WO2009091158A2 - Final confirmation system and method for trading in electronic commerce - Google Patents

Final confirmation system and method for trading in electronic commerce

Info

Publication number
WO2009091158A2
WO2009091158A2 PCT/KR2009/000064 KR2009000064W WO2009091158A2 WO 2009091158 A2 WO2009091158 A2 WO 2009091158A2 KR 2009000064 W KR2009000064 W KR 2009000064W WO 2009091158 A2 WO2009091158 A2 WO 2009091158A2
Authority
WO
WIPO (PCT)
Prior art keywords
final confirmation
auxiliary device
user
commerce
confirmation information
Prior art date
Application number
PCT/KR2009/000064
Other languages
French (fr)
Korean (ko)
Other versions
WO2009091158A3 (en
Inventor
Byung-Ryul Lim
Original Assignee
Sorinamoo Solution Co. Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sorinamoo Solution Co. Ltd. filed Critical Sorinamoo Solution Co. Ltd.
Publication of WO2009091158A2 publication Critical patent/WO2009091158A2/en
Publication of WO2009091158A3 publication Critical patent/WO2009091158A3/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]

Definitions

  • the present invention relates to a transaction final confirmation system and method in electronic commerce to confirm transaction details and securely transmit transaction approvals to an electronic commerce system when performing financial transactions, stock transactions, shopping, item transactions, etc. over the Internet. .
  • a method of encrypting and transmitting data between an e-commerce server and a user's PC is for security of a network communication network, and has a weak point for hacking at an input terminal (for example, a personal computer).
  • the secure keyboard input method is a method for preventing hacking by encrypting transaction data input by the user through an enhanced keyboard without using an existing keyboard of the user PC and transmitting it to the e-commerce server.
  • this method has a disadvantage in that the hardware is large, the inconvenience of carrying, and the security keyboard manufacturing cost are high, which burdens the user and does not provide a method of safely checking the transaction contents.
  • This method is safe because it is difficult to hack two channels simultaneously.
  • this method incurs new system and channel usage costs in order to use channels other than Internet channels.
  • This method implements S / W function to encrypt keyboard input value and transmit it to PC or server to prevent keyboard hacking. It is a method that implements the existing security keyboard method in S / W and there is no H / W cost and provides convenience of installation. However, this method has a security problem that cannot prevent the latest hacking that attacks the keyboard security software itself.
  • Memory hacking which has become a problem recently, is a method in which a hacker modifies user input information and causes damage. Many attempts have been made to solve this problem, but there is no solution that satisfies security, cost, portability, and user convenience.
  • An object of the present invention is to output the content of the final confirmation process in the e-commerce to the output of the auxiliary device, the final confirmation system from the e-commerce transaction that can disable the hacking by transmitting the final confirmation from the user to the e-commerce server and To provide a way.
  • the transaction final confirmation system in the electronic commerce encrypts the summary of the transaction with the security key shared by the electronic commerce server with the auxiliary device in the final confirmation step during the electronic commerce and delivers it to the auxiliary device.
  • the auxiliary device decrypts the encrypted transaction summary and outputs it to the output unit to deliver the contents necessary for final confirmation of the transaction to the user.
  • the user transmits a transaction confirmation to the e-commerce server when the output printed on the output matches the actual transaction.
  • the transaction confirmation method may include selecting a confirmation button of an auxiliary device and inputting an authentication code value displayed on an output of the auxiliary device to a user PC.
  • the final confirmation input unit is present in the auxiliary device
  • the authentication code input method shown in the output unit is the final confirmation input unit of the auxiliary device is present in the user PC.
  • the auxiliary device is a device for interworking with the user PC refers to a device for communicating with the user PC using a wired method such as USB, Serial, Parallel, 1394, and a wireless method such as Bluetooth, WLAN.
  • the auxiliary device includes a security key, an output unit, and a button.
  • the security key of each auxiliary device is the same value as the security key of the auxiliary device having the same serial number among the security keys stored in the e-commerce server.
  • the security key is used to encrypt and decrypt the data exchanged between the e-commerce server and the auxiliary device.
  • the output unit of the auxiliary device performs a function of outputting information transmitted from the e-commerce server.
  • the output unit of the auxiliary device is a device that performs a function of visually transmitting the information to the user as LCD, LED, and the like.
  • the button of the auxiliary device is a device used to determine whether or not to confirm or proceed with the final confirmation content delivered to the auxiliary device by the e-commerce server.
  • the button of the auxiliary device may be implemented as a push button or a touch screen button. Although the button has a confirmation cancel button, the button may not be required depending on the confirmation method among contents transmitted from the e-commerce server. If you do not use the buttons on the auxiliary device, the same function is performed through other input devices such as the keyboard of the user's PC.
  • the external structure of the auxiliary device is as follows. The first is when the auxiliary device consists of a PC connection terminal, an output and a button.
  • the PC connection terminal is a part for interworking with a user PC
  • an output part is a part for outputting information
  • a button is a part for receiving an input from a user.
  • the auxiliary device receives a final confirmation result from the user using a button
  • the assistant encrypts the final verification result and forwards it to the user's PC;
  • the e-commerce server is configured to complete the e-commerce according to the final confirmation result.
  • the user PC passes the verification code to the e-commerce server as the final verification result value
  • the e-commerce server is configured to complete the e-commerce according to the final confirmation result.
  • Transaction final confirmation system and method in the electronic commerce increased the portability by using an auxiliary device that is easy to carry compared to similar security products (secure keyboard, etc.) composed of hardware, and encrypts the final confirmation information
  • the user has a high security by providing a method for checking whether the transaction has been tampered with by a hack or an error through a safe device for hacking. By doing so, it is possible to disable the latest hacking such as memory hacking, thereby increasing the safety of e-commerce and contributing to the vitalization of the market.
  • 1 and 2 is an external structural diagram of two forms of the auxiliary device in the present invention
  • FIG. 3 is a block diagram illustrating an example of a system for implementing a transaction final confirmation system and method in an electronic commerce in accordance with the present invention.
  • 4 and 5 are block diagrams showing an auxiliary device in the present invention.
  • FIG. 6 is a flowchart illustrating a system and method for confirming a transaction finalization in an electronic commerce according to the present invention.
  • FIG. 7 is a flowchart illustrating another example of a system and method for confirming a transaction finalization in an electronic commerce according to the present invention.
  • the external structure of the auxiliary device is of two types.
  • the auxiliary device 30 includes a PC connection terminal 31a, an output unit 32a, and buttons 33a and 33b.
  • the PC connection terminal 31a is a part that performs a function of interworking with the user PC 20
  • the output unit 32a is a part where final confirmation information is output
  • the buttons 33a and 33b receive a final confirmation input from the user. This part performs the receiving function.
  • the auxiliary device 30 includes a PC connection terminal 31a and an output unit 32a.
  • the PC connection terminal 31a is a part that performs a function of interworking with the user PC 20, and the output unit 32a is a part where final confirmation information is output.
  • the final confirmation system using the auxiliary device in the electronic commerce includes an electronic commerce server 10, a user PC 20, and an auxiliary device 30.
  • the e-commerce server 10 is a server that conducts transactions over the Internet.
  • the e-commerce server 10 is composed of an auxiliary device security key DB 13, the final confirmation information transmission unit 11 and the final confirmation result receiving unit 12.
  • the auxiliary device security key DB 13 manages a security key stored in the user's auxiliary device.
  • the final confirmation information transmitting unit 11 performs a function of encrypting and delivering the final confirmation information to the user's auxiliary device.
  • the final confirmation result receiving unit 12 receives a result of the final confirmation information from the user and performs a function of finishing the progress of the e-commerce.
  • the user PC 20 is composed of an information delivery unit 21 and a final confirmation result input unit 22.
  • the information transfer unit 21 performs a function of transferring data between the e-commerce server 10 and the auxiliary device 30.
  • the input unit 22 exists when the authentication code output to the output unit 32 of the auxiliary device 30 is used, and inputs the authentication code output to the output unit 32 of the auxiliary device 30. It performs the function of transmitting to the e-commerce server (10).
  • the auxiliary device 30 includes a security key storage unit 34, a final confirmation information receiving unit 31, an output unit 32, and a final confirmation result input unit 32.
  • the security key storage unit 34 is a place where the security key shared with the e-commerce server 10 is stored. Data encryption and decryption are performed using this security key.
  • the final confirmation information receiver 31 performs a function of receiving and decrypting the encrypted final confirmation information from the e-commerce server 10.
  • the output unit 32 performs a function of outputting the final confirmation information decoded by the final confirmation information receiver 31.
  • the final confirmation result input unit 33 is present when the confirmation result is input by the button of the auxiliary device 30, and the user who confirms the final confirmation information output to the output unit 32 selects the confirmation or cancellation button and then e-commerce. It performs the function of delivering the final confirmation information to the server (10).
  • the internal structure of the auxiliary device is of two types.
  • the internal configuration of the auxiliary device 30 includes a PC interface 31, a CPU 35, a memory 36, a controller 37, an output unit 32, and a button 33. .
  • the internal configuration of the auxiliary device 30 includes a PC interface 31, a CPU 35, a memory 36, a controller 37, and an output unit 32.
  • the PC Interface 31 performs a function of interworking with a PC and a wired method such as USB, Serial, Parallel, 1394 and a wireless method such as Bluetooth, wireless LAN.
  • the CPU 35 performs an operation such as encryption / decryption.
  • the memory 36 stores a security key.
  • the controller 37 performs a function of controlling the output unit 32 and the button 33.
  • the output unit 32 performs a function of outputting final confirmation information.
  • the button 33 has a button for confirming and canceling when the user inputs the final confirmation information using the auxiliary device 30, and performs the function of generating the final confirmation information.
  • the transaction final confirmation system and method in the electronic commerce encrypts the final confirmation information after the electronic commerce server 10 proceeds to the final step of the electronic commerce.
  • the electronic commerce server 10 transmits the encrypted final confirmation information to the user PC 20.
  • the user PC 20 transmits the received encrypted final confirmation information to the auxiliary device 30.
  • the auxiliary device 30 decrypts the received encrypted final confirmation information.
  • the auxiliary device 30 outputs the final confirmation information to the output unit.
  • the auxiliary device converts the input button value into the final confirmation result and encrypts the final confirmation result value.
  • the auxiliary device 30 transmits the encrypted final confirmation result value to the user PC 20.
  • the user PC 20 transmits the encrypted final confirmation result value to the e-commerce server 10.
  • the e-commerce server 10 decrypts after receiving the encrypted final confirmation result.
  • the e-commerce server 10 proceeds with the completion of the e-commerce according to the value.
  • the transaction final confirmation system and method in the electronic commerce according to the second embodiment of the present invention encrypts the final confirmation information after the electronic commerce server proceeds to the final step of the electronic commerce.
  • the electronic commerce server 10 transmits the encrypted final confirmation information to the user PC 20.
  • the user PC 20 transmits the received encrypted final confirmation information to the auxiliary device 30.
  • the auxiliary device 30 decrypts the received encrypted final confirmation information.
  • the auxiliary device 30 outputs the final confirmation information to the output unit.
  • the user When the user sees the final confirmation information output to the output unit of the auxiliary device 30 and matches the contents of his / her transaction, the user inputs the authentication code outputted to the output unit to the user PC 20.
  • the user PC 20 transmits the input final confirmation result value to the e-commerce server 10.
  • the e-commerce server 10 performs the completion process of the e-commerce according to the value of the received final confirmation result.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • General Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

