WO2016159462A1 - Procédé d'authentification d'un jeton et système utilisant une valeur de vérification générée sur la base du temps courant - Google Patents

Procédé d'authentification d'un jeton et système utilisant une valeur de vérification générée sur la base du temps courant Download PDF

Info

Publication number
WO2016159462A1
WO2016159462A1 PCT/KR2015/009769 KR2015009769W WO2016159462A1 WO 2016159462 A1 WO2016159462 A1 WO 2016159462A1 KR 2015009769 W KR2015009769 W KR 2015009769W WO 2016159462 A1 WO2016159462 A1 WO 2016159462A1
Authority
WO
WIPO (PCT)
Prior art keywords
token
card number
verification value
server
virtual card
Prior art date
Application number
PCT/KR2015/009769
Other languages
English (en)
Korean (ko)
Inventor
이지호
Original Assignee
비씨카드(주)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 비씨카드(주) filed Critical 비씨카드(주)
Publication of WO2016159462A1 publication Critical patent/WO2016159462A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/14Payment architectures specially adapted for billing systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to a token authentication method and a token authentication system using a verification value generated based on a current time, and more particularly, to generate a verification value based on a current time and to authenticate a token using the generated verification value.
  • the present invention relates to a token authentication method and a token authentication system for performing payment when token authentication is completed.
  • the token generation server continues to generate new tokens and issue them to the user terminal, and store the issued tokens in the database for a specified time to validate the tokens, and the token verification server at the time of transaction approval.
  • the token generation server By comparing the token received from the merchant terminal with the token temporarily stored in the database, the validity of the transaction can be verified, thereby providing appropriate security in a simple manner.
  • An object of the present invention is to provide a token authentication method and a token authentication system for generating a verification value based on a current time, authenticating a token using the generated verification value, and performing payment when token authentication is completed. .
  • Another object of the present invention is to provide a token authentication method and a token authentication system in which a device for issuing a virtual card number including a token and a device for authenticating a token are physically or logically separated.
  • the present invention provides a token authentication method and token authentication system for mitigating the risk of transaction duplication, simplifying the transaction processing system, and stably using tokens in various media and environments in transactions through mobile devices. It aims to do it.
  • the token generation server in the method of authenticating a token in the token authentication system, the token generation server generates a verification value by using a unique key generated based on the current time. Generating a virtual card number including the generated verification value and a token and issuing to the user terminal; Receiving, at a token verification server, an authentication request including identification information corresponding to the virtual card number through an affiliated store terminal recognized from the user terminal; In the token verification server, a verification value is regenerated using a unique key generated based on the generation time of the virtual card number, and a verification value included in the regenerated verification value and the virtual card number corresponding to the identification information is generated.
  • the virtual card number issuing step may include generating, at the token generation server, the unique key using Julian minute numbers based on a current time.
  • a method for authenticating a token in a token authentication system after receiving the key generation information from the token generation server in the user terminal, through the key generation information Generating a verification value by using a unique key generated based on a current time, generating a virtual card number including the generated verification value and a token and issuing it to a token store connected to the user terminal; Receiving, at a token verification server, an authentication request including identification information corresponding to the virtual card number through an affiliated store terminal recognized from the user terminal; In the token verification server, a verification value is regenerated using a unique key generated based on the generation time of the virtual card number, and a verification value included in the regenerated verification value and the virtual card number corresponding to the identification information is generated.
  • the virtual card number issuing step may include generating, at the user terminal, the unique key using Julian minute numbers based on a current time.
  • a verification value is generated by using a unique key generated based on the current time, and a virtual card number including the generated verification value and token is generated.
  • Token generation server to issue to the user terminal;
  • An affiliated store terminal recognizing identification information corresponding to the virtual card number from the user terminal;
  • a token verification server that compares the verification value included in the virtual card number corresponding to the information and performs authentication on the token included in the virtual card number; And a payment server configured to receive a payment request including the token from the token verification server and perform a payment by a payment means matched with the token when authentication of the token is completed.
  • the token generation server may generate the unique key using Julian minute numbers based on the current time.
  • the verification value after receiving the key generation information from the token generation server, the verification value by using a unique key generated based on the current time through the key generation information
  • An affiliated store terminal recognizing identification information corresponding to the virtual card number from the user terminal; Receives an authentication request including the recognized identification information through the affiliated store terminal, regenerates a verification value using a unique key generated based on a generation time of the virtual card number, and generates the regenerated verification value and the identification.
  • a token verification server that compares the verification value included in the virtual card number corresponding to the information and performs authentication on the token included in the virtual card number; And a payment server configured to receive a payment request including the token from the token verification server and perform a payment by a payment means matched with the token when authentication of the token is completed.
