KR101327434B1 - Method and system of payment using mac address information - Google Patents

Method and system of payment using mac address information Download PDF

Info

Publication number
KR101327434B1
KR101327434B1 KR1020100102606A KR20100102606A KR101327434B1 KR 101327434 B1 KR101327434 B1 KR 101327434B1 KR 1020100102606 A KR1020100102606 A KR 1020100102606A KR 20100102606 A KR20100102606 A KR 20100102606A KR 101327434 B1 KR101327434 B1 KR 101327434B1
Authority
KR
South Korea
Prior art keywords
payment
management server
customer terminal
terminal
payment management
Prior art date
Application number
KR1020100102606A
Other languages
Korean (ko)
Other versions
KR20120041038A (en
Inventor
이태영
Original Assignee
비씨카드(주)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 비씨카드(주) filed Critical 비씨카드(주)
Priority to KR1020100102606A priority Critical patent/KR101327434B1/en
Priority to PCT/KR2011/007691 priority patent/WO2012053780A1/en
Publication of KR20120041038A publication Critical patent/KR20120041038A/en
Application granted granted Critical
Publication of KR101327434B1 publication Critical patent/KR101327434B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Abstract

The present invention enables the customer to follow the existing card payment process using a customer terminal having a unique MAC address, thereby enabling payment using various terminals without limiting the terminal, and enhancing the validity authentication of the customer terminal. The present invention relates to a payment method and system using Mac address information of a customer terminal that enables secure payment.
In accordance with an embodiment of the present invention, a payment method may include: generating, by a payment management server, a first Mac hash value based on the MAC address when a customer requests to issue a customer terminal having a specific MAC address to a payment means; Mapping, by the payment management server, with the customer information to store the first Mac hash value in a database; Receiving, by the payment management server, payment approval request information including a second Mac hash value generated by the customer terminal; Extracting, by the payment management server, the first Mac hash value that matches the second Mac hash value; Authenticating, by the payment management server, the validity of the customer terminal; If the validity of the customer terminal is authenticated, the payment management server may include performing a payment approval procedure based on the MAC address information of the customer terminal.

Description

Payment method and system using MAC address information of customer terminal {METHOD AND SYSTEM OF PAYMENT USING MAC ADDRESS INFORMATION}

The present invention relates to a secure payment method and system using the Mac address information of the customer terminal, and more particularly, payment using the Mac address information of the customer terminal to make a payment through various types of terminals having a specific Mac address. A method and system are disclosed.

Currently, in the case of trading goods and services, the portion of payments through cards is increasing rather than the amount of payments through cash. In the case of cash payment, customers may feel anxiety and discomfort due to the possession of cash, and when paying with a card, they may receive income deduction benefits. In addition, the card usage rate is increasing every year because of the advantage of being able to make a partial payment when the payment amount is high.

On the other hand, as card usage increases, the number of cards held per customer increases. Thus, customers have another inconvenience in carrying a plurality of cards. As a solution to this, other payment media such as a mobile card or a virtual card are appearing.

However, in the case of a general mobile card, it is limited to a mobile phone, and a general mobile card cannot be issued using another type of portable device as a medium. If a mobile card is issued to another portable device, a separate chip must be developed, and merchant terminals can also be upgraded for compatibility, or a separate software must be developed, which can cause problems in terms of time and cost. .

Therefore, there is an urgent need to introduce a payment method and system that enables payment according to an existing payment process through various devices without developing a separate program or chip.

An object of the present invention is to enable the customer to follow the existing card payment process by using a customer terminal having a unique MAC address, to enable payment using various terminals without restriction on the terminal, and to enhance the validity authentication of the customer terminal. In addition, the present invention provides a payment method and system using the MAC address information of the customer terminal that allows customers to securely proceed with the payment.

In order to achieve the above object, the present invention provides a method, comprising: generating, by a payment management server, a first Mac hash value based on the MAC address when a customer requests to issue a customer terminal having a specific MAC address to a payment means; Mapping, by the payment management server, with the customer information to store the first Mac hash value in a database; Receiving, by the payment management server, payment approval request information including a second Mac hash value generated by the customer terminal; Extracting, by the payment management server, the first Mac hash value that matches the second Mac hash value; Authenticating, by the payment management server, the validity of the customer terminal; If the validity of the customer terminal is authenticated, the payment management server provides a payment method comprising the step of performing a payment approval procedure based on the MAC address information of the customer terminal.

In order to achieve the above object, the present invention provides a payment system including a customer terminal and a payment management server. An issuer for generating a first mac hash value based on the; A database that stores the first Mac hash value by mapping with the customer information; A receiving unit receiving payment approval request information including a second Mac hash value generated by the customer terminal; An authentication unit for extracting the first Mac hash value that matches the second Mac hash value and authenticating the validity of the customer terminal; An approval processing unit performing a payment approval procedure based on the MAC address information of the customer terminal when the validity of the customer terminal is authenticated; And a controller for controlling the issuing unit, the database, the receiving unit, the authenticating unit, and the approval processing unit.

According to one embodiment of the present invention, payment can be made through various customer terminals having a MAC address instead of an existing credit card, and the inconvenience of having a plurality of cards can be reduced.

In addition, according to one embodiment of the present invention, since it can follow the existing payment process, it is possible to reduce time and cost waste due to the development of a separate chip or program.

In addition, according to an embodiment of the present invention, by generating a hash value based on the MAC address and using it for payment, the MAC address itself can be prevented from being exposed.

On the other hand, according to one embodiment of the present invention, since authentication for the merchant terminal and the customer terminal can be strengthened, the customer can make a secure payment.

1 is a block diagram illustrating a payment system related to an embodiment of the present invention.
2 is a block diagram illustrating a configuration of a payment management server according to an embodiment of the present invention.
3 is a block diagram illustrating a configuration of an affiliated store terminal according to an embodiment of the present invention.
4 is a flowchart illustrating an issuance procedure related to an embodiment of the present invention.
5 is a view for explaining the approval request preparation procedure related to an embodiment of the present invention.
6 is a flowchart illustrating a payment method using MAC address information related to an embodiment of the present invention.
7 is a diagram illustrating payment confirmation data associated with one embodiment of the present invention.
8 is a diagram illustrating a display unit of an affiliated store terminal according to an embodiment of the present invention.

The terms used in this specification will be briefly described and the present invention will be described in detail.

While the present invention has been described in connection with what is presently considered to be the most practical and preferred embodiment, it is to be understood that the invention is not limited to the disclosed embodiments. Also, in certain cases, there may be a term selected arbitrarily by the applicant, in which case the meaning thereof will be described in detail in the description of the corresponding invention. Therefore, the terms used in the present invention should be defined based on the meanings of the terms and the contents throughout the present invention, rather than the names of the simple terms.

Throughout the specification, 'hash' refers to a value obtained by converting given information (input value) into a very large numeric value (result value) within a certain length using a one-way hash function. This is also known as Message Digest (MD). Unidirectional means that the input value is unknown or difficult to understand. Therefore, even if the hash value is known, it is difficult to know the input value. The hash value may be transmitted by being encrypted by an encryption algorithm. The hash algorithm may include Snefru, CRC-32, CRC-16, MD2, MD4, MD5, SHA, Haval, and the like.

Throughout the specification, 'MAC (Media Access Control) address' means a unique number given to network card hardware. In other words, every device on the network has a unique 48-bit address, which is a Mac address, which can be displayed as a 12-digit hexadecimal number for convenience. For example, it may be referred to as 00-60-97-8F-4F-86 and the like.

In the specification, 'Mac address information' may include not only the MAC address but also a hash value in which the MAC address is modified by a specific hash algorithm.

DETAILED DESCRIPTION Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art may easily implement the present invention. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.

1 is a block diagram illustrating a payment system related to an embodiment of the present invention.

As shown in FIG. 1, according to an embodiment of the present invention, the payment system may include a customer terminal 100, a payment management server 200, and an affiliated store terminal 300.

According to one embodiment of the invention, the customer terminal 100 may have a unique MAC address for network communication. In addition, the customer terminal 100 may be installed with an application program (application) including the hash algorithm information for generating a hash value. The customer terminal 100 may perform wired or wireless communication with the payment management server 200 or the affiliated store terminal 300.

On the other hand, the customer terminal 100 may be implemented in various forms. For example, the customer terminal 100 described in the present specification may be a PC, a mobile phone, a smart phone, a notebook computer, a digital broadcasting terminal, a personal digital assistant (PDA), or a portable multimedia player (PMP). , Navigation, handheld game consoles, Tablet PCs, and the like.

According to an embodiment of the present invention, the payment management server 200 may be a server that can receive payment approval request information and process payment approval. For example, the payment management server 200 may be a card company server, purchase company server, bank server and the like.

As shown in FIG. 2, according to an embodiment of the present invention, the payment management server 200 may include an issuing unit 210, a receiving unit 220, a transmitting unit 230, an approval processing unit 240, and an updating unit. 250, an authentication unit 260, a database 270, and a control unit 280 may be included.

The issuing unit 210 may perform a procedure for issuing the customer terminal 100 to a payment medium using Mac address information. That is, the issuer 210 generates a hash value based on the MAC address and issues a virtual payment means to the customer.

The receiver 220 communicates information such as an authentication request, a MAC address, a second Mac hash value, a second personal authentication key, common authentication information, and approval of payment confirmation data by the customer terminal 100 through communication. It may receive from the terminal 100. In addition, the receiving unit 220, the merchant request the authentication request of the merchant terminal 300 (member or merchant terminal information), the second Mac hash value, the second personal authentication key, merchant authentication key, common information authentication, transaction information, etc. It may receive from the terminal 300.

The transmitter 230 may transmit the first personal authentication key, update information, payment confirmation data, identification tag information, and common authentication information to the customer terminal 100. In addition, the transmission unit 230 may transmit to the affiliated store terminal 300 the affiliated store authentication key, common authentication information, identification tag information, payment approval completion result, and the like.

The approval processor 240 may receive payment approval request information from the affiliated store terminal 300 and receive approval for payment confirmation data from the customer terminal 100 to perform a payment approval procedure.

The updater 250 may update the first personal authentication key and common authentication information at predetermined intervals based on the update information. The update information may be previously stored in the database 270 or generated by the payment management server 200.

The authentication unit 260 may authenticate the validity of the customer terminal 100 by comparing the first personal authentication key and the second personal authentication key. In addition, the authentication unit 260 may authenticate whether the affiliated store terminal 300 is valid based on the affiliated store information received from the affiliated store terminal 300.

The database 270 includes the customer information, the customer terminal 100 information, the merchant terminal 300 information, transaction information, identification tag information, hash algorithm information, MAC address, first Mac hash value, and first personal authentication. Key information and the like may be stored.

The control unit 280 is the issuing unit 210, the receiving unit 220, the transmitting unit 230, the approval processing unit 240, the update unit 250, the authentication unit 260, and the database Overall control over 270 is possible.

The control unit 280 is the issuing unit 210, the receiving unit 220, the transmitting unit 230, the approval processing unit 240, the update unit 250, the authentication unit 260, and the database 270 and one program, or may be implemented in a separate program.

According to an embodiment of the present invention, the affiliated store terminal 300 is for performing payment for purchased goods and services. The affiliated store terminal 300 may store purchase information for each member. In addition, the affiliated store terminal 300 may be implemented through a credit authorization terminal (CAT), a point of sales (POS), and the like.

POS (Point Of Sales) is a system that can register sales in real time and enable automatic settlement and aggregation of registered sales data to improve the efficiency of store operations. Therefore, according to an embodiment of the present invention, the affiliated store terminal 300 may perform member management, store management, and the like.

According to an embodiment of the present invention, the affiliated store may include an online affiliated store in addition to the offline affiliated store. When the affiliated store is an online affiliate store, the affiliated store terminal 300 may be an online shopping mall server.

As shown in FIG. 3, according to an embodiment of the present invention, the affiliated store terminal 300 may include a search unit 310, a receiver 320, a transmitter 330, and a display 340. have.

The search unit 310 may search for the MAC address of the customer terminal 100 existing within a certain radius. In this case, the search unit 310 may find the customer terminal 100 having the same common authentication information as that of the affiliated store terminal 300. An example of the search unit 310 may be an access point (AP). The search unit may exist in a specific software form in the affiliated store terminal 300 or may be separately attached to the affiliated store terminal 300.

The receiver 320 may receive a second Mac hash value, a second personal authentication key, identification tag information, and the like from the customer terminal 100. In addition, the receiving unit 330 may receive common authentication information, affiliated store authentication key, payment approval completion result, etc. from the payment management server 200.

The transmitter 330 may transmit common authentication information to the customer terminal 100. In addition, the transmission unit 330 may transmit an authentication request, a payment approval request, a second Mac hash value, common authentication information, a second personal authentication key, an affiliated store authentication key, and transaction information to the payment management server 200. have.

The display unit 340 may display the identification tag information. The identification tag information means information for customer identification mapped with the unique MAC address of the customer terminal 100. That is, according to an embodiment of the present invention, the display unit 340 displays customer identification information mapped to the MAC address of the customer terminal 100, thereby exposing the MAC address of the customer terminal 100 to others. Can be prevented.

The identification tag information may be, for example, an alias (nickname) of a terminal, an alias (nickname) of a customer, and the like. For example, as shown in Figure 8, the identification tag information may be a nickname of the customer terminal 100, such as 'honggildong mobile phone', may be a nickname or nickname of the customer, such as 'Apple love' or 'Bonobono'. . The identification tag information may be a mobile phone number of the customer, such as '010-XXXX-XXXX'.

Hereinafter, the payment method using the MAC address information of the customer terminal 100 made through the configuration of the payment system will be described in detail.

4 is a flowchart illustrating an issuance procedure related to an embodiment of the present invention.

According to one embodiment of the invention, as shown in Figure 4, the customer may request issuance of the customer terminal 100 having a specific MAC address as a payment means (S410). The issue request may be made offline or online.

The customer may provide the payment management server 200 with the MAC address, customer information, identification tag information, etc. of the terminal 100 to be used as a payment means when the issuing request is made. In this case, an issue of qualification and credit evaluation for the customer may be performed (S420). In this case, the payment management server 200 numbers the customer number matching the customer information in the database 270.

According to one embodiment of the present invention, when the customer number is numbered by the issuance qualification examination or the like, the issuing unit 210 of the payment management server 200 is the first MAC based on the MAC address of the customer terminal 100. The hash value is generated (S430).

