-
公开(公告)号:US20240259392A1
公开(公告)日:2024-08-01
申请号:US18561383
申请日:2022-06-22
发明人: Zhou LU , Huazhang YU
CPC分类号: H04L63/12 , G06K7/10257
摘要: The invention provides a data processing method and device and a computer readable storage medium, and belongs to the technical field of card reader communication. The method comprises the Steps: enabling a card reader to receive and analyze a data packet which is sent by a host and conforms to a first data structural formula, judging whether a first preset field in the data packet is the same as an address of the card reader or not, if yes, determining a data packet verification mode, and verifying the data packet according to the data packet verification mode; and if the verification is passed, determining whether the data packet contains security data, if so, processing the security data in the data packet according to the key to obtain plaintext data, determining a command type, executing corresponding operation according to the command type and the plaintext data, and returning a response data packet conforming to the first data structural formula to the host. According to the invention, the communication data can be effectively prevented from being monitored, stolen and tampered, so that the security of data transmission is ensured.
-
2.发明公开公开(公告)号:US20240232305A1
公开(公告)日:2024-07-11
申请号:US18561366
申请日:2022-10-31
发明人: Zhou LU
IPC分类号: G06F21/31
CPC分类号: G06F21/31
摘要: The invention relates to the field of information security, in particular to an automatic screen unlocking method and device, electronic equipment and a readable storage medium. The method comprises the following Step S of sending a broadcast carrying a uuid value, when the terminal equipment determines that the equipment to which the broadcast belongs is connectable equipment according to the signal strength of the broadcast and the uuid value, receiving a Bluetooth connection establishment request sent by the terminal equipment, establishing a Bluetooth connection with the terminal equipment based on the Bluetooth connection establishment request, sending a notification message that the Bluetooth connection is successfully established to the terminal equipment, receiving an authentication login instruction sent by the terminal equipment based on the notification message, acquiring to-be-signed data carried in the authentication login instruction, signing the to-be-signed data according to the stored private key to obtain a signature result, and sending the signature result to the terminal equipment, so that the terminal equipment executes an automatic screen unlocking operation according to the signature result. According to the method and the device, the locked screen can be quickly and automatically unlocked through the automatic unlocking processing based on the Bluetooth connection, so that the method and the device have relatively high safety.
-
3.发明公开公开(公告)号:US20240214220A1
公开(公告)日:2024-06-27
申请号:US18288037
申请日:2022-06-22
发明人: Zhou LU , Huazhang YU
CPC分类号: H04L9/3263 , G06F9/45558 , G06F2009/45587
摘要: An implementation method for increasing the number of certificates supported by a PIV application, the method comprising: a virtual machine of a key device is powered on; a data endpoint address is set to be an endpoint address of a CCID interface that receives instruction data; according to the instruction data, APDU data used for the authentication of a PIV application is obtained; and the APDU data used for the authentication of the PIV application is sent to a PIV application of the key device; the PIV application calls an API interface to obtain a CCID interface number, obtains a PIV device certificate number according to a general device certificate number in the APDU data used for the authentication of the PIV application and the CCID interface number, obtains a PIV certificate according to the PIV device certificate number, and operates according to the PIV certificate to obtain operation results; and the virtual machine returns the operation results to an upper computer according to the data endpoint address. The method further comprises: when a USB interrupt is triggered, a USB interrupt process is executed. The described method overcomes the limitation of the number of certificates supported by a PIV application while simplifying operations.
-
公开(公告)号:US11863684B2
公开(公告)日:2024-01-02
申请号:US17606344
申请日:2020-07-15
发明人: Zhou Lu , Huazhang Yu
CPC分类号: H04L9/3234 , H04L9/0825 , H04L9/0869 , H04L9/0877 , H04L9/3226 , H04L9/3236
摘要: A hardware wallet binding authorization method. The method comprises: when a hardware wallet receives a binding state query instruction, determining the value of a verification data existence sign; if the value is first preset data, setting a binding object as null, and setting an authorization state as allowing generation of an authorization code; if the value is second preset data, setting the binding object as a terminal corresponding to the hardware wallet, or other terminals; returning the binding object and a saved hardware wallet certificate to the terminal; when the hardware wallet receives an authorization code generation instruction, if the authorization state is allowing generation of a state code, generating, caching and displaying an authorization code, setting the authorization state as not able to generate an authorization code again, and setting the state of the hardware wallet as unbound; and when the hardware wallet receives a binding instruction, using the acquired authorization code to verify the binding instruction, and if the verification is successful, binding being successful. The terminal can only be connected to the hardware wallet by means of user authorization, such that the security of user assets is ensured.
-
公开(公告)号:US11836712B2
公开(公告)日:2023-12-05
申请号:US17265419
申请日:2019-08-05
发明人: Zhou Lu , Huazhang Yu
CPC分类号: G06Q20/3674 , G06Q20/389 , G06Q20/4014 , H04L63/0428 , H04L63/062
摘要: A method for creating a secure channel for updating a digital currency hardware wallet application: upon receiving a security operation execution instruction, obtaining a public key and a certificate number of a host computer from within the security operation execution instruction, obtaining a corresponding certificate of the host computer according to the certificate number, and verifying the certificate of the host computer using the public key of the host computer; when receiving a verification instruction, obtaining the public key of the host computer according to a key version number and a key ID in the verification instruction, generating a receipt according to a temporary public key of the host computer, the public key of the host computer and a generated session key which are in the verification instruction, and sending the receipt to the upper computer; upon receiving the application update instruction, using the session key to decrypt application data ciphertext in the application update instruction, and updating the saved application data using the successfully decrypted application data. By using the digital currency hardware wallet of the present invention, it is possible to prevent the wallet from being attacked, stolen or tampered with, mutual verification of communication parties may be carried out, and encryption and verification are carried out to ensure data privacy and integrity.
-
公开(公告)号:US20230336354A1
公开(公告)日:2023-10-19
申请号:US17785978
申请日:2021-09-02
发明人: Zhou Lu , Huazhang Yu
CPC分类号: H04L9/3236 , H04L9/30
摘要: A data transmission method, comprising: when a device receives first data sent by an upper computer, parsing the first data to acquire a first content hash value, a first hash value and a first length; performing signature verification on the first data according to a stored first public key; when the signature verification is successful, waiting to receive a data block sent by the upper computer; when the data block is received, verifying the data block according to the first hash value and the first length; and when the verification for the data block is successful, parsing the current data block to obtain the length and the hash value of a next data block and payload data of the current data block, and decrypting the payload data to obtain a payload data plaintext. According to the technical solution of the present invention, the process of data transmission is more secure and efficient.
-
公开(公告)号:US20230289428A1
公开(公告)日:2023-09-14
申请号:US18010937
申请日:2021-10-27
发明人: Zhou Lu , Huazhang Yu
IPC分类号: G06F21/44
CPC分类号: G06F21/44
摘要: A method for implementing a dongle, comprising: a security chip of a dongle determining whether a secure digital (SD) card in a card slot of the dongle is a valid SD card; if the SD card is a valid SD card, when a received instruction is a first/second USB flash drive area access instruction sent by a system, executing an operation of accessing the first/second USB flash drive area; when the received instruction is a PIN code verification instruction for the second USB flash drive area or an encryption area sent by an upper layer, executing a PIN code verification operation on the second USB flash drive area or the encryption area; when the received instruction is a read/write instruction for the encryption area sent by the upper layer, executing a read/write operation on the encryption area; if the SD card is an invalid SD card, when the received instruction is a partitioning instruction, the security chip of the dongle executing a partitioning operation according to a partition information table in the partitioning instruction, storing the partition information table to a secure storage area of the security chip of the dongle, and setting the SD card to be valid. The present invention can ensure that data stored in an SD card is not prone to damage or stealing.
-
公开(公告)号:US20230274105A1
公开(公告)日:2023-08-31
申请号:US18040481
申请日:2021-11-23
发明人: Zhou LU , Huazhang YU
IPC分类号: G06K7/10
CPC分类号: G06K7/10128 , G06K7/10297
摘要: A card reader auxiliary device and a working method thereof, which relate to the field of card readers. The card reader auxiliary device detects whether a card exists based on contactless field of the card reader, when detecting that the card exists, the card reader auxiliary device opens its own contactless field and provides field strength enough for a fingerprint card to enable the fingerprint card to complete fingerprint comparison, the card reader auxiliary device obtains a current time of a timer, determines whether the current time is more than a first preset time, if yes, the card reader auxiliary device closes its own contactless field. According to the embodiments, the fingerprint comparison can be done by a card without updating the card reader, which can make the card communicate smoothly with the card reader.
-
公开(公告)号:US11736149B2
公开(公告)日:2023-08-22
申请号:US17397906
申请日:2021-08-09
发明人: Zhou Lu , Huazhang Yu
CPC分类号: H04B5/0056 , G06K17/0029 , H04B5/0031 , H04W4/80
摘要: The present application relates to a data transmission method for a Bluetooth card reader and an electronic device. The method includes: a CCID driver determines communication rate information corresponding to the Bluetooth card reader based on type information corresponding to the Bluetooth card reader; the CCID driver determines specific communication rate information based on card information and the communication rate information; the CCID driver carries the specific communication rate information in a communication rate confirming request and forwards, via the Bluetooth service program, the communication rate confirming request to the Bluetooth card reader for verification, where the Bluetooth card reader is connected with the Bluetooth service program via Bluetooth; and the CCID driver instructs, based on a communication rate acknowledgement response returned by the Bluetooth card reader, the Bluetooth card reader to transmit, with the specific communication rate information confirmed through the communication rate acknowledgement response, data to be transmitted.
-
公开(公告)号:US11568387B2
公开(公告)日:2023-01-31
申请号:US16770832
申请日:2019-04-10
发明人: Zhou Lu , Huazhang Yu
摘要: A method for realizing an EMV contact transaction without a password, wherein said method is implemented by an EMV IC card and a terminal, wherein when a terminal receives transaction information, it sets a password-free function setting; performs an offline data validation and limitation; performs terminal risk management and a behavior analysis; determines, on the basis of the password-free function setting, whether to perform online processing and performs transaction termination processing; the password-free function setting comprises: when an optional kernel configuration flag in an application parameter corresponding to the current application acquired is set and the transaction amount in the transaction information is greater than a password-free IC card transaction limitation amount, the current application is configured so that verifying the cardholder's PIN is obviated. The present invention allows password-free small-amount transactions, and obviates to upgrade IC cards.
-
-
-
-
-
-
-
-
-
搜索结果
309 条记录 (耗时 0.022 秒)