  • the user terminal may generate the unique key using Julian minute numbers based on the current time.
  • a device for issuing a virtual card number including a token and a device for authenticating a token may be provided in a token authentication system in which the token is physically or logically separated, even in an unexpected situation such as a system failure. It can provide a consistent service.
  • the user terminal may generate a verification value by itself, even when offline, and issue a virtual card number including the verification value and the token, the token is not always connected online. Issue of the virtual card number issuance can be made.
  • FIG. 1 is a diagram illustrating a token authentication system according to an embodiment of the present invention.
  • FIG. 2 is a diagram illustrating a process of performing a payment through token authentication according to an embodiment of the present invention.
  • FIG. 3 is a diagram illustrating a process of performing a payment through token authentication according to another embodiment of the present invention.
  • FIG. 1 is a diagram illustrating a token authentication system according to an embodiment of the present invention.
  • the token authentication system is a user terminal 100, merchant terminal 200, token generation server 300, token verification server 400 and communication with each other via a communication network and It may include a payment server 500.
  • a communication network can be configured without regard to its communication aspects such as wired and wireless.
  • Local area network LAN
  • metropolitan area network MAN: Metropolitan Area Network
  • WAN wide area network
  • the communication network according to the present invention may be a mobile communication network, and may be another well-known World Wide Web (WWW) or the like.
  • WWW World Wide Web
  • the user terminal 100 may be any type of handheld based wireless communication that can be connected to an external server through a network such as a mobile phone, a smartphone, a personal digital assistant (PDA), a portable multimedia player (PMP), a tablet PC, and the like.
  • the device may include a device, and may also include a communication device that may be connected to an external server through a network, such as an IPTV including a desktop PC, a tablet PC, a laptop PC, and a set-top box.
  • the user terminal 100 may perform user authentication by using a pre-registered personal identification means such as SMS, public certificate, payment password, and the like.
  • the user terminal 100 may generate identification information corresponding to the virtual card number by using the virtual card number issued by the token generation server 300 and allow the corresponding identification information to be recognized by the affiliated store terminal 200.
  • the identification information may be formed in various forms such as voice, text, barcode, QR code, NFC tag information, may include information of the payment means, or may include specific information corresponding to the payment means.
  • the user terminal 100 may be used as various payment means such as voice, text, barcode, QR code, NFC, etc. by using the identification information corresponding to the virtual card number, the identification information is the merchant terminal 200 ), The payment may be requested through a pre-registered payment means corresponding to the identification information.
  • the affiliated store terminal 200 is a terminal installed in an affiliated affiliate store of a business operator (for example, a card company) operating the payment server 500, and may be a POS terminal, and a POS value may be previously issued to the POS terminal.
  • the POS value may be issued to a part of the plastic card (for example, the TRACK2 area) as a service code value for processing the cooperative service in the card system.
  • the area in which the POS value is issued to the actual card may be composed of a card number, expiration date, service code (CVC), RPU, etc., virtual card number, token validity period, service code ( CVC), verification values, and the like.
  • the affiliated store terminal 200 may recognize identification information corresponding to the virtual card number from the user terminal 100.
  • the affiliated store terminal 200 may recognize identification information such as a barcode and a QR code displayed on the user terminal 100.
  • NFC may be established through short-range communication.
  • Identification information such as a tag may be recognized.
  • the affiliated store terminal 200 may transmit an authentication request including identification information recognized from the user terminal 100 to the token verification server 400.
  • the affiliated store terminal 200 may transmit an authentication request to the token verification server 400 so that payment through a pre-registered payment means corresponding to the identification information is performed.
  • the token generation server 300 may generate a verification value by using a unique key generated based on the current time. In this case, the token generation server 300 may generate a verification value after the user authentication is completed in the user terminal 100.
  • the verification value is a hash value generated through cryptographic and hash operations every time a virtual card number is generated or an authentication request, in order to verify the validity of a payment, in the token verification server 400. It can be used to check if the token is issued normally.
  • the length of the verification value may be set to be used less than a predetermined digit, in this case, a number located outside the predetermined digit may not be used. For example, when only the first five digits of the verification value are set to be used, when the verification value is eight digits, only the first five digits may be used and the latter three digits may not be used.
  • the process of generating the verification value by connecting the token generating server 300 to the payment server 500 is not limited thereto, the token generating server 300 is included in the payment server 500, payment The server 500 may perform a function of the token generation server 300.
  • the token generation server 300 may obtain a master key from the payment server 500 that manages information about payment means (for example, cards) previously issued to the user.
  • the payment server 500 may generate and manage a master key for each user registered as a member in advance in order to use a payment method.
  • the payment server 500 is a card company server
  • the card company server may A master key can be generated and managed for each user registered as a card member.
  • the master key is a unique key that matches the identification number (for example, the card number) of the payment means issued to the user, and may be used in the encryption process when generating the verification value.