This invention relates to a final confirmation system and a method for trading in electronic commerce which confirm trade details and securely transfer authorization of trade to an electronic commercial system when performing a financial trade, a stock exchange, an item trade, shopping etc. on the internet. The disclosed final confirmation system for trading in electronic commerce is characterized in that: in the final confirmation step of electronic commerce, an electronic commercial server (10) encodes summarized trade contents by using a security key shared with an auxiliary device (30) and transfers the encoded contents to the auxiliary device; the auxiliary device (30) decodes the encoded summarized trade contents and transfers the contents necessary for the final confirmation of trade to a user by outputting the decoded contents to an output unit; and a user transfers authorization of trade to the electronic commercial server (10) if the contents outputted to the output unit are identical to those of his/her actual trade.

Description

전자상거래에서 거래 최종 확인 시스템 및 방법Transaction final confirmation system and method in e-commerce
본 발명은 인터넷을 통하여 금융거래, 주식거래, 쇼핑, 아이템 거래 등을 수행 할 때, 거래 내역을 확인하고 거래 승인을 안전하게 전자상거래 시스템으로 전달하도록 하는 전자상거래에서 거래 최종 확인 시스템 및 방법에 관한 것이다.The present invention relates to a transaction final confirmation system and method in electronic commerce to confirm transaction details and securely transmit transaction approvals to an electronic commerce system when performing financial transactions, stock transactions, shopping, item transactions, etc. over the Internet. .
오늘날 전자상거래에서 많은 단계에서 해킹이 이루어지고 있고 각 단계별 해킹을 막기 위한 여러 가지 방법들이 있다. 그러나 이러한 방법들이 최신 해킹 프로그램에 대하여 모두 안전성을 제공할 수 없다.There are many stages of hacking in e-commerce today, and there are many ways to prevent each stage of hacking. However, neither of these methods can provide security for modern hacking programs.
현재 나와 있는 대표적인 최종 확인 방법은 다음과 같다.Representative final confirmation methods are as follows.
1. 암호화 전송방법1. Encryption transmission method
전자상거래 서버와 사용자 PC간 데이터를 암호화하여 전송하는 방법이다. 이 방법은 네트워크 통신망에 대한 보안을 위한 것으로서, 입력단(예를들어, 퍼스널 컴퓨터)에서의 해킹에 대한 약점을 가지고 있다.A method of encrypting and transmitting data between an e-commerce server and a user's PC. This method is for security of a network communication network, and has a weak point for hacking at an input terminal (for example, a personal computer).
2. 보안 키보드 입력 방법2. Secure keyboard input method
보안 키보드 입력 방법은 사용자 PC의 기존 키보드를 이용하지 않고 보안 기능이 강화된 키보드를 통하여 이용자가 입력한 거래 데이터를 암호화하여 전자상거래 서버로 전송함으로서 해킹을 방지하기 위한 방법이다. 그러나, 이 방법은 하드웨어가 크고 휴대의 불편함 그리고 보안키보드 제조비용이 높아 이용자의 부담이 크고 거래 내용을 안전하게 확인하는 방법을 제공하지 못하는 단점이 있다.The secure keyboard input method is a method for preventing hacking by encrypting transaction data input by the user through an enhanced keyboard without using an existing keyboard of the user PC and transmitting it to the e-commerce server. However, this method has a disadvantage in that the hardware is large, the inconvenience of carrying, and the security keyboard manufacturing cost are high, which burdens the user and does not provide a method of safely checking the transaction contents.
3. 투웨이(two-way) 입력 방법3. Two-way input method
이용자가 유선 전화나 휴대폰 등의 인터넷이 아닌 다른 채널을 이용하여 최종 확인을 수행하는 방법이다. 이 방법은 2개의 채널을 동시에 해킹하는 것이 어렵기 때문에 안전한 방법이다. 그러나 이 방법은 인터넷 채널 이외에 다른 채널을 이용하기 위하여 새로운 시스템 및 채널 이용 비용이 발생한다.This is how a user performs final verification using a channel other than the Internet such as a landline phone or a mobile phone. This method is safe because it is difficult to hack two channels simultaneously. However, this method incurs new system and channel usage costs in order to use channels other than Internet channels.
4. 키보드 보안 방법(Anti-KeyLogger)4. Keyboard Security Methods (Anti-KeyLogger)
이 방법은 키보드 해킹을 막기 위하여 키보드의 입력 값을 암호화 하여 PC 또는 서버로 전달하는 기능을 S/W 적으로 구현한 방식이다. 기존 보안 키보드 방식을 S/W로 구현한 방식으로 H/W 비용이 없으며 설치의 편리함을 제공한다. 그러나 이 방법은 키보드 보안 S/W 자체를 공격하는 최신 해킹을 막을 수 없는 보안 문제점을 가지고 있다.This method implements S / W function to encrypt keyboard input value and transmit it to PC or server to prevent keyboard hacking. It is a method that implements the existing security keyboard method in S / W and there is no H / W cost and provides convenience of installation. However, this method has a security problem that cannot prevent the latest hacking that attacks the keyboard security software itself.
최근 문제가 되고 있는 메모리 해킹은 사용자가 입력한 정보를 해커가 변조하여 피해를 발생시키는 방식이다. 이 문제를 해결하기 위해서 많은 시도를 하고 있으나 보안성, 비용, 휴대성 및 사용자 편의성을 모두 만족시키는 해결 방법이 없었다.Memory hacking, which has become a problem recently, is a method in which a hacker modifies user input information and causes damage. Many attempts have been made to solve this problem, but there is no solution that satisfies security, cost, portability, and user convenience.
본 발명의 목적은 전자상거래에서 최종 확인 절차의 내용을 보조장치의 출력부에 출력 하고, 사용자로부터 최종 확인을 입력받아 전자상거래 서버로 전송하여 해킹을 무력화 시킬 수 있는 전자상거래에서 거래 최종 확인 시스템 및 방법을 제공하는 것이다.An object of the present invention is to output the content of the final confirmation process in the e-commerce to the output of the auxiliary device, the final confirmation system from the e-commerce transaction that can disable the hacking by transmitting the final confirmation from the user to the e-commerce server and To provide a way.
상기와 같은 목적을 달성하기 위하여 본 발명에 따른 전자상거래에서 거래 최종 확인 시스템은 전자상거래시 최종 확인 단계에서 전자상거래 서버가 거래의 요약 내용을 보조장치와 공유한 보안 Key로 암호화하고 보조장치로 전달하며, 보조장치는 암호화된 거래 요약 내용을 복호화하고 출력부에 출력하여 사용자에게 거래 최종 확인에 필요한 내용을 전달한다. 사용자는 출력부에 출력된 내용이 본인이 실제 거래한 내용과 일치를 하면 거래 확인을 전자상거래 서버로 전달한다. 거래 확인을 전달하는 방법은 보조장치의 확인 버튼을 선택하는 방법과 보조장치의 출력부에 나타난 인증코드 값을 사용자 PC에 입력하는 방식이 있다. In order to achieve the above object, the transaction final confirmation system in the electronic commerce according to the present invention encrypts the summary of the transaction with the security key shared by the electronic commerce server with the auxiliary device in the final confirmation step during the electronic commerce and delivers it to the auxiliary device. The auxiliary device decrypts the encrypted transaction summary and outputs it to the output unit to deliver the contents necessary for final confirmation of the transaction to the user. The user transmits a transaction confirmation to the e-commerce server when the output printed on the output matches the actual transaction. The transaction confirmation method may include selecting a confirmation button of an auxiliary device and inputting an authentication code value displayed on an output of the auxiliary device to a user PC.
보조장치의 확인 버튼을 선택하는 방법은 최종 확인 입력부가 보조장치에 존재하고, 출력부에 나타난 인증코드 입력 방식은 보조장치의 최종확인 입력부가 사용자 PC에 존재하게 된다.In the method of selecting the confirmation button of the auxiliary device, the final confirmation input unit is present in the auxiliary device, and the authentication code input method shown in the output unit is the final confirmation input unit of the auxiliary device is present in the user PC.
본 발명에 있어서, 보조장치는 사용자 PC와 연동하는 장치로서 USB, Serial, Parallel, 1394 등 유선 방식과 블루투스, 무선 랜 등 무선 방식을 이용하여 사용자 PC와 통신하는 장치를 말한다.In the present invention, the auxiliary device is a device for interworking with the user PC refers to a device for communicating with the user PC using a wired method such as USB, Serial, Parallel, 1394, and a wireless method such as Bluetooth, WLAN.
상기 보조장치는 보안Key, 출력부, 버튼으로 구성되어 있다. 각 보조장치의 보안Key는 전자상거래 서버에 저장된 보안Key 중 같은 일련번호를 갖는 보조장치의 보안Key와 동일한 값이다. 이 보안 Key를 이용하여 전자상거래 서버와 보조장치간에 주고 받는 데이터를 암호화 및 복호화 한다. The auxiliary device includes a security key, an output unit, and a button. The security key of each auxiliary device is the same value as the security key of the auxiliary device having the same serial number among the security keys stored in the e-commerce server. The security key is used to encrypt and decrypt the data exchanged between the e-commerce server and the auxiliary device.
보조장치의 출력부는 전자상거래 서버로부터 전달된 정보를 출력시키는 기능을 수행한다. 보조장치의 출력부는 LCD, LED 등으로서 사용자에게 정보를 출력하여 가시적으로 전달하는 기능을 수행하는 장치를 말한다.The output unit of the auxiliary device performs a function of outputting information transmitted from the e-commerce server. The output unit of the auxiliary device is a device that performs a function of visually transmitting the information to the user as LCD, LED, and the like.
보조장치의 버튼은 전자상거래 서버가 보조장치로 전달한 최종 확인 내용의 확인 또는 진행 여부를 결정할 때 사용하는 장치이다. 보조장치의 버튼은 누르기식 버튼, 터치스크린 방식의 버튼으로 구현될 수 있다. 버튼은 확인 취소 버튼이 존재 하나, 전자상거래 서버로부터 전달된 내용 중 확인 방법에 따라 버튼이 필요하지 않을 수 도 있다. 보조장치의 버튼을 사용하지 않는 경우 사용자 PC의 키보드 등의 다른 입력장치를 통해 동일한 기능을 수행하게 된다.The button of the auxiliary device is a device used to determine whether or not to confirm or proceed with the final confirmation content delivered to the auxiliary device by the e-commerce server. The button of the auxiliary device may be implemented as a push button or a touch screen button. Although the button has a confirmation cancel button, the button may not be required depending on the confirmation method among contents transmitted from the e-commerce server. If you do not use the buttons on the auxiliary device, the same function is performed through other input devices such as the keyboard of the user's PC.
보조장치의 외부 구조는 다음과 같이 두 가지의 모습이다. 첫 번째는 보조장치가 PC 연결 단자, 출력부 그리고 버튼으로 구성된 경우이다. PC 연결단자는 사용자 PC와 연동하는 기능을 수행하는 부분이고, 출력부는 정보가 출력되는 부분이고, 버튼은 사용자로부터 입력을 받는 기능을 수행하는 부분이다.The external structure of the auxiliary device is as follows. The first is when the auxiliary device consists of a PC connection terminal, an output and a button. The PC connection terminal is a part for interworking with a user PC, an output part is a part for outputting information, and a button is a part for receiving an input from a user.
본 발명에 따른 전자 상거래에서 거래 최종 확인 방법의 일례는 An example of a transaction final confirmation method in the e-commerce according to the present invention is
전자상거래 서버가 최종 확인 정보를 생성 및 암호화 하여 사용자 PC로 전달하는 단계와,Generating and encrypting the final confirmation information by the e-commerce server to the user PC;
사용자 PC가 암호화된 최종 확인 정보를 보조장치로 전달하는 단계와,Transmitting, by the user PC, the encrypted final confirmation information to the auxiliary device;
보조장치가 전달된 암호화된 최종 확인 정보를 복호화 하는 단계와,Decrypting the transmitted encrypted final confirmation information by the auxiliary device;
보조장치가 암호화된 최종 확인 정보를 출력부로 출력하는 단계와,Outputting, by the auxiliary device, the final confirmation information encrypted;
보조장치가 사용자로부터 버튼을 이용하여 최종 확인 결과를 입력 받는 단계와,The auxiliary device receives a final confirmation result from the user using a button;
보조장치가 최종 확인 결과를 암호화 하여 사용자 PC로 전달하는 단계와,The assistant encrypts the final verification result and forwards it to the user's PC;
사용자 PC가 암호화된 최종 확인 결과를 전자상거래 서버로 전달하는 단계와,Transmitting, by the user PC, the final encrypted result to the e-commerce server;
전자상거래 서버가 암호화된 최종 확인 결과를 복호화 하는 단계와,Decrypting the encrypted final confirmation result by the e-commerce server;
전자상거래 서버가 최종 확인 결과에 따라 전자상거래를 완료하는 단계로 구성되는 것을 특징으로 한다.Characterized in that the e-commerce server is configured to complete the e-commerce according to the final confirmation result.
본 발명에 따른 전자 상거래에서 거래 최종 확인 방법의 또 다른 예는 Another example of a transaction final confirmation method in an electronic commerce according to the present invention
전자상거래 서버가 최종 확인 정보를 생성 및 암호화 하여 사용자 PC로 전달하는 단계와,Generating and encrypting the final confirmation information by the e-commerce server to the user PC;
사용자 PC가 암호화된 최종 확인 정보를 보조장치로 전달하는 단계와,Transmitting, by the user PC, the encrypted final confirmation information to the auxiliary device;
보조장치가 전달된 암호화된 최종 확인 정보를 복호화 하는 단계와,Decrypting the transmitted encrypted final confirmation information by the auxiliary device;
보조장치가 암호화된 최종 확인 정보를 출력부로 출력하는 단계와,Outputting, by the auxiliary device, the final confirmation information encrypted;
사용자PC가 사용자로부터 보조장치에 출력된 인증 코드 값을 입력 받는 단계와,Receiving, by the user PC, the authentication code value outputted from the user to the auxiliary device;
사용자 PC가 인증 코드를 최종 확인 결과 값으로 전자상거래 서버로 전달하는 단계와,The user PC passes the verification code to the e-commerce server as the final verification result value;
전자상거래 서버가 최종 확인 결과에 따라 전자상거래를 완료하는 단계로 구성되는 것을 특징으로 한다.Characterized in that the e-commerce server is configured to complete the e-commerce according to the final confirmation result.
