KR20180109021A - Method and System for Providing Certification by using Disposable Reverse Direction Reply Message, and Record Medium - Google Patents

Abstract

The present invention relates to an authentication method using a one-time reverse reply message, which safely authenticates the validity of a service, comprising: a first step of performing a procedure of checking a user mobile phone number, an authentication code, a one-time phone number, and synchronization information; a second step of mapping the user mobile phone number, the authentication code, and the one-time phone number, and maintaining the same for a designated valid time; a third step of processing a security code including the authentication code and the synchronization information to be output; a fourth step of performing a message authentication procedure; a fifth step of performing a code authentication procedure; and a sixth step of generating an authentication result to provide the same for a service server or user terminal.

Description

TECHNICAL FIELD [0001] The present invention relates to an authentication method and system using a disposable reverse reply message, and a recording medium therefor.

The present invention relates to a method and apparatus for transmitting a disposable telephone number based on reply writing of a forward message and a forward message forwarded to a user's wireless terminal via one or more telephone networks by including a disposable telephone number dynamically determined at the time of authentication, Number of the one-time messaging combination of the one-time message combined with the reverse message sent backward through the telephone network from the wireless terminal of the user and the one-time messaging combination characteristic of the one-time message input in the message body area of the reverse reply message corresponding to the reply of the forward message And verifies the validity of the service provided to the user through the separate data network separated from the telephone network by using the disposable authentication code.

There is provided an SMS authentication for generating an authentication number in a server on the Internet, sending an SMS including the authentication number to a user's wireless terminal, and receiving and authenticating the authentication number through a terminal of a user connected to the Internet. However, since the conventional SMS authentication includes the authentication number in the SMS and is forwarded (= forward) to the user's wireless terminal, the SMS authentication can be easily taken by intercepting characters, Since the authentication is performed by inputting a key on the terminal, it includes various problems that can be authenticated by inputting a key through a terminal of a third party rather than a terminal used by an actual user. Accordingly, the Financial Supervisory Service (FSS) recommends the use of the conventional SMS authentication for the additional authentication such as financial transactions, and some banks (for example, NH bank, etc.) have already stopped the conventional SMS authentication service.

Meanwhile, in addition to the SMS authentication for authenticating and forwarding the SMS including the authentication number, the ARS authentication is provided to input and receive the authentication number by dialing the ARS-based phone with the user's telephone. However, such conventional ARS authentication also poses problems such as incoming call control, voice interception, inaccessibility of hearing-impaired persons, restriction of overseas use, and generation of two to three times higher costs than SMS authentication, but there are other alternatives It is a temporary use until now.

As a result, an additional low-cost and safe authentication method is required while eliminating the problems of conventional SMS authentication and ARS authentication. However, the proposed method has technically difficult problems to solve the above-mentioned problems.

An object of the present invention to overcome the above problems is to provide a service providing server that generates a predetermined authentication code when requesting authentication for providing a service from a service server that provides a service designated by a user to a wireless terminal through a data network, The method comprising the steps of: determining a disposable telephone number to be used as a destination number of an uplink message to be received in reply to the forward message, using the forwarding message as a calling number of a forward message to be transmitted to a user's wireless terminal via a separate telephone network separated from the data network; The synchronization information is included in the message body area of the forward message and is synchronized to be outputted through the web / application screen of the wireless terminal, and the mobile phone number of the user is mapped with the generated authentication code and the disposable telephone number, And transmits the disposable telephone number to the user's wireless terminal And simultaneously processes the security code including the authentication code and the synchronization information through the web / app screen of the wireless terminal through a separate data network separated from the telephone network so that the security code and the synchronization information are output The user recognizes the Web / App screen of the wireless terminal based on the reply writing of the forward message from the wireless terminal of the user who has received the forward message and includes the entered authentication code in the message body area, Number of the received reverse-direction message, verifies whether the received reverse-direction message is a reverse-received message in response to a forward message sent to the user's wireless terminal, and authenticates an authentication code included in the message body area of the reverse- To the security code output through the Web / App screen of the wireless terminal And an authentication method for providing a service of the service server, and a recording medium for the authentication method and system using the disposable reverse reply message.

The authentication method using the disposable reverse reply message according to the present invention is a method for interfacing with a service server providing a service designated by a user and exchanging messages with a user's wireless terminal via a telephone network, The method comprising: confirming a mobile phone number of a user at the time of authentication for providing a service of the service server and transmitting a dynamically generated authentication code for providing the service; And a dynamically determined disposable telephone number for use as a called number of a forward message to be transmitted through the telephone network including the mobile telephone number of the user as a called number and as a called number of an uplink message to be received in response to the forward message, Number of the forward message, A step of performing a procedure for checking synchronization information included in the body text area and synchronized to be outputted through a web / application screen of a wireless terminal receiving the forward message, And a second step of mapping the disposable telephone number and maintaining the disposable telephone number for a designated valid period of time. The method of claim 1, further comprising: storing the disposable telephone number as a calling number, And transmits the security code including the authentication code and the synchronization information through the web / application screen of the wireless terminal via a separate data network separated from the telephone network A third step of outputting the forward message, The mobile terminal includes the mobile phone number of the user as a calling number based on reply writing of the forward message from the mobile terminal, the one-time use phone number as a called number, and the security code output from the web / A fourth step of performing a message authentication procedure for authenticating whether the reverse message including the authentication code input in the message body area is validly received via the telephone network by the first message authentication step, A source authentication procedure for authenticating whether a disposable telephone number corresponding to a called number of the uplink message matches a mapped mobile number and an authentication code included in a message body area of the uplink message, A code authentication clause that authenticates whether it matches a verification code And a sixth step of generating an authentication result for providing the service of the service server based on the results of the origination authentication and the code authentication and providing the result of authentication to the service server or the user's wireless terminal .

The authentication method using the disposable reverse reply message according to the present invention is characterized in that the first step is a step of receiving from the number management module for managing N (N? 2) (1 ≤ n ≤ N) is used as the origination number of the forward message and a disposable telephone number to be used as the destination number of the reverse message.

The authentication method using the disposable reverse reply message according to the present invention is characterized in that the first step includes the steps of: N (N > = 2) generated by combining a dynamic number of digits designated by a designated station number managed by the number management module, N) (n is an integer of 1 < / = n < / = N) generated by combining the number of digits of the number of digits specified in the designated station number among the telephone numbers of the And identifying the disposable telephone number to be used as the called number of the telephone number.

In the authentication method using the disposable reverse reply message according to the present invention, in the first step, when the mobile phone number of the user is confirmed, the number N of phone numbers from the number management module managing N (N? 2) (1 ≤ n ≤ N) telephone number that is not duplicated among the mobile phone numbers and has no history mapped to the mobile phone number is used as a calling number of a forward message including the mobile phone number as a called number, And confirming with a disposable telephone number to be used as a destination number of the reverse message included in the number.

In the authentication method using the disposable reverse reply message according to the present invention, in the first step, when the mobile phone number of the user is identified, the dynamic number of the number of digits specified in the designated station number managed by the number management module is set to the designated phone number system (N > = 2), which is generated so as not to be duplicated by combining numbers of digits that are not specified in the designated station number among the N (N > = 2) N) phone number is used as a calling number of a forward message including the mobile number as a called number, and at the same time, using the mobile number as a calling number and a disposable telephone number to be used as a destination number of an uplink message .

In the authentication method using the disposable reverse reply message according to the present invention, the n-th telephone number is a telephone number that is not used as a disposable telephone number for a predetermined period of time out of N telephone numbers, A telephone number which is not reused for a certain period of time after being used as a one-time telephone number among N telephone numbers, a telephone number which is used as a one-time telephone number among N telephone numbers and which has not been reused for the longest period of time And at least one telephone number of the telephone number.

In the authentication method using the disposable reverse reply message according to the present invention, the synchronization information may include information included in service information of the service server, at least a part of information included in the service information, Generated in order to synchronously output the information included in the user information, at least a part of the information included in the user information, the information registered by the user, and the message body area of the forward message, And at least one of the determined information.

In the authentication method using the disposable reverse reply message according to the present invention, the second step may further include storing mapping history information on a mapping relationship between the mobile phone number and the disposable telephone number in a designated DB to manage the mapping history information .

The authentication method using the disposable reverse reply message according to the present invention may further comprise the step of starting counting the effective time for maintaining the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number, Determining whether an effective time for maintaining the mapping relationship has elapsed; and deactivating the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number when the valid time has elapsed.

In the authentication method using the disposable reverse reply message according to the present invention, the security code may include an authentication code to be input to a message body area of the reverse message, or may include an authentication code to be input to the message body area of the reverse message And a combination of arbitrary dummy codes.

The authentication method using the disposable reverse reply message according to the present invention is characterized in that the third step is a step of transmitting synchronization information included in a message body area of a forward message sent to the mobile phone number of the user and a web / And outputting, via the web / app screen of the wireless terminal, instruction information for instructing confirmation of the synchronization state of the synchronization information output through the wireless terminal.

In the authentication method using the disposable reverse reply message according to the present invention, the third step is a step of transmitting the authentication code output through the web / application screen of the wireless terminal to the message body area of the reverse message corresponding to the reply of the forward message And outputting guidance information for instructing the mobile terminal to transmit the guidance information through the Web / App screen of the wireless terminal.

In the authentication method using the disposable reverse reply message according to the present invention, in the third step, the authentication code output from the web / application screen of the wireless terminal to the message body area of the forward message, To the message body region of the reverse message corresponding to the reply of the forward message, and includes guidance information for guiding the user to reply.

In the authentication method using the disposable reverse reply message according to the present invention, in the third step, security information for guiding the user to safely use the forward message sent to the mobile phone number of the user is transmitted to the web / And outputting the result of the comparison.

In the authentication method using the disposable reverse reply message according to the present invention, the security information may include content information for notifying a user that a direction message for authenticating service provision by a designated service provider is sent to the mobile phone number of the user, Content information indicating that a forward message including the content of the message specified in the body area is sent to the mobile phone number of the user, information indicating that the forward message including the disposable phone number as the calling number is sent to the mobile phone number of the user, Content information, and content information.

The authentication method using the disposable reverse reply message according to the present invention is characterized in that the reverse message is a message sent through a telephone network to which the user's wireless terminal is subscribed and the message is sent from a communication company system providing the telephone network of the wireless terminal The mobile terminal verifies whether or not the mobile number actually assigned to the mobile terminal matches the calling number included in the message, and when the mobile number of the mobile terminal matches the calling number of the message, Is received by the disposable telephone number corresponding to the telephone number.

In the authentication method using the disposable reverse reply message according to the present invention, the fourth step includes checking the reverse message received at the designated disposable telephone number, reading out the number system of the origination number of the reverse message, And verifying that the reverse message is a valid message that can be used in the authentication procedure when the origination number of the reverse message is the number system of the mobile phone number.

In the authentication method using the disposable reverse reply message according to the present invention, the fourth step may include: checking a reverse message received at the designated one-time telephone number; and determining a mapping state between the disposable telephone number and the mobile phone number And validating the reverse message as a valid message that can be used in the authentication procedure before the expiration time has elapsed.

In the authentication method using the disposable reverse reply message according to the present invention, when a message is transmitted from a data network via a telephone network, i (i > = 1) inserted codes set to be automatically inserted into the message body area of the message are maintained Analyzing a code included in the message body area of the reverse message received by the disposable telephone number to confirm whether the code includes at least one of the i insertion codes; And authenticating the reverse message as a valid message that can be used in the authentication procedure if the at least one insertion code is not included in the message body area of the reverse message.

In the authentication method using the disposable reverse reply message according to the present invention, j (j > = 1) exception codes, which are not used as authentication codes among codes that can be input in the message body area of the reverse message, And analyzing the code included in the message body area of the reverse message received by the disposable telephone number to confirm whether the j code includes at least one exception code among the j exception codes, And confirming that the reverse message is validly received if the at least one exception code is not included in the message body area of the reverse message.