  • the token generation server 300 may generate a card key using the master key.
  • the card key may be utilized for verification or user authentication for each card.
  • the token generation server 300 may generate a session key using the card key. At this time, the token generation server 300 may generate a separate session key using each minute and additional data using the Julian minute number.
  • the Julian minute number is an extension of the Julian date to minutes, which means the number of days that have elapsed since the start of a particular year, for example, Julian for January 15, 2015.
  • the date may be "15".
  • the line number of minutes means the number of minutes that have elapsed since the start of a particular year.
  • the number of Julian minutes for January 15, 2015 corresponds to 15 days, 24 hours, and 60 minutes. It may be "21600" calculated by multiplying the number.
  • the token generation server 300 may generate a session key which is a unique key using Julian minute number based on the current time when user authentication is completed, and generate a verification value using the generated session key. That is, the token generation server 300 may generate a verification value by using a unique key generated based on the current time.
  • the token generation server 300 may generate a virtual card number including the generated verification value and the token, and issue the generated virtual card number to the user terminal 100.
  • the token is a virtual card number designated to be used in a payment service, and may be a one-time token that can be used until a predetermined token validity period expires, and the token validity period is in YYMM format. 0 to 4 digits may be used depending on the length of the token.
  • the virtual card number may be a total of 21 digits
  • the token may be configured to 16 digits
  • the verification value is 5 digits
  • the virtual card number may be configured, but is not limited thereto. have.
  • the token verification server 400 may receive an authentication request from the affiliated store terminal 200 and regenerate the verification value using a unique key generated based on the token generation time.
  • the token verification server 400 Upon regenerating the verification value, the token verification server 400 generates a session key which is the only key using the Julian minute number, as described above, based on the time at which the token generation server 300 generates the virtual card number. You can regenerate verification values.
  • the token verification server 400 may perform authentication on the token by comparing the regenerated verification value with the verification value included in the virtual card number, that is, the verification value generated by the token generation server 300.
  • the verification value generated by the token generation server 300 and the verification value generated by the token verification server 400 are the same or corresponding values, and the token verification server 400 compares the verification values and compares them. If the result matches or is found to match, the authentication for the token can be completed.
  • the validity period is set to 3 minutes in the virtual card number, and the token generation server 300 generates the first verification value based on the current time at 10:05, thereby generating the first verification value and the token. After issuing the virtual card number, it is assumed that the token verification server 400 received the authentication request from the merchant terminal 200 at 10:08.
  • the token verification server 400 may generate a second verification value based on 10: 7 within 10 minutes from 3 minutes to 10 minutes, and compare the first verification value with the second verification value.
  • the comparison result may not match.
  • the token verification server 400 may generate a second verification value based on 10: 6, which is one minute earlier than 10: 7, and may compare the first verification value with the second verification value. The results may not match.
  • the token verification server 400 may generate a second verification value based on 10: 5, which is one minute earlier than 10: 6, and may compare the first verification value with the second verification value. Since both the first verification value and the second verification value are generated based on 10:05, the comparison result is consistent, so that authentication of the token can be completed.
  • the token verification server 400 accelerates the time by one minute from the time when the authentication request is received until the validity period set in the virtual card number, generates a verification value based on each time, and compares the token to the token through the comparison process. Authentication can be performed.
  • the token generation server 300 and the token verification server 400 may be implemented as one integrated server.
  • the token verification server 400 may transmit a payment request to the payment server 500.
  • the token verification server 400 may check the token included in the virtual card number corresponding to the identification information by using the identification information included in the authentication request received from the merchant terminal 200, and includes the corresponding token.
  • the payment request may be transmitted to the payment server 500.
  • the payment server 500 may receive a payment request including the token from the token verification server 400 that has completed the authentication of the token, and check the payment method matched with the token to perform payment with the corresponding payment method. Can be.
  • the payment server 500 may transmit the payment completion details to the user terminal 100 or the affiliated store terminal 200.
  • FIG. 2 is a diagram illustrating a process of performing a payment through token authentication according to an embodiment of the present invention.
  • a process of performing operations in the token generation server 300 and the token verification server 400, respectively, is not limited thereto, and the token generation server 300 and the token verification server 400 are integrated into one.
  • the server may perform operations, and the payment server 500 may include both the token generation server 300 and the token verification server 400, and may perform all operations in the payment server 500.
  • the user terminal 100 may perform the user authentication by the user authentication means such as SMS, authorized certificate, payment password.
  • the user authentication means such as SMS, authorized certificate, payment password.
  • the user terminal 100 may transmit user authentication completion information for notifying that the user authentication is completed, to the token generation server 300.
  • the token generation server 300 receives the user authentication completion information from the payment server 500 You may.
