KR101720273B1 - A terminal for providing banking services, a method for operating the terminal, a server for providing banking services and a method for operatin the server - Google Patents

Abstract

According to an embodiment of the present invention, an operation method of a terminal for providing banking services comprises: a step of storing a real name confirmation table image for non-face-to-face real name approval of the banking services in a specific area of a memory; a step of managing the photographing time information of the real name confirmation image; and a step of deleting the real name confirmation image in the specific area of the memory when a certain time elapses from a time point when the real name confirmation table image is photographed.

Description

TECHNICAL FIELD [0001] The present invention relates to a terminal for providing a financial service, a method of operating the same, a server for providing a financial service, and a method of operating the same. [0002]

The present invention relates to a terminal for providing financial services and a method of operating the same, a server for providing financial services, and a method of operating the same, and more particularly, to a financial service for providing an Internet financial service A server for providing a financial service, and an operation method thereof.

In general, to open a bank branch and operate it, a specific space must be secured, and a safe box should be provided to store cash inside. A counter terminal, various auxiliary devices, and a communication network for managing and operating them are installed .

In addition, it should be equipped with office assistant to perform various financial services such as coin and bill counter, copier, scanner and various security equipment for safety and security.

As described above, in order to open a bank branch, not only a large space is required but also a high cost is required for installation of various equipments and services. Especially, due to competition with other financial institutions, There is a problem that not only the position preemption but also the cost burden for opening the branch becomes considerable.

To solve these problems, in recent years, along with the development of the IT industry, financial automation devices such as Internet banking and ATM (Automated Teller Machine) using terminals have been developed. As a result, customers visit their own bank Various financial services can be easily processed by using a computer, a portable terminal, or a financial automation device installed nearby.

In addition, through the simplification of such financial services, the Internet Primary Bank is emerging. Internet banking refers to banks that operate most of the banking business through the Internet, electronic media such as CDs and ATMs, without a few branches or branches, and the introduction of Internet banking has been implemented since mid 1990s It is spreading all over the world.

The interest in Internet banking has been stimulated by the development of IT technology and the increasing rate of internet usage, and has been triggered by management innovation and strategic factors such as cost reduction and service differentiation. Since its founding in the United States, SFNB (Security First Network Bank, 1995) has spread to the UK, Japan, EU, Hong Kong and Singapore.

As a result, it is expected that Internet professional banks will be attracting attention in Korea. Recently, there has been a move to reexamine the interpretation and practices of financial reforms that require confirmation of personal identification under the Financial Real Name Act.

However, the non - contact identification method of Internet banking requires a solution to solve or relax the legal constraints of the account opening or the burden of the customer, which poses the problem that there is no clear real name authentication system that can completely replace face - to - face verification.

Therefore, in order to solve the application of the financial real name system, it is necessary to establish a validated system capable of carrying out the real name authentication procedure through the Internet in place of the identity verification process, .

In recent years, there have been proposed methods of submitting a copy of a blindness check, video call, confirming when transferring an access medium, utilizing an existing account, utilizing results of other institutional verification, and verifying a plurality of personal information. However, And the plural methods must be complementary to each other.

In particular, the submission of a copy of the blindness check certificate is essential information required by law for opening an account, and it is basically necessary to enter the above plural methods. Accordingly, the customer must take a procedure by photographing or scanning the ID card to his / her terminal and submit it online, and by checking whether the ID card is authentic in the financial service providing server.

However, although the ID image information transmitted in the above process can be security-processed such as encryption, the ID image temporarily or semi-permanently stored in the volatile storage medium of the customer's terminal can be easily exposed to the outside.

In addition, there is a problem that the ID image can not be protected from access by other applications. For example, when a customer stores an ID image in a photo folder or the like in order to use the ID image for reuse or other authentication, it may be possible to load the ID image in another application.

As described above, the ID image stored in the volatile storage medium of the terminal is often reused for a long time, and thus it is exposed to the outside or used for authentication by others.

Thus, in order to construct a verified non - face authentication system for financial services, there is also a need to solve the above - mentioned problems of disclosure of personal information, reliability reduction, and security problems.

The present invention provides a method for providing an Internet financial service capable of providing a financial service with enhanced personal information protection and memory security of a terminal, an apparatus thereof, and a terminal for providing an Internet financial service It has its purpose.

It is another object of the present invention to provide a verified system capable of reliably performing the real name authentication process even on the Internet in place of the identity verification process which must be confronted directly for a new transaction of an Internet bank.

According to another aspect of the present invention, there is provided a method of operating a terminal for providing a financial service, the method comprising the steps of: Storing; Managing shooting time information of the blindness check identification image; And deleting, in a specific area of the memory, the real name verification proof image when a certain time or more has elapsed from the time at which the real name verification proof image was photographed according to the photographing time information.

According to another aspect of the present invention, there is provided an apparatus for providing a financial service, the apparatus comprising: a memory for storing a real name verification proof image for non-face real name authentication of the financial service; A time information management module for managing shooting time information of the blindness verification image; And a controller for deleting the real name verification proof image from the memory when a predetermined time or more has elapsed from the time the real name verification proof image was photographed according to the photographing time information.

According to another aspect of the present invention, there is provided a method of operating a server for providing a financial service, the method comprising: providing an application including the financial service to a terminal; Receiving a blindness check certificate image corresponding to user information from an application including the financial service; Obtaining shooting time information from the real name verification proof image; And comparing the photographing time information and the current time information, and approving the real name authentication only when the photographing time information is within a predetermined time.

According to another aspect of the present invention, there is provided a server apparatus for providing a financial service, including: a communication unit for providing an application including the financial service to a terminal; And an application including the financial service, receiving the blindness check certificate image corresponding to the user information, acquiring the photographing time information from the real name verification check image, comparing the photographing time information and the current time information, , And a blind date confirmation unit for approving the blind name authentication only when the blind name authentication is performed.

According to another aspect of the present invention, there is provided a computer program for use in a computer readable recording medium storing a computer program for causing a computer to execute the method.

According to an embodiment of the present invention, it is possible to manage a blindness check image and a photographing time information for a non-face real name authentication of the financial service in a separately secured folder or the like, and in accordance with the photographing time information, The image of the real name verification image is deleted from the specific area of the memory, so that the protection of the personal information can be strengthened.

In addition, since the server can approve the real name authentication only when it is within a predetermined time from the current time based on the shooting time information of the real name verification proof image, the server can provide the real name authentication service with enhanced protection and security of personal information .

According to the embodiment of the present invention, it is possible to provide a real name authentication service on a financial service in which personal information protection and security of a terminal are enhanced, Thus, it is possible to build a verified system that can perform the real name authentication process with confidence even through the Internet.

1 is a conceptual diagram schematically showing an overall system according to an embodiment of the present invention.
2 is a block diagram illustrating a financial service providing server according to an embodiment of the present invention.
3 is a block diagram for explaining a terminal according to an embodiment of the present invention in more detail.
4 is a ladder diagram illustrating system operation in accordance with an embodiment of the present invention.
5 is a ladder diagram illustrating system operation according to another embodiment of the present invention.
6 is a flowchart illustrating an operation of a terminal according to an embodiment of the present invention.
7 is a flowchart illustrating an operation of a terminal according to another embodiment of the present invention.
8 to 15 are views illustrating interfaces output through a display according to an operation of a terminal according to an embodiment of the present invention.

The following merely illustrates the principles of the invention. Thus, those skilled in the art will be able to devise various apparatuses which, although not explicitly described or shown herein, embody the principles of the invention and are included in the concept and scope of the invention. Furthermore, all of the conditional terms and embodiments listed herein are, in principle, only intended for the purpose of enabling understanding of the concepts of the present invention, and are not to be construed as limited to such specifically recited embodiments and conditions do.

It is also to be understood that the detailed description, as well as the principles, aspects and embodiments of the invention, as well as specific embodiments thereof, are intended to cover structural and functional equivalents thereof. It is also to be understood that such equivalents include all elements contemplated to perform the same function irrespective of the currently known equivalents as well as the equivalents to be developed in the future, i.e., the structure.

Thus, it should be understood that all flow diagrams, state transitions, pseudo code, etc. are representative of various processes that may be substantially represented on a computer-readable medium and executed by a computer or processor, whether the computer or processor is explicitly shown .

The functions of the various elements shown in the figures, including the functional blocks depicted in the processor or similar concept, may be provided by use of dedicated hardware as well as hardware capable of executing software in connection with appropriate software. When provided by a processor, the functions may be provided by a single dedicated processor, a single shared processor, or a plurality of individual processors, some of which may be shared.

BRIEF DESCRIPTION OF THE DRAWINGS The above and other objects, features and advantages of the present invention will become more apparent from the following detailed description of the present invention when taken in conjunction with the accompanying drawings, in which: There will be. In the following description, well-known functions or constructions are not described in detail since they would obscure the invention in unnecessary detail.

Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.

First, the terms used in the specification of the present invention will be briefly defined, and then an embodiment of the present invention will be described.

The term " terminal "described in this specification may include a mobile phone, a smart phone, a laptop computer, a digital broadcast terminal, a PDA (Personal Digital Assistants), a PMP (Portable Multimedia Player) The present invention is not limited thereto, and may be various devices capable of user input and information display.

Also, the term " financial service providing server "may mean a server and a device system for processing information related to financial transactions. For example, the financial service provision server may include a bank server for relaying financial accounts, a van server for relaying financial card electronic settlement, a credit card server for processing payment approval for credit card transactions, Various types of servers may be involved. As described above, the financial service providing server may include an Internet bank that operates most of the banking business through the Internet and electronic media such as CD and ATM without a few branches or sales offices. Depending on the specific function, the actual financial transaction function and other additional functions may be separated into separate server types.

1 is a conceptual diagram schematically showing an overall system according to an embodiment of the present invention.

Referring to FIG. 1, an overall system according to an embodiment of the present invention includes a financial service providing server 100, a terminal 200, an authentication server 300, and a financial institution DB 400.

The financial service providing apparatus 100 and the terminal 200 according to the embodiment of the present invention are configured such that a communication module is installed so as to enable a communication network connection to a mobile communication network or an Internet network and are interconnected through a communication network connection.

The financial service providing server 100 is connected to the financial institution DB 400 and the authentication server 300 either wirelessly or wirelessly and communicates with the terminal 200 via the Internet network or mobile communication network, Financial services can be provided. The financial service can be exemplified by various services such as opening a new account on the Internet, issuing a bankbook or a card, transferring money, and requesting a loan.

In addition, the financial service providing server 100 may perform the service process by performing the real name verification according to the operation with the terminal 200 according to the embodiment of the present invention, for the service requiring the real name confirmation in the financial service.

In order to confirm the real name and service of the financial service, the financial service providing server 100 may provide the financial service application to the terminal 200 in advance, and the service providing application, real name authentication and processing And an interface for confirming results can be provided.

For example, the terminal 200 may access an affiliate site on the user's Internet or an open market such as an Android market or an app store, download a financial service application, enter a user's information, It can be downloaded from the web after the authentication process.

At this time, uploading, updating information or other management of the financial service application may be performed in the financial service providing server 300 or in another type of server.

Meanwhile, the terminal 200 performs wireless communication through a general mobile communication network and transmits / receives at least one of various messages such as a Short Message Service (SMS), a Multimedia Messaging Service (MMS) Or a cellular phone. In addition, the terminal 200 may include a personal digital assistant (PDA) that can access the mobile communication network and transmit and receive data to and from an Internet Protocol (IP) network such as the Internet.

The terminal 200 according to the embodiment of the present invention can be connected to the financial service providing server 100 when the financial service application is executed. The terminal 200 may perform various functions related to financial transactions based on the information input on the interface.

In particular, the terminal 200 can perform an account opening application through a financial service application. The terminal 200 can input application information according to user input on the screen and input the real name authentication information to the financial service providing server 100. The financial service providing server 100 receives the real name The authentication information and the application information are received, and it is possible to confirm the real name and check whether the account is opened.

In particular, according to embodiments of the present invention, most of the processing procedures of financial services can be performed based on non-face authentication. In order to ensure reliability, separate authentication information for non-face authentication according to an embodiment of the present invention may be required.

Accordingly, the application information may include user information corresponding to at least one of a name, a resident number, and an address, and the real name authentication information may include one or more authentication information for confirming the user's real name.

In particular, in the case of an Internet professional banking service requiring non-face authentication, the real name authentication information may include information on a plurality of authentication means. Accordingly, the authentication information may include, for example, a blindness check image (front and back) such as a user's identification card, and may include image information of a user's face, real name verification affiliation information, And may further include one or more of the other account information for the account. Here, the blindness identification certificate may mean a certificate issued by the certification authority in response to the user's real name, for example, a resident registration card, a driver's license or a passport.

Then, the financial service providing server 100 can communicate with the authentication server 300 and the financial institution DB 400 according to the authentication information, and process the real name authentication confirmation by merging the respective methods.

More specifically, when the blindness check certificate image is received from the terminal 200, the financial service providing server 100 delivers the image to the authentication server 300 and receives a response thereto to determine whether the real name verification check image is authentic Can be confirmed. In this case, the authentication server 300 may be an issuing organization of the blindness certificate image or a server connected thereto.

Further, for example, the financial service providing server 100 may further receive image information from which the face of the user is photographed from the terminal 200. [ In this case, the image information may include a video call image captured by the user in real time or within a predetermined time. At this time, the financial service providing server 100 may process the real name verification according to a comparison between the received image information and the face image of the blindness check. The financial service providing server 100 may be provided with a face recognition system to check whether the face images are matched or not, and display the image information and the blindness verification image so that the manager can directly input the verification result.

Meanwhile, when the affiliated organization information is received from the terminal 200, the financial service providing server 100 may request the blindness confirmation certificate to the blindness verification affiliate through the authentication server 300. [ In this case, a copy of the blindness check certificate may be received from the authentication server 300.

When the account information is received from the terminal 200, the financial service providing server 100 can confirm whether an account opened through another financial institution exists in response to the user information through the financial institution DB 400 . The financial service providing server 100 can request a deposit and withdrawal transaction with an account opened in another financial institution. When the transaction is completed, the financial service providing server 100 can complete the user's real name authentication.

As the real name authentication is completed, the financial service providing server 100 can provide the approval result information to the terminal 200. [

According to the embodiment of the present invention, the terminal 200 can perform personal information protection and security processing on the blindness check image stored in the memory. The security processing may be executed according to the above-described financial service application or the OS itself of the terminal 200. [

In order to protect personal information, the terminal 200 stores a real name verification check image for non-face real name verification of the financial service in a specific area of the memory, manages the photographing time information of the real name verification check image, According to the time information, when the real name verification proof image has been taken a predetermined time or more from the time when the image was taken, the real name verification proof image can be deleted from the specific area of the memory.

Here, the specific area may be a separate secured folder. For security processing, the terminal 200 searches the image information stored in the memory and identifies the real name verification proof image for non-face real name authentication of the user's financial service from the image information, Monitoring the access information corresponding to the folder and the access information corresponding to the identified blindness check identification image, and checking whether an external access other than the application for non-face real name authentication of the financial service is confirmed from the access information , It may require additional authentication for provision of the blindness check image.

Here, the additional authentication may include authentication of at least one of a password for biometric authentication or biometric information, and the biometric information may include at least one of fingerprint information, iris information, grammar information, vein information, and DNA information . In this specification, fingerprint information is described as an example of biometric information, but the biometric information of the present invention is not limited thereto and may include other biometric information or a combination of biometric information.

The specific configuration and operation of the terminal 200 will be described later.

2 is a block diagram illustrating a financial service providing server according to an embodiment of the present invention.

2, the financial service providing server 100 according to the embodiment of the present invention includes a communication unit 120, a financial service providing unit 130, a real name confirmation unit 140, an application management unit 150, a storage unit 160 and an output unit 170.

The controller 110 generally controls the operation of each component and the execution of the functions to provide financial services of the financial service providing apparatus 100. For example, the control unit 110 may be implemented as a processor for controlling all or a part of financial service application provision, real name verification, authentication information output, and financial service provision functions or a program for executing the functions.

The communication unit 120 enables wireless communication between the financial service providing apparatus 100 and a wireless communication system including a mobile communication network or the Internet network or between a network where the financial service providing apparatus 100 and the terminal 200 are located One or more communication modules. The communication unit 120 may include a modem for encoding and modulating the transmitted signal, demodulating and decoding the received signal, and an RF front end for processing the RF signal.

On the other hand, the financial service providing unit 130 performs a process necessary for providing financial services corresponding to the application information, based on the application information of the user received from the terminal 200. The financial service providing unit 130 can perform a process of opening a financial account by communicating with the financial institution DB 400 through the communication unit 120, for example, in response to a user's request for opening an account. The financial service providing unit 130 may perform the account transfer processing according to the user's account transfer request. In addition, the financial service providing unit 130 may check the availability of the loan according to the user's request for loan, and may perform the process of lending to the account of the user, if possible.

In particular, when the financial service provider 130 needs confirmation of the real name of the user, such as lending or opening an account, it transmits the authentication information received from the terminal 200 to the real name confirmation unit 140 to confirm whether or not the real name is authenticated, Only when the authentication is completed, the processing for providing the financial service can be performed.

Accordingly, the real name verification unit 140 can perform the real name verification process based on the authentication information received from the terminal 200 through the communication unit 120. [

As described above, the authentication information for real name verification may include a plurality of authentication means. The plurality of authentication means may include at least two or more of, for example, a blindness certificate image, image information, affiliation information, or other account information.

The real name confirmation unit 140 checks whether or not the real name authentication is performed in cooperation with the authentication server 300 and the financial institution DB 400 through the communication unit 120 and transmits the result to the financial service provider 130 have.

More specifically, the real name verification unit 140 directly confirms the authenticity of the real name verification proof image included in the authentication information, extracts the characteristic information, transmits it to the authentication server 300, And confirms the authenticity of the real name verification proof image.

Particularly, in the embodiment of the present invention, the blindness verifying unit 140 obtains the photographing time information from the blindness check certificate image, compares the photographing time information and the current time information, can do.

In addition, the obtained photographing time information may be encrypted through the application in the terminal. Therefore, the real name verification unit 140 indexes the decryption key issued in advance corresponding to the application, decrypts the photographing time information, and based on the decrypted photographing time information, only when the photographing time is less than a predetermined time The real name authentication can be approved. This makes it possible to increase the reliability of the real name authentication.

If the time has elapsed, the terminal 200 may be automatically deleted through the application, but it may have been transmitted. Therefore, the real name confirmation unit 140 may notify the terminal 200 of a warning message such as failure or hacking And can perform processing corresponding thereto.

Then, the real name verification unit 140 first extracts the photographing time information from the blindness check certificate image, and performs scanning when the photographing time is within a predetermined time. Then, the real name confirmation unit 140 extracts face image information from the ID image of the front face of the image by scanning the image, and extracts the text information (name, resident registration number, address, issue date, issuing agency) by the OCR method. Also, the real name confirmation unit 140 can extract the fingerprint image from the backside image information of the ID card, and transmit the extracted face image information, fingerprint image information, and text information to the authentication server 300 through the communication unit 120 Registration and inquiry system to verify authenticity.

If the authentication information further includes image information of the user's face, the real name confirmation unit 140 may process the real name verification based on the verification between the received image information and the face image information of the blindness check . The real name confirmation unit 140 is provided with a face recognition system to check whether or not the feature information extracted from the face image is consistent, and outputs the image information and the real name verification proof image through the output unit 170, . The feature information may include, for example, facial feature information of the user. The facial feature information includes, for example, facial contour information, mouth pattern information, eye pattern information, nose pattern information, pupil pattern information, ear pattern information extracted from each part in accordance with a mask and a scaling operation of a video image with respect to the face area And may include at least one.

In addition, when the user's video call information is included in the authentication information for non-face authentication, the real name verification unit 140 may output the video information and the voice information identified from the video call information through the output unit 170 . To this end, the output 170 may include one or more display modules for video and audio output and a voice output module.

On the other hand, when the affiliated organization information is received from the terminal 200, the real name confirmation unit 140 may request the real name verification certificate to the affiliated agency through the communication unit 120. [ In this case, a copy of the blindness certificate may be received from the partner organization. In this case, the authentication server 300 may correspond to an affiliate agency server.

When the account information is received from the terminal 200, the real name confirmation unit 140 accesses the financial institution DB 400 through the communication unit 120, and in response to the user information included in the application information, You can check whether the account opened through the agency exists. The real name confirmation unit 140 may request the deposit and withdrawal transaction with the account opened in another financial institution. When the transaction is completed, the real name confirmation unit 140 completes the real name authentication of the user, To the providing unit 130.

Upon completion of the real name authentication of the real name verification unit 140 as described above, the financial service provider 130 completes the procedure necessary for providing the financial service and transmits the approval result information to the terminal 200 ).

Meanwhile, the application management unit 150 may generate an application for providing a financial service and deliver it to the terminal 200 through the communication unit 120. [ For example, the application management unit 150 can access an affiliate site on the Internet or an open market such as an Android market or an app store, upload a financial service application, and manage update information.

Meanwhile, the storage unit 160 may store information to be processed in each component and a financial service application. The storage unit 160 may be implemented as a random access memory (RAM), a flash memory, a ROM (Read Only Memory), an EPROM (Erasable Programmable ROM), an EEPROM (Electronically Erasable and Programmable ROM) Or the like, as well as a detachable type storage device such as a USB memory.

3 is a block diagram for explaining a terminal according to an embodiment of the present invention in more detail.

3, a terminal 200 according to an embodiment of the present invention includes a control unit 210, a communication unit 220, a memory 230, a financial service processing unit 240, an input unit 250, a display unit 260, And a voice output unit 270.

The communication unit 220 includes at least one module that enables wireless communication between the terminal 200 and the financial service providing apparatus 100 or a network in which the terminal 200 and the financial service providing apparatus 100 are located .

The communication unit 220 includes a wired / wireless communication module for wirelessly or wiredly communicating with a local area network (LAN) and an Internet network, a USB interface module for communicating via a USB (Universal Serial Bus) (Short-range wireless communication module) that performs a communication function according to the 3GPP (3rd Generation Partnership Project), LTE (Long Term Evolution), NFC (Near Field Communication), Wi- And a communication module for communicating with the communication network.

On the other hand, the input unit 250 receives a user input for operating the terminal 200. In particular, the input unit 250 may receive a user input for executing a financial service application interface, and the user inputs application information and authentication information for applying for a financial service to the input unit 250 through an operation corresponding to the interface .

Here, the input unit 250 may include various types of buttons, a touch sensor that receives a touch input to the display unit 260, a proximity sensor that receives motion that is not directly connected to the surface of the display unit 260, And a microphone for receiving the microphone. However, the present invention is not limited thereto and may be implemented in any form capable of receiving user input.

The financial service processing unit 240 processes an application operation for providing a financial service. The financial service processing unit 240 can perform processing of application information for providing a financial service, confirmation of authentication information, encryption, and communication between the financial service providing apparatuses 100 through the communication unit 220.

In particular, the financial service processing unit 240 may display, through the display unit 260, an interface for receiving user information for providing the financial service through the input unit 250.

In addition, the financial service processing unit 240 may receive a user input corresponding to the authentication information through the input unit 250. [ In particular, the financial service processing unit 240 may photograph the blindness check through the camera 281 or load the blindness check image stored in the memory 230 according to user input.

In addition, the financial service processing unit 240 may receive the image information of the user as well as the real name verification proof image through the camera 281 in response to the user information. In this case, the financial service processing unit 240 may process the image information or the video call information of the user to perform the real name verification. To this end, the financial service processing unit 240 transmits the user information, the image information, and the blindness check image to the financial service providing server 100 through the secure channel using the communication unit 220, Face real name authentication completion message from the financial service providing server 100 in response to the transmission of the image information and the real name verification proof image.

Meanwhile, the financial service processing unit 240 may store in the memory 230 an image of the real name verification proof for the non-face real name authentication of the financial service. In addition, the real name verification proof image can be generated and stored not only in the financial service processing unit 240 but also by other external applications, and thus needs to be secured. Accordingly, the financial service processing unit 240 can manage the image and related information corresponding to the blindness check for non-face real name authentication.

To this end, the financial service processing unit 240 includes an image identification module 241, a monitoring module 242, an authentication module 243 and a time information management module 244, Personal information protection, and secure processing and management corresponding to the personal information.

The image identification module 241 searches for image information stored in the memory and identifies the blindness check image for non-face real name authentication of the user's financial service from the image information. Here, the blindness verification image may be an image captured and stored through the camera 281, and generally, the photographing time information may be stored together with the metadata of the image file.

More specifically, the image identification module 241 detects the degree of similarity between the image information stored in the memory 230 and the blindness certificate sample image, and determines the blindness verification certificate image when the degree of similarity is equal to or greater than a predetermined value. Information can be stored and managed separately. In addition, the time information management module 244 can separately manage shooting time information of the metadata corresponding to the blindness verification proof image.

In addition, the image identification module 241 determines whether the feature information of the face image, the text information (name, resident registration number, address, issuance date, issuing agency) is extracted from the image determined as the real name verification proof image or the fingerprint information is extracted And can more clearly discriminate whether or not the image is a blindness verification image.

In addition, in one embodiment, the control unit 210 can perform folder movement and time information management of the identified blindness check image in cooperation with the financial service processing unit 240 and the time information management module 244. [ For example, the control unit 210 may move the real name verification proof image to a separate secured folder.

The control unit 210 monitors the access information corresponding to the folder including the identified blindness check image through the monitoring module 242.

In particular, the monitoring module 242 may reside in the BACKGROUND memory and monitor the access information corresponding to the blindness verification image even when the financial service application is not operating in the foreground.

Therefore, the monitoring module 242 can check whether or not another external application accesses the real name verification check image file and folder from the information processed in the control unit 210, based on the related information. The external application may be, for example, an image editing application, a file management application, or an image sharing application.

To this end, the monitoring module 242 periodically checks the operation information of another external application on the OS processed by the control unit 210, and monitors the access information including the request for the file path corresponding to the real name verification proof image can do.

Then, the authentication module 243 requests additional authentication for providing the blindness check certificate image if unauthenticated external access other than the application for the non-face real name authentication of the financial service is confirmed from the access information.

The authentication module 243 may request the additional authentication and block the folder access to the external application and the provision of the blindness check image. The authentication module 243 displays an additional authentication request message through the display unit 250 and can provide folder access and images to the external application only when the additional authentication of the user is completed.

Meanwhile, the time information management module 244 may manage the real name verification proof image based on the photographing time information under the control of the control unit 210. [ As described above, the control unit 210 can perform the process of deleting the real name verification proof image when the photographing time of the real name verification proof image has elapsed more than a predetermined time based on the photographing time information, The management module 244 periodically identifies the photographing time information of each of the blindness check certificate images and provides the information to the controller 210.

The time information management module 244 encrypts the photographing time information for security management of the photographing time information and inserts the encrypted photographing time information into the metadata corresponding to the photographing time information of the real- can do. Accordingly, the real-name verification image in the state where the encrypted photographing time information is inserted as the metadata can be transmitted to the financial service providing server 100. Accordingly, not only the security of the terminal 200, It is possible to improve the security in the process and to prevent the operation of time information or the risk of hacking.

Also, the time information management module 244 may receive the encryption key or the decryption key for encryption or decryption from the server providing the financial service through the application. In the periodic check of the photographing time information, the decryption key So that the encrypted photographing time information can be decrypted. To this end, the time information management module 244 may further include a separate encryption unit and a decryption unit.

In this case, the financial service providing server 100 receives the real name verification proof image, and if the encrypted photographing time information is not included or the decrypted photographing time information has elapsed from the current time for a predetermined time, Message to the terminal (200).

In addition, the financial service processing unit 240 may further include an encryption unit and a decryption unit in order to provide and block images for the external application. The encryption unit of the financial service processing unit 240 can encrypt the real name verification image itself with the encryption key if the real name verification proof image is identified from the image information. When the authentication is completed in the authentication module 243, the decryption unit of the financial service processing unit 240 may decrypt the real name verification proof image with the decryption key corresponding to the encryption key.

Accordingly, when the additional authentication of the authentication module 243 is not completed, the encrypted image in which the photographing time information is encrypted can be provided to the external application. If the additional authentication is completed, the decrypted image Or may be provided to the external application.

In addition, the authentication module 243 may comprise one or more physical or software authentication means for further authentication.

For example, the authentication module 243 may include a password authentication unit for software authentication. Accordingly, the user can input the additional authentication password to complete the additional authentication.

In addition, the authentication module 243 may include biometric authentication means for the additional authentication. Accordingly, the biometric information corresponding to the user may be stored in the memory 230 in advance, and the biometric information may include at least one of fingerprint information, iris information, grammar information, DNA information, and vein information.

Meanwhile, the financial service may include an Internet banking account opening service. The image identification module 241, the monitoring module 242, the authentication module 243, and the time information management module 244 may include a non- And the application for non-face real name authentication may be included in a financial service provision application for the Internet banking account opening service.

According to the operations of the financial service processing unit 240, the image identification module 241, the monitoring module 242, the authentication module 243, and the time information management module 244, the real- Can be monitored, managed and protected in real time for a certain period of time. Thereafter, the protection of personal information can be enhanced and the user can be relieved by additional authentication request and encryption / decryption at the time of external access can do.

4 is a ladder diagram illustrating system operation in accordance with an embodiment of the present invention.

Referring to FIG. 4, the financial service providing apparatus 100 provides an application for providing a financial service to the communication unit 220 of the terminal 200 through the application management unit 150 (S101).

The terminal 200 installs an application through the control unit 210 and executes an application for providing a financial service according to an input to the input unit 250 (S103).

Then, the user creates and inputs financial service application information for using the financial service through the input unit 250 of the terminal 200 (S105), and inputs a real name verification certificate for real name authentication (S107).

Here, the input of the blindness check certificate may include an input for bringing in a user's previously stored blindness check certificate image or a new photograph. The control unit 210 controls the camera 281 to display the ID card image.

In step S109, the terminal 200 determines whether the blindness check and application information are normally input through the financial service processing unit 240. If it is confirmed in step S109, the terminal 200 provides a financial service through the secure channel using the communication unit 220 And sends the application information and the proof of real name confirmation to the device 100 (S111).

Then, the financial service providing apparatus 100 performs real name authentication according to communication with the authentication server 300 through the real name confirmation unit 140 (S113). The real name authentication method is as described above. Particularly, the real name verification unit 140 can first determine whether or not to approve based on the image capturing time information included in the real name verification proof image. For example, the real name verification unit 140 can primarily determine whether or not to permit approval based on whether or not the photographing time information included in the blindness check certificate is encrypted and within a predetermined time from the current time.

Thereafter, the financial service providing apparatus 100 transmits an authentication failure message to the terminal 200 through the financial service provider 130 according to the completion of the real name authentication confirmed by the real name confirmation unit 140 (S115) (S117) and communicates with the financial institution DB 400 through the financial service providing unit 130 to process financial services such as account opening based on the application information (S119).

The financial service providing apparatus 100 transmits a financial service processing completion message to the terminal 200 through the financial service providing unit 130 in step S121. The financial service processing unit 240 of the terminal 200, (Step S123).

5 is a ladder diagram illustrating system operation according to another embodiment of the present invention.

5, the financial service providing apparatus 100 first receives an authentication request from a communication unit (not shown) of the terminal 200 through the application management unit 150, 220 to provide an application for providing financial services (S201).

Similarly, the terminal 200 installs an application through the control unit 210 and executes an application for providing a financial service according to an input to the input unit 250 (S203). The user creates and inputs financial service application information for use of financial services through the input unit 250 of the terminal 200 (S105), and inputs a real name verification certificate for real name authentication (S207). In step S219, the terminal 200 checks whether the blindness check and application information are normally input through the financial service processing unit 240.

When the normal input is confirmed, the terminal 200 receives the image information of the user's face through the camera 181 (S211). The input image information is transmitted to the financial service providing apparatus 100 together with the application information and the real name verification proof image through the communication unit 220 (S213).

Here, the image information may include image and audio information for video communication. In the financial service providing apparatus 100, the received image information is outputted through the output unit 170 (S215), the real name confirmation unit 140 (Step S217), based on the output image and sound, image verification with the blindness verification image and real name authentication according to the blindness verification image. Here again, as described above, the blindness verifying unit 140 can primarily determine whether or not to permit approval based on whether or not the photographing time information included in the blindness check certificate is encrypted and within a predetermined time from the current time.

Thereafter, the financial service providing apparatus 100 transmits an authentication failure message to the terminal 200 through the financial service provider 130 according to the completion of the real name authentication confirmed by the real name confirmation unit 140 (S219) (S221), and communicates with the financial institution DB 400 through the financial service providing unit 130 to process financial services such as account opening based on the application information (S223).

The financial service providing apparatus 100 transmits a financial service processing completion message to the terminal 200 through the financial service providing unit 130 at step S225 and the financial service processing unit 240 of the terminal 200 displays, (Step S227). ≪ / RTI >

6 is a flowchart illustrating an operation of a terminal according to an embodiment of the present invention.

6, the terminal 200 according to an exemplary embodiment of the present invention is first stored in the memory via the camera 281 or the interface unit (not shown) or the communication unit 220 through the image identification module 241 Image information is searched (S301).

Then, the terminal 200 extracts the blindness check identification information from the image information through the image identification module 241 (S303), and determines whether the blindness check certificate is detected (S305).

Here, the blindness identification check identification information may include text information or feature information extracted from image information. Then, the image identification module 241 can check whether or not the blindness verification mark is detected based on the text information or the feature information. For example, when an identification card such as a 'national ID card' is detected in the text information, the image identification module 241 may determine that the blindness check has been detected.

In addition, the blindness proof image may include an image of the front and back of the identification card. Accordingly, the image identification module 241 may check whether or not the image is a blindness confirmation certificate, if the image is a predetermined value or more, according to the similarity between the image of the front side or the back side of the ID card sample and the stored images.

Thereafter, when the blindness check certificate is detected, the terminal 200 manages the photographing time information of the blindness check certificate through the time information management module 244 (S307). The time information management module 244 may detect time information from the metadata included in the blindness check certificate image and periodically confirm whether or not a predetermined time has elapsed and store the management information.

In addition, the control unit 210 of the terminal 200 may move the detected blindness check image to the secured folder (S308). Then, the terminal 200 monitors the access information corresponding to the folder in which the real name verification proof image is stored through the monitoring module 242 (S307).

When the monitoring module 242 confirms the access information of the external application to the folder (S309), the authentication module 243 outputs a message requesting the additional authentication through the display unit 260 (S311) .

In step S313, the financial service processing unit 240 of the terminal 200 provides a normal image of the blindness check image to the external application in step S315. (S317).

7 is a flowchart illustrating an operation of a terminal according to another embodiment of the present invention.

Referring to FIG. 7, the terminal 200 according to another embodiment of the present invention firstly accesses an image through a camera 281 or an interface unit (not shown) or a communication unit 220 via an image identification module 241 In step S401, the stored image information is retrieved in step S401. In step S403, the identification information is extracted from the image information through the image identification module 241.

Then, the terminal 200 manages shooting time information of the blindness check certificate through the time information management module 244 (S307).

As described above, the time information management module 244 may detect shooting time information from the metadata included in the blindness check certificate image, periodically check whether a preset time has passed, and store the management information.

In addition, the time information management module 244 may calculate the period information in which the blindness check certificate image is valid based on the preset time and the photographing time information, and output the information on the display unit 260. [

Then, the terminal 200 determines whether a predetermined time has passed from the photographing time through the time information management module 244 (S409).

When the predetermined time has elapsed, the terminal 200 deletes the real name verification proof image through the control unit 210, and outputs the corresponding message through the display unit 260.

In addition, since the embodiment of the present invention does not limit the deletion method, the control unit 210 receives the delete input through the user interface for inquiring whether or not to delete the valid period, Only one case can be deleted. In this case, user convenience can be improved.

Then, the terminal 200 updates the management information according to the deletion of the real name verification proof image through the time information management module 244 (S415).

8 to 15 are views illustrating interfaces output through a display according to an operation of a terminal according to an embodiment of the present invention.

FIG. 8 shows an application interface 201 for applying for a financial service through a financial service application according to an embodiment of the present invention.

8, the user can write the financial service application information including the user information through the application interface 201, select the ID input interface 202 at the bottom, input the image of the real name verification proof . As shown in Fig. 8, for example, the ID card input method may be exemplified by a method of directly photographing or calculating the image from an already stored image.

FIG. 9 shows the identification confirmation image photographing interface 203 for directly photographing the identification check. As shown in FIG. 9, the user can sequentially photograph the front face and the rear face of the ID card through the ID verification photographing interface 203.

In addition, shooting time information may be displayed on the identification verification image photographing interface 203, and photographing time information at the time when the user inputs the photographing button may be encrypted and inserted into the metadata of the identification confirmation image.

Also, as shown in FIG. 10, the user can select a previously stored blindness check image through the image selection interface 204. In this case, the terminal 200 may provide the user with a secure folder containing the blindness check image 12 managed by the monitoring module 242 through the image selection interface 204. In particular, the image selection interface 204 may display only the blindness check image that has not elapsed for a certain period of time, and the shooting time information managed by the time information management module 244 may be displayed together.

As shown in FIG. 11, the memory 230 may include an image that has not yet been deleted although a predetermined time has elapsed according to the photographing time information. In this case, the image selection interface 204 can output the non-deleted image in an unselectable state. Further, a message may be output to the image selection interface 204 indicating that the photographing time has been exceeded.

12 to 15 illustrate an interface operation of the terminal 200 when an external application accesses a folder of a blindness check image which is photographed or already stored according to the above process.

12, when the external application interface 205 is displayed for folder search or the like, the monitoring module 242 displays a mask image indicating that the folder in which the blindness check certificate image 12 is stored is a restricted-access folder. The display unit 260 can be controlled to overlay the thumbnail.

13, when the user selects the blindness check image 12, the authentication module 243 can display the message 207 for additional authentication on the external application interface 205 . Further, the message 207 for additional authentication may further include a password or a biometric information authentication method selection menu, so that an additional authentication method according to the user selection can be determined.

Thus, as shown in FIG. 14, when the additional authentication is completed, the normal image of the real name verification image 15 can be displayed on the external application interface 205, and transmission and sharing to other terminals or systems can be performed have.

However, as shown in FIG. 15, when the additional authentication fails, the authentication module 243 of the terminal 200 outputs a message indicating that the folder is an inaccessible folder, or outputs an encrypted real name verification proof image folder or another image 16 ) Can be replaced with an external application, thereby preventing the blindness check image from being provided.

According to this configuration, the management of the blindness check image for non-face authentication, the deletion, the personal information protection and the security process can be performed, and even when the actual financial service application is not executed, It is possible to automatically deal with the access restriction from the application, thereby providing a safer financial service.

The method according to the present invention may be implemented as a program for execution on a computer and stored in a computer-readable recording medium. Examples of the computer-readable recording medium include a ROM, a RAM, a CD- , A floppy disk, an optical data storage device, and the like, and may also be implemented in the form of a carrier wave (for example, transmission over the Internet).

The computer readable recording medium may be distributed over a networked computer system so that computer readable code can be stored and executed in a distributed manner. And, functional programs, codes and code segments for implementing the above method can be easily inferred by programmers of the technical field to which the present invention belongs.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, It should be understood that various modifications may be made by those skilled in the art without departing from the spirit and scope of the present invention.

100: Financial service provider
200: terminal
300: authentication server
400: Financial institution DB

Claims (19)

A method of operating a terminal for providing financial services,
Storing a blindness check image for non-face real name authentication of the financial service in a secured area of the memory;
Encrypting the photographing time information;
Inserting the encrypted photographing time information into photographing time information of the real name verification check image;
Managing shooting time information of the blindness check identification image; And
When the predetermined time corresponding to the validity period for accepting the real name authentication has elapsed from the time at which the real name verification proof image was photographed according to the photographing time information, the real name verification proof image is selectively deleted from the specific area of the memory Outputting a query interface for performing deletion processing when a delete input is received; And
And providing a blindness check image selection interface for non-face real name authentication of the financial service application according to the photographing time information,
Wherein the image selection interface selectively displays only the blindness check image of the image stored in the secured area for a predetermined period of time after the predetermined time has elapsed, Is displayed on the screen of the display unit,
Further comprising transmitting to the server a real-name verification image selected in the image selection interface,
Wherein the server primarily determines whether or not the blind date authentication is approved based on whether or not the photographing time information included in the blindness identification certificate image is encrypted and within the predetermined time from the current time, A server for confirming authenticity of the image of the real name verification image when the information is within the predetermined time
A method of operating a terminal for providing financial services. The method according to claim 1,
Wherein the storing step comprises:
Storing the real name verification proof image in a security folder corresponding to the real name verification proof image,
Further comprising the step of requesting additional authentication for providing the blindness check image when external access other than the application for non-face-real name authentication of the financial service is confirmed in the security folder
A method of operating a terminal for providing financial services. delete The method according to claim 1,
Wherein the managing comprises:
And decrypting the encrypted photographing time information using a decryption key received from a server providing the financial service
A method of operating a terminal for providing financial services. delete The method according to claim 1,
Wherein the managing comprises:
Searching image information stored in the memory;
Identifying the verified proof of identity image from the image information; And
And managing shooting time information corresponding to the identified blindness check certificate image
A method of operating a terminal for providing financial services. The method according to claim 6,
Wherein the managing comprises:
And moving the identified blindness check image to a secured folder corresponding to a specific area of the memory
A method of operating a terminal for providing financial services. The method according to claim 6,
Wherein the identifying step comprises detecting the real name verification evidence image based on textual information extracted from the image information
A method of operating a terminal for providing financial services. The method according to claim 6,
Wherein the identifying step includes the step of detecting the real name verification proof image when the degree of similarity to the real name verification proof sample is greater than or equal to a predetermined value based on the feature information extracted from the image information
A method of operating a terminal for providing financial services. A terminal for providing financial services,
A memory in which a blindness check image for non-face real name authentication of the financial service is stored in a secured area;
A time information management module for managing shooting time information of the blindness verification image; And
A query for selectively deleting the blindness check certificate image from the memory when a predetermined time or more corresponding to the validity period for approval of the blind name authentication has passed from the time when the blindness check certificate image is photographed according to the photographing time information; And a control unit for providing a blindness check image select interface for non-face real name authentication of the financial service application according to the photographing time information,
Wherein the image selection interface selectively displays only the blindness check image of the image stored in the secured area for a predetermined period of time after the predetermined time has elapsed, Is displayed in a state in which it can not be selected by the real name authentication means,
Further comprising an encrypting unit for encrypting the photographing time information,
Wherein the time information management module stores the encrypted shooting time information in shooting time information of metadata of the real name verification token image,
Further comprising a communication unit for transmitting the real-name verification proof image including the encrypted photographing time information to a server providing the financial service,
Wherein the server primarily determines whether or not the blind date authentication is approved based on whether or not the photographing time information included in the blindness identification certificate image is encrypted and within the predetermined time from the current time, A server for confirming authenticity of the image of the real name verification image when the information is within the predetermined time
A terminal for providing financial services. 11. The method of claim 10,
Wherein the memory stores the real name verification proof image in a security folder corresponding to the real name verification proof image,
Further comprising a monitoring module for requesting additional authentication for providing the blindness check image when external access other than the application for non-face-real name authentication of the financial service is confirmed in the security folder
A terminal for providing financial services. delete delete delete 11. The method of claim 10,
A user input unit for receiving user information for providing the financial service;
A camera for obtaining image information and the image of the blindness check image; And
The image forming apparatus according to claim 1, further comprising: a server for transmitting the user name information, the image information and the image of the real name verification image including the photographing time information to a server via a secure channel, Face real name authentication completion message from the server in response to the transmission of the non-face-name real name authentication completion message,
Wherein the time information management module stores the time at which the real name verification check image is photographed as the photographing time information in the memory according to the input through the user input unit
A terminal for providing financial services. A method of operating a server for providing financial services,
Providing an application including the financial service to a terminal;
Receiving a blindness check certificate image corresponding to user information from an application including the financial service;
Obtaining shooting time information from the real name verification proof image; And
Comparing the photographing time information and the current time information, and approving the real name authentication only when the time is within a predetermined time corresponding to an expiration date for approval of the real name authentication;
Wherein the application manages shooting time information of the real name verification image through a memory of the terminal in which a real name verification proof image for non-face real name authentication of the financial service is stored in a secured area, And a step of inserting the blindness check certificate image into the photographing time information of the image of the blindness check image when the image of the blindness check certificate is photographed in accordance with the photographing time information, An application for providing a blindness check image select interface for non-face real name authentication of the financial service application through the terminal according to the photographing time information, Lt;
Wherein the image selection interface selectively displays only the blindness check image of the image stored in the secured area for a predetermined period of time after the predetermined time has elapsed, Is displayed in a state in which it can not be selected by the real name authentication means,
Wherein the granting comprises:
Determining whether the blind date authentication is approved based on whether or not the photographing time information included in the blindness identification certificate image is encrypted and within the predetermined time from the current time; And
Confirming whether or not the real name verification proof image is true or false when the photographing time information decoded from the real name verification proof image is within the predetermined time
A method of operating a server that provides financial services. 17. The method of claim 16,
And the obtained photographing time information is encrypted in the application through the application
A method of operating a server that provides financial services. 1. A server apparatus for providing financial services,
A communication unit for providing an application including the financial service to a terminal; And
Receiving a blindness check certificate image corresponding to user information from an application including the financial service, acquiring photographing time information from the real name verification check image, comparing the photographing time information and current time information, Only a blindness confirmation unit that approves the blindness authentication,
Wherein the application manages shooting time information of the real name verification image through a memory of the terminal in which a real name verification proof image for non-face real name authentication of the financial service is stored in a secured area, And a step of inserting the blindness check certificate image into the photographing time information of the image of the blindness check image when the image of the blindness check certificate is photographed in accordance with the photographing time information, An application for providing a blindness check image select interface for non-face real name authentication of the financial service application through the terminal according to the photographing time information, Lt;
Wherein the image selection interface displays only the blindness check image of the image stored in the secured specific area that does not pass the predetermined time elapses so as to be selectable, Is displayed in a non-selectable state as the real name authentication means,
Wherein the real name confirmation unit primarily determines whether or not the blind date authentication is approved based on whether or not the photographing time information included in the blindness identification image is encrypted and within a predetermined time from the current time, When the photographing time information is within the predetermined time, it is confirmed whether the real name verification check image is authentic
A server device that provides financial services.

delete

Images