminal can be estimated by analyzing the signal intensity of the user and the plurality of base stations. (2) Global positioning system (Global Positioning System, GPS) positioning-the intelligent terminal is typically equipped with a GPS module that determines the location information of the intelligent terminal by receiving signals from a plurality of satellites. (3) Wi-Fi) location by connecting nearby Wi-Fi hotspots, the smart terminal determines location information of the smart terminal using a geographic location database of the Wi-Fi network.
In the embodiment of the application, the NFC controller establishes a second data transmission channel with the processor of the intelligent terminal, and when the NFC controller executes the non-contact card swiping transaction, the position information of the intelligent terminal is acquired from the processor of the intelligent terminal through the second data transmission channel and is used as second position information.
The third location information is used for indicating location information of a card swiping device, and the card swiping device is a device capable of reading and writing an NFC tag through NFC technology, such as an NFC reader-writer, a POS machine, an automatic ticket vending machine, an NFC gate machine and the like. The location information of the card swiping device refers to geographic location data of the card swiping device obtained through various techniques and methods.
In one possible implementation, obtaining the third location information includes receiving the third location information via a contactless radio frequency channel with the card swiping device.
In the NFC card swiping transaction process, the card swiping device forwards the received self-position information to the NFC controller through a non-contact radio frequency channel in addition to the standard transaction information formulated by the payment organization. The NFC background transaction server sends the position information of each card swiping device to the corresponding card swiping device.
Specifically, the position information (such as longitude and latitude) of the card swiping device is written into the NFC label of the card swiping device, and the NFC controller in the intelligent terminal is used for reading the position information in the NFC label of the card swiping device.
S102, judging whether the current transaction is in a safe transaction environment or not based on the first position information, the second position information and the third position information.
And if all the distances between any two pieces of position information in the first position information, the second position information and the third position information are smaller than a set distance threshold, judging that the current transaction is in a safe transaction environment, and if any one distance is smaller than the set distance threshold, judging that the current transaction is in an unsafe transaction environment.
Specifically, the distance between the first position information and the second position information, the distance between the first position information and the third position information, and the distance between the second position information and the third position information are all smaller than a set distance threshold, the current transaction is judged to be in a safe transaction environment, and any one of the three distances is smaller than the set distance threshold, the current transaction is judged to be in an unsafe transaction environment. The set distance threshold may be set according to practical situations, for example, the set distance threshold is 1km.
In one possible implementation manner, based on the first position information, the second position information and the third position information, judging whether the current transaction is in a safe transaction environment or not comprises receiving a transaction safety requirement corresponding to the card swiping device, judging whether the distance between the first position information, the second position information and the third position information is smaller than a distance threshold value in the transaction safety requirement or not, if so, determining that the current transaction is in the safe transaction environment, and if not, determining that the current transaction is in a non-safe transaction environment, and interrupting the current transaction.
The transaction security requirement refers to a condition for judging whether the current transaction environment is secure or not based on the position information. The transaction security requirements are sent to the card swiping device by the NFC background transaction server, the card swiping device writes the transaction security requirements into the NFC tag, and the NFC controller in the intelligent terminal is used for reading the transaction security requirements in the NFC tag of the card swiping device.
Further, the transaction security requirement carries a distance threshold, where the distance threshold is used to determine whether the current transaction environment is secure or not according to the position relationship among the first position information, the second position information and the third position information. The distance threshold is not set too large or too small to avoid misjudgment of the current transaction environment. Optionally, the distance threshold is 1km.
For example, the distance between the first position information and the second position information, the distance between the first position information and the third position information, and the distance between the second position information and the third position information are all smaller than 1km, the current transaction is judged to be in a safe transaction environment, and the non-contact card swiping transaction process is continuously executed. Any one of the three distances is smaller than 1km, and if the current transaction is judged to be in an unsafe transaction environment, the current transaction is interrupted, so that leakage of sensitive information is avoided.
After interrupting the current transaction, the NFC controller sends an exception report to the intelligent terminal through the second data transmission channel, and the NFC controller sends an exception report to the card swiping device through the non-contact radio frequency channel, wherein the exception report is used for indicating that the current transaction environment of the intelligent terminal and the card swiping device is unsafe, and the current transaction is interrupted in order to avoid sensitive information leakage.
The embodiment of the application provides a transaction safety judging method based on NFC, which is applied to an NFC controller of an intelligent terminal, wherein the NFC controller acquires first position information indicating the position of a SIM card in the intelligent terminal, second position information indicating the position of the intelligent terminal and third position information indicating the position of card swiping equipment in the process of executing non-contact card swiping transaction, and judges whether the current transaction is in a safe transaction environment according to the three position information. The multi-party position information is fused on the NFC controller and used as a safety judgment basis in the transaction process, so that the information safety of users and operators can be effectively ensured.
Based on the above embodiment, the embodiment of the present application further optimizes the transaction security discrimination method based on NFC, as shown in fig. 3, where the optimized transaction security discrimination method based on NFC mainly includes the steps of:
s201, in the process of executing NFCEE discovery, receiving capability statement information sent by a SIM card in the intelligent terminal, wherein the capability statement information comprises a capability statement field of SIM position information.
The NFC controller can acquire an extended "eSIM Profile location information" capability declaration field attached to an eSIM response during execution of an NFCEE Discovery (Discovery) process specified by an NFC industry standard, and determine whether the SIM supports an "eSIM Profile location information" publishing service through the capability declaration field.
S202, under the condition that the capability statement field of the SIM location information indicates that the SIM card supports the SIM location information release service, a first data transmission channel is established with the SIM card in the intelligent terminal.
The first data transmission channel is used for acquiring first position information.
If the SIM supports the release service of the eSIM Profile position information, a special first data transmission channel is established with the SIM, and the first data transmission channel is used for receiving the eSIM Profile position information sent by the SIM. After the establishment is successful, the intelligent terminal is informed that the eSIM can provide eSIM Profile position information.
In one possible implementation, the location information of the SIM card in the smart terminal is obtained by an application in the SIM card when the service object executes 7816 telecommunication instructions related to location services, and the service object is obtained when the application requests the SIM location information distribution service.
An eSIM operating system running on the eSIM, in which an eSIM Profile location information distribution service is built, and a mini application (Applet) contained in the eSIM Profile, obtains a service object by requesting the eSIM Profile location information distribution service, and when executing 7816 telecommunication instructions related to the location service, invokes a corresponding method (e.g., eSIM localpub. Preplay sendlocalevent ()) of the service object, and transmits corresponding location information to the NFC controller through an information transmission channel agreed between the eSIM COS and the NFC controller.
S203, receiving verification information provided by the SIM through the first data transmission channel.
In order to further enhance the security of the sensitive information and prevent the information of each position from being counterfeited and tampered, optionally, an 'eSIM Profile position information release service' is included in an eSIM operating system running on the eSIM, besides the user position information provided by the Applet is transmitted, the system can also contain verification information preset by a Profile provider when leaving the factory, and the verification information is transmitted to the NFC controller through a first data transmission channel.
S204, receiving intelligent terminal capability statement information in the NFCEE discovery process, wherein the capability statement information comprises a capability statement field of terminal position information.
And the NFC controller receives an extended terminal position information capability declaration field attached to the NFCEE-intelligent terminal response message in the process of executing the NFCEE Discovery specified by the NFC industry standard, and judges whether the NFCEE-DH supports the terminal position information release service.
S205, under the condition that the capability statement field of the terminal position information indicates that the terminal supports the terminal position information release service, a second data transmission channel is established with the intelligent terminal, and the second data transmission channel is used for acquiring the first position information.
The capability statement field of the terminal location information indicates that the terminal supports the release service of 'terminal location information', and then a special second data transmission channel is further established with the intelligent terminal and is used for receiving the location information of the intelligent terminal.
S206, receiving third position information through a radio frequency channel which is not in contact with the card swiping device.
In the NFC card swiping transaction process, the card swiping device forwards the received self-position information to the NFC controller through a non-contact radio frequency channel in addition to the standard transaction information formulated by the payment organization. The NFC background transaction server sends the position information of each card swiping device to the corresponding card swiping device.