  • the token generation server 300 may confirm that the user authentication is completed in the user terminal 100 by using the user authentication completion information received in step S202.
  • the token generation server 300 may generate a session key which is the only key based on the current time, and generate a verification value by using the session key and user information or payment information.
  • a virtual card number including a token, a verification value, and the like may be generated.
  • the token generation server 300 may generate a 21-digit virtual card number including a 16-digit token corresponding to the actual card number issued to the user and a 5-digit verification value generated based on the current time.
  • a Cryptogram version value When generating the virtual card number in the token generation server 300, a Cryptogram version value, a transaction classification value, PAN, PAN validity period, MD key, etc. may be used or generated.
  • the Cryptogram version value is a value that specifies the type and length of encryption and data used for generation and authentication of a verification value for payment service, and the most efficient encryption according to the environment in which the virtual card number is issued. It can be a formatted, version-separated value.
  • the transaction division value is a code value for division of a transaction type of a payment service, and may be a code value separately provided for each payment method.
  • the PAN is a real card number matched with the token
  • the PAN validity period is a card validity period set in the real card, and may be in the form of YYMM
  • the MD key is a HSM (High Speed Memory) master master key. Can be stored).
  • the token generation server 300 may issue and transmit the virtual card number generated in operation S203 to the user terminal 100.
  • the user terminal 100 may generate identification information corresponding to the virtual card number by using the virtual card number issued from the token generation server 300. That is, the user terminal 100 may generate identification information corresponding to the virtual card number so that the user terminal 100 may be used as various payment means such as voice, text, barcode, QR code, and NFC.
  • the user terminal 100 may transmit identification information to the affiliated store terminal 200, and the affiliated store terminal 200 may recognize the corresponding identification information.
  • the affiliated store terminal 200 may recognize the corresponding identification information, and the user When the terminal 100 displays identification information such as a barcode or a QR code on the screen, the affiliated store terminal 200 may recognize the identification information using a reader connected to the affiliated store terminal 200.
  • the affiliated store terminal 200 may transmit an authentication request including identification information recognized from the user terminal 100 to the token verification server 400. At this time, the affiliated store terminal 200 may transmit an authentication request to the token verification server 400 in a VAN or a direct approval method.
  • the token verification server 400 may generate a unique key based on the generation time of the virtual card number generated in operation S203, and then regenerate the verification value using the generated unique key. have.
  • the token verification server 400 checks the virtual card number corresponding to the identification information included in the authentication request received in step S207, compares the verification value included in the virtual card number with the regenerated verification value to the token. Authentication can be performed. At this time, the token verification server 400 may allow the transaction for payment by completing the authentication for the token when the verification values match.
  • the data used for token authentication may be a token, a token validity period, Julian minute number, a verification value, a POS value, a Cryptogram version value, a transaction classification value, and the like.
  • the token verification server 400 may transmit a payment request including the token to the payment server 500 in step S207 when authentication for the token is completed.
  • the payment server 500 may check the token included in the payment request according to the payment request received in operation S209 and perform payment by a payment means matched with the token.
  • the payment server 500 may transmit the payment completion details to the user terminal 100 or the affiliated store terminal 200.
  • FIG. 3 is a diagram illustrating a process of performing a payment through token authentication according to another embodiment of the present invention.
  • FIG. 3 a process of generating a virtual card number in the user terminal 100 is illustrated, and a description overlapping with the description in FIG. 2 will be omitted.
  • step S301 the user terminal 100 may perform user authentication, as in step S201.
  • the token generation server 300 directly to the virtual card number You can only perform the process of requesting token issuance without creating it. For example, the token generation server 300 may transmit only key generation information, which is basic data required for key generation, to the user terminal 100.
  • the user terminal 100 may generate a unique key by using the Julian minute number based on the operation performed by the token generation server 300 in operation S203, that is, the current time, and generate the unique key.
  • the unique key Using to generate a verification value, to generate a virtual card number including the verification value and the token, it is possible to issue the generated virtual card number to the token storage.
  • the user terminal 100 may generate a verification value by itself using the key generation information received from the token generation server 300 in advance, so that the user terminal 100 generates the verification value every time a transaction request is generated. Since the verified value does not need to be received, the virtual card number can be generated even offline.
  • the user terminal 100 may generate identification information corresponding to the virtual card number, as in operation S205.
  • the user terminal 100 may transmit identification information to the affiliated store terminal 200, in operation S206.
  • the affiliated store terminal 200 may transmit an authentication request including identification information to the token verification server 400, as in operation S207.
  • the token verification server 400 may perform authentication on the token, as in operation S208.
  • the token verification server 400 may transmit a payment request to the payment server 500 as in operation S209.
  • the payment server 500 may perform payment according to a payment request, as in operation S210.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Cash Registers Or Receiving Machines (AREA)