본 발명에 따른 전자상거래에서 거래 최종 확인 시스템 및 방법은 하드웨어로 구성된 유사 보안제품(보안 키보드 등)에 비하여 휴대하기 용이한 크기의 보조장치를 이용하여 휴대성을 증대 시켰으며, 최종 확인 정보를 암호화하여 보조장치에 전송하고 출력함으로써 사용자가 거래한 내용이 해킹에 의하여 변조 되었는지 또는 오류가 있는 지를 확인하는 방법을 해킹에 안전한 보조장치를 통해 제공함으로써 높은 보안성을 제공하는 효과가 있다. 이렇게 함으로써 메모리 해킹 등의 최신 해킹을 무력화 시킬 수 있어 전자상거래의 안전성을 높여 시장 활성화에 기여를 할 수 있는 효과가 있다.Transaction final confirmation system and method in the electronic commerce according to the present invention increased the portability by using an auxiliary device that is easy to carry compared to similar security products (secure keyboard, etc.) composed of hardware, and encrypts the final confirmation information By transmitting to the auxiliary device and outputting it, the user has a high security by providing a method for checking whether the transaction has been tampered with by a hack or an error through a safe device for hacking. By doing so, it is possible to disable the latest hacking such as memory hacking, thereby increasing the safety of e-commerce and contributing to the vitalization of the market.
도 1 및 도 2는 본 발명에서 보조장치의 두 가지 형태의 외부 구조도1 and 2 is an external structural diagram of two forms of the auxiliary device in the present invention
도 3은 본 발명에 따른 전자 상거래에서 거래 최종 확인 시스템 및 방법을 구현하기 위한 시스템의 일례를 도시한 블록도3 is a block diagram illustrating an example of a system for implementing a transaction final confirmation system and method in an electronic commerce in accordance with the present invention.
도 4 및 도 5는 본 발명에서 보조장치를 도시한 블록도4 and 5 are block diagrams showing an auxiliary device in the present invention.
도 6은 본 발명에 따른 전자 상거래에서 거래 최종 확인 시스템 및 방법을 도시한 흐름도6 is a flowchart illustrating a system and method for confirming a transaction finalization in an electronic commerce according to the present invention.
도 7은 본 발명에 따른 전자 상거래에서 거래 최종 확인 시스템 및 방법의 또 다른 예를 도시한 흐름도7 is a flowchart illustrating another example of a system and method for confirming a transaction finalization in an electronic commerce according to the present invention.
이하, 본 발명의 바람직한 실시예를 도면을 참조하여 상세하게 설명하기로 한다.Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the drawings.
본 발명에 따른 전자 상거래에서 거래 최종 확인 시스템에 있어서, 보조장치의 외부 구조는 두 가지의 형태이다.In the transaction final confirmation system in the electronic commerce according to the present invention, the external structure of the auxiliary device is of two types.
도 1을 참조하면, 보조장치(30)는 PC 연결 단자(31a), 출력부(32a) 그리고 버튼(33a, 33b)으로 구성된 다. PC 연결단자(31a)는 사용자 PC(20)와 연동하는 기능을 수행하는 부분이고, 출력부(32a)는 최종 확인 정보가 출력되는 부분이고, 버튼(33a, 33b)은 사용자로부터 최종 확인 입력을 받는 기능을 수행하는 부분이다.Referring to FIG. 1, the auxiliary device 30 includes a PC connection terminal 31a, an output unit 32a, and buttons 33a and 33b. The PC connection terminal 31a is a part that performs a function of interworking with the user PC 20, the output unit 32a is a part where final confirmation information is output, and the buttons 33a and 33b receive a final confirmation input from the user. This part performs the receiving function.
도 2를 참조하면, 보조장치(30)는 PC 연결 단자(31a) 그리고 출력부(32a)로 구성된다. PC 연결단자(31a)는 사용자 PC(20)와 연동하는 기능을 수행하는 부분이고, 출력부(32a)는 최종 확인 정보가 출력되는 부분이다.Referring to FIG. 2, the auxiliary device 30 includes a PC connection terminal 31a and an output unit 32a. The PC connection terminal 31a is a part that performs a function of interworking with the user PC 20, and the output unit 32a is a part where final confirmation information is output.
도 3을 참조하면, 전자상거래에서 보조장치를 이용한 최종 확인 시스템은 전자상거래 서버(10), 사용자 PC(20) 그리고 보조장치(30)로 구성된다.Referring to FIG. 3, the final confirmation system using the auxiliary device in the electronic commerce includes an electronic commerce server 10, a user PC 20, and an auxiliary device 30.
전자상거래 서버(10)는 인터넷으로 거래를 수행하는 서버이다. 전자상거래 서버(10)는 보조장치 보안 Key DB(13), 최종 확인정보 전달부(11) 그리고 최종확인 결과 수신부(12)로 구성된다. 보조장치 보안 Key DB(13)는 사용자의 보조장치에 저장되어있는 보안 Key를 관리한다. 최종 확인 정보 전달부(11)는 사용자의 보조장치로 최종 확인 정보를 암호화 하여 전달하는 기능을 수행한다. 최종 확인 결과 수신부(12)는 사용자로부터 최종 확인 정보의 결과를 수신하여 전자상거래의 진행을 마무리하는 기능을 수행한다.The e-commerce server 10 is a server that conducts transactions over the Internet. The e-commerce server 10 is composed of an auxiliary device security key DB 13, the final confirmation information transmission unit 11 and the final confirmation result receiving unit 12. The auxiliary device security key DB 13 manages a security key stored in the user's auxiliary device. The final confirmation information transmitting unit 11 performs a function of encrypting and delivering the final confirmation information to the user's auxiliary device. The final confirmation result receiving unit 12 receives a result of the final confirmation information from the user and performs a function of finishing the progress of the e-commerce.
사용자 PC(20)는 정보 전달부(21)와 최종 확인 결과 입력부(22)로 구성된다.The user PC 20 is composed of an information delivery unit 21 and a final confirmation result input unit 22.
정보 전달부(21)는 전자상거래 서버(10)와 보조장치(30) 간에 데이터를 전달하는 기능을 수행한다. 최종 확인 결과 입력부(22)는 보조장치(30)의 출력부(32)에 출력된 인증 코드를 이용하는 경우에 존재하며, 보조장치(30)의 출력부(32)에 출력된 인증코드를 입력하여 전자상거래 서버(10)로 전송하는 기능을 수행한다.The information transfer unit 21 performs a function of transferring data between the e-commerce server 10 and the auxiliary device 30. As a result of the final confirmation, the input unit 22 exists when the authentication code output to the output unit 32 of the auxiliary device 30 is used, and inputs the authentication code output to the output unit 32 of the auxiliary device 30. It performs the function of transmitting to the e-commerce server (10).
보조장치(30)는 보안 Key 저장부(34), 최종 확인 정보 수신부(31), 출력부(32), 그리고 최종확인 결과 입력부(32)로 구성된다. 보안 Key 저장부(34)는 전자상거래 서버(10)와 공유한 보안 key가 저장된 장소이다. 이 보안 Key를 이용하여 데이터 암호화 및 복호화를 수행한다. 최종 확인 정보 수신부(31)는 전자상거래 서버로(10)부터 암호화된 최종 확인 정보를 수신하여 복호화 하는 기능을 수행한다. 출력부(32)는 최종 확인 정보 수신부(31)에서 복호화된 최종 확인 정보를 출력하는 기능을 수행한다. 최종 확인 결과 입력부(33)는 보조장치(30)의 버튼으로 확인 결과를 입력하는 경우에 존재하며, 출력부(32)에 출력된 최종 확인 정보를 확인한 사용자가 확인 또는 취소 버튼을 선택하여 전자상거래 서버(10)로 최종 확인 정보를 전달하는 기능을 수행한다.The auxiliary device 30 includes a security key storage unit 34, a final confirmation information receiving unit 31, an output unit 32, and a final confirmation result input unit 32. The security key storage unit 34 is a place where the security key shared with the e-commerce server 10 is stored. Data encryption and decryption are performed using this security key. The final confirmation information receiver 31 performs a function of receiving and decrypting the encrypted final confirmation information from the e-commerce server 10. The output unit 32 performs a function of outputting the final confirmation information decoded by the final confirmation information receiver 31. The final confirmation result input unit 33 is present when the confirmation result is input by the button of the auxiliary device 30, and the user who confirms the final confirmation information output to the output unit 32 selects the confirmation or cancellation button and then e-commerce. It performs the function of delivering the final confirmation information to the server (10).
