KR20170124503A - Method for Authenticating Non-Faced Transaction by using Near Field Communication Card for Generating One Time Password - Google Patents

Abstract

The present invention relates to a non-facing transaction authentication method using a near field communication (NFC) and one-time password (OTP) card. According to an embodiment of the present invention, the non-facing transaction authentication method is executed through a program on a wireless terminal of a user and provides various transactions based on safe one-time codes while blocking memory hacking. The method includes the steps of: receiving information including information set to be used as seeds of one-time authentication codes; enabling the program on the wireless terminal to check whether a chip in a designated card interfaces the wireless terminal through NFC; and providing a time value calculated by a timer in the wireless terminal and information set to be used as seeds of one-time authentication codes to be dynamically generated in the card chip to the card chip interfacing through the NFC.

Description

[0001] The present invention relates to a method for authenticating a non-face transaction using an N-

The present invention provides a method executed by a program of a wireless terminal of a user, the method comprising the steps of: receiving, from a user, N (N > = 2) pieces of transaction information to be input from a user for non- The program of the wireless terminal transmits information set to be used as a seed of the disposable authentication code among the n pieces of transaction information from the transaction server, when n (1 < n < N) transaction information inputted or selected is transmitted to the designated transaction server The program of the wireless terminal displays designated information including n 'pieces of information received from the transaction server on the screen of the wireless terminal, A program of the terminal confirms whether a chip of a card designated through Near Field Communication (NFC) is interfaced to the wireless terminal, The program of the wireless terminal sets at least one piece of information set for use as a seed of a disposable authentication code to be dynamically generated in the chip of the card among the n 'pieces of information and a time value calculated by the timer of the wireless terminal To the chip of the card interfaced via the NFC, and wherein the program of the wireless terminal uses a plurality of seeds including the provided information and the time value in the chip of the card from the chip of the card interfaced via the NFC Receiving a dynamically generated disposable authentication code, the program of the wireless terminal outputting a disposable authentication code received from a chip of the card, or processing the disposable authentication code to be transmitted to a transaction server authenticating the validity of the disposable authentication code Of non-face-to-face transaction authentication using NF-OCTOPICARD to be.

Recently, memory hacking has become an issue. With memory hacking, even normal financial transactions using OTP (One Time Password) can be turned into fraudulent financial transactions. For example, if an authentication error such as a password or OTP occurs during a non-face-to-face financial transaction, a procedure is required to request the same password or OTP input within five times to maintain user convenience and transaction continuity.

Memory hacking manipulates normal transactions by digging into the characteristics of the transaction procedure to maintain transaction continuity. In the conventional transaction procedure of the transfer transaction during the non-face financial transaction in the related art, various transaction information necessary for the transfer transaction is inputted and transmitted in one page (or user interface), and when the transfer of the transaction information is completed, Enter the number. At this time, the hacker (or malicious code) copies and stores the transaction information at the time of transmission of various transaction information, copies the dynamically generated OTP through the designated OTP token, copies it at the time of transmission, Thereby inducing an authentication error to occur. The system is then initialized to re-enter the transaction information. At this time, the hacker (or malicious code) repeats the transaction procedure with the manipulated transaction information using the copied OTP by manipulating the copied transaction information (for example, transferring the transferred transaction information to the illegal account of the hacker) Manipulate with fraudulent transactions. Of course, in order to prevent the memory hacking like this, when an OTP authentication error occurs, a new OTP can be regenerated through the OTP token and inputted. Even if the hacker (or malicious code) Since the OTP has already been changed, the illegal transaction can be blocked. However, such a solution is not related to transaction continuity, and causes another problem that hinders user convenience. Moreover, the case of memory hacking is not limited to the above-described method, and it can be variously changed by copying or replacing transaction information or OTP on the memory.

SUMMARY OF THE INVENTION An object of the present invention is to provide a method that is executed through a program of a wireless terminal of a user and is a method for executing a disposable authentication code based authentication among N (N? 2) pieces of transaction information to be input from a user for non- Wherein, when n (1? N < N) transaction information inputted or selected from a user is transmitted to a designated transaction server, the program of the wireless terminal is set to use as a seed of the one- (1 &amp;le; n &amp;le; n) pieces of information including information on the wireless terminal, and a first step of causing the program of the wireless terminal to transmit specified information including n 'pieces of information received from the transaction server, And a third step of confirming whether a chip of a card designated through NFC (Near Field Communication) is interfaced to a wireless terminal And a card of a card designated through the NFC is interfaced, the program of the wireless terminal comprises at least one piece of information set to be used as a seed of a disposable authentication code to be dynamically generated in the chip of the card among the n 'pieces of information, A fourth step of providing a time value calculated by a timer of the terminal to a chip of a card interfaced via the NFC from a chip of the card interfaced through the NFC; A fifth step of receiving a dynamically generated disposable authentication code using a plurality of seeds including information and time values and a fifth step of outputting a disposable authentication code received from a chip of the card or a disposable authentication code To the transaction server for authenticating the validity of the disposable authentication code Face transaction authentication method using an NEF &lt; RTI ID = 0.0 &gt; OC &lt; / RTI &gt;

A non-facing transaction authentication method using an NFC AUTOpicard according to the present invention is a method executed through a program of a user's wireless terminal, the method comprising the steps of: N (N2) transactions to be input from a user for non- (1 &lt; n &lt; N) transaction information is transmitted from the user to the designated transaction server before performing the one-time authentication code based authentication among the information, the program of the wireless terminal transmits the n transactions A first step of receiving n '(1? N? N) pieces of information including information set as a seed of a disposable authentication code among the information; A second step of displaying designated information on the screen of the wireless terminal, the program including the steps of: A third step of confirming whether the chip is interfaced with the wireless terminal, and a step of, when a chip of a card designated through the NFC is interfaced, A fourth step of providing at least one piece of information set as a seed and a time value calculated by a timer of the wireless terminal to a chip of a card interfaced through the NFC; A fifth step of receiving from the chip of the card a dynamically generated disposable authentication code using a plurality of seeds including the provided information and the time value in the chip of the card; Output a disposable authentication code or authenticate the validity of the disposable authentication code Burrow is characterized in that a sixth step of the transfer process be a one-time authentication codes.

In the non-face-to-face transaction authentication method using the NPL auto-pick card according to the present invention, the n pieces of transaction information include a deposit bank, a deposit account number, and a deposit amount.

In the non-facing transaction authentication method using an NFC auto-picking card according to the present invention, the n 'pieces of information include n' pieces of information among pieces of individual transaction information included in the n pieces of transaction information or pieces of individual transaction information And a control unit.

In the non-facsimile transaction authentication method using the NFC AUTOPICARD according to the present invention, in the first step, the program of the wireless terminal transmits, from the transaction server, Further comprising the step of receiving m '(1? M'? M) pieces of information specified among the confirmed m (m? 1) pieces of transaction information by inquiring of the mobile terminal, and displaying designated information including n 'pieces of information and m' pieces of information on a screen of the wireless terminal, wherein the fourth step includes the steps of: Providing at least one piece of information set for use as a seed of a one-time authentication code to be dynamically generated in a chip of the card and a time value calculated by a timer of the wireless terminal; .

In the non-face-to-face transaction authentication method using the NPL auto-pick card according to the present invention, the ledger system includes a depositing bank side ledger system.

In the non-face-to-face transaction authentication method using the NPL auto-pick card according to the present invention, the m pieces of transaction information include a deposit account name of the deposit account.

In the non-facing transaction authentication method using an NFC AUTHPICARD according to the present invention, the m 'pieces of information are m' pieces of information of each individual transaction information included in the m pieces of transaction information or partial information of each individual transaction information And a control unit.

In the second step, the program of the wireless terminal inputs t (t &gt; = 1) pieces of authentication information among the information displayed on the screen of the wireless terminal, in the non-facing transaction authentication method using the N- Receiving the t authentication information inputted by the program of the wireless terminal and requesting authentication by transmitting the t authentication information to the transaction server; and receiving a result of authentication of the validity of the t authentication information from the transaction server The method comprising the steps of:

The non-facing transaction authentication method using an NFC AUTHPICARD according to the present invention is a method executed through a wireless terminal of a user communicating with a server that processes a non-face transaction, comprising the steps of: Among the N (1 < n &lt; N) transaction information inputted or selected by the user or transmitted from the user until the one-time authentication code based authentication is performed among the N (N & (1 &amp;le; n &amp;le; n) pieces of information including information set to be used by the server, and a second step of displaying specified information including the n 'pieces of information on a screen of the wireless terminal A step of confirming whether a chip of a designated card is interfaced to a wireless terminal through NFC (Near Field Communication) At least one piece of information set to be used as a seed of a disposable authentication code to be dynamically generated in a chip of the card among the n 'pieces of information with a chip of a card interfaced via the NFC, and a time calculated by a timer of the wireless terminal And a fifth step of receiving a dynamically generated disposable authentication code using a plurality of seeds including the provided information and the time value in the chip of the card from the chip of the card interfaced through the NFC, And a sixth step of outputting the disposable authentication code received from the chip of the card or processing the received disposable authentication code to be transmitted to the server authenticating the validity of the disposable authentication code.

In the non-face-to-face transaction authentication method using the NPL auto-pick card according to the present invention, the n pieces of transaction information include a deposit bank, a deposit account number, and a deposit amount.

In the non-facing transaction authentication method using an NFC auto-picking card according to the present invention, the n 'pieces of information include n' pieces of information among pieces of individual transaction information included in the n pieces of transaction information or pieces of individual transaction information And a control unit.

In the non-facsimile transaction authentication method using an NF-OCTD according to the present invention, the first step is a step of inquiring the designated ledger system through at least one of the n pieces of transaction information from the server, m &lt; m &gt;) of pieces of transaction information, and the second step further comprises the step of receiving m [ And a fourth step of displaying at least one of the n 'pieces of information and m' pieces of information to be used as a seed of a one-time authentication code to be dynamically generated in the chip of the card, And a time value calculated by a timer of the wireless terminal.

