基于2.4G射频技术的手机支付方案研究
摘要
手机支付业务是指基于移动通信网络和互联网络技术,利用手机,通过短信息、STK、语音、WAP等方式,通过手机支付账户进行消费、充值、转账、查询等电子商务操作,并进行相关业务管理的业务。通过手机支付业务提供的支付能力,用户可以进行实物商品、数字商品、服务的购买以及电信数据增值业务的付费。目前,手机移动支付的实现方式主要是通过SMS、GPRS、WAP、STK等远程控制方式完成。这种方式存在以下明显不足之处:一是实现方式复杂,成本高昂;二是交易过程繁琐,交易时间过长,用户认可度低;三是交易安全性很难保障。
本文研究的是基于RFID技术的手机支付系统,提出手机支付系统的总体架构设计,从RF_SIM卡子系统设计、读卡器子系统设计、校准器子系统设计、射频接口协议四个方面进行了研究。其中,对RF_SIM卡子系统设计和射频接口协议做了重点阐述。在手机支付系统的设计中,安全性是非常重要的一个方面。本文对支付系统的安全性进行了详细分析,包括RF_SIM卡的安全体系、安全备份与数据恢复机制。开发出适合小额手机支付所使用的混和加密算法,对于系统应用的意义非常重大。本文紧紧抓住该手机支付系统特殊的应用环境,设计并实现了基于3DES、改进RSA算法的混和加密算法,大大提高了数据加密的速度。在充值、交易等许多重要的环节都可以用该混合算法进行加密。本文设计了手机支付的业务流程,展示了手机支付系统的实现架构和实际业务操作界面。
该系统可以实现多运营商、多地区、多领域使用,充分发挥手机“随时、随地、随身”的特点,体现方便、快捷、时尚的生活方式,目前已经实现了小范围的商用。本文最后对手机支付的发展、演进提出了一些前瞻性的观点。
RF_SIM卡是用于手机的用户身份识别卡。RF_SIM卡创新性地将无线2.4G射频(RF)模块集合到SIM卡内,从而彻底改变传统SIM卡只能和手机进行通讯的缺点,使RF_SIM可以随时和周围的设备进行交互,并且不影响SIM卡的原有功能。RF_SIM可以广范应用于电子支付、身份识别和信息传递等的各种应用领域,从而促进电信和银行、交通等领域的进一步融合。另外,本文提出了基于3DES、改进RSA算法的混合加密算法,该算法能够满足金融系统高度的安全性、加密解密过程的快速性以及管理的灵活性等各方面的要求。
本文设计的手机支付业务流程基本能满足市场的需求,但是系统仍然存在以下几个方面的问题。一是账户限制。目前没有支持账户和银行卡绑定。二是充值方式的限制。目前只支持营业厅充值的方式,这为客户带来了很多不方便的地方。
Mobile payment business means that based on the mobile communication network and Internet technology, the use of mobile phones, through the short message, STK, voice, WAP ways, through the mobile payment account for consumption, prepaid phone, transfer, inquires the etc, and electronic business operation related business management business. Through the mobile payment business provides ability to pay, the user can for objective commodity, digital goods, services and the purchase of the telecom data value-added business pay. At present, the realization of the mobile phone mobile payment way mainly through SMS, GPRS, WAP, STK, remote control way to complete. This way there are obvious deficiency: the one is the way to realize the high cost of complex. Two is trading process trival, trade time is too long, low approval users; Three is difficult to guarantee security trading.
In this paper the research is based on RFID technology mobile payment system, puts forward the general framework for the mobile payment system design, from RF_SIM clip next system design, card reader subsystem design, collimator subsystem design, RF interface protocols four are studied. Among them, to provide RF_SIM system design and RF interface protocols do with emphasis. In the mobile payment system design, safety is very important. In this paper, the safety of payment system are analyzed in detail, including RF_SIM card safety system, safety backup and restore data mechanism. Developing suitable small mobile payment of mixed used encryption algorithm, the significance of application for system is very important. This paper hold the mobile payment system special application environment, the design and realized based on 3 DES, improve the blending of RSA algorithms encryption algorithm, greatly improving the data encryption speed. In deposits, many important link of trade can be used by the mixed algorithm encryption. This paper introduces the design of mobile payment business process, show the mobile payment system realization structure and the actual business operation interface.