S207, carrying out integrity check on the first position information, the second position information and the third position information based on the check information, if the check is passed, executing S208, and if the check is not passed, executing S209.
In order to further enhance the security of the sensitive information and prevent the information of each position from being counterfeited and tampered, the NFC controller uses the verification information provided by the NFCEE-eSIM to carry out integrity verification on the second position information from the intelligent terminal, the security transaction requirement and the second position information from the SIM.
S208, judging whether the current transaction is in a safe transaction environment or not based on the first position information, the second position information and the third position information.
The flow of S208 provided in the embodiment of the present application is the same as that of S102 in the above embodiment, and specific reference may be made to the description in the above embodiment, which is not repeated in the embodiment of the present application.
S209, determining that the current transaction is in an unsafe transaction environment, and interrupting the current transaction.
If the second location information from the smart terminal and the secure transaction requirements, the second location information from the SIM, and if the integrity of any information is damaged, stopping the NFC card swiping transaction.
According to the NFC-based transaction security judging method provided by the application, the multi-party position information is fused on the NFC controller and is used as the security judging basis in the transaction process, so that the information security of users and operators can be effectively ensured.
On the basis of the above embodiment, the embodiment of the present application provides an interaction flow for determining transaction security based on NFC, as shown in fig. 3, the interaction method for determining transaction security based on NFC is mainly applied to an NFC card swiping transaction system, and the NFC card swiping transaction system mainly includes an NFC controller 31, a card swiping device 32, a background server 33, an intelligent terminal 34, a SIM card 35 and a baseband processor 36. The NFC controller 31 and the eSIM card 35 are disposed in the intelligent terminal 34, and the intelligent terminal 34 is a processor corresponding to an operating system.
The card swiping device 32 may include a POS device, a gate, etc., and the smart terminal 34 may include a mobile phone. The eSIM COS has Profile installed and running therein. The background server 33 is a background transaction server that manages the remote end of the card swiping device.
The background server 33 and the card swiping device 32 may be connected by Wi-Fi, and the background server 33 and the card swiping device 32 responsible for verifying and pushing the location information and the secure transaction requirements of the location information to each card swiping device 32 responsible for management thereof. In addition to the standard transaction information formulated by the payment organization, the card swiping device 32 forwards the received own location information and the secure transaction requirement of the location information to the NFC controller 31 through a non-contact transmission channel during the NFC card swiping transaction.
The processor of the intelligent terminal 34 with the NFC radio frequency transaction function also supports the self-location information acquired by Wifi, bluetooth, GPS and the like, and updates and sends the self-location information to the NFC controller 31 through a first data transmission channel established in advance by the processor of the intelligent terminal 34. Wherein the first data transmission channel may include an IIC interface.
The Profile of the operation is installed in the COS of the SIM card 35, and the location information obtained in the telecommunications instruction interacted with the baseband processor 36 may be sent to the NFC controller 31 through the first data transmission channel when necessary by requesting the eSIM location information issuing service provided by the eSIM COS. The first data transmission channel may comprise an internal interface.
In addition to completing the routing and forwarding tasks according to the normal transaction process, the NFC controller 31 also arbitrates according to the secure transaction requirement of the location information provided by the remote background transaction server according to the received location information of the card swiping device 32 and the location information of the eSIM Profile in the NFC card swiping transaction process. If the secure transaction requirements are not met, the NFC card swiping transaction is interrupted and a notification is reported to the intelligent terminal 34 and the card swiping device 32. If the transaction requirements are met, the routing and forwarding tasks are still finished according to the normal transaction flow.
Fig. 4 is a schematic structural diagram of an NFC-based transaction security discriminating device according to an embodiment of the present application, and as shown in fig. 4, an NFC-based transaction security discriminating device 40 according to an embodiment of the present application mainly includes an information obtaining module 41 and a security discriminating module 42, where the NFC-based transaction security discriminating device 40 is configured in an NFC controller of an intelligent terminal.
