KR101506281B1 - multiple authentication payment system using one time password and method thereof - Google Patents

Abstract

The present invention relates to an online payment system and, more specifically, to a system and a method for multi-authentication payment using an one time password (OTP) which approve payment by performing first authentication through an approval server unit paying the price according to actual payment approval, performing indirect second authentication by displaying payment details on a mobile communication terminal of a payer as a message, and performing OTP authentication for the message. The system comprises: an OTP authentication server for receiving an OTP authentication request signal including OTP terminal identification information, performing authentication by comparing a generated OTP with a received OTP, and providing the authentication result; an OTP generator for generating an OTP when the OTP generation request signal including signing time is received, and transmitting the OTP terminal identification information and the generated OTP; a user authentication terminal for receiving a payment approval request signal including payment details, displaying the payment details, requesting the OTP generator to generate an OTP, transmitting the OTP generation request signal including signing time, receiving the OTP terminal identification information and the OTP from the OTP generator, and transmitting the OTP authentication request signal including the OTP terminal identification information and the OTP to an approval server; and the approval server which has user identification information including authentication terminal identification information, provides a payment approval request signal to a user by the authentication terminal identification information including payment details corresponding to the user identification information when a payment request occurs, provides the OTP authentication request signal received from the user authentication terminal to the OTP authentication server, receives the result, and approves the payment when the result shows that authentication is successful.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a multi-authentication payment system and a multi-

The present invention relates to a payment system on-line and off-line. More particularly, the present invention relates to a settlement system for paying a first payment, And a multi-authentication payment system and method using a one-time password for performing an indirect secondary authentication to be displayed on a communication terminal and a third-party authentication by using a one-time password (OTP) will be.

The generalization of the Internet due to the improvement of the Internet speed has brought various kinds of commerce online (online commerce is usually called "electronic commerce"), generalizing online electronic payment of settlement in offline commerce, I have an anecdote about offering and sharing members for sharing. For e-commerce, offline electronic payment, and membership registration, various personal information must be registered in a service server that provides any service on the Internet. In order to protect such personal information, each service server sets a unique ID and a password of the user, and only confirms the service and the information of the corresponding user when the input ID and password match the pre- Modify, and modify the information.

However, since the ID and the fixed password authentication method have a problem that the ID and the password are easily exposed, it is difficult to protect the personal information stored in the servers on the Internet by only the ID and the password. In order to overcome the problems of the conventional authentication method, a public certificate, a one-time password (OTP) method, and the like are applied in combination.

However, the public certificate scheme has a problem in that it can directly cause the user's monetary damages if the password of the public certificate and the public certificate are exposed once.

In order to supplement such an ID / password scheme and a public certificate scheme, a user authentication or payment message authentication requiring high security is not stored or stored in a service terminal, but an OTP generator (a token type card, Type, etc.), and an OTP authentication method for performing authentication through this password is applied in a redundant manner.

However, even though a plurality of authentication methods are applied redundantly, information leaking and fraud methods by memory hacking during transactions are increasing, and transaction methods by replica cards are increasing.

Accordingly, there is a demand for a payment system that can prevent transactions by using a replica card and prevent information leakage and fraud by memory hacking while enhancing the security of existing authentication.

Patent Publication No. 10-2013-0055829 (Feb. 29, 2013).

Accordingly, it is an object of the present invention to provide a method and system for displaying payment contents for primary authentication and settlement by payment information through an approval server unit for paying a payment in accordance with a payment approval when a payment is made on-line and off-line, The present invention provides a multi-authentication payment system and method using a one-time password that performs indirect authentication by performing indirect authentication using a one-time password (OTP) and third authentication using a One Time Password (OTP).

Another object of the present invention is to provide a method and system for displaying a delivery location guidance message according to a final delivery location of a purchaser of a product purchased through an approval server unit and displaying the delivery location information message on a mobile communication terminal of a purchaser, And to provide a multi-authentication payment system and method using a one-time password for approving settlement.

In order to accomplish the above object, the multi-authentication settlement system using the one-time password of the present invention comprises: receiving an OTP authentication request signal including OTP terminal identification information and an OTP, generating an OTP generated for the OTP terminal identification information, An OTP authentication server which compares the correspondence of the OTPs and performs authentication and provides the result; An OTP generator having an OTP terminal identification information and generating an OTP by reflecting a signature time upon receipt of an OTP generation request signal including a signature time by radio, and transmitting the OTP terminal identification information and the generated OTP; A payment approval request signal including payment contents for an arbitrary payment is displayed, the payment contents are displayed, an OTP generation is requested by the OTP generator wirelessly for approval of the payment contents, and an OTP And transmits the OTP terminal identification information and the OTP authentication request signal including the OTP to the approval server unit, and transmits the OTP terminal identification information and the OTP authentication request signal including the OTP to the approval server unit terminal; And a user identification information including the authentication terminal identification information of the user, wherein when a payment request is made by an arbitrary user from an arbitrary payment request unit, the authentication terminal identification information corresponding to the user identification information of the user, Providing a payment approval request signal including payment contents to the user authentication terminal, providing the OTP authentication request signal received from the user authentication terminal to the OTP authentication server, receiving the result, And an approval server unit for approving the payment for the settlement.

delete

delete

The OTP generator is configured on a chip-on-board, and the user authentication terminal transmits the OTP generation request signal, which is a short-range wireless communication (NFC) radio signal, to the OTP generator of the chip- do.

The chip-on-board includes: an antenna; And a transmission / reception unit for separately outputting a card settlement information request signal and an OTP generation request signal among the wireless signals communicated and received by the antenna, and transmitting one of the card settlement information and OTP input corresponding to the output signal, And a COB circuit unit including a wireless card processing unit for outputting the card settlement information to the transmission / reception unit upon receipt of the card settlement information request signal, and the OTP generator for generating and outputting an OTP upon inputting the OTP generation request signal do.

The system further includes: an OTP time server that synchronizes with the time of the OTP authentication server and provides signed time information, wherein the OTP generator obtains a signature time from the OTP time server upon input of the OTP generation request signal A signature time acquisition unit for outputting the signature time; And an OTP generation unit that receives the signature time output from the signature time acquisition unit, generates an OTP based on the signature time, and outputs the generated OTP to the transmission / reception unit.

Wherein the settlement request unit is a service server unit on-line, and further includes a delivery inquiry server for providing delivery position information of the commodity, wherein the service server receives delivery information on the commodity from the delivery inquiry server, The delivery server notifies the user authentication terminal of a message including the delivery completion information upon receipt of the delivery completion notification signal, And when the approval of the user is completed through the terminal, the service server unit performs the payment for the service server unit and notifies the service server unit of the payment approval.