Abstract

L'invention concerne, selon un mode de réalisation, un procédé d'authentification d'un jeton par un système d'authentification de jeton, au moyen d'une valeur de vérification générée sur la base d'un temps courant. Le procédé consiste: à générer une valeur de vérification au moyen d'une clé unique générée sur la base du temps courant; à générer un numéro de carte virtuelle comprenant la valeur de vérification générée et un jeton; et à envoyer le numéro de carte virtuelle à un terminal d'utilisateur, par le biais d'un serveur de génération de jeton; à recevoir, par un serveur de vérification de jeton, une demande d'authentification comprenant des informations d'identification correspondant au numéro de carte virtuelle, par l'intermédiaire d'un terminal de commerçant reconnu par le terminal d'utilisateur; à utiliser le serveur de vérification de jeton pour effectuer l'authentification du jeton inclus dans le numéro de carte virtuelle, par régénération d'une valeur de vérification à l'aide de la clé unique générée en fonction d'un moment auquel le numéro de carte virtuelle est généré, et comparer la valeur de vérification regénérée et la valeur de vérification incluse dans le numéro de carte virtuelle correspondant aux informations d'identification; et, à l'issue de l'authentification du jeton, à transmettre à un serveur de paiement, par le biais du serveur de vérification de jeton, une demande de paiement comprenant le jeton, pour permettre la réalisation d'un paiement par un moyen de paiement associé au jeton.
PCT/KR2015/009769 2015-04-03 2015-09-17 Procédé d'authentification d'un jeton et système utilisant une valeur de vérification générée sur la base du temps courant WO2016159462A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR10-2015-0047577 2015-04-03
KR20150047577 2015-04-03
KR1020150056211A KR101624266B1 (ko) 2015-04-03 2015-04-21 현재 시간을 기초로 생성된 검증 값을 이용한 토큰 인증 방법 및 토큰 인증 시스템
KR10-2015-0056211 2015-04-21

Publications (1)

Publication Number Publication Date
WO2016159462A1 true WO2016159462A1 (fr) 2016-10-06

Family

ID=56104819

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2015/009769 WO2016159462A1 (fr) 2015-04-03 2015-09-17 Procédé d'authentification d'un jeton et système utilisant une valeur de vérification générée sur la base du temps courant

Country Status (2)

Country Link
KR (1) KR101624266B1 (fr)
WO (1) WO2016159462A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019058238A1 (fr) * 2017-09-19 2019-03-28 Adari Swarna Kumari Système et procédé pour effectuer des transactions financières à l'aide d'une insertion virtuelle de carte bancaire
CN112016918A (zh) * 2019-05-30 2020-12-01 小米数字科技有限公司 一种签名写入方法、签名验证方法、装置及存储介质
GB2620370A (en) * 2022-06-28 2024-01-10 Mastercard International Inc Securely and efficiently using tokenised VCNs on electronic devices, and in e-commerce platforms

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102049527B1 (ko) * 2017-07-20 2019-11-27 중부대학교 산학협력단 사용자 인증 서버 및 시스템
KR102251543B1 (ko) * 2019-05-13 2021-05-13 (주)한우리아이티 가맹점 회원 코드를 이용한 카드 결제의 중계 방법
US11750597B2 (en) 2021-06-18 2023-09-05 Kyndryl, Inc. Unattended authentication in HTTP using time-based one-time passwords

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010047335A1 (en) * 2000-04-28 2001-11-29 Martin Arndt Secure payment method and apparatus
KR20050097624A (ko) * 2004-04-02 2005-10-10 최준수 동적 신용카드 정보 기록형 핸드폰 및 그 결제 시스템
KR20080062525A (ko) * 2006-12-29 2008-07-03 (주)엘엔아이소프트 동기화된 인증키를 이용한 인증시스템
KR101009914B1 (ko) * 2010-06-03 2011-01-20 (주)지락인포메이션 Otmc를 이용한 카드 결제 방법, 결제 모듈 및 결제 승인 서버
KR20140077013A (ko) * 2012-12-13 2014-06-23 에스케이플래닛 주식회사 오프라인 상거래를 위한 결제 시스템, 전자 결제 지원 방법 및 장치

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010047335A1 (en) * 2000-04-28 2001-11-29 Martin Arndt Secure payment method and apparatus
KR20050097624A (ko) * 2004-04-02 2005-10-10 최준수 동적 신용카드 정보 기록형 핸드폰 및 그 결제 시스템
KR20080062525A (ko) * 2006-12-29 2008-07-03 (주)엘엔아이소프트 동기화된 인증키를 이용한 인증시스템
KR101009914B1 (ko) * 2010-06-03 2011-01-20 (주)지락인포메이션 Otmc를 이용한 카드 결제 방법, 결제 모듈 및 결제 승인 서버
KR20140077013A (ko) * 2012-12-13 2014-06-23 에스케이플래닛 주식회사 오프라인 상거래를 위한 결제 시스템, 전자 결제 지원 방법 및 장치

