1、12E019 中国移动NFC手机钱包客户端规范V100Communication Industry Standard of the Peoples Republic of ChinaQB-E-019-2012Specification of NFC-Based Mobile Wallet ClientVersion No.: 1.0.0Issue date: August 27, 2012 Implementation date: August 27, 2012Issued by China Mobile Communications CorporationContentsPreface II
2、1 Scope 12 Normative Reference 13 Term, Definition and Abbreviation 13.1 Abbreviation 13.2 Term 24 Service Overview 26 Function Requirements 46.1 User registration 46.2 User certification 46.3 Installed application management 46.4 Installable application management 56.5 Reverse activation 66.6 APDU
3、forwarding 66.7 SIM Access API calling 76.8 Logoff 76.9 Preferential WLAN access 76.10 Mobile wallet client update 76.11 Client login password management 77 Service Process 77.1 User registration 87.2 User certification 87.3 Installable application list query 87.4 Application search 97.5 Make commen
4、ts 107.6 Application installation 117.7 Application update 117.8 Application uninstalling 117.9 Mobile wallet client update 117.10 Logoff 128 Interface Requirements 138.1 Interface between mobile wallet and trusted service manager 138.2 SIM Access API 139 Safety Requirements 139.1. Communication sec
5、urity 149.2. Data storage security 149.3 Availability 1410 Definition Rules of Mobile Wallet Client Version 1511. Preparation History 15PrefaceThis standard specifies overall requirements for the content of mobile wallet client to be regulated as needed during the performence of services. It is the
6、programmatic technical document that the development of Mobile Wallet Client must comply with. This standard mainly contains the following aspects: service overview, function requirements, service process, interface requirements, version definition rules, etc. This standard is one of the contactless
7、 service series standards that are structured, named or to be named as follows:S/NStandard No.Standard Name1QB-E-014-2012General Technical Specification of Contactless Service2QB-E-015-2012Mobile Terminal Application Basic Capacity Technical Specification NFC Part3QB-E-016-2012Technical Specificatio
8、n for CMCC User Card Application Basic Capacity4QB-E-017-2012Technical Specification for CMCC User Card Application Basic Capacity Application Development API Part5QB-E-018-2012Specification for CMCC Trusted Service Manager Equipment6QB-E-019-2012Specification for NFC-Based Mobile Wallet Client7QB-F
9、-010-2012Safety specification for CMCC Electronic Commerce Service - General Requirements PartThis standard should be used with contactless service series standards.This standard was issued and printed by ZYJ (2012) No. 148 document. This standard was proposed by the Data Department of CMCC and unde
10、r the jurisdiction of the Technology Department of CMCC.Drafting organization of this standard: CMCC Research Institute. Main drafters of this standard: Li Zheng, Ding Lijuan, Ren Xiaoming, Lu Ming, Wu Xiaoqian, Li Yaqiang, Yu Yuan, Guo Manxue and Huang Gengsheng.1 ScopeThis standard specifies funct
11、ions and technical requirements related to the mobile wallet client and is only for internal use of CMCC.2 Normative ReferenceThe following documents contain provisions which, through reference in this text, constitute provisions of this standard. For dated reference, subsequent amendments to, or re
12、visions of, any of these publications do not apply (excluding any Corrigendum). However, parties to agreements based on this standard are encouraged to investigate the possibility of applying the most recent edition of the standards indicated below. For undated references, the latest edition of the
13、normative document referred to applies.S/N.Standard No.Standard NameIssued by1QB-E-014-2012General Technical Specification of Contactless ServiceChina Mobile Communications Corporation2QB-E-015-2012Mobile Terminal Application Basic Capacity Technical Specification - NFC PartChina Mobile Communicatio
14、ns Corporation3QB-E-016-2012Technical Specification for CMCC User Card Application Basic CapacityChina Mobile Communications Corporation4QB-E-018-2012Specification for CMCC Trusted Service Manager EquipmentChina Mobile Communications Corporation5QB-F-010-2012Safety Specification for CMCC Electronic
15、Commerce Service - General Requirements PartChina Mobile Communications Corporation5General Technical Scheme for Preferential WLAN Access in Self-Service China Mobile Communications Corporation3 Term, Definition and Abbreviation3.1 Abbreviation AbbreviationMeaningAPDUApplication Protocol Data Unit 应
16、用协议数据单元APIApplication Programming Interface 应用程序接口CMS2ACChina Mobile Security and Multi-Space Application Card 运营商安全多安全域多应用卡3DESTriple Data Encryption algorithm 三重数据加密算法DESData Encryption Algorithm 数据加密算法IMSIInternational Mobile Subscriber Identity 国际移动用户识别码NFCNear Field Communication 近距离无线通信PINPers