In the authentication method using the disposable reverse reply message according to the present invention, when at least one exception code is included in the message body area of the reverse message, the message body area of the reverse message And outputting the error information.

In the authentication method using the disposable reverse reply message according to the present invention, the fifth step is a process of outputting the generated error information through the Web / App screen of the wireless terminal when the error of the origin authentication or the code authentication occurs The method comprising the steps of:

The authentication method using the disposable reverse reply message according to the present invention is characterized in that the error information is not transmitted to the user's wireless terminal through the forward message when the error occurs.

The recording medium using the disposable reverse reply message according to the present invention is characterized in that it is computer-readable, characterized by recording a program for executing the method of the first aspect.

The authentication system using the disposable reverse reply message according to the present invention is a system capable of exchanging a message with a user's wireless terminal via a telephone network and capable of interworking with the user's wireless terminal through a separate data network separated from the telephone network A mobile phone number confirmation unit for confirming a mobile phone number of a user, an authentication code confirmation unit for confirming a dynamically generated authentication code for providing a service, a forwarding message including a mobile phone number of the user as a called number, A disposable number identifying unit for identifying a disposable telephone number dynamically determined to be used as a called number of an uplink message to be received in reply to the forward message, The web of the wireless terminal receiving the forward message A mapping maintaining unit for mapping the mobile phone number of the user, the generated authentication code, and the disposable telephone number to maintain the synchronization information for a designated valid time, A message sending unit including a mobile phone number as a called number and including the disposable telephone number as a calling number and processing a forward message including the contents of the message specified in the message body area and the synchronization information to be sent via a designated telephone network, An information output unit for outputting the security code including the authentication code and the synchronization information via a web / app screen of the wireless terminal via a separate data network separated from the wireless network, Based on the reply writing of the forward message from the terminal The mobile terminal includes a mobile phone number of the user as a calling number, a disposable telephone number as a called number, and an authentication code input by a user in a message body area of a security code output through a web / A message authentication unit for authenticating the validity of the received reverse-direction message via the telephone network; a validation unit for verifying the origination number of the reverse-direction message when the reverse-direction message is validly received, And the authentication code included in the message body area of the reverse message is matched with the authentication code mapped to the mobile phone number to authenticate whether the disposable telephone number corresponding to the called party number matches with the mapped mobile phone number, And a code authentication unit On the basis of the result it is characterized in that it comprises a processing unit for providing a result to produce an authentication result for the service provider.

According to the present invention, it is possible to provide a disposable telephone number including a disposable telephone number dynamically determined at the time of authentication as a calling number, a forward message forwarded to a user's wireless terminal via one or more telephone networks, As a destination number, a disposable message combination characteristic of a disposable message combining a reverse message sent backward through a telephone network from the wireless terminal of the user, and a disposable message combining attribute of the disposable message in the message body area of the reverse reply message corresponding to the reply of the forward message There is an advantage that the validity of the service provided to the user can be securely and inexpensively authenticated through the separate data network separated from the telephone network by using the input disposable authentication code.

1 is a diagram illustrating a configuration of an authentication system using a disposable reverse reply message according to an embodiment of the present invention.
FIG. 2 is a diagram illustrating an information confirmation and mapping process for a disposable message-based authentication procedure according to an embodiment of the present invention.
3 is a diagram illustrating a process of sending a forward message via a telephone network and a process of outputting an authentication code via a data network according to an embodiment of the present invention.
4 is a diagram illustrating a process of authenticating the validity of a service provided through a data network using a disposable reverse reply message received via a telephone network according to an embodiment of the present invention.

The operation principle of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention.

In other words, the following embodiments correspond to the preferred embodiment of the preferred embodiment of the present invention. In the following embodiments, a specific configuration (or step) is omitted, or a specific configuration (or step) (Or steps), or an embodiment that incorporates functions implemented in more than one configuration (or step) into any one configuration (or step), a particular configuration (or step) It will be apparent that the present invention is not limited to the embodiments described below. Therefore, it should be clearly stated that various embodiments corresponding to subsets or combinations based on the following embodiments can be subdivided based on the filing date of the present invention.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

1 is a diagram illustrating a configuration of an authentication system using a disposable reverse reply message according to an embodiment of the present invention.

In more detail, FIG. 1 illustrates a method of generating a predetermined authentication code when requesting authentication for a service from a service server 175 that provides a service designated by a user's wireless terminal 170 through a data network, And is used as a calling number of a forward message to be sent to the user's wireless terminal 170 via a separate telephone network separated from the network and determines a one-time telephone number to be used as a called number of a reverse message to be received in response to the forward message And the synchronization information is included in the message body area of the forward message and synchronized to be outputted through the web / application screen of the wireless terminal 170. The synchronization information is mapped to the mobile phone number of the user and the generated authentication code and the disposable telephone number And stores the disposable telephone number as a calling number to the user's wireless terminal 170 via the telephone network And simultaneously processes the security code including the authentication code and the synchronization information through a web / app screen of the wireless terminal 170 through a separate data network separated from the telephone network so that the security code and the synchronization information are output The user recognizes the Web / App screen of the wireless terminal 170 based on the reply writing of the forward message from the wireless terminal 170 of the user receiving the forward message and includes the authentication code input in the message body area Receiving a reverse message including the disposable telephone number as a called number and verifying whether the received reverse message is a reverse received message in response to a forward message sent to the user's wireless terminal 170, The authentication code included in the message body area of the wireless terminal 170 is transmitted to the security co- 1 is a block diagram illustrating a configuration of a system for authenticating a code corresponding to an ID of a service providing server and processing the service by providing authentication for providing a service of the service server 175. As a person skilled in the art, Reference and / or variations may be made to various embodiments of the configuration of the authentication system (e.g., some of the components may be omitted or subdivided or combined), but the invention is not limited to all of the above- And the technical features thereof are not limited only by the method shown in FIG.

The system of the present invention comprises a wireless terminal 170 of a user capable of exchanging messages via at least one telephone network including a mobile telephone network of a mobile communication company, a user's wireless terminal 170 for receiving a designated service, A service server 175 for providing a service designated by the user's wireless terminal 170 through a data network via a separate data network separated from the service provider server 170 and a user's wireless terminal 170 via a telephone network, And an operation server 100 interlocked with the user's wireless terminal 170 through a separate data network separate from the telephone network.

The user's wireless terminal 170 is capable of transmitting and receiving messages via one or more telephone networks including a mobile telephone network of a mobile communication company (e.g., an exchange), and is capable of transmitting and receiving messages through a telephone network including a mobile telephone network A wireless data network (e.g., a data network that connects to the Internet via a separate packet-based router other than the mobile device's congregation, or a data network that connects to the Internet via LTE-based packet based communication) and / or WiFi A mobile phone, a tablet PC, etc., subscribed to a mobile communication company, which can be connected to the Internet through at least one data network among a wireless data network based on short-range wireless communication means such as Bluetooth One can be included.

According to the embodiment of the present invention, the user's wireless terminal 170 transmits a Short Message Service (SMS), an Enhanced Messaging Service (EMS), a Multimedia Message (MMS) message Service, and / or send at least one of SMS, EMS, MMS through the message center. Hereinafter, the present invention will be described with respect to an embodiment in which the message transmitted / received to / from the user's wireless terminal 170 via the telephone network is 'SMS'. However, in the present invention, the embodiment of the message is not limited to 'SMS', and the user's wireless terminal 170 may be connected to the user's wireless terminal 170 via one or more telephone networks including the mobile communication network of the mobile communication company It is evident that any message is included in the scope of the present invention if it is a message that can be transmitted and received.

The service server 175 is connected to a service provider 170 to provide a service designated by the user's wireless terminal 170 through a separate data network separate from the telephone network used for sending and receiving messages to the user's wireless terminal 170. [ Or a web based service using the wireless terminal 170 of the user or installing an application specified in the user's wireless terminal 170 and transmitting the application based service using the application Can be provided. For example, the service server 175 may include a wireless banking server used by a financial institution including a bank to provide a web-based wireless banking service to a user's wireless terminal 170. Alternatively, the service server 175 may include a home trading server used by a financial institution including a securities company to provide a home trading service through a home trading application installed in a user's wireless terminal 170.

According to an embodiment of the present invention, the user's wireless terminal 170 includes a browser for receiving a web-based service from the service server 175, or a browser for receiving an application-based service from the service server 175 You can install specific apps for

The operating server 100 is capable of exchanging messages with the user's wireless terminal 170 via one or more telephone networks and is capable of exchanging messages with the user's wireless terminal 170 through a separate data network separate from the telephone network As a general term for a server side configuration for performing an authentication procedure according to the present invention, the present invention is characterized in that the operating server 100 transmits a channel through which a message is exchanged with the user's wireless terminal 170 via one or more telephone networks, And the service server 175 may be connected to the wireless terminal 170 through the data network, or may be a channel that the operating server 100 interacts with the user's wireless terminal 170 through a separate data network separate from the telephone network, 170 is defined as a 'service channel'. In the present invention, the authentication channel including the telephone network and the service channel including the data network are physically and / or logically separated so as not to interfere with each other.

According to an embodiment of the present invention, a message to be transmitted from the operation server 100 to a user's wireless terminal 170 via an authentication channel including at least one telephone network is defined as a 'forward message' A message to be transmitted from the terminal 170 to a designated telephone number of the operating server 100 via an authentication channel including one or more telephone networks is defined as an 'reverse message'.

Referring to FIG. 1, the operation server 100 includes an authentication request confirmation unit 105 for confirming an authentication request for providing a service of the service server 175, a mobile phone number confirmation unit An authentication code checking unit 115 for checking the authentication code dynamically generated for providing the service, and an authentication code deciding unit 115 for identifying the mobile phone number of the user as an origination number and transmitting the origination number of the forward message to be transmitted through the telephone network A disposable number identifying unit 120 for identifying a disposable telephone number dynamically determined to be used as a destination number of an uplink message to be received in reply to the forward message, A synchronization information confirmation unit 125 for confirming synchronization information to be output through synchronization on the Web / App screen of the wireless terminal 170, And a group generated authorization code and the mapping unit 130 for holding during the effective time specified by mapping the one-time telephone number.

The service server 175 of the service providing organization requests authentication for providing the service while providing the web / application based service to the user's wireless terminal 170 through the service channel including the designated data network, Unit 105 receives authentication request information requesting authentication of the service using a message transmitted and received through an authentication channel including one or more telephone networks separated from the data network by the service server 175. [

According to an embodiment of the present invention, the authentication request information may include interworking information for interworking with a user's wireless terminal 170 through a service channel including a data network in the operation server 100, Service identification information for identifying a service to be provided to the user via the wireless terminal 170 of the user via the wireless terminal 170, user identification information for identifying the user, (E.g., financial transaction information in the case of a wireless banking service, securities transaction information in the case of a home trading service), information on a part of the service information, a mobile phone number of a user identified by the service server 175, An authentication code dynamically generated by the service server 175, a disposable telephone number determined by the service server 175, and synchronization information confirmed by the service server 175 In may include specified information.

Meanwhile, at the time of confirming the authentication request for providing the service of the service server 175 through the authentication request confirmation unit 105, the mobile number identification unit 110 identifies the mobile phone number of the user through the authentication channel via one or more telephone networks, (170) to be used as a calling number of a reverse message to be forwarded through the authentication channel based on a reply write of the forward message in the user's wireless terminal (170) Check your cell phone number.

