KR20170072654A - Smart banking apparatus and method for enhanced security - Google Patents

Smart banking apparatus and method for enhanced security Download PDF

Info

Publication number
KR20170072654A
KR20170072654A KR1020150181088A KR20150181088A KR20170072654A KR 20170072654 A KR20170072654 A KR 20170072654A KR 1020150181088 A KR1020150181088 A KR 1020150181088A KR 20150181088 A KR20150181088 A KR 20150181088A KR 20170072654 A KR20170072654 A KR 20170072654A
Authority
KR
South Korea
Prior art keywords
information
user
communication device
financial
approval
Prior art date
Application number
KR1020150181088A
Other languages
Korean (ko)
Inventor
최성호
Original Assignee
중소기업은행
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 중소기업은행 filed Critical 중소기업은행
Priority to KR1020150181088A priority Critical patent/KR20170072654A/en
Publication of KR20170072654A publication Critical patent/KR20170072654A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3215Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

An embodiment of the present invention includes a user information receiving step of receiving personal information including a user's ID and password and financial change information requested by the user; A communication device searching step of searching for a communication device including the personal information within a predetermined range from the user terminal if the personal information matches the preset first authentication information; A device storage information receiving step of receiving device storage information stored in the searched communication device from the searched communication device when a communication device including the information is searched; And a financial change acceptance message for permitting a change in the financial state of the user according to the financial change information if the second authentication information inputted from the user or preset is identical to the approval information included in the received device storage information And outputting an approval message for outputting the approval message.

Description

TECHNICAL FIELD The present invention relates to a smart banking apparatus and method,

The present invention relates to a smart banking security enhancing apparatus and method, and more particularly, to a smart banking security enhancing apparatus and a smart banking security enhancing apparatus, Security enhancing apparatus and method thereof.

With the rapid penetration of smartphones, Internet banking, which had become mainstream in the past, evolved into smart banking, a form of further development. As the performance of low-end smartphones has overwhelmed the performance of desktop computers in the past and the usage rate of smart banking is increasing day by day as the smartphone itself shows the optimal setting for using the Internet, There is a problem that smart banking is relatively vulnerable to electronic financial fraud such as phishing and pharming when the smart banking is inevitably involved in a smart banking procedure based on a wireless network.

To prevent accidents caused by exposure of financial information to customers, financial institutions have made various efforts to enhance security by self-authentication by telephone, such as SMS authentication and ARS authentication. Despite such moves, however, organized crimes are continuing, in which malicious code is embedded in the smartphone itself, and illegal authentication is induced by third parties through telephone number forwarding, SMS authentication bypass, ARS authentication bypass, and so on.

In recent years, a method of using an OTP (One Time Password) generator and a security token as a method for enhancing security has been introduced. If these methods are used, a security effect that is stronger than that of the existing technology can be expected , An OTP generator or a USB-type security token must be carried, and there is a risk of loss, and a financial institution often has a problem of requiring a separate issuing cost.

Korean Patent Publication No. 2010-0132782

SUMMARY OF THE INVENTION It is an object of the present invention to provide a smart banking security enhancing device and method for enhancing security by performing simple additional authentication without having to carry a separate device in a smart banking transfer transaction .

According to an aspect of the present invention, there is provided a smart banking security enhancement method including receiving user information including personal information including a user's ID and password and financial change information requested by the user; A communication device searching step of searching for a communication device including the personal information within a predetermined range from the user terminal if the personal information matches the preset first authentication information; A device storage information receiving step of receiving device storage information stored in the searched communication device from the searched communication device when a communication device including the information is searched; And a financial change acceptance message for permitting a change in the financial state of the user according to the financial change information if the second authentication information inputted from the user or preset is identical to the approval information included in the received device storage information And an approval message output step of outputting the approval message.

In the method, the approval message output step may include: a password identification step of determining whether a final approval password is included in the received device storage information; An input request message output step of outputting the input request message through a screen of the user terminal if the received device storage information includes a final approval password; A second authentication information receiving step of receiving the second authentication information inputted by the user corresponding to the input request message; And a message output control step of controlling the output of the financial change acceptance message if the received second authentication information matches the final approval password.