보조장치의 내부 구조는 두 가지의 형태이다.The internal structure of the auxiliary device is of two types.
도 4을 참조하면, 보조 장치(30)의 내부 구성은 PC Interface(31), CPU(35), Memory(36), Controller(37), 출력부(32) 그리고 버튼(33)으로 구성되어 있다.Referring to FIG. 4, the internal configuration of the auxiliary device 30 includes a PC interface 31, a CPU 35, a memory 36, a controller 37, an output unit 32, and a button 33. .
도 5을 참조하면, 보조 장치(30)의 내부 구성은 PC Interface(31), CPU(35), Memory(36), Controller(37) 그리고 출력부(32)로 구성되어 있다. Referring to FIG. 5, the internal configuration of the auxiliary device 30 includes a PC interface 31, a CPU 35, a memory 36, a controller 37, and an output unit 32.
도 4 와 도 5를 참조하면, PC Interface(31)는 PC와 USB, Serial, Parallel, 1394 등 유선 방식과 블루투스,무선 랜 등 무선 방식으로 연동하는 기능을 수행한다. CPU(35)는 암호화/복호화 등의 연산을 수행한다. Memory(36)는 보안 Key를 저장하고 있다. Controller(37)는 출력부(32) 및 버튼(33)을 제어하는 기능을 수행한다. 출력부(32)는 최종 확인 정보를 출력 하는 기능을 수행한다. 버튼(33)은 사용자가 최종 확인 정보를 보조장치(30)를 이용하여 입력 하는 경우에 확인 및 취소 기능을 담당하는 버튼이 존재하고, 최종 확인 정보를 생성하는 기능을 수행한다.4 and 5, the PC Interface 31 performs a function of interworking with a PC and a wired method such as USB, Serial, Parallel, 1394 and a wireless method such as Bluetooth, wireless LAN. The CPU 35 performs an operation such as encryption / decryption. The memory 36 stores a security key. The controller 37 performs a function of controlling the output unit 32 and the button 33. The output unit 32 performs a function of outputting final confirmation information. The button 33 has a button for confirming and canceling when the user inputs the final confirmation information using the auxiliary device 30, and performs the function of generating the final confirmation information.
도 6을 참조하면, 본 발명의 제 1 실시 예에 따른 전자 상거래에서 거래 최종 확인 시스템 및 방법은 전자 상거래 서버(10)가 전자 상거래의 최종 전 단계 까지 진행을 한 후 최종 확인 정보를 생성하여 암호화를 한다.Referring to FIG. 6, the transaction final confirmation system and method in the electronic commerce according to the first embodiment of the present invention encrypts the final confirmation information after the electronic commerce server 10 proceeds to the final step of the electronic commerce. Do
전자 상거래 서버(10)는 암호화된 최종 확인 정보를 사용자 PC(20)로 전달한다.The electronic commerce server 10 transmits the encrypted final confirmation information to the user PC 20.
사용자 PC(20)는 전달받은 암호화된 최종 확인 정보를 보조장치(30)로 전달한다. The user PC 20 transmits the received encrypted final confirmation information to the auxiliary device 30.
보조장치(30)는 전달받은 암호화된 최종 확인 정보를 복호화 한다.The auxiliary device 30 decrypts the received encrypted final confirmation information.
보조장치(30)는 최종 확인 정보를 출력부로 해당 내용을 출력한다. The auxiliary device 30 outputs the final confirmation information to the output unit.
이후, 사용자는 보조장치의 출력부에 출력된 최종 확인 정보를 보고 본인이 거래하고자 하는 내용과 일치 하면 확인 버튼을 아니면 취소 버튼을 누른다. 보조장치는 입력된 버튼 값을 최종 확인 결과로 변환 한 후 최종 확인 결과 값을 암호화 한다.After that, the user sees the final confirmation information displayed on the output of the auxiliary device and presses the confirm button or the cancel button if it matches the content he wants to trade. The auxiliary device converts the input button value into the final confirmation result and encrypts the final confirmation result value.
보조장치(30)는 암호화된 최종 확인 결과 값을 사용자 PC(20)로 전달한다.The auxiliary device 30 transmits the encrypted final confirmation result value to the user PC 20.
사용자 PC(20)는 암호화된 최종 확인 결과 값을 전자상거래 서버(10)로 전달한다. The user PC 20 transmits the encrypted final confirmation result value to the e-commerce server 10.
전자상거래 서버(10)는 암호화된 최종 확인 결과 수신 한 후 복호화 한다.The e-commerce server 10 decrypts after receiving the encrypted final confirmation result.
이후, 전자상거래 서버(10)는 해당 값에 따라 전자상거래의 완료 처리를 진행한다.Thereafter, the e-commerce server 10 proceeds with the completion of the e-commerce according to the value.
도 7을 참조하면, 본 발명의 제 2 실시예에 따른 전자 상거래에서 거래 최종 확인 시스템 및 방법은 전자 상거래 서버가 전자 상거래의 최종 전 단계 까지 진행을 한 후 최종 확인 정보를 생성하여 암호화를 한다.Referring to FIG. 7, the transaction final confirmation system and method in the electronic commerce according to the second embodiment of the present invention encrypts the final confirmation information after the electronic commerce server proceeds to the final step of the electronic commerce.
전자 상거래 서버(10)는 암호화된 최종 확인 정보를 사용자 PC(20)로 전달한다.The electronic commerce server 10 transmits the encrypted final confirmation information to the user PC 20.
사용자 PC(20)는 전달받은 암호화된 최종 확인 정보를 보조장치(30)로 전달한다. The user PC 20 transmits the received encrypted final confirmation information to the auxiliary device 30.
보조장치(30)는 전달받은 암호화된 최종 확인 정보를 복호화 한다.The auxiliary device 30 decrypts the received encrypted final confirmation information.
보조장치(30)는 최종 확인 정보를 출력부로 해당 내용을 출력한다. The auxiliary device 30 outputs the final confirmation information to the output unit.
사용자는 보조장치(30)의 출력부에 출력된 최종 확인 정보를 보고 본인이 거래한 내용과 일치 하면, 출력부에 출력된 인증코드를 사용자 PC(20)에 입력한다. When the user sees the final confirmation information output to the output unit of the auxiliary device 30 and matches the contents of his / her transaction, the user inputs the authentication code outputted to the output unit to the user PC 20.
사용자 PC(20)는 입력된 최종 확인 결과 값을 전자상거래 서버(10)로 전송한다.The user PC 20 transmits the input final confirmation result value to the e-commerce server 10.
전자상거래 서버(10)는 수신한 최종 확인 결과의 값에 따라 전자상거래의 완료 처리를 진행한다.The e-commerce server 10 performs the completion process of the e-commerce according to the value of the received final confirmation result.

