KR101505847B1 - Method for Validating Alliance Application for Payment - Google Patents

Method for Validating Alliance Application for Payment Download PDF

Info

Publication number
KR101505847B1
KR101505847B1 KR20130001511A KR20130001511A KR101505847B1 KR 101505847 B1 KR101505847 B1 KR 101505847B1 KR 20130001511 A KR20130001511 A KR 20130001511A KR 20130001511 A KR20130001511 A KR 20130001511A KR 101505847 B1 KR101505847 B1 KR 101505847B1
Authority
KR
South Korea
Prior art keywords
wireless terminal
payment
affiliate
server
identification
Prior art date
Application number
KR20130001511A
Other languages
Korean (ko)
Other versions
KR20140089733A (en
Inventor
박용호
백성흠
이승국
마영준
김성은
Original Assignee
주식회사 케이지이니시스
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 케이지이니시스 filed Critical 주식회사 케이지이니시스
Priority to KR20130001511A priority Critical patent/KR101505847B1/en
Publication of KR20140089733A publication Critical patent/KR20140089733A/en
Application granted granted Critical
Publication of KR101505847B1 publication Critical patent/KR101505847B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Abstract

The present invention relates to an affiliate application authentication method for a payment processing, wherein an affiliate application authentication method according to the present invention comprises: communicating with an affiliate server managing and operating an application provided in a user's wireless terminal; (N > = 1) financial institution servers capable of issuing the means, the method comprising: one-to-one matching with an affiliate account of a user registered in the affiliate company; A first step of generating a connect token that uniquely identifies the terminal; a first step of generating a connect token, a generated affiliate account of the user registered in the affiliate server, PIN information registered by the user, a mobile phone number of the mobile terminal, And a payment means for identifying the payment means of the user registered in the financial institution. A second step of mapping and storing the key to the affiliate app of the wireless terminal, and when the payment service through the affiliate app of the wireless terminal is started, connecting the end user communication channel with the affiliate app of the wireless terminal based on the message sent to the wireless terminal A fourth step of receiving at least one data set transmitted from the affiliate app via the end-to-end communication channel, a fifth step of identifying an identification number of the wireless terminal included in the received data set, A sixth step of authenticating the validity of the connect token using the identification number included in the data set, and a step of performing a payment processing procedure corresponding to the received data set when the validity of the connect token is authenticated And a seventh step.

Description

{Method for Validating Alliance Application for Payment}

According to the present invention, a payment institution providing a payment service automatically identifies an application and a user of an affiliate company installed in the wireless terminal without having to install a separate payment application in the user's wireless terminal, To provide the designated payment service through the affiliate app.

With the recent activation of smart phones, various payment service models using the smart phone have been proposed. Most of the smartphone-based payment services that have been proposed in the past start from the process of installing a payment application or a financial company to provide a payment service to a user's wireless terminal. Accordingly, Which is inconvenient to install.

Meanwhile, an application that is basically installed in a manufacturer or a communication company of the smartphone is basically installed in the smartphone, in addition to an application provided by a third party institution. The application that is basically installed in such a smartphone has a similar function application And it is causing a strong response of users. In addition, even applications provided by third-party organizations, applications formed by prominent institutions and forming a user layer are preemptive to users' responses than similar applications provided by other third party organizations.

However, in order to provide payment services using smartphone-based applications or applications provided by prominent institutions, it is necessary to overcome a number of technical difficulties. Typically, you have to overcome the security problem, which is the core of payment services. Since all payment services are money coming and going services, the damage is fatal when exposed to hacking. Furthermore, in the case of a payment service that is basically installed in a smart phone or using an affiliate application provided by a prominent institution without using an app provided by the user, it is possible to accurately detect a phone change or a phone number change, However, in the case of using an application managed by an affiliate, it is technically difficult to accurately detect such a change of a phone or change a telephone number and take appropriate measures.

In recent years, smartphone-based payment services have developed payment services and related applications in a payment service provider (for example, a payment service provider (PG) or a communication company) that provides a payment service. In order to use a payment service, I had to install the application.

On the other hand, financial companies providing payment means are at a level that is linked to the settlement service of the settlement institution as described above, and have not developed their own smartphone payment service and related smartphone application.

Korean Patent Laid-Open Publication No. 10-2012-0075507 (2012. 07. 09.) discloses a payment method using a mobile communication number, in which an application is installed in a mobile device, a mobile communication number of the mobile device is linked to a payment means A settlement service is provided without exposing the settlement means by using a matching ID provided by the settlement means.

As described above, a dedicated application has to be installed for a payment service in a conventional smart phone. To solve the problem, a payment service using an application installed in a smart phone or an application provided by a powerful institution It did not exist.

In order to solve the above problems, an object of the present invention is to provide a settlement service using an application of an affiliate company provided in a wireless terminal of a user, wherein a settlement agency matches a partner account of a user registered in the affiliate company one- Generating a connect token for simultaneously identifying a wireless terminal of a user to be used in the payment service, managing payment through the affiliate app, and authenticating the validity of the connect token in a process of communicating with the affiliate app, And to take measures in accordance with the change of the phone number or the telephone number of the affiliate application.

The affiliate app authentication method according to the present invention is a method for communicating with an affiliate server managing and operating an application provided in a user's wireless terminal and communicating with N (N > = 1) financial server servers capable of issuing a payment means to the user A first step of generating a connect token that is one-to-one matched with an affiliate account of a user registered in the affiliate company and uniquely identifies the wireless terminal; An affiliate account of the user registered in the affiliate server, PIN information registered by the user, an identification number including at least one of the mobile terminal number and the terminal serial number of the wireless terminal, and the identification number of the user registered in the financial company A second step of mapping and storing a payment means identification key for identifying a payment means; A third step of connecting an affiliate app of the wireless terminal with an end-to-end communication channel based on a message sent to the wireless terminal when the settlement service is started through the end-to-end communication channel; A fourth step of receiving one or more data sets from the mobile terminal, a fourth step of receiving one or more data sets from the mobile terminal, And a seventh step of performing a payment processing procedure corresponding to the received data set when the validity of the connect token is authenticated.

According to the present invention, in the first step, at least one of the identification number of the wireless terminal, the affiliate account of the user registered in the affiliate company, and the PIN information of the user is substituted into the designated token generation algorithm, Can be generated.

According to the present invention, the affiliate application authentication method comprises: confirming an identification number of a wireless terminal to be used for payment of the order information while receiving order information through a communication network designated for payment service through an affiliate app of the wireless terminal; Generating an order key for the order information and confirming the connect token mapped with the identification number, and providing the order key and the connect token to the affiliate app provided in the wireless terminal through the affiliate server Requesting the sending of the message. The affiliate app authentication method may further include a step of verifying whether the identification number of the identified wireless terminal is a previously registered identification number. Further, the affiliate app authentication method may further include a step of mapping the generated order key, order information, and connect token to each other.

According to the present invention, the message may include a push message for pushing from the affiliate server to the affiliate app of the wireless terminal.

According to the present invention, in the fourth step, the data including the identification number of the wireless terminal through the end-to-end communication channel and the data including the connect token provided to the affiliate app through the message sent to the wireless terminal and the order key And confirming the order information corresponding to the data set and providing the order information to the affiliate app of the wireless terminal through the end-to-end communication channel.

According to the present invention, the fourth step may receive a data set including the identification number of the wireless terminal through the end-to-end communication channel and including information on the payment means selected through the affiliate app, And confirming the payment means identification key corresponding to the selected payment means through the data set and providing it to the affiliate app of the wireless terminal through the end-to-end communication channel.

According to the present invention, the fourth step includes receiving a data set including an identification number of the wireless terminal through the end-to-end communication channel, an order key for a target to be settled, a connect token, and a payment means identification key .

According to the present invention, in the second step, the PIN information registered by the user is mapped to the connect token and stored, and the fourth step includes an identification number of the wireless terminal through the end-to-end communication channel, Receiving the data set including the PIN information input by the user, and authenticating the validity of the received PIN information. The affiliate app authentication method may further include transmitting to the financial company server a terminal serial number of a wireless terminal mapped with the connect token and a payment means identification key when the validity of the PIN information is authenticated, The method comprising the steps of: receiving a dynamically generated payment authentication code and a terminal serial number of the wireless terminal; receiving a message for transmitting the payment authentication code to an affiliate app of a wireless terminal corresponding to the terminal serial number of the wireless terminal through the affiliate server And requesting the dispatch of the dispatcher.

According to the present invention, the fourth step includes receiving a data set including an identification number of the wireless terminal through the end-to-end communication channel and including a payment authentication code and a payment means identification key, Transferring the authentication code and the payment means identification key, and receiving the authentication result of the payment authorization code from the financial company server.

According to the present invention, the seventh step includes: receiving a secure ACS (Access Control Server) value from the financial company server, and when the order information for the payment service is order information corresponding to an online merchant, The method comprising: transmitting an authentication result requesting payment through the online merchant to an affiliate app; receiving payment request information for the order information from the online merchant through the communication network; And requesting the server to settle the order information.

According to the present invention, in the seventh step, the seventh step is a step of receiving a secure-click ACS value from the financial company server, and when order information on the payment service is transmitted to a mobile- And requesting settlement of the order information to the financial company server using the secure-click ACS value if it is the corresponding order information.

According to the present invention, the affiliate app authentication method further comprises: receiving a settlement approval result for the settlement request from the financial company server; providing settlement completion information on the settlement approval result to the merchant providing the order information; Step < / RTI >

According to the present invention, the payment means identification key may be a key that is assigned by the financial company server to the payment means of the user registered in the financial company server from the wireless terminal through a communication channel directly connected between the wireless terminal and the financial company server And may include an identification key.

According to the present invention, the communication channel connected between the wireless terminal and the settlement agency server includes an end-to-end communication channel directly connected between the affiliate app of the wireless terminal and the settlement agency server, And an end-to-end communication channel in which encryption and decryption procedures are performed between the affiliate app and the settlement agency server.

According to the present invention, in providing a payment service through an affiliate app provided in a wireless terminal of a user, the settlement agency automatically detects and identifies the change even if the user arbitrarily changes the device or changes the phone number, There is an advantage in that a safe and convenient settlement service can be provided by automatically identifying and authenticating the affiliate app in the process of payment processing through a designated affiliate app even if the user does not directly install the app in the wireless terminal.

1 is a view showing a configuration of a payment providing system for automatically identifying an affiliate app according to the present invention.
2 is a diagram illustrating a configuration of a settlement agency server according to an embodiment of the present invention.
3 is a diagram illustrating a process of assigning a connect token and an information mapping process according to an embodiment of the present invention.
4 is a diagram illustrating a process of transmitting a payment method using a connect token authentication and a direct web communication channel according to an embodiment of the present invention.
FIG. 5 and FIG. 6 illustrate a settlement process using an affiliate app according to an embodiment of the present invention.
FIG. 7 is a diagram illustrating a payment approval process of an online merchant using an affiliate app according to an embodiment of the present invention.
FIG. 8 is a diagram illustrating a payment approval process of a mobile merchant using an affiliate app according to an embodiment of the present invention.

The operation principle of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention. For example, it is possible that a configuration provided on the server side is implemented on the terminal side, or conversely, a configuration portion provided on the terminal side is implemented on the server side.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

1 is a diagram showing a configuration of a payment providing system for automatically identifying an affiliate application 105 according to the present invention.

In more detail, FIG. 1 illustrates an application of an affiliate company provided in the wireless terminal 100 without having to install a separate payment application in the wireless terminal 100 of the user, The system automatically identifies the users and provides the designated payment service through the identified affiliate application 105. As a person skilled in the art, (E.g., some servers may be omitted, or broken down, or aggregated implementations) for the payment provision system configuration, but the present invention is not limited to any of the above envisioned implementation methods And the technical features thereof are not limited only by the method shown in FIG.

The payment providing system of the present invention includes an affiliate server 120 for managing and operating an app provided in a user's wireless terminal 100, N (N > = 1) financial server servers 130 And a settlement institution server 200 communicating with the affiliate server 120 and the financial company server 130 to provide a settlement service.

The wireless terminal 100 is a generic name of a portable wireless communication device capable of mounting an affiliate app 105 managed and operated by the affiliate company, and preferably includes a smart phone, a mobile phone, a tablet PC, and the like. And may include any type of wireless terminal capable of communication.

The wireless terminal 100 downloads and installs the affiliate app 105 managed and operated by the affiliate through the designated app providing server 110. [ Alternatively, the wireless terminal 100 may be launched with the affiliate app 105 managed and operated by the affiliate company installed, so that the present invention is not limited thereto.

The affiliate server 120 is a server included in the affiliate company that manages and operates the affiliate app 105 shared by the settlement agency server 200 and used for the payment service among the applications installed in the wireless terminal 100 As a general term, the affiliate app 105 provided in the wireless terminal 100 can receive the designated service provided by the affiliate company by connecting the affiliate server 120 with the app-based communication channel 125.

The affiliate application 105 provided in the wireless terminal 100 is provided with a function of receiving a payment service provided through the settlement agency server 200 in addition to the function of providing the designated service provided by the affiliate company .

If a user using the affiliate app 105 provided in the wireless terminal 100 has a user issued by a financial institution affiliated with the settlement agency server 200, The payment service provided by the settlement agency can be provided. To this end, the user goes through the agreement agreement process for receiving the settlement service from the settlement agency through the affiliate app 105, and a contract for the settlement service is established between the user and the settlement agency by agreement agreement . The affiliate application 105 of the wireless terminal 100 requests PIN registration to receive a payment service to a user who agrees with the above terms and transmits the PIN information registered by the user to the affiliate server 120.

The affiliate server 120 is connected to the settlement institution server 200 through a designated communication network and stores PIN information input by a user who has agreed to the terms and PIN information input by a user And transmits the identification number and the affiliate account of the user registered in the affiliate server 120 to the settlement institution server 200 in a shared manner. The identification number of the wireless terminal 100 may include at least one of a mobile number of the wireless terminal 100 and a terminal serial number. For example, if the mobile terminal 100 is a cell phone, smart phone, tablet PC, or the like to which a mobile phone number is assigned, the identification number of the mobile terminal 100 may include a mobile phone number and a terminal serial number. On the other hand, if the mobile terminal 100 is a tablet PC (e.g., a WiFi-dedicated tablet PC, etc.) to which a mobile number is assigned, the identification number of the mobile terminal 100 may include a terminal serial number.

The payment institution server 200 is one-to-one matched with the affiliate account of the user based on the affiliate account of the user shared from the affiliate server 120 and the identification number of the wireless terminal 100, (E.g., the wireless terminal 100) and the logical device (e.g., the affiliate app 105 of the wireless terminal 100), and creates a connect token that uniquely identifies one or more of the user's affiliate account The identification number of the wireless terminal 100 and the determined connect token are mapped and stored in the storage medium 206. [

The affiliate application 105 provided in the wireless terminal 100 configures a data set for registering the payment means of the user to be used in the payment service in the financial company server 130 and transmits the data set to the affiliate server 120. Preferably, the data set includes the identification number of the wireless terminal 100 identified through the affiliate app 105, and may include the financial information of the user who issued the payment means. The affiliate server 120 shares and transmits the data set including the financial company information to the settlement institution server 200.

The settlement institution server 200 authenticates the validity of the connect token through the identification number of the wireless terminal 100 included in the data set, and when the validity of the connect token is authenticated, And controls the user to register the payment means of the user from the affiliate application 105 of the wireless terminal 100 to the financial company server 130 by connecting the direct web communication channel between the affiliate application 105 and the financial company server 130.

If the payment means of the user is registered in the financial company server 130 through the direct web communication channel between the user's wireless terminal 100 and the financial company server 130 and the payment means of the user is received from the financial company server 130 When the payment means identification key for unique identification is transferred, the settlement institution server 200 maps the connect token and the payment means identification key and stores the mapping result in the storage medium 206. [

Then, the settlement institution server 200 receives the order information through the designated communication network and confirms the identification number of the wireless terminal 100 to be used for settlement of the order information. If the order information is order information corresponding to an on-line online merchant point separated from the wireless communication network to which the wireless terminal 100 is connected, the identification number of the wireless terminal 100 is inputted through the wired terminal of the user, Can be received together with the order information. Meanwhile, if the order information is order information corresponding to a mobile merchant on a wireless communication network connected to the wireless terminal 100, the identification number of the wireless terminal 100 may be stored in a browser program or a shopping mall program Or received with the order information, or from the result of reading the protocol for receiving the order information while directly receiving the order information from the wireless terminal 100. [

The settlement institution server 200 can verify whether the identification number of the identified wireless terminal 100 is the previously registered identification number. If the identification number of the wireless terminal 100 is a pre-registered identification number, the settlement institution server 200 generates an order key for the order information and confirms the connect token mapped with the identification number, Requests the server 120 to send a message for providing the order key and the connect token to the affiliate application 105 of the wireless terminal 100. [

The mobile terminal 100 receiving the message activates the affiliate app 105 corresponding to the message (or activates the driven affiliated app 105), and the affiliate app 105 transmits the message corresponding to the message The order key and connect token are provided. Preferably, the affiliate app 105 connects the end-to-end communication channel 222 with the settlement institution server 200 by receiving the message. The end-to-end communication channel 222 connected between the wireless terminal 100 and the settlement agency server 200 is directly connected between the affiliate application 105 of the wireless terminal 100 and the settlement agency server 200 End communication channel 222 through which an encryption and decryption process is performed between the affiliate application 105 and the settlement institution server 200 of the wireless terminal 100 via the end-to-end communication channel 222 and the affiliate server 120, And at least one communication channel among the plurality of communication channels 222.

The affiliate app 105 of the wireless terminal 100 includes the identification number of the wireless terminal 100 to the settlement agency server 200 via the end-to-end communication channel 222 connected to the settlement agency server 200 And transmits the data set including the connect token and the order key to the settlement institution server 200 through the end-to-end communication channel 222 connected to the wireless terminal 100, .

The settlement institution server 200 authenticates the validity of the connect token based on the identification number of the wireless terminal 100 included in the data set and confirms the order key mapped to the connect token included in the data set And confirms the order information corresponding to the confirmed order key to the affiliate app 105 of the wireless terminal 100 through the end-to-end communication channel 222 connected to the wireless terminal 100, Lt; / RTI >

The affiliate application 105 of the wireless terminal 100 selects a payment means for processing payment from the user based on the order information and receives the payment information through the end-to-end communication channel 222 connected to the payment agency server 200 The settlement institution server 200 transmits a data set including the identification number of the wireless terminal 100 and information including information on the payment means to be processed for payment to the settlement agency server 200. The settlement agency server 200 transmits the data set including the identification number of the wireless terminal 100 to the wireless terminal 100 And an end-to-end communication channel 222 associated with the data set.

The settlement institution server 200 authenticates the validity of the connect token based on the identification number of the wireless terminal 100 included in the data set and transmits a payment means identification key corresponding to the selected payment means through the data set And provides the payment means identification key to the affiliate app 105 of the wireless terminal 100 through the end-to-end communication channel 222 connected to the wireless terminal 100.

The affiliate app 105 of the wireless terminal 100 receives the PIN information for receiving a payment service, receives an order key corresponding to an object to be paid including the identification number of the wireless terminal 100, a connect token, A means identification key, and PIN information entered by the user. Preferably, the order key, the connect token, the payment means identification key, and the PIN information may be transmitted via the affiliate server 120 and may be transmitted to the settlement server 200 through the end- 222, < / RTI >

The payment institution server 200 authenticates the validity of the connect token based on the identification number of the wireless terminal 100 included in the data set, and transmits the order key, the connect token, And validating the validity of the received PIN information through the PIN information mapped with the connect token. The validity of the received PIN information is authenticated by the wireless terminal 100 And the payment means identification key to the financial company server 130. According to another embodiment of the present invention, the terminal serial number of the wireless terminal 100 transmitted together with the payment means identification key may be replaced with a mobile phone number or may include a mobile phone number, thereby not limiting the present invention.

The financial institution server 130 receiving the terminal serial number and the payment means identification key of the wireless terminal 100 confirms whether the payment means identification key is mapped with the payment means of the user and registered. The financial company server 130 dynamically generates a payment authentication code for authenticating payment using the payment means of the user and transmits the dynamically generated payment authentication code and the terminal serial number of the wireless terminal 100 to the settlement agency server (200). The dynamically generated payment authorization code may be mapped to the payment means identification key and stored in the storage medium 140.

The settlement institution server 200 transmits a message for providing the settlement authentication code to the affiliate application 105 of the wireless terminal 100 by using the terminal serial number of the wireless terminal 100 to the affiliate server 120 Request shipment. Preferably, the message includes a push message to be pushed from the affiliate server 120 to the affiliate application 105 of the wireless terminal 100. In accordance with the method of operation, a text message via the mobile communication network (E.g., SMS, etc.).

The affiliate application 105 of the wireless terminal 100 transmits a data set including the identification number of the wireless terminal 100 and the payment authentication code confirmed through the message to the end- To the settlement institution server (200). The settlement institution server 200 receives the data set through an end-to-end communication channel 222 connected to the wireless terminal 100. The settlement institution server 200 authenticates the validity of the connect token based on the identification number of the wireless terminal 100 included in the data set, and transmits the payment authorization code and the payment means identification key To the financial company server 130, a payment means identification key received by the affiliate app 105 of the financial institution server 100.

The financial company server 130 confirms the payment authentication code mapped to the payment means identification key, compares the received payment authentication code with the received payment authentication code, authenticates the validity of the payment authentication code, And transmits the authentication result to the payment authentication code. Preferably, when the payment authorization code is authenticated, the financial company server 130 may transmit a secure ACS (Access Control Server) value to the settlement institution server 200.

If the order information is the order information of the online merchant, the settlement institution server 200 transmits the affiliate app 105 of the wireless terminal 100 through the end-to-end communication channel 222 connected to the wireless terminal 100, Transmits an authentication result requesting payment through the online merchant and requests payment through the online merchant by receiving the authentication result from the affiliate app 105 of the wireless terminal 100. [ The settlement institution server 200 receives settlement request information for the order information from the online merchant through a communication network and requests settlement of the order information to the financial company server 130 using the trustworthiness ACS value do.

On the other hand, if the order information is order information of a mobile merchant, the settlement institution server 200 requests settlement of the order information to the financial company server 130 using the assurance click ACS value.

In response to the settlement request using the secure-click ACS value, the financial company server 130 performs a payment approval procedure using the registered user's payment means, generates a payment approval result for the registered user, ).

The settlement institution server 200 receives the settlement approval result for the settlement request from the financial company server 130 and transmits the settlement approval result to the merchant shop 105 or the affiliate app 105 of the wireless terminal 100 (Or affiliate application 105) receives the payment completion information, and outputs the payment completion information to the user.

According to the method of the present invention, the process of authenticating the validity of the connect token based on the identification number of the wireless terminal 100 included in the data set may be performed only once during the process of receiving the data set, In this case, it is made clear that the identification number of the wireless terminal 100 may be omitted in a data set that does not authenticate the validity of the connect token.

FIG. 2 is a diagram illustrating a configuration of a settlement institution server 200 according to an embodiment of the present invention.

2 shows N (N > = 1) financial service servers 130 capable of communicating with an affiliate server 120 managing and operating an application of a user's wireless terminal 100 and issuing payment means to the user 2 is a block diagram illustrating a preferred configuration of a settlement institution server 200 that communicates with the settlement organization server 200 according to an exemplary embodiment of the present invention. It is to be understood that the invention may be embodied in many different ways (e.g., some of the components may be omitted, or subdivided, or combined) The technical features thereof are not limited only by the method of implementation.

Referring to FIG. 2, the settlement institution server 200 includes a connect token generation unit (not shown) for generating a connect token that uniquely identifies the wireless terminal 100 while being matched one-to-one with an affiliate account of a user registered in the affiliated company 202, a generated connection token, an affiliate account of a user registered in the affiliate company, PIN information registered by the user, an identification number for uniquely identifying the wireless terminal 100, and a payment means of a user registered in the financial company And a mapping storage unit 204 for mapping and storing a payment means identification key for identification.

An affiliate application 105 managed and operated by the affiliate company is provided to the wireless terminal 100 through the application providing server 110 and when the affiliate application 105 is executed in the wireless terminal 100, The user joins the affiliate server 120 by registering through the affiliate application 105 and registers the affiliate account for the user in the affiliate server 120. [

A user using the affiliate app 105 while owning the wireless terminal 100 owns a payment means issued by an nth (1? N? N) financial company among N financial companies linked to the settlement institution server 200 In this case, the user can subscribe to the payment service according to the present invention through agreement with the affiliate application 105.

The affiliate application 105 of the wireless terminal 100 displays a PIN (Personal Identification Number) registration interface for the payment service based on the application for subscription to the payment service from the user, and the user inputs PIN information to be used for the payment service do. Here, the PIN information is a password or an authentication key for performing authentication for receiving a payment service, and does not authenticate a payment approval or settlement itself.

The affiliate application 105 of the wireless terminal 100 connects the affiliate server 120 and the app-based communication channel 125 through at least one data network connected to the wireless terminal 100.

The affiliate app 105 of the wireless terminal 100 transmits the PIN information input from the user through the PIN registration interface to the affiliate server 120 through the app based communication channel 125. [ Preferably, the affiliate application 105 transmits an identification number assigned to or stored in the wireless terminal 100 to the affiliate server 120 at a predetermined time before, during, or after the transmission of the PIN information.

The affiliate server 120 transmits the identification number and PIN information of the wireless terminal 100 received from the affiliate app 105 of the wireless terminal 100 to the settlement institution server 200, The payment server 204 receives the identification number and the PIN information from the affiliate server 120 so that the payment agency server 200 can use the affiliate application 105 of the wireless terminal 100 for the payment service do. The mapping storage unit 204 may perform an overlap check on the received identification number by comparing the received identification number with a previously stored identification number in a designated storage medium 206. [ Preferably, only when the uniqueness of the identification number received from the affiliate server 120 is secured through redundancy checking of the identification number, the affiliate app 105 of the user's wireless terminal 100 corresponding to the identification number, Can be provided.

That is, the user can change the mobile phone number or the mobile phone number at any time according to his or her will or need. Alternatively, the user may add a second wireless terminal 100 to which a connect token is to be assigned to one affiliate account according to the number of wireless terminals 100 owned by him (in this case, one connect token is an affiliate One to one match with an account, but an affiliate account can be matched with a one-to-many relationship with a connect token). In this case, an affiliate that manages and operates the affiliate application 105 immediately detects the affiliate application 105 mounted on the wireless terminal 100 even if the wireless terminal 100 is replaced / added or the mobile phone number is changed And if only the user using the affiliate app 105 is authenticated, the user's affiliate account can be reused without having to change it. On the other hand, since the settlement institution server 200 does not directly manage and operate the affiliate application 105, it can not directly detect the change / addition of the mobile terminal 100 or the change of the mobile phone number. Such a detection failure or delay may provide a settlement service to a user who has not actually used the settlement service, so that a user who has not paid settlement may be charged or hacked. In order to prevent this, the mapping storage unit 204 performs redundancy checking to ensure uniqueness of the identification number.

The affiliate server 120 transmits the affiliate account of the user registered in the affiliate server 120 at a predetermined time point before, during, or after the transfer of at least one of the identification number and the PIN information to the settlement institution server 200 The mapping storage unit 204 receives the affiliate account of the user who uses the affiliate application 105 from the affiliate server 120, The server 200 can provide a payment service to the user using the affiliate app 105. [

The affiliate account of the user is used to identify a user who provides a designated service through the affiliate application 105 in the affiliate server 120. The connect token generation unit 202 may receive the service through the affiliate server 120 A unique user who is one-to-one matched with the affiliate account and provides the payment service to the user via the affiliate app 105 managed and operated, and identifies the specific user who applied for the payment service among the users using the affiliate application 105 And generates a connect token that uniquely identifies the wireless terminal 100 to be used in the payment service.

That is, as described above, the user can change the mobile phone number or the mobile phone number at any time according to his or her will or need. Alternatively, the user may add a second wireless terminal 100 to which a connect token is to be assigned to one affiliate account according to the number of wireless terminals 100 owned by the user. In this case, an affiliate that manages and operates the affiliate application 105 immediately detects the affiliate application 105 mounted on the wireless terminal 100 even if the wireless terminal 100 is replaced / added or the mobile phone number is changed And if only the user using the affiliate app 105 is authenticated, the user's affiliate account can be reused without having to change it. On the other hand, since the settlement institution server 200 does not directly manage and operate the affiliate application 105, it can not directly detect the change / addition of the mobile terminal 100 or the change of the mobile phone number. Such a detection failure or delay may provide a settlement service to a user who has not actually used the settlement service, so that a user who has not paid settlement may be charged or hacked. In order to prevent this, the connect token generating unit 202 generates a connect token that uniquely identifies the wireless terminal 100 to be used in the payment service, one-to-one with the affiliate account of the user registered in the affiliate server 120 .

The connect token generating unit 202 may verify that the generated connect token is a unique connect token stored in the storage medium 206 by performing an overlap check on the generated connect token . If the uniqueness of the connect token is not verified, the connect token generating unit 202 can regenerate a unique connect token that is not overlapped with another connect token.

The mapping storage unit 204 maps the generated connect token to the user's affiliate account and stores the mapped affiliate account in a designated storage medium 206. The mapping storage unit 204 may map the identification number together with the connect token, and store the mapping information. In addition, the mapping storage unit 204 may map and store the connect token and the PIN information of the user. The PIN information may be mapped to the connect token and may be stored in a separate storage medium (e.g., HSM) Lt; / RTI >

According to an embodiment of the present invention, the mapping storage unit 204 can transfer the connect token to the affiliate server 120. In this case, the affiliate server 120 associates the connect token with the user's affiliate account Can be stored and mapped.

The affiliate app 105 of the wireless terminal 100 displays a menu for requesting registration of a payment means to use a payment service. When the menu is selected, one or more designated And a financial company selection interface for selecting at least one financial company among the financial companies. The financial company preferably includes all payment means issuing organizations capable of issuing payment means to a user including card companies, banks, and the like. The payment means may include at least one of a credit card payment means, a check card payment means, a debit card payment means, a cash card payment means, a financial account payment means, an electronic passbook payment means, a prepaid card payment means, . ≪ / RTI >

When the financial company corresponding to the payment means of the user is selected through the financial company selection interface, the affiliate application 105 transmits the payment request to the affiliate server 120 through the application-based communication channel 125 connected to the affiliate server 120 The financial institution information may be transmitted, and the identification number of the wireless terminal 100 may be transmitted along with the financial information. The affiliate server 120 transmits the financial transaction information and the identification number received from the affiliate application 105 to the settlement institution server 200. The mapping storage unit 204 receives the financial transaction information and the identification number from the affiliate company server 120, Information and an identification number.

According to the present invention, not only does the affiliate server 120 and the settlement institution server 200 store any information directly related to the user's payment means, but also, in the registration and payment process of the user's payment means, It is preferable that even an opportunity to access the payment means of the user is blocked. In other words, the payment means information of the user is not transmitted via the affiliate server 120 or the settlement institution server 200, even though the payment means information is encrypted and transmitted so as to block access thereto. To this end, the payment means of the user is directly transferred from the wireless terminal 100 to the financial company server 130 through a separate direct web communication channel formed between the user's wireless terminal 100 and the financial company server 130 The settlement institution server 200 controls the direct web communication channel between the wireless terminal 100 and the financial company server 130 to be connected.

When the financial institution information for the user's payment means is received, the mapping storage unit 204 confirms the n-th financial server 130 corresponding to the financial company information, And controls the direct web communication channel for registering the payment means of the user directly from the wireless terminal 100 to the financial company server 130 to be connected while transferring the generated connect token. Preferably, the direct web communication channel between the wireless terminal 100 and the financial institution server 130 does not pass through the affiliate server 120 or the settlement agency server 200. The direct web communication channel is connected using a payment means registration address value (for example, a URL address of the financial company server 130) of the financial company server 130.

The affiliate app 105 of the wireless terminal 100 may include at least one payment method number (e.g., card number, account number, etc.), validity period, CVC / CVV, payment method password And transmits it to the financial company server 130 through a direct web communication channel connected to the financial company server 130. The financial institution server 130 receives the payment method information and user information (e.g., the user's name, resident registration number,

The financial company server 130 receives user's payment means information and user information from the wireless terminal 100 through the direct web communication channel. If the connect token is stored in the wireless terminal 100 according to an embodiment of the present invention, the financial company server 130 may receive the connect token from the wireless terminal 100. The financial company server 130 performs the validation procedure of the settlement means using the received user information and the settlement means information. Here, the validation procedure of the payment means includes a procedure for verifying whether payment means corresponding to the payment means information is issued to the user corresponding to the user information in the ledger of the financial institution.

Meanwhile, the financial company server 130 can receive the communication company information and the mobile phone number for the wireless terminal 100 input by the user from the wireless terminal 100 through the direct web communication channel. At this time, it is preferable that the communication company information and the mobile phone number correspond to the mobile phone number assigned to the mobile terminal 100 connected to the financial company server 130 and the direct web communication channel, 100, if the mobile phone number is not allocated to the second wireless terminal 100, the communication company information and the mobile phone number are associated with the second wireless terminal 100 owned by the user having the wireless terminal 100 to which the direct web communication channel is connected And a mobile phone number.

If the wireless terminal 100 to which the direct web communication channel is connected is the wireless terminal 100 to which the mobile number is assigned, the financial server 130 reads the protocol of the direct web communication channel and transmits the protocol to the wireless terminal 100 And can identify the carrier information and the mobile phone number. At this time, the communication company information and the mobile phone number correspond to the mobile phone number assigned to the mobile terminal 100 to which the direct web communication channel is connected, or the mobile phone number of the mobile terminal 100 owned by the user The present invention can correspond to the mobile phone number assigned to the second wireless terminal 100, and thus the present invention is not limited thereto.

Alternatively, the financial company server 130 may receive the communication company information and the mobile phone number for the wireless terminal 100 together with the connect token during the payment method registration control process of the settlement institution server 200. When the communication company information and the mobile phone number for the wireless terminal 100 are confirmed, the financial company server 130 performs the user authentication for the wireless terminal 100 using the user information, the communication company information, and the mobile phone number. Preferably, the financial company server 130 provides the user information and the mobile phone number to the communication company server corresponding to the communication company information, thereby allowing the user to register with the communication company as a subscriber of the mobile terminal 100 corresponding to the mobile phone number .

When the validation of the payment method is verified and the user authentication is performed for the wireless terminal 100, the financial company server 130 transmits an SMS authentication request to the wireless terminal 100 corresponding to the mobile phone number through the communication company server corresponding to the communication company information Authenticates the user occupied state of the wireless terminal 100 by receiving the authentication number through a direct web communication channel connected to the wireless terminal 100 and performing comparison and authentication, Authenticate that it is valid.

If the wireless terminal 100 to which the direct web communication channel is connected and the wireless terminal 100 to which the SMS authentication number is transmitted are the same, the SMS authentication number is received through the direct web communication channel. On the other hand, when the wireless terminal 100 to which the direct web communication channel is connected differs from the wireless terminal 100 to which the SMS authentication number is sent, the SMS authentication number is transmitted to the second wireless terminal 100 The first wireless communication channel is input to the wireless terminal 100 to which the direct web communication channel is connected and is received through the direct web communication channel or the second wireless communication channel The present invention is not limited to this, and can be received by connecting a separate communication channel to the terminal 100. FIG.

When the one or more authentication procedures specified in the authentication procedure are completed, the financial company server 130 stores the payment means information of the user in the designated storage medium 140, and at the same time, And stores it in mapping with the payment means information. Preferably, the payment means information or the payment means identification key may be mapped to the connect token provided from the settlement institution server 200 and stored in the storage medium 140.

The financial company server 130 provides the payment means identification key mapped with the payment means information and the corresponding connect token to the settlement institution server 200. The mapping storage unit 204 stores the mapping means identification key, And the mapping storage unit 204 stores the payment means identification key and the connect token received from the financial company server 130 as the payment means identification key and the connect token, And stores it in the storage medium 206 so that the payment means of the user can be identified through the payment means identification key.

Referring to FIG. 2, the settlement institution server 200 receives an order information through a designated communication network and receives an order information receiving unit 208 for confirming an identification number of the wireless terminal 100 to be used for settlement of the order information And an identification number verifying unit 210 for verifying whether the identification number of the identified wireless terminal 100 is a previously registered identification number.

The order information receiving unit 208 receives order information through a designated communication network. Preferably, the order information receiving unit 208 can receive the order information of the user from the online merchant connected to the wired terminal used by the user. Or, the order information receiving unit 208 may receive the order information of the user from the mobile merchant connected through the browser program or the shopping mall program provided in the wireless terminal 100 of the user.

The order information receiving unit 208 receives the order information and confirms the identification number of the wireless terminal 100 to be used for payment corresponding to the order information. The identification number of the wireless terminal 100 may be received from the user during the ordering process of the user and received together with the order information or may receive the order information in the process of receiving the order information from the wireless terminal 100 The identification number of the wireless terminal 100 can be confirmed by reading the protocol.

When the identification number of the wireless terminal 100 is confirmed, the identification number verification unit 210 identifies the identification number of the wireless terminal 100 to the storage medium 206 by the mapping storage unit 204 Verify that it is a stored identification number. If the identification number of the wireless terminal 100 is a pre-registered identification number, a payment procedure for the order information can be performed. Otherwise, the connect token generation process and the mapping token allocation process After the information mapping process is performed through the storage unit 204, the payment process for the order information can be performed.

Referring to FIG. 2, the settlement institution server 200 includes an order key generation unit 212 for generating an ordering key for the order information, a connect token mapped to the identification number of the wireless terminal 100, And an order information storage unit 214 for mapping the order information and the order key to store them.

If the identification number of the wireless terminal 100 is a pre-registered identification number, the order key generating unit 212 generates a unique order key that is not duplicated with the received order information. Preferably, the order key generating unit 212 assigns at least one of information constituting the received order information and information constituting the identification number of the wireless terminal 100 to a designated key generation algorithm, Key, and may be generated by using additional information in addition to the received information according to an implementation method. Preferably, the key generation algorithm may include a hash algorithm to generate a hash code of a specified number of digits. On the other hand, the order key may be generated by a random number generation method or may be assigned according to a designated key selection method, and thus the present invention is not limited thereto.

The order information storage unit 214 identifies the connect token mapped to the identification number of the wireless terminal 100, maps the order information to the order key and the connect token, and stores it in the designated order management D / B 216 do. According to an embodiment of the present invention, the storage medium 206 and the order management D / B 216 may be integrated into one database, thereby not limiting the present invention.

Referring to FIG. 2, the settlement institution server 200 requests the affiliate server 120 to send a message for providing the order key and the connect token to the affiliate app 105 of the wireless terminal 100 A communication channel connection unit 220 for connecting an end-to-end communication channel 222 with an affiliate application 105 of the wireless terminal 100 that has received the message, An information request receiving unit 224 for receiving the data set including the identification number of the wireless terminal 100 from the affiliate application 105 of the wireless terminal 100 through the wireless terminal 100 and including a connect token and an order key, A connect token authentication unit for authenticating the validity of the connect token using the identification number included in the data set and the identification number of the mobile terminal 100 identified by the affiliate app 105 and included in the data set, (226).

The message sending processor 218 provides the order key and the connect token to the affiliate server 120 and sends a message for providing the order key and the connect token to the affiliate app 105 of the wireless terminal 100 Lt; / RTI > The affiliate server 120 sends the message to the wireless terminal 100 according to a designated message exchange protocol. Preferably, the affiliate server 120 provides the order key and the connect token to the affiliate app 105 of the wireless terminal 100 using a push message protocol (e.g., APNS of Apple Inc., C2DM of Google) The push message can be pushed.

The mobile terminal 100 receiving the message activates the affiliate app 105 corresponding to the message (or activates the driven affiliated app 105), and the affiliate app 105 transmits the message corresponding to the message The order key and connect token are provided. Preferably, the affiliate application 105 attempts the end-to-end communication channel 222 corresponding to the end-to-end communication with the settlement institution server 200 by receiving the message. The communication channel connection unit 220, And connects the wireless terminal 100 and the end-to-end communication channel 222. The end-to-end communication channel 222 connected between the wireless terminal 100 and the settlement agency server 200 is directly connected between the affiliate application 105 of the wireless terminal 100 and the settlement agency server 200 End communication channel 222 through which an encryption and decryption process is performed between the affiliate application 105 and the settlement institution server 200 of the wireless terminal 100 via the end-to-end communication channel 222 and the affiliate server 120, And at least one communication channel among the plurality of communication channels 222. Of course, the end-to-end communication channel 222 directly connected between the affiliate application 105 of the wireless terminal 100 and the settlement agency server 200 may also be connected to the affiliate application 105 of the wireless terminal 100 and the settlement agency server 200 are performed by the encryption and decryption process. Also, even in the case of the end-to-end communication channel 222 via the affiliate server 120, even if the affiliate server can not access various information (or data) transmitted and received via the end-to-end communication channel 222, It is possible to record a trace thereof on the affiliate server 120 in accordance with the information.

The affiliate application 105 of the wireless terminal 100 includes the identification number of the wireless terminal 100 through the end-to-end communication channel 222 connected to the settlement agency server 200 and includes a connect token and an order key The information request receiving unit 224 receives the data set from the affiliate app 105 through the end-to-end communication channel 222 connected to the wireless terminal 100. [

The connect token authentication unit 226 confirms whether the identification number of the wireless terminal 100 confirmed through the affiliate app 105 is included in the received data set and the wireless terminal 100 included in the data set ) Is extracted. If the identification number of the wireless terminal 100 included in the data set is confirmed, the connect token authentication unit 226 authenticates the validity of the connect token using the identification number included in the data set.

According to an embodiment of the present invention, the connect token authentication unit 226 replaces at least one of identification numbers stored in the storage medium 206 with an identification number included in the data set, and the connect token generation unit 202 May generate the connect token through the same procedure as the procedure for creating the connect token and then authenticate the validity of the connect token by authenticating the stored connect token. (For example, a user's affiliate account, etc.) from the affiliate server 120 in order to authenticate the connect token.

If the validity of the connect token is not authenticated, the connect token authenticating unit 226 generates an error for the connect token and performs a procedure for re-creating the connect token.

According to an embodiment of the present invention, the connect token authentication unit 226 may associate information stored in the storage medium 206 with an ID number of the wireless terminal 100 identified through the data set, And generates a connect token that uniquely identifies the wireless terminal (100), and the connect token storage unit stores the generated connect token, the user's affiliate account, and the data set And may store the identification number in the storage medium 206. FIG.

According to another embodiment of the present invention, the connect token authentication unit 226 performs a procedure for the application sharing receiver, the identification number verification unit 210 and the connect token generation unit 202 to re-generate the connect token And the connect token storage unit may store the created connect token, the user's affiliate account, and the identification number identified through the data set in the storage medium 206.

Referring to FIG. 2, the settlement institution server 200 includes an order information confirmation unit 228 for confirming order information corresponding to the connect token and an order key, an end-to-end communication channel (230) for providing the confirmed order information to the affiliate app (105) of the wireless terminal (100) through the order information providing unit (222).

The order information confirmation unit 228 confirms the order information corresponding to the received connect token and the order key. The order information providing unit 230 provides the confirmed order information to the affiliate app 105 of the wireless terminal 100 through the end-to-end communication channel 222 connected to the wireless terminal 100. [

Referring to FIG. 2, the settlement institution server 200 receives a connection request from the affiliate app 105 of the wireless terminal 100 through the end-to-end communication channel 222 connected to the wireless terminal 100, A payment means selection confirmation unit 232 for receiving a data set including identification numbers of the payment means and information for selecting a payment means to process payment, And a payment means identification unit 234 provided to the affiliate application 105 of the wireless terminal 100 through an end-to-end communication channel 222 connected to the terminal 100. The connect token authentication unit 226 The identification number of the wireless terminal 100 included in the data set can be confirmed and the validity of the connect token can be authenticated using the identification number included in the data set.

After displaying the received order information, the affiliate app 105 of the wireless terminal 100 selects a payment means for processing a payment from a user and receives an end-to-end communication channel 222 connected to the settlement agency server 200, And transmits the information including the identification number of the wireless terminal 100 selected by the settlement agency server 200 to the settlement institution server 200 through the payment unit selection confirmation unit 232, And receives the data set from the affiliate app 105 of the wireless terminal 100 through the end-to-end communication channel 222 connected to the wireless terminal 100.

The connect token authentication unit 226 confirms the identification number of the wireless terminal 100 included in the data set, authenticates the validity of the connect token using the identification number included in the data set, The subscriber unit 234 confirms the payment means identification key corresponding to the selected payment means and transmits the identification information to the affiliate app 105 of the wireless terminal 100 via the end-to-end communication channel 222 connected to the wireless terminal 100 And provides the payment means identification key.

2, the settlement institution server 200 includes an identification number of the wireless terminal 100 from the affiliate application 105 of the wireless terminal 100, an order key for an object to be paid, A settlement authentication request receiving unit 236 for receiving a data set including a payment means identification key and PIN information input by the user, a validity determination unit 236 for determining the validity of the received PIN information through the PIN information mapped with the received connect token, A PIN authentication processing unit 238 for authenticating the PIN of the mobile terminal 100 and a terminal serial number of the wireless terminal 100 mapped with the connect token when the validity of the received PIN information is authenticated, The connection token authentication unit 226 confirms the identification number of the wireless terminal 100 included in the data set and uses the identification number included in the data set remind The validity of the connect token can be verified.

The affiliate application 105 of the wireless terminal 100 receives PIN information for receiving a payment service using a payment means mapped with a payment means identification key and receives PIN information for providing a payment service through the mapped payment means, An order key, a connect token, a payment means identification key, and PIN information input by the user. Preferably, the order key, the connect token, the payment means identification key, and the PIN information may be transmitted via the affiliate server 120 and may be transmitted to the settlement server 200 through the end- 222, < / RTI >

The payment authentication request receiving unit 236 receives the order key, the connect token, the payment means identification key, and the PIN information. Preferably, the payment authentication request receiving unit 236 may receive the order key, the connect token, the payment means identification key, and the PIN information via the affiliate server 120, Through an end-to-end communication channel 222 coupled to the end-to-end communication channel.

The PIN authentication processing unit 238 confirms the PIN information mapped with the received connect token and compares the PIN information with the received PIN information to authenticate the validity of the PIN information. If the validity of the received PIN information is authenticated, the payment authentication request unit 240 transmits the terminal serial number of the wireless terminal 100 and the payment means identification key mapped to the connect token to the financial company server 130 ).

Referring to FIG. 2, the settlement institution server 200 includes an authentication code checking unit 242 for receiving a payment authentication code dynamically generated from the financial company server 130 and a terminal serial number of the wireless terminal 100, A message sending processing unit for sending a message for sending the payment authentication code to the affiliate application 105 of the wireless terminal 100 corresponding to the terminal serial number of the wireless terminal 100 through the affiliate server 120, (218).

The financial institution server 130 receiving the terminal serial number and the payment means identification key of the wireless terminal 100 confirms whether the payment means identification key is mapped with the payment means of the user and registered. The financial company server 130 dynamically generates a payment authentication code for authenticating payment using the payment means of the user and transmits the dynamically generated payment authentication code and the terminal serial number of the wireless terminal 100 to the settlement agency server And the dynamically generated payment authentication code may be mapped to the payment means identification key and stored in the storage medium 140. [

The authentication code confirmation unit 242 receives the payment authentication code dynamically generated from the financial company server 130 and the terminal serial number of the wireless terminal 100. The message transmission processing unit 218 transmits the settlement authentication code and the terminal serial number of the wireless terminal 100 to the affiliate app 105 of the wireless terminal 100 corresponding to the terminal serial number of the wireless terminal 100, To request the sending of a message to provide the payment authentication code. The affiliate server 120 sends the message to the wireless terminal 100 according to a designated message exchange protocol. Preferably, the affiliate server 120 provides the order key and the connect token to the affiliate app 105 of the wireless terminal 100 using a push message protocol (e.g., APNS of Apple Inc., C2DM of Google) The push message can be pushed.

Referring to FIG. 2, the settlement institution server 200 receives a connection request from the affiliate app 105 of the wireless terminal 100 through the end-to-end communication channel 222 connected to the wireless terminal 100, ) For receiving the settlement authentication code and the settlement unit identification key from the financial institution server 130, a code authentication request unit 244 for receiving the settlement authentication code and the settlement unit identification key, And an authentication result receiving unit 248 for receiving the authentication result of the payment authentication code from the financial company server 130. The connect token authentication unit 226 may be configured to transmit the authentication result to the wireless terminal 100) and authenticate the validity of the connect token using the identification number included in the data set.

The affiliate application 105 of the wireless terminal 100 includes the identification number of the wireless terminal 100 through the end-to-end communication channel 222 connected to the settlement agency server 200, And transmits the data set including the authentication code to the settlement institution server 200. The authentication code receiving unit 244 receives the data set through an end-to-end communication channel 222 connected to the wireless terminal 100.

The connect token authentication unit 226 confirms the identification number of the wireless terminal 100 included in the data set and verifies the validity of the connect token using the identification number included in the data set, The payment unit identification key or the affiliate application 105 of the wireless terminal 100 mapped with the terminal serial number of the wireless terminal 100 to which the message is sent, ) To the financial company server 130. The financial institution server 130 receives the payment key from the financial institution server 130,

The financial company server 130 confirms the payment authentication code mapped to the payment means identification key, compares the received payment authentication code with the received payment authentication code, authenticates the validity of the payment authentication code, And transmits the authentication result to the payment authentication code. Preferably, when the payment authorization code is authenticated, the financial company server 130 may transmit a secure ACS (Access Control Server) value to the settlement institution server 200.

The authentication result receiving unit 248 receives the authentication result for the payment authorization code from the financial company server 130 and receives the secure payment ACS value together with the authentication result when the payment authorization code is authenticated have.

2, when the order information is order information corresponding to an online merchant, the settlement institution server 200 transmits the order information to the wireless terminal 100 through an end-to-end communication channel 222 connected to the wireless terminal 100 An authentication result transmitting unit 250 for transmitting an authentication result for requesting settlement through the online merchant to the affiliate app 105 of the online merchant 100, And a payment request processing unit 254 for requesting the financial company server 130 to settle the order information using the secure-click ACS value.

According to an embodiment of the present invention, when the order information is order information corresponding to an online merchant, the authentication result transmission unit 250 transmits the authentication information to the wireless terminal 100 through the end- And sends an authentication result for requesting settlement through the online merchant to the affiliate app 105 of the terminal 100. [ The server of the online merchant transmits settlement request information for the order information from the online merchant through a communication network at the request of the user. The settlement request receiver 252 receives a settlement request for the order information from the online merchant Information is received. When the settlement request information is received, the settlement request processing unit 254 can request settlement of the order information to the financial company server 130 using the assured ACS value.

Referring to FIG. 2, when the order information is order information corresponding to an online merchant, the settlement institution server 200 transmits the order information to the financial company server 130 using the trustworthiness ACS value And a payment request processing unit 254 for requesting a payment request.

According to one embodiment of the present invention, when the order information is order information corresponding to an online merchant, the payment request processing unit 254 transmits the order information to the financial company server 130 using the secure- You can request a payment.

Referring to FIG. 2, the settlement institution server 200 receives a settlement approval result for the settlement request from the financial company server 130, and transmits the settlement approval result to the merchant (or the wireless terminal 100) And an approval result processing unit 256 for providing settlement completion information on the payment approval result to the affiliate application 105).

When payment is requested using the secure-click ACS value, the financial company server 130 performs a payment approval procedure using the registered user's payment means, generates a payment approval result for the registered user, ).

The approval result processing unit 256 receives a payment approval result for the payment request from the financial company server 130 and the approval result processing unit 256 transmits the approval information to the merchant (or the wireless terminal 100) The affiliate application 105 provides the payment completion information for the payment approval result, and the merchant (or the affiliate application 105) receives the payment completion information and outputs the payment completion information to the user.

FIG. 3 is a diagram illustrating a process of assigning a connect token and an information mapping process according to an embodiment of the present invention.

FIG. 3 is a block diagram illustrating an exemplary embodiment of the present invention. Referring to FIG. 3, an affiliate application 105 is shared for a payment service using an affiliate application 105. The affiliate application 105 is a one- 3 is a flowchart illustrating a process of assigning a connect token to the connect token according to an exemplary embodiment of the present invention. Referring to FIG. 3, (For example, an operation method in which some steps are omitted or the order is changed). However, the present invention includes all of the above-described embodiments, and the technical features Is not limited.

Referring to FIG. 3, an affiliate app 105 is operated in a wireless terminal 100 to perform a membership process for a user with an affiliate server 120 (300), and the affiliate server 120 transmits the user And registers the affiliate account for the user (305). The affiliate server 120 provides the designated service to be provided through the affiliate application 105 through the affiliate server 120 based on the function provided in the affiliate application 105 of the wireless terminal 100 And provides the service designated by the affiliate application 105 in response to the request of the affiliate application 105 (315).

If the user agrees to the terms for the payment service through the affiliate application 105, the affiliate application 105 displays the PIN registration interface and receives PIN information from the user (320) And the identification number of the wireless terminal 100 to the affiliate server 120 through the app-based communication channel 125 (325).

The affiliate server 120 receives the PIN information and the identification number of the user from the affiliate application 105 of the wireless terminal 100 through the application based communication channel 125 and transmits the PIN information and the identification number to the affiliate server 120, And then transmits the PIN information and the identification number of the user's affiliate account to the settlement institution server 200 (335).

The settlement institution server 200 receives the user's affiliate account, the PIN information and the identification number from the affiliate server 120 (340), and confirms the uniqueness of the identification number through the duplication check on the identification number (345).

If the uniqueness of the identification number is confirmed, the settlement institution server 200 generates a connect token that uniquely identifies the user's wireless terminal 100 while matching with the user's affiliate account one-to-one, . That is, since the connect token is one-to-one matched with the affiliate account and uniquely identifies the wireless terminal 100 of the user, even if the affiliate account registered in the affiliate server 120 is not changed, If it is detected that the mobile phone 100 or cell phone number is replaced or changed, the connect token is preferably regenerated accordingly.

The settlement institution server 200 maps the PIN information of the user, the affiliate account, the identification number of the wireless terminal 100, and the generated connect token to the stored storage medium 206 (355).

4 is a diagram illustrating a process of transmitting a payment method using a direct token authentication and a direct web communication channel according to an embodiment of the present invention.

4 illustrates a process of authenticating the validity of a connect token allocated through the process shown in FIG. 3 at a designated time point during or after performing the process shown in FIG. 3. The affiliate app of the wireless terminal 100 And the financial transaction server 130 directly connects the web communication channel to transfer the payment means of the user from the wireless terminal 100 to the financial company server 130. In this case, Those skilled in the art will be able to refer to and / or modify Figure 4 to infer various implementations of the payment method delivery process (e.g., omitting some of the steps or changing the order) However, the present invention is not limited to the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

Referring to FIG. 4, the affiliate application 105 of the wireless terminal 100 displays (400) a financial company selection interface at a designated time point during or after performing the process shown in FIG. 3, Transmits a data set including the identification number of the wireless terminal 100 identified through the affiliate application 105 to the affiliate server 120 and the selected financial company information 405, .

The affiliate server 120 transmits the data set including the identification number of the wireless terminal 100 and the financial institution information to the settlement institution server 200 (410). The settlement institution server 200 confirms the identification number of the wireless terminal 100 included in the data set 415 and authenticates the validity of the connect token through the identification number of the wireless terminal 100 420). If the validity of the connect token is not authenticated, the connection token is generated again using the identification number of the wireless terminal 100 included in the data set. Preferably, some of the processes shown in FIG. 3 may be performed again.

Meanwhile, when the validity of the connect token is authenticated, the settlement institution server 200 transmits the connect token to the financial company server 130 corresponding to the financial company information, (425), the financial company server (130) receives the connect token (425a), and controls at least one of the first to third payment method registration control methods of the present invention And directly connects the wireless communication channel with the wireless terminal 100 through one (430a). Meanwhile, the settlement institution server 200 transmits the web communication channel directly to the affiliate company 105 of the wireless terminal 100 through the affiliate server 120 between the wireless terminal 100 and the financial company server 130 The affiliate app 105 of the wireless terminal 100 can request the financial institution server 130 through at least one of the first to third payment method registration control methods of the present invention corresponding to the control (430b) directly with the web communication channel.

The affiliate application 105 of the wireless terminal 100 displays a payment means registration interface on the basis of a web function provided in the wireless terminal 100, receives payment method information of the user and user information, The financial institution server 130 transmits the payment method information and the user information of the inputted user to the server 130 and the financial company server 130 transmits the payment method information and user information of the user inputted from the affiliate app 105 of the wireless terminal 100 through the direct web communication channel And receives the payment method information and user information of the input user and performs one or more designated authentication procedures (440). Preferably, the authentication procedure includes authentication of the user of the wireless terminal via the communication company server, authentication of the name of the payment means and authentication of the user, And authentication number authentication for receiving and comparing the authentication number after sending it. If authentication fails during the designated authentication procedure, the financial company server 130 provides authentication error information to the affiliate app 105 provided in the user's wireless terminal 100 and outputs the authentication error information to the affiliate app 105 in operation 445.

Upon completion of one or more of the authentication procedures, the financial company server 130 maps the payment means information to the user information and the connect token and stores the same in operation 450, And stores the mapped information with the payment means information (455). The financial institution server 130 provides the payment means identification key and the connect token mapped to the payment means of the user to the payment institution server 200 in operation 460. The settlement agency server 200 transmits the connection token The means identification key is mapped and stored (465). The payment institution server 200 transmits the registration result of the payment means through the direct web communication channel to the affiliate server 120 in operation 470. The affiliate server 120 transmits the registration result of the payment means to the wireless The affiliate app 105 of the wireless terminal 100 receives the payment result of the payment method registration and outputs the payment result to the affiliate app 105 of the terminal 100 in step 480.

FIG. 5 is a diagram illustrating a payment processing process using the affiliate application 105 according to an embodiment of the present invention.

5 shows an example of a case where order information is received by the settlement institution server 200 and the order information is exchanged with the affiliate app 105 of the wireless terminal 100 and the affiliate app 105 and the payment The present invention is not limited to the above-described embodiments, and various changes and modifications may be made without departing from the spirit and scope of the present invention. It is to be understood that the invention may be practiced otherwise than as specifically described herein, but it is to be understood that the invention is not limited to the disclosed embodiments, Features are not limited.

Referring to FIG. 5, a merchant member used by a user configures order information of a user according to a designated purchase and payment procedure and transmits the order information to the settlement agency server 200 (500). The settlement agency server 200 receives the order information The identification number of the user is confirmed (505), and the verification procedure for the identification number is performed (505). If the identification number is not verified, the settlement institution server 200 provides ID number authentication error information to the merchant and outputs the ID number authentication error information to the user (510).

Meanwhile, when the identification number is verified, the settlement institution server 200 generates an order key for the received order information (515), and generates a connection token mapped to the identification number, the received order information, (520), and sends a message for providing the order key and the connect token through the affiliate server 120 (525).

The affiliate server 120 provides the message to the affiliate application 105 of the wireless terminal 100 in operation 530 and the wireless terminal 100 receives the message and drives the affiliate application 105 Activation 535), and the affiliate app 105 confirms the order key and the connect token corresponding to the message (540).

The affiliate application 105 of the wireless terminal 100 connects the settlement agency server 200 and the end-to-end communication channel 222 in response to the message reception 545, And connects the affiliate app 105 and the end-to-end communication channel 222 (545).

The affiliate application 105 of the wireless terminal 100 transmits the order key and the connect token to the settlement institution server 200 through the end-to-end communication channel 222 including the identification number of the wireless terminal 100 (550), the settlement institution server (200) receives the order key and the connect token through the data set (555), and transmits the order key and the connect token to the wireless terminal The validity of the connect token may be authenticated based on the identification number of the connect token (555). And transmits the mapped order information to the affiliate app 105 of the wireless terminal 100 through the end-to-end communication channel 222 in operation 560.

The affiliate app 105 of the wireless terminal 100 receives and outputs the order information from the settlement institution server 200 through the end-to-end communication channel 222 (565) (570) the payment means to be used for payment of the order information among the payment means registered through the payment information receiving means. The affiliate app 105 of the wireless terminal 100 transmits the identification number of the wireless terminal 100 to the settlement institution server 200 through the end-to-end communication channel 222, (570), the settlement institution server 200 receives (575) the data set via the end-to-end communication channel 222 and transmits the data set included in the data set The validity of the connect token can be authenticated based on the identification number of the wireless terminal 100 (575). The settlement institution server 200 confirms the information selected by the affiliate app 105 of the wireless terminal 100 as payment means based on the data set 575 and then transmits the payment means identification key corresponding to the selected payment means And transmits it to the affiliate app 105 of the wireless terminal 100 through the end-to-end communication channel 222 (580). The affiliate app 105 of the wireless terminal 100 receives the payment means identification key from the payment agency server 200 through the end-to-end communication channel 222 (585).

FIG. 6 is a diagram illustrating a settlement process using an affiliate application 105 according to an embodiment of the present invention.

FIG. 6 illustrates PIN information input through the affiliate application 105 of the wireless terminal 100 and transmits the payment authentication code that is dynamically generated through the financial company server 130 to the affiliate server 120 through the affiliate server 120 To the app server 105, and then receives the data through the end-to-end communication channel 222 and transmits the received data to the financial company server 130. As a person skilled in the art, 6 may be referenced and / or modified to infer various implementation methods (e.g., omitting some steps or changing the order) of the settlement process using the affiliate app 105, All of the above-described embodiments are included, and the technical features thereof are not limited only by the method shown in FIG.

Referring to FIG. 6, when order information is exchanged between the affiliate application 105 of the wireless terminal 100 and the settlement institution server 200 through the process shown in FIG. 5, and settlement means to be used for settlement is agreed, The affiliate application 105 of the wireless terminal 100 displays the PIN input interface and receives the PIN information from the user 600. The affiliate application 105 includes the identification number of the wireless terminal 100, (605) a data set including the exchanged order key and the connect token, the settlement means identification key for the settlement means agreed through the process shown in FIG. 5, and the inputted PIN information. The data set may be transmitted (610) to the settlement institution server (200) via the affiliate server (120) or transmitted to the settlement institution server (200) via the end-to-end communication channel . Meanwhile, the end-to-end communication channel 222 of the present invention also includes a communication channel via the affiliate server 120. However, in FIG. 6, the step 610 of passing through the affiliate server 120 is separately displayed so that the affiliate app 105 automatically detects that the payment is requested to the settlement agency server 200. If the affiliate server 120 does not detect the settlement occurring between the affiliate application 105 and the settlement agency server 200 or if the settlement agency server 200 is notified of the settlement, It is possible for the connect token, the payment means identification key and the PIN information to be transmitted and received via the end-to-end communication channel 222. [

The settlement institution server 200 receives (615) a data set including the identification number of the wireless terminal 100 and including the order key, the connect token, the payment means identification key and the PIN information (615) The validity of the connect token may be authenticated based on the identification number of the wireless terminal 100 included in the data set (615). The settlement institution server 200 performs an authentication procedure for the PIN information (620). If the PIN information is not authenticated, the settlement institution server 200 provides the PIN authentication error information to the affiliate application 105 of the wireless terminal 100 through the end-to-end communication channel 222 and outputs the PIN authentication error information 625).

Meanwhile, when the PIN information is authenticated, the settlement institution server 200 provides the terminal serial number and the payment means identification key, which are confirmed through the connect token, to the financial company server 130, (630). The identification number may be used instead of the terminal serial number according to the embodiment, and thus the present invention is not limited thereto.

The financial company server 130 receives the payment means identification key and the terminal serial number (635). And verifies whether the payment means identification key and the payment means of the user are effectively mapped (640). The payment means is not valid when the valid period of the payment means has elapsed or is canceled by the user. If the valid mapping state of the payment means is not verified, the financial company server 130 provides the settlement means mapping error information to the settlement agency server 200 (645), and the settlement agency server 200 And provides payment instrument mapping error information to the affiliate app 105 of the wireless terminal 100 for output (645).

On the other hand, if the valid mapping state of the payment means is verified, the financial company server 130 generates a payment authentication code of a specified digit (650), maps the generated payment authentication code to the payment means identification key (Step 655), and transmits the terminal serial number and the payment authentication code to the settlement institution server 200 (step 660).

The settlement institution server 200 receives the terminal serial number and the payment authorization code from the financial company server 130 in step 665 and transmits the terminal serial number and payment authorization code to the wireless terminal 100 corresponding to the terminal serial number through the affiliate server 120, The subscriber server 105 requests the subscriber application 105 to send the message for providing the payment authentication code 670 and the affiliate server 120 transmits the message to the affiliate application 105 of the wireless terminal 100 (675).

The affiliate application 105 of the wireless terminal 100 confirms the payment authorization code (for example, displays or automatically inputs the payment authorization code) while receiving the message (680) The payment institution server 200 transmits a data set including the identification number of the wireless terminal 100 and the payment authorization code and the payment means identification key (step 685). According to an embodiment of the present invention, the affiliate app 105 of the wireless terminal 100 may transmit the payment request by omitting the payment means identification key. In this case, the payment means identification key is attached to the financial institution server 200 130).

The settlement institution server 200 receives the data set 690 through the end-to-end communication channel 222, and based on the identification number of the wireless terminal 100 included in the data set, The validity of the connect token may be authenticated (690). The payment institution server 200 provides the payment authorization code and the payment means identification key to the financial company server 130 in step 695. The financial company server 130 receives the payment authorization code And a payment means identification key (699).

FIG. 7 is a diagram illustrating a payment approval process of an online merchant using the affiliate app 105 according to an embodiment of the present invention.

In more detail, FIG. 7 is a flowchart illustrating the process of the merchant providing the order information to the settlement agency server 200 in the process shown in FIG. 5 when the merchant is an online merchant through the settlement agency server 200 of FIG. The payment authorization code exchanged between the affiliate application 105 and the financial company server 130 is authenticated and a payment approval procedure through the payment means of the mapped user is performed through the process shown in FIG. Those skilled in the art will be able to refer to and / or modify the FIG. 7 to understand various ways of implementing the payment approval process of the online merchant using the affiliate app 105 (e.g., Or alternatively, the order is changed), but the present invention includes all of the above-described embodiments, and only the embodiment shown in FIG. 7 The technical feature is not limited.

Referring to FIG. 7, the payment authentication code exchanged between the affiliate application 105 and the financial company server 130 is exchanged through the settlement institution server 200 of the process shown in FIG. 6, and is transmitted to the financial company server 130 When the payment authorization code is received, the financial company server 130 authenticates the validity of the payment authorization code based on the payment means identification key (700). If the validity of the payment authentication code is not authenticated, the financial company server 130 provides the authentication result of the settlement authentication code to the settlement institution server 200, and the settlement institution server 200 transmits the authentication result The affiliate application 105 of the wireless terminal 100 receives the authentication result of the payment authentication code and outputs the authentication result to the affiliate application 105 of the wireless terminal 100 in operation 705.

Meanwhile, when the validity of the payment authentication code is authenticated, the financial company server 130 transmits a security assurance ACS value while providing authentication result of the settlement authentication code to the settlement institution server 200 (710). The payment institution server 200 receives the authentication result of the payment authorization code and the secure ACS value from the financial company server 130 in step 715 and transmits the authentication result to the affiliate application 105 of the wireless terminal 100 (720), and the affiliate application (105) of the wireless terminal (100) receives and outputs the authentication result (725).

The contents of requesting the completion of the payment to the online merchant using the authentication result output by the affiliate app 105 of the wireless terminal 100. Accordingly, the user can use the wired terminal of his / (730), and the payment request information for the payment completion request is transmitted to the settlement institution server (200).

The payment institution server 200 requests payment of the order information to the financial company server 130 through the secure payment ACS value in response to the payment completion request of the online merchant, (740) a payment approval procedure for the order information through the payment means of the mapped user based on the secure-click ACS value. When the settlement approval process is completed, the financial company server 130 generates a settlement approval result and transmits the settlement approval result to the settlement institution server 200 (745). The settlement institution server 200 transmits the settlement approval result to the financial company server 130, (750), and provides the payment completion information to the online merchant (755). The online merchant receives the payment completion information and outputs the payment completion information to the user (760).

FIG. 8 is a diagram illustrating a payment approval process of a mobile merchant using an affiliate app 105 according to an embodiment of the present invention.

In more detail, FIG. 8 is a flowchart illustrating the process of the merchant providing the order information to the settlement agency server 200 in the process shown in FIG. 5, through the settlement agency server 200 of the process shown in FIG. 6 The payment authorization code exchanged between the affiliate application 105 and the financial company server 130 is authenticated and a payment approval procedure through the payment means of the mapped user is performed through the process shown in FIG. Those skilled in the art will be able to refer to and / or modify the FIG. 8 to understand the various steps of the payment approval process of the mobile merchant using the affiliate app 105 (e.g., Or the order is changed), but the present invention includes all of the above-mentioned embodiments, and only the embodiment shown in FIG. 8 The technical feature is not limited.

Referring to FIG. 8, the payment authentication code exchanged between the affiliate application 105 and the financial company server 130 is exchanged through the settlement institution server 200 of the process shown in FIG. 6, and is transmitted to the financial company server 130 When the payment authorization code is received, the financial institution server 130 authenticates the validity of the payment authorization code based on the payment means identification key (800). If the validity of the payment authentication code is not authenticated, the financial company server 130 provides the authentication result of the settlement authentication code to the settlement institution server 200, and the settlement institution server 200 transmits the authentication result The affiliate application 105 of the wireless terminal 100 receives the authentication result of the payment authorization code and outputs the authentication result to the affiliate application 105 of the wireless terminal 100 in operation 805.

Meanwhile, when the validity of the payment authentication code is authenticated, the financial company server 130 transmits a security assurance ACS value while providing authentication result of the payment authentication code to the settlement institution server 200 (810). The payment institution server 200 receives the authentication result of the payment authorization code and the security assurance ACS value from the financial company server 130 in step 815 and transmits the security guarantee ACS value to the financial company server 130 (820), and the financial company server 130 performs a payment approval procedure for the order information through the payment means of the mapped user based on the secure-click ACS value (825). When the payment approval process is completed, the financial company server 130 generates a payment approval result and transmits it to the settlement institution server 200 in step 830. The settlement institution server 200 transmits the settlement approval result to the financial company server 130, (835), and provides payment completion information to the mobile merchant (840). The mobile merchant receives the payment completion information and outputs the payment completion information to the user (845). Meanwhile, the settlement agency server 200 also provides the settlement completion information to the affiliate app 105 of the wireless terminal 100 (840), and the affiliate app 105 of the wireless terminal 100 transmits the settlement information Information is received and output (850).

100: Wireless terminal 105: Affiliate app
120: Affiliate Server 125: App-based communication channel
130: financial company server 200: settlement agency server
202: Connect Token Generation Unit 204:
206: Storage medium 208: Order information receiver
210: identification number verification unit 212: order key generation unit
214: order information storage unit 216: order management D / B
218: Message sending processing unit 220: Communication channel connection unit
222: end-to-end communication channel 224: information request receiving section
226: Connect Token Authentication Unit 228: Order Information Verification Unit
230: order information providing unit 232: payment method selection confirmation unit
234: payment means identification unit 236: payment authentication request reception unit
238: PIN authentication processing unit 240:
242: Authentication code verification unit 244: Authentication code reception unit
246: code authentication requesting unit 248: authentication result receiving unit
250: authentication result transmitting unit 252: payment request receiving unit
254: payment request processing unit 256: approval result processing unit

Claims (19)

  1. (N > = 1) financial transaction servers capable of issuing payment means to the user and communicating with an affiliate server that manages and operates an application provided in the wireless terminal of the user, The method of claim 1,
    A first step of generating a connect token that is one-to-one matched with an affiliate account of a user registered in the partner company and uniquely identifies the wireless terminal;
    The affiliate account of the user registered in the affiliate server, the PIN information registered by the user, the identification number including at least one of the mobile terminal number and the terminal serial number of the wireless terminal, A second step of mapping and storing a payment means identification key for identifying the means;
    A third step of connecting an end-to-end communication channel with an affiliate app of the wireless terminal based on a message sent to the wireless terminal when a payment service through the affiliate app of the wireless terminal is started;
    A fourth step of receiving at least one data set transmitted from the affiliate app via the end-to-end communication channel;
    A fifth step of confirming an identification number of the wireless terminal included in the received data set;
    A sixth step of authenticating the validity of the connect token using the identification number included in the data set; And
    And a seventh step of performing a payment processing procedure corresponding to the received data set when the validity of the connect token is authenticated.
  2. 2. The method according to claim 1,
    Wherein the affiliate account of the user registered in the partner company and the PIN information of the user are substituted into the designated token generation algorithm to generate a connect token of a specified number of digits. How to verify your app.
  3. The method according to claim 1,
    Confirming an identification number of a wireless terminal to be used for payment of the order information while receiving order information through a designated communication network for payment service through the affiliate app of the wireless terminal;
    Generating an order key for the order information and identifying a connect token mapped with the identification number;
    And requesting the sending of a message for providing the order key and the connect token to the affiliate app provided in the wireless terminal through the affiliate server.
  4. The method of claim 3,
    Further comprising the step of verifying whether the identification number of the identified wireless terminal is a pre-registered identification number.
  5. The method of claim 3,
    And mapping and storing the generated order key, the order information, and the connect token, and storing the mapping information.
  6. The method of claim 1,
    And a push message to push from the affiliate server to the affiliate app of the wireless terminal.
  7. The method as claimed in claim 1,
    Receiving a data set including an identification number of the wireless terminal through the end-to-end communication channel and including a connect token provided to the affiliate app through a message sent to the wireless terminal and an order key. Affiliate app authentication methods for.
  8. 8. The method as claimed in claim 7,
    And confirming the order information corresponding to the data set and providing the affiliate app to the wireless terminal through the end-to-end communication channel.
  9. The method as claimed in claim 1,
    And receiving a data set including the identification number of the wireless terminal through the end-to-end communication channel and including information on payment means selected through the affiliate app.
  10. 10. The method as claimed in claim 9,
    Further comprising confirming a payment means identification key corresponding to the payment means selected through the data set and providing the affiliate app for the payment processing through the end-to-end communication channel to the affiliate app for the payment processing Authentication method.
  11. The method as claimed in claim 1,
    And a data set including an identification number of the wireless terminal and an order key for an object to be settled, a connect token, and a payment means identification key via the end-to-end communication channel. Way.
  12. The method according to claim 1,
    The second step may include mapping the PIN information registered by the user with the connect token,
    The fourth step includes receiving a data set including the identification number of the wireless terminal through the end-to-end communication channel and including PIN information input by the user,
    And authenticating the validity of the received PIN information. The method of claim 1, further comprising:
  13. 13. The method of claim 12,
    When the validity of the PIN information is authenticated,
    Transmitting the terminal serial number of the wireless terminal mapped with the connect token and the payment means identification key to the financial company server;
    Receiving a payment authorization code dynamically generated from the financial company server and a terminal serial number of the wireless terminal;
    And requesting the sending of a message for transferring the payment authentication code to an affiliate app of a wireless terminal corresponding to the terminal serial number of the wireless terminal through the affiliate server Affiliate app authentication methods.
  14. The method as claimed in claim 1,
    Receiving a data set including an identification number of the wireless terminal through the end-to-end communication channel and including a payment authentication code and a payment means identification key,
    Transmitting the settlement authentication code and the settlement means identification key to the financial company server; And
    And receiving an authentication result of the settlement authentication code from the financial company server.
  15. The method according to claim 1,
    The seventh step includes receiving a secure ACS (Access Control Server) value from the financial institution server,
    If the order information for the payment service is order information corresponding to the online merchant,
    Transmitting an authentication result requesting payment through the online merchant to the affiliate app of the wireless terminal;
    Receiving payment request information for the order information from the online merchant through a communication network; And
    And requesting settlement of the order information to the financial company server using the secure-click ACS value.
  16. The method according to claim 1,
    The seventh step includes receiving a secure ACS (Access Control Server) value from the financial institution server,
    When the order information for the payment service is order information corresponding to the mobile merchant site used by the wireless terminal,
    And requesting settlement of the order information to the financial company server using the secure-click ACS value.
  17. 17. The method according to claim 15 or 16,
    Receiving a settlement approval result for the settlement request from the financial company server; And
    And providing settlement completion information for the settlement approval result to the merchant providing the order information. ≪ Desc / Clms Page number 19 >
  18. The method according to claim 1,
    And an identification key assigned by the financial institution server to the payment means of the user registered in the financial service server from the wireless terminal through a communication channel directly connected between the wireless terminal and the financial service server. Affiliate app authentication methods for.
  19. 2. The method of claim 1, wherein the communication channel connected between the wireless terminal and the settlement agency server comprises:
    An end-to-end communication channel directly connected between the affiliate app of the wireless terminal and the settlement agency server,
    And an end-to-end communication channel through which the encryption and decryption processes are performed between the affiliate app of the wireless terminal and the settlement agency server via the affiliate server.
KR20130001511A 2013-01-07 2013-01-07 Method for Validating Alliance Application for Payment KR101505847B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR20130001511A KR101505847B1 (en) 2013-01-07 2013-01-07 Method for Validating Alliance Application for Payment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR20130001511A KR101505847B1 (en) 2013-01-07 2013-01-07 Method for Validating Alliance Application for Payment

Publications (2)

Publication Number Publication Date
KR20140089733A KR20140089733A (en) 2014-07-16
KR101505847B1 true KR101505847B1 (en) 2015-04-07

Family

ID=51737676

Family Applications (1)

Application Number Title Priority Date Filing Date
KR20130001511A KR101505847B1 (en) 2013-01-07 2013-01-07 Method for Validating Alliance Application for Payment

Country Status (1)

Country Link
KR (1) KR101505847B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018204183A1 (en) * 2017-05-02 2018-11-08 Visa International Service Association System and method using interaction token

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20090121980A (en) * 2008-05-23 2009-11-26 이준용 Apparatus ans method for certification and settlement using wireless terminal
KR101140223B1 (en) 2005-08-19 2012-04-26 주식회사 비즈모델라인 Device for Processing a Payment
KR20120076591A (en) * 2010-12-06 2012-07-09 에스케이플래닛 주식회사 Method for providing electronic payment by using subscriber information and security token, system, terminal and communication management apparatus therefor
KR101199153B1 (en) 2010-12-15 2012-11-12 사단법인 금융결제원 System and Method for Managing Network Account for Custom

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101140223B1 (en) 2005-08-19 2012-04-26 주식회사 비즈모델라인 Device for Processing a Payment
KR20090121980A (en) * 2008-05-23 2009-11-26 이준용 Apparatus ans method for certification and settlement using wireless terminal
KR20120076591A (en) * 2010-12-06 2012-07-09 에스케이플래닛 주식회사 Method for providing electronic payment by using subscriber information and security token, system, terminal and communication management apparatus therefor
KR101199153B1 (en) 2010-12-15 2012-11-12 사단법인 금융결제원 System and Method for Managing Network Account for Custom

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018204183A1 (en) * 2017-05-02 2018-11-08 Visa International Service Association System and method using interaction token

Also Published As

Publication number Publication date
KR20140089733A (en) 2014-07-16

Similar Documents

Publication Publication Date Title
AU2018202542B2 (en) Automated account provisioning
US20180247303A1 (en) Mobile tokenization hub
JP6214724B2 (en) Method, apparatus and system for secure provisioning, transmission and authentication of payment data
EP3518567B1 (en) Remote server encrypted data provisioning system and methods
US20190122212A1 (en) Methods and systems for provisioning payment credentials
US20190295076A1 (en) Variable authentication process and system
US10341111B2 (en) Secure authentication of user and mobile device
US20170308896A1 (en) Methods and apparatus for brokering a transaction
US20170316401A1 (en) System and method for using an account sequence identifier
US20200090182A1 (en) Authenticating remote transactions using a mobile device
US9552574B2 (en) Methods and systems for payment account issuance over a mobile network
US20190122210A1 (en) Mobile payment application provisioning and personalization on a mobile device
US10491605B2 (en) Secure interface using non-secure element processors
US20170364895A1 (en) Person-To-Person Electronic Payment Processing
JP6518244B2 (en) Interoperable network token processing system and method
US10528944B2 (en) Systems, methods, and computer readable media for conducting a transaction using cloud based credentials
US8792861B2 (en) Switching functions for mobile payments system
EP2701416B1 (en) Mobile Electronic Device And Use Thereof For Electronic Transactions
US10515362B2 (en) Methods and apparatus for card transactions
FI125071B (en) Payment System
RU2438172C2 (en) Method and system for performing two-factor authentication in mail order and telephone order transactions
US20150278810A1 (en) Device commerce using trusted computing system
US9607293B2 (en) Method and system for account management and electronic wallet access on a mobile device
KR100792147B1 (en) Interactive Financial settlement service method using mobile phone number or virtual number
US7757945B2 (en) Method for electronic payment

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
FPAY Annual fee payment

Payment date: 20180212

Year of fee payment: 4

FPAY Annual fee payment

Payment date: 20200220

Year of fee payment: 6