`(12) Patent Application Publication (10) Pub. No.: US 2012/0296819 A1
`
` Lu et a1. (43) Pub. Date: NOV. 22, 2012
`
`
`US 20120296819A1
`
`(54) METHOD FOR OPERATING AN E-PURSE
`
`Publication Classification
`
`76
`
`Inventors:
`
`)
`(
`(2]) App]. No.:
`
`Zhou Lu Bei‘in C ' IIuazhan
`Y“, Beg113g (5mg N)’
`13/519,187
`
`g
`
`(22) PCT Bled.
`(86) PCT No.:
`
`Jun. 29’ 20”
`PCT/CN2011/076590
`
`§ 371 (c)(l )7
`(2): (4) Date:
`
`Jun_ 255 2012
`
`(30)
`
`Foreign Application Priority Data
`
`Jun, 295 2010
`Jun. 29, 2010
`
`(CN) _________________________ 2010102139203
`(CN) ......................... 2010102141326
`
`(51)
`
`Int. Cl'
`(2012.01)
`G06Q 20/34
`(52) US. Cl. .......................................................... 705/41
`
`(57)
`ABSTRACT
`The invention discloses a method for operating an e-purse,
`relating to the information security field. The method
`includes that a CPU card enters into a contactless induction
`
`area of a terminal, is powered up and initialized, receives an
`operation initializing instruction from thc terminal, reads and
`stores data comprising transaction amount in the operation
`initializing instruction, and performs the related operation.
`The operation initializing instruction is a complex loading
`initializing instruction or a purchase initializing instruction.
`The data comprises transaction amount.
`
`A CPL? card enters into a contactless inductive area ota
`
`terminal. is; powered up and initialized
`
`‘
`
`Receive a loading initialization instruction scnt toy a
`E terminal. read and, store data including a. transaction amount
`in the instruction? perform loading initialization.
`
`"
`
`‘
`
`
`
`Receive an instruction for updatmg the complex
`application specific file sent by the terminal and retrieve
`ii??.§9¥13,t?l??£§t?l3liCal-.391},,Sl???lfi9lil§?..
`
`
`
`
`
`5 "
`
`Write predetermined data in storage space ot‘the
`complex. application specific F136: and replace what is
`W..._........,.....,,,...,...,,,_,.s, ,. W. ,,
`.... , M n .. ,MW MW, __.... i.._..,...~_/...1
`-Et’féitii0U5l3é-ifl-i§;-.
`
`
`
`
`Receive the loading instruction sent by the terminal. read
`and store data in the instruction
`1
`
`
`
`”(13inp’ii’ié‘t’liéwtiiinééé’t'ioi{Sinoiififaiititiétéwin'tiiéwcoinplei?
`; application specific file with predetermined algorithm to
`t
`obtain a new amount, add the new amount to balance of
`
`......tit§,,.¢:pg.rss19..912E,a.in-new-haie9,9n§nfltension,batting-.-
`
`Google LLC v. RFCyber Corp. / Page 1 of 19
`
`GOOG-1024
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 1 of 19
`
`
`
`Patent Application Publication
`
`Nov. 22, 2012 Sheet 1 0f 5
`
`US 2012/0296819 A1
`
`g A CPU card enters into a ctmtactlesg inductive area Ufa
`terminall is powered up and initialized
`
`Receive a loading initialization instmtttion mm: by a
`Eterminak read and store: data including; a transaction amnunt
`'
`in thn imtmction, perflmn wading initializatinn.
`
`
`Receive: an instruction for updating the cun‘lplex
`f applicaticm specific file gent by the terminal and retrieve
`
`
`E
`
`“
`
`" 53’
`
`l W"
`Write pres-determined data in storage space ofthe
`complex application specific file and replace what is
`
`
`5’4
`
`
`
`Receive the loading instruction sent by the terminal. read
`‘
`’
`and store data in the instruction
`«,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
`mMWMMN.ma,..-,,V..~,_‘..,,_,l,,._r,.._»,u,,WWW“. w ., ,. WWW ._.r...w,w_,.,__,.mw, W.
`
`t
`
`; application specific file with predetermined algorithm to i
`obtain a new ameunt, add the new amount to balance of E
`.......ll},Sfifrlllslféfiilg£1291,lfl,,l1§i‘i_.§§l§ll,§.§;fillgfillflillj§llQQQlllg;_____E
`
`v 86
`
`Figure l
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 2 of 19
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 2 of 19
`
`
`
`Patent Application Publication
`
`Nov. 22, 2012 Sheet 2 0f 5
`
`US 2012/0296819 A1
`
`
`
`Rs:
`
`
`>1» Moadmgmxtr mug in ructmns at meterrm ’3,
`
`mad and mm
`
`
`’ “)3
`
`“1.104
`
`féémm 3‘ mm LUGU Gig-413371 o
`T [“16 [65’ m (123‘ and W the
`
`DEAN
`am
`
`
`
`nyng number in the i
`
`i Yes
`V
`.,,.,,WW,._!-
`>
`
`(I. malado random numhcr and a pm
`‘
`kcv
`
`
`
`
`
` ~
`
`y mg,
`“
`
`um
`
`m7
`
`Rectum m msmacnon for updamsg the compch applican’un :" -
`
`
`
`
`m:
`
`_
`"RE-iiffri’
`1
`N)
`..
