IC储值卡在连锁店中的应用系统中的使用 IC cards in the chain of the use of system

一、应用背景 First, background

随着社会的发展，商业竞争的日益加剧。 With the development of society, the growing commercial competition. 为应对市场竞争，经营者采取了多种经营手段或措施，如实行贵宾卡，消费积分等。 To cope with market competition, operators adopted a variety of operating means or measures, such as a VIP, and other consumer points. 但就如何吸引客户、留住客户；并加强对各分店的管理控制能力，成为每个经营者所关心的问题。 But how to attract customers, retain customers, and to strengthen its ability to control the management of stores, as each operator concerns. 清华同方推出的连锁店会员卡管理系统，为经营者提供先进可靠的管理手段。 Tsinghua Tongfang launched chains membership card management system for operators to provide advanced and reliable management tool.

二、设计目标 Second, the design goal

利用IC卡作为安全有效数据的载体，借助于POS机的强大功能，构成简单、方便、易用的连锁店管理系统。 Use of IC card as a safe and effective vector data, the help of the power of the POS machine, a simple, convenient, easy-to-use chain management system. 主要设计目标： Main design goals:

安全方便的对IC储值卡的发售管理，保证IC卡信息的安全。 Safe and convenient IC card on the sale of management, guarantee the safety of IC card information.
实现灵活多变的销售方式，最大程度的满足顾客的不同需求，提高实业的竞争力。 Achieve flexible sales methods, the greatest degree of meet the different needs of customers, improving the competitiveness of enterprises.

支持多种通讯方式实现数据传输交换工作，实现数据的统计分析、查询、打印等功能提高工作效率和管理水平，杜绝重复性工作，节约运营成本。 Support multiple forms of communication to achieve the exchange of data transmission, data statistical analysis, query, print functions, such as improved efficiency and management, and eliminate repetitive work, saving operating costs.

三、方案组成 Third, the programme of

针对连锁店的业务流程分析，系统主要有卡片的发行管理、日常业务处理、数据的传输三部分构成。 For the business process chain analysis, the system mainly the issuance of the card management, day-to-day business processing, data transmission consists of three parts. IC卡作为储值的电子货币，使用时所有操作由终端独立完成，完全摆脱终端对网络的依赖性，对网络的要求不高，对网络的定时性和敏感性要求低，其结构流程如下： IC card as a stored-value electronic currency, used by all terminal operations independently, completely free from the dependence of the network terminal, the main requirement for the network, the network and the timing requirements of low sensitivity, and the structure of process are as follows:

四、实现功能 Fourth, to achieve functional

POS简介：作为嵌入式产品，随着基于网络的各种应用日益普及，具有操作简便、功能实用、使用安全的POS产品大量普及，根据使用情况大致分为手持式POS、POS终端两种。 POS Description: As embedded products, as Web-based applications become increasingly popular, is simple, functional and practical, the safe use of POS products mass produced, according to the use of roughly divided into handheld POS, POS terminals two. 它们都为用户提供一个通用的应用开发平台，用户的不同需求通过编制不同的应用程序来，方便灵活的实现程序的下载、数据传输等工作。 They are for users with a common application development platform, users through the different needs of different applications, convenient and flexible procedures for the realization of the download, data transmission and so on. 同时具有多种的网络连接方式。 At the same time with a variety of network connections. 用户可轻松、方便、安全、高效地构造各种IC卡的应用系统。 Users can easily, convenient, safe and efficient structure of the IC card applications.

1． 1. 卡片的发行与管理 Card issuance and management

卡片的发行管理工作在连锁总店完成，首先是卡的预处理：对所有的卡片提前写入实业的控制密钥，采用统一的密钥管理，防止卡片的非法访问和复制。 Cards issued in the management of the chain outlet completed, the first card is the pretreatment: all the cards into the early control of key enterprises, the adoption of a unified key management to prevent the unauthorized access cards and reproduction. 同时生成各级操作管理人员的操作权限卡，如：管理员卡、终端操作员卡。 At the same time generating operation and management staff at all levels of competence card operation, such as: Administrators cards, terminal operators card. 防止非法人员对系统的访问和对终端的操作。 Staff on the system to prevent illegal access and the operation of the terminal. 保证系统的安全运行。 Guarantee the safe operation of system.

用户卡（会员卡）的发行，系统首先验证操作人员的权限，通过后系统根据控制密钥通过特定的算法生成访问密钥写入卡中，同时在卡内写入预定的金额、其他信息等。 Card users (membership cards) the issuance of the first test operating system the authority, after the passage of key system under control through specific access key generation algorithm into the card, while the card into the predetermined amount of other information . 系统自动记录发卡记录和操作记录。 System automatically records the card issuer records and operations records.

完成对POS各种功能的设定。 Complete POS features settings. 应用程序的写入及算法的加载。 Application procedures and algorithms into the loading.

2． 2. 日常业务处理 Dealing with day-to-day business
完成IC储值卡的销售工作。 IC cards to complete the sale.
无论采用上门销售还是其他的销售方式，业务流程大致相同，首先是验证功能：开机，首先由终端对操作人员进行合法性验证。 No matter door sales or other sales, business processes roughly the same, first of all, is the certification function: boot, the first from the terminal operators to verify legitimacy. 当客户出示会员卡进行消费时，由终端对对会员卡进行验证工作，验证流程是：终端读取卡片内的用户或操作人员的ID好，通过预装在终端中的特定算法生成访问密钥，与读取的卡片密钥进行比较。 When a customer to produce membership cards for consumption by end-to-Member Card certification, the certification process is: the card reader terminal user ID or operator of the well, through pre-installed on the specific terminal access key generation algorithm , and read the card keys for comparison. 相同验证通过。 Through the same certification.
正常业务处理完成之后，交易流水自动写入POS和用户会员卡中。 Normal business after the completion of processing, transaction flow automatically into the POS and user membership card. 以便进行数据的传输和查询。 For data transmission and enquiries.

3． 3. 数据的传输 Data transmission

根据各连锁分店的不同情况，定期或不定期选用不同的联网方式进行数据的传输，实现与各连锁店各种信息的电子交换。 According to the different circumstances of chain stores, regular or irregular selection of a variety of networking data transmission, and the realization of the chain of electronic information exchange.

系统提供多种联结方式，局域网、公用电话信息网、数据采集卡（终端及单独使用时）进行数据交换。 System provides a wide range of links, LAN, telephones information network, data acquisition card (terminals and separate use) for data exchange. 如：交易流水、各户信息等。 Such as: water transactions, households information.

通过管理软件实现方便的对信息进行汇总分析，对配送中心和连锁店的进、销、配、存进行管理。 Through management software to facilitate the realization of a meta-analysis of the information on the distribution centers and stores the import and sale, distribution, depositors management. 使资源有效利用。 Make efficient use of resources. 为领导决策提供依据。 To provide a basis for decision-making leadership. 对消费需求进行科学分析。 Consumer demand for scientific analysis.

4． 4. 可扩展功能 Can be extended functionality
以上给出系统的基本功能，根据用户的实际需求，可方便的对系统实现功能的扩充，非常方便简单。 System is more than the basic functions, in accordance with the actual needs of users, the system can be easily expanded to achieve functional, very simple convenience. 如：借助于IC卡实现连锁的配货的电子管理；实现消费积分的功能。 Such as: With the IC card achieve配货electronic chain management; to achieve consumer integral function. 只需修改POS的内部应用程序即可。 Only a modification of the internal POS application procedures.

五、安全性分析 5, security analysis

系统采用统一密钥管理来实现密钥的安全管理． Adoption of a unified key management system to achieve key security management. 密钥管理系统采用特定的加密算法进行加密，实现卡片信息的安全。 Key Management system uses specific encryption algorithm to encrypt and realize card information secure. 终端采用操作权限管理方式，充分保证终端不被非法访问。 Terminal operators use rights management, fully guarantee the terminal will not be illegal visit.

卡与终端设备的相互认证是直接的、无中间环节的，不经过终端设备的动态链接库认证，均在终端内部以密文的形式进行相互认证，信息不外露，保证系统的安全运行。 Card and the terminal equipment is a direct mutual authentication, without intermediate links, and not through the terminal equipment dynamic link library certification, in the terminal are internal to the text of the form of mutual authentication, the information is not exposed to ensure the safe operation of system.

卡内信息的读取需进行密钥验证，并且每张卡的读写密钥有特定加密算法生成，保证卡内信息不被非法读取，同时所有的操作均在实业的控制密钥下进行。 Read the card information required key authentication, and each card readers with specific encryption key generation algorithm to ensure that the card information from unauthorized reading, and all the operations are in the enterprise under the control key .