In the method, if the personal information matches the preset first authentication information, the user terminal activates a near field communication (NFC) function to search for a communication device including the personal information , The communication device may be an IC (Integrated Circuit) card for contactless local communication capable of performing noncontact local communication within the predetermined range with the user terminal activated by the noncontact local area communication function.

According to an aspect of the present invention, there is provided a computer-readable recording medium storing a program for causing a computer to execute a method for enhancing smart banking security.

According to another aspect of the present invention, there is provided a smart banking security enhancing apparatus comprising: a user information receiver for receiving personal information including a user's ID and password and financial change information requested by the user; A communication device search unit searching for a communication device including the personal information within a predetermined range from the user terminal if the personal information matches the preset first authentication information; A device storage information receiver for receiving device storage information stored in the searched communication device from the searched communication device when the communication device including the information is searched; And a financial change acceptance message for permitting a change in the financial state of the user according to the financial change information if the second authentication information inputted from the user or preset is identical to the approval information included in the received device storage information And an approval message output unit for outputting the approval message.

In the above apparatus, the approval message output unit may include a password recognition unit for determining whether a final approval password is included in the received device storage information; An input request message output unit for outputting a second authentication information input request message through a screen of the user terminal if the received device storage information includes a final authorization password; A second authentication information receiver for receiving the second authentication information input by the user corresponding to the input request message; And a message output control unit for controlling the output of the financial change acceptance message if the received second authentication information matches the final approval password.

In this apparatus, if the personal information matches the preset first authentication information, the user terminal activates a near field communication (NFC) function to search for a communication device including the personal information , The communication device may be an IC (Integrated Circuit) card for contactless local communication capable of performing noncontact local communication within the predetermined range with the user terminal activated by the noncontact local area communication function.

According to the present invention, by performing a physical authentication step for final approval of smart banking, more enhanced security can be expected than when using smart banking based on the conventional technology. Further, in order to access the information of the portable device necessary for performing the physical authentication step, the password for the portable device must be inputted, so that the risk of leakage of the user's financial information due to the loss of the portable device can be solved.

1 is a diagram schematically illustrating a relationship between a smart banking security enforcement apparatus and peripheral devices when the smart banking security enforcement apparatus according to an exemplary embodiment of the present invention is implemented in a smart phone.
2 is a block diagram of an example of a smart banking security enforcement apparatus according to the present invention.
3 is a block diagram of an acknowledgment message output unit according to another embodiment of the present invention.
4 is a flowchart illustrating a smart banking security enforcement method according to another embodiment of the present invention.
5 is a flowchart illustrating a smart banking security enforcement method according to another embodiment of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS The present invention is capable of various modifications and various embodiments, and specific embodiments are illustrated in the drawings and described in detail in the detailed description. The effects and features of the present invention and methods of achieving them will be apparent with reference to the embodiments described in detail below with reference to the drawings. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings, wherein like reference numerals refer to like or corresponding components throughout the drawings, and a duplicate description thereof will be omitted .

In the following embodiments, the terms first, second, and the like are used for the purpose of distinguishing one element from another element, not the limitative meaning.

In the following examples, the singular forms "a", "an" and "the" include plural referents unless the context clearly dictates otherwise.

In the following embodiments, terms such as inclusive or possessed mean that a feature or element described in the specification is present, and does not exclude the possibility that one or more other features or components are added in advance.

If certain embodiments are otherwise feasible, the particular process sequence may be performed differently from the sequence described. For example, two processes that are described in succession may be performed substantially concurrently, and may be performed in the reverse order of the order described.

1 is a diagram schematically illustrating a relationship between a smart banking security enforcement apparatus and peripheral devices when the smart banking security enforcement apparatus according to an exemplary embodiment of the present invention is implemented in a smart phone.

Referring to FIG. 1, the smart banking system 100 according to the present invention includes a multifunctional intelligent compound terminal 110, a user-possessed communication device 130, and a financial institution server 150. The multifunctional intelligent compound terminal 110 and the user-possessed communication device 130 included in the smart banking system 100 are owned by one user 10 who uses smart banking.