`,
`_ 2i'
`mile; the! ,
`
`
`
`m: SH under the current application 1,,
`~ ---------------- f DXESASZ lo the tar ni n35
`
`Ed;__‘“1h SH in thefigggtwctim' ”
`‘
`endkzfle‘oper at i gum
`H2
`, n3
`
`;
`us;
`A VRcquly'n
`:
`)mplex application spcmfic ma
`5c
`
`r size M Data field in the i
`:‘ructmn i'
`
`pgmsm to me termnali
`
`1d and ”MP9 3391
`llmufil‘:il"()hhz;g}ntlpl
`nppli
`
`ND
`/
`Wite rialRE‘HTRTéW/Tél‘gycif [HUATEWWTKCWPEE ,r ”4
`;.,I
`L.
`
`
`
` l u ypunfie m LPDATETCAFPD mTAOGCHE }/” l
`,,,,,,,L9.Lbs:zEmELWM/JMMWmi
`
`m
`
`I
`
`Receive the loading mstruction (FE: T FCR 03539 LOBQ
`raad and storedatanvf it
`
`11/" H"
`J
`
`‘ HR
`‘1
`Return a slatua code
`0x9302 to the
`
`3
`
`
`
`119 v,“
`
`Update transaction details ofth e-purse /’/
`WWW" ,, m,
`T
`Compulc a transaction aulhenlicaling code TAC
`
`/’
`
`
`
`Figure 2
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 3 of 19
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 3 of 19
`
`
`
`Patent Application Publication
`
`Nov. 22, 2012 Sheet 3 0f 5
`
`US 2012/0296819 A1
`
`
`Recewc the 11131111011011 IN! HAL
`()R
`
`Y,
`
`Rcmm 91.211111, 01160119403 3
`
`P RCHASI; rend 1111115101”; dam thereot
`
`
`
`N10 ”‘5
`tothe 1121111111211 and end
`'
`111110h11sein1’113hz1’ng
`operation
`
`
`
`rrrrr
`_,
`"
`” I
`>
`ofthe epuree and 1101611111116 11111::th
`«ransaciion 11111011111 included111 the amtrucnon 1e:
`-
`1111111111111111111111111111111111111111
`1111111011111:=p111»:
`’
`
`”
`‘4 P 206
`
`Genelate s pseudo random number and a process
`’
`key
`
`
`' "I“
`
`,
`
`‘3
`
`,,
`
`
`
`:
`
`Return slams code 0.129401
`’ A
`‘t
`d
`.
`t
`a
`, \ “S 1. > 10 1h; termmai and end
`purchase initializing
`operation
`,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
`
`,,,,,,,,,,,,,,,,,,,
`
`'.
`,
`" Y '
`"
`Send :1 mewage m 111311111151: 10 the matructlon
`‘
`1_ INITIALIZEFOR PLRCHASF to the 112111111121]
`
`'
`
`; ,,
`1;
`
`/>207
`
`208
`
`
`
`
`
`Nuthfimmte whether MAC31111. u cJ'EU
`
`
`
`-the 1115::
`#111111 13 vahd by the pm
`”hey“ -
`"
`{ Yes
`1» 1; 1-1.11-1,“.m.11w-.wm-,1 V 2!!
`,, 4.
`5 Add l to the 561121] number of offline transachon of e—
`'
`
`
`purse anddeduct dddmon from balanceof the epurse
`
`,,. 210
`Retum status C0653
`0319302 to the
`terminal 1111116111]
`uchase
`WWp'mmmm‘“
`
`1371:-“
`
`Wm1WMMM1WWWA..14_111_,%w-_a’,,,,,,,,,,,,,,,
`1
`;
`Lpddte transachon detalls 01 the e purse
`i,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
`
`i / V 212
`1/
`
`
`
`Generated a fourth message authenticating code
`MAC-4 and compute a transaction authenticating
`code TAC
`
`1 /’ 213
`’
`
`’“‘1‘H”“"“M”—’W"Lw’i’””"’””k“’mm » 2 I 4
`i Retum a message in response to the instruction
`‘
`7/.
`1 DEBIT FOR PURCHASE to the terminal and end 1"
`‘1
`operation
`.
`7 ,,
`,,
`,, ,, 7771
`
`Figure 3
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 4 of 19
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 4 of 19
`
`
`
`Patent Application Publication
`
`Nov. 22, 2012 Sheet 4 0f 5
`
`US 2012/0296819 A1
`
`CPU card enterg into a contactloss induction area o‘l’a
`
`'
`
`terminal. is powered up and initialized
`
`,1
`W311 torreceiving; an instruction sent by thc tormmdl
`
`
`
`
`1’ 401
`
`+402
`
`lspon receiving} tho purchase 11111131111110inStrttction 3LT“
`bx the terminal read and store tho data including a
`trangaction amount in it.
`
`) 40»;
`
`v
`I,
`/
`Compute the transaction amount and value 01 a record
`pertained to it in the complex application spooifio tile
`
`1r 404
`
`
`
`oithe c-putfo 21nd dotmmino whether thE“““““ 1
`overdratt limit of
`,,,,,,,,,,,,
`“
`3h“ “Puff/4,, /////
`
`
`
`
`,,,,,
`
`,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
`
`send a message ot‘E
`Inadequate balance E
`Yes
`v in the e‘purse to
`
`the terminal and
`end the operation El
`
`lGenerate a pseudo random number and a proooss key and
`E
`return a message in response to the purchase initializing
`instruction to the terminal
`
`1 ,,,,,,,,,,,,,,,1
`
`/,
`
`E
`
`Receive the purchase instruction sent by the terminal,
`read and store data of it.
`,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, E
`, , M W, ”EM“,
`..................................................................z ,-_ ' 4 O7
`
`3/,
`E
`
`to the purchase instruction to the terminal
`
`Figure 4
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 5 of 19
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 5 of 19
`
`
`
`Patent Application Publication
`
`Nov. 22, 2012 Sheet 5 0f 5
`
`US 2012/0296819 A1
`
`«m
`
`
`‘;\
`if {m rmjmvmg MI
`
` , wpx mm"! mm
`
`
`
`
` lama-
`N3
`mg number when! in me’
`
`.
`a»
`
`
`
`
`
`«-
`
`
`
` ’
`-
`
`»
`W3
`
`«
`.»
`1': ’
`9401 «
`l
`Rama aimu’s
`LI
`‘,
`,
`” fioi‘m -,
`tarmmi mm
`a}! gut at} m“
`1 an
`
`2,
`
`ans
`y
`
`uJ.
`:mnmmy _.
`
`’ “-3“
`9; am ' A x
`_
`v
`
`_§.Fmr§j WEIR; sky by {he («mtg 1
`w w;
`
`g m n in mum,
`rm mg
`k 22mm mm
`
`
`mm” »
`,_
`_,
`“ m {3:03 ;
`ggkwkrrfliet u max-mm;
`
`nmwigaguy -
`ex‘ 0? mm M FUN?“
`fien’énafi W‘
`m
`( 2mm»; #5.» "mm-3m fimflflwéflfi'vfifin’m
`
`m mam) Iccw
`11w ummlww
`‘
`xwllmtmn gym to
`
`
`f prededem‘ined ngmmhm 1nd (Man ,1 mm
`,_
`-
`,
`mnwme»
`'
`z
`,
`r
`'
`.
`a " ‘
`‘
`;
`c »
`a;
`*
`,wmw: Aimhm «m m an
`
`
`cnbanlh h gnu) 5
`wt "mum ,
`
`
`
`'x‘r-vni! a ::le§x§3k‘ fin“ :sswnae m fixe’
`
`j nsmmimu I N 11 A12? rm mum:
`,
`1:,» me I,v
`f
`H
`
`Receive me mmmn DEBT rm
`’4
`
`;nm¥m bylrewrmna.
`'
`
`I mam store 412314”qu ,
`3
`”mum §
`v 33%
`istatm cjde
`$930210 »
`
`he Lummii
`Mam 4;
`
` WW .. .1
`
`
`3
`.
`‘licmmamay“;mlemum’clolhtxmauc 3:308] RR
`
`
`F igurc 5
`
`
`
`Google LLC v. RFCyber Corp. / Page 6 of 19
`
`GOOG-1024
`
`' 553
`
`
`
`3
`‘ mum: u [A uh xnmsage aulhemi
`‘
`
`code MAC: nr‘d comrvuifi a frfmsmciwn §~
`authenticating (mac ‘1 Mi
`‘
`
`)
`
` ‘
`
`{MW 3 mrmge-n n-spom the
`
`insu’utdon BIB T FCR mum: m It”
`
`the:
`nal ammtrsnsactimn;
`
`:
`; lluxc us 21 rm may:
`in" mm .1 «arm», x’b
`
`
`
`
`mdmxm mi‘
`fin: mrmml 4 1
`
`
`mjw
`the w wdw
`,, ӣ1315,me 2
`mfibcgfiwl in ii»: Fritz"
`
`
`Ralnwrxj’
`
`,,
`,
`2
`.5: 6f“,
`mI‘l/Xfrefdm Lminsnmrm
`a zflxfififidto‘
`
`
`.J g "wa than size oft/her
`i {W ‘3'”?! «Neg,
`fat-mam! twin?