The system can achieve more operators, many areas, many fields use, give full play to the mobile phone "anywhere, at any time, with the characteristics of,", reflect the convenient, quick and fashionable way of life, has realized the small range of commercial. Finally, the development of mobile payment, evolution put forward some forward-looking point of view.
RF_SIM card is used for mobile phone user identification card. RF_SIM card innovation in 2.4 G wireless radio frequency (RF) module set to SIM CARDS, so as to completely change the traditional SIM card can only and mobile phone communication shortcomings, make RF_SIM may at any time and the surrounding equipment on interactive, and would not affect the SIM card original function. RF_SIM can be widely used in electronic payment van, the identification and information transfer and other various application field, thus promote telecommunications and bank, transportation and other areas of further integration. In addition, this paper puts forward three DES based on RSA algorithms, improve the mix of encryption algorithm, this algorithm can satisfy the financial system of the high security and encryption and decryption process the quickness of management flexibility and so on various aspects of the requirements.
This paper introduces the design of mobile phone pay business process basic can meet the demand of the market, but the system still exist in the following several aspects of the problem. One is the account limit. No support account and bank CARDS binding. Two is the limit cost way. Currently only support business hall, this way of prepaid phone for customer brought a lot not convenient place.
本文研究的是基于RFID技术的手机支付系统,提出手机支付系统的总体架构设计,从RF_SIM卡子系统设计、读卡器子系统设计、校准器子系统设计、射频接口协议四个方面进行了研究。其中,对RF_SIM卡子系统设计和射频接口协议做了重点阐述。在手机支付系统的设计中,安全性是非常重要的一个方面。本文对支付系统的安全性进行了详细分析,包括RF_SIM卡的安全体系、安全备份与数据恢复机制。开发出适合小额手机支付所使用的混和加密算法,对于系统应用的意义非常重大。本文紧紧抓住该手机支付系统特殊的应用环境,设计并实现了基于3DES、改进RSA算法的混和加密算法,大大提高了数据加密的速度。在充值、交易等许多重要的环节都可以用该混合算法进行加密。本文设计了手机支付的业务流程,展示了手机支付系统的实现架构和实际业务操作界面。
该系统可以实现多运营商、多地区、多领域使用,充分发挥手机“随时、随地、随身”的特点,体现方便、快捷、时尚的生活方式,目前已经实现了小范围的商用。本文最后对手机支付的发展、演进提出了一些前瞻性的观点。
RF_SIM卡是用于手机的用户身份识别卡。RF_SIM卡创新性地将无线2.4G射频(RF)模块集合到SIM卡内,从而彻底改变传统SIM卡只能和手机进行通讯的缺点,使RF_SIM可以随时和周围的设备进行交互,并且不影响SIM卡的原有功能。RF_SIM可以广范应用于电子支付、身份识别和信息传递等的各种应用领域,从而促进电信和银行、交通等领域的进一步融合。另外,本文提出了基于3DES、改进RSA算法的混合加密算法,该算法能够满足金融系统高度的安全性、加密解密过程的快速性以及管理的灵活性等各方面的要求。
本文设计的手机支付业务流程基本能满足市场的需求,但是系统仍然存在以下几个方面的问题。一是账户限制。目前没有支持账户和银行卡绑定。二是充值方式的限制。目前只支持营业厅充值的方式,这为客户带来了很多不方便的地方。
Mobile payment business means that based on the mobile communication network and Internet technology, the use of mobile phones, through the short message, STK, voice, WAP ways, through the mobile payment account for consumption, prepaid phone, transfer, inquires the etc, and electronic business operation related business management business. Through the mobile payment business provides ability to pay, the user can for objective commodity, digital goods, services and the purchase of the telecom data value-added business pay. At present, the realization of the mobile phone mobile payment way mainly through SMS, GPRS, WAP, STK, remote control way to complete. This way there are obvious deficiency: the one is the way to realize the high cost of complex. Two is trading process trival, trade time is too long, low approval users; Three is difficult to guarantee security trading.
In this paper the research is based on RFID technology mobile payment system, puts forward the general framework for the mobile payment system design, from RF_SIM clip next system design, card reader subsystem design, collimator subsystem design, RF interface protocols four are studied. Among them, to provide RF_SIM system design and RF interface protocols do with emphasis. In the mobile payment system design, safety is very important. In this paper, the safety of payment system are analyzed in detail, including RF_SIM card safety system, safety backup and restore data mechanism. Developing suitable small mobile payment of mixed used encryption algorithm, the significance of application for system is very important. This paper hold the mobile payment system special application environment, the design and realized based on 3 DES, improve the blending of RSA algorithms encryption algorithm, greatly improving the data encryption speed. In deposits, many important link of trade can be used by the mixed algorithm encryption. This paper introduces the design of mobile payment business process, show the mobile payment system realization structure and the actual business operation interface.
The system can achieve more operators, many areas, many fields use, give full play to the mobile phone "anywhere, at any time, with the characteristics of,", reflect the convenient, quick and fashionable way of life, has realized the small range of commercial. Finally, the development of mobile payment, evolution put forward some forward-looking point of view.
RF_SIM card is used for mobile phone user identification card. RF_SIM card innovation in 2.4 G wireless radio frequency (RF) module set to SIM CARDS, so as to completely change the traditional SIM card can only and mobile phone communication shortcomings, make RF_SIM may at any time and the surrounding equipment on interactive, and would not affect the SIM card original function. RF_SIM can be widely used in electronic payment van, the identification and information transfer and other various application field, thus promote telecommunications and bank, transportation and other areas of further integration. In addition, this paper puts forward three DES based on RSA algorithms, improve the mix of encryption algorithm, this algorithm can satisfy the financial system of the high security and encryption and decryption process the quickness of management flexibility and so on various aspects of the requirements.
This paper introduces the design of mobile phone pay business process basic can meet the demand of the market, but the system still exist in the following several aspects of the problem. One is the account limit. No support account and bank CARDS binding. Two is the limit cost way. Currently only support business hall, this way of prepaid phone for customer brought a lot not convenient place.
引文
[1]王雪梅.3G技术下电子商务时代的“手机购物”模式分析.中国商贸,2009,06(b):123-124
[2]水清木华研究中心,NFC(近距离通信)产业研究报告,2007年2月
[3]陆锋.中国移动支付产业研究:[北京邮电大学硕士学位论文].北京:北京邮电大学经济管理学院,2007,12-50
[4]王蕾.RFID技术在邮政实物网中的应用设计与实现:[南京理工大学硕士学位论文].南京:南京理工大学,2007,6-18
[5]高蜀燕.射频识别技术研究与应用设计:[太原理工大学硕士学位论文].太原:太原理工大学,2008,1-25
[6]翟霞晖.基于RFID不停车收费系统相关技术研究:[东华大学硕士学位论文].上海:东华大学,2008,1-80
[7]周晓光,王晓华.射频识别(RFID)技术原理与应用实例.北京:人民邮电出版社,2006,8-25
[8]游战清,李苏剑.无线射频识别技术(RFID)理论与应用.北京:电子工业出版社,2004,4-19
[9] E.W.T.Ngai,T.C.E.Cheng,S.Auandetc . Mobile ecommerce integrated With RFID Teehnology in a container depot ,Decision Support Systems,Volume 43,Issue l,2007
[10] EPCRadio-Frequency Identity Protocols Class- 1 Generation-2 UHF RFID Conformance requirements.Auto-ID Center,2005(2):1l-13
[11] Draft Protocol specification for a 900 MHz Class 0 Radio Frequency Identification Tag.Auto-ID Center,2003(2):10-12
[12] EPC Generation 1Tag Data Standard Version 1.1 Rev.1.27 Standard Speeifieation.EPC Global,2005(5):20-21
[13] EPC Tag Data Standards Version 1.1 Rev.1.24 Standard specification,EPC Global,2005(5):33-34
[14] EPC Radio-Frequency Identity Protocols Class-1Generation-2UHF RFID Protocol for Communications at 860 MHz-960 MHz Version 1.0.9,EPC Global,2005(7):31-32
[15]李海东.移动电子商务——手机钱包模型的研究:[太原理工大学硕士学位论文].太原:太原理工大学,2007,10-48
[16]李小朋.基于NFC技术的电子钱包系统设计与安全性研究:[北京邮电大学硕士学位论文].北京:北京邮电大学电信工程学院,2007,41-54
[17]吴超.“手机钱包”及其应用研究:[北京邮电大学硕士学位论文].北京:北京邮电大学软件学院,2007,1-20
[18]蔡友林,潘仕彬,何为民,蔡丽林.基于IC卡的电子钱包系统设计与实现.东华理工大学学报,2008,31(2):197-201
[19]陈恺.电子现金系统与公钥基础设施研究:[西安电子科技大学博士论文].西安:西安电子科技大学,2001,14-20
[20]黄健.智能卡COS的研究与设计:[广东工业大学硕士学位论文].广州:广东工业大学,2008,12-15
[21]刘楠.SIM技术体系和业务研究:[北京邮电大学硕士学位论文].北京:北京邮电大学继续教育学院,2007,1-12
[22]黄晓俊,潘镭.基于射频卡技术的小额电子钱包.中国信用卡,2009:59-62
[23]辛明侠.基于RFID和手机的移动计算技术的应用研究:[上海交通大学硕士学位论文].上海:上海交通大学软件学院,2006,10-20
[24]孔涛.匿名移动小额支付系统设计:[上海交通大学硕士学位论文].上海:上海交通大学软件学院,2005,1-30
[25]王剑.中国借记卡安全电子支付系统:[西南交通大学硕士学位论文].重庆:西南交通大学软件学院,2006,1-40
[26]胡晓岚,许传森,汪剑,张艺.基于2.4G RFID的井下人员定位系统的设计.仪表技术,2009,4:14-16
[27]吴超.“手机钱包”及其应用研究:[北京邮电大学硕士学位论文].北京:北京邮电大学软件学院,2007,1-40
[28]杨小东,张贵仓,陆洪文.基于身份认证的手机支付系统的设计与实现.计算机应用,2007,27(3):36-39
[29]李翔.智能卡研发技术与工程实践.求是科技,北京:人民邮电出版社,2003
[30]章照止.现代密码学基础.北京:北京邮电大学出版社,2004:154-158
[31]王萍,廖芳燕,廖芳午,张树贵.RSA算法中快速生成大素数方法的改进.重庆文理学院学报,2009,28(3):9-11
[32]裴定一,祝跃飞.算法数论.北京:科学出版社,2002:21-23
[33]王英.RSA算法中大素数的快速生成方法.湖南科技学院学报,2005,26(5):14-16
[34]刘明华,余启港.RSA公钥密码算法中大素数的生成及素性检测.中南民族大学学报(自然科学版),2004,23(4):94-96
[35]游新娥.RSA算法中安全大素数生成方法研究与改进.北京电子科技学院学报,2007,15(2):14-16 Kennetj H Rosen
[36] Kennetj H Rosen.Elementary number theory and its applications (fourth edition).北京:机械工业出版社,2004:146-157
[37] Song Y Yan.Number theory for computing(2th edition).世界图书出版公司,2002:139-159
[38]许万福,侯惠芳.一种新的快速RSA算法.计算机与数字工程,2009,37(5):45-46
[39]梁雅,刘岚.基于Java卡DES及3DES算法的实现.武汉理工大学学报,2006,28(11):63-66
[40]谢志强,高鹏飞,杨静.基于前缀码的DES算法改进研究.计算机工程与应用,2009,45(9):92-94
[41] WU Yu-feng, LIU Quan.LI Fang-min. Research and Application of Cryptogram Technology in Network Security. Vacuum Electronics, 2004,6 (5):49-52
[42] FAN Chonggui, ZHENG Zhiwei.Java Code Encrypt Technology Base on Triple DES and RSA Algorithm.Microcomputer Applications,2009,12(11): 201-204
[43] Diogo Remedios, Luís Sousa, Manuel BarataLuis Osorio. NFC Technologies in Mobile Phones and Emerging Applications. Information Technology For Balanced Manufacturing Systems, 2006, 220:425-434
[44] A. Juels, RFID Security and Privacy: A Research Survey,Condensed version to appear in 2006 in the IEEE Journal on Selected Areas in Communication, 2006
[45] S. A. Weis, S. E. Sarma, R. L. Rivest, and D. W. Engels.Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems, Security in Pervasive Computing,2003
[46]蒋波.一种基于三重DES和RSA的综合加密方案.微计算机信息,2007,23(06):52-54
[47]冯慧娟,马华,杨波.一种新的基于RSA加密算法的叛逆者追踪方案.计算机应用研究,2007,24(05):135-136
[48]秦建,吴春明.RSA算法及改进方案的探讨.西南农业大学学报,2006,28(05):885-888
[2]水清木华研究中心,NFC(近距离通信)产业研究报告,2007年2月
[3]陆锋.中国移动支付产业研究:[北京邮电大学硕士学位论文].北京:北京邮电大学经济管理学院,2007,12-50
[4]王蕾.RFID技术在邮政实物网中的应用设计与实现:[南京理工大学硕士学位论文].南京:南京理工大学,2007,6-18
[5]高蜀燕.射频识别技术研究与应用设计:[太原理工大学硕士学位论文].太原:太原理工大学,2008,1-25
[6]翟霞晖.基于RFID不停车收费系统相关技术研究:[东华大学硕士学位论文].上海:东华大学,2008,1-80
[7]周晓光,王晓华.射频识别(RFID)技术原理与应用实例.北京:人民邮电出版社,2006,8-25
[8]游战清,李苏剑.无线射频识别技术(RFID)理论与应用.北京:电子工业出版社,2004,4-19
[9] E.W.T.Ngai,T.C.E.Cheng,S.Auandetc . Mobile ecommerce integrated With RFID Teehnology in a container depot ,Decision Support Systems,Volume 43,Issue l,2007
[10] EPCRadio-Frequency Identity Protocols Class- 1 Generation-2 UHF RFID Conformance requirements.Auto-ID Center,2005(2):1l-13
[11] Draft Protocol specification for a 900 MHz Class 0 Radio Frequency Identification Tag.Auto-ID Center,2003(2):10-12
[12] EPC Generation 1Tag Data Standard Version 1.1 Rev.1.27 Standard Speeifieation.EPC Global,2005(5):20-21
[13] EPC Tag Data Standards Version 1.1 Rev.1.24 Standard specification,EPC Global,2005(5):33-34
[14] EPC Radio-Frequency Identity Protocols Class-1Generation-2UHF RFID Protocol for Communications at 860 MHz-960 MHz Version 1.0.9,EPC Global,2005(7):31-32
[15]李海东.移动电子商务——手机钱包模型的研究:[太原理工大学硕士学位论文].太原:太原理工大学,2007,10-48
[16]李小朋.基于NFC技术的电子钱包系统设计与安全性研究:[北京邮电大学硕士学位论文].北京:北京邮电大学电信工程学院,2007,41-54
[17]吴超.“手机钱包”及其应用研究:[北京邮电大学硕士学位论文].北京:北京邮电大学软件学院,2007,1-20
[18]蔡友林,潘仕彬,何为民,蔡丽林.基于IC卡的电子钱包系统设计与实现.东华理工大学学报,2008,31(2):197-201
[19]陈恺.电子现金系统与公钥基础设施研究:[西安电子科技大学博士论文].西安:西安电子科技大学,2001,14-20
[20]黄健.智能卡COS的研究与设计:[广东工业大学硕士学位论文].广州:广东工业大学,2008,12-15
[21]刘楠.SIM技术体系和业务研究:[北京邮电大学硕士学位论文].北京:北京邮电大学继续教育学院,2007,1-12
[22]黄晓俊,潘镭.基于射频卡技术的小额电子钱包.中国信用卡,2009:59-62
[23]辛明侠.基于RFID和手机的移动计算技术的应用研究:[上海交通大学硕士学位论文].上海:上海交通大学软件学院,2006,10-20
[24]孔涛.匿名移动小额支付系统设计:[上海交通大学硕士学位论文].上海:上海交通大学软件学院,2005,1-30
[25]王剑.中国借记卡安全电子支付系统:[西南交通大学硕士学位论文].重庆:西南交通大学软件学院,2006,1-40
[26]胡晓岚,许传森,汪剑,张艺.基于2.4G RFID的井下人员定位系统的设计.仪表技术,2009,4:14-16
[27]吴超.“手机钱包”及其应用研究:[北京邮电大学硕士学位论文].北京:北京邮电大学软件学院,2007,1-40
[28]杨小东,张贵仓,陆洪文.基于身份认证的手机支付系统的设计与实现.计算机应用,2007,27(3):36-39
[29]李翔.智能卡研发技术与工程实践.求是科技,北京:人民邮电出版社,2003
[30]章照止.现代密码学基础.北京:北京邮电大学出版社,2004:154-158
[31]王萍,廖芳燕,廖芳午,张树贵.RSA算法中快速生成大素数方法的改进.重庆文理学院学报,2009,28(3):9-11
[32]裴定一,祝跃飞.算法数论.北京:科学出版社,2002:21-23
[33]王英.RSA算法中大素数的快速生成方法.湖南科技学院学报,2005,26(5):14-16
[34]刘明华,余启港.RSA公钥密码算法中大素数的生成及素性检测.中南民族大学学报(自然科学版),2004,23(4):94-96
[35]游新娥.RSA算法中安全大素数生成方法研究与改进.北京电子科技学院学报,2007,15(2):14-16 Kennetj H Rosen
[36] Kennetj H Rosen.Elementary number theory and its applications (fourth edition).北京:机械工业出版社,2004:146-157
[37] Song Y Yan.Number theory for computing(2th edition).世界图书出版公司,2002:139-159
[38]许万福,侯惠芳.一种新的快速RSA算法.计算机与数字工程,2009,37(5):45-46
[39]梁雅,刘岚.基于Java卡DES及3DES算法的实现.武汉理工大学学报,2006,28(11):63-66
[40]谢志强,高鹏飞,杨静.基于前缀码的DES算法改进研究.计算机工程与应用,2009,45(9):92-94
[41] WU Yu-feng, LIU Quan.LI Fang-min. Research and Application of Cryptogram Technology in Network Security. Vacuum Electronics, 2004,6 (5):49-52
[42] FAN Chonggui, ZHENG Zhiwei.Java Code Encrypt Technology Base on Triple DES and RSA Algorithm.Microcomputer Applications,2009,12(11): 201-204
[43] Diogo Remedios, Luís Sousa, Manuel BarataLuis Osorio. NFC Technologies in Mobile Phones and Emerging Applications. Information Technology For Balanced Manufacturing Systems, 2006, 220:425-434
[44] A. Juels, RFID Security and Privacy: A Research Survey,Condensed version to appear in 2006 in the IEEE Journal on Selected Areas in Communication, 2006
[45] S. A. Weis, S. E. Sarma, R. L. Rivest, and D. W. Engels.Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems, Security in Pervasive Computing,2003
[46]蒋波.一种基于三重DES和RSA的综合加密方案.微计算机信息,2007,23(06):52-54
[47]冯慧娟,马华,杨波.一种新的基于RSA加密算法的叛逆者追踪方案.计算机应用研究,2007,24(05):135-136
[48]秦建,吴春明.RSA算法及改进方案的探讨.西南农业大学学报,2006,28(05):885-888