JP7430165B2 - Server and its payment processing method, server user authentication method - Google Patents

Description

Embodiments disclosed herein relate to a server, a payment processing method thereof, and a server user authentication method.

With the development of IT technology and the spread of smartphones, various payment services are being developed that break away from traditional payment methods such as existing cash payments and card payments. There are various payment services such as Apple Pay and Samsung Pay that use smartphones. Electronic payment services using biometric information exist or are being developed.

However, payment services using smartphones have the inconvenience of having to carry the smartphone at all times when making payments, and if the smartphone is lost, personal information such as saved card information and payment-related information may be leaked. be. Furthermore, in the case of an electronic payment service that uses biometric information of a user, there is a risk that the user's personal information may be leaked by storing the acquired biometric information of the user as is.

An object of the embodiments disclosed in this specification is to provide a server, a payment processing method thereof, and a server user authentication method that can provide payment services with improved user convenience.

One purpose of the embodiments disclosed in this specification is to provide a server, a payment processing method thereof, and a server user authentication method that can provide payment services with improved security.

The technical problems of the embodiments disclosed in this specification are not limited to the above-mentioned technical problems, and other technical problems not mentioned can be clearly understood by those skilled in the art from the following description.

The server according to an embodiment disclosed herein includes an information management unit that manages user information of users who have subscribed to a payment service, and user identification information from a user terminal of each user who has subscribed to the payment service. and a communication unit that receives store identification information, and an analysis unit that generates at least one target set by classifying user information of each user who has subscribed to the payment service based on the store identification information. good.

In one embodiment, user information of at least one user included in a corresponding target set corresponding to merchant identification information included in a payment request received from a merchant terminal among the at least one target set; The payment method may further include a user authentication unit that performs user authentication by preferentially comparing the biometric information of the user included in the payment request.

In one embodiment, the user information may further include payment history information.

In one embodiment, the analysis unit additionally identifies a user whose number of payments included in the payment history information is equal to or greater than a reference value among at least one user included in the corresponding target set. , may generate a detail set.

In one embodiment, the analysis unit generates payment pattern information of users who have subscribed to the payment service using the payment history information, and the at least one person included in the corresponding target set based on the payment pattern information. A detail set may be generated by additionally identifying users of the .

In one embodiment, the user information further includes shop stay time information, and the analysis unit is configured to analyze a user who has a shop stay time equal to or longer than a reference time among at least one user included in the corresponding target set. A detail set may be generated by additionally identifying .

The server according to an embodiment disclosed herein includes an information management unit that manages user information of users who have subscribed to a payment service, and user identification information from a user terminal of each user who has subscribed to the payment service. and a communication unit that receives store identification information and receives a payment request from a store terminal that includes the store identification information of the store corresponding to the store terminal and the biometric information of the target user, and the use of each user who has subscribed to the payment service. an analysis unit that generates at least one target set by classifying customer information based on the store identification information, and a response corresponding to the store identification information included in the payment request among the at least one target set; A user authentication unit that performs user authentication for the target user using user information of at least one user included in the target set and biometric information of the target user, and generates a user authentication result. and a payment processing unit that processes the payment request using user information of the target user based on the user authentication result.

In one embodiment, the user authentication unit compares user information of at least one user included in the corresponding target set with biometric information of the target user, thereby identifying the user information of the target user. User authentication may be performed for

In one embodiment, the user information may further include payment history information.

In one embodiment, the analysis unit additionally identifies a user whose number of payments included in the payment history information is equal to or greater than a reference value among at least one user included in the corresponding target set. , may generate a detail set.

In one embodiment, the analysis unit uses the payment history information to generate payment pattern information for each user who has subscribed to the payment service, and based on the payment pattern information, the analysis unit generates payment pattern information for each user who has subscribed to the payment service, and The detail set may be generated by additionally identifying at least one user.

In one embodiment, the user information further includes shop stay time information, and the analysis unit is configured to analyze a user who has a shop stay time equal to or longer than a reference time among at least one user included in the corresponding target set. A detail set may be generated by additionally identifying .

In one embodiment, the communication unit may receive the user identification information and store identification information when the user terminal is sensed by a sensing terminal located at the store.

In one embodiment, the store identification information may include UUID (Universal Unique IDentifier) information obtained from the sensing terminal located at the store.

A payment processing method according to an embodiment disclosed herein includes the steps of: receiving user identification information and store identification information from a user terminal of each user who has subscribed to a payment service; generating at least one target set by classifying each user's information based on the store identification information, the store identification information of the store corresponding to the store terminal and the biometric information of the target user from the store terminal; receiving a payment request including user information of at least one user included in a corresponding target set corresponding to the store identification information included in the payment request among the at least one target set and the target use; performing user authentication on the target user using biometric information of the target user and generating a user authentication result; and based on the user authentication result, using the user information of the target user. The method may include processing the payment request.

In one embodiment, user information of at least one user included in a corresponding target set corresponding to store identification information included in the payment request among the at least one target set and a biometric information of the target user. The step of performing user authentication on the target user using information and generating a user authentication result includes preferentially using the user information of at least one user included in the corresponding target set. User authentication for the target user may be performed by comparing the biological information with the user's biometric information.