Claims (7)

  1. 보조장치 보안 Key DB(13)를 포함하는 전자상거래 서버(10)는 전자상거래 최종 확인 정보를 생성 및 암호화 하여 전달하고, 보조장치(30)는 CPU(35)와 메모리(36), 그리고 출력부(32)를 가지고 있고, 수신한 최종 확인 정보를 복호화하여 최종 확인 정보를 출력부에 출력 하는 기능을 수행하며, 사용자로부터 최종 확인 결과가 입력되면 해당값을 전자상거래 서버로 전송하여 전자상거래 완료 처리를 하는 것을 특징으로 하는 전자상거래에서 최종 확인 시스템.The e-commerce server 10 including the auxiliary device security key DB 13 generates and encrypts the e-commerce final confirmation information, and the auxiliary device 30 includes a CPU 35 and a memory 36 and an output unit. (32) and decrypts the received final confirmation information and outputs the final confirmation information to the output unit, and when the final confirmation result is input from the user, the corresponding value is transmitted to the e-commerce server to complete the e-commerce processing. Final confirmation system in the e-commerce, characterized in that the.
  2. 제 1 항에 있어서,The method of claim 1,
    상기 보조장치(30)와 사용자 PC(20)는 USB, Serial, Parallel, 1394 등 유선 및 블루투스,무선 랜 등 무선 방식을 이용하여 연동하는 것을 특징으로 하는 전자상거래에서 최종 확인 시스템.The auxiliary device 30 and the user PC (20) is the final confirmation system in the electronic commerce, characterized in that using a wireless method such as USB, Serial, Parallel, 1394 wired and Bluetooth, wireless LAN.
  3. 제 1 항에 있어서, The method of claim 1,
    상기 보조장치(30)의 외부 구성은 LCD 또는 LED 등의 시각적 출력을 할 수 있는 출력부(32)를 가지는 것을 특징으로 하는 전자상거래에서 최종 확인 시스템.The external configuration of the auxiliary device 30 is the final confirmation system in the e-commerce, characterized in that it has an output unit (32) capable of visual output such as LCD or LED.
  4. 제 2 항 또는 제 3 항에 있어서, The method of claim 2 or 3,
    상기 보조장치(30)의 외부 구성은 사용자가 최종 확인 결과를 입력할 수 있는 버튼을 가지는 것을 특징으로 하는 전자상거래에서 최종 확인 시스템.The external configuration of the auxiliary device 30 is a final confirmation system in the e-commerce, characterized in that the user has a button for inputting the final confirmation result.
  5. 제 1 항에 있어서, The method of claim 1,
    상기 보조장치(30)와 전자상거래 서버(10)는 동일한 보안 Key를 가지는 것을 특징으로 하는 전자상거래에서 최종 확인 시스템.Final assistance system in electronic commerce, characterized in that the auxiliary device 30 and the e-commerce server 10 has the same security key.
  6. 상기 전자상거래 서버(10)가 최종 확인 정보를 생성 및 암호화 하여 사용자 PC(20)로 전달하는 단계, 사용자 PC(20)가 암호화된 최종 확인 정보를 보조장치(30)로 전달하는 단계, 보조장치(30)가 전달된 암호화된 최종 확인 정보를 복호화 하는 단계, 보조장치(30)가 암호화된 최종 확인 정보를 출력부(32)로 출력하는 단계, 보조장치(30)가 사용자로부터 버튼을 이용하여 최종 확인 결과를 입력받는 단계, 보조장치(30)가 최종 확인 결과를 암호화하여 사용자 PC(20)로 전달하는 단계, 사용자 PC(20)가 암호화된 최종 확인 결과를 전자상거래 서버(10)로 전달하는 단계, 전자상거래 서버(10)가 암호화된 최종 확인 결과를 복호화하는 단계, 전자상거래 서버(10)가 최종 확인 결과에 따라 전자상거래를 완료하는 단계로 구성되는 것을 특징으로 하는 전자상거래에서 최종 확인 방법.Generating and encrypting the final confirmation information by the electronic commerce server 10 to the user PC 20, and transmitting the final confirmation information by the user PC 20 to the auxiliary device 30. (30) decrypting the transmitted encrypted final confirmation information, and the auxiliary device 30 outputting the encrypted final confirmation information to the output unit 32, and the auxiliary device 30 uses a button from the user. Receiving a final confirmation result, the auxiliary device 30 encrypts the final confirmation result and transmits to the user PC 20, the user PC 20 transmits the encrypted final confirmation result to the e-commerce server 10 Final confirmation in the e-commerce, characterized in that the e-commerce server 10 decrypts the encrypted final confirmation result, the e-commerce server 10 completes the e-commerce according to the final confirmation result. Way.
  7. 전자상거래 서버(10)가 최종 확인 정보를 생성 및 암호화 하여 사용자 PC(20)로 전달하는 단계, 사용자 PC(20)가 암호화된 최종 확인 정보를 보조장치(30)로 전달하는 단계, 보조장치(30)가 전달된 암호화된 최종 확인 정보를 복호화 하는 단계, 보조장치가 암호화된 최종 확인 정보를 출력부(32)로 출력하는 단계, 사용자PC(20)가 사용자로부터 보조장치에 출력된 인증 코드 값을 입력 받는 단계, 사용자 PC(20)가 인증 코드를 최종 확인 결과 값으로 전자상거래 서버(10)로 전달하는 단계, 전자상거래 서버(10)가 최종 확인 결과에 따라 전자상거래를 완료하는 단계로 구성되는 것을 특징으로 하는 전자상거래에서 최종 확인 방법.The electronic commerce server 10 generates and encrypts the final confirmation information and transmits the final confirmation information to the user PC 20, and the user PC 20 delivers the encrypted final confirmation information to the auxiliary device 30. 30) decrypting the transmitted encrypted final confirmation information, the auxiliary device outputs the encrypted final confirmation information to the output unit 32, the user PC 20, the authentication code value output from the user to the auxiliary device Receiving the input step, the user PC 20 to pass the authentication code as the final confirmation result value to the e-commerce server 10, the e-commerce server 10 is configured to complete the e-commerce according to the final confirmation result Final confirmation method in the e-commerce, characterized in that.
PCT/KR2009/000064 2008-01-17 2009-01-07 Final confirmation system and method for trading in electronic commerce WO2009091158A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020080005130A KR20080012389A (en) 2008-01-17 2008-01-17 Final confirm system and method for trading of internet business
KR10-2008-0005130 2008-01-17

Publications (2)

Publication Number Publication Date
WO2009091158A2 true WO2009091158A2 (en) 2009-07-23
WO2009091158A3 WO2009091158A3 (en) 2009-10-15

Family

ID=39340516

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2009/000064 WO2009091158A2 (en) 2008-01-17 2009-01-07 Final confirmation system and method for trading in electronic commerce

Country Status (2)

Country Link
KR (1) KR20080012389A (en)
WO (1) WO2009091158A2 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040108274A (en) * 2003-06-17 2004-12-23 엘지전자 주식회사 A method and a device of security certification for computer with mobile phone
US20050015588A1 (en) * 2003-07-17 2005-01-20 Paul Lin Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions
US20050050330A1 (en) * 2003-08-27 2005-03-03 Leedor Agam Security token
KR20070012106A (en) * 2005-07-22 2007-01-25 주식회사 엘립시스 Token and method for personal authentication

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040108274A (en) * 2003-06-17 2004-12-23 엘지전자 주식회사 A method and a device of security certification for computer with mobile phone
US20050015588A1 (en) * 2003-07-17 2005-01-20 Paul Lin Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions
US20050050330A1 (en) * 2003-08-27 2005-03-03 Leedor Agam Security token
KR20070012106A (en) * 2005-07-22 2007-01-25 주식회사 엘립시스 Token and method for personal authentication

Also Published As

Publication number Publication date
KR20080012389A (en) 2008-02-11
WO2009091158A3 (en) 2009-10-15

Similar Documents

Publication Publication Date Title
WO2018066961A1 (en) Trusted execution environment secure element communication
WO2014082387A1 (en) Nfc-based fingerprint authentication system and fingerprint authentication method
WO2011062364A2 (en) User authentication system, user authentication apparatus, smart card, and user authentication method for ubiquitous authentication management
WO2017057899A1 (en) Integrated authentication system for authentication using single-use random numbers
WO2013176491A1 (en) Method for authenticating web service user
US20020150249A1 (en) Communication apparatus
WO2019139200A1 (en) Method for intention expression identification using block chain, by which anonymity can be guaranteed and sybil attack can be prevented
WO2016085062A1 (en) Authentication method using nfc authentication card
WO2014086112A1 (en) Fingerprint authentication based image management system and image management method
WO2013100413A1 (en) Smartphone credit card payment system using an earphone jack, and method for same
WO2017105072A1 (en) Authentication device on the basis of biometric information and operation method therefor
WO2018016930A1 (en) Authorized control of an embedded system using end-to-end secure element communication
WO2014104539A1 (en) Method and apparatus for managing passcode
WO2012043963A1 (en) Authentication method and server
WO2011136464A1 (en) Password security input system using shift value of password key and password security input method thereof
WO2018186543A1 (en) Data encryption method and system using device authentication key
WO2014092425A1 (en) Method for performing integrated user authentication by random number generation
WO2009069872A1 (en) System and method for authenticating one-time virtual secret information
WO2019132069A1 (en) Medical data transmission authentication server, medical data transmission terminal and medical data receiving terminal
JPH1139082A (en) Keyboard device having security function and method therefor
WO2009091158A2 (en) Final confirmation system and method for trading in electronic commerce
WO2016200107A1 (en) User non-repudiation payment system and method using user terminal
WO2015160190A1 (en) Device and method for generating virtual keyboard for user authentication
WO2021167336A1 (en) Secure device equipped with quantum-random-number-based quantum encryption chip and secure communication service provision method using same
WO2022060156A1 (en) Method, apparatus, and program for updating firmware of authenticator

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09701977

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC

122 Ep: pct application non-entry in european phase

Ref document number: 09701977

Country of ref document: EP

Kind code of ref document: A2