Method and apparatus of verifying terminal and medium
First Claim
1. A method for verifying a terminal, comprising:
- writing terminal hardware parameters into a secure element in the terminal before an operating system is loaded to the terminal, wherein the secure element comprises a secure card;
establishing a secure channel with a server through the secure element in the terminal after mutual authentication by performing the following steps;
receiving a selection command from the server according to a request for establishing the secure channel through the secure element, and responding to the selection command, the selection command being configured to instruct the server to communicate with the secure element;
receiving a first verification information from the server through the secure element, the first verification information including an initialization update command and a first key value;
generating a second verification information after a verification of the first key value is passed by the secure element, and sending the second verification information to the server, the second verification information including a card ciphertext and a second key value generated according to the initialization update command;
receiving an external authentication command from the server through the secure element, the external authentication command carrying a host ciphertext that is generated and sent from the server after a verification of the card ciphertext and the second key value is passed; and
determining that mutual verification between the secure element and the server is satisfied after verification of the host ciphertext by the secure element;
sending the terminal hardware parameters in the secure element to the server through the secure channel, wherein the terminal hardware parameters are stored in memory of the terminal and comprise a model number, a serial number, and an International Mobile Equipment Identity (IMEI) number, and the terminal has no authority to read the terminal hardware parameters, wherein the server is configured to feed back identification information according to the terminal hardware parameters; and
determining a verification result of an authenticity of the terminal according to the identification information fed back by the server.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and an apparatus of verifying a terminal are provided in the field of computer technology. In the method, the terminal establishes a secure channel with a server through a secure element in the terminal. The terminal sends original terminal hardware parameters in the secure element to the server through the secure channel by using the secure element, where the server is configured to feed back identification information according to the terminal hardware parameters. The terminal then determines a verification result of an authenticity of the terminal according to the identification information fed back by the server. The apparatus includes: a channel establishing module, a parameter sending module and a result determining module. The present disclosure solves the problem that the verification application program cannot identify the authenticity of the terminal due to the degradation of the terminal performance, and achieves the effect that the accuracy of the authenticity of verifying the terminal is improved.
43 Citations
12 Claims
-
1. A method for verifying a terminal, comprising:
-
writing terminal hardware parameters into a secure element in the terminal before an operating system is loaded to the terminal, wherein the secure element comprises a secure card; establishing a secure channel with a server through the secure element in the terminal after mutual authentication by performing the following steps; receiving a selection command from the server according to a request for establishing the secure channel through the secure element, and responding to the selection command, the selection command being configured to instruct the server to communicate with the secure element; receiving a first verification information from the server through the secure element, the first verification information including an initialization update command and a first key value; generating a second verification information after a verification of the first key value is passed by the secure element, and sending the second verification information to the server, the second verification information including a card ciphertext and a second key value generated according to the initialization update command; receiving an external authentication command from the server through the secure element, the external authentication command carrying a host ciphertext that is generated and sent from the server after a verification of the card ciphertext and the second key value is passed; and determining that mutual verification between the secure element and the server is satisfied after verification of the host ciphertext by the secure element; sending the terminal hardware parameters in the secure element to the server through the secure channel, wherein the terminal hardware parameters are stored in memory of the terminal and comprise a model number, a serial number, and an International Mobile Equipment Identity (IMEI) number, and the terminal has no authority to read the terminal hardware parameters, wherein the server is configured to feed back identification information according to the terminal hardware parameters; and determining a verification result of an authenticity of the terminal according to the identification information fed back by the server. - View Dependent Claims (2, 3, 4)
-
-
5. An apparatus of verifying a terminal, comprising:
-
a processor; and a memory for storing instructions executable by the processor; wherein the processor is configured to; write terminal hardware parameters into a secure element in the terminal before an operating system is loaded to the terminal, wherein the secure element comprises a secure card; establish a secure channel with a server through the secure element in the terminal after mutual authentication by performing the following steps; receiving a selection command from the server according to a request for establishing the secure channel through the secure element, and responding to the selection command, the selection command being configured to instruct the server to communicate with the secure element; receiving a first verification information from the server through the secure element, the first verification information including an initialization update command and a first key value; generating a second verification information after a verification of the first key value is passed by the secure element, and sending the second verification information to the server, the second verification information including a card ciphertext and a second key value generated according to the initialization update command; receiving an external authentication command from the server through the secure element, the external authentication command carrying a host ciphertext that is generated and sent from the server after a verification of the card ciphertext and the second key value is passed; and determining that mutual verification between the secure element and the server is satisfied after verification of the host ciphertext by the secure element; send the terminal hardware parameters in the secure element to the server through the secure channel, wherein the terminal hardware parameters are stored in memory of the terminal and comprise a model number, a serial number, and an International Mobile Equipment Identity (IMEI) number, and the terminal has no authority to read the terminal hardware parameters, wherein the server being is configured to feed back identification information according to the terminal hardware parameters; and determine a verification result of an authenticity of the terminal according to the identification information fed back by the server. - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory computer readable storage medium, when instructions in the storage medium are executed by the processor of a terminal, the terminal may execute acts for verifying the terminal, the acts comprising:
-
writing terminal hardware parameters into a secure element in the terminal before an operating system is loaded to the terminal, wherein the secure element comprises a secure card; establishing a secure channel with a server through the secure element in the terminal after mutual authentication by performing the following steps; receiving a selection command from the server according to a request for establishing the secure channel through the secure element, and responding to the selection command, the selection command being configured to instruct the server to communicate with the secure element; receiving a first verification information from the server through the secure element, the first verification information including an initialization update command and a first key value; generating a second verification information after a verification of the first key value is passed by the secure element, and sending the second verification information to the server, the second verification information including a card ciphertext and a second key value generated according to the initialization update command; receiving an external authentication command from the server through the secure element, the external authentication command carrying a host ciphertext that is generated and sent from the server after a verification of the card ciphertext and the second key value is passed; and determining that mutual verification between the secure element and the server is satisfied after verification of the host ciphertext by the secure element; sending the terminal hardware parameters in the secure element to the server through the secure channel, wherein the terminal hardware parameters are stored in memory of the terminal and comprise a model number, a serial number, and an International Mobile Equipment Identity (IMEI) number, and the terminal has no authority to read the terminal hardware parameters, wherein the server is configured to feed back identification information according to the terminal hardware parameters; and determining a verification result of an authenticity of the terminal according to the identification information fed back by the server. - View Dependent Claims (10, 11, 12)
-
Specification