KR101803786B1 - Pos terminal, card reader, system and method for distributing encrypt key thereof - Google Patents
Pos terminal, card reader, system and method for distributing encrypt key thereof Download PDFInfo
- Publication number
- KR101803786B1 KR101803786B1 KR1020150067881A KR20150067881A KR101803786B1 KR 101803786 B1 KR101803786 B1 KR 101803786B1 KR 1020150067881 A KR1020150067881 A KR 1020150067881A KR 20150067881 A KR20150067881 A KR 20150067881A KR 101803786 B1 KR101803786 B1 KR 101803786B1
- Authority
- KR
- South Korea
- Prior art keywords
- key
- van
- server
- encrypted
- authentication
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
- G06Q20/206—Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07G—REGISTERING THE RECEIPT OF CASH, VALUABLES, OR TOKENS
- G07G1/00—Cash registers
- G07G1/12—Cash registers electronically operated
- G07G1/14—Systems including one or more distant stations co-operating with a central processing unit
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Abstract
A POS terminal device, a card reader module, a cryptographic key distribution system using the same, and a method thereof are disclosed. The encryption system includes a VAN server for providing a public key for authentication, a private key for authentication corresponding to a public key for authentication, and a cryptographic key for encrypting card information; A key distribution server storing an authentication public key provided from one or more VAN servers; Card reader module; And the VAN code information to the key distribution server, receives the authentication public key of the VAN server corresponding to the transmitted VAN code information from the key distribution server, and transmits the authentication public key to the card reader module, and uses the authentication public key of the VAN server And a POS terminal that receives an encryption key from the VAN server and transmits the encryption key to the card reader module.
Description
The present invention relates to a cryptographic key distribution system and a method thereof, and more particularly, to a cryptographic key distribution system and a method thereof capable of improving a processing speed and a transmission rate while minimizing the threat of hacking when encrypting and transmitting card information will be.
As card settlement becomes generalized, it is practically difficult to provide each terminal connected to each credit card in the position of a card merchant, so the settlement proxy server is used. The Value Added Network (VAN) server performs various roles, but typically receives the payment request from the merchant, transmits the request to the credit card company, receives the result of approval / inquiry, and transmits the result to the merchant do.
1 is a block diagram showing a general payment system.
1, the general payment system includes a POS (point of sale)
The
In general, the
Although not specifically described in the present invention, the
In addition, the
The
The
However, as described above, the
The
As a background art of the present invention, it is disclosed in "POS System and Card Information Encryption Payment Method Using It" of Korean Registered Patent Publication No. 10-1449644 (public announcement date: Oct. 15, 2014).
SUMMARY OF THE INVENTION The present invention has been made in order to solve the above-mentioned problems, and it is an object of the present invention to provide a cryptographic key distribution system capable of minimizing the threat of hacking when encrypting and transmitting card information, A key distribution system and a method thereof.
The POS terminal device according to an aspect of the present invention is connected to a card reader module and transmits VAN code information to a key distribution server and transmits a public key for authentication of a VAN server corresponding to the transmitted VAN code information to the key distribution server Receives the encryption key from the VAN server using the authentication public key of the VAN server and transmits the encryption key to the card reader module, and transmits the card information encrypted with the encryption key to the card reader module Lt; / RTI >
A card reader module according to an aspect of the present invention is connected to a POS terminal device and receives a public key for authentication of a VAN server corresponding to code information of a VAN to be used from the key distribution server through the POS terminal device, Receives the encryption key from the VAN server through the POS terminal device using the public key for authentication of the received VAN server, encrypts the read card information with the received encryption key, and transmits the encrypted card information to the POS terminal device.
A cryptographic key distribution system according to an aspect of the present invention includes: a VAN server for providing a public key for authentication, a private key for authentication corresponding to the public key for authentication, and a cryptographic key for encrypting card information; A key distribution server storing an authentication public key provided from at least one of the VAN servers; Card reader module; And transmits the VAN code information to the key distribution server, receives a public key for authentication of the VAN server corresponding to the transmitted VAN code information from the key distribution server, and transmits the authentication public key to the card reader module, And a POS terminal for receiving the encryption key from the VAN server using the public key for transmission to the card reader module.
According to an aspect of the present invention, there is provided a method for distributing cryptographic keys, the method comprising: transmitting VAN code information to a key distribution server, the POS terminal device being connected to a card reader module; Receiving a public key for authentication of the VAN server corresponding to the transmitted VAN code information from the key distribution server; Transmitting a public key for authentication of the VAN server received from the key distribution server to the card reader module; Receiving an encryption key for encrypting card information from the VAN server using a public key for authentication of the VAN server; And transmitting the encryption key received from the VAN server to the card reader module.
A cipher key distribution method according to another aspect of the present invention is a method for distributing cipher keys in a card reader module that is connected to a POS terminal device and includes a public key for authentication of a VAN server corresponding to code information of a VAN to be used, Receiving from the key distribution server through the key distribution server; Receiving an encryption key for encrypting card information from the VAN server via the POS terminal device using the public key for authentication of the received VAN server; And storing the received encryption key.
Meanwhile, the cipher key distribution method may be implemented by a computer-readable recording medium on which a program for execution by a computer is recorded.
The cryptographic key distribution system and method according to the present invention are characterized by receiving the authentication public key of the VAN server corresponding to the code information of the VAN to be used from the key distribution server and using the authentication public key of the VAN server received from the key distribution server By receiving the encryption key for encrypting the card information from the VAN server, the processing speed and transmission speed can be improved while minimizing the threat of hacking.
1 is a block diagram showing a general payment system.
2 is a block diagram illustrating an encryption key distribution system according to an embodiment of the present invention.
3 is a flowchart illustrating an encryption key distribution method according to an embodiment of the present invention.
Hereinafter, an encryption key distribution system and method according to the present invention will be described with reference to the accompanying drawings. In this process, the thicknesses of the lines and the sizes of the components shown in the drawings may be exaggerated for clarity and convenience of explanation. In addition, the terms described below are defined in consideration of the functions of the present invention, which may vary depending on the intention or custom of the user, the operator. Therefore, definitions of these terms should be made based on the contents throughout this specification.
2 is a block diagram illustrating an encryption key distribution system according to an embodiment of the present invention.
2, the cryptographic key distribution system according to an embodiment of the present invention includes a
In this embodiment, the
The
As shown in FIG. 2, the
The
Since the
The
The public key for authentication of the VAN
The
The
The
Here, the symmetric encryption key is a cryptographic key used for encryption and decryption of card information in the VAN
The symmetric cryptographic key has an advantage that the processing speed and the transmission speed in the
In this embodiment, the encryption algorithm using the same symmetric encryption key is used for encryption and decryption in the VAN
Therefore, in the present embodiment, since both the symmetric encryption algorithm and the asymmetric encryption algorithm are used, it is practically impossible to attempt to hack it from the outside without understanding the entire encryption process. In addition, since the card information is encrypted in the
As described above, according to the cipher key distribution system according to the embodiment of the present invention, in order to distribute the symmetric cipher key of the VAN server, the key distribution server distributes the public key for authentication of the VAN server with the distribution private key, In order to allow the module to encrypt and receive symmetric cryptographic keys directly from the VAN server through the public and random keys for authentication, it is possible to minimize the threat of hacking and to improve the processing speed and transmission speed by using symmetric cryptographic keys do.
3 is a flowchart illustrating an encryption key distribution method according to an embodiment of the present invention.
3, in the cipher key distribution method according to an embodiment of the present invention, the
In this embodiment, the
Then, the
Then, the
In this way, the
The public key for authentication of the
The
Then, the
The
According to another embodiment of the present invention, similarly to the encryption key transfer method between the
The
After the random key is encrypted using the authentication public key of the
The
In the
Here, the symmetric encryption key is a cryptographic key used for encryption and decryption of card information in the
The
The
The symmetric cryptographic key has an advantage that the processing speed and the transmission speed in the
In this embodiment, the encryption algorithm using the same symmetric encryption key is used for encryption and decryption in the
As described above, according to the encryption key distribution method according to the embodiment of the present invention, in order to distribute the symmetric encryption key of the VAN server, after distributing the public key for authentication of the VAN server with the distribution private key at the key distribution server, The module can receive the symmetric encryption key directly from the VAN server through the authentication public key and the random key, thereby minimizing the threat of hacking and improving the processing speed and transmission speed by using the symmetric encryption key .
In the above description, the card reader module receives the symmetric encryption key from the VAN server and encrypts the encryption key. However, the present invention is not limited thereto.
For example, according to another embodiment of the present invention, an asymmetric encryption algorithm of a public key / private key scheme may be used in the card reader module and the VAN server to encrypt card information.
Meanwhile, the cipher key distribution method according to various embodiments of the present invention described above can be implemented in the form of program code and provided to each server or devices in a state stored in various non-transitory computer readable media. have.
A non-transitory readable medium is a medium that stores data for a short period of time, such as a register, cache, memory, etc., but semi-permanently stores data and is readable by the apparatus. In particular, the various applications or programs described above may be stored on non-volatile readable media such as CD, DVD, hard disk, Blu-ray disk, USB, memory card, ROM,
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. I will understand.
Accordingly, the true scope of the present invention should be determined by the following claims.
100: card reader module 200: POS terminal
210: POS module 220: Gateway module
300: VAN server 400: key distribution server
Claims (22)
Receives the arbitrary key encrypted with the distribution private key received from the card reader module, transmits the arbitrary key and the VAN code information encrypted with the distribution private key to the key distribution server, and corresponds to the transmitted VAN code information Receiving a public key for authentication of the VAN server encrypted with the arbitrary key from the key distribution server and transmitting the encrypted public key to the card reader module and transmitting an arbitrary key encrypted using the authentication public key of the VAN server to the VAN server And receives an encryption key for encrypting the card information according to an encryption and decryption algorithm for VAN company card information corresponding to the VAN code information, and transmits the encrypted key to the card reader module And receives the card information encrypted with the encryption key from the card reader module.
A gateway module for performing data transmission and reception with the key distribution server, the VAN server, and the card reader module; And
And a POS module for generating an approval request telegram using the encrypted card information received from the card reader module.
And a public key for distribution stored in the card reader module.
A random key encrypted with a public key for authentication of the VAN server is received from the card reader module and is transmitted to the VAN server, and the random key received from the VAN server encrypted with the random key is transmitted to the card reader module Terminal device.
Wherein the cryptographic key received from the VAN server is a symmetric cryptographic key that is different from the authentication public key method and is also used to decrypt the card information in the VAN server.
The public key for authentication of the VAN server corresponding to the code information of the VAN to be used and encrypted with the arbitrary key is transmitted through the POS terminal device to the POS terminal device, And transmits the decrypted key to the VAN server using the public key for authentication of the decrypted VAN server to the VAN server through the POS terminal device and is encrypted with the arbitrary key from the VAN server, A card receiving encrypted key information for encrypting card information according to an encryption and decryption algorithm for VAN card information corresponding to VAN code information, encrypting the read card information with the received encryption key, and transmitting the encrypted card information to the POS terminal device Reader module.
And a card reader module which is obtained by using a distribution public key stored in the card reader module.
Generating a random key corresponding to the arbitrary key, encrypting the generated random key with a public key for authentication of the VAN server, and transmitting the encrypted random key to the VAN server through the POS terminal device,
Wherein the encryption key received from the VAN server is encrypted with the random key.
Wherein the cryptographic key received from the VAN server is a symmetric cryptographic key that is different from the public key scheme for authentication and is also used to decrypt the card information in the VAN server.
A key distribution server storing an authentication public key provided from at least one of the VAN servers;
Card reader module; And
Receiving a key encrypted with the distribution private key received from the card reader module, transmitting the arbitrary key and VAN code information encrypted with the distribution private key to the key distribution server, and transmitting the key corresponding to the transmitted VAN code information Receiving a public key for authentication of the VAN server encrypted with the arbitrary key from the key distribution server and transmitting the encrypted public key to the card reader module and transmitting an arbitrary key encrypted using the authentication public key of the VAN server to the VAN server And receives an encryption key for encrypting card information according to an encryption and decryption algorithm for VAN's card information corresponding to the VAN code information, and transmits the encrypted key to the card reader module And a cipher key including a POS terminal for receiving card information encrypted with the cipher key from the card reader module Distribution system.
The card reader module and the key distribution server store a public key for distribution and a private key for distribution corresponding to each other,
Wherein the authentication public key of the VAN server is obtained using a public key for distribution stored in the card reader module.
A random key encrypted with a public key for authentication of the VAN server from the POS terminal, decrypting the received random key with a private key for authentication of the VAN server, encrypting the encryption key with the decrypted random key, To the POS terminal.
Wherein the random key is generated in the card reader module.
Wherein the encryption key for encrypting the card information is a symmetric encryption key.
Receiving an arbitrary key encrypted with a distribution private key received from the card reader module;
Transmitting the encrypted arbitrary key and VAN code information to a key distribution server;
Receiving from the key distribution server a public key for authentication of the VAN server corresponding to the transmitted VAN code information and encrypted with the arbitrary key;
Transmitting a public key for authentication of the VAN server encrypted with the arbitrary key received from the key distribution server to the card reader module;
Encrypts the card information according to the encryption and decryption algorithm for the card information of the VAN company, transmits the encrypted card information to the VAN server, encrypts the card information using the public key for authentication of the VAN server, Receiving an encryption key for encrypting the encryption key; And
And transmitting the encryption key encrypted with the arbitrary key received from the VAN server to the card reader module.
Receiving a random key encrypted with a public key for authentication of the VAN server from the card reader module;
Transmitting the encrypted random key received from the card reader module to the VAN server; And
And receiving the encryption key encrypted with the random key from the VAN server.
Wherein the encryption key received from the VAN server is a symmetric encryption key.
Forwarding any key encrypted with the distribution private key to the POS terminal device,
Receiving and decoding the public key for authentication of the VAN server encrypted with the arbitrary key, from the key distribution server through the POS terminal device, the code corresponding to the code information of the VAN to be used; Transmitting the decrypted key to the VAN server using the public key for authentication of the decrypted VAN server using the public key for authentication of the decrypted VAN server through the POS terminal device, Receiving an encryption key encrypted with an arbitrary key and encrypting card information according to an encryption and decryption algorithm for VAN's card information corresponding to the VAN code information; And
And storing the received encryption key.
And a public key for distribution stored in the card reader module.
Generating a random key; And
Further comprising encrypting the generated random key with a public key for authentication of the VAN server and transmitting the encrypted random key to the VAN server through the POS terminal,
Wherein the encryption key received from the VAN server is encrypted with the random key.
Wherein the encryption key received from the VAN server is a symmetric encryption key.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020140179729 | 2014-12-12 | ||
KR20140179729 | 2014-12-12 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020170136591A Division KR101849209B1 (en) | 2017-10-20 | 2017-10-20 | Pos terminal, card reader, system and method for distributing encrypt key thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20160071999A KR20160071999A (en) | 2016-06-22 |
KR101803786B1 true KR101803786B1 (en) | 2017-12-01 |
Family
ID=56365164
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150067881A KR101803786B1 (en) | 2014-12-12 | 2015-05-15 | Pos terminal, card reader, system and method for distributing encrypt key thereof |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101803786B1 (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102036739B1 (en) * | 2017-12-29 | 2019-10-25 | 한국정보통신주식회사 | A server for precessing approvals of payments, a payment terminal apparatus and a method of operating it |
KR102336324B1 (en) * | 2020-01-03 | 2021-12-06 | 고한솔 | System for providing internet of things based saving service using smart money box |
CN113285950B (en) * | 2021-05-21 | 2023-02-24 | 清创网御(合肥)科技有限公司 | Encryption card-based key transmission and storage method |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101449644B1 (en) * | 2013-05-22 | 2014-10-15 | 한국정보통신주식회사 | POS System and Method for Payment using Encrypted Card Information |
-
2015
- 2015-05-15 KR KR1020150067881A patent/KR101803786B1/en active IP Right Grant
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101449644B1 (en) * | 2013-05-22 | 2014-10-15 | 한국정보통신주식회사 | POS System and Method for Payment using Encrypted Card Information |
Also Published As
Publication number | Publication date |
---|---|
KR20160071999A (en) | 2016-06-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11877213B2 (en) | Methods and systems for asset obfuscation | |
EP2695148B1 (en) | Payment system | |
EP3324322B1 (en) | Secure mobile device transactions | |
KR20210061426A (en) | Double-encrypted secret portion allowing assembly of the secret using a subset of the double-encrypted secret portion | |
WO2012136987A1 (en) | Payment system for authorising a transaction between a user device and a terminal | |
KR101449644B1 (en) | POS System and Method for Payment using Encrypted Card Information | |
CN110868291B (en) | Data encryption transmission method, device, system and storage medium | |
CN105046489A (en) | Mobile payment method, mobile payment device and mobile payment | |
CN101140610A (en) | Contents decryption method using DRM card | |
KR101803786B1 (en) | Pos terminal, card reader, system and method for distributing encrypt key thereof | |
KR101401675B1 (en) | System and method for providing public key for encrypting card information | |
CN103973698A (en) | User access right revoking method in cloud storage environment | |
KR20140137223A (en) | System and Method for Payment using Encrypted Card Information | |
KR101517914B1 (en) | Pos system and managing method for public key of the same | |
US9559840B2 (en) | Low-bandwidth time-embargoed content disclosure | |
KR101849209B1 (en) | Pos terminal, card reader, system and method for distributing encrypt key thereof | |
US20200160333A1 (en) | System and method for the protection of consumer financial data utilizing dynamic content shredding | |
US9038194B2 (en) | Client-side encryption in a distributed environment | |
JP4918133B2 (en) | Data storage method, client device, data storage system, and program | |
US20160224979A1 (en) | System and Method for Encryption of Financial Transactions Using One-Time Keys (Transaction Pad Encryption) | |
KR101837144B1 (en) | Method of payment processing and payment processing system performing the same | |
JP7385025B2 (en) | Execution of Entity-Specific Cryptographic Code in a Cryptographic Coprocessor | |
KR101957885B1 (en) | Method of payment processing and security card reader device performing the same | |
US11652630B2 (en) | Managing access to data | |
JP2008306685A (en) | Security information setting system, master terminal thereof, general terminal, and program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E90F | Notification of reason for final refusal | ||
E701 | Decision to grant or registration of patent right | ||
A107 | Divisional application of patent | ||
GRNT | Written decision to grant |