The information acquiring module 41 is configured to acquire first location information, second location information, and third location information during a process of executing a contactless card swiping transaction, where the first location information is used to indicate location information of a user identification SIM card in the smart terminal, the second location information is used to indicate location information of the smart terminal, and the third location information is used to indicate location information of a card swiping device, and the security judging module 42 is configured to judge whether a current transaction is in a secure transaction environment based on the first location information, the second location information, and the third location information.
The embodiment of the application provides a transaction safety judging device based on NFC, which is configured in an NFC controller of an intelligent terminal, and is used for judging whether the current transaction is in a safe transaction environment according to three pieces of position information, wherein the NFC controller acquires first position information indicating the position of a SIM card identified by a user in the intelligent terminal, second position information indicating the position of the intelligent terminal and third position information indicating the position of card swiping equipment in the process of executing non-contact card swiping transaction. The multi-party position information is fused on the NFC controller and used as a safety judgment basis in the transaction process, so that the asset safety of the user and the operator can be effectively ensured.
In one possible implementation, the security determining module 42 is specifically configured to receive a transaction security requirement corresponding to the card swiping device, determine whether a distance between the first location information, the second location information, and the third location information is smaller than a distance threshold in the transaction security requirement, if so, determine that the current transaction is in a secure transaction environment, and if not, determine that the current transaction is in an unsafe transaction environment, and interrupt the current transaction.
In one possible implementation manner, the intelligent terminal further comprises a first data transmission channel establishing module, wherein the first data transmission channel establishing module is used for receiving capability statement information sent by the SIM card in the intelligent terminal in the process of executing the NFC embedded type safety element EE discovery before the first position information is acquired, the capability statement information comprises a capability statement field of the SIM position information, and the first data transmission channel is established with the SIM card in the intelligent terminal under the condition that the capability statement field of the SIM position information indicates that the SIM card supports the SIM position information release service and is used for acquiring the first position information.
In one possible implementation, the location information of the SIM card in the smart terminal is obtained by an application in the SIM card when the service object executes 7816 telecommunication instructions related to location services, and the service object is obtained when the application requests the SIM location information distribution service.
In one possible implementation manner, the information verification module is configured to receive verification information provided by the SIM through the first data transmission channel, perform integrity verification on the first location information, the second location information, and the third location information based on the verification information, determine whether the current transaction is in a secure transaction environment based on the first location information, the second location information, and the third location information if the verification is passed, and determine that the current transaction is in an unsecure transaction environment if the verification is not passed, and interrupt the current transaction.
In one possible implementation manner, the method further comprises a second data transmission channel establishing module, which is used for receiving intelligent terminal capability statement information in the process of executing NFCEE discovery before obtaining the second position information, wherein the capability statement information comprises a capability statement field of terminal position information, and establishing a second data transmission channel with the intelligent terminal under the condition that the capability statement field of the terminal position information indicates that the terminal supports the terminal position information release service, wherein the second data transmission channel is used for obtaining the first position information.
In one possible implementation, the information obtaining module 41 is specifically configured to receive the third location information through a radio frequency channel that is not in contact with the card swiping device, and receive the transaction security requirement through a radio frequency channel that is not in contact with the card swiping device.
The NFC-based transaction security discriminating device provided by the embodiment of the application can execute the NFC-based transaction security discriminating method provided by any embodiment of the application, and has the corresponding functional modules and beneficial effects of the executing method.
Fig. 5 is a schematic structural diagram of an electronic device according to the present embodiment. The electronic device may include an NFC-based transaction security decision device, as shown in fig. 5, where the electronic device 500 includes a processor 510, a memory 520, an input device 530, and an output device 540, where the number of processors 510 in the electronic device may be one or more, and in fig. 5, one processor 510 is taken as an example, and where the processor 510, the memory 520, the input device 530, and the output device 540 in the electronic device may be connected by a bus or other means, and in fig. 5, by a bus connection is taken as an example.
The memory 520 is a computer readable storage medium, and may be used to store a software program, a computer executable program, and a module, such as program instructions/modules corresponding to the NFC-based transaction security determination method in the embodiment of the present invention. The processor 510 executes various functional applications and data processing of the electronic device by running software programs, instructions and modules stored in the memory 520, that is, implements the NFC-based transaction security discrimination method provided by the embodiment of the invention.