According to the first mobile phone number identification method of the present invention, the service server 175 receives the mobile phone number from the user through the wireless terminal 170 of the user, or receives the mobile phone number from the service server 175 side (For example, provided in the authentication request information provided to the operation server 100) to the operation server 100, and the mobile phone number check unit 110 may check the mobile phone number of the user And may receive the mobile phone number of the user from the service server 175.

According to the second mobile phone number identification method of the present invention, the mobile phone number identification unit 110 may be connected to the user's wireless terminal 170 through a data network (for example, an authentication request received from the service server 175) (In cooperation with the wireless terminal 170 of the user based on the interworking information included in the information), and receive and receive the user's mobile phone number from the wireless terminal 170 of the user.

According to the third embodiment of the present invention, the service server 175 and the operation server 100 share user information, and the mobile phone number identification unit 110 identifies the mobile phone number (E.g., user identification information included in the authentication request information received from the service server 175), and confirm the mobile phone number of the user by referring to the designated DB on the operation server 100 side.

Meanwhile, at the time of confirming the authentication request for providing the service of the service server 175 through the authentication request confirmation unit 105, the authentication code confirmation unit 115 checks the authentication code dynamically generated for providing the service .

According to the first authentication code checking embodiment of the present invention, the service server 175 may generate a random number authentication code dynamically using a random number generation algorithm, or may include a dynamic seed including a time value or a random number value One or more seeds can be applied to the specified hash algorithm to dynamically generate disposable authorization codes or any combination from arbitrary numbers and / or characters and / or combinations of symbols stored in the database can be selected for dynamic use with disposable authentication codes And may provide the authentication code dynamically generated (or determined) as described above to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100), and the authentication The code verification unit 115 may receive the authentication code from the service server 175. [

According to the second authentication code checking embodiment of the present invention, the authentication code checking unit 115 may dynamically generate a random number authentication code using a random number generating algorithm, or may generate a dynamic seed containing a time value or a random number One or more included seeds may be applied to a specified hash algorithm to dynamically generate a disposable authentication code or to select any combination from a DB that stores any number and / or a combination of letters and / or symbols to generate a disposable authentication code . ≪ / RTI >

On the other hand, upon confirming the authentication request for service provision of the service server 175 through the authentication request confirmation unit 105, the disposable number identification unit 120 may include the mobile phone number of the user as a called number, Is used as a calling number of a forward message to be transmitted to the user's wireless terminal (170) through an authentication channel via the authentication channel, and at the same time, the user's wireless terminal (170) And identifies the dynamically determined disposable telephone number for use as the disposable called number of the reverse message to be dispatched.

According to the first disposable telephone number identification method of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for transmitting and receiving messages via a telephone network And a program code executed in the DB 100 and / or the operation server 100), and the disposable number identification unit 120 identifies the N number of telephone numbers managed by the number management module A first n (1? N? N) telephone number may be selected and used as a calling number of the forward message, and at the same time, a one-time telephone number to be used as a destination number of the reverse message.

According to the embodiment of the present invention, the disposable number identification unit 120 does not duplicate the mobile phone number and other phone numbers among the N phone numbers managed by the number management module, , Unused phone numbers after a specified initialization, unused phone numbers after a specified initialization, phone numbers that have been used more than once as one-time phone numbers and have not been reused for a certain period of time, An nth telephone number including a telephone number that more satisfies at least one condition of at least one of the telephone numbers that have not been reused for a long period of time is selected as a calling number of the forward message and used as a called number of the reverse message You will be able to identify with a disposable phone number.

According to the second disposable telephone number identification embodiment of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for sending and receiving messages via a telephone network And a program code executed in the DB 100 and / or the operation server 100), and when the mobile phone number of the user is confirmed through the mobile phone number checking unit 110, (120) checks the mapping history information of the identified mobile phone number, selects one of N phone numbers managed by the number management module and does not duplicate and has no history mapped with the mobile phone number based on the mapping history information (N) (1? N? N), uses the cell phone number as a calling number of a forward message including the cell phone number as a called number, and includes the cell phone number as a calling number You can see a disposable phone number that will be used as the destination number of the reverse message.

According to the embodiment of the present invention, the disposable number identification unit 120 can identify the disposable number of the user, which is not duplicated with another phone number being mapped to another mobile phone number among the N phone numbers managed by the number management module, A telephone number that is not used as a disposable telephone number for a certain period of time or longer, a telephone number that is not used as a disposable telephone number after a designated initialization, a disposable telephone number that has not been reused for a certain period of time A telephone number, an nth telephone number including a telephone number that more satisfies at least one condition of at least one of a telephone number that has been used more than once and a telephone number that has not been reused for the longest period of time, And can be used as a disposable telephone number to be used as a destination number of the reverse message .

According to the third disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., a program code executed in the operation server 100) capable of generating 22 number of telephone numbers, and the disposable number identification unit 120 identifies the number N N > = 2) telephone numbers are combined and used as the calling number of the forward message by selecting one of n < th > And a disposable telephone number to be used as a destination number of the reverse message.

According to the embodiment of the present invention, the disposable number identification unit 120 does not duplicate the mobile phone number and other phone numbers being mapped among N (N? 2) phone numbers that can be generated through the number management module, A phone number that is not used as a one-time phone number after a specified period of time, a phone number that is not used as a one-time phone number after a specified initialization, a phone number that has not been reused for more than a certain period of time after being used as one- Numbered telephone number including at least one telephone number of a telephone number that has not been reused for a longest period after being used as a number and is used as a calling number of the forward message and is used as a calling number of the reverse message, You can check it by phone number.

According to the fourth disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., program code executed in the operating server 100) capable of generating 22 number of phone numbers, and when the mobile phone number of the user is confirmed through the mobile phone number checking unit 110, The disposable number identification unit 120 checks the mapping history information of the identified mobile phone number and identifies the number N (N > = 2) of phone numbers that can be generated through the number management module, (1 ≤ n ≤ N) telephone numbers that are generated so as not to overlap with each other and have no history mapped to the mobile phone number based on the mapping history information W can be at the same time as yiyongdoem to the calling number of a forward message including the mobile phone number to the called number identified by the one-time telephone number be used as a called number of the reverse message including the mobile phone number as the calling number.

According to the embodiment of the present invention, the disposable number identification unit 120 can identify the disposable number without being duplicated with other phone numbers being mapped to the mobile phone number among N (N? 2) phone numbers that can be generated through the number management module A phone number that is not used as a one-time phone number after a predetermined period, a phone number that is not used as a one-time phone number after a designated initialization, A first telephone number including at least one telephone number of at least one telephone number that has not been reused for a predetermined period or more, a telephone number that has been reused for a longest period after being used as a disposable telephone number at least once, And can be used as a disposable telephone number to be used as a destination number of the reverse message.

According to an embodiment of the fifth disposable telephone number verification method of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, and N telephone numbers managed by the number management module (1? N? N) telephone numbers that are not duplicated among the numbers of the telephone numbers and provide them to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100) The disposable number identification unit 120 receives the n-th telephone number from the service server 175 and uses the received telephone number as a source number of the forward message and identifies the disposable telephone number to be used as a destination number of the reverse message .

According to the embodiment of the present invention, the service server 175 does not duplicate the mobile phone number and other phone numbers being mapped among the N phone numbers managed by the number management module, and uses the same as the disposable phone number for a predetermined period or more Unused phone numbers, unused phone numbers after a specified initialization, unused phone numbers that have been used as one-time disposable phone numbers, unused phone numbers that have not been reused for a certain period of time, The disposable number identification unit 120 may select the nth telephone number including at least one telephone number among the telephone numbers that have not been reused during the service period and may provide the nth telephone number to the operation server 100, And receives the n < th > telephone number and is used as a calling number of the forward message, It can be confirmed by the disposable telephone number to be used.

According to the sixth disposable telephone number confirmation embodiment of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, (N < = 1 < / = n) which is not duplicated among the N telephone numbers managed by the number management module and has no history mapped to the mobile phone number based on the mapping history information. (e.g., provided in the authentication request information provided to the operation server 100) to the operation server 100, and the disposable number identification unit 120 may identify Receives the n-th phone number from the service server 175, uses the mobile phone number as a calling number of a forward message including the mobile number as a called number, and uses the mobile phone number as a calling number, It can be found in a disposable phone number that will be used as a forwarding number.

According to the embodiment of the present invention, the service server 175 may store the history mapped with the mobile phone number of the identified user without overlapping with the mobile phone number and other phone numbers being mapped among the N phone numbers managed by the number management module A telephone number that is not used as a disposable telephone number for a predetermined period or more, a telephone number that is not used as a disposable telephone number after a designated initialization, a telephone number that has been used for one or more disposable telephone numbers for a predetermined period or more, And may provide an n-th telephone number including at least one telephone number of telephone numbers that have not been reused for the longest period of time after being used as one-time telephone numbers to the operation server 100, The confirmation unit 120 receives the n < th > telephone number from the service server 175 and transmits the originating number And a disposable telephone number to be used as a destination number of the reverse message.

According to the seventh disposable telephone number identification example of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (N > = 2) telephone numbers that can be generated by the number management module, wherein the number of N (N > = 2) telephone numbers (1? N? N) telephone numbers which are not included in the authentication request information provided to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100) The disposable number confirmation unit 120 receives the n < th > telephone number from the service server 175 and is used as the origination number of the forward message, and at the same time, You can check with a one-time phone number to be used.

According to the method of the present invention, the service server 175 does not overlap with the mobile phone number and other phone numbers being mapped among N (N? 2) phone numbers that can be generated through the number management module, Phone numbers that are not used as one-off phone numbers, unused phone numbers that have not been used as one-off phone numbers after a specified initialization, phone numbers that have not been reused for more than a certain period of time after being used as one-time phone numbers, And the n-th telephone number including at least one telephone number of the telephone numbers that have not been reused for the longest period after use may be selected and provided to the operating server 100, And receives the n-th telephone number from the service server 175 and is used as a source number of the forward message, You can see a disposable phone number that will be used as the new number.

According to the eighth disposable telephone number identification example of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N ? 2) number, and when the mobile phone number of the user is confirmed, the mobile terminal confirms the mapping history information of the mobile phone number and confirms N (N?) That can be generated through the number management module. (1? N? N), which is generated so as not to be duplicated by combining digits of the number of digits specified in the designated station number among the 2) telephone numbers, and which has no history mapped with the mobile number based on the mapping history information, ) May be selected and provided to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100) The use number confirmation unit 120 receives the n-th phone number from the service server 175 and uses the mobile phone number as a calling number of a forward message including the mobile phone number as a called number, And can be identified by a disposable telephone number to be used as a destination number of a reverse message.

According to an embodiment of the present invention, the service server 175 may receive the mobile phone number of the mobile phone number N (N > = 2) generated by the number management module, , A phone number that is not used as a disposable phone number for a certain period of time or longer, a phone number that is not used as a disposable phone number after a designated initialization, or a disposable phone number that is used more than once and is not reused for a certain period of time A first telephone number including at least one telephone number of a telephone number that has not been reused for a longest period of time after being used as a disposable telephone number at least once, and may provide the selected telephone number to the operation server 100 , The disposable number identification unit 120 receives the n-th telephone number from the service server 175 and transmits the forward message The arcs can be identified yiyongdoem and at the same time to a one-off phone number be used as a called number of the reverse message.

On the other hand, upon confirmation of the authentication request for providing the service of the service server 175 through the authentication request confirmation unit 105, the synchronization information confirmation unit 125 may include the mobile phone number of the user as a called number, The number is included in the message body area of the forward message to be forwarded through the authentication channel including the one or more telephone networks, and is included in the message body area of the forward message via the web / application screen of the user's wireless terminal 170 Synchronization Confirm synchronization information to be output.

According to an embodiment of the present invention, the synchronization information confirmation unit 125 may include information included in the service information provided by the service server 175, at least a part of information included in the service information, The information included in the user information, at least a part of the information included in the user information, the information registered by the user, the message body area of the forward message, and the web / app screen of the wireless terminal 170 Or synchronization information including at least one of information dynamically generated or determined.

The mobile phone number of the user to be used as the destination number of the forward message to be forward transmitted to the user's wireless terminal 170 is confirmed through the mobile number identification unit 110, And is used as a calling number of a forward message to be forwarded to the user's wireless terminal 170 through the one-time-use number identifying unit 120, and at the same time, is received as a reply to the forward message When the disposable telephone number to be used as the destination number of the reverse message is identified, the mapping storage unit 130 maps the mobile phone number of the user, the generated authentication code, and the disposable telephone number to a designated medium Memory area, etc.).

According to an embodiment of the present invention, the mapping unit 130 stores and maintains the mobile phone number, the authentication code, and the disposable telephone number of the user in a designated medium for a specified valid time, The mobile phone number, the authentication code, and the disposable telephone number are mapped and stored in the designated medium, and at the same time, the effective time for maintaining the mapping relationship between the mobile number, the authentication code, and the disposable telephone number is counted. It is preferable to maintain a state in which the mobile phone number, the authentication code, and the disposable telephone number are mapped to the medium. On the other hand, after the mobile phone number, the authentication code, and the disposable telephone number are mapped and stored in the designated medium, the mapping storage unit 130 determines whether the effective time for maintaining the mapping relationship has elapsed. It is desirable to deactivate the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number.

According to the embodiment of the present invention, the mapping unit 130 maps the mobile phone number, the authentication code, and the disposable phone number to a designated medium, and stores the mobile phone number, the disposable phone number, The mapping history information including the mapping relationship of the mapping of the mapping information to the mapping database is stored and managed in the designated DB. The mapping history information may then be used to avoid cases where the mobile number is mapped to the same or similar disposable telephone number.

Referring to FIG. 1, the operation server 100 includes the mobile phone number of the user as a called number, the disposable telephone number as a calling number, a forward message including the message content specified in the message body area, A message sending unit 135 for sending a message via a designated telephone network, a message sending unit 135 for sending a message via the web / app screen of the wireless terminal 170 via a separate data network separate from the telephone network, And an information output unit 140 for outputting the security code and the synchronization information.

When the mapped mobile phone number, the generated authentication code, and the disposable telephone number are mapped on the medium designated by the mapping holding unit 130, the message sending unit 135 transmits the mobile phone number of the user to the called number (For example, this message is a message sent for authentication related to the service information output on the web / application screen of the wireless terminal 170), and includes the disposable telephone number as the calling number And / or a message indicating that authentication is to be performed through reply of this message, and / or an authentication code output on the web / application screen of the wireless terminal 170, Content, etc.).

According to the embodiment of the present invention, the message sending unit 135 transmits the authentication code output through the Web / App screen of the wireless terminal 170 to the message body area of the forward message, A forward message may be constructed which further includes guidance information for inputting and returning to the message body area of the reverse message.

Meanwhile, the message sending unit 135 may form a forward message including the synchronization information confirmed through the synchronization information confirmation unit 125 in the message body area of the forward message.

If the forwarding message including the mobile phone number of the user as the destination number and the disposable telephone number as the calling number and including the message body is configured, the message sending unit 135 transmits the forwarding message to the designated sending-side telephone network (E.g., a telephone network used by the server 100 to send a message such as an SMS), and the forward message is transmitted through the sending-side telephone network to the mobile phone number of the user And is received by the user's wireless terminal 170 through an authentication channel via a message center provided in the mobile communication network of the corresponding mobile communication company.

If the mobile telephone network of the mobile communication company corresponding to the mobile telephone number of the sender-side telephone network is the same telephone network, the forward message is transmitted to the user's wireless terminal via the authentication channel including the mobile telephone network corresponding to the mobile telephone number of the user (170). If the sending-side telephone network and the mobile telephone network of the mobile communication company corresponding to the mobile telephone number of the user are different kinds of telephone networks, the forward message is sent through the sending-side telephone network and the designated standard (for example, The standard for interworking, etc.), and is received by the user's wireless terminal 170 via the message center to the mobile telephone network after being transmitted to the mobile telephone network of the mobile communication company corresponding to the mobile telephone number of the user.

On the other hand, if the mobile phone number of the user, the generated authentication code, and the disposable telephone number are mapped on the designated medium, the information output unit 140 may transmit the service code including a separate data network, And outputs the security code including the authentication code through the web / application screen of the wireless terminal 170. [

According to the first security code embodiment of the present invention, it is preferable that the security code includes the authentication code confirmed by the authentication code checking unit 115, / App screen and then input to the message body area of the reverse message corresponding to the reply of the forward message sent to the user's wireless terminal 170. [ For example, if the authentication code confirmed by the authentication code checking unit 115 is '12', the security code may include '12', '12' is a message body area of the reverse message Lt; / RTI >

According to the second security code embodiment of the present invention, the security code may include a code combination obtained by combining an authentication code and an arbitrary dummy code, which are identified through the authentication code checking unit 115, in a designated code structure, The dummy code includes any code that is output through the Web / App screen of the wireless terminal 170 but is not input into the message body area of the reverse message. For example, if the authentication code confirmed by the authentication code checking unit 115 is '12' and the dummy code is '34', the security code may be '1234' concatenating '12' and '34' '12' is input to the message body region of the reverse message, and '34' may not be inputted to the message body region of the reverse message.

According to an embodiment of the present invention, the information output unit 140 may receive the service information and the service information through a Web / App screen of the wireless terminal 170 through a service channel including a separate data network separated from the telephone network, Or outputting the security code to the service information related screen being output through the web / application screen of the wireless terminal 170. [

According to the embodiment of the present invention, the information output unit 140 processes the security code to output the security code through the web / application screen of the wireless terminal 170, And output the synchronization information through a screen.

According to the embodiment of the present invention, the synchronization information confirmed by the synchronization information confirmation unit 125 is included in the message body area of the forward message sent to the user's mobile phone number through the message sending unit 135, When the synchronization information is outputted to the web / application screen of the wireless terminal 170, the information output unit 140 outputs the synchronization information through the Web / App screen of the imaginary wireless terminal 170 , An instruction to confirm that the synchronization information output through the Web / App screen of the wireless terminal 170 is in a synchronization state matching with the synchronization information included in the message body area of the forward message received by the user's wireless terminal 170 And to output the instruction information through the web / application screen of the wireless terminal 170. For example, if the synchronization information is 'xx', 'xx' is included in the message body area of the forward message and 'xx' is also output to the web / application screen of the wireless terminal 170, Unit 140 transmits instruction information for instructing the mobile terminal 170 to confirm whether 'xx' outputted on the web / application screen of the wireless terminal 170 is included in the message body area of the forward message received by the user's wireless terminal 170 And output it through the web / application screen of the wireless terminal 170. [ In this case, the user confirms whether the synchronization information included in the message body area of the forward message is synchronized with the synchronization information output through the web / application screen of the wireless terminal 170, The authentication code output through the Web / App screen can be input to the message body area of the reverse message corresponding to the reply of the forward message.

According to the embodiment of the present invention, the information output unit 140 inputs the authentication code output through the web / application screen of the wireless terminal 170 into a message body area of a reverse message corresponding to the reply of the forward message And output it through the Web / App screen of the wireless terminal 170. [0157]

If the security code including the authentication code is output through the Web / App screen of the wireless terminal 170, the information output unit 140 outputs the security code including the authentication code to the wireless terminal 170 in response to the forward message received by the user's wireless terminal 170 And transmits the authentication code output on the web / application screen of the wireless terminal 170 to the message body area of the corresponding reverse message, And output it. For example, when the security code including the authentication code '12' is outputted through the web / application screen of the wireless terminal 170, the information output unit 140 outputs the security code including the authentication code ' The wireless terminal 170 forms the guide information to guide the user to input and return the two-digit number being output on the screen to the message body area of the reverse message corresponding to the reply of the forward message received by the user's wireless terminal 170, ) Through the Web / App screen.

Meanwhile, when a security code in which a combination of an authentication code and an arbitrary dummy code is outputted through the web / application screen of the wireless terminal 170 is output, a security code output from the web / And transmits guidance information to the mobile terminal 170 to configure the guidance information to be input to the message body region of the reverse message corresponding to the reply of the forward message received by the user's wireless terminal 170, And output it through the Web / App screen. For example, when a security code including '1234', which is a combination of an authentication code '12' and an arbitrary dummy code '34', is outputted through the web / application screen of the wireless terminal 170, Corresponding to the reply of the forward message received by the wireless terminal 170 of the user, the number corresponding to the first two digits included in the security code being output to the web / application screen of the wireless terminal 170 It is possible to configure the guidance information to be inputted into the message body area of the reverse message and to guide the reply, and output the guidance information through the web / application screen of the wireless terminal 170.

Meanwhile, according to another embodiment of the present invention, the guide information may be included in a message body area of a forward message sent to the user's wireless terminal 170. In this case, A mobile phone number of a user is included as a called number, the disposable telephone number is included as a calling number, and a forward message including the guidance information is formed in a message body area so as to be transmitted through an authentication channel via one or more telephone networks Can be processed.

According to the embodiment of the present invention, since the forward message including the content of the message designated by the mobile number of the user is to be sent or sent, the information output unit 140 may transmit the relief information inducing the forward message to use safely And output the web page through the web / application screen of the wireless terminal 170. [ Here, the security information may include content information indicating a user that a direction message for authenticating service provision by a designated service provider is sent to the mobile phone number of the user, a forward message including content of a message specified in the message body area, Content information indicating at least one of (or a combination of) the content information indicating that the forward message including the disposable telephone number is transmitted to the mobile phone number of the user, . ≪ / RTI > This allows the user to use the forward message received by his / her wireless terminal 170 with confidence.

Referring to FIG. 1, the operation server 100 includes the mobile phone number of the user as a calling number based on the reply writing of the forward message from the mobile terminal 170 of the user who has received the forward message, A reverse message including the authentication code input by the user in the message body area of the security code output through the web / application screen of the wireless terminal 170 including the disposable telephone number as the destination number is received via the telephone network A message reception unit 145 for receiving the reverse message received via the telephone network and confirming the reverse message received via the telephone network, and a reverse valid message receiving unit for receiving the reverse message from the user's wireless terminal 170 via the at least one telephone network, And a message authentication unit 150 for performing a message authentication procedure for authenticating the message.

The user who owns the mobile terminal 170 corresponding to the mobile number identifies the contents of the message included in the message body area of the forward message received by the mobile terminal 170 of his / Check the security code displayed on the web / app screen.

If predetermined synchronization information is included in the message body area of the forward message received by the user's wireless terminal 170 and predetermined synchronization information is outputted through the Web / App screen of the wireless terminal 170, It is possible to check whether the synchronization information included in the message body area and the synchronization information output through the web / application screen of the wireless terminal 170 are in a synchronized state. If the synchronization information is synchronized, Reply the reverse message corresponding to the reply.

(Or both) of the message body region of the forward message received by the user's wireless terminal 170 and the web / application screen of the wireless terminal 170, 170, and a guide message for guiding the user to input the authentication code output through the Web / App screen of the mobile communication terminal 170 into the message body area of the reverse message corresponding to the reply of the forward message, (For example, an authentication code guided to enter through the guidance information among the security codes output through the web / application screen of the wireless terminal 170) output through the web / application screen of the terminal 170, A security code output via the web / application screen of the wireless terminal 170 in the message body area of the reverse message based on the reply writing of the forward message received by the user's wireless terminal 170 It may reply to provide a verification code corresponding to the guide information. In the case where the user's wireless terminal 170 is a smart phone, among the security codes outputted through the web / application screen of the wireless terminal 170 through reply writing as in the example of FIG. 1, Can be input and returned.

According to an embodiment of the present invention, the reverse message is sent backward from the user's wireless terminal 170 on the basis of the reply message of the forward message, automatically including the mobile phone number of the user as a calling number, As a destination number, and includes the entered authentication code in the message body area.

The present invention may include a forward message including the disposable telephone number as a calling number and including the user's mobile phone number as a called number to the user's wireless terminal 170 and a user's wireless terminal 170 as a reply to the forward message And the combination of the reverse message including the mobile phone number of the user as a calling number and the disposable telephone number as a called number is used for the authentication procedure of the present invention based on the disposable telephone number and the message reply structure, A forward message including the disposable telephone number as a calling number is defined as a disposable forward message, and the forward message is defined as a reverse message from the user's wireless terminal 170 as a reply to the forward message, Send outgoing messages as one-time reverse reply messages It can of.

According to the embodiment of the present invention, the reverse message is a message sent backward from the user's wireless terminal 170 based on the reply write of the forward message, and is simultaneously transmitted from the user's wireless terminal 170, The terminal 170 is transmitted to the subscribed communication company system. The communication company system checks the device information of the wireless terminal 170 that has sent the uplink message and the mobile phone number actually assigned to the wireless terminal 170 by referring to the DB managing the communication terminal subscribed to the wireless terminal 170, The wireless terminal 170 that has transmitted the reverse message verifies that it is the wireless terminal 170 corresponding to the communication terminal that is subscribed to the wireless terminal 170, (I.e., a mobile phone number actually assigned to the mobile terminal 170 that has transmitted the reverse message and a reverse mobile phone number in the reverse direction) Verifying whether the origination number included in the message is matched). If the cellular phone number of the wireless terminal 170 and the origination number of the reverse message coincide with each other, the communication company system relays the reverse message to be delivered to the disposable telephone number corresponding to the called number included in the reverse message . For example, if a hacker has a clone phone replicating the user's wireless terminal 170, there is a possibility that the forward message will be received by the clone phone in addition to the user's valid wireless terminal 170 , And the reverse message transmitted backward from the clone phone can be blocked by the communication company system.

The message receiver 145 includes the mobile phone number of the user as a calling number based on the reply writing of the forward message from the mobile terminal 170 of the user who has received the forward message and transmits the disposable phone number as a called number And receives a reverse message including the authentication code input by the user in the message body area from the security code output through the web / application screen of the wireless terminal 170 via the telephone network or a separate message server (Not shown).

When the reverse message is received (or confirmed) via the message receiver 145, the message authenticator 150 receives the reverse message from the user's wireless terminal 170 via one or more telephone networks and is valid as a designated one- And performs a message authentication procedure to authenticate whether the received message is a valid reverse message.

According to the first message authentication embodiment of the present invention, the message authentication unit 150 reads the number system of the origination number of the reverse message received (or confirmed) through the message receiver 145, Check if it is a numbering system. According to the embodiment of the present invention, since the reverse message received (or confirmed) through the message receiver 145 is a message received in the reverse direction with the reply of the forward message sent to the user's wireless terminal 170, The calling number must be the mobile number of the user. However, a message (for example, an SMS or the like) via the telephone network can not be transmitted only by the wireless terminal 170, but may be a wired telephone connected to a wired telephone network, an Internet telephone or a VoIP phone based on the Internet network, Via the gateway to the designated gateway. The message authenticator 150 checks whether the number system of the origination number of the reverse message is a number system of the mobile phone number. If the origination number of the reverse message is identified as the number system of the mobile phone number, Authenticate with a valid message available for the authentication procedure, or otherwise automatically discard the reverse message. According to an embodiment of the present invention, when a reverse message is transmitted from a wireless terminal 170 subscribed to the wireless terminal 170, the communication company system to which the wireless terminal 170 is subscribed, 170 and the originating number of the uplink message are identical to each other, and if it is verified, the corresponding uplink message is relayed to the receiver. Therefore, if the originating number of the uplink message is a mobile number, The calling party may be regarded as the actual wireless terminal 170. [ According to the embodiment of the present invention, if a communication company subscribed to a fixed line telephone, an internet telephone, a VoIP phone, etc., other than the mobile communication company to which the mobile terminal 170 is subscribed also verifies the calling number of the reverse message, An Internet telephone, a VoIP phone, etc. In this case, the message authentication unit 150 may determine whether the origination number of the reverse message is a wired telephone, an Internet telephone, Phone, or VoIP phone, and the present invention is not limited thereto.

According to the second message authentication embodiment of the present invention, the message authentication unit 150 identifies the disposable telephone number corresponding to the called number of the reverse message received (or confirmed) through the message receiver 145, It is confirmed whether or not the effective time for maintaining the mapping state of the disposable telephone number and the mobile phone number that received the reverse message has elapsed or has passed. According to the method of the present invention, the message authenticator 150 may read the effective time counted and mapped with the disposable telephone number that received the reverse message to check whether the valid time is before or after the effective time elapses . If the validity time has not elapsed, the message authentication unit 150 can authenticate the uplink message with a valid message that can be used in the authentication procedure. Otherwise, the message authentication unit 150 can automatically discard the uplink message.

According to the third message authentication embodiment of the present invention, when the message authentication unit 150 sends a message via the telephone network in the data network, the message authentication unit 150 may transmit i (i 1) You can keep the embedded code. Preferably, the i inserted codes are transmitted to a server on the data network (for example, a message provided in the operating server 100 of FIG. 1) rather than a terminal on the telephone network (for example, the wireless terminal 170 subscribed to the mobile telephone network) (E.g., '[', 'Web (135), etc.), a code set to be automatically inserted into a message body area of a message sent via a telephone network on the data network when a message is sent via a telephone network ',' web ',' WEB ',' web ','] '. Meanwhile, when the mobile phone number is included as a calling number through the message receiver 145 and a reverse message including a disposable telephone number as a destination number is received (or confirmed), the message authentication unit 150 transmits the reverse- (Or verified) through the receiver 145 to determine whether it contains at least one embedded code of the i embedded codes. If the message authentication unit 150 does not include at least one embedded code in the message body area of the uplink message, the message authentication unit 150 determines that the uplink message is not transmitted via the telephone network on the data network, (E.g., the mobile terminal 170 subscribed to the mobile telephone network), the mobile terminal can authenticate the reverse message as a valid message available for the authentication procedure, and if not, the reverse message can be automatically discarded.

Meanwhile, when at least one embedded code is included in the message body region of the reverse message, the message authenticator 150 transmits the reverse message to the web / application of the wireless terminal 170 corresponding to the reverse message, (E.g., a Web / App screen of the wireless terminal 170 matched with the mobile number, which is the calling number of the uplink message, or a web / application screen of the mobile terminal 170 matched with the disposable telephone number, / App screen) and output error information on the message body area of the reverse message through the web / application screen of the wireless terminal 170. [ However, when a forward message including error information generated by including an insertion code specified in a message body area of the reverse message is sent to the user's wireless terminal 170, a cost for sending a message via the telephone network is additionally generated, If the hacker has a clone phone replicating the user's wireless terminal 170, it is possible to recognize the occurrence of an error in the cloned phone, so that it is not possible to send error information on the message body area of the uplink message as a forward message desirable.

According to the fourth message authentication embodiment of the present invention, the message authentication unit 150 receives the message body area of the reverse message through key input means (for example, a key button, a touch screen, etc.) designated by the user's wireless terminal 170 (J > = 1) exception codes so that they can not be used as authentication codes among the input codes. For example, when the authentication code is composed of only digits including '1' to '9' and '0', the message authenticator 150 may generate a code that can be input through the key input unit of the wireless terminal 170 J " exception codes including codes such as all the characters except for the numbers including '1' to '9' and '0' and symbols (including spaces such as 'space bar'). If the authentication code includes numbers and alphabetic characters including '1' to '9' and '0', the message authentication unit 150 can input You can keep j exception codes that contain codes such as all the characters and symbols except for the numbers in the code and the English alphabet. If the authentication code includes a number including '1' to '9' and '0' and a Hangul word, the message authentication unit 150 can input You can maintain j exception codes that contain code such as all the characters and symbols except for numbers and Hangul vowels. Meanwhile, when the mobile phone number is included as a calling number through the message receiver 145 and a reverse message including a disposable telephone number as a destination number is received (or confirmed), the message authentication unit 150 transmits the reverse- (Or verified) through the receiver 145 to determine whether it contains at least one exception code among the j exception codes. If the message authentication unit 150 does not include at least one exception code in the message body region of the uplink message, the message authentication unit 150 receives the authentication code in the message body region of the uplink message from the user's wireless terminal 170 It is possible to authenticate the reverse message as a valid message that can be used in the authentication procedure without regard to an input error and consider that an input error has occurred in the reverse message and to automatically discard the reverse message.

According to the embodiment of the present invention, when at least one exception code is included in the message body area of the uplink message, the message authentication unit 150 transmits the message to the web / (E.g., a Web / App screen of the wireless terminal 170 matched with the mobile number, which is the calling number of the uplink message, or a web / application screen of the mobile terminal 170 matched with the disposable telephone number, / App screen) and output error information on an input error occurring in the authentication code included in the message body area of the reverse message through the web / application screen of the wireless terminal 170. However, when a forward message including error information for an input error including an exception code specified in a message body area of the reverse message is sent to the user's wireless terminal 170, a cost for sending a message via the telephone network is added And if the hacker has a clone phone in which the user's wireless terminal 170 is cloned, it is possible to recognize the occurrence of an error in the clone phone, so that error information on the message body area of the uplink message is transmitted as a forward message It is preferable not to send it, but the present invention is not limited thereto.

According to the fifth message authentication embodiment of the present invention, the message authenticator 150 may be configured to at least partially combine at least two embodiments among the first through fourth message authentication embodiments to generate the reverse message Authenticating with a valid message available for the authentication procedure, and thus the present invention is not limited thereto.

Referring to FIG. 1, when the reverse message is validly received, the operation server 100 checks the origination number of the reverse message and matches the disposable telephone number corresponding to the called number of the reverse message with the mapped mobile number A source authentication unit 155 for performing an origin authentication process for authenticating whether the mobile phone number matches an authentication code mapped to the mobile phone number and a verification code included in a message body area of the reverse message, And generates an authentication result for providing the service of the service server 175 based on the result of the origination authentication and the code authentication and transmits the authentication result to the service server 175 or the user's wireless terminal 170, And a result processing unit 165 for providing the result to the user.

When the validity of the uplink message is authenticated through the message authentication unit 150, the originating authentication unit 155 identifies the origination number of the uplink message, and transmits a designated medium for maintaining the information registered in the medium holding unit After confirming the disposable telephone number corresponding to the called number of the reverse message and the mapped mobile number, authenticates whether the calling number of the reverse message matches the mobile number confirmed through the designated medium. Meanwhile, according to another embodiment of the present invention, the originating authentication unit 155 identifies the disposable telephone number corresponding to the called number of the uplink message, and transmits the backward- After confirming the mobile telephone number corresponding to the origination number of the message and the disposable telephone number mapped, authenticate whether the called number of the reverse message matches the disposable telephone number confirmed through the designated medium, The origination authentication procedure is substantially the same as the authentication procedure for checking and comparing the mobile phone number mapped with the disposable phone number corresponding to the called number of the reverse message through the designated medium. According to an embodiment of the present invention, it is preferable that the designated medium effectively maintains the mapping relationship between the disposable telephone number and the mobile phone number only for a designated valid time, and after the expiration of the effective time, Even if the phone number and the mapped mobile number are not confirmed or even confirmed, the disposable number may be mapped to another mobile number.

According to the embodiment of the present invention, when the valid mobile phone number is not confirmed through the designated medium or if the originating number of the reverse message does not match the mobile phone number confirmed through the designated medium, App screen of the wireless terminal 170 corresponding to the uplink message (e.g., a Web / App screen of the wireless terminal 170 matched with the mobile number, which is the calling number of the uplink message, or a web / App screen of the wireless terminal 170 matched with the disposable telephone number as the called number) and to output the error information for the outgoing authentication through the Web / App screen of the wireless terminal 170 have. However, when a forward message including error information on the originating authentication is sent to the user's wireless terminal 170, a cost for sending a message via the telephone network is additionally generated, and when a hacker transmits a message to the user's wireless terminal 170, It is preferable not to send the error information of the origination authentication in the forward message, but the present invention is not limited thereto.

When the validity of the uplink message is authenticated through the message authenticator 150, the code authenticator 160 checks the authentication code included in the message body area of the uplink message, And / or the authentication code mapped to the disposable telephone number corresponding to the called number of the reverse message, and then transmits the message of the reverse message And performs a code authentication procedure for authenticating whether an authentication code included in the body area matches an authentication code confirmed through the designated medium. According to the method of the present invention, it is preferable that the designated medium effectively maintains the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number only for a designated valid time, The authentication code mapped to the mobile phone number or the authentication code mapped to the disposable telephone number is not confirmed. Even if the mobile phone number or the disposable phone number is confirmed, the mobile phone number or the disposable phone number may be mapped to the authentication code of another authentication procedure have.

According to the embodiment of the present invention, when a valid authentication code is not confirmed through the designated medium or an authentication code included in the message body area of the reverse message does not match the authentication code confirmed through the designated medium, The code authentication unit 160 checks the Web / App screen of the wireless terminal 170 corresponding to the uplink message (for example, the web / app screen of the wireless terminal 170 matched with the mobile number, (Or a Web / App screen of the wireless terminal 170 matched with the disposable telephone number, which is the destination number of the reverse message), and transmits error information on the code authentication through the web / To be output. However, when a forward message including error information on the code authentication is sent to the user's wireless terminal 170, a cost for sending a message via the telephone network is additionally generated, and when a hacker transmits a message to the user's wireless terminal 170, It is preferable not to send the error information of the code authentication to the forward message, but the present invention is not limited thereto.

The result processing unit 165 confirms the result of the outgoing authentication performed by the outgoing authentication unit 155 and verifies the result of the code authentication performed by the code authentication unit 160, The result of the code authentication is ANDed to generate authentication result information for providing the service of the service server 175 and provides the generated authentication result information to the service server 175 and / 170, and outputs it through the web / application screen of the wireless terminal 170.

When the generated authentication result information is provided to the service server 175 or the user's wireless terminal 170, the result processing unit 165 transmits the generated authentication result information to the mapping unit 130 through the mapping unit 130, (Or deactivates) the mapping relationship of the disposable telephone number so that the third party (or hacker) intercepts the attempt to abuse the mapping relationship regardless of the remaining time of the validity time maintaining the mapping relationship .

FIG. 2 is a diagram illustrating an information confirmation and mapping process for a disposable message-based authentication procedure according to an embodiment of the present invention.

In more detail, FIG. 2 shows a case where a user's mobile phone number is confirmed at the time of authentication for providing a service, a dynamically generated authentication code is confirmed for providing the service, and the mobile phone number of the user is included as a called number, The method comprising the steps of: identifying a dynamically determined disposable telephone number for use as a calling number of a forward message to be forwarded and for use as a forwarding number of an uplink message to be received in reply to the forward message; After confirming the synchronization information to be output through the web / application screen of the wireless terminal 170 receiving the forward message, the mobile terminal 170 maps the mobile phone number of the user, the generated authentication code and the disposable telephone number, The present invention is not limited thereto, Those skilled in the art will be able to refer to and / or modify Figure 2 to infer various implementations of the process (e.g., omitting some of the steps or changing the order) However, the present invention includes all of the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

Referring to FIG. 2, a user's wireless terminal 170 requests (200) a service designated by a service server 175 of a service providing organization via a data network through a designated web / Checks the designated service request from the wireless terminal 170 of the user via the data network 205 and checks the service information necessary for providing the requested service through the data network. For example, if the service providing organization is a bank, the service server 175 is a wireless banking server, and the service request is a money transfer request, the service server 175 transmits The user can confirm the transfer information for the account transfer by communicating through the data network (210). If the service information for providing the service is not confirmed, the service server 175 further performs a process of communicating with the user's wireless terminal 170 through the data network to check service information for providing the service (210).

Meanwhile, when the service information for providing the service is confirmed, the service server 175 confirms whether to perform the authentication using the disposable message according to the present invention for providing the service using the confirmed service information (215). If authentication using the disposable message is not required for providing the service, the service server 175 performs a procedure for providing a service using the service information to the user's wireless terminal 170 through the data network (220). The user's wireless terminal (170) performs a procedure of receiving a service via the data network from the service server (175) through a web / application screen (225).

Meanwhile, when authentication using the disposable message is to be performed for providing the service, the service server 175 configures the authentication request information including the service information and provides the authentication request information to the designated operation server 100 (230) The operation server 100 receives the authentication request information from the service server 175, and determines whether authentication for the service provision is requested (235).

When the authentication request for service provision of the service server 175 is confirmed, the operating server 100 is used as a destination number of a forward message to be transmitted to the user's wireless terminal 170 through an authentication channel via one or more telephone networks, At the same time, the mobile terminal 170 of the user confirms the mobile phone number of the user to be used as the originating number of the reverse message to be transmitted in the reverse direction through the authentication channel based on the reply write of the forward message.

According to the first mobile phone number identification method of the present invention, the service server 175 receives the mobile phone number from the user through the wireless terminal 170 of the user, or receives the mobile phone number from the service server 175 side And the operation server 100 may receive the mobile phone number of the user from the service server 175 in operation 240.

According to the second mobile phone number identification method of the present invention, the operation server 100 may communicate with the user's wireless terminal 170 through the data network (for example, the authentication request information received from the service server 175) The mobile terminal 170 may receive and receive the mobile phone number of the user from the mobile terminal 170 of the user (in cooperation with the mobile terminal 170 of the user based on the included interworking information).

According to the third embodiment of the present invention, the service server 175 and the operation server 100 share the user information, and the operation server 100 receives the identifier (E.g., user identification information included in the authentication request information received from the service server 175), the mobile phone number of the user can be confirmed 240 by referring to the designated DB on the operation server 100 side.

Meanwhile, at the time of confirming the authentication request for providing the service of the service server 175, the operating server 100 confirms the authentication code dynamically generated for providing the service (245).

According to the first authentication code checking embodiment of the present invention, the service server 175 may generate a random number authentication code dynamically using a random number generation algorithm, or may include a dynamic seed including a time value or a random number value One or more seeds can be applied to the specified hash algorithm to dynamically generate disposable authorization codes or any combination from arbitrary numbers and / or characters and / or combinations of symbols stored in the database can be selected for dynamic use with disposable authentication codes And may provide the authentication code dynamically generated (or determined) as described above to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100), and the operation The server 100 may receive the authentication code from the service server 175 (245).

According to the second authentication code checking embodiment of the present invention, the operation server 100 may generate a random number authentication code dynamically using a random number generation algorithm, or may include a dynamic seed including a time value or a random number value One or more seeds can be applied to the specified hash algorithm to dynamically generate disposable authorization codes or any combination from arbitrary numbers and / or characters and / or combinations of symbols stored in the database can be selected for dynamic use with disposable authentication codes (245).

On the other hand, upon confirmation of the authentication request for providing the service of the service server 175, the operation server 100 may include the mobile phone number of the user as a called number, 170 as a source number of a forward message to be forwarded and at the same time to use as a disposable forwarding number of a reverse message to be forwarded in the reverse direction through the authentication channel based on reply writing of the forward message at the user's wireless terminal 170 The dynamically determined disposable telephone number is identified 250.

According to the first disposable telephone number identification method of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for transmitting and receiving messages via a telephone network And a program code executed in the DB 100 and / or the operation server 100). In this case, the operation server 100 selects one of the N telephone numbers managed by the number management module, which is not duplicated, and uses the telephone number as a calling number of the forward message And may be identified by a disposable telephone number to be used as a destination number of the reverse message (250).

According to the second disposable telephone number identification embodiment of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for sending and receiving messages via a telephone network And a program code executed by the operation server 100. When the mobile phone number of the user is confirmed through the operation server 100, the operation server 100 ) Confirms the mapping history information of the identified mobile phone number, and determines whether or not any of the N phone numbers managed by the number management module is not duplicated and the n < th > (1 < / = N < / = N), selects the phone number, uses the cell phone number as a calling number of a forward message including the cell phone number as a called number, I can see a disposable phone number that will be used as the destination number of messages (250).

According to the third disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., a program code executed in the operating server 100) capable of generating? 2? Number of telephone numbers. In this case, the operation server 100 generates a non-overlapping n (n) number of N (N > = 2) telephone numbers generated by combining the non- 1 ≤ N ≤ N) is selected and used as a calling number of the forward message and can be confirmed as a disposable telephone number to be used as a destination number of the reverse message.

According to the fourth disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., a program code executed in the operating server 100) capable of generating a phone number of > = 2). When the mobile phone number of the user is confirmed through the operating server 100, The operation server 100 confirms the mapping history information of the identified mobile phone number, and selects a combination of N (N > = 2) phone numbers that can be generated through the number management module, (1 ≤ n ≤ N) phone numbers which are generated so as not to overlap with each other and have no history mapped to the mobile phone number based on the mapping history information, You can check the daepon number to the calling number of a forward message including a called number at the same time as a disposable yiyongdoem phone number be used as a called number of the reverse message including the mobile phone number as the calling number (250).

According to the fifth disposable telephone number identification method of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, and the N telephone numbers managed by the number management module (1 < / = N < / = N) telephone numbers that are not duplicated in the number of the service server (175) And receives the telephone number to be used as the origination number of the forward message, and can be used as a disposable telephone number to be used as the destination number of the reverse message (250).

According to the sixth disposable telephone number confirmation embodiment of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, (N < = 1 < / = n) which is not duplicated among the N telephone numbers managed by the number management module and has no history mapped to the mobile phone number based on the mapping history information. (e.g., provided in the authentication request information provided to the operation server 100) to the operation server 100, and the operation server 100 may select the phone number from the service server 100, (N) is used as a calling number of a forward message including the cell phone number as a called number, and at the same time, I can see a disposable phone number that will be used fenugreek (250).

According to the seventh disposable telephone number identification method of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (N > = 2) telephone numbers that can be generated by the number management module, wherein the number of N (N > = 2) telephone numbers (1 < n < N) telephone numbers, which are not included in the telephone number list, from the service server 175 to the operation server 100, And may be used as a source number of the forward message and may be identified as a disposable telephone number to be used as a destination number of the reverse message (250).

According to the eighth disposable telephone number identification example of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N ? 2) number, and when the mobile phone number of the user is confirmed, the mobile terminal confirms the mapping history information of the mobile phone number and confirms N (N?) That can be generated through the number management module. (1? N? N), which is generated so as not to be duplicated by combining digits of a number of digits specified in the designated station number among the 2) telephone numbers, and which has no history mapped with the mobile number based on the mapping history information, ) To the operation server 100, and the operation server 100 receives the n-th telephone number from the service server 175 The mobile phone number is used as a calling number of a forward message including the mobile phone number as a called number and the mobile phone number can be confirmed as a disposable phone number to be used as a called number of an uplink message including the calling number.

According to the method of the present invention, the disposable telephone number identified through at least one of the first to eighth disposable telephone number identification examples is not duplicated and is not used as a disposable telephone number for a predetermined period or more Phone number, unused phone number after designated initialization, unused phone number, unused phone number that has been used more than once as one-time phone number, unused phone number for more than one period, And may include at least one telephone number out of the telephone numbers.

Meanwhile, at the time of confirming the authentication request for providing the service of the service server 175, the operation server 100 includes the mobile phone number of the user as the called number and includes the one-time telephone number as the calling number, (255), which is included in the message body area of the forward message to be forwarded through the authentication channel, and synchronized to be output through the web / app screen of the user's wireless terminal 170 through the service channel.

The mobile phone number of the user is confirmed and a dynamically generated authentication code for providing the service is confirmed and used as a calling number of a forward message to be forwarded to the user's wireless terminal 170, When a disposable telephone number to be used as a destination number of a reverse message to be received in the reverse direction is identified, the operation server 100 maps the mobile phone number of the user, the generated authentication code, and the disposable telephone number to a designated medium DB or memory area, etc.) for a specified validity time (260).

After the mobile phone number of the user is mapped to the authentication code and the disposable telephone number in the designated storage medium, the operation server 100 maintains the mapping relationship between the mobile phone number held in the designated medium, the authentication code, and the disposable telephone number (Step 265). If the expiration time for maintaining the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number has elapsed, the operation server 100 determines a mapping relationship between the mobile phone number held in the designated storage medium, the authentication code and the disposable telephone number (270).

3 is a diagram illustrating a process of sending a forward message via a telephone network and a process of outputting an authentication code via a data network according to an embodiment of the present invention.

In more detail, FIG. 3 shows a case where after the mobile phone number of the user, the authentication code and the disposable telephone number are mapped, the mobile phone number of the user is included as the called number, the disposable telephone number is included as the calling number, And transmits the forwarding message including the contents and the synchronization information to be transmitted via the designated telephone network and transmits the authentication code through the web / application screen of the wireless terminal 170 via a separate data network separated from the telephone network And outputting the security code and the synchronization information to the mobile terminal 100. It should be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the present invention by referring to and / (E. G., An implementation method in which some steps are omitted or the order is changed) It is made, including any exemplary way in which the inference, to which the technical feature that is not limited to the exemplary method shown in the figure 3.

Referring to FIG. 3, when the mobile phone number of the user, the authentication code, and the disposable telephone number are mapped to the designated media through the process of FIG. 2, the operation server 100 includes the mobile phone number of the user as a called number The disposable telephone number is included as a calling number, a forward message including the contents of the message specified in the message body area and the synchronization information is formed (300), and processing is performed to forward the forward message via the designated telephone network (305).

The wireless terminal 170 corresponding to the mobile phone number of the user receives the forward message 310 via the mobile telephone network to which the mobile terminal 170 belongs and then transmits the forward message including the designated message included in the message body area of the forward message And outputs content (e.g., guide information) and synchronization information (315).

On the other hand, the operation server 100 confirms the web / application screen of the wireless terminal 170 corresponding to the forward message (320), and transmits the web message to the wireless terminal 170 via the separate data network separated from the telephone network (325) to output the security code including the authentication code through the web / application screen of the terminal 170 (325), and transmits the security code output through the web / application screen of the wireless terminal 170 Guidance information for selecting the authentication code and inputting the authentication code into the message body area of the reverse message corresponding to the reply of the forward message and returning the forward message to the wireless terminal 170 via the telephone network; (Step 325) so that at least one of the security information for inducing the use of the wireless terminal 170 and the synchronization information is output through the web / application screen of the wireless terminal 170.

The user's wireless terminal 170 receives the security code including the authentication code through the data network and outputs the security code through the web / application screen (330), and transmits the security information including the guidance information, (330) through the web / app screen.

4 is a diagram illustrating a process of authenticating the validity of a service provided through a data network using a disposable reverse reply message received via a telephone network according to an embodiment of the present invention.

In more detail, in FIG. 4, a forward message via the telephone network is sent to the wireless terminal 170 of the user, a security code is output through the web / application screen of the wireless terminal 170, The mobile terminal 170 includes the mobile phone number of the user as a calling number based on the reply writing of the forward message and includes the disposable phone number as the called number and displays the web / A message authentication procedure for authenticating whether a reverse message including an authentication code entered by a user in a message body area is validly received via the telephone network among the security codes output through the reverse authentication method, Message to the mobile phone number mapped with the disposable telephone number corresponding to the called number of the reverse message And a code authentication procedure for verifying the authentication code included in the message body area of the reverse message and authenticating whether the mobile phone number matches the authentication code mapped to the mobile phone number. Those skilled in the art will be able to refer to and / or modify Figure 4 to derive various implementations of the process (e.g., omitting some of the steps or changing the order) However, the present invention includes all of the above-mentioned embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

4, when a forward message via the telephone network is transmitted to the wireless terminal 170 of the user through the process of FIG. 3 and the security code is outputted through the web / application screen of the wireless terminal 170, The mobile terminal 170 checks the synchronization information output from the mobile terminal 170 in synchronization with the message body region of the forward message and the synchronization output information through the web application screen of the wireless terminal 170, / App screen, a designated authentication code among the security codes output on the web / application screen of the wireless terminal 170 is selected and input into the message body area of the reply writing of the forward message in accordance with the guidance information output to at least one side The user's wireless terminal 170 receives the authentication code in the message body area of the reply write of the forward message (400).

When the selected authentication code is input to the message body area of the reply message of the forward message, the wireless terminal 170 of the user transmits the forward message The mobile terminal 170 includes the mobile phone number of the user as a calling number, the disposable telephone number as a called number, and the security code output from the web / (405), and the operation server (100) transmits the disposable telephone number as a called number based on the reply write of the forward message A reverse message sent back from the user's wireless terminal 170 is received via one or more telephone networks (410).

If the user's wireless terminal 170 includes the disposable telephone number as a called number and the backward forwarded message is received via one or more telephone networks, the operating server 100 includes the disposable telephone number as a called number A message authentication procedure for authenticating the validity of the reverse received reverse-direction message is performed (415).

According to the first message authentication embodiment of the present invention, the operation server 100 reads out the number system of the origination number of the received reverse message, and confirms whether the number system corresponds to the mobile phone number. According to the method of the present invention, the reverse message is a message received in the reverse direction with the reply of the forward message sent to the user's wireless terminal 170, so that the calling number of the reverse message must be the mobile number of the user. However, a message (for example, an SMS or the like) via the telephone network can not be transmitted only by the wireless terminal 170, but may be a wired telephone connected to a wired telephone network, an Internet telephone or a VoIP phone based on the Internet network, Via the gateway to the designated gateway. The operation server 100 checks whether the number system of the origination number of the reverse message is a number system of the mobile phone number, and if the origination number of the reverse message is confirmed as the number system of the mobile number, (415) with a valid message available for the procedure.

According to the second message authentication embodiment of the present invention, the operation server 100 confirms the disposable telephone number corresponding to the called number of the received reverse message, and transmits the disposable telephone number and the mobile phone number It is checked whether the effective time for maintaining the mapping state has elapsed or has elapsed. According to the embodiment of the present invention, the operation server 100 can read the effective time counted and mapped with the disposable telephone number that received the reverse message, and confirm whether the valid time is before or after the effective time has elapsed. If the expiration time is before the expiration time, the operating server 100 may authenticate the reverse message with a valid message available for the authentication procedure (415).

According to the third message authentication embodiment of the present invention, when the operation server 100 sends a message via the telephone network in the data network, i (i > = 1) inserts that are automatically inserted into the message body area of the message You can keep your code. Preferably, when the i inserted codes are transmitted from a server on a data network rather than a terminal on the telephone network (for example, the wireless terminal 170 subscribed to the mobile telephone network) via the telephone network, And includes code that is set to be automatically inserted into the message body area of a message sent by the user, for example, one or more codes of '[', 'Web', 'web', 'WEB', 'web', ' can do. Meanwhile, when the mobile phone number is included as the calling number and an uplink message including the disposable telephone number as the called number is received, the operating server 100 analyzes the code included in the message body area of the received uplink message And at least one of the i inserted codes is included. If the mobile terminal does not include at least one embedded code in the message body area of the reverse message, the operation server 100 determines that the reverse message is not transmitted via the telephone network on the data network, (E.g., the wireless terminal 170 subscribed to the telephone network) and authenticates the reverse message with a valid message available for the authentication procedure (415).

According to the fourth message authentication embodiment of the present invention, the operation server 100 transmits a message to a message body area of a reverse message through key input means (for example, a key button, a touch screen, etc.) designated by the user's wireless terminal 170 It is possible to keep j (j ≥ 1) exception codes that can not be used as authentication codes among inputable codes. For example, when the authentication code is composed of only digits including '1' to '9' and '0', the operating server 100 transmits' J excepting codes including codes such as all the characters except for the numbers including '1' to '9' and '0' and symbols (including spaces such as 'space bar'). Meanwhile, when the authentication code includes a number including '1' to '9' and '0' and an alphabetical alphabet, the operating server 100 may transmit a code that can be input through key input means of the wireless terminal 170 You can keep j exception codes that contain codes such as all letters and symbols except the middle and the English alphabet. Meanwhile, when the authentication code includes digits including '1' to '9' and '0' and Hangul words, the operating server 100 transmits a code that can be inputted through key input means of the wireless terminal 170 You can keep j exception codes that contain codes such as all digits and symbols except for Chinese digits and Hangul characters. Meanwhile, when the mobile phone number is included as the calling number and an uplink message including the disposable telephone number as the called number is received, the operating server 100 analyzes the code included in the message body area of the received uplink message Check whether it contains at least one exception code of j exception codes. If the operation server 100 does not include at least one exception code in the message body area of the reverse message, the operation server 100 inputs an authentication code to the message body area of the reverse message at the user's wireless terminal 170 It can be considered that the authentication code is normally input without error and the reverse message can be authenticated (415) as a valid message available for the authentication procedure.

According to the fifth message authentication embodiment of the present invention, the operation server 100 authenticates the reverse message through at least part of at least two embodiments of the first to fourth message authentication embodiments (415) with a valid message available for the procedure, thereby not limiting the invention.

If the validity of the reverse message is not authenticated, the operation server 100 generates error information of the message authentication procedure (420), and transmits error information through the web / application screen of the wireless terminal (170) (420), the user's wireless terminal (170) receives the error information of the message authentication procedure through the data network and outputs the error information through the web / app screen (430) . Meanwhile, the operation server 100 may discard the error message (435).

On the other hand, if the validity of the uplink message is not authenticated, the operation server 100 checks the origination number of the uplink message, and transmits the uplink message to the called party (440), after confirming the disposable telephone number and the mapped mobile phone number, and then authenticating whether the origination number of the reverse message matches the mobile phone number confirmed through the designated medium.

If the origination number of the reverse message does not match the mobile number identified through the designated medium, the operation server 100 generates error information of the origination authentication procedure 420, The mobile terminal 170 processes the error information of the origination authentication procedure through the web / application screen of the terminal 170 (step 425). The user's wireless terminal 170 receives the error information of the origination authentication procedure through the data network And outputs it through the Web / App screen (430). Meanwhile, the operation server 100 may discard the error message (435).

If the source number of the reverse message is matched with the mobile phone number confirmed through the designated medium, the operation server 100 checks the authentication code included in the message body area of the reverse message, After confirming the authentication code mapped with the mobile phone number corresponding to the calling number of the reverse message and / or mapped with the disposable telephone number corresponding to the called number of the reverse message through a designated medium for maintaining the information, (445) a code authentication procedure for authenticating whether an authentication code included in the message body area matches an authentication code identified through the designated medium.

If the authentication code included in the message body region of the reverse message does not match the authentication code mapped to the mobile phone number, the operation server 100 generates error information of the code authentication procedure 420, (425) to output the error information of the code authentication procedure through the Web / App screen of the wireless terminal (170) via the wireless network (170), and the user's wireless terminal (170) And receives the error information and outputs it via the web / application screen (430). Meanwhile, the operation server 100 may discard the error message (435).

If the authentication code included in the message body area of the reverse message is matched with the authentication code mapped to the mobile phone number, the operation server 100 searches the service server 175 based on the results of the origination authentication and the code authentication, And provides the authentication result to the service server 175 or the user's wireless terminal 170 in step 450. The user's wireless terminal 170 transmits the authentication result to the service server 175, (455), and the service server (175) transmits the web / application screen of the wireless terminal (170) via the data network based on the disposable message based authentication result To provide the designated service.

100: Operation server 105: Authentication request confirmation part
110: mobile phone number confirmation unit 115: authentication code verification unit
120: Disposable number confirmation unit 125: Synchronization information confirmation unit
130: mapping maintaining unit 135: message sending unit
140: Information output unit 145: Message receiving unit
150: message authentication unit 155: origin authentication unit
160: Code authentication unit 165: Result processing unit
170: wireless terminal 175: service server

Claims (25)

And is operable through an operation server operable through a separate data network separate from the user's wireless terminal and capable of exchanging messages with a user's wireless terminal through a telephone network in cooperation with a service server providing a designated service to the user Lt; / RTI >
When authenticating for service provision of the service server, a user's mobile phone number is confirmed, a dynamically generated authentication code is confirmed for providing the service, and the user's mobile phone number is included as a called number and is transmitted through a telephone network The method comprising: identifying a dynamically determined disposable telephone number for use as a calling number of a forward message and for use as a destination number of an uplink message to be received in response to the forward message; A step of performing a procedure for confirming synchronization information to be outputted through a web / application screen of a wireless terminal which receives the synchronization information;
A second step of mapping the mobile phone number of the user, the generated authentication code, and the disposable telephone number to maintain the mobile phone number for a specified valid time;
The mobile communication terminal includes the mobile phone number of the user as a called number, the disposable telephone number as a calling number, the forward message including the contents of the message specified in the message body area and the synchronization information to be transmitted via the designated telephone network, A third step of outputting a security code including the authentication code and the synchronization information via a separated separate data network via a web / app screen of the wireless terminal;
Wherein the mobile terminal includes the mobile phone number of the user as a calling number based on the reply writing of the forward message from the wireless terminal of the user who has received the forward message and includes the disposable phone number as the called number, A fourth step of performing a message authentication procedure for authenticating whether a reverse message including an authentication code entered in a message body area by a user is validly received via the telephone network among the security codes output via the telephone network;
A source authentication procedure for verifying the originating number of the uplink message and authenticating whether the one-time phone number corresponding to the called number of the uplink message matches a mobile number mapped, upon receipt of the uplink message, A fifth step of verifying the authentication code included in the mobile phone number and performing a code authentication procedure for authenticating whether the mobile phone number matches the authentication code mapped to the mobile phone number; And
And a sixth step of generating an authentication result for providing a service of the service server based on a result of the origination authentication and the code authentication and providing the authentication result to the service server or the user's wireless terminal .
2. The method according to claim 1,
N number (1? N? N) telephone numbers which are not duplicated among the N telephone numbers from the number management module managing N (N? 2) telephone numbers are used as origination numbers of the forward messages, And confirming the disposable telephone number with a disposable telephone number to be used as a destination number of the reverse message.
2. The method according to claim 1,
(N ≥ 2) telephone numbers that can be generated by combining the dynamic number of the designated number with the designated telephone number system in the designated station number managed by the number management module, (1 < / = N < / = N) telephone number which is not used as a calling number of the forward message and identifies as a disposable telephone number to be used as a destination number of the reverse message. Authentication method using disposable reverse reply message.
2. The method according to claim 1,
When the mobile phone number of the user is confirmed,
N (1? N? N) telephone numbers that are not duplicated among the N telephone numbers from the number management module managing N (N? 2) telephone numbers and have no history mapped with the mobile number, As a calling number of a forward message including a calling number and a calling number of a reverse message including the mobile number as an originating number, using a disposable reverse reply message Authentication method using message.
2. The method according to claim 1,
When the mobile phone number of the user is confirmed,
(N ≥ 2) telephone numbers that can be generated by combining the dynamic number of the number of digits specified in the designated station number managed by the number management module with the designated telephone number system, and combine the non-duplicated numbers of digits specified in the designated station number (1 ≤ n ≤ N) phone number that is generated and has no history mapped to the mobile phone number is used as a calling number of a forward message including the mobile phone number as a called number, And confirming with a disposable telephone number to be used as a destination number of an uplink message including the disposable reverse reply message.
The method as claimed in any one of claims 2 to 5,
N phone numbers that are not used as disposable telephone numbers for a certain period of time or longer,
N number of telephone numbers that are not used as one-time telephone numbers after the designated initialization,
A telephone number of N telephone numbers that has not been reused for a certain period of time after being used as a one-time telephone number,
And a telephone number of at least one of telephone numbers that have not been reused for the longest period after being used as a one-time telephone number among N telephone numbers.
2. The method of claim 1,
Information included in service information of the service server,
At least a part of information included in the service information,
Information included in user information about the user,
At least a part of information included in the user information,
Information registered by the user,
Wherein the mobile terminal includes at least one of a message body area of the forward message and information dynamically generated or determined to be output in synchronization with the web application screen of the wireless terminal.
2. The method according to claim 1,
Further comprising the step of storing and managing mapping history information on a mapping relationship between the mobile phone number and the disposable telephone number in a designated DB.
The method according to claim 1,
Wherein the second step further comprises counting a validity time for maintaining a mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number,
Confirming whether the validity period of maintaining the mapping relationship has elapsed; And
And deactivating the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number when the validity time has elapsed.
The method of claim 1,
Includes an authentication code to be entered into a message body area of the reverse message, or
And a combination of the authentication code and any dummy code that is not input in the message body area of the reverse message.
2. The method according to claim 1,
Apparatus according to claim 1, further comprising: an instruction information unit for instructing confirmation of a synchronization state between synchronization information included in a message body area of a forward message sent to the mobile phone number of the user and synchronization information output through a web / And outputting the disposable reverse reply message through the application screen.
2. The method according to claim 1,
Transmitting guidance information for inputting an authentication code output through a web / application screen of the wireless terminal into a message body area of a reverse message corresponding to the reply of the forward message and returning the guidance information to the web / The method of claim 1, further comprising the step of processing the disposable reverse reply message.
2. The method according to claim 1,
The authentication code output from the web / application screen of the wireless terminal is input to the message body area of the forward message that is sent to the mobile phone number of the user, and is returned to the message body area of the reverse message corresponding to the reply of the forward message The method comprising the steps of: (a) receiving a reverse response message from the mobile terminal;
2. The method according to claim 1,
Further comprising the step of outputting, through the web / application screen of the wireless terminal, security information for guiding the user to safely use the forward message sent to the mobile phone number of the user, using the disposable reverse reply message Authentication method.
15. The method according to claim 14,
Content information for notifying a user that a direction message for authenticating service provision by a designated service provider is sent to the mobile phone number of the user,
Content information for informing the user that a forward message including the content of the message specified in the message body area is sent to the mobile phone number of the user,
And contents information indicating that a forward message including the disposable telephone number as a calling number has been sent to the mobile phone number of the user, in response to the disposable reverse reply message.
2. The method of claim 1,
A message transmitted through a telephone network to which the user's mobile terminal is subscribed, verifies whether the mobile phone number actually assigned to the mobile terminal that has sent the message in the communication company system providing the telephone network of the mobile station matches the calling number included in the message When the cell phone number of the wireless terminal matches the calling number of the message, the disposable telephone number is received through the communication company system as a disposable telephone number corresponding to the called number included in the message. Way.
The method as claimed in claim 1,
Identifying a reverse message received at the designated disposable telephone number;
Reading the number system of the origination number of the reverse message and confirming whether the number system corresponds to the mobile phone number; And
And authenticating the reverse message as a valid message that can be used in the authentication procedure when the calling number of the reverse message is a number system of the mobile phone number.
The method as claimed in claim 1,
Identifying a reverse message received at the designated disposable telephone number; And
Confirming whether the valid time for maintaining the mapping state between the disposable telephone number and the mobile phone number that has received the reverse message has elapsed; And
And authenticating the uplink message with a valid message that can be used in the authentication procedure if the valid time is before the elapse of the valid time.
The method according to claim 1,
Further comprising the step of maintaining i (i > = 1) embedded codes set to be automatically inserted into the message body area of the message when the message is transmitted from the data network via the telephone network,
In the fourth step,
Analyzing a code included in the message body area of the reverse message received at the disposable telephone number to confirm whether the inserted code includes at least one of the i inserted codes; And
And if the at least one embedded code is not included in the message body area of the uplink message, authenticating the uplink message as a valid message usable in the authentication procedure. .
The method according to claim 1,
Further comprising the step of maintaining j (j > = 1) exception codes that are not used as authentication codes among codes that can be input in the message body area of the reverse message at the user's wireless terminal,
In the fourth step,
Analyzing a code included in the message body area of the reverse message received by the disposable telephone number and confirming whether it includes at least one exception code among j exception codes; And
Further comprising: confirming that the reverse message is validly received if the at least one exception code is not included in the message body area of the reverse message.
21. The method of claim 20,
And outputting error information for the message body area of the reverse message through the web / app screen of the wireless terminal when the at least one exception code is included in the message body area of the reverse message. The authentication method using the disposable reverse reply message.
The method as claimed in claim 1,
And outputting the generated error information through the Web / App screen of the wireless terminal when the error of the origin authentication or the code authentication occurs.
23. The method of claim 22,
And does not send the error information to the user's wireless terminal through the forward message upon occurrence of the error.
A computer-readable recording medium storing a program for executing the method of claim 1.
A system capable of exchanging messages via a wireless network with a user and a telephone network, the system being operable through a separate data network separate from the user's wireless terminal and the telephone network,
A mobile phone number confirmation unit for confirming the mobile phone number of the user;
An authentication code confirmation unit for confirming a dynamically generated authentication code for service provision;
A mobile phone number of the user is included as a called number and is used as a calling number of a forward message to be transmitted through the telephone network and a dynamically determined disposable telephone number for use as a called number of an uplink message to be received in response to the forward message Disposable number identification unit;
A synchronization information checking unit included in the message body area of the forward message and confirming synchronization information to be output through synchronization on the Web / App screen of the wireless terminal receiving the forward message;
A mapping unit configured to map the mobile phone number of the user, the generated authentication code, and the disposable telephone number to maintain the disposable telephone number for a designated valid time;
A message sending unit that includes the mobile phone number of the user as a called number and includes the disposable telephone number as a calling number and processes a forward message including the contents of the message specified in the message body area and the synchronization information through a designated telephone network ;
An information output unit for outputting a security code including the authentication code and the synchronization information via a web / app screen of the wireless terminal via a separate data network separated from the telephone network;
Wherein the mobile terminal includes the mobile phone number of the user as a calling number based on the reply writing of the forward message from the wireless terminal of the user who has received the forward message and includes the disposable phone number as the called number, A message receiving unit for receiving, via a telephone network, a reverse message including an authentication code input by a user in a message body area of the security code output through the telephone network;
A message authentication unit for authenticating the validity of the reverse message received via the telephone network;
An originating authentication unit for verifying the origination number of the reverse message when the reverse message is received and authenticating whether the disposable telephone number corresponding to the called number of the reverse message is matched with the mapped mobile number;
A code authentication unit for verifying an authentication code included in the message body area of the reverse message and verifying whether the authentication code matches the authentication code mapped to the mobile phone number; And
And a result processor for generating and providing an authentication result for providing the service based on the results of the origination authentication and the code authentication.

Images