Keywords

1 Background

With the continuous construction of our country’s informatization and the continuous popularization of network technology, Internet technology is widely used in society, and new technologies and concepts are constantly emerging, such as: IPv6, 5G, face recognition, biotechnology, drones, block Chain, big data, virtualization, edge computing, etc. [1, 2]. The rapid development of informatization has promoted the construction of informatization in universities and promoted the rapid development of all aspects of informatization in universities. The campus all-in-one card system, which is one of the foundations and core platforms of university informatization, has developed from only solving the problems of canteen catering, shower hot water, supermarket shopping, etc., to covering almost all the campus life: studying, teaching and research by teachers and students. The continuous increasing of business requirement and information system requirement in university has brought higher requirements for third-party docking in campus information system [12, 14]. While exploring the construction of the campus all-in-one card, this article explores the physical card, virtual card, third-party business system docking, and electronic campus card identity data docking. Provide solutions for the construction of a new generation of campus card.

2 Campus Cards and System

At present, the campus all-in-one card system forms an informatized closed-loop management of cards, accounts, and accounts based on service programs, databases, network technology, and terminal equipment. At the same time, it is integrated and linked with other systems through docking. All teachers, students and staff of the school only need to hold one campus card, which replaces all the previous certificates, including student ID, teacher ID, library ID, dining card, student medical ID, boarding card, access card, etc. The campus all-in-one card system is the main framework for supporting and running information-based campus applications [7, 11]. Most of it adopts C/S architecture [3]. In the same time, we are talking about another system architecture which uses front-end server or docking server to be compatible with third-party systems and equipment to realize the campus information system. The system business covers all aspects of the teachers and students in the school. The business scope includes: data business, card business, finance, consumer business, water control business, electronic control business, vehicle business, access control business, storage subsidy business, secret key business, etc. [4, 10].

Recently, most campus cards use radio frequency contactless IC cards, and the main card model is the Mifare1 series (M1 card for short) produced by NXP. At the same time, some colleges and universities have adopted CPU chip cards, and most college users use the FM series of Shanghai Fudan Microelectronics (such as FM1208 card, FM1208M01 card, FM1280M-JAVA card). In terms of card security, the CPU card has a central memory (CPU), storage units (ROM, RAM and EEPROM) and a card operating system (COS). The CPU card is not just a single contactless card, but a COS application platform of the system. The CPU card equipped with COS not only has the function of data storage, but also has the functions of command processing, calculation and data encryption. The characteristics of the card surface of the CPU card and the security technology of COS provide a double security guarantee, which can realize the true meaning of one card and multiple applications. Each application is independent of each other and controlled by its own key management system, and storage large capacity. The dynamic password is used by the CPU card, and it is the same card with one password, each time the card is swiped, the authentication password is different, which can effectively prevent security vulnerabilities such as duplicate cards, copy cards, malicious modification of the data on the card, and effectively improve the entire system security. Compare these types of current campus cards as follows (Table 1).

Table 1. Types of current campus cards examples.
Full size table

3 Campus Card Data

The campus card data is the management of cards, accounts, and bills. In the management of accounts, there are different groups of people in different universities, but they all have similar problems and difficulties: data comes from different business departments and systems; there is a lack of system docking between systems, data is isolated, and the systems cannot be linked; data quality is not high due to sparse management; coupled with changes in departmental business and other reasons, it has caused a variety of data and accumulation of historical data. In this paper, the data has been cleaned up, mainly according to the management of the cards and accounts to sort out teachers, students, and other users, and sort out five categories and 28 sub categories of personnel. At the same time, it is connected to the business system, and based on this, we combined with the business and department to screen and clear the data, to solve the problems of management, data, and users in the campus card system. Getting through the business systems of various business departments has played a key step in the future data linkage and data sharing.

4 Physical Card and Virtual Card

After more than ten years of development, physical cards, as the main carrier of identity recognition and campus consumption, have become an indispensable part of the campus all-in-one card system. The main advantages of using physical cards are: easy to carry, high reliability, gradual improvement in security, and convenient to use; but at the same time, physical cards also have many shortcomings: recharge problems, card replacement problems, lost and forgotten problems, card-not-equal-database problems, etc. [15].

With the rapid development of mobile Internet technology and information technology, based on the physical card, the concept of a virtual campus card is proposed. In essence, the virtual campus card is an extension of the mobile Internet service on the existing one-card system [2, 5]. The virtual campus card is a kind of virtual card that is bound to the physical card and can replace the physical card for identity recognition and campus consumption. Teachers and students can use this virtual card to realize consumption and identification at any time. The main advantages of the virtual campus card are: convenient management and function expansion, there is no management cost of the physical card, the virtual card does not have the problem of loss, there is no problem of replacing the card, it can cover most all the campus scene. Of course, the virtual campus card also has some shortcomings: the usage of water control problem, can’t be identity cards, data losing problem, high dependence on the network, and the security problem that breaks the closed environment of the private network.

The virtual campus card system adopts Internet technology, mobile application technology, payment technology, etc., unified data management, cards can use multiple carriers, and expand payment methods. The current carriers include: handset terminals with NFC, QR (Quick Response) code, biometrics, web account and passwords, etc. Scanning the QR code is the most common way to realize the virtual campus card. We divide the scanning code into two ways: the Scan and the Scanned. The Scan: The device held by the consumer (user) scans the device or the QR code of the payee (merchant). The Scanned: The QR code generated by the consumer is scanned by the payee.

The process of Scan is:

  1. 1)

    The machine adopts a static QR code that has been generated or a dynamic QR code generated after entering the amount.

  2. 2)

    The consumer scans the QR code and obtains the information, and then applies to the payment platform.

  3. 3)

    The payment platform and the all-in-one card backend perform data verification and conduct transaction processing.

  4. 4)

    The transaction result is returned to the machine tool and the consumer.

The process of Scanned is:

  1. 1)

    The consumer generates a dynamic QR code on the APP or webpage on the handset device.

  2. 2)

    The machine scans the consumer’s QR code, enters the amount, and asks the background for data verification. And initiate a transaction request.

  3. 3)

    The payment platform and the all-in-one card background complete data verification and complete the transaction.

  4. 4)

    The transaction result is returned to the machine tool and the consumer.

The following figure is a simplified diagram of the virtual campus card usage (Fig. 1):

Fig. 1.
figure 1

Virtual campus card usage

Full size image

5 System Design and Account Modes

The design of the system was implemented in four-layers architecture: Interface layer, Application service layer, Data access layer and Bus service layer. The service content that the platform providing: data access service, security service, infrastructure service, management service, development service, resource management service.

Data access service: Responsible for providing services such as the definition, storage and query of data resources, realizing centralized management of data, and ensuring the legality and integrity of data resources.

Security Service: Responsible for protecting every layer and network from unnecessary threats. Responsible for protecting the legality, integrity and security of data interaction and data communication between each layer of the architecture.

Infrastructure services: Provide efficient use of resources, ensure a complete operating environment, balance workloads to meet service requirement, isolate workload to avoid interference, perform maintenance, secure access, trusted business and data processes, simplify overall system management.

Management services: Provide management tools to monitor service flow, underlying system status, resource utilization, service target realization, management strategy execution, and failure recovery.

Development Service: Provide a complete set of development tools for system expansion.

Resource management service: A service that manages application services registered and running under the architecture.

The most important thing in the design of the above campus card system is to solve the accounting problem. At present, the usual account models are divided into the following types:

  • Offline mode: transactions are carried out based on the card electronic wallet. This mode is not affected by the factors such as: the network and background, and can be used for offline consumption. However, offline consumption data cannot be uploaded in time, resulting in inconsistency between the balance on the card and the amount of the back-end account (data-base); if the card is dropped and the card is replaced at this time, there will be an inconsistency between the card and the amount in the data-base. If the equipment was broken at this time, there will be data loss Case.

  • Online mode: transactions are carried out based on the background online account, and the card is for the identification. This model is the realization of the account model of the virtual campus card. The recharge will be credited to the account in real time and will not be affected by the loss of the physical card. But the biggest disadvantage is the reliance on the network. If the network or the background platform fails, it will affect business processing.