17、onal Identification Number 个人标识符 POSPoint of Sale 销售终端SHA-1Secure Hash Algorithm 安全哈希算法SIMSubscriber Identity Module 用户识别模块SSLSecure Sockets Layer 安全套接层SWPSingle Wire Protocol 单线协议SESecurity Element 安全模块TSMTrusted Service Manager 多应用开放平台WLANWireless Local Area Network 无线局域网络3.2 TermTermMeaningConfid
18、entialityThe status of information not obtained by users or entities that are unauthorized IntegrityInformation is not changed or damaged without being unauthorized.Security domainIt is a kind of logic domains in SE. Every domain is responsible for managing applicable secret keys, to ensure applicat
19、ions and data from different providers coexist with the same SE and will not destroy the confidentiality and integrity of each other.SWP SIM cardSIM card supporting SWP protocolNFC terminalUser mobile device supporting contactless technology and achieving near field communicationSecurity ElementA ch
20、ip module storing NFC application and user sensible data, and implementing safe keys calculation. 4 Service OverviewMobile wallet client is an intelligent management software managing SE resource and applications with the installation on mobile over the air, which is usually applied to the trusted s
21、ervice manager, and its also an access channel of trusted service manager service through mobiles. Mobile wallet client is required to install on the NFC mobile terminals complying with the requirements of CMCC. See General Technical Specification of Contactless Service for management functions of S
22、E 5 Logical Architecture ChartFig. 5-1 Location of Client in the SystemClient has seven function modules:1) User interaction module: accept user operations, call service logical modules to execute command, and respond the execution results. 2) Service logic module: provide service interface for inte
23、raction module and asynchronous callback of the execution results to the user interaction module. 3) Application management module: responsible for maintaining local installed application list. Store local application list through storage module.4) SE operation module: packaging conducts communicati
24、on operation of interaction APDU in SE module, call SIM Access API and SE. 5) Security Element: realize encrypt and decryption of data, and conduct data summary algorithm, and support 3DES and SHA-1 summary algorithm.6) Storage module: provide storage of application configuration, user information a
25、nd installed application information data.7) Network communication module: communicate with the trusted service manager. 6 Function Requirements6.1 User registrationSE has no connection with mobile numbers on the trusted service manager. If a user starts the client, the user must register first. Onl
26、y when it succeeds can functions be started. Before registration, users are required to browse and accept User Utilization Protocol in electronic edition; meanwhile, the client is required to obtain SE-ID information from SE automatically, and function start information carrying such information is
27、passed on to trusted service managers. The client will save SE-ID and TOKEN which is allocated by the trusted service manager, and enter the first interface of client, after successful registration. If registration fails, the client will give relevant prompts and quit. To start the client next time,
28、 registration is also needed. 6.2 User certificationAfter user registration succeeds, when mobile wallet client is started, it will take SE-ID and TOKEN with certification information and pass on to the trusted service manager, requesting for certification.After successful certification, mobile wall
29、et client will automatically check the status of installed application client. (If none application is installed, skip this step.) Enter the main interface directly, once any uninstallation of application client is founded, main interface should have some relevant prompts. If certification succeeds,
30、 user can use all the functions in mobile wallet client. If certification fails, the mobile wallet client can also enter main interface. User is only able to browse installed application list of mobile wallet client local memory rather than use other functions.6.3 Installed application management6.3
31、.1 Installed application displayAfter mobile wallet successfully certificates, enter the first interface where user installed application list can be browsed.If the user clicks the application icon in the list, application function can be started, entering application interface. If there is new edition to installed application, prompt updatable should appear in client. 6.3.2 Installed application settingUser can set some application as the default consumption card in some industry. When punching the ca