In the non-face-to-face transaction authentication method using the NPL auto-pick card according to the present invention, the ledger system includes a depositing bank side ledger system.

In the non-face-to-face transaction authentication method using the NPL auto-pick card according to the present invention, the m pieces of transaction information include a deposit account name of the deposit account.

In the non-facing transaction authentication method using an NFC AUTHPICARD according to the present invention, the m 'pieces of information are m' pieces of information of each individual transaction information included in the m pieces of transaction information or partial information of each individual transaction information And a control unit.

In the non-facsimile transaction authentication method using the ENC keypad according to the present invention, the second step includes receiving t (t? 1) pieces of authentication information from the information displayed on the screen of the wireless terminal, and transmitting the t authentication information to a server providing the non-face-to-face transaction to request authentication, and receiving a result of authenticating the validity of the t authentication information from the server.

In the non-face-to-face transaction authentication method using the NFC AUTOPICARD according to the present invention, the disposable authentication code is dynamically generated in the chip of the card by further using the seed value provided in the chip of the card.

In the non-face-to-face transaction authentication method using the ENC keypad according to the present invention, the one-time authentication code is used as one of (Nn) pieces of transaction information among N pieces of transaction information to be input for non-face- .

A transaction authentication method according to the present invention is executed by a server communicating with a user terminal through a first channel including a designated path and communicating with a user's wireless terminal through a second channel different from the first channel (N &gt; = 2) pieces of transaction information to be input for non-face-to-face transactions from a user terminal, A second step of checking m (m? 1) pieces of transaction information retrieved through the ledger system corresponding to the n pieces of transaction information; (N '+ m') pieces of information each including at least m '(1? M'? M) pieces of information among the m pieces of transaction information, (N '+ m') pieces of information; (N '+ m') pieces of authentication information input by the user via a line terminal; and a fourth step of receiving the t A fifth step of authenticating the validity of the authentication information of the user, when the validity of the t authentication information is authenticated, generating a disposable code using a chip of a card interfaced with NFC (Near Field Communication) (Nn) pieces of transaction information including the one-time codes generated through the chips of the card are input and received through the user's terminal.

According to the present invention, the n pieces of transaction information may include a deposit bank, a deposit account number, and a deposit amount.

According to the present invention, the ledger system corresponding to the n pieces of transaction information may include a depositing bank side ledger system.

According to the present invention, the m pieces of transaction information may include account names of deposit accounts.

According to the present invention, the n 'pieces of information may include n' pieces of pieces of individual transaction information included in the n pieces of transaction information or partial information of each piece of transaction information.

According to the present invention, the m 'pieces of information may include m' pieces of information of each transaction information included in the m pieces of transaction information or partial information of each piece of transaction information.

According to the present invention, the third step may include the steps of specifying t authentication information to be input by the user among the (n '+ m') pieces of information, designating the t authentication information specifying the t authentication information, To the mobile station.

According to another aspect of the present invention, the fourth step may include transmitting the (n '+ m') information from the user's wireless terminal when t authentication information out of the (n '+ m') pieces of information is designated through the user's wireless terminal, The method may further include receiving designation information specifying t authentication information out of the plurality of pieces of authentication information.

According to the present invention, the disposable code may be generated by using at least two of a card-side seed value stored in a chip of the card, a time value provided by a chip of the card from the wireless terminal, and a server- And may include code generated through the chip of the card.

According to the present invention, the transaction authentication method may further include receiving (N-n) pieces of transaction information from the user terminal if the validity of the t authentication information is authenticated.

According to the present invention, the one-time code can be used as an authentication value for using the user's authorized certificate at the user's terminal. In this case, in the sixth step, when the validity of the disposable code is authenticated, it is possible to control the procedure of using the user's authorized certificate to be performed.

According to the present invention, the transaction authentication method may further include processing the disposable code included in the (N-n) pieces of transaction information to be authenticated when the (N-n) pieces of transaction information are received.

According to the present invention, the transaction authentication method further comprises: controlling the process of processing the non-face-to-face transaction to be performed using N pieces of transaction information received from the user terminal when the (Nn) pieces of transaction information are received As shown in FIG.

According to the present invention, transaction information (for example, a deposit bank, a deposit account number, and the like) to be a target of memory hacking among the transaction information inputted or selected by the user through the user terminal is received, (For example, a depositor's name), which is intuitively perceivable, and provides information including at least one of the received and confirmed transaction information to a user's wireless terminal through a separate channel and displays the transaction information , The authentication information including the designated information among the information provided through the separate channel is inputted again by the user, and the user is authenticated, thereby providing various transactions based on the safe one-off code while blocking the memory hacking.

BRIEF DESCRIPTION OF DRAWINGS FIG. 1 is a block diagram of a system for providing a transaction authentication system of the present invention. FIG.
FIG. 2 is a diagram illustrating a configuration of a transaction authentication system according to an embodiment of the present invention.
3 is a functional block diagram of a wireless terminal that interfaces with a card according to an embodiment of the present invention.
4 is a diagram showing a configuration of a contactless card for generating a disposable code according to an embodiment of the present invention.
5 is a diagram illustrating a process of transmitting and receiving n pieces of transaction information according to an embodiment of the present invention.
6 is a diagram illustrating a process of dynamically generating a disposable code using a chip of a card interfaced with a user's wireless terminal according to an embodiment of the present invention.
FIG. 7 is a diagram illustrating a process of transmitting and receiving (Nn) pieces of transaction information according to an embodiment of the present invention to process non-face-to-face transactions.

The operation principle of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention. For example, it is possible that a configuration provided on the server side is implemented on the terminal side, or conversely, a configuration portion provided on the terminal side is implemented on the server side.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

FIG. 1 is a diagram showing a system configuration for providing a transaction authentication system 200 of the present invention.

1 is a diagram illustrating an example of a case where n (1? N < N), which includes designated information among N (N? 2) transaction information to be input for non-facing transactions through a first channel connected to a user terminal 100, (M &gt; = 1) transaction information through the ledger system 120 corresponding to the received n pieces of transaction information, and then transmits a second channel different from the first channel And provides at least one of the n pieces of transaction information inputted or selected by the user himself or herself and the m pieces of transaction information searched through the ledger system 120 to the user's wireless terminal 300 for exposure, And transmits the authentication information to the user's wireless terminal (300) via the NFC when the validity of the transaction information is authenticated through the authentication information. Interfaced A system configuration in which a disposable code is dynamically generated through a chip 405 of a card 400 and then outputted through the wireless terminal 300 to be used as (Nn) pieces of transaction information received through the first channel Those skilled in the art will be able to refer to and / or modify Figure 1 to illustrate the various ways of implementing the transaction authentication system 200 (e.g., The present invention may be embodied in all of the above-mentioned modes of practicing the invention, and it will be understood that the technical features Is not limited.

The system configuration of the present invention includes a user terminal 100 for inputting or selecting transaction information from a user, and a user terminal 100 for receiving and displaying specified information among the transaction information inputted or selected by the user, (300) connected to the user terminal (100) through a first channel and configured to communicate with the user's wireless terminal (300) via a second channel different from the first channel, N (1? N &lt; N) transaction information, which is connected to the terminal 300 and includes designated information among N transaction information for non-face-to-face transactions from the terminal 100 of the user through the first channel , M (m? 1) pieces of transaction information through the ledger system 120 corresponding to the received n pieces of transaction information, and then transmits n pieces of transaction information inputted or selected by the user himself or herself through the second channel And provides at least one specified information among the m pieces of transaction information searched through the ledger system 120 to the user's wireless terminal 300 to expose the authentication information including at least a part of the exposed information, Through the chip 405 of the card 400 interfaced with the user's wireless terminal 300 via the NFC when the validity of the transaction information is authenticated through the authentication information And generates the one-time code through the wireless terminal 300 to be used as (Nn) pieces of transaction information received through the first channel. According to an embodiment of the present invention, the transaction authentication system 200 includes a transaction server 105 that receives transaction information from the terminal 100 of the user and processes non-face-to-face transactions based on the transaction information, A separate control server 115 for controlling the non-face-to-face transaction of the transaction server 105 by performing the procedure, a code server 110 for performing the generation and / or authentication of the one-time code, The above server can be implemented.

The terminal 100 of the user is a general term of a terminal used by a user for non-face-to-face transactions, and is preferably a wired terminal including a computer, a notebook, or the like used by a user and a mobile terminal, a smart phone, And may include a wireless terminal 300. The terminal 100 of the user inputs or selects N transaction information for non-face-to-face transactions from the user and transmits the selected transaction information through a designated path.

When the validity of the transaction information is authenticated through the authentication information, the wireless terminal (300) of the user of the shopping mall executes the authentication procedure of the transaction information inputted or selected through the terminal (100) of the user, The disposable code is dynamically generated through the chip 405 of the card 400 interfaced with the card 300 through the NFC and the disposable code dynamically generated through the chip 405 of the card 400 is received and displayed And may include a mobile terminal 300 such as a mobile phone, a smart phone, and a tablet PC, which are preferably used by a user.

Wherein the user terminal (100) is in direct or relay communication with the transaction authentication system (200) via a first channel, and the user's wireless terminal (300) System 200 directly or via relay communication. In the present invention, the first channel and the second channel are defined as satisfying at least one of a heterogeneous terminal, a heterogeneous communication network, a heterogeneous program, and a heterogeneous server. For example, if the user's terminal 100 is a wired terminal used by a user and the user's wireless terminal 300 is a wireless terminal 300 used by a user, the condition of channel separation of the present invention is satisfied. Even if the user terminal 100 is a wireless terminal used by a user, if the user's wireless terminal 300 is a wireless terminal 300 different from the user terminal 100, the condition of channel separation of the present invention is satisfied . Or if the user's terminal 100 directly or indirectly communicates with the transaction authentication system 200 via a wired communication network and the user's wireless terminal 300 communicates directly or indirectly through a wireless communication network, The condition of channel separation is satisfied. Or a non-face-to-face transaction for inputting / selecting transaction information in the wireless terminal 300 even if the user terminal 100 and the wireless terminal 300 are the same wireless terminal 300, The condition for channel separation of the present invention may be satisfied if the program 315 for performing the authentication procedure and the procedure for requesting and outputting the disposable code through the chip 405 of the card 400 is separately classified. Even if the user terminal 100 and the wireless terminal 300 are the same wireless terminal 300, a server connected to a communication channel for requesting non-face-to-face transactions by inputting / selecting transaction information, And if the server to which the communication channel is connected is different in order to perform the procedure of requesting and outputting the disposable code through the chip 405 of the card 400, the condition of channel separation of the present invention may be satisfied.

The transaction server 105 is a collective term for a server that processes non-face-to-face transactions using the transaction information entered or selected by the user through the terminal 100 of the user. The transaction server 105 is preferably a banking server of a bank, A payment server of a credit card company, a payment approval server of a credit card company, a server of a securities company, or the like. Non-face-to-face transactions include non-face-to-face banking transactions using an account opened in a bank (for example, real account or virtual account), non-face credit card payment using a credit card issued by a credit card company, Non-face-to-face prepayment using prepaid cards issued by non-face-to-face check-card payments linked to opened accounts, non-face-to-face debit card payments or cash card transactions linked to bank-issued debit or cash cards and accounts opened at banks Card transaction may include at least one non-face-to-face transaction. According to an embodiment of the present invention, the transaction authentication system 200 or at least some components of the transaction authentication system 200 may be implemented in the transaction server 105.

The code server 110 is a server for performing a procedure for authenticating a dynamically generated one-time code through a chip 405 of a card 400 interfaced with the wireless terminal 300 through the wireless terminal 300 of the user (Or specified information among transaction information) inputted or selected by the user through the terminal 100 through the designated path through the user's terminal 100 and receives the provided transaction through the user's wireless terminal 300 Perform the procedure for authenticating information. According to an embodiment of the present invention, the transaction authentication system 200 or at least some components of the transaction authentication system 200 may be implemented in the code server 110.

The control server 115 is a generic name of a server that can include the transaction authentication system 200 or at least a component of the transaction authentication system 200 in addition to the transaction server 105 and the code server 110, When the transaction server 105 and the code server 110 are provided, the transaction authentication system 200 is provided to the transaction server 105 and / or the code server 110, And provides the ability to implement the invention without implementation. When the transaction authentication system 200 is provided in the control server 115, the control server 115 operates in conjunction with the transaction server 105 and / or the code server 110.

The ledger system 120 is a general term for a system for managing a ledger such as an account or a card provided in a financial institution that processes non-face-to-face transactions. Preferably, the ledger system 120 provided in each financial institution includes a public network , Financial joint network, etc.).

Hereinafter, technical features of the present invention will be described with reference to an embodiment in which the non-face-to-face transaction is a non-face-to-face banking transaction.

2 is a diagram illustrating a configuration of a transaction authentication system 200 according to an embodiment of the present invention.

2 shows an example of a case where n (1? N < N), which includes designated information among N (N? 2) pieces of transaction information to be input for non-facing transactions through a first channel connected to a user terminal 100, (M &gt; = 1) transaction information through the ledger system 120 corresponding to the received n pieces of transaction information, and then transmits a second channel different from the first channel And provides at least one of the n pieces of transaction information inputted or selected by the user himself or herself and the m pieces of transaction information searched through the ledger system 120 to the user's wireless terminal 300 for exposure, And transmits the authentication information to the user's wireless terminal (300) via the NFC when the validity of the transaction information is authenticated through the authentication information. Interfaced A configuration of a system for dynamically generating a disposable code through a chip 405 of a card 400 and outputting the disposable code through the wireless terminal 300 to be used as (Nn) pieces of transaction information received through the first channel Those skilled in the art will be able to refer and / or modify FIG. 2 to illustrate various implementations of the transaction authentication system 200 configuration (e.g., some configuration portions may be omitted , Or subdivided, or combined). However, the present invention includes all of the above-mentioned embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

Referring to FIG. 2, the transaction authentication system 200 receives n (1? N? 1) pieces of transaction information from among N (N? 1) pieces of transaction information to be input for non- N) pieces of transaction information; a transaction information verifying unit 205 for checking m (m? 1) pieces of transaction information searched through the ledger system 120 corresponding to the n pieces of transaction information And m '(1? M'? M) pieces of information among the n pieces of transaction information, n' (1? N'? N) (n (n) + m ') pieces of information to the user's wireless terminal 300, and transmits the n pieces of transaction information and m pieces of transaction information to the user's wireless terminal 300 '+ m') pieces of information.

The user terminal 100 selects a transaction type through an interface displayed through an interface provided by the transaction server 105 (for example, an interface on a web page) or an application provided on the terminal 100. [ By selecting the transaction type, N pieces of transaction information to be input for a non-face-to-face transaction corresponding to the transaction type are determined. The N pieces of transaction information include account information, amount information, and one-time use codes dynamically generated at the time of non-face-to-face transactions.

The user terminal 100 displays an interface for receiving transaction information corresponding to the selected transaction type. The interface includes an interface for receiving n pieces of transaction information corresponding to a part of N pieces of transaction information to be input for non-face-to-face transactions corresponding to the selected transaction type, or an interface for receiving the N pieces of transaction information .

When N '(N'≥n) pieces of transaction information are input through the interface, the user terminal 100 transmits N' pieces of transaction information inputted or selected by the user through a designated path. For example, the terminal 100 of the user may transmit the n pieces of transaction information to a server provided with the transaction authentication system 200. Alternatively, the user terminal 100 may transmit the N 'pieces of transaction information to the designated transaction server 105, and the transaction server 105 may transmit n pieces of transaction information based on the N' pieces of transaction information, To the server provided with the authentication system 200.

The transaction information receiving unit 205 receives n pieces of transaction information inputted or selected by the user for the non-face-to-face transaction through the designated path. Preferably, the n pieces of transaction information include transaction information corresponding to the deposit bank and the deposit account number, and transaction information corresponding to a deposit amount (or transfer amount) to be deposited (or transferred) to the deposit account of the deposit bank, Transaction information corresponding to the withdrawal bank and the withdrawal amount (or the withdrawal amount) to be withdrawn (or withdrawn) from the withdrawal account of the withdrawal bank and the transaction information corresponding to the withdrawal account number may be included. Meanwhile, according to the embodiment, the n pieces of transaction information may include transaction information related to deposits and withdrawals, and may include transaction information on any one of deposits and withdrawals.

According to the first transaction information receiving method of the present invention, the transaction information receiving unit 205 receives the transaction information inputted or selected through the user's terminal 100 until the one-time use code among the N transaction information for the non- As the n pieces of transaction information.

According to the second transaction information receiving method of the present invention, the transaction information receiving unit 205 receives the transaction information through the user's terminal 100 until the one-time use code among the N transaction information for the non- The transaction information corresponding to a designated part of the information can be received as the n pieces of transaction information.

According to the third transaction information receiving method of the present invention, the transaction information receiving unit 205 receives the transaction information related to the money depositing side transmitted first from the terminal 100 of the user out of the N transaction information for the non-face-to-face transaction As the n pieces of transaction information.

According to the fourth transaction information receiving method of the present invention, the transaction information receiving unit 205 receives the transaction information excluding the transaction information used as the disposable code among the N transaction information for the non-face-to-face transaction as the n transaction information can do.

According to the fifth transaction information receiving method of the present invention, the transaction information receiving unit 205 receives the transaction information excluding the transaction information used as the one-time code from the N transaction information for the non-face-to-face transaction, As the n pieces of transaction information.

When the n pieces of transaction information are confirmed, the transaction information verifying unit 210 determines the inquiry target ledger system 120 to inquire m pieces of transaction information using the n pieces of transaction information. Preferably, the inquiry target ledger system 120 includes a depositing bank side ledger system 120 (e.g., an account system), and may include a withdrawal bank side ledger system 120 in accordance with an implementation method.

According to the embodiment of the present invention, the transaction information verifying unit 210 can determine the inquiry target ledger system 120 using the depositing bank and / or the bank account number among the n pieces of transaction information. For example, if the non-face-to-face transaction is a bank transfer transaction between two parties, the transaction information verification unit 210 may connect the transaction information using a deposit bank and / or a deposit account number included in the n transaction information The inquiry target ledger system 120 can determine the ledger system 120 of another line. Or if the non-face-to-face transaction is a inter-company money transfer transaction, the transaction information verification unit 210 determines the current ledger system 120 as the inquiry target ledger system 120 using the deposit bank and / or the deposit account number .

According to another embodiment of the present invention, the transaction information verifying unit 210 can determine the inquiry target ledger system 120 using the withdrawal bank and / or withdrawal account number among the n pieces of transaction information. For example, in the case where the non-face-to-face transaction is a transaction of a collecting method, the ledger system 120 of the other line connected through the common network using the withdrawal bank and / or withdrawal account number included in the n pieces of transaction information, The system 120 can be determined as the inquiry target ledge system 120.

When the inquiry target ledger system 120 is confirmed, the transaction information verifying unit 210 provides the inquiry target ledger system 120 with at least one information required for transaction information inquiry among the n pieces of transaction information, And receives m pieces of transaction information from the target ledger system 120. Preferably, the m pieces of transaction information include a depositor name of the deposit account, and may include a deposit account name of the withdrawal account according to an implementation method.

According to another embodiment of the present invention, when the transaction authentication system 200 is not the transaction server 105, inquiry about the m pieces of transaction information is performed through the transaction server 105, (210) may receive m transaction information as the inquiry result performed through the transaction server (105). Alternatively, if the transaction authentication server 200 is not the transaction server 105, the transaction information verification unit 210 can receive m transaction information through the ledger system 120 .

The information sorting unit 215 selects each transaction information to be transmitted to the user's wireless terminal 300 among the n transaction information received through the transaction information receiving unit 205 (for example, a deposit bank, a deposit account number, Or the transfer amount), or partial information of each individual transaction information (for example, a partial number of the deposit account number, etc.). The information sorting unit 215 extracts each individual transaction information (for example, a bank account name, a bank account number, etc.) to be transmitted to the user's wireless terminal 300 among the m transaction information confirmed through the transaction information checking unit 210 Or partial information of each individual transaction information (for example, a partial number of the deposit account number, etc.). If the individual transaction information to be transmitted to the user's wireless terminal 300 or partial information of each individual transaction information among the n pieces of transaction information and m pieces of transaction information is predetermined, the information selector 215 can be omitted .

The information transmission unit 220 transmits m 'pieces of information among n pieces of pieces of n pieces of transaction information received through the transaction information receiving unit 205 and m pieces of pieces of transaction information confirmed through the transaction information checking unit 210 (N '+ m') pieces of information each including at least one of them. Preferably, the (n '+ m') pieces of information may include a depositing bank, a deposit account number, a deposit amount (or transfer amount), and a depositor's name. According to the method, the (n '+ m') pieces of information may further include a withdrawal bank or a withdrawal account number. According to the embodiment of the present invention, even though the n pieces of transaction information include the password (e.g., account password, transfer password, etc.) inputted by the user, the (n '+ m' .

The information transmitting unit 220 confirms the user's wireless terminal 300 (or the program 315 provided in the wireless terminal 300) and transmits the (n '+ m &Quot;) &lt; / RTI &gt;

According to an embodiment of the present invention, the information transmitting unit 220 may transmit identification information (e.g., a user ID) for transmitting the (n '+ m') pieces of information to the user's wireless terminal 300 according to a specified messaging procedure. (Or an identifier) for a program 315 provided in the user's wireless terminal 300), and transmits the (n '+) to the designated messaging server, m ') pieces of information to the wireless terminal 300 of the user. When the program 315 included in the user's wireless terminal 300 receives the message in the messaging procedure and requests the (n '+ m') pieces of information, the program (n '+ m' ) &Lt; / RTI &gt; If the program 315 designated by the user's wireless terminal 300 is driven to request the (n '+ m') pieces of information, the information transmitter 220 transmits the (n '+ m' m ') pieces of information. In this case, the encrypted (n '+ m') pieces of information are transmitted to the program 315 included in the user's wireless terminal 300 Lt; / RTI &gt;

According to the embodiment of the present invention, the information transmission unit 220 transmits t (1? T? (N '+ m (n' + m ') Of authentication information, and may transmit to the user's wireless terminal 300 designation information (or a designated interface) for identifying the specified t pieces of authentication information. Meanwhile, t authentication information to be input by the user among the (n '+ m') pieces of information is determined through the program 315 provided in the user's wireless terminal 300, n '+ m') pieces of information, the information transferring unit 220 does not have to transmit the designation information (or designation interface).

According to the method of the present invention, when the server side seed value is required to generate the one-time code through the chip 405 of the card 400 interfaced with the wireless terminal 300, the information transmission unit 220 transmits It is possible to determine and transmit the server side seed value while transmitting the (n '+ m') pieces of information to the user's wireless terminal 300, and thus the present invention is not limited thereto.

According to the present invention, the transaction authentication system 200 transmits the (n '+ m') pieces of information to the user's wireless terminal 300 and receives authentication information of t The information transmission unit 220 controls the generation of the one-time use code through the chip 405 of the card 400 interfaced with the user's wireless terminal 300. The information transmission unit 220 transmits the one- 300 and the contactless card 400 of the designated user to be interfaced. If the guidance information is output through the program 315 included in the user's wireless terminal 300, the guidance information may not be transmitted.

According to the present invention, the transaction authentication system 200 may include a card (not shown) of FIG. 4 to dynamically generate a disposable code through a chip 405 of a card 400 interfaced with the user's wireless terminal 300 A member authentication unit (not shown) for authenticating the validity of the program 315 installed in the wireless terminal 300 of FIG. 3; (Not shown) for storing information for authenticating the dynamically generated one-time code via the chip 405 of the card 400 of FIG. 4 through the wireless terminal 300 of FIG.

The member operating unit receives a user who has been issued the card 400 of FIG. 4 as a member. The subscription may be performed in cooperation with the subscription / authentication unit of the program 315 shown in FIG. 3 or may be performed through the subscriber's terminal 100 in addition to the mobile terminal 300 in FIG. Or a management terminal provided in the card issuing organization at the time of issuing the card 400 of FIG. 4 to the user or a management terminal managing the transaction authentication system 200.

The member operation unit may generate the disposable code through the chip 405 of the card 400 interfaced with the user's wireless terminal 300. The member operation unit may be a member of the program 315 of the wireless terminal 300, / Authentication unit to process the member authentication for the user.

If the program 315 of the wireless terminal 300 is provided to the code server 110 or the control server 115, the transaction authentication system 200 may be provided only by program authentication or terminal authentication without membership, The member operating section of the transaction authentication system 200 may be omitted.

The program authenticating unit interlocks with the authentication processing unit 325 of the program 315 shown in FIG. 3 to authenticate the validity of the program 315 provided in the wireless terminal 300 according to the first to sixth program authentication methods . If the transaction authentication system 200 is provided in the code server 110 or the control server 115 and the program 315 of the wireless terminal 300 is provided by the transaction server 105, 200 can be omitted.

The information storage unit stores information allocated to the program 315 in the process of authenticating the validity of the program 315 included in the wireless terminal 300 through the program authentication unit, 300, and / or information stored in a reading area of the wireless terminal 300, in association with an identification value registration unit of the program 315 shown in FIG. 3, At least one of information stored in a unique storage area of the wireless terminal 300, information recorded in the H / W configuration of the wireless terminal 300, and information assigned / assigned by the network to which the wireless terminal 300 is connected And stores the identified terminal identification value in a designated storage medium.

Meanwhile, the information storage unit registers information on the chip 405 of the card 400 in association with a management terminal provided in a card issuing organization or a management terminal that manages the transaction authentication system 200, Can be stored. Preferably, the information storage unit stores the unique code stored in the chip 405 of the card 400 (e.g., a card serial number or a chip serial number (CSN) stored in a designated unique area of the chip 405) Seed value) can be registered and stored in the designated storage medium.

*

Referring to FIG. 2, the transaction authentication system 200 determines whether t (1? T? (N '+ m')) inputted by the user through the user's wireless terminal 300 among m ') pieces of authentication information, a transaction information authentication unit 230 for authenticating the validity of the received t pieces of authentication information through the n pieces of transaction information or m pieces of transaction information, And a transaction information control unit 235 for controlling to receive (Nn) pieces of transaction information from the terminal 100 of the user when the validity of the t authentication information is authenticated. And a non-face-to-face transaction controller 240 for controlling the process of processing the non-face-to-face transaction using the received N pieces of transaction information.

The program 315 included in the user's wireless terminal 300 receives the (n '+ m') pieces of information and displays the t pieces of authentication information among the (n '+ m' Displays the input interface. When designation information designating t authentication information among the (n '+ m') pieces of information is transmitted from the information transmission unit 220, the program 315 included in the user's wireless terminal 300 n '+ m') of pieces of authentication information corresponding to the specified information. Or if a designated interface for specifying and inputting t authentication information out of the (n '+ m') pieces of information is provided through the information transmission unit 220, the program 315 included in the user's wireless terminal 300 ) May display the designated interface. If the designation information (or designation interface) is not provided to the user's wireless terminal 300 through the information transmission unit 220, the program 315 included in the wireless terminal 300 of the user (n '+ m') pieces of information among the (n '+ m') pieces of information and inputting the specified t pieces of authentication information. If it is specified in advance which one of the (n '+ m') pieces of information is to be used as t pieces of authentication information, the program 315 included in the user's wireless terminal 300 may use (n '+ m' ) &Lt; / RTI &gt; pieces of authentication information. For example, if the (n '+ m') pieces of information include the deposit bank, the deposit account number, the deposit amount (or the transfer amount), and the deposit account name of the deposit account, The program 315 may display an interface for inputting the deposit account number (or a part of the deposit account number) and the deposit amount (or the transfer amount) as the t pieces of authentication information. For example, the t authentication information may be designated as the last four digits of the deposit account number, or the second and last three digits before the deposit account number, and such designated dynamically assigned or predefined type .

According to the present invention, the user recognizes (n '+ m') pieces of information displayed on the screen of the wireless terminal 300 and stores t pieces of authentication information displayed on the interface among the (n '+ m' . If (n '+ m') pieces of information displayed on the screen of the wireless terminal 300 include information different from n pieces of transaction information inputted or selected through the user terminal 100, or m pieces of transaction information If it can not be accepted, the user can report (or cancel) the corresponding transaction through the transaction notification (or transaction cancellation) related interface displayed on the interface without inputting the t authentication information.

When the user inputs t specified authentication information through the interface displayed on the screen of the wireless terminal 300 among (n '+ m') pieces of information displayed on the screen of the wireless terminal 300, The program 315 provided to the transaction authentication system 300 transmits the input t authentication information to the transaction authentication system 200. Preferably, the t authentication information is encrypted and transmitted. In this case, the encrypted t authentication information can be decrypted through the authentication information receiving unit 225. [ If the program 315 included in the user's wireless terminal 300 designates the t authentication information out of the (n '+ m') pieces of information, the program 315 included in the user's wireless terminal 300 May transmit designation information for identifying t authentication information among the (n '+ m') pieces of information together with the input t authentication information. If the t authentication information among the (n '+ m') pieces of information is determined through the information transmission unit 220 or is designated in advance, the designation information may be omitted.

The authentication information receiving unit 225 receives the authentication information received from the user through the wireless terminal 300 of the user among the (n '+ m') pieces of information transmitted to the program 315 included in the user's wireless terminal 300 t pieces of authentication information, and can further receive designation information for identifying t pieces of authentication information out of the (n '+ m') pieces of information according to an implementation method.

When t authentication information out of (n '+ m') pieces of information is inputted and received from the program 315 provided in the user's wireless terminal 300, the transaction information authentication unit 230 transmits the received t Confirms information corresponding to n 'pieces of information in the authentication information, verifies whether the verified information matches the n pieces of transaction information (or n' pieces of information), and confirms the result. For example, if the deposit account number is included in the n 'pieces of information and the t four pieces of authentication information includes the last four digits of the deposit account number, the transaction information authenticator 230 may transmit the n transaction information (Or n 'pieces of information), and verify that the last four digits of the deposit account number match the four-digit number included in the t pieces of authentication information. Alternatively, the transaction information authentication unit 230 may check the information corresponding to m 'pieces of the received t pieces of authentication information and determine whether the verified information matches the m pieces of transaction information (or m' pieces of information) do. For example, if the depositor's name is included in the m 'pieces of information and the deposit information name is included in the t pieces of authentication information, the transaction information authentication unit 230 may store the m pieces of transaction information (or m' pieces of information) And confirms that the account holder name matches the account holder name included in the t pieces of authentication information. The validity authentication for the t authentication information may be performed only for n transaction information (or n 'pieces of information) and m pieces of transaction information (or m' pieces of information) according to the t authentication information configuration, Lt; / RTI &gt;

According to the embodiment of the present invention, when the t authentication information is authenticated through a separate server besides the transaction authentication system 200, the transaction information authentication unit 230 transmits the t authentication information through the separate server The authentication result can be confirmed.

The transaction information control unit 235 determines whether to continue or stop the non-face-to-face transaction requested through the terminal 100 of the user. If the information corresponding to the transaction report (or transaction cancel) is received from the program 315 provided in the user's wireless terminal 300 or if the validity of the t authentication information is not authenticated, The controller 235 determines to suspend the non-face-to-face transaction requested through the user terminal 100 and controls the non-face-to-face transaction stop (or termination) procedure through the user terminal 100, And notifies the program 315 provided in the wireless terminal 300 of the user.

Meanwhile, if the validity of t authentication information is authenticated, the transaction information control unit 235 determines that the non-face-to-face transaction requested through the user terminal 100 is continuously performed, (Nn) pieces of transaction information are transmitted from the terminal 100 of the user to the transaction server 105 that processes the non-face-to-face transaction, (E.g., (Nn) pieces of transaction information reception requests to the transaction server 105). Preferably, the (Nn) pieces of transaction information are generated by using the generated one-time code through the chip 405 of the card 400 interfaced with the user's wireless terminal 300 through the NFC to authenticate the non- And includes at least one transaction information among the digital signature values signed through the user's public certificate for the (Nn) pieces of transaction information.

According to the embodiment of the present invention, the transaction information control unit 235 transmits a one-time code dynamically generated through the chip 405 of the card 400 interfaced with the user's wireless terminal 300 through the NFC, And is used as (Nn) pieces of transaction information to be input through the terminal 100. The transaction information control unit 235 transmits the chip 405 of the card 400 interfaced with the user's wireless terminal 300 through the NFC to the program 315 provided in the user's wireless terminal 300 And the program 315 of the wireless terminal 300 dynamically generates a disposable code through the chip 405 of the card 400 interfaced with NFC based on the request And receives the dynamically generated disposable code through the chip 405 of the card 400 and displays it on the screen. According to an embodiment of the present invention, the transaction information control unit 235 determines a server side seed value for dynamically generating a disposable code through the chip 405 of the card 400, and transmits the determined server side seed value to the wireless terminal 300 to the program 315 of the computer. The server-side seed value may be a stored value stored in a DB on the transaction authentication system 200, a randomly generated random number value, a code value generated based on the n pieces of transaction information and m pieces of transaction information (e.g., n And a hash value obtained by hashing specified transaction information out of m transaction information, and the like).

The one-time code generated through the chip 405 of the card 400 interfaced with the wireless terminal 300 is input as one of (Nn) pieces of transaction information input through the terminal 100 of the user, The terminal 100 transmits the (Nn) pieces of transaction information including the disposable code through the designated path.

When receiving transaction information of (Nn) in the transaction authentication system 200, the transaction information receiving unit 205 controls the transaction information control unit 235 to input or select (Nn) pieces of transaction information.

When the N transaction information is received from the user terminal 100 through the transaction information receiving unit 205, the non-face transaction controller 240 processes the non-face transaction using the N transaction information . If the non-face-to-face transaction is performed through a separate transaction server 105, the non-face transaction control unit 240 may control the transaction server 105 to perform a process for processing the non-face-to-face transaction. If the (Nn) pieces of transaction information are controlled to be transmitted to the transaction server 105 by the transaction information control unit 235 and the transaction server 105 processes the non-face transaction using the N pieces of transaction information The non-face-to-face transaction controller 240 does not have to perform a separate non-face-to-face transaction control procedure.

Referring to FIG. 2, the transaction authentication system 200 is dynamically generated through a chip 405 of a card 400 interfaced with the user's wireless terminal 300, and is input through the terminal 100 of the user And a code authentication processing unit (245) for processing the validity of the disposable code to be authenticated.

The code authentication processing unit 245 is generated dynamically through a chip 405 of the card 400 interfaced with the user's wireless terminal 300 and input through the terminal 100 of the user, Generates a code value for authenticating the validity of the one-time use code by using the same algorithm and seed as the algorithm for generating the one-time use code on the chip 405 of the card 400, The validity of the disposable code can be verified by comparing the code value with the received disposable code.

According to the embodiment of the present invention, when the disposable code is authenticated through a separate code authentication server (not shown) besides the transaction authentication system 200, the code authentication processing unit 245 transmits the disposable code to the code authentication server And confirm the validity of the disposable code through the code authentication server.

When the validity of the one-time code is authenticated or confirmed through the code authentication processing unit 245, the non-facing transaction control unit 240 causes the non-facing transaction control unit 240 to perform a process of processing the non-face transaction using the N pieces of transaction information . When the non-face-to-face transaction procedure is performed through the transaction server 105 in addition to the transaction authentication system 200, the code authentication processing unit 245 can provide the authentication result of the disposable code to the code authentication server .

3 is a functional block diagram of a wireless terminal 300 that interfaces with a card 400 according to an embodiment of the present invention.

3 shows the configuration of the wireless terminal 300 that interfaces with the chip 405 of the card 400 shown in FIG. 4 through the NFC and the function of the program 315 operating in the wireless terminal 300 Those skilled in the art will be able to refer to and / or modify the FIG. 3 to derive various implementations of the functional configuration of the wireless terminal 300 However, the present invention is not limited to the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG. The wireless terminal 300 according to the present invention is a general term for all terminals that are interfaced with the card 400 via the NFC and the wireless terminal 300, which interfaces with the chip 405 of the card 400 through the NFC, The functional configuration of the wireless terminal 300 will be described with reference to an embodiment of a wireless terminal 300 such as a phone, a tablet PC, and a mobile phone.

3, the wireless terminal 300, which interfaces with the chip 405 of the card 400, includes a control unit 301, a memory unit 310, a screen output unit 302, a user input unit 303, A sound processing unit 304, a wireless network communication unit 308, a short range wireless communication unit 307, an NFC module 305, a USIM reader unit 309 and a USIM, and has a battery 306 for power supply.

The control unit 301 is a general term for controlling the operation of the wireless terminal 300. The control unit 301 includes at least one processor and an execution memory, BUS). According to the present invention, the control unit 301 loads at least one program code included in the wireless terminal 300 into the execution memory through the processor, and outputs the result through at least one configuration And controls the operation of the wireless terminal 300. FIG. Hereinafter, the configuration of the program 315 of the present invention, which is implemented in the form of program code for convenience, is shown in the control unit 301 and will be described.

The memory unit 310 is a generic name of a nonvolatile memory corresponding to a storage resource of the wireless terminal 300 and includes at least one program code executed through the control unit 301 and at least one Save and maintain the dataset. The memory unit 310 basically includes a system program code and a system data set corresponding to the operating system of the wireless terminal 300, a communication program code and a communication data set for processing a wireless communication connection of the wireless terminal 300, A program code and a data set corresponding to the program 315 of the present invention are also stored in the memory unit 310. FIG.

The screen output unit 302 is composed of a screen output device (e.g., an LCD (Liquid Crystal Display) corresponding to the output resource of the wireless terminal 300 and a driving module for driving the screen output device) And outputs the calculation result corresponding to the screen output among the various calculation results of the control unit 301 to the screen output device.

The user input unit 303 may include at least one user input device corresponding to the input resource of the wireless terminal 300 such as a button, a keypad, a touch pad, a touch screen interlocked with the screen output unit 302, And inputs a command for instructing various operations of the control unit 301 in cooperation with the control unit 301 or inputs data necessary for the operation of the control unit 301. [

The sound processing unit 304 is composed of a speaker corresponding to the output resource of the wireless terminal 300, a microphone corresponding to the input resource of the wireless terminal 300 and a driving module for driving the microphone, And outputs the operation result corresponding to the sound output from the various operation results of the control unit 301 through the speaker or transmits the sound data inputted through the microphone to the control unit 301. [ The driving module decodes sound data to be outputted through the speaker and converts the sound data into a sound signal or encodes the sound signal inputted through the microphone to encode the sound signal.

The NFC module 305 collectively refers to a communication resource for processing one or more NFCs among a bidirectional NFC, a full-duplex NFC, and a half-duplex NFC using a radio frequency signal as a communication medium at a close distance (e.g., about 10 cm) NFC can be processed according to the near field communication (NFC) standard of the frequency band. Alternatively, the NFC module 305 may process the NFC of the ISO 18000 series standard. In this case, the NFC module 305 may process the NFC for a frequency band other than the 13.56 Mz frequency band. For example, the NFC module 305 may operate in a reader mode, a tag mode, or a bidirectional communication mode. Meanwhile, the NFC module 305 may be included in a communication resource for connecting the wireless terminal 300 to a communication network according to an object to be communicated in close proximity.

The wireless network communication unit 308 and the short-range wireless communication unit 307 are collectively referred to as communication resources for connecting the wireless terminal 300 to a designated communication network. Preferably, the wireless terminal 300 may include a wireless network communication unit 308 as a basic communication resource, and may include one or more short-range wireless communication units 307.

The wireless network communication unit 308 is a collective term for a communication resource that connects the wireless terminal 300 to a wireless communication network via a base station and includes an antenna for transmitting / receiving a radio frequency signal of a specific frequency band, an RF module, a baseband module, And transmits the calculation result corresponding to the wireless communication among the various calculation results of the controller 301 to the controller 301 through the wireless communication network or receives data through the wireless communication network To the control unit 301, and performs connection, registration, communication, and hand-off procedures of the wireless communication. According to the present invention, the wireless network communication unit 308 can connect the wireless terminal 300 to a telephone communication network including a communication channel and a data channel via the exchange, and in some cases, May be connected to a data network providing communication-based wireless network data communication (e.g., the Internet).

According to an embodiment of the present invention, the wireless network communication unit 308 is a mobile communication unit that performs at least one connection, a location registration, a call processing, a call connection, a data communication, and a handoff to a mobile communication network according to the CDMA / WCDMA / &Lt; / RTI &gt; Meanwhile, according to the intention of a person skilled in the art, the wireless network communication unit 308 may further comprise a portable Internet communication configuration for performing at least one of connection to the portable Internet, location registration, data communication and handoff according to the IEEE 802.16 standard, It is evident that the present invention is not limited by the wireless communication configuration provided by the wireless network communication unit 308. [ That is, the wireless network communication unit 308 is a general term for a configuration unit that connects to a wireless communication network through a cell-based base station irrespective of a frequency band of a wireless zone, a type of a communication network, or a protocol.

The short-range wireless communication unit 307 is a generic name of communication resources connecting a communication session using a radio frequency signal within a predetermined distance (for example, 10 m) as a communication medium and connecting the wireless terminal 300 to the communication network based on the communication session , The wireless terminal 300 may be connected to the communication network through at least one of Wi-Fi communication, Bluetooth communication, public wireless communication, and UWB. According to an embodiment of the present invention, the short-range wireless communication unit 307 may be integrated with or separated from the wireless network communication unit 308. According to the present invention, the short-range wireless communication unit 307 connects the wireless terminal 300 to a data network providing packet-based short-range wireless data communication through a wireless AP.

The USIM reader unit 309 is a generic term of a configuration for exchanging at least one data set with a universal subscriber identity module that is mounted or detached from the mobile station 300 based on the ISO / IEC 7816 standard , And the data set is exchanged in a half duplex communication manner through an APDU (Application Protocol Data Unit).

The USIM is an SIM type card having an IC chip conforming to the ISO / IEC 7816 standard, and includes an input / output interface including at least one contact connected to the USIM reader unit 309, a program code for at least one IC chip (Or processing) the program code for the IC chip in accordance with at least one command transmitted from the wireless terminal 300, or extracting (or processing) the data set in association with the input / output interface To the input / output interface.

The program 315 of the present invention is downloaded from a program providing server (for example, an Apple App Store or the like) through a data network to which the communication resource can be connected and is stored in the memory unit 310. The downloaded program 315 operates in conjunction with the designated transaction authentication system 200, and can be manually driven by a user, or can be activated (or activated) after user confirmation or automatically by receiving a message. Meanwhile, a separate program 315 may be in operation for activating the program 315 after user confirmation or automatically, and thus the present invention is not limited thereto.

Referring to FIG. 3, the program 315 of the wireless terminal 300 accesses a transaction authentication system 200 designated through a data network to which the communication resource is connectable and registers the user as a member, An authentication procedure unit 325 for performing a procedure for authenticating the validity of the program 315 through at least one communication network connectable through the communication resource, And an identification value registration unit 330 for registering the terminal identification values provided or assigned to the wireless terminal 300 in the designated transaction authentication system 200. At least one component of the membership subscription / authentication unit 320, the authentication procedure unit 325, and the identification value registration unit 330 may be omitted according to the method.

The program 315 includes communication connection macro information for connecting to a designated transaction authentication system 200 via a data network to which the communication resource is connectable, and the membership subscription / authentication unit 320 includes a screen output unit 302 (E.g., name, resident registration number, etc.) for joining the user as a member via the data network, and an interface for inputting the member account through the data network to the transaction authentication system 200, And transmits the information and the member account to join the user as a member.

Meanwhile, the subscription of the user can be subscribed through the subscriber terminal 100 in addition to the mobile terminal 300. Accordingly, when the user is already a member or is registered as a member through the terminal 100 of the user, the membership / authentication unit 320 outputs an interface for inputting the user's membership account, Transmits the member account inputted through the interface to the designated transaction authentication system 200 through the data network to authenticate the user as a member.

The authentication procedure unit 325 authenticates the validity of the program 315 to a designated transaction authentication system 200 through at least one communication network among a data network and a telephone communication network to which the communication resource is connectable. According to an embodiment of the present invention, the process of authenticating the program 315 is a process of performing an encryption / decryption communication process agreed between the program 315 and the designated transaction authentication system 200, A detailed description of the decoding process will be omitted.

According to the first program authentication method of the present invention, the program 315 can be downloaded through the program providing server in a state in which a unique value for identifying the program operated by the designated transaction authentication system 200 is set. In this case, the authentication procedure unit 325 transmits the eigenvalue to the designated transaction authentication system 200 or a key exchange procedure based on the specified transaction authentication system 200 and the designated key exchange protocol based on the unique value By doing so, it is possible to verify that the program 315 is a program operated by the designated transaction authentication system 200.

According to the second program authentication method of the present invention, the program 315 is downloaded through the program providing server, and then the token value (e.g., A device token assigned by the APNS, etc.) may be assigned. In this case, the authentication procedure unit 325 transmits the token value to the designated transaction authentication system 200 according to the designated path, thereby authenticating that the program 315 is a program operated by the designated transaction authentication system 200 .

According to the third program authentication method of the present invention, the program 315 constructs hash information by hashing at least one file corresponding to the program 315 according to a specified hash algorithm, System 200 to authenticate that the program 315 is a valid program operated by the designated transaction authentication system 200. [ Meanwhile, the authentication procedure unit 325 can construct the hash information by using the key value internally determined or exchanged with the designated transaction authentication system 200 in the process of constructing the hash information.

According to the fourth program authentication method of the present invention, the program 315 is downloaded through a program providing server in a state in which a certificate for performing a specified authentication procedure is loaded, or after being downloaded through a program providing server, Certificates can be loaded according to roaming procedures. In this case, the authentication procedure unit 325 may selectively use the key exchange protocol and the encryption / decryption rule, the at least one key value set in the certificate according to the authentication procedure defined in the certificate, It can be authenticated that the program is operated by the authentication system 200. The certificate may comprise at least one of a certificate of a specified transaction authorization system 200 or a certificate of a user using the program 315.

According to the fifth program authentication method of the present invention, when the authentication number transmitted from the transaction authentication system 200 designated through the message exchange protocol of the telephone network is received, the wireless terminal 300 inputs the received authentication number And transmits the program 315 to the designated transaction authentication system 200 through the data network, thereby authenticating that the program 315 is a program operated by the designated transaction authentication system 200.

According to the sixth program authentication method of the present invention, the authentication procedure unit 325 receives the program from the designated transaction authentication system 200 through the authentication method that selectively combines at least one of the first to fifth program authentication methods, It is possible to authenticate the validity of the authentication server 315, and thus the present invention is not limited thereto.

The authentication procedure unit 325 may be configured to determine whether the memory unit 310 of the wireless terminal 300 or SE (Secure Element, wireless) Unique information stored in a security storage area of at least one of a Universal Subscriber Identify Module (USIM), an Integrated Circuit (IC) chip, and an embedded chip of an external memory (eg, SD memory) mounted on or detached from the terminal 300, Or transmits the unique information allocated by the communication company side resource to the designated transaction authentication system 200 in the process of connecting or holding the wireless terminal 300 to the designated communication network through the wireless network communication unit 308, 315 may be a program operated by the designated transaction authentication system 200 and at the same time that the program 315 is running in the wireless terminal 300.

The identification value registration unit 330 registers information stored in the reading area of the wireless terminal 300, information stored in the unique storage area of the wireless terminal 300, information recorded in the H / W configuration of the wireless terminal 300 A terminal identification value including at least one of information assigned / assigned in the network to which the wireless terminal 300 is connected, and / or a program authentication process or authentication performed through the first to sixth program authentication methods. As a result, it is possible to identify the terminal identification value including at least one of the information allocated to the program 315 and the information stored in the wireless terminal 300 by the program 315, And transmits it to the designated transaction authentication system 200 for registration.

Referring to FIG. 3, the program 315 of the wireless terminal 300 includes an information receiver 335 for receiving (n '+ m') pieces of information from the transaction authentication system 200 shown in FIG. 2 (N '+ m') pieces of information through the user input unit 303, an information display unit 340 displaying the received (n '+ m') pieces of information through the screen output unit 302, An input processor 345 for inputting t authentication information out of t and a transmission procedure performing unit 355 for performing a procedure for transmitting the input t authentication information to the transaction authentication system 200. [

When the transaction authentication system 200 transmits (n '+ m') pieces of information including at least one n 'pieces of information and m' pieces of information, the information receiving unit 335 acquires (n '+ m' m ') pieces of information, and the information display unit 340 displays the received (n' + m ') pieces of information through the screen output unit 302, And displays an interface for receiving t authentication information among the information from the user.

(N '+ m') pieces of information, when designation information designating t authentication information among the (n '+ m') pieces of information is received from the transaction authentication system 200, An interface for receiving the t pieces of authentication information corresponding to the designation information can be displayed. Or when the designation information is designated through the program 315, the information display unit 340 determines designation information corresponding to t authentication information out of the (n '+ m') pieces of information, It is possible to display the interface for receiving the authentication information of the authentication information. If the information to be used as t authentication information among the (n '+ m') pieces of information is designated, the information display unit 340 inputs the specified t pieces of authentication information among (n '+ m' You can display the interface to receive.

According to the embodiment of the present invention, the information display unit 340 may display the t authentication information among the (n '+ m') pieces of information at a designated time point before or after the t authentication information is displayed, The guidance information for inducing the contactless card 400 to interface with the wireless terminal 300 can be displayed.

When the interface for receiving t authentication information out of the (n '+ m') pieces of information is displayed, the input processing unit 345 performs a procedure for receiving the t authentication information through the user input unit 303 And the transmission procedure performing unit 355 performs a procedure of transmitting the inputted t pieces of authentication information to the transaction authentication system 200. [

3, the program 315 of the wireless terminal 300 includes an authentication result receiving unit 360 that receives an authentication result obtained by authenticating transaction information through the t authentication information from the transaction authentication system 200, At any specified time point before, during, after, or after the (n '+ m') pieces of information are received and / or displayed, or at any specified time point before, And a card interlocking part (350) interlocked with the card interlock part (400).

After the transmission procedure performing unit 355 transmits the input t authentication information to the transaction authentication system 200, the authentication result receiving unit 360 receives the t authentication information from the transaction authentication system 200, And receives the authentication result that the transaction information is authenticated through. According to an embodiment of the present invention, the authentication result receiving unit 360 may receive a server side seed value to be used as a seed to generate a disposable code from the chip 405 of the card 400 from the transaction authentication system 200. Meanwhile, the server side seed value may be received together with the (n '+ m') pieces of information, and thus the present invention is not limited thereto.

At any specified time point before, after, or after the (n '+ m') pieces of information are received and / or displayed, or at any specified time point before, after, or after the authentication result is received, And confirms whether the contactless card 400 is interfaced through the NFC module 305. If the interface of the contactless card 400 is confirmed, the card interlocking unit 350 obtains at least one input value designated to be input to the chip 405 of the card 400. Preferably, the input value includes a time value obtained through a timer of the wireless terminal 300, and may include a terminal-side random number value generated by the card interlocking unit 350, Side seed value received from the server 200 side.

The card interlocking unit 350 checks the state of the chip 405 of the card 400 and provides the obtained input value to the chip 405 of the card 400 interfaced. The chip 405 of the card 400 dynamically generates a disposable code using the input value and the value stored in the chip 405 of the card 400 as a seed, .

3, the program 315 of the wireless terminal 300 includes a code receiving unit 365 that receives the dynamically generated disposable code from the chip 405 of the card 400 interposed therebetween, And a code output unit 370 for outputting the disposable code, and a code transmission unit 375 for transmitting the confirmed code to the designated authentication server.

When the one-time code is dynamically generated through the chip 405 of the card 400 interfaced via the NFC, the code receiving unit 365 generates the one-time code by dynamically generating in the chip 405 of the card 400 interfaced via the NFC And the code output unit 370 outputs the disposable code received from the chip 405 of the card 400 through the screen output unit 302. [ And is input as one of (N-n) pieces of transaction information input through the output terminal 100 of the user. If the user terminal 100 and the wireless terminal 300 are identical, the code transmitting unit 375 transmits the identified one-time use code to the transaction authentication system 200 designated as one of the (Nn) pieces of transaction information . If the information received from the chip 405 of the card 400 through the card interlocking unit 350 includes other information to be displayed through the wireless terminal 300, The other information can be output to the screen in association with the disposable code.

4 is a diagram showing a configuration of a contactless card 400 that generates a disposable code according to an embodiment of the present invention.

4 illustrates a functional configuration of a card 400 having an NFC function and a disposable code generation function. Referring to FIG. 4 and FIG. 4, if a person skilled in the art is familiar with the present invention, Or variations may be made to various implementations of the configuration of the card 400 (e.g., some of the components may be omitted, or subdivided, or combined), but the invention is not limited to all of the above- And the technical features thereof are not limited only by the method shown in FIG.

The card 400 of the present invention is a general term of a card having an NFC function and a disposable code generation function, and is preferably formed in the form of a card on which the chip 405 for the NFC and the antenna 450 are mounted. For example, the card 400 of the present invention may include a financial IC card 400, an NFC card 400, and an RF card 400 having an NFC function and a disposable code generation function.

Referring to FIG. 4, the card 400 includes a wireless communication unit 435 for providing an NFC function, an input value for generating a disposable code from the wireless terminal 300 through the NFC, A control unit 410 for controlling a process of dynamically generating a disposable code using one of the seed values and outputting the disposable code through the wireless terminal 300 and a control unit 410 for controlling at least one program code A chip 405 integrated with a configuration corresponding to the memory unit 440 for storing a data set is mounted. When the card 400 is a combination financial IC card 400, the chip 405 further includes an interface unit 445 forming a contact interface with the wireless terminal 300, and the card 400 A contact point 455 (for example, a COB (Chip On Board)) electrically connected to the interface unit 445 is provided at a designated position on the surface of the substrate.

The wireless communication unit 435 collectively refers to a wireless communication unit that performs wireless communication with a wireless terminal 300 at a close distance (for example, about 10 cm) using a radio frequency signal of a designated frequency band (e.g., 13.56 MHz) Preferably, the NFC function is provided according to the NFC standard.

The memory unit 440 is a collective term of a nonvolatile memory corresponding to a storage resource of the chip 405. The memory unit 440 preferably includes a ROM (Read Only Memory), an EEPROM (Electrically Erasable and Programmable Read Only Memory) And the like. Preferably, the memory unit 440 includes both a NAND-type memory and a NOR-type memory. And may be included in the category of the memory unit 440 as a RAM (Random Access Memory) provided in the chip 405 according to an implementation method. According to the embodiment of the present invention, the memory unit 440 stores program codes corresponding to COS (Chip Operating System), and program codes corresponding to the applets corresponding to the services to be provided through the card 400 .

The controller 410 is a collective term for controlling the operation of the chip 405. The controller 410 preferably controls the operation of one or more of a central processing unit (CPU), a micro processing unit (MPU), and a coprocessor Lt; / RTI &gt; According to the embodiment of the present invention, the control unit 410 may define a state in which the program code corresponding to the COS recorded in the memory unit 440 is loaded into the execution memory and operated by the processor, FIG. 4 is a block diagram illustrating a configuration of a program code corresponding to an applet operating on the application program according to an exemplary embodiment of the present invention.

4, the chip 405 of the card 400 includes an information receiving unit 415 that receives a designated input value from the wireless terminal 300 interfaced via the NFC, And a code providing unit (425) for providing the generated disposable code to the wireless terminal (300) interfaced with the NFC, wherein the code providing unit (425) for generating the one- And an authentication processing unit 430 for processing authentication.

When the card 400 is interfaced with the nearby wireless terminal 300 through the NFC of the wireless communication unit 435, the information receiving unit 415 receives a designated input value from the interfaced wireless terminal 300 . The input value includes a time value, which is a value specified to be input from the wireless terminal 300 to dynamically generate the one-time use code and matches the international time obtained through the timer of the wireless terminal 300, ) &Lt; / RTI &gt; The input value may include a server side seed value provided by the transaction authentication system 200 according to an embodiment of the present invention. Meanwhile, the input value is not limited to the illustrated values, and may include any value that is input from the wireless terminal 300 to generate the one-time code.

The code generation unit 420 includes the code generation algorithm and dynamically generates a discrete code of a specified code system by including an input value received through the information receiving unit 415 in a seed value of the code generation algorithm. Preferably, the code generator 420 dynamically generates the one-time code using the input value as one of the seeds. If the input value further includes a time value or a unique ID, the code generating unit 420 may dynamically generate the disposable code by further including the time value or the unique ID in the seed value.

According to an embodiment of the present invention, the seed for generating the disposable code may further include a seed value stored in the memory unit 440. In this case, the code generation unit 420 may generate the one- So that the disposable code can be dynamically generated.

On the other hand, the authentication processing unit 430 receives the input value from the wireless terminal 300 at the time of interfacing with the wireless terminal 300 through the NFC, and generates the one-time code Lt; RTI ID = 0.0 &gt; dynamically &lt; / RTI &gt; Preferably, the designated authentication may include PIN (Personal Identification Number) authentication. The authentication processing unit 430 stores a PIN authentication value for PIN authentication, receives a PIN value from the interfaced wireless terminal 300, and can authenticate the received PIN value using the PIN authentication value . For example, the PIN value may be received and authenticated before the time value is received, or received and authenticated with the time value. According to an embodiment of the present invention, the time when the authentication process is performed may be performed before the disposable code is provided from the chip 405 of the card 400 to the wireless terminal 300, and thus the present invention is not limited thereto. The authentication process may be omitted according to the intention of those skilled in the art.

The code providing unit 425 provides the determined disposable code to the wireless terminal 300 interfaced with the NFC. The wireless terminal 300 may output the received one-time code so that the wireless terminal 300 may transmit the disposable code to the terminal 100 of the designated user (for example, the wireless terminal 300 or the wireless terminal 300) A separate terminal or the like) to be used as the authentication means of the transaction requested through the terminal 100 of the user.

5 is a diagram illustrating a process of transmitting and receiving n pieces of transaction information according to an embodiment of the present invention.

FIG. 5 is a flowchart illustrating a method of transmitting and receiving n pieces of transaction information including designated information among N pieces of transaction information to be input for a non-face-to-face transaction and transmitting m pieces of transaction information through the ledger system 120 corresponding to the n pieces of transaction information. (N ') including at least one of the n pieces of transaction information inputted or selected by the user himself or herself and the m pieces of transaction information searched through the ledger system 120 to the user's wireless terminal 300, + m ') pieces of information, and receiving and authenticating t pieces of authentication information from the user's wireless terminal 300. As a person skilled in the art to which the present invention pertains, Referring to and / or modified with reference to FIG. 5, it will be appreciated that various implementations of the transaction information transmission and reception process (for example, some steps may be omitted or the order may be changed) Said composed, including any exemplary way in which the inference, to which the technical feature that is not limited to the exemplary method shown in the figure 5.

Referring to FIG. 5, a user terminal 100 performs a non-face authentication process for non-face-to-face transactions (500) and selects a transaction type from a user (505). The user terminal 100 displays an interface for receiving transaction information corresponding to the selected transaction type (510). When the transaction information is inputted through the interface, the user terminal 100 transmits n transaction information including the designated information among the n transaction information for the non-face-to-face transaction on the designated channel, i.e., the first channel (515). The process of transmitting and receiving the -n pieces of transaction information may be sequentially performed according to a sequence corresponding to a non-face-to-face transaction procedure, or may be batch-processed.

The transaction authentication system 200 receives n pieces of transaction information through a designated path (first channel) (520) and stores m pieces of transaction information searched through the ledger system 120 corresponding to the n pieces of transaction information (525). If the m transaction information is confirmed, the transaction authentication system 200 determines m 'pieces of information among n pieces of transaction information and m pieces of transaction information among n pieces of transaction information (530) (n '+ m') pieces of information including at least one m 'pieces of information (535). The transaction authentication system 200 identifies the user's wireless terminal 300 corresponding to the second channel to which the (n '+ m') pieces of information will be transmitted (operation 540). The user's wireless terminal 300 can be identified based on information stored in a designated database or through information received from the terminal 100 of the user. If the user's wireless terminal 300 corresponding to the second channel to be transmitted is confirmed, the transaction authentication system 200 transmits the program (n '+ m (m)) to the program 315 provided in the user's wireless terminal 300 ') Information (545).

The user's wireless terminal 300 receives (n '+ m') pieces of information (n '+ m') from the second channel and outputs the received (n ' n &apos; + m &apos;) pieces of information (555). According to an embodiment of the present invention, the interface may include induction information for instructing the wireless terminal 300 to interface the chip 405 of the card 400 held by the user.

When the designated authentication information among the (n '+ m') pieces of information is inputted through the interface, the program 315 included in the user's wireless terminal 300 confirms the inputted t pieces of authentication information (560 , And transmits the confirmed t authentication information via the second channel (565).

The transaction authentication system 200 receives t authentication information on the second channel 570 and transmits n transactions corresponding to (n '+ m') pieces of information transmitted to the user's wireless terminal 300 And verifies the validity of the t pieces of authentication information through information and / or m pieces of transaction information (575). If the validity authentication for the t authentication information fails or the information corresponding to the transaction report or transaction report is received from the user's wireless terminal 300 instead of the t authentication information, 200 generates an authentication error for the transaction information and transmits it to the user's wireless terminal 300 (580) without performing the process shown in FIG. 6, and the user's wireless terminal 300 transmits the authentication information An error is received and output (585). If the validity of the t authentication information is authenticated, control is performed such that a procedure of inputting or selecting (N-n) pieces of transaction information through the user terminal 100 is performed (590). According to the method of the present invention, at least one of the processes shown in FIGS. 6 to 8 is one of the procedures for allowing (Nn) pieces of transaction information to be inputted or selected and received through the user terminal 100 .

6 is a diagram illustrating a process of dynamically generating a disposable code using a chip 405 of a card 400 interfaced with a user's wireless terminal 300 according to an embodiment of the present invention.

6 shows a process of dynamically generating a disposable code through a chip 405 of a card 400 interfaced with a wireless terminal 300 through an NFC. In the conventional technology, Those skilled in the art will be able to refer to and / or modify FIG. 6 to infer various implementations of the disposable code generation process (e.g., omitting some steps or changing the order) The present invention is not limited to the above-described embodiments, and various modifications and changes may be made without departing from the scope of the present invention.

Referring to FIG. 6, when the validity of the transaction information inputted or selected through the terminal 100 of the user through the t authentication information in the transaction authentication system 200 is authenticated, The program 315 of the wireless terminal 300 requests the transaction authentication system 200 to generate a disposable code through the chip 405 of the card 400 interfaced with the wireless terminal 300 through the NFC (600).

The wireless terminal 300 confirms whether it is interfaced with the designated card 400 through the NFC (605). If the wireless terminal 300 is interfaced with the card 400, the wireless terminal 300 provides the input value designated by the NFC to the chip 405 of the interfaced card 400 (610) (405) receives an input value to be used as a seed for dynamically generating the disposable code through the NFC (615).

The chip 405 of the card 400 dynamically generates a disposable code by using the input value provided from the wireless terminal 300 and the seed value stored in the chip 405 of the card 400 as a seed ), And transmits the dynamically generated disposable code to the wireless terminal 300 through the NFC (625).

The wireless terminal 300 receives (630) the dynamically generated disposable code from the chip 405 of the card 400 using the seed value and the input value as a seed through the NFC, (Step 635).

7 is a diagram illustrating a process of transmitting and receiving (N-n) pieces of transaction information and processing non-face transactions according to an embodiment of the present invention.

7, in cooperation with the procedure for authenticating n pieces of transaction information transmitted and received through the process shown in FIG. 5, the user terminal 300 is connected to the user's wireless terminal 300 through the NFC (Nn) number of disposable codes including the disposable code displayed on the screen of the wireless terminal 300, when generating and outputting the disposable code using the chip 405 of the card 400, The transaction information is transmitted and received to process a non-face-to-face transaction. If a person skilled in the art is familiar with the present invention, referring to and / or modified with reference to FIG. 7, It will be appreciated that various implementations of the transaction processing process (e.g., some steps may be omitted or alternate implementations) may be inferred, but the present invention encompasses all of the above- And the technical characteristics thereof are not limited only by the method shown in FIG.

Referring to FIG. 7, the user terminal 100 receives, through the displayed interface, transaction information on the screen of the wireless terminal 300 through the process shown in FIG. 6 among N pieces of transaction information for non- (Nn) pieces of transaction information including the displayed one-time codes are inputted or selected (700).

If (Nn) pieces of transaction information including the disposable code are inputted or selected, the user terminal 100 transmits (Nn) pieces of transaction information including the disposable code on the first channel (705) , The transaction authentication system 200 receives the (Nn) pieces of transaction information through the first channel (715). The process of transmitting and receiving the (N-n) pieces of transaction information may be sequentially performed according to a sequence corresponding to the non-facing transaction procedure, or may be batch processed.

The transaction authentication system 200 performs an authentication procedure corresponding to the disposable code among the (N-n) pieces of transaction information (715). If the validity of the disposable code is not authenticated, the transaction authentication system 200 transmits an authentication error for the disposable code to the user terminal 100 (720), and the user terminal 100 And receives and outputs the authentication error (725). Meanwhile, if the validity of the disposable code is authenticated, the transaction authentication system 200 transmits N pieces of transaction information (for example, n pieces of transaction information and the number of pieces of transaction information) received from the terminal 100 of the user based on the authentication result of the one- (Nn) pieces of transaction information) is performed (730). If the non-face-to-face transaction procedure is performed, the transaction authentication system 200 transmits the non-face-to-face transaction result to the user terminal 100 (735) Face transaction result, and outputs the result (740).

100: user's terminal 105: transaction server
110: code server 115: control server
120: ledger system 200: transaction authentication system
205: transaction information receiving unit 210: transaction information checking unit
215: Information selector 220: Information transmission unit
225: authentication information receiving unit 230: transaction information authentication unit
235: transaction information control unit 240: non-face transaction control unit
245: code authentication processing unit 300: wireless terminal
305: NFC module 315: program
400: card 405: chip

Claims (8)

A method of executing via a program of a user's wireless terminal,
N (1? N <N) pieces of transaction information inputted or selected by the user before performing the one-time authentication code based authentication among the N (N? 2) pieces of transaction information to be input from the user for the non- (1? N'? N) pieces of information including information set to be used as a seed of the disposable authentication code among the n pieces of transaction information from the transaction server, Stage 1;
A second step of the program of the wireless terminal displaying specified information including n 'pieces of information received from the transaction server on the screen of the wireless terminal;
A third step of confirming whether a program of the wireless terminal is interfaced with a chip of a card designated through NFC (Near Field Communication);
Wherein the program of the wireless terminal comprises at least one piece of information set to be used as a seed of a disposable authentication code to be dynamically generated in the chip of the card among the n 'pieces of information, when the chip of the card designated through the NFC is interfaced, Providing a time value calculated by a timer of the NFC to a chip of an interfaced card through the NFC;
Receiving a dynamically generated disposable authentication code using a plurality of seeds including a time value and the provided information in a chip of the card from a chip of a card interfaced via the NFC; And
And a sixth step of causing the program of the wireless terminal to output the disposable authentication code received from the chip of the card or to transmit the disposable authentication code to the transaction server authenticating the validity of the disposable authentication code. A non - face - to - face transaction authentication method using.
The method according to claim 1,
A deposit bank, a deposit account number, and a deposit amount.
The method of claim 1, wherein the n '
And n 'pieces of information of each individual transaction information included in the n pieces of transaction information or partial information of each individual piece of transaction information.
The method according to claim 1,
Wherein the first step comprises the steps of: when the program of the wireless terminal inquires the designated general ledger system through at least one of the n pieces of transaction information from the transaction server, the m &lt; th &gt; (1? M'? M) pieces of information,
Wherein the second step includes the step of causing the program of the wireless terminal to display designated information including n 'pieces of information and m' pieces of information on a screen of the wireless terminal,
The fourth step may include at least one piece of information set by the program of the wireless terminal to be used as a seed of a disposable authentication code to be dynamically generated in the chip of the card among n 'pieces of information and m' pieces of information, And providing a time value calculated by the non-face transaction authentication method.
5. The system of claim 4,
And a depositing bank side ledger system.
The method as claimed in claim 4,
And the name of the account holder of the deposit account is included in the non-face-to-face transaction authentication method.
The method of claim 4, wherein the m '
And m 'pieces of information of each individual transaction information included in the m pieces of transaction information or partial information of each individual transaction information.
2. The method according to claim 1,
The program of the wireless terminal receiving t (t? 1) pieces of authentication information from the information displayed on the screen of the wireless terminal;
The program of the wireless terminal transmits the input t authentication information to the transaction server to request authentication; And
Further comprising: receiving a result of the program of the wireless terminal authenticating the validity of the t authentication information from the transaction server.

Images