A server user authentication method according to an embodiment disclosed herein includes the steps of receiving biometric information of each user from a user terminal of each user who has subscribed to a service; extracting feature information and generating reference template information for each user; storing the reference template information in the user information of each user; receiving biometric information of the target user from a store terminal. , generating target template information by extracting characteristic information from biometric information of the target user; and comparing the reference template information of each user who has subscribed to the service with the target template information. The method may include a step of authenticating the user.

In one embodiment, the step of receiving user identification information and store identification information from a user terminal of each user who has subscribed to the service, converting the user information of each user who has subscribed to the service into the store identification information. The method may further include generating at least one target set by classifying based on the classification, and receiving store identification information of a store corresponding to the store terminal from the store terminal.

In one embodiment, the step of performing user authentication for the target user by comparing reference template information of each user who has subscribed to the service with the target template information may include: , user authentication for the target user by comparing the reference template information of at least one user included in the corresponding target set corresponding to the store identification information received from the store terminal with the target template information; You may do so.

The server, its payment processing method, and server user authentication method according to an embodiment disclosed in this specification can provide payment services with improved user convenience.

The server, its payment processing method, and server user authentication method according to an embodiment disclosed herein can provide a payment service with improved security.

1 is a diagram illustrating a payment processing system according to one embodiment disclosed herein. FIG. FIG. 2 is a diagram for explaining the operation of a payment processing system according to an embodiment disclosed in this specification. FIG. 2 is a diagram for explaining the operation of a payment processing system according to an embodiment disclosed in this specification. 1 is a block diagram illustrating a server according to one embodiment disclosed herein. FIG. FIG. 2 is a diagram for explaining the operation of a server according to an embodiment disclosed in this specification. FIG. 2 is a diagram for explaining the operation of a server according to an embodiment disclosed in this specification. FIG. 2 is a diagram for explaining a server user authentication method according to an embodiment disclosed in this specification. FIG. 7 is a diagram for explaining a server user authentication method according to another embodiment disclosed in this specification. FIG. 7 is a diagram for explaining the operation of a payment processing system according to another embodiment disclosed in this specification. FIG. 7 is a diagram for explaining the operation of a payment processing system according to another embodiment disclosed in this specification.

Hereinafter, some embodiments of the present invention will be described in detail through exemplary drawings. When adding reference numerals to the components in each drawing, it should be noted that the same components have the same numerals as much as possible even if they appear on other drawings. No. In addition, when describing the embodiments of the present invention, if it is determined that detailed explanations of such known configurations or functions would impede understanding of the embodiments of the present invention, detailed explanations thereof will be omitted.

In describing the components of embodiments of the present invention, terms such as first, second, A, B, (a), (b), etc. may be used. These terms are used only to distinguish the component from other components, and do not limit the nature, order, or order of the components. Furthermore, unless otherwise defined, all terms used herein, including technical and scientific terms, have the same meaning as commonly understood by a person of ordinary skill in the technical field to which this invention pertains. have meaning. Terms such as those defined in commonly used dictionaries should be construed to have meanings consistent with the meanings they have in the context of the relevant art, and unless explicitly defined in this application, ideal or excessive cannot be interpreted in a formal sense.

FIG. 1 illustrates a payment processing system according to one embodiment disclosed herein. 2 and 3 are diagrams for explaining the operation of the payment processing system according to an embodiment disclosed in this specification.

First, referring to FIGS. 1 and 2, a payment processing system 1000 according to an embodiment disclosed herein may include a user terminal 100, a management server 200, a merchant terminal 300, and a VAN server 400. .

A user can use the services provided by the management server 200 using the user terminal 100. For example, the service may include a payment service. For this purpose, an application for using the payment service may be installed on the user terminal 100. A user can subscribe to a payment service and register user information by running an application on the user terminal 100. For example, a user can register user information such as user identification information, user biometric information, and payment registration information in the application. Additionally, the user can register consent information for providing user information in the application.

Here, the user identification information may include various information that can identify the user, such as the user's mobile phone number, the user's ID and/or password, and the user's name. The biometric information of the user may include a facial image of the user's face, and depending on the embodiment, the facial image of the user's face may be processed into template information including facial feature point information. For example, by photographing the user's face using a camera (not shown) of the user terminal 100, the user can pre-register the user's face image for user authentication in the application. For example, the user terminal 100 transmits the photographed facial image to the management server 200, and the management server 200 extracts feature information from the user's facial image to generate template information, and each template information is It can be saved in the user information of the corresponding user.

In addition to the user's face image, various biometric information such as the user's fingerprint and iris image can be acquired by various sensing devices of the user terminal 100, and the acquired information is used as user information. can be registered in the application as Payment registration information may include card information and/or account information used for payment processing.

Referring to FIGS. 2 and 3, when a user who has subscribed to a payment service visits a store S with the user terminal 100, the user terminal 100 receives store identification information from the store terminal 300. (S110). For example, the user terminal 100 can receive store identification information from the store terminal 300 via Bluetooth communication. For example, the store identification information may include a UUID (Universal Unique IDentifier), and may be set to have a different value for each store so that a specific store can be identified. When the user terminal 100 receives the store identification information, the application may be automatically activated. The user terminal 100 may transmit user identification information and store identification information to the management server 200 through an activated application.

Meanwhile, the user terminal 100 may include a mobile communication terminal, a PDA (Personal Digital Assistant), an electronic notebook, a smartphone, a tablet PC (Personal Computer), and the like.

Also, referring to FIGS. 1 and 2, the management server 200 may provide payment services to users who have subscribed to the payment services. To this end, the management server 200 can manage user information of users who have subscribed to the payment service. Here, the user information may include user identification information of each user, store identification information received from each user terminal of the user, payment history information, user biometric information, store stay time information, etc. .

The management server 200 may receive user identification information and store identification information from the user terminal 100 (S120). The management server 200 may manage user information of each user who has subscribed to the payment service based on store identification information. The management server 200 may generate at least one target set by classifying the user information of each user who has subscribed to the payment service based on the store identification information (S130). The at least one target set may include at least one user who has subscribed to a payment service. Therefore, users visiting the same store can be classified and managed into the same target group. Depending on the embodiment, the management server 200 may update at least one target set each time merchant identification information is received from the user terminal 100 of each user subscribed to the payment service.

The management server 200 can receive a payment request from the store terminal 300 (S150). For example, the payment request may be a payment request to the target user (that is, the user who requested the store terminal 300 to make the payment), and includes store identification information of the store corresponding to the store terminal 300 and biometric information of the target user. may be included. For this purpose, the store terminal 300 can acquire biometric information of the user requesting payment (S140).

The management server 200 can generate template information by extracting feature information (eg, feature point information) from the user's biometric information included in the payment request.

The management server 200 stores the user information of at least one user included in the corresponding target set corresponding to the store identification information included in the payment request among the at least one target set and the biometric information of the target user. The user authentication information can be used to perform user authentication on the target user and generate a user authentication result (S160). To this end, the management server 200 may identify, as a corresponding target set, a target set whose corresponding store identification information matches the store identification information included in the payment request, among at least one target set.

Specifically, the management server 200 performs user authentication for the target user by preferentially comparing the user information of at least one user included in the corresponding target set with the target user's biometric information. It can be carried out. For example, the management server 200 can perform user authentication for the target user by preferentially comparing template information of the target user with template information of at least one user included in the corresponding target set. can. The management server 200 may transmit the user authentication result to the store terminal 300 (S170).

As described above, the management server 200 preferentially uses the user information (for example, biometric information) of selected users, rather than the entire stored user information, for user authentication of the target user. Since the information is used as a comparison target for the purpose of comparison, the processing speed of user authentication can be improved. Furthermore, the management server 200 prioritizes the user information of some users who are probabilistically likely to be the subject of payment requests, rather than all the users already saved, for user authentication of the target users. The accuracy of user authentication can also be improved because it is used as a comparison target.

Additionally, the management server 200 may additionally identify at least one user included in the corresponding target set using the payment history information in the user information. For example, the management server 200 creates a detailed set by additionally identifying a user whose number of payments included in the payment history information is equal to or greater than a reference value among at least one user included in the corresponding target set. can be generated.

Furthermore, the management server 200 can generate payment pattern information for each user using payment history information of each user who has subscribed to the payment service. The management server 200 may additionally identify at least one user included in the corresponding target set based on the payment pattern information. For example, the management server 200 may generate the detailed set by additionally identifying the user using payment pattern information of at least one user included in the corresponding target set.

In addition, the management server 200 may additionally identify at least one user included in the corresponding target set using store stay time information of at least one user included in the corresponding target set. For example, the management server 200 may generate a detailed set by additionally identifying a user whose time spent in a store is longer than a reference time among at least one user included in the corresponding target set.

The management server 200 can perform user authentication for the target user by preferentially comparing the user information of at least one user included in the detailed set with the target user's biometric information.

In this manner, the management server 200 generates a detailed set by additionally identifying at least one user included in the corresponding target set, and generates user information of at least one user included in the detailed set. (For example, biometric information) is preferentially used as a comparison target for user authentication, so the processing speed and accuracy of user authentication can be further improved.

In addition, the management server 200 performs user authentication for the target user by preferentially comparing the user information of at least one user included in the corresponding target set with the target user's biometric information. , If there is a result in which two or more users among the users included in the corresponding target set match the target user, the user information of at least one user included in the detailed set is used as the target user. User authentication may be performed by comparing the biometric information of the user.

In addition, the management server 200 performs user authentication for the target user by preferentially comparing the user information of at least one user included in the corresponding target set with the target user's biometric information. If two or more users among the users included in the corresponding target set match the target user, the user information of the two or more users is added to at least one person included in the detailed set. User authentication may be performed based on the results of comparison with the user information of the user. For example, if there is a user whose user information matches the user information of at least one user included in the detailed set among the two or more users, the user information of the user is finally transferred to the target user. It can be used for user authentication. Therefore, the accuracy of user authentication can be improved.

The management server 200 may process a payment request for the target user based on the user authentication result. If the user authentication result is successful, the management server 200 may process the payment request using the payment registration information of the target user. For example, if the user authentication result is successful, the management server 200 may transmit a payment approval request to the VAN server 400 (S180). Here, the payment approval request may include payment registration information of the target user.

When the management server 200 receives the payment approval result from the VAN server 400 (S190), it can transmit payment completion information to the user terminal 100 and/or the store terminal 300 (S200). Here, the payment completion information may include payment amount, payment time, store information, usage details, and the like.

The store terminal 300 may transmit store identification information to the user terminal 100 when the user terminal 100 is detected. The store terminal 300 may be placed inside the store. For example, the store identification information may include a UUID (Universal Unique IDentifier), and may be set to have a different value for each store so that a specific store can be identified. The store terminal 300 may transmit store identification information to the user terminal 100 by transmitting a beacon including a UUID to the user terminal 100 via Bluetooth communication.

The store terminal 300 can process payments according to the payment method selected by the user. Here, the payment method may include all general payment methods such as card payment, cash payment, electronic money, and account transfer, as well as payment services disclosed in this specification. In one aspect, the payment service may refer to a service that allows payment processing only by user biometric information authentication.

After the user purchases or uses goods and services at a store, the user proceeds with the payment using the store terminal 300. If the payment service is selected as the payment method, the store terminal 300 generates and generates payment information. A payment request for the received payment information can be transmitted to the management server 200. For example, the payment information may include the amount of money purchased or spent by the target user, store identification information, biometric information of the target user (ie, the user requesting payment), and the like.

That is, after purchasing or using goods or services at a store, the user selects the payment service provided by the management server 200 as the payment method and provides only biometric information to the store terminal 300 (i.e., only one facial transaction). Payment can be made easily and quickly (just by taking a photo). Therefore, user convenience during the payment process can be improved.

The store terminal 300 can collect biometric information of the user. Here, the user's biometric information may include various biometric information such as a facial image, fingerprint, and iris of the user. For example, the store terminal 300 may include a camera, and may take a facial image of the user through the camera and transmit the photographed facial image to the management server 200. Further, depending on the embodiment, the store terminal 300 can generate template information by extracting feature points from a photographed face image. The store terminal 300 can transmit the collected template information to the management server 200.

On the other hand, depending on the embodiment, a device that collects biometric information of users may be operated separately from the store terminal 300. That is, a device that is physically separated from the store terminal 300 and collects biometric information of users can be operated. Furthermore, since the device that collects the user's biometric information is operated and managed by a different operating entity than the operating entity of the store terminal 300, there is a possibility that the biometric information, which is the user's personal information, may be leaked or used. can be prevented.

The VAN server 400 may process a payment in response to a payment approval request transmitted from the management server 200. For example, the VAN server 400 may process the payment using the payment registration information of the target user included in the payment approval request, and may transmit the payment approval result to the management server 200.

FIG. 4 is a block diagram illustrating a server according to one embodiment disclosed herein. 5 and 6 are diagrams for explaining the operation of a server according to an embodiment disclosed in this specification.

First, referring to FIG. 4, a management server 200 according to an embodiment disclosed herein includes an information management section 210, a communication section 220, an analysis section 230, a user authentication section 240, and a payment processing section 250. may be included.

The information management unit 210 can manage user information of users who have subscribed to the payment service. Here, the user information may include user identification information of each user, store identification information received from the user, payment history information, user biometric information, store stay time information, and the like.

The communication unit 220 can receive user identification information and store identification information from the user terminal 100. The communication unit 220 can receive a payment request from the store terminal 300. Here, the payment request may be a payment request to the target user (that is, the user who requested payment to the store terminal 300), and includes store identification information of the store corresponding to the store terminal 300 and a request for payment at the store. may include biometric information of the intended user. The communication unit 220 may transmit the user authentication result to the store terminal 300. The communication unit 220 may transmit payment completion information to the user terminal 100 and/or the store terminal 300.

The analysis unit 230 may generate at least one target set by classifying the user information of each user who has subscribed to the payment service based on the store identification information. The at least one target set may include at least one user who has subscribed to a payment service.

Referring to FIG. 5, user information stored in the information management unit 210 is illustrated. The user information may include user identification information, store identification information, payment history information, payment registration information, and user template information. Here, the store identification information may be information received from the user terminal of each user, and for ease of understanding, it is assumed that the store names corresponding to the store identification information (for example, store A, store B) are used. and explain. Further, the payment history information may include the number of payments, the payment location, and the payment amount.

The analysis unit 230 can generate a target set (T1, T2) by classifying user information of each user who has subscribed to a payment service based on store identification information. Although FIG. 5 exemplarily shows a case where two target sets (T1, T2) are generated, the present invention is not limited to this, and three or more target sets may be generated. For example, if the store corresponding to the store identification information received from the user terminal 100 is store A, the analysis unit 230 may classify and manage the users corresponding to the user terminal 100 into target sets (T1). I can do it.

Also, the analysis unit 230 may additionally identify at least one user included in the target set (T1) using the payment history information in the user information. For example, the analysis unit 230 analyzes users 3 to 5 whose number of payments included in the payment history information is equal to or greater than a reference value (for example, 4) among at least one user included in the target set (T1). By additionally identifying , a detailed set (D1) can be generated.

Furthermore, the analysis unit 230 may generate payment pattern information for each user using payment history information of each user who has subscribed to the payment service. For example, the payment history information may further include visit time and payment time. Here, the visiting time may be obtained from the time when the store identification information is received from the user terminal of each user. For example, the analysis unit 230 uses the payment history information of the specific user to obtain payment pattern information including when the user usually visits store A, how long the user stays there, and what the average payment amount is. can be generated.

The analysis unit 230 may additionally identify at least one user included in the target set (T1) based on the payment pattern information. For example, the analysis unit 230 compares the payment pattern information of at least one user included in the target set (T1) based on the current time when the target user visited store A, and A detail set can be generated by additionally identifying at least one included user.

Referring to FIG. 6, the user information may include user identification information, store identification information, store stay time information, payment registration information, and user biometric information.

The analysis unit 230 may additionally identify at least one user included in the target set (T1) using the store stay time information of the at least one user included in the target set (T1). can. For example, the analysis unit 230 additionally identifies users 4 and 5 whose time spent in the store is longer than the reference time (for example, 30 minutes) among at least one user included in the target set (T1). By doing so, a detailed set (D2) can be generated. For example, if the average stay time of users using store A is 30 minutes, users who spend more than 30 minutes at the store are likely to request payment after using the store.

Also, referring to FIG. 3, the user authentication unit 240 may generate template information by extracting feature information (eg, feature point information) from the user's biometric information included in the payment request.

The user authentication unit 240 authenticates the use of at least one user included in the corresponding target set (T1) corresponding to the store identification information (for example, store A) included in the payment request among the at least one target set. Using the user information and the target user's biometric information, it is possible to perform user authentication for the target user and generate a user authentication result. To this end, the user authentication unit 240 selects a target whose corresponding store identification information (e.g., store A) matches the store identification information (e.g., store A) included in the payment request from among at least one target set. The set (T1) can be identified as the corresponding target set.

Specifically, the user authentication unit 240 preferentially compares the user information of at least one user included in the corresponding target set with the biometric information of the target user. Authentication can be performed. For example, the user authentication unit 240 performs user authentication for the target user by preferentially comparing template information of the target user with template information of at least one user included in the corresponding target set. be able to. The user authentication unit 240 may transmit the user authentication result to the store terminal 300.

As described above, the user authentication unit 240 preferentially compares user information (for example, biometric information) of a selected portion of users, rather than the entire stored user information, for user authentication. Since it is used as a target, the processing speed of user authentication can be improved. Furthermore, the user authentication unit 240 prioritizes the user information of some users who are probabilistically likely to be the subject of a payment request, rather than all the saved users. Since it is used as a comparison target for authentication, the accuracy of user authentication can also be improved.

In addition, the user authentication unit 240 preferentially compares the user information of at least one user included in the detailed set (D1 or D2) with the biometric information of the target user, thereby determining whether the user can use the target user's information. User authentication can be performed. In this way, the user authentication unit 240 generates a detailed set (D1 or D2) by additionally identifying at least one user included in the target set (T1), and generates a detailed set (D1 or D2). Since the user information (for example, biometric information or template information) of at least one user included in D2) is preferentially used as a comparison target for user authentication, the processing speed of user authentication is further improved. can do.

The payment processing unit 250 may process a payment request received from the merchant terminal 300. For example, the payment request may be a payment request to the target user. The payment processing unit 250 may process a payment request to the target user based on the user authentication result. For example, the payment processing unit 250 may process the payment request using the payment registration information of the target user. Specifically, if the user authentication result is successful, the payment processing unit 250 may transmit a payment approval request to the VAN server 600. Here, the payment approval request may include payment registration information of the target user.

When receiving the payment approval result from the VAN server 400, the payment processing unit 250 may transmit payment completion information to the user terminal 100 and/or the merchant terminal 300. Here, the payment completion information may include payment amount, payment time, store information, usage details, etc.

FIG. 7 is a diagram illustrating a server user authentication method according to an embodiment disclosed herein.

Referring to FIG. 7, the server user authentication method according to the embodiment disclosed herein includes a step in which the management server 200 receives user biometric information from a user terminal (S310). (S320), the store terminal acquires the user's biometric information (S330), the store terminal receives the user's biometric information (S340), and the target template information is generated from the user's biometric information (S340). (S350) and performing user authentication using reference template information and target template information (S360).

Hereinafter, steps S310 to S360 will be described in detail with reference to FIG. 1.

In step S310, the user terminal 100 of each user who has subscribed to the payment service may collect user biometric information. The user terminal 100 may transmit the collected user biometric information to the management server 200.

In step S320, the management server 200 may generate reference template information for each user by extracting feature information (eg, feature point information) from the received biometric information of the user. Here, the reference template information may mean reference information to be compared during user authentication.

In step S330, the store terminal 300 may collect user biometric information of the target user who requests payment at the store. That is, in the process of using the payment service, the user registers the standard information necessary for user authentication through his or her user terminal, and provides biometric information to the store terminal 300 when requesting payment. I can do it.

In step S340, the store terminal 300 may transmit the collected biometric information of the target user to the management server 200.

In step S350, the management server 200 may generate target template information by extracting feature information from the target user's biometric information.

In step S360, the management server 200 may perform user authentication for the target user using the reference template information and the target template information. For example, the management server 200 can perform user authentication for the target user by checking template information that matches the target template information in the reference template information.

FIG. 8 is a diagram for explaining a server user authentication method according to another embodiment disclosed in this specification.

Referring to FIG. 8, the server user authentication method according to another embodiment disclosed herein includes a step in which the management server 200 receives user biometric information from a user terminal (S410). A step of generating reference template information from the information (S420), a step of the user terminal 100 receiving store identification information from the store terminal 300 (S430), a step in which the management server 200 receives the user identification information and store identification information from the user terminal 100. (S440), the management server 200 generates at least one target set (S450), the store terminal acquires user biometric information (S460), the store terminal receives user biometric information and store identification. receiving information (S470); generating target template information from user biometric information (S480); and using reference template information and target template information of at least one user included in the corresponding target set. The process may include a step of performing user authentication (S490).

Hereinafter, steps S410 to S490 will be described in detail with reference to FIG. 1.

In step S410, the user terminal 100 of each user who has subscribed to the payment service may collect user biometric information. The user terminal 100 can transmit the collected biometric information of the user to the management server 200.

In step S420, the management server 200 may extract feature information (eg, feature point information) from the received biometric information of the user and generate reference template information for each user. Here, the reference template information may mean reference information to be compared during user authentication.

In step S430, the user terminal 100 may receive store identification information from the store terminal 300. For example, when the user visits a store, the user terminal 100 may receive store identification information from the store terminal 300 via Bluetooth communication. For example, the store identification information may include a UUID (Universal Unique IDentifier), and may be set to have a different value for each store so that a specific store can be identified.

In step S440, the management server 200 may receive user identification information and store identification information from the user terminal 100.

In step S450, the management server 200 may generate at least one target set by classifying user information of each user who has subscribed to the payment service based on store identification information. The at least one target set may include at least one user who has subscribed to a payment service. Therefore, users visiting the same store can be classified and managed into the same target group. Depending on the embodiment, the management server 200 may update at least one target set each time merchant identification information is received from the user terminal 100 of each user subscribed to the payment service.

In step S460, the store terminal 300 may collect user biometric information of the target user who requests payment at the store. That is, in the process of using the payment service, the user registers the standard information necessary for user authentication through his or her user terminal, and provides biometric information to the store terminal 300 when requesting payment. I can do it.

In step S470, the store terminal 300 may transmit the collected biometric information of the target user and store identification information to the management server 200.

In step S480, the management server 200 may generate target template information by extracting feature information from the target user's biometric information.

In step S490, the management server 200 collects reference template information of at least one user included in the corresponding target set corresponding to the store identification information received from the store terminal 300 among the at least one target set and the target user. User authentication for the target user can be performed using the target template information (S490). To this end, the management server 200 may identify, as a corresponding target set, a target set whose corresponding store identification information matches the store identification information included in the payment request, among at least one target set.

Specifically, the management server 200 performs user authentication for the target user by preferentially comparing reference template information of at least one user included in the corresponding target set with target template information of the target user. It can be performed.

Therefore, the management server 200 preferentially uses the template information of selected partial users (i.e., users included in the corresponding target set) instead of the entire stored user information. Since the information is used as a comparison target for user authentication, the processing speed of user authentication can be improved. Furthermore, the management server 200 prioritizes the user information of some users who are probabilistically likely to be the subject of payment requests, rather than all the users already saved, for user authentication of the target users. The accuracy of user authentication can also be improved because it is used as a comparison target.

9 and 10 are diagrams for explaining the operation of a payment processing system according to another embodiment disclosed in this specification.

The embodiment illustrated in FIG. 9 may differ from the embodiment illustrated in FIG. 2 in that user location information is used to generate at least one target set.

As described with reference to FIG. 1, a user can subscribe to a payment service and register user information by running an application on the user terminal 100. For example, a user can register user information such as user identification information, user biometric information, and payment registration information in the application. Further, the user can register consent information for providing user information, user location information, etc. in the application.

When a user who has subscribed to a payment service visits a store S with the user terminal 100, the user terminal 100 can receive store identification information from the store terminal 300 (S510). For example, the user terminal 100 can receive store identification information from the store terminal 300 via Bluetooth communication. For example, the store identification information may include a UUID (Universal Unique IDentifier), and may be set to have a different value for each store so that a specific store can be identified. When the user terminal 100 receives the store identification information, the application may be automatically activated. The user terminal 100 may transmit user identification information and store identification information to the management server 200 through an activated application.

The user terminal 100 may obtain user location information, which is information regarding the user's location (S520). For example, the user terminal 100 may obtain user location information through a GPS module (not shown). Further, for example, when the user terminal 100 is connected to WiFi via an AP, user location information can be obtained from the WiFi connection information. Here, the WiFi connection information may include the name of a place that provides a WiFi connection service (eg, "Incheon Airport", "OO bank Jongno", etc.). For example, if the operating system of the user terminal 100 is Android, WiFi connection information may be obtained through an API (ex. WifiManager API) that manages WiFi connection information. The user terminal 100 may provide the acquired user location information to the management server 200.

The management server 200 may receive user identification information, store identification information, and user location information from the user terminal 100 (S530).

The management server 200 can manage user information of each user who has subscribed to the payment service based on at least one of store identification information and user location information. The management server 200 generates at least one target set by classifying the user information of each user who has subscribed to the payment service based on at least one of store identification information and user location information. (S540).

For example, the management server 200 can manage user information based on user location information. Therefore, users visiting the same store can be classified and managed into the same target group.

Additionally, the management server 200 can manage user information based on store identification information and user location information. For example, the management server 200 generates at least one target set by first classifying user information based on store identification information, and secondarily generates at least one target set based on user location information. By verifying the collection, user information can be managed more accurately. That is, the store identification information and the user location information can function in a mutually complementary manner.

Depending on the embodiment, the management server 200 may update at least one target set each time store identification information and user location information are received from the user terminal 100 of each user subscribed to the payment service. can.

In the case of the S550 operation to S610 operation, they may be substantially the same as the S140 operation to S200 operation described with reference to FIG. 2, so a detailed description thereof will be omitted to avoid duplication.

The embodiment illustrated in FIG. 10 differs from the embodiment illustrated in FIG. 2 in that user authentication is performed using user voice information. A detailed explanation of contents that overlap with those described with reference to FIGS. 1 and 9 will be omitted.

As described with reference to FIGS. 1 and 9, a user can subscribe to a payment service and register user information by running an application on the user terminal 100. For example, a user can register user information such as user identification information, user biometric information, user voice information, and payment registration information in the application. Here, the user's voice information can be recorded through a microphone (not shown) of the user terminal 100 and pre-registered in the application. For example, user voice information may be used for user authentication. Further, the user can register consent information for providing user information, user location information, etc. in the application.

The management server 200 can receive user identification information and store identification information from the user terminal 100 (S720). Additionally, the management server 200 can further receive user location information from the user terminal 100. The management server 200 may provide payment services to users who have subscribed to the payment services. To this end, the management server 200 can manage user information of users who have subscribed to the payment service. Here, the user information includes user identification information for each user, store identification information received from each user terminal of the user, payment history information, user biometric information, user voice information, and store stay time information. , user location information, etc.

The management server 200 generates at least one target set by classifying the user information of each user who has subscribed to the payment service based on at least one of store identification information and user location information. (S730). Therefore, users visiting the same store can be classified and managed into the same target group.

The management server 200 can receive a payment request from the store terminal 300 (S760). For example, the payment request may be a payment request to the target user (that is, the user who requested the store terminal 300 to make the payment), and includes store identification information of the store corresponding to the store terminal 300, biometric information of the target user, and the like. May include audio information of the intended user.

For this purpose, the store terminal 300 can acquire biometric information of the target user who requests payment (S740). In addition, the store terminal 300 may obtain voice information of the target user requesting payment (S750). For example, the store terminal 300 may include a microphone, and can collect the user's voice information (eg, "I will pay with OO Pay") through the microphone.

Meanwhile, depending on the embodiment, a device that collects user's voice information may be operated separately from the store terminal 300. That is, a device that is physically separated from the store terminal 300 and collects user voice information can be operated. Furthermore, since the device that collects the user's voice information is operated and managed by a different operating entity than the operating entity of the store terminal 300, there is a possibility that the user's voice information, which is personal information, may be leaked or used. can be prevented.

The store terminal 300 can transmit the collected user's voice information to the management server 200. Depending on the embodiment, the merchant terminal 300 may also preprocess or compress the user's voice information and transmit it to the management server 200.

The management server 200 can generate template information by extracting feature information (eg, feature point information) from the user's biometric information included in the payment request.

The management server 200 collects the user information of at least one user included in the corresponding target set corresponding to the store identification information included in the payment request among the at least one target set, the biometric information of the target user, and the target user. User authentication for the target user may be performed using at least one of the user's voice information, and a user authentication result may be generated (S770). To this end, the management server 200 may identify, as a corresponding target set, a target set whose corresponding store identification information matches the store identification information included in the payment request, among at least one target set.

Specifically, the management server 200 preferentially converts the user information of at least one user included in the corresponding target set into at least one of the target user's biological information and the target user's voice information. By comparing, user authentication for the target user can be performed. For example, the management server 200 can perform user authentication for the target user by comparing the user information of at least one user included in the corresponding target set with the voice information of the target user.

For example, the management server 200 first performs user authentication for the target user using biometric information of the target user, and secondarily performs user authentication for the target user using the user's voice information. It can be performed. Therefore, the accuracy of user authentication can be further improved. That is, the user's biometric information and the user's voice information can act in a mutually complementary manner.

Since the operations S780 to S810 may be substantially the same as the operations S170 to S200 described with reference to FIG. 2, detailed description thereof will be omitted to avoid duplication.

The above description is merely an illustrative explanation of the technical idea of the present disclosure, and a person having ordinary knowledge in the technical field to which the present disclosure pertains will understand the essential characteristics of the present disclosure. Various modifications and variations are possible without departing from the scope.