The first Mac hash value means a hash value generated by the payment management server 200 by a hash algorithm based on the MAC address. Thus, the first Mac hash value may exist as a string of specific bits. For example, the first Mac hash value is '6ef2782a521fe0ffdcbe028'. It can be expressed as'

According to an embodiment of the present invention, the first Mac hash value may use the Mac address and customer information as an input value. The first Mac hash value may be unique for each customer terminal 100. Therefore, payment can be made using the customer terminal 100 as a payment means through the first MAC hash value.

According to an embodiment of the present invention, the payment management server 200 may map the customer information, the identification tag information, and the MAC address to store the first Mac hash value in the database 270 (S440). ).

5 is a view for explaining the approval request preparation procedure related to an embodiment of the present invention. According to an embodiment of the present invention, in order for a customer to request a payment using the customer terminal 100 as a payment method, an approval request preparation procedure for the customer terminal 100 and the affiliated store terminal 300 may be required. . This is for the payment management server 200 to authenticate the customer terminal 100 and the affiliated store terminal 300 to provide a secure payment method to the customer.

In the case of the customer terminal 100

As shown in Figure 5, according to an embodiment of the present invention, in the case of the customer terminal 100, it may request the authentication to the payment management server 200 (step ①). In this case, the customer terminal 100 transmits the second Mac hash value.

The second Mac hash value refers to a hash value generated by the customer terminal 100 using a hash algorithm used by the payment management server 200 based on the MAC address of the customer terminal 100.

According to an embodiment of the present invention, the second MAC hash value may also use the MAC address and the customer information as an input value like the first Mac hash value. That is, since the input value and the hash algorithm coincide with each other, the first Mac hash value and the second Mac hash value are inevitably the same. The difference is that the first Mac hash value is generated in the payment management server 200 and the second Mac hash value is generated in the customer terminal 100.

Therefore, when the client terminal 100 sends an authentication request and transmits the second Mac hash value to the payment management server 200, the payment management server 200 transmits the first Mac hash value and the first value. The validity of the customer terminal 100 may be authenticated by determining whether two Mac hash values match. (Basic authentication)

That is, the payment management server 200 extracts a first Mac hash value that matches the second Mac hash value received from the customer terminal 100. If the payment management server 200 cannot extract the first Mac hash value that matches the second Mac hash value, the customer terminal 100 may not be properly issued as a payment means. Therefore, authentication of the customer terminal 100 of the payment management server 200 may fail.

According to an embodiment of the present invention, the second Mac hash value may be pre-stored in the customer terminal 100.

According to another embodiment of the present invention, the second Mac hash value may be newly generated by the customer terminal 100 every time an authentication request is made. That is, once a purchase occurs, after the payment process is completed, the second Mac hash value is deleted from the customer terminal 100. If the second Mac hash value is continuously stored in the customer terminal 100, the second unique Mac hash value used for payment may be exposed to another person.

According to an embodiment of the present invention, the generation and transmission of the second Mac hash value may be implemented through a specific application installed in the customer terminal 100. In addition, the customer terminal 100 may encrypt the second Mac hash value and transmit the encrypted value to the payment management server 200.

According to one embodiment of the present invention, if the basic authentication is successful for the customer terminal 100, the payment management server 200 is a common authentication information, the first personal authentication key, update information, etc. to the customer terminal 100 ) Can be sent (step ②).

According to an embodiment of the present invention, the payment management server 200 is based on the MAC address information and customer information of the customer terminal 100 mapped to the first Mac hash value that matches the second Mac hash value. Thus, the first personal authentication key and the common authentication information are transmitted to the customer terminal 100.

The common authentication information refers to information for commonly used for authentication in the payment management server 200, the customer terminal 100, and the affiliated store terminal 300. The first personal authentication key may mean a result value that the customer terminal 100 is valid. The common authentication information and the first personal authentication key may be generated by the payment management server 200.

According to one embodiment of the present invention, if the basic authentication of the customer terminal 100 is successful, the payment management server 200 is the common authentication information and the pre-stored in the cache server (cache server) 400 1 It is determined whether a personal authentication key exists. If the common authentication information and the first personal authentication key exist in the cache server 400, the payment management server 200 receives the common authentication information and the first personal authentication key from the cache server 400. It receives and transmits to the customer terminal 100.

If the common authentication information and the first personal authentication information do not exist in the cache server 400, the payment management server 200 generates the common authentication information and the first personal authentication key. In this case, the generated common authentication information and the first personal authentication key may be stored in the cache server 400. This is to reduce the load of the payment management server 200, and by storing the common authentication information and the first personal authentication key, etc. in the cache server 400, even in the authentication request of the customer terminal 100 You will be able to respond quickly.

Meanwhile, according to an embodiment of the present invention, the common authentication information and the first personal authentication key may also be hash values generated through a hash algorithm. For example, the first personal authentication key may be another hash value generated by adding specific information to the first Mac hash value of the customer terminal 100.

In addition, according to an embodiment of the present invention, the common authentication information may be updated by the updater 250 at predetermined intervals. This is to enhance payment security. Even if the common authentication information is temporarily acquired by another person, the common authentication information may be continuously updated, thereby preventing a problem such as payment information being exposed to a third party.

According to an embodiment of the present invention, the customer terminal 100 receives the common authentication information, the first personal authentication key, and the update information from the payment management server 200. The client terminal 100 generates a second personal authentication key based on the first personal authentication key and the update information (step ③).

The first personal authentication key and the second personal authentication key are updated at the same period according to the update information. That is, the first personal authentication key is generated and updated in the payment management server 200, and the second update authentication key is generated and updated in the customer terminal 100, but may be synchronized.

Therefore, when the customer terminal 100 transmits the updated second update authentication key to the payment management server 200 at a predetermined cycle through communication, the payment management server 200 sends the second personal authentication key to the user. Compared with the first personal authentication key, if it matches, the payment management server 200 transmits the updated common authentication information to the customer terminal (100).

That is, since the first personal authentication key, the second personal authentication key, and the common authentication information are updated at predetermined intervals, security may be further enhanced.

In the case of the merchant terminal 300

On the other hand, the merchant terminal 300 may also require a payment approval request preparation procedure. The merchant terminal 300 also makes an authentication request to the payment management server 200 (step ④). In this case, the affiliated store terminal 300 transmits affiliated store information and affiliated store terminal 300 information to the payment management server 200.

 The payment management server 200 performs validation of the affiliated store and the affiliated store terminal 300 based on the received affiliated store information and the affiliated store terminal 300 information. If the validity authentication for the affiliated store is successful, the payment management server 200 generates an affiliated store authentication key as a result value. That is, the affiliated store authentication key may mean an authentication result value that the affiliated store is valid.

According to an embodiment of the present invention, the payment management server 200 transmits the affiliated store authentication key and the common authentication information to the affiliated store terminal 300 (step ⑤).

In this case, according to an embodiment of the present invention, the search unit 310 of the affiliated store terminal 300 searches for terminals having a MAC address within a specific radius, and common authentication information identical to the received common authentication information. Find the customer terminal 100 having (step ⑥).

According to an embodiment of the present invention, the affiliated store terminal 300 may transmit the common authentication information to the customer terminal 100 (step ⑦). The customer terminal 100 compares common authentication information received from the affiliated store terminal 300 with common authentication information received from the payment management server 200 (step ⑧).

If the common terminal authentication information received by the customer terminal 100 from the payment management server 200 and the common authentication information received by the affiliated store terminal 300 from the payment management server 200 coincide with each other, The client terminal 100 may transmit the second Mac hash value, the second personal authentication key, and the identification tag list entry permission information (identification tag information) to the affiliated store terminal 300 (step ⑨). In this case, the affiliated store terminal 300 may display the identification tag of the customer terminal 100 according to the identification tag information (step ⑩). This is to prevent the MAC address of the customer terminal 100 from being directly exposed and allow the customer to easily identify his terminal.

The customer checks his terminal through the identification tag displayed on the merchant terminal 300.

According to another embodiment of the present invention, the affiliated store terminal 300 may receive the identification tag information from the payment management server 200. Since the affiliated store terminal 300 receives the second MAC hash value from the customer terminal 100, the merchant terminal 300 transmits the second Mac hash value to the payment management server 200 to identify the first MAC hash value. Tag information can be received.

Meanwhile, when the affiliate store is an online affiliate store, the affiliate store terminal 300 searches for the customer terminal 100 and the affiliate store terminal 300 transmits the common authentication information to the customer terminal 100. The step may be omitted.

Hereinafter, a payment method using Mac address information of the customer terminal 100 will be described with reference to FIG. 6. 6 is a flowchart illustrating a payment method using MAC address information related to an embodiment of the present invention.

According to an embodiment of the present invention, when the customer terminal 100 and the affiliated store terminal 300 complete the payment approval request preparation procedure, the affiliated store terminal 300 requests the payment approval to the payment management server 200. Information may be transmitted (S610). The payment approval request information may include common authentication information, merchant authentication key, second Mac hash value, second personal authentication key, and transaction information.

The second Mac hash value and the second personal authentication key are received from the customer terminal 100. The transaction information includes information on a purchased product (product code, date of manufacture, expiration date, product price, manufacturer, color, size, quantity of goods, etc.), information on purchase service (service price, additional value of additional service, service item). , Service provision periods, etc.), information on the purchase date and time, payment method, payment method (whether payment is approved), and merchant information.

According to an embodiment of the present invention, the payment management server 200 authenticates the validity of the affiliated store terminal 300 based on the received affiliated store authentication key (S620). When the validity authentication of the affiliated store terminal 300 is successful, the payment management server 200 extracts a first Mac hash value corresponding to the received second Mac hash value (S630).

If there is no first Mac hash value coincident with the second Mac hash value, the payment method may not be approved because the payment method designation is incorrect or may not be a valid payment method.

According to one embodiment of the present invention, the payment management server 200 is to validate the customer terminal 100 through the received second personal authentication key (S640). When the first personal authentication key that matches the second personal authentication key exists in the cache server 400, the customer terminal 100 may know that the terminal is authenticated as valid, and thus, the customer terminal 100. Payment may be continued as a payment method.

However, according to one embodiment of the present invention, since the first personal authentication key and the second personal authentication key are updated at predetermined intervals, the affiliated store terminal 300 sends a payment approval request to the payment management server 200. When the second personal authentication key and the first personal authentication key to be transmitted may not match. This is because the second personal authentication key is received through the affiliated store terminal 300 after being updated in the customer terminal 100, and thus the first personal authentication key can be renewed again in the meantime.

When the payment management server 200 receives the payment approval request information, the payment management server 200 stops updating the first personal authentication key. When the first personal authentication key and the second personal authentication key do not match, the payment management server 200 may request the merchant terminal 100 to re-request the second personal authentication key. The affiliated store terminal 300 receives the second personal authentication key renewed from the customer terminal 100 and transmits it to the payment management server 200.

According to an embodiment of the present invention, when the merchant terminal 300 and the validation of the validity of the customer terminal 100 is successful, the payment management server 200 is the first MAC matching the second Mac hash value. Payment confirmation data may be transmitted to the customer terminal 100 based on the MAC address information mapped to the hash value (S650).

The payment confirmation data is data that enables the customer to check his / her payment details, and may include purchase information and payment information. For example, as shown in FIG. 7, the customer terminal 100 may provide the customer with information about an affiliate store name, a payment time, a payment amount, a lump sum payment, and the like.

After checking the contents of the payment confirmation data, the customer determines whether or not it matches with his transaction information. If there is a match, the payment confirmation data is approved. The payment management server 200 receives the approval for the payment confirmation data from the customer terminal 100 to perform a payment approval procedure (S670).

When the payment management server 200 completes the payment approval procedure, the payment management server 200 may transmit a payment approval completion result to the affiliated store terminal 300 or the customer terminal 100 (S680). ).

When payment approval is completed, for security purposes, the common authentication information, the first personal authentication key, the second personal authentication key, and the affiliated store authentication key may be discarded.

On the other hand, according to another embodiment of the present invention, the payment management server 200 may receive the payment approval request information from the customer terminal 100. In this case, the customer terminal 100 transmits a second Mac hash value, a second personal authentication key, etc. to the payment management server 200 to request a payment approval. In addition, the customer terminal 100 may receive transaction information and the like from the affiliated store terminal 300 and transmit the received transaction information to the payment management server 200.

The payment management server 200 authenticates the validity of the customer terminal 100 by comparing the received second personal authentication key with the first personal authentication key, and matches the first Mac hash value with the first Mac. It is possible to proceed with payment by extracting the hash value.

According to one embodiment of the present invention, the above-described method can be embodied as computer readable code on a medium on which a program is recorded. The computer readable medium includes all kinds of recording devices in which data that can be read by a computer system is stored. Examples of the computer-readable medium include ROM, RAM, CD-ROM, magnetic tape, floppy disk, optical data storage, and the like, and also implemented in the form of a carrier wave (for example, transmission over the Internet) .

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, It falls within the scope of the invention.

100: Customer terminal
200: payment management server
300: merchant terminal
400: cache server

Claims (14)

If a request for using a customer terminal having a specific MAC address as a payment means is received, the payment management server generating a first Mac hash value based on the MAC address using a hash algorithm;
Storing, by the payment management server, the generated first Mac hash value in a database by mapping the generated first Mac hash value with information of a customer using the customer terminal;
Transmitting, by the payment management server, common authentication information to the customer terminal;
Transmitting, by the payment management server, the common authentication information to the affiliated store terminal when the payment management server receives the authentication request from the affiliated store terminal and authenticates the affiliated store terminal;
Searching for a customer terminal having the common authentication information received from the payment management server by the affiliated store terminal;
Transmitting, by the merchant terminal, the common authentication information received from the payment management server to the searched customer terminal; And
When the common authentication information received by the customer terminal and the common authentication information received by the affiliated store terminal are identical, generating, by the customer terminal, a second Mac hash value based on the MAC address and transmitting the same to the affiliated store terminal;
Transmitting, by the merchant terminal, the second Mac hash value to the payment management server, and receiving identification tag information of the customer terminal mapped with the second Mac hash value from the payment management server;
Displaying, by the merchant terminal, the identification tag information received from the payment management server such that the customer identifies his or her customer terminal;
Receiving, by the payment management server, payment approval request information including the second Mac hash value from the customer terminal;
When the payment approval request information is received, the payment management server determines whether the second Mac hash value and the first Mac hash value match, and authenticates whether the customer terminal can be used as a payment means. step;
If the validity of the customer terminal is authenticated, the payment management server performing a payment approval procedure based on the MAC address information of the customer terminal;
Including, Wherein the second Mac hash value Payment method, characterized in that the customer terminal is generated using the hash algorithm used in the payment management server. The method of claim 1, wherein the payment method
After performing the payment authorization process,
Transmitting, by the payment management server, payment confirmation data to the customer terminal; And
The payment management server further comprises the step of receiving the approval for the payment confirmation data from the customer terminal. The method of claim 1, wherein the validating of the customer terminal comprises:
The payment management server is performed by comparing the first personal authentication key and the second personal authentication key,
The first personal authentication key is generated in the payment management server and updated at predetermined intervals based on the update information.
And the second personal authentication key is generated and updated in the customer terminal based on the first personal authentication key and the renewal information received from the payment management server, and is transmitted to the payment management server. delete delete The method of claim 1, wherein the common authentication information is
The payment method, characterized in that for updating at a predetermined time period in the payment management server. The method of claim 3, wherein
And the first personal authentication key and the common authentication information are stored in a cache server. In the payment system comprising a customer terminal, a merchant terminal and a payment management server,
The payment management server
An issuing unit for generating a first Mac hash value based on the Mac address using a hash algorithm when a request for using the customer terminal having a specific Mac address as a payment means is received;
A database for mapping the generated first Mac hash value with information of a customer using the customer terminal;
A receiving unit which receives payment approval request information including a second MAC hash value generated by the customer terminal based on the MAC address;
Upon receiving an authentication request from the customer terminal or the affiliated store terminal and successfully authenticating the customer terminal or the affiliated store terminal, transmitting common authentication information to the customer terminal or the affiliated store terminal, and requesting the payment approval from the customer terminal. An authentication unit configured to determine whether the second MAC hash value and the first Mac hash value match when the information is received, and to verify the validity of whether the customer terminal can be used as a payment means;
An approval processing unit performing a payment approval procedure based on the MAC address information of the customer terminal when the validity of the customer terminal is authenticated; And
Control unit for controlling the issuing unit, the database, the receiving unit, the authentication unit, and the approval processing unit
Including, The second Mac hash value is generated by the customer terminal using the hash algorithm used in the payment management server,
The merchant terminal
A search unit for searching for a customer terminal having the common authentication information received from the payment management server; And
A transmission unit for transmitting the common authentication information received from the payment management server to the searched customer terminal;
Including;
The customer terminal
When the common authentication information received from the authentication unit of the payment management server and the common authentication information received from the merchant terminal, the second Mac hash value is transmitted to the merchant terminal,
The merchant terminal
A receiver which transmits the second Mac hash value to the payment management server and receives identification tag information of the customer terminal mapped with the second Mac hash value from the payment management server; And
A display unit configured to display the identification tag information received from the payment management server so that the customer identifies his or her customer terminal;
Payment system characterized in that it further comprises. The method of claim 8, wherein the payment system
Further comprising a transmission unit for transmitting the payment confirmation data to the customer terminal,
The receiving unit is a payment system, characterized in that for receiving the approval for the payment confirmation data from the customer terminal. The method of claim 8,
The payment management server is an update unit
Further comprising:
The authentication unit compares the first personal authentication key and the second personal authentication key to authenticate the validity of the customer terminal,
The first personal authentication key is generated by the issuer and updated by the updater at predetermined intervals based on the update information.
And the second personal authentication key is generated and updated in the customer terminal based on the first personal authentication key and the update information received from the payment management server, and is transmitted to the payment management server. delete delete The method of claim 8, wherein the common authentication information is
The payment system, characterized in that for updating at a predetermined time period in the update unit of the payment management server. 11. The method of claim 10,
And the first personal authentication key and the common authentication information are stored in a cache server.
KR1020100102606A 2010-10-20 2010-10-20 Method and system of payment using mac address information KR101327434B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
KR1020100102606A KR101327434B1 (en) 2010-10-20 2010-10-20 Method and system of payment using mac address information
PCT/KR2011/007691 WO2012053780A1 (en) 2010-10-20 2011-10-17 Payment method and payment system using information on the mac address of a customer terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020100102606A KR101327434B1 (en) 2010-10-20 2010-10-20 Method and system of payment using mac address information

Related Child Applications (1)

Application Number Title Priority Date Filing Date
KR1020130087956A Division KR101339864B1 (en) 2013-07-25 2013-07-25 Method and system of payment using mac address information

Publications (2)

Publication Number Publication Date
KR20120041038A KR20120041038A (en) 2012-04-30
KR101327434B1 true KR101327434B1 (en) 2013-11-20

Family

ID=45975420

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020100102606A KR101327434B1 (en) 2010-10-20 2010-10-20 Method and system of payment using mac address information

Country Status (2)

Country Link
KR (1) KR101327434B1 (en)
WO (1) WO2012053780A1 (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101426995B1 (en) * 2012-07-10 2014-08-05 주식회사 케이지이니시스 Method and System for Operating Independent Payment for Various Web Platform
US10223688B2 (en) 2012-09-24 2019-03-05 Samsung Electronics Co., Ltd. Competing mobile payment offers
US9619799B2 (en) 2013-02-06 2017-04-11 Apple Inc. Apparatus and methods for secure element transactions and management of assets
US20140279566A1 (en) * 2013-03-15 2014-09-18 Samsung Electronics Co., Ltd. Secure mobile payment using media binding
FR3003976B1 (en) 2013-03-28 2016-08-26 Cie Ind Et Financiere D'ingenierie Ingenico METHOD FOR DELIVERING A LOCATION ASSERTION
CN106815695B (en) * 2015-11-27 2021-03-26 菜鸟智能物流控股有限公司 Information processing method and device in object transmission
CN105956844B (en) * 2016-03-18 2020-01-21 李明 Payment method and system
FR3081246B1 (en) 2018-05-18 2020-11-06 Ingenico Group PROCESS FOR CARRYING OUT A TRANSACTION, TERMINAL, SERVER AND CORRESPONDING COMPUTER PROGRAM
FR3083356B1 (en) 2018-06-29 2020-09-11 Ingenico Group PROCESS FOR CARRYING OUT A TRANSACTION, TERMINAL, SERVER AND CORRESPONDING COMPUTER PROGRAM
FR3086414B1 (en) 2018-09-25 2021-09-17 Ingenico Group PROCESS FOR PROCESSING A TRANSACTION, DEVICE, SYSTEM AND CORRESPONDING PROGRAM
CN110737644B (en) * 2019-10-12 2023-06-23 招商局金融科技有限公司 Method, device and computer readable storage medium for integrating customer information
KR102209044B1 (en) * 2020-03-12 2021-01-29 주식회사 케이비시스 Cloud system having cloud native database structure

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040033957A (en) * 2002-10-16 2004-04-28 주식회사 케이티 Hacker Protection and Detection Service Through Authentication Method Based On MAC
JP2007158979A (en) * 2005-12-08 2007-06-21 Fujitsu Access Ltd Authentication apparatus and random number generation method
KR20070080055A (en) * 2006-02-06 2007-08-09 (주)유투아이 System for paying a service fee in online and method therefor
KR20100074735A (en) * 2008-12-24 2010-07-02 주식회사 하렉스인포텍 Mobile card payment system and method thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040033957A (en) * 2002-10-16 2004-04-28 주식회사 케이티 Hacker Protection and Detection Service Through Authentication Method Based On MAC
JP2007158979A (en) * 2005-12-08 2007-06-21 Fujitsu Access Ltd Authentication apparatus and random number generation method
KR20070080055A (en) * 2006-02-06 2007-08-09 (주)유투아이 System for paying a service fee in online and method therefor
KR20100074735A (en) * 2008-12-24 2010-07-02 주식회사 하렉스인포텍 Mobile card payment system and method thereof

Also Published As

Publication number Publication date
KR20120041038A (en) 2012-04-30
WO2012053780A1 (en) 2012-04-26

Similar Documents

Publication Publication Date Title
KR101327434B1 (en) Method and system of payment using mac address information
CN105701661B (en) Method, apparatus and system for secure configuration, transmission and verification of payment data
AU2011338230B2 (en) Tokenized contactless payments for mobile devices
CN107251595A (en) User and the safety certification of mobile device
KR20060034228A (en) Customer authentication in e-commerce transactions
KR101557895B1 (en) Payment method based on safety payment code and safe payment agency server for the same method
JP6445211B1 (en) Remittance instruction device, remittance instruction method, remittance instruction program, and remittance instruction system
CN101739624A (en) Trusted payment network system
JP2015122009A (en) Settlement system and settlement method
JP2010218440A (en) Account settlement system, account settlement method, and information processor
US20130166410A1 (en) Payment agency system, user terminal and market server
KR20200056648A (en) Method for mediating card payment using biometric data
US20220215418A1 (en) Decentralized computer systems and methods for loyalty points payments using distributed ledgers
KR100968941B1 (en) Finance trade system using a otp
KR101172871B1 (en) Method and system of secure payment using onetime authentication information
KR101699032B1 (en) Service providing system and method for payment using electronic tag
KR101339864B1 (en) Method and system of payment using mac address information
KR101936417B1 (en) Method for providing a service of electronic gift certificate based on blockchain, and vending machine and server using the same
KR100920175B1 (en) Small-amount settlement system using mobile and method thereof
CN112970234B (en) Account assertion
KR101172872B1 (en) Method and system of secure payment using authentication number
US20210312437A1 (en) Remittance instruction apparatus, remittance instruction method, remittance instruction program, and remittance instruction system
CN112740249A (en) Digital ticketing system and method
KR20190081369A (en) System and method for dealing a digital currency with color code
JP2001236435A (en) System and method for electronic commerce and information processor

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E902 Notification of reason for refusal
E90F Notification of reason for final refusal
A107 Divisional application of patent
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20160922

Year of fee payment: 4

FPAY Annual fee payment

Payment date: 20171027

Year of fee payment: 5

FPAY Annual fee payment

Payment date: 20191031

Year of fee payment: 7