  • Offline mode with online allowed: When connected to the Internet, transactions are carried out based on the back-end online account. The transaction is successfully written into the card electronic wallet. When the terminal is not connected to the Internet, the card electronic wallet shall prevail. The biggest advantage of this mode is that it can have the advantages of the online mode when the network is fine, and can handle the business in the offline mode when the network is blocked. But this mode also has the disadvantages of the offline mode.

  • Online account with electronic wallet separation mode: one user has two accounts, online account and offline wallet, the two accounts are independent of each other. This mode is a fusion of offline mode and online mode. There are advantages of these two modes as well as disadvantages of these two modes. There are two accounts for users at the same time, which may cause confusion for users.

The above account model analyses several existing account methods, and each university will choose a different method according to its own situation. At present, physical cards mainly use offline mode, while virtual campus cards mostly use online mode. Different account models can also be selected according to different requirements to facilitate the management of system reconciliation.

6 Data Docking

The realization of the virtual campus card can be based on the existing all-in-one card system to expand payment methods. Currently, the methods include: Alipay payment, WeChat payment, Integration payment and so on. Use APP, Web, WeChat, Alipay, etc. However, it’s difficult to expand the market of the APP. And it’s easy to use the H5 webpage method for multi-party connection. On the other hand, with the expanding of the mobile Internet, the WeChat and Alipay method has also been widely used. Alipay has an Alipay electronic campus card, WeChat has a Tencent WeiXiao electronic campus card, and the Integration payment party also has its own electronic campus card. We use Alipay as an example to explain the identity authentication and consumption of the electronic campus card.

The Alipay electronic campus card mainly uses the interface to identify the identity of people, so it does not affect the existing data access and business processing of the original campus system. All accounting and transactions are completed in Alipay system. Users only need to apply for an electronic campus card. When users receive the electronic campus card in the Alipay card package, they need to initiate an identity authentication request to the background to confirm whether the user has the authentication. Only the person who have passed the certification can receive the electronic campus card. The application for e-campus card is as follows (Fig. 2):

Fig. 2.
figure 2

The processing of e-campus card

Full size image

The campus all-in-one card database stores identity data. In order to reduce the access pressure to the campus card system and security considerations, a data cache server is added between the campus card database and Alipay APP. The campus card database regularly pushes data to the cache server, and Alipay accesses the data cache server to verify user’s identity.

For information security concerning:

  1. 1)

    The campus card identity database only needs to periodically synchronize the latest identity data with the data cache server, which does not affect the existing business of the campus card system.

  2. 2)

    The data cache server is stored in the machinery room to reduce the risk of data leakage.

  3. 3)

    The data cache server opens the firewall, and only opens the public network access permissions for certain necessary ports.

  4. 4)

    Set the access IP whitelist and only allow Alipay server access.

  5. 5)

    When accessing data, a strict encryption and signature mechanism is used to ensure communication security.

At present, this method has been used for identity authentication and consumption in some schools. With the continuous expansion in the later period, it can be extended to other all-in-one cards scenarios.

7 Summary

With the exploration of campus all-in-one card construction, we can see a development trend from physical cards to virtual cards. Comparing the physical cards and virtual cards, we can see that from the saving money, facilitating management, and improving user experience, virtual cards have brought more convenience to schools, but from the current development, virtual cards cannot completely replace the physical cards. At the same time, the virtual cards also need to rely on the current campus card system. There are also defects in the usage of virtual cards, such as the using water control. Due to the dependence of virtual cards on handset terminals, there will be inconveniences when using water control. Of course, there are other solutions that can be found, such as the express delivery method, using temporary digital string generation.

In general, virtual cards and physical cards will co-exist in the campus all-in-one card field, and virtual cards will be a direction for the development of all-in-one cards. With the advancement of technology and practice, the campus all-in-one card will much more focus on users. Based on the existing all-in-one card platform, it is believed that more user-friendly forms and methods will be adopted and used.