`and and [m
`‘
`I mrfi m
`’*"
`1
`r: swim
`"
`
`
`, Wm-é 4m in HA I
`.x 93cm ox me l,,i,UUUIUI1 m
`\
`d and mm whazmpr
`'
`w
`
`.
`V»
`
`
`
`Kmnm a memgmn 32mm“ m
`In the (5.1m? ml
`
`
`mad and
`
`
`,2,
`' ’-
`
`. «‘xx
`
`. $
`
`cr»«ia0><93{)2 N)
`
`flhelelmnd .
`
`an L1 (M171 fl
`
`
`
`
`
`‘1 t €23
`me send numbctr ufmh’nc mmac m ohm c
`me y
`'
`
`d
`d U
`‘
`n amount m balance om": e~ 1 I: we
`
`i
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 6 of 19
`
`
`
`US 2012/0296819 A1
`
`Nov. 22, 2012
`
`IWETHOD FOR OPERATING AV E-PURSE
`
`FIELD OF THE INVENTION
`
`[0001] The invention relates to the information security
`field, in particular to a method for operating an e-purse in a
`CPU card.
`
`BACKGROUND OF THE INVENTION
`
`[0002] CPU card has a microprocessor which functions as
`a micro processor, inside of its chip and includes a central
`processor unit (CPU), a read-only memory (ROM), a random
`
`access memory (RW) and an electrically erasable program—
`
`
`
`mable read—only memory (4 *PROM), and thus boasts of
`high—volume, higher security, off—line job and multi—function
`development.
`[0003] The CPU card improves security by applying apow-
`erful and stable security controller, and the intenial and exter-
`nal authentication system particular to it and excluded
`authentication system flagged by Banking IC card specifica-
`tion ensure validity and security of a transaction, and firewall
`function of the CPU card guarantees security and indepen-
`dence of different applications in one card, and the high-
`volume storage space of the CPU card meets requirement of
`storage of more customer information generated by predict—
`able large amount expenditure applications.
`[0004]
`In the prior art, e-purse in a CPU card can perform
`basic transaction functions such as general loading, purchas-
`ing. cash withdrawing, and overdraw limit updating. How-
`ever, for a special application, for example promotion on tier
`discounts for different loading amounts in those member
`cards of shopping mall, super market, restaurant, gymnasium
`and the like, the general loading and purchasing function of
`the e-purse in prior art is deficient.
`
`
`
`
`SUMMARY OF TH e INV *NTION
`
`In order to solve the problem in the prior art, the
`[0005]
`invention provides a method for operating an e—purse.
`[0006] A method for operating an e-purse, comprising:
`[0007]
`entering into a contactless induction area of a
`terminal, being powered up and initialized by a CPU
`card, receiving an operation initializing instruction,
`which is
`a complex-complex loading initializing
`instruction or a purchase initializing instruction sent by
`the tenninal, reading and storing data comprising a
`transaction amotmt, included in the operation initializ-
`ing instruction;
`in case that the operation initializing instruction is a complex-
`loading initializing instruction, performing a complex-load-
`ing initializing operation by the CPU card, receiving an
`instruction for updating a complex application specific file
`sent by the terminal, retrieving the complex application spe-
`cific file, writing predetermined data into the storage space of
`the complex application specific file to replace what is previ—
`ously in the storage space, receiving the complex—complex
`loading instruction sent by the tenninal, reading and storing
`data in the complex-complex loading instruction, computing
`the transaction amount and data in the complex application
`specific file according to predetermined algorithm to obtain a
`new amount and adding the new amotmt to balance of the
`e-purse to obtain a new balance;
`in case that the operation initializing instruction is a purchase
`initializing instruction, computing the transaction amount
`and value in related record ofthe complex application specific
`
`file according to predetermined algorithm to obtain a new
`amount by the CPU card, reading balance of the e-purse,
`determining whether the new amount is larger than balance of
`the e—purse plus the overdraft limit of the e—purse, if yes,
`returning a message of inadequate balance in the e—purse to
`the terminal and ending the operation by the CPU card; if no,
`generating a pseudo random umber and a process key, send-
`ing a mes sage in response to the purchase initializing instruc-
`tion to the terminal, receiving a purchase instruction sent by
`the terminal, reading and storing data in the purchase instruc-
`tion, deducting the new amount from balance ofthe e-purse to
`obtain a newer amount and returning a message in response to
`the purchase instruction to the terminal.