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019058238A1 (fr) * 2017-09-19 2019-03-28 Adari Swarna Kumari Système et procédé pour effectuer des transactions financières à l'aide d'une insertion virtuelle de carte bancaire
CN112016918A (zh) * 2019-05-30 2020-12-01 小米数字科技有限公司 一种签名写入方法、签名验证方法、装置及存储介质
GB2620370A (en) * 2022-06-28 2024-01-10 Mastercard International Inc Securely and efficiently using tokenised VCNs on electronic devices, and in e-commerce platforms

Also Published As

Publication number Publication date
KR101624266B1 (ko) 2016-05-26

Similar Documents

Publication Publication Date Title
WO2016159462A1 (fr) Procédé d'authentification d'un jeton et système utilisant une valeur de vérification générée sur la base du temps courant
WO2017222170A1 (fr) Procédé et serveur de société de cartes servant à traiter un paiement en vérifiant une valeur de vérification, procédé pour prendre en charge un paiement en utilisant la valeur de vérification, et carte à puce
WO2018194378A1 (fr) Procédé d'approbation de l'utilisation d'une carte à l'aide d'un identifiant de jeton basé sur une chaîne de blocs et serveur l'utilisant
WO2017119564A1 (fr) Système et procédé de transmission d'informations sécurisées pour une authentification d'identité personnelle
WO2011062365A2 (fr) Système et procédé pour authentifier de l'argent électronique à l'aide d'une carte intelligente et d'un terminal de communication
WO2014082387A1 (fr) Système d'authentification d'empreinte digitale et procédé d'authentification d'empreinte digitale basés sur nfc
WO2020204444A2 (fr) Procédé de sécurité par clé secrète consistant en la distribution et le stockage de clé dans un noeud de chaîne de blocs et/ou un dispositif personnel renfermant une application portefeuille installée
WO2011062364A2 (fr) Système et appareil d'authentification d'utilisateur, carte intelligente et procédé d'authentification d'utilisateur pour une gestion d'authentification universelle
WO2019107654A1 (fr) Dispositif de génération d'argent virtuel de crédit et dispositif de gestion d'argent virtuel de crédit
WO2013137528A1 (fr) Système de règlement de transaction hors-ligne, et procédé et dispositif à cet effet
WO2013100413A1 (fr) Système de paiement par carte de crédit de téléphone intelligent utilisant une prise écouteur, et procédé correspondant
WO2018194379A1 (fr) Procédé d'approbation de l'utilisation d'une carte à l'aide d'un identificateur de jeton sur la base d'une chaîne de blocs et structure en arbre de merkle associée à celui-ci, et serveur l'utilisant
WO2012053780A1 (fr) Procédé de paiement et système de paiement utilisant des informations concernant l'adresse mac d'un terminal de client
WO2016056853A1 (fr) Système pour l'authentification pratique de personne à l'aide d'un terminal de communication mobile et d'une carte bancaire réelle et procédé associé
WO2016085062A1 (fr) Procédé d'authentification par carte d'authentification nfc
WO2008038379A1 (fr) Téléphone portable et procédé de contrôle d'accès
WO2015068904A1 (fr) Lecteur de carte, terminal et procédé de traitement d'informations de paiement les utilisant
WO2017043717A1 (fr) Procédé d'authentification biométrique d'un utilisateur
WO2014092286A1 (fr) Procédé pour prendre en charge un paiement pour un commerce hors ligne, et système et dispositif associés
WO2019078623A1 (fr) Procédé de paiement à base de chaînes de blocs et serveur de paiement le mettant en œuvre
WO2018216988A1 (fr) Système d'authentification de sécurité et procédé d'authentification de sécurité destinés à créer une clé de sécurité par combinaison de facteurs d'authentification de multiples utilisateurs
WO2012047032A2 (fr) Système de gestion de carte d'identification mobile et son procédé de gestion de carte d'identification mobile
WO2016182397A1 (fr) Système et procédé d'authentification utilisant le flash d'un ordiphone mobile
CN112769574A (zh) 密钥注入方法和系统、密钥管理系统、设备及机器可读介质
WO2017048005A1 (fr) Système de traitement bancaire électronique utilisant un guichet automatique personnel et procédé de traitement associé

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15887870

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15887870

Country of ref document: EP

Kind code of ref document: A1