The system further includes: an OTP generator for generating an OTP and displaying the generated OTP through a display device, wherein the user authentication terminal receives an OTP indicated by the OTP generator from a user and transmits the received OTP to the approval server, Receiving OTP from the user authentication terminal, performing OTP authentication for the OTP through the OTP authentication server to determine whether the authentication is successful, and determining whether the user is approved.

The system further includes: an OTP generator for generating and transmitting an OTP when requesting generation of an OTP, wherein the user authentication terminal requests OTP generation by the OTP generator wirelessly, wirelessly receiving the generated OTP, And the approval server unit receives the OTP from the user authentication terminal and performs OTP authentication with respect to the OTP through the OTP authentication server to determine whether or not the authentication is successful and determine whether the user is approved.

The OTP generator is configured on a chip-on-board, and the user authentication terminal transmits an OTP generation request signal, which is a NFC radio signal, to an OTP generator of the chip-on-board to request generation of an OTP .

The chip-on-board includes: an antenna; And a transmission / reception unit for separately outputting a card settlement information request signal and an OTP generation request signal among the wireless signals communicated and received by the antenna, and transmitting one of the card settlement information and OTP input corresponding to the output signal, A wireless card processing unit for outputting card settlement information to the transmission / reception unit upon receipt of a card payment information request signal; and the OTP generator for generating and outputting an OTP upon inputting the OTP generation request signal.

The system further includes: an OTP time server that synchronizes with the time of the OTP authentication server and provides signed time information, wherein the OTP generator obtains a signature time from the OTP time server upon input of the OTP generation request signal A signature time acquisition unit for outputting the signature time; And an OTP generation unit that receives the signature time output from the signature time acquisition unit, generates an OTP based on the signature time, and outputs the generated OTP to the transmission / reception unit.

The settlement request unit may include a user transaction that transmits an authentication request signal including the purchase amount of at least one optional purchase item and the authentication terminal identification information of the user authentication terminal of the user who purchased the product to the approval server unit, Wherein the approval server unit stores payment means information for authentication terminal identification information of an arbitrary user authentication terminal and stores authentication terminal identification information included in reception of the authentication request signal from the force terminal And when the authentication is successful by comparing the generated OTP and the received OTP, payment approval is performed based on the pre-stored payment means information for the authentication terminal identification information.

The system includes: goods transaction information including product information including bar code and QR code information including a price, a product name, a product manufacturer information, a product identification information for each sale item by a plurality of POS terminals, and price information of each product And a POS database server for providing the corresponding merchandise transaction information to the corresponding POS terminal at a predetermined period and a download request.

According to another aspect of the present invention, there is provided a multi-authentication settlement method using a one-time password, comprising the steps of: receiving a settlement approval request signal including a settlement content when a settlement request for an arbitrary user is received from an arbitrary settlement request unit; A user payment authorization approval process for transmitting the user payment authorization request to the user authentication terminal; The user authentication terminal displays the settlement contents of the received payment approval request signal, obtains an OTP upon approval from the user for the payment contents, and transmits an OTP authentication request signal including the obtained OTP and OTP terminal identification information An OTP authentication request process for transmitting to the approval server unit; And the approval server unit performs OTP authentication through the OTP authentication server unit based on the OTP and OTP terminal identification information included in the received OTP authentication request signal, and upon receipt of the payment approval request signal, And a payment approval process for approving the payment, wherein the OTP authentication request process comprises: a payment content display step of displaying the payment details of the received payment approval request signal by the user authentication terminal; The user authentication terminal transmits an OTP generation request signal including the signature time to the chip on board upon approval of the payment contents from the user to request generation of the OTP and reflects the signature time on the chip on board An OTP acquisition step of wirelessly reading and acquiring the generated OTP; And an authentication requesting step of transmitting an OTP authentication request signal including the OTP and OTP terminal identification information to the approval server unit.

delete

delete

The OTP acquisition step may include a signature time request step of requesting a signature time generated in synchronization with the time of the OTP authentication server to the OTP time server when the user authentication terminal approves the payment contents from the user; A signature time providing step of receiving a signature time from the OTP time server for the signature time request by the user authentication terminal and transmitting the signature time to the OTP generator of the chip on board; A signature authentication step in which the OTP generator of the chip-on-board performs authentication by signing the signature time; An OTP acquisition step of generating the OTP by reflecting the signature time when the OTP generator succeeds the signature time authentication and transmitting the OTP to the user authentication terminal; And an authentication requesting step of transmitting an OTP authentication request signal including the OTP and OTP terminal identification information to the approval server unit.

Wherein the payment request unit is a service server unit on-line, and after the approval of the payment, the approval server unit transmits the delivery information to the user authentication terminal upon receiving the delivery information, And a payment acceptance step of receiving a delivery information confirmation signal according to the delivery information confirmation from the user authentication terminal and approving payment for the payment approval.

The payment acceptance process may include receiving the delivery position information of the goods corresponding to the payment approval from the service inquiry server, and notifying the approval server unit of the delivery completion if the delivery position information is one of the delivery start and the delivery completion Delivery completion notification step; A delivery completion notification step of transmitting, by the approval server, a delivery completion notification signal including delivery information to the user authentication terminal upon notification of completion of delivery of the payment product through the service server unit; A delivery position information confirmation step of displaying the delivery completion notification signal upon receipt of the delivery completion notification signal and transmitting a delivery completion confirmation signal upon authentication of the user's delivery position information; And a payment settlement approval step of, when the approval server receives a payment completion confirmation signal from the user authentication terminal, notifying the payment server of a payment settlement approval to the service server unit for payment of the goods upon receipt of a delivery completion confirmation signal from the user authentication terminal .

The shipping position information confirming step may include a display step of displaying the delivery completion notification signal when the user authentication terminal receives the delivery completion notification signal; An OTP acquiring step of requesting the user authentication terminal to generate an OTP from the user upon approval of the contents of the delivery position information and wirelessly reading and acquiring the OTP generated in the chip on board; And an authentication request step of transmitting an OTP authentication request signal including the OTP and OTP terminal identification information to the approval server unit as the delivery confirmation signal, wherein the approval server unit receives the OTP authentication request signal OTP authentication is performed through the time OTP authentication server, and when the authentication is successful, the payment approval is performed.

The OTP acquisition step may include a signature time request step of requesting a signature time generated in synchronization with the time of the OTP authentication server to the OTP time server when the user authentication terminal approves the payment contents from the user; A signature time providing step of receiving a signature time from the OTP time server for the signature time request by the user authentication terminal and transmitting the signature time to the OTP generator of the chip on board; A signature authentication step in which the OTP generator of the chip-on-board performs authentication by signing the signature time; An OTP acquisition step of generating the OTP by reflecting the signature time when the OTP generator succeeds the signature time authentication and transmitting the OTP to the user authentication terminal; And an authentication requesting step of transmitting an OTP authentication request signal including the OTP and OTP terminal identification information to the approval server unit.

The payment request unit may be a POS terminal that is a user transaction terminal of an offline store. The POS terminal may include a purchase amount of at least one of the at least one purchased product, and an authentication of the user of the user who purchased the purchased product And a payment requesting step of transmitting the settlement request signal including the terminal identification information to the approval server unit, wherein the approval server unit registers in advance the authentication terminal identification information included in the settlement request signal in the payment approval process And the settlement approval is performed through the settlement unit corresponding to the settlement unit information.

The method may further include: a merchandise transaction information download process in which the POS database server provides the corresponding merchandise transaction information to the corresponding user transaction terminal at a predetermined period and a download request.

In the present invention, the settlement contents are transmitted to a mobile communication terminal of a legitimate user of the payment settlement medium at the time of settlement, and the settlement contents are confirmed. When payment is approved by the user through the mobile communication terminal, , Information leakage and fraud by memory hacking can be prevented.

In addition, the present invention has an effect of enhancing settlement security because OTP authentication is performed for approval of settlement contents.

In addition, the present invention has an effect of reducing the OTP production cost by configuring the OTP generator for OTP authentication in the COB without a time generator (Real Time Clock: RTC) synchronized with the display device and the OTP authentication server.

In addition, the OTP generator of the COB of the present invention receives the signature time generated from the authenticated OTP time server at the remote location through the mobile communication terminal without generating the time generated in the mobile communication terminal itself and generates OTP It is displayed through the communication terminal, so that the security can be improved.

In addition, since the OTP generator according to the present invention is configured in the COB without the display device and the RTC, the third party can not use the COB-attached card even if the user loses it, and can not use the COB.

In addition, since the authorized approval server unit confirms the delivery of the purchased product and then pays the service provider for the payment, the present invention has the effect of preventing damage to the purchaser caused by erroneous delivery and breakage of the product.

In addition, since the present invention is approved through the OTP authentication at the time of approval of the payment in accordance with the delivery confirmation, it is possible to prevent the proxy approval using the purchaser's mobile communication terminal by the third party.

In addition, the present invention provides authentication by confirming payment contents through a user authentication terminal and authentication using OTP, even in the case of electronic settlement of offline commercial transactions through payment terminals such as POS (Point Of Sale), as well as online commerce It is possible to improve authentication security and to prevent leakage of personal information and approval of proxy.

1 is a block diagram of a multi-authentication settlement system using a one-time password according to the present invention.
FIG. 2 is a diagram illustrating a configuration of an approval server unit of a multi-authentication payment system using a one-time password according to an embodiment of the present invention.
FIG. 3 is a diagram illustrating a configuration of a user authentication terminal of a multi-authentication payment system using a one-time password according to the present invention.
4 is a diagram illustrating a configuration of a COB of a multi-authentication settlement system using a one-time password according to the present invention.
FIG. 5 is a flowchart illustrating a multi-authentication settlement method using a one-time password according to the first embodiment of the present invention.
FIG. 6 is a flowchart illustrating a method of accepting payment by confirming whether or not a payment is made in a multi-authentication payment method using a one-time password according to an embodiment of the present invention.
7 is a flowchart illustrating an OTP generation method using a signature time of an authenticated OTP time server in a multi-authentication payment method using a one-time password according to an embodiment of the present invention.
FIG. 8 is a flowchart illustrating a multi-authentication settlement method using a one-time password according to the second embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS A multi-authentication settlement system using a one-time password according to the present invention will now be described with reference to the accompanying drawings, and a multi-authentication settlement method in the system will be described.

1 is a block diagram of a multi-authentication settlement system using a one-time password according to the present invention.

The multi-authentication payment system using the one-time password according to the present invention includes a user terminal unit 1, a payment request unit 400, an approval server unit 500, and an OTP authentication server 600, Server 700 and a force database server 900. [

(Embodiment 1)

The multi-authentication payment system using the one-time password according to the first embodiment includes a user terminal unit 1, a payment request unit 400, an approval server unit 500, and an OTP authentication server 600. At this time, the payment request unit 400 may be a service server unit. Hereinafter, in the first embodiment, the service server unit will be described using the identification code 400, which is an identification code of the settlement request unit.

The user terminal unit 1, the service server unit 400 serving as a payment request agent, the approval server unit 500 and the OTP authentication server 600 are connected through a wire / wireless data communication network 800 to perform data communication.

The wired / wireless data communication network 800 includes a mobile communication network capable of data communication such as 2G (2G), 3G (3G) and 4G (4G = Long Term Evolution) , A WiFi network, a wide area network (WAN), and a local area network (LAN).

The user terminal unit 1 includes a user authentication terminal 100, a user transaction terminal 200 and a chip on board (COB) 300 according to the first embodiment of the present invention, do.

The user transaction terminal 200 according to the first embodiment accesses the service server unit 400 which is a payment request agent through the wire / wireless data communication network 800 and accesses a service including a goods sale service provided from the service server unit 400 A personal computer (PC), a notebook computer, a tablet PC, and a smart device (such as a smart phone and a smart pad) as a terminal for performing a payment request according to a service.

The user authentication terminal 100 receives the payment approval request signal including the transaction content from the approval server unit 500 according to the present invention, displays the transaction content, authenticates the user about the transaction content, And is a mobile communication terminal having a unique authentication terminal identification information including a telephone number and called as a smart device such as a smart phone and a smart pad, a mobile phone, and a mobile phone. The payment approval request signal may be an application message or a push message by an application (also referred to as an "application" or an "application") installed in the user authentication terminal 100 when the user authentication terminal 100 is a smart device . The user authentication terminal 100 obtains the OTP from the user directly or via the chip on board 300 according to the present invention and transmits an OTP authentication request signal including the OTP and OTP terminal identification information to the OTP authentication server 600 And performs OTP authentication. The OTP terminal identification information may be the terminal identification information of the OTP generator, the terminal identification information of the chip on board (COB) 300 of the present invention, and the COB 300 may be the card identification information applied to the card There will be. The OTP terminal identification information may be registered in advance in the user authentication terminal 100 according to the embodiment of the present invention or may be received together with the OTP from the COB 300. [

The chip-on-board 300 may be configured on a financial card 1 such as a credit card or on a SIM card of the user authentication terminal 100 as shown in Fig. The chip-on-board 300 receives an OTP generation request signal from the user authentication terminal 100, generates an OTP, and transmits the generated OTP to the user authentication terminal 100 wirelessly. Although FIG. 1 shows a case where the COB 300 without the display device and the RTC generates the OTP, a general OTP generator (not shown) including the display device and the RTC may be applied instead of the COB 300.

The service server unit 400 needs a payment service based on user authentication such as merchandise sales (commerce) service, transfer service, etc. to a plurality of user terminal units 1 connected through the wired and wireless data communication network 800 And provides the settlement means for the settlement service to the user transaction terminal 200 of the user terminal unit 1 as a server unit of the service provider. The service server unit 400 may provide the above-described services on a web system, an application system, or both a web system and an application system. According to the configuration, the service server unit 400 may include a web server, an application server, and the like, and may further include a database server, a login server, and the like.

The OTP authentication server 600 receives the OTP authentication request signal including the OTP and OTP terminal identification information, and compares the OTP generated for the OTP terminal identification information with the OTP included in the OTP authentication request signal, Performs authentication according to whether or not the authentication is successful, and provides the result to the place where the OTP authentication request signal is transmitted. Also, the OTP authentication server 600 receives the OTP authentication request signal including the OTP terminal identification information, the signature time, and the OTP from the user authentication terminal 100, reflects the signature time to the OTP terminal identification information, And compare the generated OTP with the OTP included in the OTP authentication request signal to perform OTP authentication.

The approval server unit 500 is a server unit for performing payment and payment between a service provider and a user through a plurality of service server units 400 and the user terminal unit 1. [ The approval server unit 500 transmits a payment approval request signal including the contents of payment for the payment request to the user authentication terminal 100 when a payment request is generated from any service server unit 400 among the service server units 400 To the user authentication terminal 100 according to the previously registered authentication terminal identification information to display the payment contents on the user authentication terminal 100. Upon receipt of the approval signal for the payment contents from the user authentication terminal 100 And performs payment for the settlement request.

The delivery inquiry server 700 receives the delivery information for the goods that have been paid out by the service server unit 400 and automatically provides the delivery position information about the bases that the product is delivering to the destination of the delivery information And provides the service server unit 400 with a request from the service server unit 400. At this time, the service server unit 400 provides the delivery position information to the approval server unit 500.

The service server unit 400 determines whether the delivery position information received from the delivery inquiry server 700 is a delivery start or delivery completion and notifies the approval server unit 500 of the delivery position information if the delivery position information is completed do. The above-mentioned departure departure means that the final deliverer is delivering the product to the customer's destination, and the delivery completion means the state when the customer has received the product.

Upon receiving the notification, the approval server unit 500 transmits the delivery position information to the registered user authentication terminal 100 and displays the delivery position information, and approves the payment for the payment upon authentication of the user. The user authentication according to the transmission of the delivery position information may be performed by the general confirmation of the user or OTP authentication in the same manner as the payment authentication.

(Second Embodiment)

As described above, the multi-authentication payment system using the one-time password according to the second embodiment of the present invention includes a user terminal unit 1, a payment request unit 400, an approval server unit 500, an OTP authentication server 600, And a force database server 900. At this time, the settlement request unit 400 may be a force terminal. In the second embodiment, the POS terminal will be described using the identification code 400, which is an identification code of the payment request unit.

The user terminal unit 1 according to the second embodiment includes a user authentication terminal 100 and a COB 300. [ The same operation as that of the first embodiment is performed.

The POS terminal 400, which is a settlement request unit according to the second embodiment, includes a card payment unit configured in the merchandise store and reading card information from a card such as a user's credit card and outputting the card information. Accesses to the authentication server unit 500 through the wired / wireless data communication network 800, requests payment according to the payment agency service provided by the authentication server unit 500, receives approval and settlement completion information for the payment, do. The force terminal 400 receives the authentication terminal identification information for the user authentication terminal 200 from the user. The input authentication terminal identification information is included in the payment request signal and transmitted to the approval server unit 500.

According to the embodiment of the present invention, the POS terminal 400 downloads and stores product information including a product price for products sold in the store from the POS database server 900 and refers to the information and price of the product Calculates the total purchase amount for the products purchased by the user, and requests the approval server unit 500 for settlement of the total purchase amount.

The approval server unit 500 provides the credit payment approval result to the force terminal 400 through the same procedure and operation as when the payment request is generated from the service server unit 400 in the first embodiment.

The POS database server 900 generates and stores commodity transaction information for each POS terminal 400 and manages the commodity transaction information such as adding a new commodity, changing or deleting information, etc., and periodically or at the request of the POS terminal 400, As shown in FIG. The commodity transaction information includes commodity information such as a commodity manufacturer, a commodity name, a barcode including unique commodity identification information, a QR code, and the like, price information, and the like.

FIG. 2 is a diagram illustrating a configuration of an approval server unit 500 of a multi-authentication payment system using a one-time password according to an embodiment of the present invention.

The approval server unit 500 may include only the approval server 510 according to an embodiment of the present invention. The approval server unit 500 may include an approval server 510, A touch authentication server 520, an OTP time server 530, and may include a member registration server 540. Also, the OTP authentication server 600 may be connected to the local network 550 of the approval server unit 500 as shown in FIG. The OTP time server 530 may be configured outside the approval server unit 500.

The approval server 510 processes an overall operation related to payment approval when a payment request for an arbitrary user is generated from an arbitrary service server unit 400. According to the embodiment of the present invention, the approval server 510 provides a payment approval request signal including payment contents to the user authentication terminal 100 at the time of payment request, acquires the OTP from the user authentication terminal 100, OTP authentication through the authentication server 600 is performed. The approval server 510 may be a payment agent server, a bank transfer server, or a debit card payment server. In the case of the settlement agency server of the settlement agency as in the second embodiment of the present invention, after the OTP authentication through the OTP authentication server 600, the approval server 510 receives the settlement request signal included in the settlement request signal received from the transaction request unit We make payment according to the type of settlement. For example, when the settlement type is card settlement, the approval server 510 performs settlement through the settlement unit 1000 of the card company corresponding to the card company information.

As the OTP acquisition method according to the present invention, a user input method and a touch acquisition method can be applied.

The user input method is a method in which an OTP generated through a general OTP generator (not shown) is input and received from a user.

The touch acquisition method acquires the OTP using the COB 300 of the user terminal unit 1 and further includes the touch authentication server 520 and the OTP time server 530. Hereinafter, the configuration and operation of the approval server unit 500 of the present invention to which the touch acquisition method is applied will be described.

The approval server 510 receives the settlement request signal including the user identification information of the user connected to the transaction request unit 400 using the transaction request unit 400 according to the first embodiment, And transmits the touch authentication request signal including the user identification information to the touch authentication server 520. According to the second embodiment, the authentication request signal includes the authentication terminal identification information which is the user identification information included in the payment request signal received from the transaction request unit And transmits the touch authentication request signal to the touch authentication server 520.

The OTP time server 530 generates a time synchronized with the time of the real time clock (RTC) of the OTP authentication server 600 and generates a signature for the authenticated OTP time provider providing the OTP time server 530 And generates a signature time that includes information.

The touch authentication server 520 stores and manages the user identification information and the OTP terminal identification information including the authentication terminal identification information for the touch authentication subscriber. When the authentication server 510 receives the touch authentication request from the OTP time server 530 Obtains the signature time, and provides the obtained signature time to the user authentication terminal 100. [ When the OTP for providing the signature time is received, the touch authentication server 520 performs authentication through the OTP authentication server 600. [

The member registration server 540 provides the member registration means through the web system or the application to the user transaction terminal 200 and the user authentication terminal 100 of the user terminal unit 1 of an arbitrary user, The authentication terminal identification information of the user authentication terminal, and the OTP terminal identification information, and registers the user as a member. The authentication terminal identification information includes a telephone number of the user authentication terminal 100.

 3 is a diagram illustrating a configuration of a user authentication terminal 100 of a multi-authentication payment system using a one-time password according to the present invention. The configuration and operation of the user authentication terminal 100 as a mobile communication terminal according to the present invention will be described with reference to FIG.

The user authentication terminal 100 includes a control unit 10, a storage unit 20, a display unit 30, an input unit 40, and a wireless communication unit 50, and further includes a local communication unit 60 according to an embodiment .

The control unit 10 controls the overall operation of the user authentication terminal 100 according to the present invention. The detailed configuration and operation of the control unit 10 will be described later.

The storage unit 20 includes a program storage area for storing a control program (operating system and application, etc.) for controlling the user authentication terminal 100 according to the present invention, a temporary area for temporarily storing data generated during the execution of the control program, And a data area for storing the control program and data generated by the user.

The display unit 30 displays an operation state according to the operation of the user authentication terminal 100, an application or a web-based user interface (UI) means, and displays text, graphics, still images, and moving images corresponding thereto.

The input unit 40 includes a plurality of buttons such as a volume button, a power button, a home button, and the like for controlling the operation of the user authentication terminal 100, and outputs a button signal for the pressed button to the control unit 10 And a touch pad integrally formed on the upper portion of the display unit 30 and outputting position data of a position touched by the user on the screen displayed on the display unit 30 to the controller 10. [

The wireless communication unit 50 is connected to the wire / wireless data communication network 800 by wirelessly and connects to other devices connected to the wire / wireless data communication network 800 such as the service server unit 400, the approval server unit 500, the OTP authentication server 600, And the delivery inquiry server 700 and the like.

 The short-range communication unit 60 includes a first near-field communication unit (NFC) 61 and a second short-range communication unit (Bluetooth) 62. A Zigbee short-range communication unit (not shown), and a wide-band short-range communication unit (UWB) (not shown).

The local communication unit 60 transmits a payment information request signal or a touch authentication request signal as an OTP request signal to the COB 300 according to the present invention and receives payment information for the payment information request signal from the COB 300 And receives the OTP for the touch authentication request signal and provides it to the controller 10.

The control unit 10 includes a settlement history receiving unit 11 and a details accepting unit 12.

The payment history receiving unit 11 receives a payment approval request signal including payment contents from the approval server unit 500 through the wireless communication unit 50 and extracts the payment contents and displays them on the display unit 30. [

The history approval unit 12 acquires the OTP after displaying the payment contents and transmits the obtained OTP to the approval server unit 500 through the wireless communication unit 50. [

The history approval unit 12 displays an OTP input means through the display unit 30 and includes an OTP input processing unit 121 and a local communication unit 60 that receive OTPs directly from the user through the OTP input means and the input unit 40, And an OTP signature time authentication processing unit 122 for acquiring OTP from the COB 300 through the OTP signature time authentication processing unit 122. [

The OTP signature time authentication processing unit 122 includes a signature time acquisition unit 123 for acquiring a signature time signed from the OTP time server 530 through the touch authentication server 520, And an OTP acquisition unit 124 for providing the signature time to the COB 300 through the short-range communication unit 60 and acquiring the OTP from the COB 300. [

FIG. 4 is a diagram illustrating a configuration of a COB 300 of a multi-authentication payment system using a one-time password according to the present invention, and is a diagram illustrating a configuration of a COB 300 according to a touch OTP acquisition method. Hereinafter, the configuration and operation of the COB 300 according to the touch OTP acquisition method will be described with reference to FIG.

The COB 300 includes a COB circuit unit 310 and an antenna 320.

The COB circuit unit 310 includes a transmission / reception unit 311, a wireless card processing unit 313, and an OTP generator 314. The COB 3 is configured in the form of a card and configured by the wireless card processing unit 313 and the OTP generator 313. However, only the transmission / reception unit 311 and the OTP generator 313 may be configured as the COB circuit unit 310 ).

The transmission / reception unit 311 includes a first short range communication unit 3111 and a second short range communication unit 3112.

The first local area communication unit 3111 performs communication processing corresponding to the first local communication unit 61 of the user authentication terminal 100 and the second local communication unit 3112 performs communication processing corresponding to the second local communication unit 3110 of the user authentication terminal 100. [ (62). That is, the first short range communication unit 3111 performs short range data communication according to the NFC protocol, and the second short range communication unit 3112 performs short range data communication according to the Bluetooth protocol.

Therefore, the antenna 320 will also include an antenna for NFC and an antenna for Bluetooth.

The transceiving unit 311 receives an OTP request signal including a payment information request signal transmitted from the user authentication terminal 100 through the antenna 320 and an OTP request signal including a signing time and transmits a payment information request signal to the wireless card processing unit 313, and outputs the OTP request signal to the OTP generator 314. [ The transmission and reception unit 311 transmits the payment information inputted from the wireless card processing unit 313 to the user authentication terminal 100 through the antenna 320 and transmits the OTP inputted from the OTP generator 314 to the user authentication terminal 100 via the antenna To the terminal (100).

The wireless card processing unit 313 stores payment information and provides the payment information to the transmission / reception unit 311 when a payment information request signal is input from the transmission / reception unit 311. [

The OTP generator 314 receives an OTP request signal including a signature time from the user authentication terminal 100 through the transceiver 311 and the antenna 320 and receives a signature time from the OTP request signal, (315) and the signatures of the signature time included in the OTP request signal and the signatures registered in advance, and generates an OTP by reflecting the signature time when the signature authentication succeeds, and transmits the generated OTP to the transmitter / 311).

FIG. 5 is a flowchart illustrating a multi-authentication settlement method using a one-time password according to the first embodiment of the present invention. Hereinafter, a multi-authentication settlement method using a one-time password will be described with reference to FIG.

First, the user accesses an arbitrary service server unit 400 through the user transaction terminal 200, uses any service requiring a payment service, and requests payment according to the service (S111).

The service server unit 400 provides the payment means to the user transaction terminal 200 when receiving a payment request from the user transaction terminal 200 and receives the payment information from the user transaction terminal 200 through the payment means ).

When the payment information is received, the service server unit 400 transmits a payment request signal including payment information including transaction details to the approval server unit 500 (S115). The payment request signal will include user identification information of the user.

Upon receiving the settlement request signal, the approval server unit 500 transmits a settlement approval request signal including the settlement contents and the user identification information to the user of the user who accesses the service server unit 400 through the user transaction terminal 200 To the authentication terminal 100 (S117).

Upon receiving the payment approval request signal, the user authentication terminal 100 displays the payment contents included in the payment approval request signal on the display unit 30 (S118), and then checks whether the OTP is obtained (S119).

When the OTP is acquired, the user authentication terminal 100 transmits the obtained OTP to the approval server unit 500 (S121).

The approval server unit 500 receiving the OTP transmits an OTP authentication request signal including OTP and OTP terminal identification information to the OTP authentication server 600 (S123).

When the OTP authentication request signal is received from the approval server unit 500, the OTP authentication server 600 compares the OTP generated for the included OTP terminal identification information with the OTP included in the OTP authentication request signal, OTP authentication is performed (S125), and the OTP authentication result is transmitted to the approval server unit 500 (S127).

When the OTP authentication result is received, the approval server unit 500 determines whether the OTP authentication result is OTP authentication success (S129). If the OTP authentication result is not successful, the approval server unit 500 notifies the service server unit 400 of the failure of the payment approval After the payment approval (S133), the service server unit 400 is notified of the payment approval.

When the service server unit 400 is informed of the failure to approve the payment, the service server unit 400 notifies the user transaction terminal 200 of the failure of the payment approval (S132), and notifies the user transaction terminal 200 of the success of the payment transaction S137).

FIG. 6 is a flowchart illustrating a method of accepting payment by confirming whether or not a payment is made in a multi-authentication payment method using a one-time password according to an embodiment of the present invention.

5, when the payment for an arbitrary user is completed (S211), the delivery inquiry server 700 receives delivery information on an arbitrary commodity from the service server unit 400, (S213) whether the goods corresponding to the goods information are received or not.

When the delivery information is registered and the product is received, the delivery inquiry server 700 monitors the delivery position of the product based on the delivery position information for the product input from the manager of each shop (S215).

And provides the delivery position information to the service server unit 400 whenever the delivery position of the goods is changed during the delivery position monitoring by the delivery position information or upon receiving the delivery inquiry command from the service server unit 400 (S217) .

In addition, the delivery inquiry server 700 checks whether the delivery is completed during the delivery position monitoring (S219). When the delivery is completed or the delivery inquiry command is received from the service server unit 400 in the delivery completion state, And notifies the service server unit 400 (S221).

5, the service server unit 400 checks whether a delivery position information notification signal including delivery position information such as delivery start or delivery completion is received from the delivery inquiry server unit 400 (S211) (S223).

At this time, when a delivery position information notification signal such as delivery start or delivery completion is received, the service server unit 400 transmits a delivery position information notification signal including user identification information for the user who purchased the product to the approval server unit 500 (S225).

Here, the case where the service server unit 400 determines whether or not the delivery position information such as the delivery start or the delivery completion is received is described. However, as shown by the dotted line in FIG. 6, the service server unit 400 (S218, S210), the approval server unit 500 determines whether the delivery position information is one of delivery start and end delivery (S224) .

When the delivery server information unit 500 receives a delivery position information notification signal including the delivery start or completion of delivery from the service server unit 400 or determines that the received delivery position information notification signal is a delivery start or delivery completion, And transmits a delivery position information notification signal including information contents to the user authentication terminal 100 (S227). The contents of the above delivery location information may be "2014.03.25. AM 10:00 delivery by Hong Gil Dong", "2014.03.25. PM 2:30 minutes Hong Gil Dong 00 products receipt" and so on.

Upon receiving the delivery position information notification signal from the approval server unit 500, the user authentication terminal 100 extracts the content of the included delivery position information and displays it on the display unit 30 (S228).

At this time, when the user confirms and approves the delivery position information displayed on the user authentication terminal 100, the user authentication terminal 100 transmits an approval signal for the delivery position information to the approval server unit 500.

The approval server unit 500 approves the payment for the payment and notifies the service server unit 400 of the payment approval (S121).

The user approval may be made through OTP authentication as described in FIG. However, the approval signal may be an OTP transmitted in S121. This is the same as in FIG. 5, and therefore, the description thereof will be omitted.

7 is a flowchart illustrating an OTP generation method using a signature time of an authenticated OTP time server in a multi-authentication payment method using a one-time password according to an embodiment of the present invention. The OTP authentication method generated by the signature time applied in the present invention will be described with reference to FIG.

The approval server 510 of the approval server unit 500 checks whether a payment request is generated from the service server unit 400 (S311).

When a payment request is generated from any service server unit 400, the approval server 510 transmits a touch authentication request signal including the user identification information included in the payment request signal to the touch authentication server 520, (S313).

When the touch authentication request signal is received from the authentication server 510, the touch authentication server 520 extracts the user identification information from the touch authentication subscriber information previously registered according to the user identification information included in the touch authentication request signal, That is, OTP terminal identification information for the user, and transmits a signature time request signal including the extracted OTP terminal identification information to the OTP time server 530 (S315).

When the signature time request signal is received from the touch authentication server 520, the OTP time server 5320 corresponds to the included OTP terminal identification information and is synchronized with the time of the OTP authentication server 600, And provides the generated signature time to the touch authentication server 520 (S319).

When the signing time is obtained from the OTP time server 530, the touch authentication server 520 verifies the corresponding user authentication information by the authentication terminal identification information of the user authentication terminal 100 among the information of the user corresponding to the user identification information registered in advance And provides the signature time to the terminal 100 (S321).

Then, the user authentication terminal 100 provides the signature time to the COB 300 (S323).

Upon receiving the signature time, the COB 300 generates the OTP by applying the received signature time (S325), and then transmits the OTP to the user authentication terminal 100 (S327).

Then, the user authentication terminal 100 transmits the OTP to the touch authentication server 520 (S329).

The touch authentication server 520 receiving the OTP will perform OTP authentication through the OTP authentication server 600 as described with reference to FIG. 5 and FIG.

FIG. 8 is a flowchart illustrating a multi-authentication settlement method using a one-time password according to a second embodiment of the present invention. FIG. 8 is a flowchart illustrating a multi-authentication settlement method using a one-time password in offline settlement. In the following description, the case where the type of payment is credit card payment will be described as an example.

Referring to FIG. 8, the force terminal 400 checks whether a payment request for an arbitrary customer, that is, a product purchased by the user, occurs (S411).

The POS terminal 400 checks whether settlement means information, that is, credit card information, is obtained when a payment request is made according to the purchase of a commodity (S413).

When the settlement means information is obtained, the force terminal 400 checks whether the user authentication terminal identification information, i.e., the telephone number of the user authentication terminal 100 is acquired (S415).

When the settlement means information and the user authentication terminal identification information are obtained as described above, the payment request signal including the information is transmitted to the approval server unit 500 to request payment (S416).

The approval server unit 500 receiving the settlement request signal performs the same steps S417 to S427 corresponding to S117 to S127 of FIG. 5, so S417 to S427 are not described.

In step S429, the approval server unit 500 checks whether the OTP authentication success result information for the request is received or the OTP authentication failure result information is received after the user payment approval request in step S417.

When the OTP authentication failure result information is received, the approval server unit 500 transmits a user payment approval failure to the POS terminal 400 (S431).

On the other hand, when the OTP authentication success result information is received, the approval server unit 500 performs a payment approval process for the purchase amount included in the goods transaction information through the payment unit 1000 of the credit card company according to the credit card payment S431, and S433).

The approval server unit 500 transmits payment approval result information to the force terminal 400 after the payment approval process (S435).

In the above description, the case where the force terminal 400 acquires payment means information and user authentication terminal identification information and performs payment approval after touch authentication has been described.

However, the force terminal 400 may acquire only the user authentication terminal identification information and perform the payment approval after the touch authentication.

In this case, the force terminal 400 will transmit a settlement request signal including only the user authentication terminal identification information to the approval server unit 500 in S416.

In this case, the approval server unit 500 must store payment means information such as credit card payment information for credit card payment for the user authentication terminal identification information, account transfer information for bank account transfer, etc., Upon completion of the steps S417 to S429, upon receiving the settlement request signal from the force terminal 400, the settlement unit information corresponding to the user authentication terminal identification information included in the settlement request signal is loaded, And to perform the request.

While the present invention has been described with reference to exemplary embodiments, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims. It will be easily understood. It is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, it is intended to cover various modifications within the scope of the appended claims.

1: user terminal unit 2: credit card
10: Control section 11: Payment history receiver
12: history confirmation unit 20: storage unit
30: Display section 40: Input section
50: wireless communication unit 60:
61 and 3111: a first short distance communication unit (NFC)
62, 3112: a second short distance communication unit (Bluetooth)
100: user authentication terminal 200: user transaction terminal
300: chip on board (COB) 310: COB circuit part
311: Transmitting / receiving unit 313:
314: OTP Generator 315: Signature Time Acquisition Unit
316: OTP generation unit 320: Antenna
400: payment request unit 500: approval server unit
510: Authorization server 520: Touch authentication server
530: OTP time server 540: Member registration server
550: local network 600: OTP authentication server
700: Delivery inquiry server 800: Wired / wireless data communication network
900: POS database server 1000:

Claims (24)

An OTP authentication server that receives an OTP authentication request signal including OTP terminal identification information and an OTP and compares the generated OTP with the received OTP to perform authentication and provides the result;
An OTP generator having an OTP terminal identification information and generating an OTP by reflecting a signature time upon receipt of an OTP generation request signal including a signature time by radio, and transmitting the OTP terminal identification information and the generated OTP;
A payment approval request signal including payment contents for an arbitrary payment is displayed, the payment contents are displayed, an OTP generation is requested by the OTP generator wirelessly for approval of the payment contents, and an OTP And transmits the OTP terminal identification information and the OTP authentication request signal including the OTP to the approval server unit, and transmits the OTP terminal identification information and the OTP authentication request signal including the OTP to the approval server unit terminal; And
Wherein the authentication information includes user identification information including authentication terminal identification information of the user and when a payment request is made by an arbitrary user from an arbitrary payment request unit, And provides the OTP authentication request signal received from the user authentication terminal to the OTP authentication server, receives a result of the OTP authentication request signal, and if the result is authentication success And an approval server unit for approving settlement for the settlement.
delete delete The method according to claim 1,
The OTP generator is configured on a chip-on-board,
Wherein the user authentication terminal sends the OTP generation request signal, which is a NFC radio signal, to the OTP generator of the chip-on-board to request generation of an OTP.
5. The method of claim 4,
The chip-on-
antenna; And
A transmission / reception unit for separately outputting a card settlement information request signal and an OTP generation request signal among the wireless signals communicated and received by the antenna, and transmitting one of the card settlement information and the OTP input corresponding to the output signal;
A wireless card processing unit for outputting the card settlement information to the transmission / reception unit upon receiving the card settlement information request signal;
And a COB circuit unit including the OTP generator for generating and outputting an OTP when the OTP generation request signal is input.
6. The method of claim 5,
Further comprising: an OTP time server that synchronizes with the time of the OTP authentication server and provides signed time information,
The OTP generator comprises:
A signature time acquisition unit for acquiring and outputting a signature time from the OTP time server upon inputting the OTP generation request signal; And
And an OTP generation unit for receiving the signature time output from the signature time acquisition unit, generating an OTP based on the signature time, and outputting the generated OTP to the transmission / reception unit.
The method according to claim 1,
The settlement request unit is a service server unit on-line,
And a delivery inquiry server for providing delivery position information of the commodity,
The service server receives the delivery information on the sales item from the delivery inquiry server and provides a delivery completion notification signal to the approval server when the delivery position information is one of delivery start and delivery completion,
The approval server unit,
Upon receipt of the delivery completion notification signal, notifies the user authentication terminal of a message including the delivery completion contents, and upon completion of the approval by the user through the user authentication terminal, performs payment for the service server unit, And notifies the payment approval of the payment.
delete delete delete delete delete The method according to claim 1,
The payment request unit,
A charge transaction terminal for transferring an authentication request signal including the purchase amount of at least one optional purchase item and the authentication terminal identification information of the user authentication terminal of the user who purchased the product to the approval server section ,
Wherein the approval server unit stores payment means information for authentication terminal identification information of an arbitrary user authentication terminal and stores the OTP generated for the authentication terminal identification information included in reception of the authentication request signal from the force terminal, And when the authentication by the comparison of the OTP is successful, the payment approval is performed based on the pre-stored payment means information for the authentication terminal identification information.
14. The method of claim 13,
Stores commodity transaction information including price, commodity information, commodity manufacturer information, commodity information including barcode and QR code information including the commodity identification information, and price information of each commodity for a plurality of sales items for each POS terminal, And a POS database server for providing corresponding merchandise transaction information to the corresponding POS terminal upon requesting a period and a download.
A payment approval requesting step of transmitting a payment approval request signal including payment contents to a user authentication terminal of the user when a payment request for an arbitrary user is generated from a payment request unit of the approval server unit;
The user authentication terminal displays the settlement contents of the received payment approval request signal, obtains an OTP upon approval from the user for the payment contents, and transmits an OTP authentication request signal including the obtained OTP and OTP terminal identification information An OTP authentication request process for transmitting to the approval server unit; And
The approval server performs OTP authentication through the OTP authentication server unit based on the OTP and OTP terminal identification information included in the received OTP authentication request signal, and according to the result, approves the payment for the payment approval request signal through the corresponding payment unit And acceptance of the payment,
In the OTP authentication request process,
A payment contents display step in which the user authentication terminal displays payment contents of the received payment approval request signal;
The user authentication terminal transmits an OTP generation request signal including the signature time to the chip on board upon approval of the payment contents from the user to request generation of the OTP and reflects the signature time on the chip on board An OTP acquisition step of wirelessly reading and acquiring the generated OTP; And
And transmitting an OTP authentication request signal including the OTP and OTP terminal identification information to the approval server unit.
delete delete 16. The method of claim 15,
The OTP acquiring step includes:
A signature time request step of requesting the user authentication terminal to generate a signature time synchronized with the time of the OTP authentication server with the OTP time server upon approval of the payment contents from the user;
A signature time providing step of receiving a signature time from the OTP time server for the signature time request by the user authentication terminal and transmitting the signature time to the OTP generator of the chip on board;
A signature authentication step in which the OTP generator of the chip-on-board performs authentication by signing the signature time;
An OTP acquisition step of generating the OTP by reflecting the signature time when the OTP generator succeeds the signature time authentication and transmitting the OTP to the user authentication terminal; And
And transmitting an OTP authentication request signal including the OTP and OTP terminal identification information to the approval server unit.
16. The method of claim 15,
The payment request unit is a service server unit on-line,
After the approval of the payment, the approval server transmits the delivery information to the user authentication terminal when receiving the delivery information, which is one of delivery start and end delivery from the service server unit, and transmits a delivery information confirmation signal, Further comprising a payment acceptance step of accepting a payment for the payment approval received from the user authentication terminal.
20. The method of claim 19,
The payment approval process includes:
A delivery completion notification step of receiving the delivery position information of the commodity corresponding to the payment approval from the service server additional delivery inquiry server and notifying the completion of delivery to the approval server if the delivery position information is one of delivery start and delivery completion;
A delivery completion notification step of transmitting, by the approval server, a delivery completion notification signal including delivery information to the user authentication terminal upon notification of completion of delivery of the payment product through the service server unit;
A delivery position information confirmation step of displaying the delivery completion notification signal upon receipt of the delivery completion notification signal and transmitting a delivery completion confirmation signal upon authentication of the user's delivery position information; And
Wherein the approval server further comprises a payment acceptance step of making a payment acceptance notification of payment settlement approval to the service server unit for payment of the goods upon receipt of a delivery completion confirmation signal from the user authentication terminal Multiple authentication method using password.
21. The method of claim 20,
The shipping position information checking step may include:
A display step of displaying the delivery completion notification signal upon receipt of the user authentication terminal;
An OTP acquiring step of requesting the user authentication terminal to generate an OTP from the user upon approval of the contents of the delivery position information and wirelessly reading and acquiring the OTP generated in the chip on board; And
And an authentication requesting step of transmitting an OTP authentication request signal including the OTP and OTP terminal identification information to the approval server unit as the delivery confirmation signal,
Wherein the approval server performs OTP authentication through the OTP authentication server upon receipt of the OTP authentication request signal in the payment approval step, and performs the payment approval upon successful authentication.
22. The method of claim 21,
The OTP acquiring step includes:
A signature time request step of requesting the user authentication terminal to generate a signature time synchronized with the time of the OTP authentication server with the OTP time server upon approval of the payment contents from the user;
A signature time providing step of receiving a signature time from the OTP time server for the signature time request by the user authentication terminal and transmitting the signature time to the OTP generator of the chip on board;
A signature authentication step in which the OTP generator of the chip-on-board performs authentication by signing the signature time;
An OTP acquisition step of generating the OTP by reflecting the signature time when the OTP generator succeeds the signature time authentication and transmitting the OTP to the user authentication terminal; And
And transmitting an OTP authentication request signal including the OTP and OTP terminal identification information to the approval server unit.
16. The method of claim 15,
The settlement request unit is a POS terminal that is a user transaction terminal of an offline store,
Wherein the force terminal comprises a settlement request for transmitting the settlement request signal including the purchase amount for at least one optional purchase item and the authentication terminal identification information of the user authentication terminal of the user who has purchased the goods to the approval server section The process further includes,
The approval server loads the payment means information previously registered in the authentication terminal identification information included in the payment request signal in the payment approval process and performs the payment approval through the payment unit corresponding to the payment means information Multi-authentication payment method using one-time password feature
24. The method of claim 23,
Further comprising a merchandise transaction information downloading step in which the POS database server provides the merchandise transaction information to the user transaction terminal at a predetermined period and a download request,

Images