`[0008] Advantages:
`[0009] The invention discloses a method for operating an
`e-purse, which makes the whole transaction safer, prevents
`the complex application specific file in a CPU card from being
`modified invalidly, simplifies the tier discounts by setting the
`complex application specific file in case of loading, and
`reduces cost on management.
`
`
`
`BRIEF DESCRIPTIONS OF THE DRAWINGS
`
`FIG. 1 is a flow chart of a method for complex—
`[0010]
`loading an e—purse provided in Embodiment 1;
`[001 1]
`FIG. 2 is a detailed flow chart ofa method for com-
`
`plex—loading an e—purse provided in Embodiment 1;
`[0012]
`FIG. 3 is a detailed flow chart ofa method for pur-
`chase with an e—purse provided in Embodiment 1;
`[0013]
`FIG. 4 is a flow chart ofa method for purchase with
`an e-purse provided in Embodiment 2; and
`[0014]
`FIG. 5 is a detailed flow chart ofa method for pur-
`chase with an e-purse provided in Embodiment 2.
`
`DETAIIFD DESCRIPTIONS OF THE
`EMBODIMENTS
`
`For making purpose, solution and advantage of the
`[0015]
`invention more explicit, a detailed description will be given of
`embodiments of the invention in accompany with the draw-
`ings.
`
`Embodiment 1
`
`For simplifying the tier discounts preference, a com—
`[0016]
`plex application specific file is required to be set in case of
`complex loading. The embodiment provides a method for
`complex-loading an e-purse, as shown in FIG. 1, including
`steps as follows.
`[0017]
`Step S1, CPU card enters into a contactless induc-
`tion area of a terminal, is powered up and initialized.
`[0018]
`Step S2, the CPU card receives a complex loading
`initializing instruction sent by the terminal, reads and stores
`data including transaction amount, in the complex loading
`initializing instruction and executes the complex loading ini-
`tializing operation.
`[0019]
`Step S3, the CPU card receives an instruction for
`updating the complex application specific file sent by the
`terminal and retrieves the complex application specific file.
`[0020]
`Step S4, write predetermined data to the storage
`space of the complex application specific file and replace
`what is previously in the storage space.
`[0021]
`Step S5, receive the complex loading instruction
`sent by the terminal, read and store data in the complex
`loading instruction.
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 7 of 19
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 7 of 19
`
`
`
`US 2012/0296819 A1
`
`Nov. 22, 2012
`
`Step S6, compute the transaction amount and data in
`[0022]
`the complex application specific file with predetermined
`algorithm to obtain a new amount, add the new amount to
`balance of the e—purse to obtain a new balance, and end the
`complex loading.
`[0023] Embodiments are provided below for detailed
`description of the method of the invention.
`
`Embodiment l
`
`[0024] The embodiment provides a method for complex—
`loading an e—purse, for example an e—purse in a CPU card in
`the embodiment. Besides basic transaction functions of a
`common e-purse, the e-purse in a CPU card boasts of all
`transaction functions of a complex application e—purse along
`with the complex-loading function, and the complex-loading
`of the e-purse in a CPU card is executed at a CPU terminal.
`When complex-loading ofthe e-purse in a CPU card, it corn-
`putes a transaction amount and a value specially defined in the
`complex application specific file with predetermined algo-
`rithm to obtain a new amount and adds the new amount to
`balance of the e-purse, and correspondingly the payment is
`executed with the balance in case of paying.
`[0025] As shown in FIG. 2, a method for complex loading
`of an e—purse in a CPU card includes steps as follows.
`[0026]
`Step 101, a CPU card enters into a contactless induc-
`tion area of a terminal, is powered up and initialized.
`[0027]
`Step 102, receive a complex-loading initializing
`instruction INITIALIZE FOR CAPP LOAD sent by the ter-
`minal, read and store data in the instruction.
`[0028]
`In the embodiment, the complex-loading initializ-
`ing instruction INITIALIZE FOR CAPP LOAD is used for
`initializing the complex-loading transaction, and message in
`the instruction INITIALIZE FOR CAPP LOAD is comprised
`of an instruction header and an instruction body, which are
`respectively (CLA INS+P1+P2) and (Lc+Data+Le).
`[0029] CLA+INS+P1+P2 refer to the instruction header
`and Le +Data+Le refer to the instruction body. The instruction
`header includes codes ofthe instruction, ofwhich CLA refers
`to type of the instruction, INS to codes of the instruction, P1
`and P2 to parameters of the instruction respectively. Of the
`instruction body, Lc refers to size of the data in Data field,
`Data to data in the instruction INITIALIZE FOR CAPP
`LOAD and Le to the maximum number of bytes in APDU
`data field.
`[0030] The data in Data field of the instruction INITIAL-
`IZE FOR CAPP LOAD includes a key indexing number, a
`transaction amount and a terminal number in the embodi—
`ment.
`
`Specifically, the received instruction INITIALIZE
`[0031]
`FOR CA 3P LOAD in the embodiment is 80 50 06 02 0B 02
`
`00 00 03 ES 00 00 00 00 00 Ol 10, ofwhich 80 refers to CLA,
`50 to INS, 06 to P1 which is defined as a complex-loading
`initializing flag, 02 to P2 which is defined as an e-purse flag,
`OB to Lc, 02 to the key indexing number in Data field, 00 00
`03 E8 to the transaction amount in Data field, 00 00 00 00 00
`01 to the terminal number in Data field and 10 to Le.
`[0032]
`Step 103, check whether the CPU card itself sup-
`ports the key indexing number included in the instruction
`INITIALIZE FOR CAPP LOAD, if no, Step 104 is executed;
`if yes, Step 105 is executed.
`[0033]
`Step 104, return a status code 0x9403 to the terminal
`and end the complex loading initializing operation.
`[0034]
`Step 105, generate a four-byte pseudo -random num-
`ber and a process key.
`
`
`
`
`
`[0035] The generating process key in the embodiment
`includes steps of linking the pseudo random number, serial
`number of online transaction of the e—purse and 8000
`together, encrypting the linked data with a loading key DLK
`to obtain encrypted data, that is the process key.
`[0036]
`Step 106, compute a first message authenticating
`code MAC] with the process key.
`[0037] The computing a first message authenticating code
`MACl with the process key includes steps of linking the
`balance, transaction amount, transaction type ID and terminal
`number of the e-purse together before the transaction,
`encrypting the linked data with the process key. The first four
`bytes of the encrypted data are the first message authenticat-
`ing code MAC 1.
`[0038]
`Step 107, return a message in response to the
`instruction INITIALIZE FOR CAPP LOAD to the terminal.
`[0039] The message in response to the instruction INI-
`TIALIZE FOR CAPP LOAD is comprised of Data+swl+
`sw2, in case ofa successful execution of the instruction IN I-
`TIALIZE FOR CAPP LOAD, both status codes swl and sw2
`in the response message are 9000 and data in Data field ofthe
`response message includes balance of CPU c-pursebefore the
`transaction, serial number of online transaction of the CPU
`e—purse, version number of the key, algorithm identification
`(ID), pseudo random number and MACl;
`[0040]
`or in case of a failed execution of the instruction
`
`INITIALIZE TOR CAPP LOAD, both status codes swl and
`sw2 in the response message are not 9000 and there is not a
`DATA field.
`[0041]
`Specifically, the message in response to the instruc—
`tion INITIAL ZE FOR CAPP LOAD is 00 00 00 00 00 01 02
`03 0102 03 04 00 01 B10A 90 00.
`
`[0042]
`Step 108, receive an instruction UPDATE CAPP
`DATA CACHE for updating the complex application specific
`file sent by the terminal.
`The instruction UPDATE CAPP DATA CACHE is used for
`updating data in the complex aoplication specific file.
`The complex application specific file is comprised of a file
`header and a file body. The file header includes a two-byte
`FILEiID, one-byte FILE TYPE, two-byte FILE SIZE, one-
`
`byte AC1, one-byte AC2 and two-byte RFU. FILE TYPE 00
`indicates a binary file, 01 a fix-sized record file, 02 a change-
`able-sized record file, 03 a recycle file and 05 a key file.
`Correspondingly, File Size for a biliary file represents size of
`the file, File Size for a fix-sized record file refers to number
`and size of records, File Size for a changeable-sized record
`file to number and maximum size of records, File Size for a
`recycle file to number and size of records, and File Size for a
`key file to number and size of records. AC1 refers to a file
`reading privilege and AC2 to a file writing privilege. What is
`in the file body is data in the complex application specific file.
`[0043]
`Specifically, the complex application specific file is
`
`a binary file, and so FILE TYPE is 00, FILE SIZE refers to
`size of the file which is 000B and content in the file body is
`empty.
`Further, message ofthe instruction UPDATE CAPP
`[0044]
`DATA CACHE is comprised of CLA+INS+P1+P2 Lc+Data
`and in the embodiment, the instruction UPDATE CAPP
`DATA CACHE is 80 D6 92 B1 04 00 Ol 20 00, of which 80
`refers to CLA, D6 to INS, 92 to P1, B to P2, 04 to Le and 00
`Ol 20 00 to Data.
`
`[0045] Data in Data field ofthe instruction UPDATE CAPP
`
`DA A CACHE is new data to be written to the complex
`app ication specific file, Because special application of the
`
`
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 8 of 19
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 8 of 19
`
`
`
`US 2012/0296819 A1
`
`NOV. 22, 2012
`
`Li.)
`
`complex application specific file may be defined by a card
`distributor, so be data in Data field. Specifically, in case that
`the complex application specific file is defined as a rate file,
`data in Data field is value of the rate, such as 120%.
`[0046]
`In case of a defined rate value of 120%, data in the
`instruction UPDATE CAPP DATA CACHE may be not
`120%, but 83.3 or 20%.
`[0047] Or data in the instruction UPDATE CAPP DATA
`
`CACHE may not include a rate value, but generate a rate value
`with a transaction amount after determination of the transac—
`tion amount included in the complex loading initializing
`instruction by the CPU card. and the generated rate value is
`written to the complex application specific file.
`[0048]
`For example, in case of a transaction amount of
`RMB800 yuan in the complex loading initializing instruc-
`tion, less than the predetennined lower limit RMB2000 yuan,
`a rate value of 90% or 111.1% or 1 1.1% or RMB100 yuan is
`generated; in case of a transaction amount of RMB5000 yuan
`in the complex loading initializing instruction, between the
`predetermined lower limit RMB2000 yuan and the upper
`limit RMB6000 yuan, a rate value of 80% or 125% or 25% or
`RMB600 yuan is generated; in case ofa transaction amount of
`RMB8000 yuan in the complex loading initializing instruc—
`tion, more than the predetermined lower limit, a value of75%,
`or 133%, or 33%, or RMB2000 yuan and etc. is generated.
`[0049]
`Step 109, determine whether there is an SFI (short
`file identifier) field in the received instruction UPDATE
`CAPP DATA CACHE. ifyes. Step 110 is executed; ifno, Step
`111 is executed.
`[0050] The determining whether there is an SFI field in the
`
`instruction UPDATE CAPP DATA CACHE includes steps of
`determining whether the higher three bits of the instruction
`UPDATE CAPP DATA CACHE are 100, if yes. there is an
`SFI field and the lower five bits refer to value ofthe SFl field;
`or if no, there is not an SFI field.
`[0051]
`Specifically, P1 of the instruction UPDATE CAPP
`
`DATA CACHE is 92, which indicates that the higher three
`bits of P1 are 100 and there is an SFI field.
`[0052]
`Step 110, retrieve whether there is a file under the
`current application of the CPU card with a same SFI as the
`SEI in the instruction UPDATE CAPP DATA CACHE, ifno,
`Step 1 II is executed; if yes, Step l 12 is executed.
`[0053]
`Step 111, return a status code 0x6A82 to the tenni-
`nal and end the operation.
`[0054]
`Step 112, take the file retrieved at Step 110 as the
`complex application specific file and check whether size of
`Data field in the instruction UPDATE CAPP DATA CACHE
`is larger than size of the complex application specific file, if
`yes, Step 113 is executed; or if no, Step 114 is executed.
`[0055] Because the complex application specific file is a
`binary file, size of it is value of FILE SIZE. Step 112 specifi—
`cally is determining whether value of Lc field in the instruc—
`tion UPDATE CAPP DATA CACHE is bigger than the value
`of FILE SIZE in the complex application specific file. The
`value of Le field in the instruction UPDATE CAPP DATA
`CACHE is 04 and value ofFILE SIZE is 000B, and therefore
`size of Data field in the instruction UPDATE CAPP DATA
`CACHE is not larger than that of the complex application
`specific file.
`[0056]
`Step 113, return a sta us code 0x6A84 to the termi-
`nal and end the operation.
`[0057]
`Step 114, write data in Data field of the instruction
`
`UPDATE CAPP DATA CACF E to the complex application
`specific file and replace what is previously in it.
`
`
`
`
`
`It includes steps of writing a rate value of 120% to
`[0058]
`the complex application specific file and replacing what is
`previously in it.
`[0059] Because the complex application specific file is an
`empty file, the step is writing 00 01 20 00 in Data field of the
`
`instruction UPDATE CAPP DATA CACHE to the complex
`application specific file.
`[0060]
`In case of a rate value of 83% in the instruction
`
`UPDATE CAPP DATA CACHE, the step is writing 83.3% to
`the complex application specific file; or in case ofa rate value
`of20% in the instruction UPDATE CAPP DATA CACHE, the
`step is writing 20% into the complex application specific file.
`
`[0061] Or data in the instruction UPDATE CAPP DATA
`CACHE may not include a rate value, but generate a rate value
`with a transaction amount according to predetermined algo-
`rithm after determination of the transaction amount included
`in the complex loading initializing instruction by the CPU
`card, and then the generated rate value is written to the corn-
`plex application specific file after determining whether size of
`the generated value is larger than size of the complex appli-
`cation specific file ornot. For example, incase of atransaction
`amount ofRMB800 yuan in the complex—loading initializing
`instruction,
`less
`than the predetermined lower
`limit
`RMB2000 yuan, a rate value of 90% or 111.1% or RMB100
`yuan is generated and written to the complex application
`specific file; in case of a transaction amount of RMB5000
`yuan in the complex-loading initializing instruction, between
`the predetennined lower limit RMB2000 yuan and the upper
`limit RMB6000 yuan, a rate value of 80% or 125% or 25% or
`RMBGOO yuan is generated and written to the complex appli-
`cation speeific file;
`in case of a transaction amount of
`RMB8000 yuan in the complex-loading initializing instruc-
`tion, bigger than the predetermined upper limit RMB6000
`yuan, a rate value of 75% or 133% or 33% or RMB2000 yuan
`is generated and written to the complex application specific
`file.
`Step 115, return a message in response to the
`[0062]
`
`instruction UPDATE CAPP DATA CACHE to the terminal.
`[0063] The message in response to the instruction
`
`UPDATE CAPP DATA CACHE is comprised of swl+sw2
`and there is not a DATA field. In case ofa successful execution
`ofthe instruction, the response message is 9000 while in case
`of a failed execution of the instruction, the response message
`is not 9000.
`[0064]
`Step 116, receive the complex-loading instruction
`CREDIT FOR CAPP LOAD sent by the terminal, read and
`store data in Data field of the instruction.
`[0065] The complex-loading instruction CREDIT FOR
`CAPP LOAD is used for complex loading the transaction, and
`message of the instruction CREDIT FOR CAPP LOAD is
`comprised ofCLA+lNS+P1+P2+Lc+Data+Le, ofwhich data
`in Data field includes transaction date, transaction time and a
`second message authenticating code MAC2.
`[0066] The received instruction CREDIT FOR CAPP
`LOAD is 80 52 00 00 0B 07 DA 06 08 0A 14 2D 00 01 Al OB
`08, ofwhich 80 refers to CIA, 52 to INS, 00 to Pt, 00 to P2,
`0B to Le, 07 DA 06 08 to transaction date in Data field, 0A 14
`2D to the transaction time in Data field, 00 01 A1 0B to MAC2
`in Data field and 08 to Le.
`[0067]
`Step 117, authenticate whether the second message
`authenticating code MAC2 is valid,
`if no, Step I 18 is
`executed; or if yes, Step 119 is executed.
`[0068] The authenticating whether MAC2 is valid includes
`steps of linking the transaction amount, transaction type id,
`
`
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 9 of 19
`
`GOOG-1024
`Google LLC v. RFCyber Corp. / Page 9 of 19
`
`
`
`US 2012/0296819 A1
`
`Nov. 22, 2012
`
`terminal number, transaction date and time together, encrypt-
`ing the linked data with the process key generated at step 105,
`and comparing the first four bytes of the encrypted data to
`MAC2 in Data field of the instruction CREDIT FOR CAPP
`LOAD, if a match is not found, MAC2 is invalid; or if a match
`is found, MAC2 is valid.
`[0069]
`Step 118, return a status code 0x9302 to the terminal
`and prompt an invalid MACZ.
`[0070]
`Step 119, add 1 to the serial number of online trans—
`action of the e—purse, compute the transaction amount and
`value in the complex application specific file with a predeter-
`mined algorithm to obtain a new amount and add the new
`amount to balance of the e-purse.
`[0071] The predetermined algorithm includes multiplex,
`division, addition, subtraction and various combinations of
`the four algorithms.
`[0072]
`Further, value in the complex application specific
`file refers to a rate value, for example 120%, and in case of a
`transaction amount of RMB1000 yuan and a balance of
`RMBO yuan in the e-purse, a new amount RMB1200 yuan is
`obtained by multiplexing the transaction amount RMB1000
`yuan by the rate value of 120% recorded in the complex
`application specific file, and then a new balance RMB1200
`yuan is obtained by adding the new amount RMB1200 yuan
`to the balance RMBO yuan of the e-purse, and so the new
`balance RMB1200 yuan of the e-purse is bigger than the
`transaction amount RMB1000 yuan plus the balance RMEO
`yuan of the e-pursc.
`[0073]
`In case of a rate value of 83.3% being written in the
`complex application specific file, if the transaction amount is
`RMB 1000 yuan and balance of the e-purse is RMEO yuan, a
`new amount RMBl 200 yuan is obtained by dividing the
`transaction amount RMB1000 yuan by the rate value of
`83.3%, and a new balance RMB1200 is obtained by adding
`the new amount RMB1200 yuan to the balance RMBO yuan
`of the e—purse and the new balance RMB yuan of the e—purse
`is bigger than the transact