The smart banking security enforcement apparatus according to an embodiment of the present invention may correspond to at least one processor or may include at least one processor. Accordingly, the smart banking security enforcement device may be implemented in a form embedded in other hardware devices such as a microprocessor or a general purpose computer system.

First, the multifunctional intelligent hybrid terminal 110 refers to various portable terminals. The multifunctional intelligent hybrid terminal 110 includes various wired / wireless communication functions and includes a mechanical button and a touch panel so that the user can use smart banking. The multifunctional intelligent compound terminal 110 includes a display unit for outputting a smart banking procedure and the user can input smart information into the multifunctional intelligent compound terminal 110 through a user interface screen output through the display unit, have.

The local area network 120 between the multifunctional intelligent hybrid terminal 110 and the user's possessed communication device 130 allows a single user 10 to have both the multifunctional intelligent hybrid terminal 110 and the user- Means a communication network that is effective only within a preset range so that communication can be performed between devices. The local area network 120 between the multifunctional intelligent hybrid terminal 110 and the user-possessed communication device 130 includes a near field communication (NFC) based on a radio frequency identification (RFID) chip.

The user-possessed communication device 130 is located at a short distance from the multifunctional intelligent compound terminal 110, exchanges various data with the multifunctional intelligent compound terminal 110, and is a device possessed by one smart banking user. As an example of the user-possessed communication device 130, there is an IC card incorporating an integrated circuit (IC) chip supporting the contactless local communication function.

The communication network 140 between the multifunctional intelligent compound terminal 110 and the financial institution server 150 includes various wired and wireless communication networks such as a general telephone network, a data network, and a mobile communication network.

The financial institution server 150 receives a request from the multifunctional intelligent hybrid terminal 110 while communicating with the multifunctional intelligent hybrid terminal 110 and transmits data according to the request. In addition, the financial institution server 150 determines whether the multifunctional intelligent hybrid terminal 110 requesting specific data from the financial institution server 150 is a terminal of a regular customer subscribed to a financial institution, The multifunctional intelligent hybrid terminal 110 stores data according to the request and transmits the data to the multifunctional intelligent hybrid terminal 110 through the communication network.

Hereinafter, the multifunctional intelligent hybrid terminal 110 will be referred to as a user terminal in order to simplify the description.

2 is a block diagram of an example of a smart banking security enforcement apparatus according to the present invention.

2, the smart banking security enforcement apparatus 200 includes a user information receiving unit 210, a communication device searching unit 230, a device storage information receiving unit 250, and an approval message output unit 270 . ≪ / RTI >

The smart banking security enforcement apparatus 200 shown in FIG. 2 shows a component construction for highlighting only the features of the embodiment of the present invention. Therefore, it will be understood by those skilled in the art that other general-purpose components other than the components shown in FIG. 2 may be further included in the embodiment shown in FIG. 2 It will be possible.

The user information receiving unit 210 receives the personal information including the user's ID and password and the financial change information requested by the user.

As an example, the user installs and executes an application that can use smart banking for his or her home bank in his smartphone, then logs in by inputting the user's ID and password, And that the transaction requesting the transfer is 200 million won.

Here, the user's ID and password are personal information for certifying that the user is a customer who can use smart banking through the application, and the personal information may include, in addition to the user's ID and password, And the like may be further included.

In addition, the fact that a transaction requesting transfer of 200 million won from an account of a user to another account becomes a financial fluctuation information for the user. That is, the financial fluctuation information means information that changes the financial state of the user according to the request of the user.

When the personal information received by the user information receiver 210 matches the preset first authentication information, the communication device search unit 230 searches for a communication device including personal information within a predetermined range from the user terminal.

First, the communication device search unit 230 receives the personal information received by the user information receiving unit 210 and compares the received personal information with preset first authentication information. The first authentication information is information to be compared with the user's personal information, which is stored in the communication device searching unit 230 or stored in a database (not shown), and is called by the communication device searching unit 230 And may be transmitted to the communication device search unit 230.

As an alternative embodiment, the communication device search unit 230 may receive the result of comparing the personal information and the first authentication information from a financial institution server (not shown). When the communication device search unit 230 receives the user's personal information and transmits the personal information to the financial institution server, the financial institution server searches the information based on the user's ID, password, and authorized certificate information included in the received personal information Identify whether the user is a financial institution customer. In this process, the financial institution server confirms that the user is the applicant of the Internet banking.

In this alternative embodiment, when the user is a customer of a financial institution and is found to have previously visited the branch office of the financial institution and applied for Internet banking, the server of the financial institution (not shown) As a result of comparing the information, the communication device search unit 230 transmits a login success message to the communication device search unit 230, and the communication device search unit 230 logs the user into the smart banking application based on the login success message.

Then, if the personal information matches the first authentication information, the communication device search unit 230 searches for a communication device including personal information of the user within a predetermined range from the user terminal. Here, the communication device refers to the user-possessed communication device 130 described with reference to FIG. 1, and a user possessing a user terminal for smart banking is a device necessary for conducting a smart banking procedure according to the present invention.

In the smart banking of the present invention, security is enhanced while maintaining the convenience of the user as much as possible. In this case, the communication device needs to be a communication capable device within a predetermined range from the user terminal. Various local communication technologies such as bluetooth, zigbee, NFC, etc. may be applied to the communication between the user terminal and the communicator.

For example, if the user's personal information matches the preset first authentication information, the communication device searching unit 230 may activate the NFC function of the user terminal to search for a communication device including personal information of the user have. At this time, the communication device may be an IC card for NFC capable of performing non-contact short-range communication within a predetermined range with the user terminal for which the NFC function is activated.

Users who use a financial institution such as a bank will create a credit or check card for the account while opening an account. In recent years, it is common to make an IC card rather than a magnetic card for security enhancement. Therefore, when the communication device is an NFC IC card as in the above-mentioned example, if the user has a user terminal (smart phone, etc.) and a credit card (IC card) Device (or method) can be used.

While issuing the IC card, the financial institution can insert not only the user's personal information but also financial information of the user, etc., which will be described later with reference to FIG.

When the communication device search unit 230 succeeds in searching for a communication device including personal information of the user, the device storage information receiving unit 250 receives the device storage information stored in the communication device from the communication device. The communication device stores various kinds of information necessary for correct operation of the communication device. Hereinafter, such information will be referred to as device storage information.

The device storage information includes a unique serial number of the communication device, a financial institution that produced the communication device, user information permitted to use the communication device, and the like. In particular, the user information permitted to use the communication device includes May be the same as or different from the user's personal information described above.

That the communication device search unit 230 has succeeded in searching for the communication device means that the user information permitted to use the communication device matches the personal information received by the user information receiving unit 210, The fact that the search unit 230 can not search for a communication device means that there is no communication device that contains the same information as the user's personal information in the search range of the communication device search unit 230. [

If the second authentication information input from the user or the preset second authentication information matches the approval information included in the device storage information, the approval message output unit 270 outputs the approval information including the financial status of the user The financial change approval message which permits the fluctuation of the financial transaction is output.

First, the approval message output unit 270 receives the device storage information from the device storage information receiving unit 250 and extracts the approval information included in the device storage information. Here, the approval information is information stored in the communication device to be inputted from the user or compared with the preset second authentication information, and the financial institution consults with the user when making the communication device to determine the approval information.

Then, the approval message output unit 270 compares the approval information with the second authentication information inputted from the user or preset. Here, the object to be compared with the approval information is either the information input from the user or the preset second authentication information.

Finally, the approval message output unit 270 outputs a financial change approval message that allows the user to change the financial state according to the financial change information if the second authentication information and the approval information match. At this time, the outputted financial change approval message is transmitted to the financial institution server, and changes the financial state of the user according to the financial change information requested by the user. Also, the financial change approval message may be output as text indicating that the financial change information requested by the user has been processed through the screen of the user terminal.

Since the user is a person who is aware of the approval information, after the user terminal and the communication device are contacted, the second authentication information identical to the approval information is inputted, so that the approval message output unit 270 can output the financial change approval message have.

In addition, if the financial change acceptance message is set to be output according to the second authentication information that is set in advance regardless of the user input, the approval message output unit 270 outputs the financial change acceptance message to the approval message output unit 270, It may output the financial change approval message without receiving the financial change approval message.

The present invention relates to a smart banking service in which a user makes a contact with a user terminal using a local communication device (IC card, etc.) issued by a financial institution business center in order to complete a final settlement when a user uses smart banking, It is possible to prevent an illegal user from hacking the smart phone and proceeding the unauthorized transfer transaction.

3 is a block diagram of an acknowledgment message output unit according to another embodiment of the present invention.

3, the approval message output unit 300 according to the present embodiment includes a password check unit 310, an input request message output unit 330, a second authentication information receiving unit 350, and a message output control unit 370 ). ≪ / RTI > For ease of description of FIG. 3, reference is made to the block diagram shown in FIG.

First, the password determination unit 310 determines whether the device storage information received by the device storage information receiving unit 250 includes the final approval password. More specifically, the device storage information includes the final approval password, but the device storage information is configured so that the user must input the final approval password in order to access the remaining information excluding the final approval password from the device storage information.

The final approval password that the password determination unit 310 grasps is information included in the above-described approval information, and the password identification unit 310 stores the final approval password in order to grasp the final approval password included in the device storage information Information about the number or type is included.

If the final authorization password is included in the device storage information, the second authentication information receiver 350 outputs an input request message of the second authentication information through the screen of the user terminal.

The second authentication information receiving unit 350 receives the second authentication information that the user inputs to the user terminal in response to the input request message. If the second authentication information received by the second authentication information receiving unit 350 matches the final approval password, the message output control unit 370 controls the output of the financial change acknowledgment message.

According to the present embodiment, since the final approval password is included in the device storage information of the communication device and the user inputs the final approval password, the user can access the remaining device storage information except for the final approval password. Therefore, Even when an illegal user gets a communication device, the effect of making it difficult to know information (device storage information) of a legitimate user stored in the communication device can be expected.

4 is a flowchart illustrating a smart banking security enforcement method according to another embodiment of the present invention.

The smart banking security enhancement method according to FIG. 4 can be implemented by the smart banking security enhancement device described with reference to FIG. 2, and a description overlapping with that of FIG. 2 will be omitted.

First, the user information receiving unit receives the personal information including the user's ID and password and the financial change information requested by the user (S410).

Then, the communication device search unit determines whether the personal information received by the user information receiving unit matches the preset first authentication information (S420).

As an alternative to step S420, the communication device search unit may receive the result of comparing the personal information and the first authentication information from the financial institution server.

When the communication device search unit receives the personal information of the user and transfers the personal information to the financial institution server, the financial institution server obtains the personal information based on the user's ID, password, Of customers. In this process, the financial institution server confirms that the user is the applicant of the Internet banking.

In the optional embodiment, when the user is a customer of a financial institution and is found to have previously visited the branch office of the financial institution and applied for internet banking, the server compares the personal information with the first authentication information As a result, a login success message is transmitted to the communication device search unit, and the communication device search unit logs the user into the smart banking application based on the login success message.

If the communication device search unit determines that the personal information received by the user information receiving unit matches the preset first authentication information, the communication device searching unit searches for a communication device including personal information within a predetermined range from the user terminal in step S430.

For example, if the user's personal information matches the preset first authentication information, the communication device searching unit may activate the NFC function of the user terminal to search for a communication device including personal information of the user. At this time, the communication device may be an IC card for NFC capable of performing non-contact short-range communication within a predetermined range with the user terminal for which the NFC function is activated.

If the communication device search unit 230 succeeds in searching for a communication device including personal information of the user, the device storage information receiving unit 250 receives the device storage information stored in the communication device from the communication device (S440 ).

The device storage information includes a unique serial number of the communication device, a financial institution that produced the communication device, user information permitted to use the communication device, and the like. In particular, the user information permitted to use the communication device includes May be the same as or different from the user's personal information described above.

Then, the approval message output unit extracts the approval information from the device storage information (S450), and compares the extracted approval information with the second authentication information (S460). In step S460, the second authentication information is information input from the user or previously set in the approval message output unit.

If the second authentication information matches the approval information included in the device storage information, the approval message output unit outputs a financial change acceptance message allowing the user to change the financial state according to the financial change information received by the user information receiving unit S470). If the approval information and the second authentication information do not match in step S460, the approval message output unit does not output the financial change approval message.

The financial change approval message output in step S470 is transmitted to the financial institution server to change the financial state of the user according to the financial change information requested by the user. Also, the financial change approval message may be output as text indicating that the financial change information requested by the user has been processed through the screen of the user terminal.

5 is a flowchart illustrating a smart banking security enforcement method according to another embodiment of the present invention.

5, a method for enhancing smart banking security according to another embodiment of the present invention may be implemented through transmission / reception of various information between a communication device 510, a user terminal 530, and a financial institution server 550 have.

Hereinafter, the user terminal 530 includes a smart banking security enforcement device, or a user terminal having a program for implementing a smart banking security enforcement method installed therein.

5, the smart banking security enhancement method of FIG. 5 illustrates a process after searching for a communication device existing within a predetermined range from the user terminal through step S430 in FIG.

First, the communication device 510 transmits financial institution server information to the user terminal 530 (S505). The financial institution server information includes information on the financial institution and an Internet address that can be accessed from the financial institution server.

The user terminal 530 extracts the unique address of the financial institution server from the financial institution server information received from the communication device 510 (S510). Then, the user terminal 530 accesses the unique address of the financial institution server and requests the user terminal 530 to transmit a user confirmation inquiry (S515).

The financial institution server 550 searches for a question according to the unique address of the financial institution server in step S520, and transmits the user confirmation query found in step S520 to the user terminal 530 in step S525.

When the user inputs a response to the user confirmation question through the user terminal 530, the user terminal 530 transmits a response to the user confirmation question to the financial institution server 550 (S530). The address at which the user terminal 530 transmits the answer is the unique address of the financial institution server extracted at the step S510 or the additional financial address of the financial institution server 550 transmitted at the time of sending the user confirmation question at the step S525 It can be an authority server address.

The financial institution server 550 compares the answer to the user confirmation question received from the user terminal 530 with a predetermined answer to determine whether they match or not (S535). If the answers do not match, the financial institution server 550 does not provide the encryption key S540). If both answers match, the encryption key is provided to the user terminal 530 (S545).

Here, the encryption key is a key that can access the device storage information stored in the communication device.

The user terminal 530 transmits the encryption key to the communication device 510 in step S550, and the communication device 510 determines whether the encryption key is a valid encryption key in step S555. When it is determined that the encryption key is not a valid encryption key, the communication device 510 does not transmit the device storage information to the user terminal 530 (S560). However, if it is determined that the encryption key is a valid encryption key, To the user terminal 530 (S565).

The user terminal 530 analyzes the device storage information received from the communication device 510 and extracts approval information (S570). Then, the user terminal 530 determines whether the approval information matches the second authentication information (S575). If the two pieces of information do not match, the user terminal 530 does not output the financial change approval message (S580) , The financial change acceptance message is output (S585).

The financial change approval message output in step S585 is transmitted to the financial institution server 550 by the user terminal 530 and used to change the financial state of the user.

According to the smart banking security enhancement method described with reference to FIG. 5, a user accesses through a unique address of a financial institution server to answer a preset question, and the financial institution server determines that the answer is a preset answer, And acquires the device storage information of the communication device with the cryptographic key, thereby preventing the unauthorized user from making an unauthorized transfer transaction and safely retaining the user's financial information even if hacking of the user terminal occurs.

The present invention relates to a smart banking service in which a user makes a contact with a user terminal using a local communication device (IC card, etc.) issued by a financial institution business center in order to complete a final settlement when a user uses smart banking, It is possible to prevent the unauthorized user from hacking the smart phone and proceeding the unauthorized transfer transaction.

In addition, since a unique password is required to access information stored in the communication device, even when the communication device is lost, there is little possibility that the information of the user stored in the communication device is exposed.

The embodiments of the present invention described above can be embodied in the form of a computer program that can be executed on various components on a computer, and the computer program can be recorded on a computer-readable medium. At this time, the medium may be a magnetic medium such as a hard disk, a floppy disk and a magnetic tape, an optical recording medium such as CD-ROM and DVD, a magneto-optical medium such as a floptical disk, , A RAM, a flash memory, and the like, which are specifically configured to store and execute program instructions. Further, the medium may include an intangible medium that is implemented in a form that can be transmitted over a network, and may be, for example, a medium in the form of software or an application, which can be transmitted and distributed through a network.

Meanwhile, the computer program may be specifically designed and configured for the present invention or may be known and used by those skilled in the computer software field. Examples of computer programs may include machine language code such as those produced by a compiler, as well as high-level language code that may be executed by a computer using an interpreter or the like.

The specific acts described in the present invention are, by way of example, not intended to limit the scope of the invention in any way. For brevity of description, descriptions of conventional electronic configurations, control systems, software, and other functional aspects of such systems may be omitted. Also, the connections or connecting members of the lines between the components shown in the figures are illustrative of functional connections and / or physical or circuit connections, which may be replaced or additionally provided by a variety of functional connections, physical Connection, or circuit connections. Also, unless stated otherwise such as " essential ", " importantly ", etc., it may not be a necessary component for application of the present invention.

The use of the terms " above " and similar indication words in the specification of the present invention (particularly in the claims) may refer to both singular and plural. In addition, in the present invention, when a range is described, it includes the invention to which the individual values belonging to the above range are applied (unless there is contradiction thereto), and each individual value constituting the above range is described in the detailed description of the invention The same. Finally, the steps may be performed in any suitable order, unless explicitly stated or contrary to the description of the steps constituting the method according to the invention. The present invention is not necessarily limited to the order of description of the above steps. The use of all examples or exemplary language (e.g., etc.) in this invention is for the purpose of describing the present invention only in detail and is not to be limited by the scope of the claims, It is not. It will also be appreciated by those skilled in the art that various modifications, combinations, and alterations may be made depending on design criteria and factors within the scope of the appended claims or equivalents thereof.

200: Smart Banking Security Enhancement Device
210: User information receiver
230: communication device search section
250: Device storage information receiver
270: Approval message output unit

Claims (7)

A user information receiving step of receiving personal information including a user's ID and a password and financial change information requested by the user;
A communication device searching step of searching for a communication device including the personal information within a predetermined range from the user terminal if the personal information matches the preset first authentication information;
A device storage information receiving step of receiving device storage information stored in the searched communication device from the searched communication device when a communication device including the information is searched; And
If the second authentication information input from the user or preset is identical to the approval information included in the received device storage information, outputs a financial change approval message permitting variation of the financial state of the user according to the financial change information And outputting an acknowledgment message to the smart card. The method according to claim 1,
The approval message output step may include:
A password grasp step of grasping whether the received device storage information includes a final approval password;
Outputting an input request message for outputting a second authentication information input request message through the screen of the user terminal if the received device storage information includes a final authorization password;
A second authentication information receiving step of receiving the second authentication information inputted by the user corresponding to the input request message; And
And a message output control step of controlling to output the financial change acceptance message if the received second authentication information coincides with the final approval password. The method according to claim 1,
The user terminal comprises:
And if the personal information matches the preset first authentication information, activates a near field communication (NFC) function to search for a communication device including the personal information,
The communication device includes:
And a noncontact local area communication (IC) integrated circuit card capable of performing noncontact local communication within the predetermined range with the user terminal activated by the noncontact local area communication function. A computer-readable recording medium storing a program for executing the method according to any one of claims 1 to 3. A user information receiving unit for receiving personal information including a user ID and a password and financial change information requested by the user;
A communication device search unit searching for a communication device including the personal information within a predetermined range from the user terminal if the personal information matches the preset first authentication information;
A device storage information receiver for receiving device storage information stored in the searched communication device from the searched communication device when the communication device including the information is searched; And
And outputting a financial change acceptance message for permitting the change of the financial state of the user according to the financial change information if the second authentication information inputted from the user or preset is identical to the approval information included in the received device storage information A smart banking security enforcement device comprising: 6. The method of claim 5,
The approval message output unit,
A password check unit for checking whether the received device storage information includes a final approval password;
An input request message output unit for outputting a second authentication information input request message through a screen of the user terminal if the received device storage information includes a final authorization password;
A second authentication information receiver for receiving the second authentication information input by the user corresponding to the input request message; And
And a message output controller for controlling the output of the financial change acceptance message if the received second authentication information matches the final approval password. 6. The method of claim 5,
The user terminal comprises:
And if the personal information matches the preset first authentication information, activates a near field communication (NFC) function to search for a communication device including the personal information,
The communication device includes:
And a noncontact local area communication (IC) integrated circuit card capable of performing noncontact local communication within the predetermined range with the user terminal activated by the noncontact local area communication function.
KR1020150181088A 2015-12-17 2015-12-17 Smart banking apparatus and method for enhanced security KR20170072654A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150181088A KR20170072654A (en) 2015-12-17 2015-12-17 Smart banking apparatus and method for enhanced security

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150181088A KR20170072654A (en) 2015-12-17 2015-12-17 Smart banking apparatus and method for enhanced security

Publications (1)

Publication Number Publication Date
KR20170072654A true KR20170072654A (en) 2017-06-27

Family

ID=59514703

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150181088A KR20170072654A (en) 2015-12-17 2015-12-17 Smart banking apparatus and method for enhanced security

Country Status (1)

Country Link
KR (1) KR20170072654A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113009850A (en) * 2021-03-07 2021-06-22 广东电网有限责任公司广州供电局 Intelligent operation method and device of low-voltage contact cabinet

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113009850A (en) * 2021-03-07 2021-06-22 广东电网有限责任公司广州供电局 Intelligent operation method and device of low-voltage contact cabinet
CN113009850B (en) * 2021-03-07 2022-06-07 广东电网有限责任公司广州供电局 Intelligent operation method and device for low-voltage contact cabinet

Similar Documents

Publication Publication Date Title
US11405380B2 (en) Systems and methods for using imaging to authenticate online users
US20230164147A1 (en) Systems and methods for proximity identity verification
US11706212B2 (en) Method for securing electronic transactions
EP1922632B1 (en) Extended one-time password method and apparatus
KR101583741B1 (en) Two-Factor Authentication Systems and Methods
CN108804906B (en) System and method for application login
EP2652688B1 (en) Authenticating transactions using a mobile device identifier
CN105323253B (en) Identity verification method and device
US20160342979A1 (en) Systems and methods for transaction authentication using dynamic wireless beacon devices
KR20240023589A (en) Cross authentication method and system between online service server and client
KR20160092944A (en) Online financial transactions, identity authentication system and method using real cards
US20160021102A1 (en) Method and device for authenticating persons
KR20170072654A (en) Smart banking apparatus and method for enhanced security
KR20110002967A (en) Method and system for providing authentication service by using biometrics and portable memory unit therefor
CN104113417A (en) Dynamic password identity authentication method and system based on near field communication (NFC)
KR101697432B1 (en) Method for certifying of financial transaction using location information
US11042628B2 (en) Systems and methods for authentication code entry using mobile electronic devices
EP3332370A1 (en) Systems and methods for interaction authentication using dynamic wireless beacon devices
KR101192803B1 (en) Method, apparatus and system for providing private information using verified user device information
KR101212510B1 (en) System and method for service security based on location
KR101195027B1 (en) System and method for service security
KR20150114358A (en) User authentication system by contacting card and operating method thereof
KR101232581B1 (en) Payment processing system and control method thereof
KR20130005635A (en) System for providing secure card payment system using mobile terminal and method thereof
KR101079740B1 (en) System for inputting information using terminal and method thereof

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal