KR20150003022A - Financial transaction method and server performing the same - Google Patents
Financial transaction method and server performing the same Download PDFInfo
- Publication number
- KR20150003022A KR20150003022A KR1020130075682A KR20130075682A KR20150003022A KR 20150003022 A KR20150003022 A KR 20150003022A KR 1020130075682 A KR1020130075682 A KR 1020130075682A KR 20130075682 A KR20130075682 A KR 20130075682A KR 20150003022 A KR20150003022 A KR 20150003022A
- Authority
- KR
- South Korea
- Prior art keywords
- user
- financial
- security
- authentication
- financial transaction
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/02—Banking, e.g. interest calculation or account maintenance
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Technology Law (AREA)
- General Business, Economics & Management (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
A financial transaction method executed in a financial service server connected to a terminal of a user according to an embodiment of the present invention includes receiving a transaction request for a financial transaction from a user logged in the financial transaction server, 1 authenticating the user through the financial authentication means, authenticating the user through the second financial authentication means if the authentication is successful, and processing the financial transaction requested by the user if the authentication is successful do. Therefore, in the process of processing a financial transaction according to a user's request, only when a user who has logged in to a financial company server is authenticated through a plurality of financial authentication means, a financial transaction is processed to enhance security, thereby preventing damage to the electronic financial fraud And can provide a secure electronic financial environment to the customer.
Description
Embodiments of the present invention relate to a financial transaction method and a server for executing the method.
Recently, electronic banking transactions using internet banking and smart banking are widely used. These electronic financial transactions are caused by illegal alteration of data between the financial institution and the customer. For example, when a user transfers money by using a computer, input data should not be changed during transmission and reception after input, but data input by a user due to illegal acts such as hacking may be replaced with a different amount from another account number . Illegal tampering with such data causes serious financial accidents.
In order to prevent such unauthorized data change, a cryptographic technique for digitally signing data transmitted through a certificate or the like is used. However, in a case where data is illegally A hack may occur.
Therefore, a preventive method for preventing illegal change of data between the input of data and the signature is indispensable.
On the other hand, phishing refers to a fraudulent method of illegally using personal information such as personal identification number, credit card number, and account information by disguising as an e-mail sent from a website or a financial institution. Pharming steals personal information after stealing user's legally owned domain or by inducing users to mistake the domain name system (DNS) or proxy server address for false access New computer crime.
Pharming is a new Internet fraud method that follows phishing. In a broader sense, it is a type of phishing that has evolved a step further than phishing. The difference is that phishing masquerades as an email sent from a website such as a financial institution to induce a user to access and then extracts personal information, whereas pharming is a method of stealing a domain It is a technique.
In the case of phishing, the user can be aware of it carefully, but in the case of pharming, even if the user carefully looks at the domain address or the URL address, it is easy to falter. Therefore, users are more likely to be victimized than phishing methods by knowing only the site they use all the time and accessing without any suspicion, easily revealing their personal ID (ID), password and financial information.
In order to prevent damage caused by pharming, it is necessary to strengthen the security of the browser, to provide a device for blocking the camouflage technique that can deceive the website, and to make sure that the site is authentic by using digital signatures . Also, you should check your DNS operation method and domain registration from time to time.
However, there is no method for preventing phishing and pharming in the past, so phishing and pharming accidents due to malicious e-mail and web sites occur, resulting in leakage of personal information and financial damage of users.
In the process of processing a financial transaction according to a user's request, only when a user who has logged in to a financial company server is authenticated through a plurality of financial authentication means, the security is enhanced by processing the financial transaction to prevent damage to the electronic financial fraud A financial transaction method capable of providing a secure electronic financial environment to a customer and a server for executing the method.
The problems to be solved by the present invention are not limited to the above-mentioned problem (s), and another problem (s) not mentioned can be clearly understood by those skilled in the art from the following description.
In a preferred embodiment of the present invention, a financial transaction method executed by a financial service server connected to a user terminal includes receiving a transaction request for a financial transaction from a user logged in to the financial service server, Authenticating the user via the second financial authentication means if the authentication is successful, and processing the financial transaction requested by the user according to the authentication result.
In an embodiment, a financial service server connected to a user terminal may receive a transaction request for a financial transaction from a user who is logged in to the financial service server, and receive a transaction request from the user in accordance with the authentication result of the user, And a user authentication unit for authenticating the user through the first financial authentication unit in the process of processing the financial transaction and authenticating the user through the second financial authentication unit if the authentication is successful.
The details of other embodiments are included in the detailed description and the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS The advantages and / or features of the present invention, and how to accomplish them, will become apparent with reference to the embodiments described in detail below with reference to the accompanying drawings. It should be understood, however, that the invention is not limited to the disclosed embodiments, but is capable of many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, To fully disclose the scope of the invention to those skilled in the art, and the invention is only defined by the scope of the claims. Like reference numerals refer to like elements throughout the specification.
According to the present invention, in a process of processing a financial transaction according to a user's request, only when a user who has logged in to a financial company server is authenticated through a plurality of financial authentication means, And can provide a secure electronic financial environment to the customer.
1 is a network configuration diagram illustrating a financial transaction system according to an embodiment of the present invention.
2 is a block diagram illustrating a financial company server according to an embodiment of the present invention.
3 is a flowchart illustrating an embodiment of a financial transaction method according to the present invention.
4 is a flowchart illustrating another embodiment of a financial transaction method according to the present invention.
5 is a reference diagram for explaining the execution process of FIG.
FIG. 6 is a flowchart illustrating another embodiment of a financial transaction method according to the present invention.
7 is a reference diagram for explaining the execution process of FIG.
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
As used herein, the term " first financial authentication means " is a means by which a user who is logged in to a financial company server primarily authenticates a user for security enhancement during financial transactions. For example, There is a security code that contains information and is inserted into the security card.
As used herein, the term " second financial authentication means " is a means for secondarily authenticating an authenticated user, and includes at least one of, for example, a certificate for user authentication, a security pattern, and fingerprint recognition .
1 is a network configuration diagram illustrating a financial transaction system according to an embodiment of the present invention.
Referring to FIG. 1, a financial transaction system includes a
The
The
In FIG. 1, the
The
According to an embodiment, a
2 is a block diagram illustrating a financial company server according to an embodiment of the present invention.
2, the
The
In one embodiment, if the login information of the user is the same as the login information of the user, the
In another embodiment, if the login information of the user is not the same as the login information of the user, the
The
The security
The security
That is, the security pattern may be a temporary touch on the
In one embodiment, the security
In another embodiment, the security
The security
In one embodiment, the security
In another embodiment, the security
The security
The security
In one embodiment, the security
In another embodiment, the security
When the issuance of the security card is completed, the security
The security
In one embodiment, when the security card number is input from the user, the security
In another embodiment, the security
The security
In one embodiment, the security
In another embodiment, the security
The
The
In one embodiment, the
In another embodiment, the
The financial
The
3 is a flowchart illustrating an embodiment of a financial transaction method according to the present invention. An embodiment disclosed in FIG. 3 relates to an embodiment in which a financial transaction can be processed when a user is successfully authenticated through a plurality of financial authentication means.
Referring to FIG. 3, the
In step S320, the
In step S330, the
4 is a flowchart illustrating another embodiment of the financial transaction method according to the present invention. 5 is a reference diagram for explaining the execution process of FIG. One embodiment disclosed in FIG. 4 relates to an embodiment in which a user can be primarily authenticated using a first financial authentication means for processing a financial transaction.
Referring to FIG. 4, the
The
If the specific number of the security card received from the user is valid (step S430), the
If the user authentication is successful using the user authentication certificate (step S450), the
6 is a flowchart for explaining another embodiment of the financial transaction method according to the present invention. 7 is a reference diagram for explaining the execution process of FIG. One embodiment disclosed in FIG. 4 relates to an embodiment in which a user can be secondarily authenticated using a second financial authentication means for processing a financial transaction.
Referring to FIG. 6, the
More specifically, the
If the authentication of the user is successful using the security pattern (step S650), the
Embodiments of the present invention include computer readable media including program instructions for performing various computer implemented operations. The computer-readable medium may include program instructions, local data files, local data structures, etc., alone or in combination. The media may be those specially designed and constructed for the present invention or may be those known to those skilled in the computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape, optical recording media such as CD-ROMs and DVDs, magneto-optical media such as floppy disks, and ROMs, And hardware devices specifically configured to store and execute the same program instructions. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like.
While the present invention has been described in connection with what is presently considered to be practical exemplary embodiments, it is to be understood that the invention is not limited to the disclosed embodiments. Therefore, the scope of the present invention should not be limited to the described embodiments, but should be determined by the scope of the appended claims and equivalents thereof.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, Modification is possible. Accordingly, the spirit of the present invention should be understood only in accordance with the following claims, and all equivalents or equivalent variations thereof are included in the scope of the present invention.
100: Financial company server
110: Login manager
120:
121: Security pattern management module
122: Security code management module
123: Certificate management module
130: financial transaction processor
140:
Claims (16)
Receiving a transaction request for a financial transaction from a user logged in to the financial company server;
Authenticating the user through a first financial authentication unit in the course of processing the financial transaction;
Authenticating the user through the second financial authentication means if the authentication is successful; And
And if the authentication is successful, processing the financial transaction requested by the user
Financial transaction method.
The first financial authentication means
And a security code embedded in the security card, the security code including part of the security card and part of the security card,
The second financial authentication means
A certificate for user authentication, a security pattern, and fingerprint recognition.
Financial transaction method.
The security code
A bar code, a Quick Response (QR) code, a unique image generated by the financial company server, and a combination character.
Financial transaction method.
The financial transaction
A credit application, a card usage history inquiry, and a change of a personal information.
Financial transaction method.
The step of authenticating the user via the first financial authentication means
Requesting a user for an input of a specific one of the numbers in the secure card;
Determining whether the corresponding number is valid based on the security card information in the security card database when the number is input from the user; And
And if the corresponding number is valid, succeeding the authentication of the user
Financial transaction method.
The step of successfully authenticating the user
Recognizing the security code inserted into the security card and determining whether the security code exists in the security card database; And
And if the security code is present in the secure card database as a result of the determination, authentication of the user is successful
Financial transaction method.
The step of authenticating the user through the second financial authentication means
Receiving a password of the certificate when the user certificate is selected by the user; And
And if the user authentication certificate selected by the user and the password of the corresponding certificate exist in the certificate database, authentication of the user is successful
Financial transaction method.
The step of successfully authenticating the user
Recognizing a security pattern input on the user terminal and determining whether the security pattern exists in the security pattern database; And
And if the security pattern exists in the security pattern database as a result of the determination, authentication of the user is successful
Financial transaction method.
A financial transaction processing unit for receiving a transaction request for a financial transaction from a user logged into the financial company server and processing a financial transaction requested by the user according to the authentication result of the user; And
And a user authentication unit for authenticating the user through the first financial authentication unit in the course of processing the financial transaction and authenticating the user through the second financial authentication unit if the authentication is successful
Financial transaction server.
The first financial authentication means
And a security code embedded in the security card, the security code including part of the security card and part of the security card,
The second financial authentication means
A certificate for user authentication, a security pattern, and fingerprint recognition.
Financial transaction server.
The security code
A bar code, a Quick Response (QR) code, a unique image generated by the financial company server, and a combination character.
Financial transaction server.
The financial transaction
A credit application, a card usage history inquiry, and a change of a personal information.
Financial transaction server.
The user authentication unit
Requesting a user to input a specific number among the numbers in the secure card, determining whether the corresponding number is valid based on the security card information in the secure card database when the number is input from the user, The authentication of the user is successful.
Financial transaction server.
The user authentication unit
Recognizing the security code embedded in the security card and determining whether or not the security code exists in the security card database, and if the security code exists in the security card database, the authentication of the user is succeeded
Financial transaction server.
The user authentication unit
When the user authentication certificate is selected by the user, receives the password of the corresponding certificate, and if the user authentication certificate selected by the user and the corresponding password exist in the certificate database, the authentication of the user is succeeded
Financial transaction server.
The user authentication unit
Recognizing the security pattern input on the user terminal and determining whether the security pattern exists in the security pattern database, and if the security pattern exists in the security pattern database,
Financial transaction server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020130075682A KR20150003022A (en) | 2013-06-28 | 2013-06-28 | Financial transaction method and server performing the same |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020130075682A KR20150003022A (en) | 2013-06-28 | 2013-06-28 | Financial transaction method and server performing the same |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20150003022A true KR20150003022A (en) | 2015-01-08 |
Family
ID=52475999
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020130075682A KR20150003022A (en) | 2013-06-28 | 2013-06-28 | Financial transaction method and server performing the same |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20150003022A (en) |
-
2013
- 2013-06-28 KR KR1020130075682A patent/KR20150003022A/en not_active Application Discontinuation
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11706212B2 (en) | Method for securing electronic transactions | |
EP1922632B1 (en) | Extended one-time password method and apparatus | |
US11625720B2 (en) | Secure in-line payments for rich internet applications | |
US8661520B2 (en) | Systems and methods for identification and authentication of a user | |
US9426134B2 (en) | Method and systems for the authentication of a user | |
US7548890B2 (en) | Systems and methods for identification and authentication of a user | |
KR102383021B1 (en) | Enhanced security for registration of authentication devices | |
CN106875173B (en) | Method for authenticating transaction | |
CN101751629B (en) | Method and system for authenticating multifactor with changing unique values | |
US20100175136A1 (en) | System and method for security of sensitive information through a network connection | |
EP2095221A2 (en) | Systems and methods for identification and authentication of a user | |
KR101498120B1 (en) | Digital certificate system for cloud-computing environment and method thereof | |
KR20150003022A (en) | Financial transaction method and server performing the same | |
KR20140123251A (en) | Method and system for providing certification of financial service page | |
KR101568374B1 (en) | Mobile loan method and system using mobile digital signature | |
US20220391908A1 (en) | Systems, methods, and non-transitory computer-readable media for authentication and authorization of payment request | |
US20230245125A1 (en) | Identity verification using a virtual credential | |
KR101079740B1 (en) | System for inputting information using terminal and method thereof | |
KR101611665B1 (en) | Method of secure finance transaction and server perfroming the same | |
KR20170072654A (en) | Smart banking apparatus and method for enhanced security | |
KR20160087519A (en) | Authentication method for financial transaction, transaction apparatus, authentication apparatus, and financial transaction system | |
JP2023507568A (en) | System and method for protection against malicious program code injection | |
KR101454280B1 (en) | Secure card with punching card and method thereof | |
KR20160087518A (en) | Authentication method for financial transaction, transaction apparatus, authentication apparatus, and financial transaction system | |
KR20160099766A (en) | Secure payment method, digital system, and payment system thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |