chrispeng [ad_1]
The system uses advanced non-contact IC technology and an efficient network system to provide a safe, reliable, convenient and efficient payment method and a complete business processing system for public transport payment, in order to improve the service quality of the public transport industry, and establish high-quality and efficient services for the public transport industry The new image of the company has laid a solid technical foundation. At the same time, it has also created favorable conditions for banks to further develop card consumption. In addition, the implementation of multiple application technologies for contactless IC cards enables the same IC card to provide more social services (such as contactless fees for ferries, subways, and park tickets), and truly achieve multiple uses of one card, thus generating positive results. The social benefits and considerable economic benefits.
Development background
Public transportation is the main way for Chinese residents to travel. However, due to the large population of our country, buses are often overcrowded, conductors have a heavy workload, and the working environment is poor. Public transportation fees, change, financial management and supervision of conductors are difficult. If the passenger has a smart card in hand, he only needs to shake the card when getting on the bus, and the fare will be automatically recorded, and the problem of bus management will be solved.
system structure
1. Schematic diagram of system structure
2. System structure description:
Bank account host: manage card and account files, as well as account processing of all cards and card accounts, IC card business receiving and sending package processing, IC card blacklist management, etc., and can communicate with bus companies through X.25 or TCP/IP protocol Accounting host communication.
Bank branch value-added system: complete the opening, deposit and daily settlement of the bus IC card, and connect with the bank account host through the bank’s internal network.
Bus host system: responsible for data communication and transaction management with the bank host, as well as communication, log, statistical management, etc.
Bus branch company system: responsible for data communication and transaction management with the bus host system, including the management of the lower-level vehicle-mounted machine system, driver management, communication management, statistical management, log management, etc.
Vehicle-mounted charging and data collection system: non-contact charging methods, which are composed of non-contact receivers and corresponding communication facilities, complete the deduction of bus IC cards, and the accumulated transaction statistics can be transmitted to the data through the infrared data collector In the system, it is transmitted to the bus host via the network.
Hardware composition
computer
Host: 486 or above models are fine, memory above 8M, hard disk space above 110M, standard VGA color display, resolution 640×480, mouse.
The internet
The host of the bank, the bus company, and the host of each branch can be networked via X.25 or TCP/IP protocol.
Read and write equipment
The reader adopts hardware encryption 3DES (TRIPLE DES).
Smart card selection
Use ordinary logic encryption card, such as SLE4428;
Software composition
1. Function description of public transportation system
The system software mainly consists of the following parts: The public transportation system is composed of the vehicle-mounted system, the infrared data acquisition system, and the public transportation company information data network system.
1.1 On-board system
The on-board system is installed on the bus and uses the bus power. It has the following functions:
Turn on the vehicle
The on-board machine is turned on, and the driver card is started. After the machine is turned on, the ticket amount and route can be set.
On-board machine ticket deduction
After the customer gets on the bus, use the IC card to check the ticket and deduct the payment within 10cm. The card can be placed in the wallet without removing it. The transaction time is less than 0.1 seconds.
Voice and indicator function
There are different ringtones and indicator lights for normal transactions and abnormal situations.
Balance display
After each check-in and deduction, the card balance will be displayed.
Anti-collision function (automatic discrimination function)
When multiple cards enter the operation area at the same time, the on-board machine will prompt that only one card can enter. When a card enters the operation area without leaving the operation area, the card will not affect the previous card. Influence. The reader will not trade with subsequent cards until the first card leaves the reader area as a card.
Driver card settlement
When the driver changes shifts every day, his driver card is used to settle the total income of the machine, the total number of passengers, the number of monthly passers, and the settlement time, machine number, driver number and other information.
1.2 Data acquisition system
Blacklist download
The infrared data collector downloads the blacklist data from the bank through the bus information system.
Blacklist installation
The infrared data collector updates the blacklist of the vehicle-mounted device before data collection.
Infrared data collection for vehicle-mounted devices
Collect transaction details of vehicle-mounted devices. The acquisition speed is 115K BPS.
Transaction data transmission
The data in the infrared data collector is sent to the data acquisition system through infrared transmission and RS232, and then sent to the bus host and bank back-end host via the information network system of the bus company.
1.3 Information network system of bus company
The system consists of the branch company system and the head office system. Data transmission through high-speed MODEM.
{$page$}
2. Card issuing system and design
In the non-contact IC card application system, the security of the card issuing system and its management mechanism affect the security of the entire system. Banks issue IC cards within designated areas. How to safely control and manage the card issuance application system has become the key to the security of the IC card application system.
This IC card issuing system adopts a centralized management method, and adopts hardware encryption storage for the secure storage of the master key. The transmission of the core key of the card issuance system is also realized by means of 3DES. Thereby ensuring the security of the entire card issuing system key.
2.1 Structure description of card issuance system
Master key generation
Multiple people enter the card issuing master key. The master key is encrypted by 3DES through the Manufacture Key, then transmitted to the non-contact card reader, decrypted by 3DES inside the card reader, and stored in the encrypted memory chip. The master key contains the following keys:
ISSUER KEY: Issuer key, used for system control.
UPDATE KEY: Personal information modification key, used to modify personal information control.
DEBIT KEY: Wallet deduction key, used for ticket verification and deduction.
CREDIT KEY: Wallet deposit key, used for wallet deposits.
2.2 Description of the card issuance process
Start the card issuance system with the issuance management card.
Enter the card issuance information such as the card number.
The card reader reads the card serial number (Card Serial Number)
In the card reader, each master key is processed according to the card serial number.
Write the key processing result and data into the card.
The initial state of the card is inactive.
3. System safety instructions
The characteristics of offline consumption of IC cards in this system make its security control particularly important. In the security performance design of this system, a series of measures such as bank back-end security control and transaction authentication are mainly considered.
3.1 Bank back-end security control mechanism
In order to ensure the security of the system, the non-contact IC card wallet deposit adopts an online transaction method, and the deposit key is stored in the security chip of the bank background. Each deposit transaction is verified by the bank host, which effectively prevents The occurrence of counterfeit deposits.
3.2 Transaction authentication
In this system, the vehicle-mounted machine uses three-time password two-way authentication (in accordance with ISO DIS9789-2 requirements) when checking and deducting money. All data has 16BIT CRC check.
3.3 Network system information security
In the information security control of the IC card network system, MAC (Message Authentication Code) verification technology is used to ensure the integrity and consistency of transaction information.
3.4 Blacklist management
Blacklist management refers to the processing of blacklist card information during IC card processing. Due to the large number of offline consumption transactions of IC cards in the bus system, the management of the blacklist is particularly important. The latest blacklist information must be stored on the vehicle, as above As mentioned, the blacklist management adopts an online download method.
[ad_2]