The memory 520 may mainly include a storage program area which may store an operating system, application programs required for at least one function, and a storage data area which may store data created according to the use of the terminal, etc. In addition, memory 520 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some examples, memory 520 may further include memory located remotely from processor 510, which may be connected to the electronic device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input device 530 may be used to receive input numeric or character information and to generate key signal inputs related to user settings and function control of the electronic device, which may include a keyboard, mouse, etc. The output 540 may include a display device such as a display screen.
The present embodiment also provides a storage medium containing computer executable instructions, which when executed by a computer processor, are configured to implement the NFC-based transaction security discrimination method provided by the embodiments of the present invention.
Of course, the storage medium containing the computer executable instructions provided in the embodiments of the present invention is not limited to the above method operations, and may also perform the related operations in the NFC-based transaction security discrimination method provided in any embodiment of the present invention.
From the above description of embodiments, it will be clear to a person skilled in the art that the present invention may be implemented by means of software and necessary general purpose hardware, but of course also by means of hardware, although in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a FLASH Memory (FLASH), a hard disk, or an optical disk of a computer, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method of the embodiments of the present invention.
It should be noted that, in the embodiment of the transaction security discriminating device based on NFC, each unit and module included are only divided according to the functional logic, but not limited to the above-mentioned division, as long as the corresponding functions can be implemented, and the specific names of the functional units are only for facilitating the mutual distinction, and are not used for limiting the protection scope of the present invention.
It should be noted that in this document, relational terms such as "first" and "second" and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
The foregoing is merely exemplary of embodiments of the present application to enable those skilled in the art to understand or practice the application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. The transaction security discriminating method based on NFC is characterized by being applied to an NFC controller of an intelligent terminal, and comprises the following steps:
Acquiring first position information, second position information and third position information in the process of executing the non-contact card swiping transaction, wherein the first position information is used for indicating the position information of a user identification SIM card in the intelligent terminal, the second position information is used for indicating the position information of the intelligent terminal, and the third position information is used for indicating the position information of card swiping equipment;
And judging whether the current transaction is in a safe transaction environment or not based on the first position information, the second position information and the third position information.
2. The method of claim 1, wherein determining whether a current transaction is in a secure transaction environment based on the first location information, the second location information, and the third location information comprises:
Receiving a transaction security requirement corresponding to the card swiping device;
Judging whether the distance among the first position information, the second position information and the third position information is smaller than a distance threshold value in the transaction security requirements;
If yes, determining that the current transaction is in a safe transaction environment;
if not, determining that the current transaction is in an unsafe transaction environment, and interrupting the current transaction.
3. The method of claim 2, further comprising, prior to acquiring the first location information:
receiving capability statement information sent by a SIM card in the intelligent terminal in the process of executing the EE discovery of the NFC embedded type safety element, wherein the capability statement information comprises a capability statement field of SIM position information;
And under the condition that the capability statement field of the SIM location information indicates that the SIM card supports the SIM location information release service, establishing a first data transmission channel with the SIM card in the intelligent terminal, wherein the first data transmission channel is used for acquiring the first location information.
4. A method according to claim 3, characterized in that the location information of the SIM card in the smart terminal is obtained by an application in the SIM card when a service object, which is obtained by the application when requesting a SIM location information release service, executes 7816 telecommunication instructions related to location services.
5. A method according to claim 3, further comprising:
Receiving verification information provided by the SIM through the first data transmission channel;
Integrity checking the first position information, the second position information and the third position information based on the checking information;
If the verification is passed, judging whether the current transaction is in a safe transaction environment or not based on the first position information, the second position information and the third position information;
If the verification is not passed, determining that the current transaction is in an unsafe transaction environment, and interrupting the current transaction.