Therefore, the embodiments disclosed in the present disclosure are not intended to limit the technical idea of the present disclosure, but are for illustrative purposes, and the scope of the technical idea of the present disclosure may vary depending on such embodiments. It is not limited. The protection scope of this disclosure should be interpreted according to the following claims, and all technical ideas within the scope equivalent thereto should be construed as falling within the scope of rights of this disclosure. .

1000 Payment processing system 100 User terminal 200 Management server 210 Information management section 220 Communication section 230 Analysis section 240 User authentication section 250 Payment processing section 300 Shop terminal 400 VAN server

Claims (14)

an information management department that manages user information of users who have subscribed to the payment service;
When each user who has subscribed to the payment service visits a store, a communication unit receives user identification information and store identification information from the user terminal of the user who visited the store;
At least one target set is created by classifying user information including biometric information of each user who has subscribed to the payment service based on the store identification information in order to select a comparison target for user authentication. An analysis section that generates
The payment request includes user information of at least one user included in a corresponding target set of the at least one target set that corresponds to store identification information included in the payment request received from the store terminal. a user authentication unit that performs user authentication by preferentially comparing the user's biometric information with the biometric information of the user;
including the server. The server of claim 1, wherein the user information further includes payment history information. The analysis unit generates a detailed set by additionally identifying a user whose number of payments included in the payment history information is equal to or greater than a reference value among at least one user included in the corresponding target set. The server according to claim 2, characterized in that: The analysis unit generates payment pattern information of users who have subscribed to the payment service using the payment history information, and adds the at least one user included in the corresponding target set based on the payment pattern information. 3. The server according to claim 2, wherein the server generates the detail set by identifying the details. The user information further includes store stay time information,
The analysis unit generates a detailed set by additionally identifying a user whose time spent in a store is longer than a reference time among at least one user included in the corresponding target set. , the server according to claim 1. an information management department that manages user information of users who have subscribed to the payment service;
When each user who has subscribed to the payment service visits a store, the user identification information and store identification information are received from the user terminal of the user who visited the store, and the user identification information and store identification information are received from the store terminal to the store corresponding to the store terminal. a communication unit that receives a payment request including store identification information and biometric information of the target user;
At least one target set is created by classifying user information including biometric information of each user who has subscribed to the payment service based on the store identification information in order to select a comparison target for user authentication. An analysis section that generates
Among the at least one target set, the user information of at least one user included in the corresponding target set corresponding to the store identification information included in the payment request is preferentially used as the biometric information of the target user. a user authentication unit that performs user authentication for the target user by comparison and generates a user authentication result;
A server comprising: a payment processing unit that processes the payment request using user information of the target user based on the user authentication result. The server according to claim 6, wherein the user information further includes payment history information. The analysis unit generates a detailed set by additionally identifying a user whose number of payments included in the payment history information is equal to or greater than a reference value among at least one user included in the corresponding target set. The server according to claim 7, characterized in that: The analysis unit generates payment pattern information for each user who has subscribed to the payment service using the payment history information, and selects the at least one user included in the corresponding target set based on the payment pattern information. The server according to claim 7, characterized in that the detailed set is generated by additionally identifying. The user information further includes store stay time information,
The analysis unit generates a detailed set by additionally identifying a user whose time spent in a store is longer than a reference time among at least one user included in the corresponding target set. , the server according to claim 6. The server of claim 6, wherein the communication unit receives the user identification information and store identification information when the user terminal is sensed by a sensing terminal located at the store. The server of claim 11, wherein the store identification information includes UUID (Universal Unique IDentifier) information obtained from the sensing terminal located at the store. When each user who has subscribed to the payment service visits a store, the server receives user identification information and store identification information from the user terminal of the user who visited the store;
The server classifies user information including biometric information of each user who has subscribed to the payment service based on the store identification information in order to select a comparison target for user authentication. generating a set of targets;
the server receiving from a merchant terminal a payment request including store identification information of a store corresponding to the merchant terminal and biometric information of a target user;
The server may send user information of at least one user included in a corresponding target set corresponding to the store identification information included in the payment request out of the at least one target set to the target user. performing user authentication for the target user by comparing the biometric information with the biometric information of the target user, and generating a user authentication result;
The payment processing method includes the step of the server processing the payment request using user information of the target user based on the user authentication result. When each user who has subscribed to the service visits a store, receiving biometric information of each user from the user terminal of the user who visited the store;
extracting feature information from the biometric information of each user and generating reference template information for each user;
storing the reference template information in user information of each user;
receiving biometric information of the target user from the store terminal;
receiving store identification information of a store corresponding to the store terminal from the store terminal;
extracting feature information from the target user's biometric information to generate target template information;
performing user authentication for the target user by comparing reference template information of each user who has subscribed to the service with the target template information;
When each user who has subscribed to the service visits a store, receiving user identification information and store identification information from the user terminal of the user who visited the store;
At least one target set is generated by classifying user information including biometric information of each user who has subscribed to the service based on the store identification information in order to select a comparison target for user authentication. and
The step of performing user authentication for the target user by comparing the reference template information of each user who subscribed to the service with the target template information includes Performing user authentication for the target user by preferentially comparing reference template information of at least one user included in a corresponding target set corresponding to the received store identification information with the target template information. A server user authentication method characterized by :

Images