KR100413596B1 - Payment method using some of credit information - Google Patents

Abstract

Payment method using only part of the credit information using the personal information of the mobile carrier of the present invention is a user, the user's mobile phone number and a unique number (resident registration number, social security number, corporation number, business registration number) to identify the user Provides a three-step process of providing and verifying information between the mobile carrier D / B and the card company D / B who knows the user's unique number (resident registration number, social security number, corporation number, business registration number) and credit information (credit card number). It is about the payment method of the new concept that payment can be made through the payment method, and the payment details and the encrypted payment number are notified to the mobile communication terminal and replaced with the receipt. By using this payment method, the card company can make payment using only a part of the user's credit information without going through the process of collecting user information to form a D / B linking a separate phone number with a card number. By allowing payment to be made without exposing the user's credit information to the outside, it is possible to make a very secure credit transaction without risk of personal credit information leakage, and also by notifying the payment details and the encrypted payment number It is effective in activating convenient and safe e-commerce, door-to-door sales, and establishment of reservation culture by relieving anxiety caused by commerce.

Description

Payment method using some of credit information}

The present invention relates to a payment method using credit information (for example, credit card number), and more particularly, subscription without going through the process of collecting user information for configuring a database linking a separate phone number and credit information The present invention relates to a payment method that can prevent a user from leaking credit information by allowing a user to make a payment using only a part of the user information of the mobile communication terminal and the user's previously created credit information.

Recently, credit card is widely used as a means of payment for purchasing products and other services, and its use is increasing due to the government's policy of encouraging the use of credit cards.

As a method of using such a credit card, you may submit your own credit card. However, due to the development of the Internet, a lot of payments are made using a credit card on the web or the wireless Internet. In addition, payment using a credit card is widely used in home shopping through TV at home.

On the web, payment is made by purchasing an item using e-commerce and entering the expiration date of the credit card and the card on the relevant internet site. In the case of home shopping, call the home shopping company and credit information on the credit card. Payment will be made by notifying the card and the expiration date of the card.

Moreover, in recent years, with the development of information and communication technology, the functions of personal portable terminals have been improved, and payments using such personal portable terminals (hereinafter, referred to as mobile communication terminals) have been made. As a payment method using the mobile communication terminal, the payment information is transmitted by using a keypad of the mobile communication terminal to transmit such information to a specific system in the same form as in an electronic commerce on the web. Is done. Recently, payment is not made simply by transmitting credit information for security of credit card information, but a method for authenticating a corresponding user has been added and used. As the authentication method, a method of inputting a preset password and the like and a method of using a certificate are used. However, the password input method is mostly composed of four digits, so it can be easily decrypted by a method such as brute force, and the method of using a certificate is restricted in mobility due to the characteristics installed on a specific computer. It is true that it is difficult to use in public places.

In addition, in order to notify the details of payments made in this way, a separate program is being downloaded through a certification authority, and a receipt is issued and stored.

In this case, when the credit card is used for the purchase and payment using the electronic commerce, home shopping, and mobile communication terminal on the web described above, the entire credit card number of the user is transmitted through a wired or wireless network. Can be detected and stolen.

In other words, the existing method has only a user authentication process that checks whether the credit card information or password is "*" so that no one else can see it, or only confirms that the user is a true user. Credit card information and password are transmitted through the network. Of course, various encryption techniques have been introduced, but as various methods of disabling encryption are introduced, anxiety about leakage of personal information is amplified. In this case, the user may not even know if his or her credit information has been stolen, which may cause more damage. In fact, these things are happening now, which is causing a lot of obstacles to the development of electronic commerce, as users are avoiding credit settlement on the web or credit settlement using mobile communication terminals.

In addition, although the user transmits credit information to request a purchase, there is no user's way of knowing whether the actual purchase has been made, and thus the user's anxiety may be further increased.

Accordingly, an object of the present invention in consideration of these problems is to provide a payment method that allows payment to be made without exposing credit information such as credit information or password in a payment method using a mobile communication terminal.

1 is a configuration diagram briefly showing the overall configuration for the payment method according to the present invention.

2 is a flowchart illustrating a process in which a user makes a purchase request using a first terminal and is approved for payment.

3A to 3D are schematic diagrams illustrating a first embodiment of a payment method according to the present invention.

Figure 4 is a schematic diagram showing the overall configuration for achieving a second embodiment of the payment method according to the present invention.

* Explanation of symbols for main parts of the drawings

11: first terminal (mobile communication terminal) 12: second terminal (computer)

20: mobile carrier 30: card company

40: P / G (Payment Gateway)

Payment method using only part of the credit information of the present invention for achieving the above object is a step of receiving a purchase or payment request signal from the user, according to the purchase or payment request signal to the mobile communication terminal user's unique number (resident registration number (B) requesting and receiving an identification number of an individual or a corporate body (hereinafter referred to as an SSN); transmitting only the provided SSN to a card company to receive only a part of the credit information corresponding to the SSN from the card company, to the user of the corresponding mobile communication terminal. Requesting credit information provided from the card company and comparing the information provided from the card company with the information provided from the user. These steps may vary in type depending on the payment method. If the personal information cannot be leaked randomly by the mobile communication company, the user's SSN is input from the owner of the mobile communication terminal and transmitted to the mobile communication company to compare the previously stored SSN with the input SSN. At this time, the reference is a unique number of the user's mobile communication terminal. Only when the two numbers match, the mobile service provider requests the credit card company's credit information. In addition, the terminal owner may further include a step of confirming whether or not the user receives the voicemail password from the mobile communication company for authentication.

In addition, a data transmission and reception method using a mobile communication terminal uses voice (ARS), short message (SMS), push or pull method of the wireless Internet, and for example, transmit is set as ARS and reception is performed. By using the push or SMS of the wireless Internet, it is possible to further enhance the security by using different networks in one terminal.

Hereinafter, with reference to the accompanying drawings will be described in detail preferred embodiments of the present invention.

1 is a configuration diagram briefly showing the overall configuration for the payment method according to the present invention.

The first terminal 11 is a personal portable terminal having a unique user number such as cellular, PCS, PDA, etc., and is used as a means for confirming the identity of the payer in the present invention. The second terminal 12 is a terminal capable of data communication through a network, such as a web, mainly personal computers, digital TV, cable TV, PDA, etc. capable of two-way communication.

The mobile telecommunication company 20 provides a communication service for the user's first terminal 11, and the user's SSN provided when the user subscribes to the communication service and the number of the first terminal 11 are databased. . In this case, the SSN mentioned below represents a unique number owned by each individual, corporation, and organization. In a foreign country that does not use the SSN, any SSN such as a health insurance number and a social security number can be used as an alternative. This is possible.

The card company 30 provides a credit card, an electronic money card, a bank, a securities company, an insurance company, a government office, a school, etc., to provide credit information for payment, or a place that holds a SSN and provides goods, services, or services. As a result, the SSN provided when the card is applied by the user and the credit information of the corresponding user are matched to make a database.

The payment gateway (P / G) 40 connects the user terminals 11, 12, and 13, the communication service company 20, and the card company 30, and the user pays the bill using the terminals 11, 12, and 13. It allows you to. The P / G 40 may be installed and operated on the wired / wireless network in the communication service company 20 or the card company 30 or as a separate independent system.

First embodiment

FIG. 2 is a flowchart illustrating a process in which a user makes a purchase request using the first terminal 11 and is approved for payment. FIG. 3A is a diagram illustrating this process.

When a user wants to purchase an item or use a service and make a payment, the user presses a designated key using his first terminal 11. In this case, the designated key may be a number for each service provider or any specific key. The first terminal 11 which detects the pressing of the corresponding key transmits a purchase request signal to the P / G 40 (step 210). The purchase request signal corresponds to a function such as adding a shopping cart as in the case of using the electronic commerce through the wireless Internet. At this time, the mobile communication terminal has its own number sending function is to transmit its own phone number with the purchase request signal.

Upon receiving the purchase request signal from the first terminal 11, the P / G 40 transmits the telephone number of the first terminal 11 to the mobile communication company 20 (step 211). The P / G 40 requests the mobile communication company 20 for the SSN of the user assigned the corresponding telephone number (step 212).

The mobile telecommunication company 20 receives the user's SSN when the user subscribes to the mobile communication and makes a database thereof. When the user receives the phone number from the P / G 40, the mobile telecommunication company 20 searches for the user's SSN that matches the corresponding phone number. Send it to G (40).

If the mobile communication company 20 cannot leak the user's SSN, the P / G 40 additionally receives some or all of the SSNs separately from the user, as shown in FIG. 3B, and transmits the received SSN to the mobile communication company 20. Transmit and compare with the SSN of the user previously stored in the mobile communication company (20). At this time, the input part has a data length that can be uniquely distinguished from others. If the comparison result matches, the mobile telecommunication company 20 transmits an acknowledgment signal (ACK) to the P / G 40.

When receiving the confirmation signal or the SSN from the mobile telecommunication company 20, the P / G 40 transmits the SSN received from the user or the SSN of the corresponding user received from the mobile telecommunication company 20 to the card company 30 (step 213). Then, the P / G 40 requests a part of the credit information of the user having the SSN from the card company 30 (step 214). Current credit cards all have 16 digits of credit information, of which a certain number, for example the last 4 digits, is requested. Even if a type of credit information other than a credit card is contained, only a portion of the credit information is requested.

The card company 30, which has a database of SSNs registered at the time of card membership registration and the credit information and password of the user, receives the SSN from the P / G 40 and is requested to provide partial credit information. The P / G 40 transmits the requested number to the P / G 40 among the credit information matching the SSN. As described above, when the P / G 40 requests a part of the credit card information with the provision of the SSN to the card company 30, but the P / G 40 provides only the SSN to the card company 30, the card company ( At 30), some of the credit information may be arbitrarily selected and the location of the number may be provided to the P / G 40.

The P / G 40, which received part of the credit information from the card company 30, transmits to the first terminal 11 using a voice message such as ARS, a text message (SMS), a push of a wireless Internet, or an internet network. The user is requested to input a number corresponding to some credit information provided from the card company 30 (step 215).

When receiving some credit information requested by the user, the P / G 40 compares the credit information provided from the card company 30 with the credit information provided from the user and determines whether there is a match (step 216).

If the card company 30 cannot directly disclose the user's credit information to the P / G 40, as in the mobile communication company 20, the P / G 40, as shown in FIGS. Receive some additionally and transmit it to the card company 30 compares the credit information in the card company 30. At this time, the input portion is merged with the SSN has a length that can be uniquely distinguished from the credit information. When the two numbers match, the card company 30 transmits a confirmation signal (ACK) to the P / G (40).

As a result of the comparison, if the two numbers match, the P / G 40 approves the payment to the user and then charges the card company 30 (step 217). If the numbers do not match, the P / G 40 rejects the payment ( Step 218) or a certain number of re-entry requests. Further, in order to further strengthen user authentication, in step 214, the P / G 40 is provided by requesting the card company 30 together with some of the password of the credit card together with the credit information, and again if the two numbers match in step 216 You can ask the user to enter some of the credit card's password. Of course, as described above, when the credit card company does not disclose the information to the P / G 40, the P / G 40 does not compare the information, but compares the information with the card company 30. Only match can be sent to / G40. That is, the payment can be made only if the information about credit and password match. When the payment is completed, the P / G 40 may transmit the payment information to the first terminal 11 by text message or the like so that the user may confirm it.

In the above-described embodiment, the P / G 40 receives some of the credit card numbers and passwords from the card company 30 and receives the corresponding numbers from the user, and compares them. However, the order may be changed. That is, in step 210 described above, the P / G 40 additionally receives a portion of credit information and a password together with the SSN from the user as shown in FIG. 4 and receives the confirmation from the mobile communication company 20 as the SSN. If you transmit to), the card company 30 can compare this with the information previously stored in its database and transmit the result to the P / G (40). In this case, since the P / G 40 may approve the payment according to the result received from the card company, step 215 may be omitted.

Second embodiment

When a user wants to purchase an item using the first terminal 11 as a simple mobile phone without using the wireless Internet, for example, when a user wants to purchase more home shopping or delivers food. If you need to call the service provider to the terminal 11 to apply for the purchase and payment of the goods, pressing the specific key of the first terminal 11 is connected to the P / G (40). The P / G 40 receives the telephone number of the corresponding first terminal 11 and the telephone number of the service provider currently connected to the first terminal 11 from the first terminal 11. After the P / G 40 finds out the user's first terminal 11 telephone number and the service provider's telephone number, payment can be made in the same manner as in the above-described first embodiment.

Alternatively, after the user makes a purchase request to the service provider, the service provider obtains the telephone number of the mobile communication terminal of the service provider, proceeds with the payment in the same manner as the first embodiment described above, and moves the service provider. Provide the communication terminal phone number to the P / G (40). Then, the P / G 40 may transmit the payment details to the mobile communication terminal of the corresponding service provider so that the confirmed service provider may deliver the goods to the user.

Furthermore, in the case of using the present invention, the user can confirm that the goods are normally delivered and then make the payment. In this case, after the user calls the store to order the goods and the goods are delivered, the payment is made in the same manner as in the first embodiment described above, and the phone number of the clerk who has delivered the goods is P / G ( Enter 40). Then, the P / G 40 transmits the payment history to the mobile communication terminal of the corresponding clerk so that the user and the clerk can check it. In this way, it is possible to pay by using a general mobile communication terminal without the need for a separate mobile card reader, so that service providers can reduce costs and provide better services.

Third embodiment

4 is a diagram illustrating a process in which a user purchases a product through electronic commerce on the web using a second terminal 12 and then uses the credit information to make a payment. At this time, the P / G 40 is operated in connection with an internet server (not shown) of the corresponding internet shopping mall.

When a user who accesses an Internet server (not shown) of a specific Internet shopping mall by using the second terminal 12 requests a product purchase, the Internet server (not shown) prompts the user to input the telephone number of the first terminal 11. request. When the user enters the phone number of his first terminal 11, the Internet server (not shown) transmits the phone number of the user's first terminal 11 to the P / G (40). The procedure is the same as that of steps 212 to 218 in the first embodiment. However, when the user cannot use his first terminal 11 in step 215, a part of his or her credit information may be input through the second terminal 12.

When the payment is completed, the P / G 40 transmits the payment contents to the user's first terminal 11 or the second terminal 12 so that the user can check the contents of the payment. In particular, the payment is encrypted together with the payment details. By sending the number and URL to the first terminal 11 by SMS, the user can be confirmed by pressing a specific access key of the first terminal 11 when the user needs a detailed description. This third embodiment may be performed in the same way based on the wireless Internet rather than the web.

In the above-described embodiment, the mobile telecommunication company 20 may receive the voicemail password of the first terminal 11 from the user to further confirm the user's identity and may confirm and notify the user through the voicemail.

In addition, in the above-described embodiments, when the first terminal 11 has multiple telephone numbers, multiple numbers can be used for authentication. For example, when the first terminal 11 has a first telephone number and a second telephone number, when the user connects to the P / G 40 using the first telephone number, the P / G 40 is connected to the mobile communication company ( 20) a second telephone number matching the first telephone number of the user is provided. In addition, the P / G 40 may use the second telephone number as an authentication password by requesting a user to input a part of the second telephone number at the time of payment.

Indeed, in most cases, using the system for micropayments, there is a possibility that they may have a conflict with the fee system of credit card companies, etc. (in the case of a small amount, if the intermediate fee is more than the settlement amount or if it is not profitable). Therefore, the P / G 40 authenticates the card company 30 whether the limit amount is set in advance and the user can use the limit amount at the time of first use, and inputs a small settlement amount, credit information, SSN, etc. in each case. It may be possible to accumulate a certain amount of time or a certain amount of money and to approve and claim it at one time without receiving the payment.

As described above, by using only a part of the user's credit information so that the payment can be made using the credit information without being exposed to outside the card company at all, very secure credit transactions without risk of personal credit information leakage can be achieved Have an effect

Claims (13)

In the payment method using the credit information using a mobile communication terminal, (1) receiving a payment request signal from the mobile communication terminal; (2) transmitting the phone number of the mobile communication terminal to the mobile communication company according to the payment request signal of (1) and requesting and receiving the SSN of the user of the mobile communication terminal; (3) transmitting the SSN provided in (2) to the card company, and receiving only a part of the credit information of the user having the SSN from the card company; (4) receiving a part of the credit information from the mobile communication terminal; (5) comparing the information of (3) and (4); And (6) Payment method using only part of the credit information comprising the step of approving the payment according to the comparison result of (5). The payment method according to claim 1, further comprising the step (7) of receiving a voicemail password from a mobile communication company to verify the identity of the user for authentication of the user. The payment method of claim 1, wherein step (1) receives a payment request signal through any one of a computer, a digital TV, a cable TV, and a PDA connected to a wired or wireless network. 2. The payment method according to claim 1, wherein the telephone number transmission of the mobile communication terminal to the mobile communication company in step (2) uses a self-number transmission function of the mobile communication terminal. According to claim 3, If the payment request is provided using a terminal that does not have a self-numbering function, characterized in that the terminal does not have the self-numbering function to request the user's mobile communication terminal number additionally provided. Payment method using only some credit information. The method of claim 1, wherein the user's SSN of step (2) is a unique number assigned only to the user, and only some of the credit information, characterized in that any one of the social security number, social security number, corporate number, business registration number Payment method to use. The method of claim 1, wherein the credit information of step (3) is at least one of a credit card number and a password of the user. According to claim 1, Step (4) is a mobile terminal, the computer connected to a wired and wireless network, a digital TV, a cable TV, a PDA after sending a message requesting the credit information input to any one of the mobile terminal, the Internet Payment method using only part of the credit information, characterized in that receiving credit information via any one of a computer, digital TV, cable TV, PDA connected to. According to claim 3, If the payment is completed after the comparison of the step (5), the content of the payment, encrypted by at least one of the user's mobile communication terminal, the service provider's mobile communication terminal, a computer connected to the Internet, digital TV, cable TV Payment method using only part of the credit information, characterized in that for transmitting the URL to view the authentication number and details. The method of claim 1, wherein the data transmission / reception method using the mobile communication terminal is performed by using a voice (ARS), a short message (SMS), a push of a wireless Internet, and a pull method. Payment method characterized in that the communication terminal is made by using different networks in duplicate. In the payment method using the credit information using a mobile communication terminal, (1) receiving a payment request signal and an SSN of the user of the mobile communication terminal from the mobile communication terminal; (2) transmitting the telephone number of the mobile communication terminal and the SSN of (1) to a mobile communication company and receiving a result of confirming the SSN from the mobile communication company; (3) transmitting the SSN provided in (1) to the card company in accordance with the verification result of (2) to receive only a part of the credit information of the user having the SSN from the card company; (4) receiving the credit information provided in (3) from the mobile communication terminal; (5) comparing the information of (3) and (4); And (6) Payment method using only part of the credit information comprising the step of approving the payment according to the comparison result of (5). In the payment method using the credit information using a mobile communication terminal, (1) receiving a portion of a payment request signal and credit information of the user of the mobile communication terminal from the mobile communication terminal; (2) transmitting the telephone number of the mobile communication terminal to the mobile communication company according to the payment request signal of (1) and requesting and receiving the SSN of the user of the mobile communication terminal; (3) transmitting the credit information provided in (1) and the SSN provided in (2) to the card company; (4) receiving confirmation from the card company whether the credit information of (3) matches the credit information of the user having the SSN previously stored in the card company; And (5) Payment method using only part of the credit information including the step of approving the payment according to the verification result of (4). In the payment method using the credit information using a mobile communication terminal, (1) receiving a portion of a payment request signal, an SSN of the user of the mobile communication terminal, and credit information of the user of the mobile communication terminal, from the mobile communication terminal; (2) transmitting the SSN of (1) to a mobile communication company and checking whether the SSN matches with the mobile communication company; (3) transmitting the credit information and the SSN provided in (1) to the card company in accordance with the verification result of (2); (4) receiving confirmation from the card company whether the credit information of (3) matches the credit information of the user having the SSN previously stored in the card company; And (5) Payment method using only part of the credit information including the step of approving the payment according to the verification result of (4).