6. The method of claim 2, further comprising, prior to obtaining the second location information:
Receiving capability statement information of the intelligent terminal in the process of executing NFCEE discovery, wherein the capability statement information of the intelligent terminal comprises a capability statement field of terminal position information;
And under the condition that the capability statement field of the terminal position information indicates that the intelligent terminal supports the terminal position information release service, establishing a second data transmission channel with the intelligent terminal, wherein the second data transmission channel is used for acquiring the first position information.
7. The method of claim 2, wherein obtaining third location information comprises:
Receiving third position information through a radio frequency channel which is not in contact with the card swiping equipment;
Receiving a transaction security requirement corresponding to the card swiping device, including:
and receiving transaction security requirements through a non-contact radio frequency channel with the card swiping device.
8. An NFC-based transaction security discriminating device, wherein the device is configured in an NFC controller of an intelligent terminal, and the device includes:
the information acquisition module is used for acquiring first position information, second position information and third position information in the process of executing the non-contact card swiping transaction, wherein the first position information is used for indicating the position information of a user identification SIM card in the intelligent terminal, the second position information is used for indicating the position information of the intelligent terminal, and the third position information is used for indicating the position information of the card swiping equipment;
And the safety judging module is used for judging whether the current transaction is in a safety transaction environment or not based on the first position information, the second position information and the third position information.
9. An electronic device, the device comprising:
one or more processors;
A storage means for storing one or more programs;
The program or programs, when executed by the processor or processors, cause the processor or processors to implement the NFC-based transaction security discrimination method of any one of claims 1-7.
10. A storage medium having stored thereon a computer program, which when executed by a processor implements the NFC-based transaction security discrimination method according to any one of claims 1-7.
CN202411770422.7A 2024-12-04 2024-12-04 NFC-based transaction security identification method, device, equipment and storage medium Pending CN119693002A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411770422.7A CN119693002A (en) 2024-12-04 2024-12-04 NFC-based transaction security identification method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411770422.7A CN119693002A (en) 2024-12-04 2024-12-04 NFC-based transaction security identification method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN119693002A true CN119693002A (en) 2025-03-25

Family

ID=95034302

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411770422.7A Pending CN119693002A (en) 2024-12-04 2024-12-04 NFC-based transaction security identification method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN119693002A (en)

Similar Documents

Publication Publication Date Title
US12022290B2 (en) Secure elements broker (SEB) for application communication channel selector optimization
US8761664B2 (en) Near field connection establishment
US20140379575A1 (en) Controlling transactions using near field communications device
EP2626823A1 (en) Location based selection in mobile wallets
KR20130125139A (en) Apparatus and method for selecting a secure element in a near field communication device
US10482458B2 (en) User equipment, service providing device, payment system comprising the same, control method thereof and non-transitory computer-readable storage medium storing computer program recorded thereon
KR20160145962A (en) User equipment for reverse NFC payment, NFC payment terminal, system comprising the same, control method thereof and computer readable medium having computer program recorded therefor
US20150365827A1 (en) Methods and systems for authentication of a communication device
TWI784270B (en) NFC-based travel information prompt method, device, system and terminal
US10581836B2 (en) Method for accessing a service and a corresponding server
CN103544114A (en) Multiple M1 card control system based on single CPU card and control method thereof
CN101957921A (en) Display method, device and system of radio frequency identification application information
EP3806528A1 (en) Non-contact communication method and communication device
CN103605545A (en) Method and system for updating mobile payment card pair and application programs
KR101178473B1 (en) Method for providing safe payment using Near Filed Communication terminal , Near Field Communication terminal, and Radio Frequency payment apparatus
CN119693002A (en) NFC-based transaction security identification method, device, equipment and storage medium
WO2018161519A1 (en) Payment method and terminal
CN109408127B (en) Chip system loading method and chip card
JP2016096452A (en) Mobile terminal and radio communication system
KR101743343B1 (en) Authentication system for app card registration
EP2819076B1 (en) Controlling transactions using near field communications device
KR102026336B1 (en) Method for Providing Transaction Receipt by using Differentiating True Message
KR20130016048A (en) Method for providing safe payment using near filed communication terminal , near field communication terminal, and radio frequency payment apparatus
KR20190128762A (en) Notification system through medium recognition

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination