KR101542111B1 - Method for payment using card, digital system, and settlment side system thereof - Google Patents

Method for payment using card, digital system, and settlment side system thereof Download PDF

Info

Publication number
KR101542111B1
KR101542111B1 KR1020130160693A KR20130160693A KR101542111B1 KR 101542111 B1 KR101542111 B1 KR 101542111B1 KR 1020130160693 A KR1020130160693 A KR 1020130160693A KR 20130160693 A KR20130160693 A KR 20130160693A KR 101542111 B1 KR101542111 B1 KR 101542111B1
Authority
KR
South Korea
Prior art keywords
card
payment
digital
information
settlement
Prior art date
Application number
KR1020130160693A
Other languages
Korean (ko)
Other versions
KR20150072955A (en
Inventor
김동진
김대진
심충섭
박경자
Original Assignee
주식회사 씽크풀
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 씽크풀 filed Critical 주식회사 씽크풀
Priority to KR1020130160693A priority Critical patent/KR101542111B1/en
Publication of KR20150072955A publication Critical patent/KR20150072955A/en
Application granted granted Critical
Publication of KR101542111B1 publication Critical patent/KR101542111B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/356Aspects of software for card payments
    • G06Q20/3567Software being in the reader
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3226Use of secure elements separate from M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/352Contactless payments by cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification

Abstract

A payment method using a card, a digital system therefor, and a settlement side system are disclosed. The payment method using the card includes the steps of the digital system performing communication with the card for settlement of a predetermined payment request, the digital system receiving the card one-time information generated by the card from the card via the communication And transmitting to the payment-side system an acknowledgment signal including the card one-time information, wherein the digital system has received the card, wherein the digital system transmits, by the payment-side system, When the card is authenticated, approval or disapproval of the settlement request is determined using the settlement financial information corresponding to the card previously registered in the settlement-side system.

Description

[0001] The present invention relates to a payment method using a card, a digital system for the same, and a settlement system,

The present invention relates to a payment method using a card, a digital system therefor, and a payment system, and more particularly, to a payment system using a card and a digital system (e.g., a mobile terminal) And more particularly, to a method and system for performing payment with a very high security.

Many digital systems (e.g., PCs, tablets, navigation, music players, cameras, automotive digital systems, etc.) have been widely used due to the development of information and communication technologies. In particular, as IT technology advances, digital systems are becoming smaller and convergent. For example, a mobile communication terminal (e.g., a mobile phone, a tablet PC, etc.) performs various functions such as a camera, an information storage device, a banking (payment, transfer) function as well as an original communication function. At the same time, the devices are miniaturized to a size sufficient for users to carry through such as integration of devices.

With the convergence of various functions, digital systems not only provide convenience to users but also become an important means of influencing users' lives. In addition, due to the miniaturization of digital systems, portability is becoming higher and more expensive, the damage caused by the loss or theft of the digital system is serious, and the burden of lost or stolen is increasing.

In particular, recent digital systems such as smart phones are implemented so as to independently perform financial transactions, and there is a concern that users may suffer enormous damage when such digital systems are lost or stolen.

Meanwhile, various techniques for increasing the simplicity and efficiency of card settlement have been known. For example, when a mobile phone number is input without holding a card, a method of making payment with a card corresponding to the mobile phone number is known.

Such an example is disclosed in Korean patent application (Application No. 10-2000-0031640, "Payment method using mobile phone number"), Korean patent application (Application No. 10-2008-0133237, "Mobile card payment system and mobile card payment service using the same Method "), Korean patent application (Application No. 10-2008-0112238," Mobile card settlement system using telephone number, mobile settlement service method using the same ").

The conventional method has an advantage in that payment can be conveniently performed only if the mobile phone is possessed without carrying a card. However, there is a problem that security is very low due to such convenience. For example, when a cell phone is lost or stolen, a cell phone number can be exposed at any time, so that there is a risk that another person can perform card settlement. This risk exists even when a password for payment is required. This is because the exposure of the password is easily exposed by a malicious attack or the user's acquaintance. As a result, in the conventional method, if a fraudulent user who knows the payment password occupies the user's mobile phone even for a while, there is a risk that the fraudulent payment will occur at any time.

In recent years, a digital system (e.g., a mobile terminal) reads payment financial information (e.g., card number, valid period, etc.) from a card using short-range wireless communication such as NFC and uses the read information to use for payment An attempt is being made to do so. However, in such a case, there is a threat of fatal security in which settlement financial information, which can be used for settlement or financial transactions, is distributed through a network, if the information is sufficiently known.

In addition, online crime becomes more intelligent and frequent as online financial transactions become more active, necessitating two-channel authentication and settlement.

In addition, in the case of remote settlement, which calls the settlement financial information of the card, the risk of exposing the settlement financial information of the card increases, and a technical idea that does not expose the settlement financial information of the card is required in remote settlement.

In addition, there is a case in which a card smoker (for example, a child) has to make a settlement with the help of a third party (for example, a parent). In such a case, a technical idea for a convenient and highly secure card settlement is required .

Therefore, a technical idea for card settlement that can provide convenience while enhancing security is required.

The technical problem to be solved by the present invention is to provide a technical idea that can easily perform card settlement using two independent products of a digital system and a card having a high probability of carrying the user. The present invention also provides a technical idea that enables easy settlement of two-channel settlement, long-distance settlement or third-party settlement.

In addition, the card generates one-time information (e.g., OTP) and authenticates the one-time information generated by the card on the payment-side system, thereby performing unauthorized duplication of the card or unauthorized card settlement using the card information without a card And to provide a technical idea that can significantly reduce the risk.

In addition, by making payment using the card possible without distributing payment finance information (e.g., card number, expiration date, etc.) of the card necessary for settlement on the network, a payment method capable of providing excellent security To provide technical ideas for

Also, depending on the embodiment, the one-time information may also be generated by using information (e.g., UID, time information, or any value of the card) irrelevant to the payment financial information of the card so that one- The risk of leakage of the settlement financial information by the attacker even if the outflow of the attacker occurs.

In addition, the present invention provides a technical idea that provides convenience to the user in settlement by not requiring a process of providing the user with the one-time information and inputting it.

In addition, the present invention provides a technical idea capable of specifying a digital system to be used for settlement so that settlement can be performed only through the digital system.

In addition, a digital system usable for settlement and a card forming a pair with the digital system are set in advance so that the settlement can be approved only when communication (for example, contact or non-contact type) is performed between the devices forming the pair , It is necessary to have two specific devices so that payment can be made, thereby providing a technical idea that can provide a synergistic effect of remarkable security.

According to another aspect of the present invention, there is provided a payment method using a card, the digital system performing communication with a card for settlement of a predetermined payment request, the digital system transmitting a card generated by the card from the card through the communication, And transmitting the confirmation signal including the card one-time information received by the digital system to the payment-side system, wherein, based on the confirmation signal including the transmitted card one-time information, When the card is authenticated by the settlement side system, approval or disapproval of the settlement request is determined by using the settlement banking information corresponding to the card registered in advance on the settlement side system.

The payment method using the card is a method in which, when a payment request containing identification information of the digital system is transmitted from a predetermined data processing apparatus to a payment-side system, payment-related information output from the payment- And the digital system performing the communication with the card to settle the payment request corresponding to the displayed payment related information.

The payment method using the card may include receiving the payment related information output from the data processing apparatus when the identification information of the digital system is input to a predetermined data processing apparatus, And the digital system performing the communication with the card.

Server side one-time information corresponding to the card is generated by the payment-side system, and when the generated server one-time information corresponds to the received card one-time information, the card is authenticated.

Wherein the digital system receiving the card one-time information generated by the card from the card via the communication further comprises the step of the digital system receiving the card identification information of the card, Wherein the step of transmitting an acknowledgment signal including the card one-time information to the payment-side system includes the step of the digital system including the card identification information in the acknowledgment signal and transmitting it to the payment-side system, The card which has performed the communication via the card identification information is identified by the card identification information, and the card is authenticated according to whether the received card one-time information corresponds to the identified card.

Wherein the step of transmitting an acknowledgment signal including the card one-time information received by the digital system to the payment-side system includes the step of the digital system further including the terminal identification information of the digital system in the acknowledgment signal, It is determined whether the terminal identification information corresponds to information registered in advance by the payment system, and whether the payment request is approved may be determined according to the determination result.

The payment method using the card further includes a step of determining whether the digital system is a card set in advance so that the card corresponds to the digital system, and if it is determined that the card is a preset card, the confirmation signal is transmitted to the payment system . ≪ / RTI >

The digital system may include the card one-time information received from the card in the confirmation signal without displaying it, and transmit the one-time information to the payment-side system.

The payment method using the card may include the steps of the digital system requesting the user of the digital system for user authentication information corresponding to the card and transmitting the user authentication information inputted in response to the request to the payment system Wherein the payment request is accepted when the user authentication information is further authenticated by the payment side system.

The card one-time information is information generated by using a value that is not related to the payment financial information of the card as a key value.

The digital system does not include the settlement financial information of the card in the confirmation signal.

According to another aspect of the present invention, there is provided a payment method using a card, wherein the digital system receives first payment related information output by a data processing apparatus that receives identification information of a digital system of a second user by a first user, The digital system receiving second payment-related information corresponding to the second payment request output by the payment-side system after the second payment request is transmitted to the payment-side system by the data processing apparatus; The method comprising the steps of the system performing communication with a predetermined card, the digital system receiving card one-time information generated by the card from the card via the communication, and the digital system including the received card one- Transmitting to the payment-side system an acknowledgment signal to the payment-side system, When the card is authenticated by the settlement side system based on the confirmation signal including the grief information, the settlement side system receives the settlement financial information from the data processing apparatus using the settlement financial information corresponding to the card registered in advance in the settlement side system The approval of the first payment request corresponding to the first payment related information included in the second payment request or the confirmation signal is determined.

According to an aspect of the present invention, there is provided a payment method using a card, wherein when a digital system communicates with a predetermined card, a payment system receives an acknowledgment signal including card one-time information generated by the card from the digital system Side system, the payment-side system authenticating the card based on the confirmation signal including the received card one-time information, and when the card is authenticated, the payment- And determining whether to approve the payment request previously received from the predetermined data processing apparatus or the payment request included in the confirmation signal using the payment financial information corresponding to the card.

Wherein the payment method using the card includes the steps of the payment system receiving the payment request including the identification information of the digital system from the data processing apparatus, the payment system transmitting the digital system or the data processing And transmitting the settlement-related information to the device, wherein the settlement-side system determines whether the settlement-side system should approve the settlement request after the settlement-related information is transmitted and the confirmation signal is received from the digital system can do.

Wherein the payment side system authenticates the card based on the confirmation signal including the received card one-time information, the payment side system generating server one-time information corresponding to the card, Determining whether the generated server one-time information corresponds to the received card one-time information, and authenticating the card by the payment-side system according to the determination result.

Wherein the payment side system authenticates the card based on the confirmation signal including the received card one-time information, the payment side system performs the communication through the card identification information of the card included in the confirmation signal And identifying the one card.

Wherein the step of determining whether to approve the payment request includes the steps of the payment system determining whether the terminal identification information of the digital system included in the confirmation signal corresponds to the information previously registered in the payment system, And determining whether to approve the payment request.

Wherein the step of determining whether to approve the payment request further comprises a step of determining whether the digital system to which the payment system transmits the confirmation signal and the card are a pair established in advance with the payment system, And determining whether to approve the payment request according to the determination result.

According to another aspect of the present invention, there is provided a payment method using a card, comprising: a payment system receiving a payment request output from a data processing apparatus that receives identification information of a digital system of a second user by a first user; Related information corresponding to the received payment request to the digital system; and when the predetermined card is communicated with the digital system, the payment-side system transmits the settlement-related information corresponding to the payment request generated by the card Receiving an acknowledgment signal including card one-time information, authenticating the card based on the confirmation signal including the card one-time information received by the payment-side system, and when the card is authenticated, The system further comprising: a settlement banking system Using the information includes determining whether to approve the billing request.

The payment method using the card can be stored in a computer-readable recording medium on which the program is recorded.

According to an aspect of the present invention, there is provided a digital communication system including a card communication module for communicating with a card for payment of a predetermined payment request, a card communication module for communicating with the card, And a control module for transmitting the received confirmation signal to the payment-side system upon receipt of a signal, wherein if the card is authenticated by the payment-side system based on an acknowledgment signal including the transmitted card one-time information, And the approval or disapproval of the settlement request is determined using the settlement financial information corresponding to the card registered in advance on the settlement side system.

The digital system receives settlement-related information output from the settlement-side system when the settlement request including identification information of the digital system is transmitted from a predetermined data processing apparatus to the settlement-side system, And a communication module for receiving the payment related information output from the data processing apparatus when the identification information of the digital system is input.

Wherein the control module further includes the card identification information of the card received through the card communication module to the confirmation side system and transmits the identification information to the payment side system, One of the cards is identified and the card is authenticated according to whether the received card one-time information corresponds to the identified card.

Wherein the control module further includes terminal identification information of the digital system in the acknowledgment signal and determines whether the terminal identification information corresponds to information previously registered by the payment system, Can be determined.

The control module determines whether the card is a card set in advance to correspond to the digital system, and transmits the confirmation signal to the payment-side system as a result of the determination.

And the control module does not include the settlement financial information of the card in the confirmation signal.

According to an aspect of the present invention, there is provided a digital system for receiving first payment related information output by a data processing apparatus that receives identification information of a digital system of a second user by a first user, A communication module for receiving second settlement related information corresponding to the second settlement request outputted by the settlement side system after the second settlement request is transmitted to the settlement side system, And a control module for transmitting an acknowledgment signal including the received card one-time information to the payment-side system when the card-one-time information generated by the card is received from the card by the card communication module Side system, based on the confirmation signal including the transmitted card one-time information, Related information included in the second payment request or the confirmation signal previously received from the data processing apparatus by using the payment financial information corresponding to the card registered in advance in the payment system, And whether or not the corresponding first settlement request is approved is determined.

According to another aspect of the present invention, there is provided a billing-side system comprising: a communication unit for receiving an acknowledgment signal including a card one-time information generated by a card from a digital system when the digital system communicates with a predetermined card; A card authenticating unit for authenticating the card based on the confirmation signal including the card one-time information; and a card authentication unit for authenticating the card using the settlement financial information corresponding to the card registered in advance when the card is authenticated by the card authenticating unit. Determines whether the payment request received previously or the payment request included in the confirmation signal is approved.

According to an aspect of the present invention, there is provided a settlement-side system for receiving a settlement request output from a data processing apparatus, which has received identification information of a digital system of a second user by a first user, A communication unit for transmitting to the digital system an acknowledgment signal including a card one-time information output from the digital system when communication with the digital system is performed, a communication unit for transmitting the one- And a card authentication unit for authenticating the card based on the confirmation signal including the identification information included in the identification information, when the card is authenticated by the card authentication unit, And a control unit for determining whether or not it is possible.

According to the technical idea of the present invention, it is possible to provide a technical idea capable of easily carrying out card settlement using two independent products of a digital system and a card, which are highly likely to be carried by a user.

In other words, the payment request is performed by a data processing apparatus that is separate from the digital system, and the payment authentication is performed by the digital System can be performed by a user, so that it is possible to perform a two-channel settlement, a long distance settlement, and a third-party settlement with high security and ease.

In addition, the settlement financial information necessary for settlement is registered in advance in the settlement system, and when the card is authenticated through the information (for example, the card one-time information) that does not include the settlement financial information, (For example, a card number, an expiration date, etc.) of a card necessary for settlement can be prevented from being circulated on the network.

Further, the card authentication does not use the fixed identification information of the card which is likely to be copied or falsified but makes use of the one-time information (for example, OTP, etc.) generated by the card so that even if the information for card authentication is hacked, It has the effect of preventing the risk that the important settlement financial information is abused.

According to an embodiment of the present invention, even if the one-time information is generated using information irrelevant to the payment financial information of the card, even if the one-time information is taken out and the one-time information generation algorithm is leaked, Can be reduced.

In addition, it is possible to provide convenience to the user at the time of payment by not requiring a process of providing the information to the user while using the one-time information and allowing the user to input the information.

In addition, since the digital system to be used for settlement can be preset and specified, it has an effect that it can have a strong characteristic against attacks such as smishing or man in the middle attack, This is effective in blocking online crime through actively.

In addition, since a card that forms a pair with the digital system can be set in advance, it is possible to set up a card in a state where the apparatus is not set as a pair even if the apparatus has a digital system and a card, ) Payment can not be done normally, which leads to a significant increase in security.

BRIEF DESCRIPTION OF THE DRAWINGS A brief description of each drawing is provided to more fully understand the drawings recited in the description of the invention.
1 shows schematic systems for implementing a payment method using a card according to an embodiment of the present invention.
2 shows a schematic configuration of a digital system according to an embodiment of the present invention.
FIG. 3 shows a schematic configuration of a settlement-side system according to an embodiment of the present invention.
4 shows a schematic data flow of a payment method using a card according to an embodiment of the present invention.
FIG. 5 shows a schematic data flow of a payment method using a card according to another embodiment of the present invention.
FIG. 6 shows a schematic data flow of a payment method using a card according to another embodiment of the present invention.
7 is a diagram for explaining a process of a card-authenticating system of a payment-side system according to an embodiment of the present invention.
8 is a diagram for explaining a process in which a digital system transmits an acknowledgment signal according to an embodiment of the present invention.

In order to fully understand the present invention, operational advantages of the present invention, and objects achieved by the practice of the present invention, reference should be made to the accompanying drawings and the accompanying drawings which illustrate preferred embodiments of the present invention.

Also, in this specification, when any one element 'transmits' data to another element, the element may transmit the data directly to the other element, or may be transmitted through at least one other element And may transmit the data to the other component. Conversely, when one element 'directly transmits' data to another element, it means that the data is transmitted to the other element without passing through another element in the element.

BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, the present invention will be described in detail with reference to the preferred embodiments of the present invention with reference to the accompanying drawings. Like reference symbols in the drawings denote like elements.

1 shows schematic systems for implementing a payment method using a card according to an embodiment of the present invention.

Referring to FIG. 1, a digital system 100, a payment system 200, and a card 300 may be provided to implement a payment method using a card according to an embodiment of the present invention. Depending on the implementation, a predetermined data processing apparatus 400 may be further provided.

The digital system 100 can implement the technical idea of the present invention while transmitting / receiving necessary information to / from the payment system 200 through a wire / wireless network. The digital system 100 can acquire information (for example, card one-time information, card identification information, etc.) necessary for the technical idea of the present invention from the card 300 by communicating with the card 300 .

The digital system 100 may perform contact or non-contact communication with the card 300. The card 300 may be implemented as a smart card or a hybrid card capable of performing contact or non-contact communication with the digital system 100. Hereinafter, for convenience of description, the digital system 100 and the card 300 are described as performing near field wireless communication, but the scope of the present invention is not limited thereto.

The digital system 100 may perform short-range wireless communication with the card 300. For this purpose, the user can tag the digital system 100 and the card 300.

In this specification, tagging refers to the case where the digital system 100 and the card 300 are within a certain distance (for example, in the case of NFC communication) to perform communication in a contactless manner, such as RFID communication or NFC communication, 10 cm, etc.). The user can perform tagging by bringing the digital system 100 or the card 300 close to the card 300 or the digital system 100 within a certain distance.

Although the digital system 100 is shown as a mobile phone in FIG. 1, the digital system 100 can communicate with the payment-side system 200 through a wired / wireless network, and is capable of communicating with the card 300 through any type of data processing apparatus Can be defined as including meaning. For example, the digital system 100 may be a data processing device, such as a tablet, a music player, or the like, which is easy for the user to carry around.

The card 300 may be a financial transaction means that can be used for card settlement. The card 300 may include a predetermined first communication device (e.g., an RF antenna, an RF tag, etc.) to perform tagging communication with the digital system 100. In addition, the card 300 may further include a storage device in which information necessary for realizing the technical idea of the present invention can be stored. For example, the card 300 may be implemented as an IC card having an IC chip or various types of smart cards. The card settlement may be performed only by the technical idea of the present invention, Or may be an independent financial transaction means capable of performing card settlement in a conventional manner.

In some implementations, the card 300 may be a device that can not independently perform financial transactions. For example, any type of smart card capable of generating card one-time information according to the technical idea of the present invention such as an electronic ID card or an OTP card can be implemented in the card 300. In addition, any user device (e.g., an electronic identification card, a smartphone separate from the digital system, an OTP device, etc.) to which a legitimate user may be designated may be capable of generating one-time information as defined herein , Any device having fixed identification information can be used to implement the technical idea of the present invention on behalf of the card 300. [ Hereinafter, the case where the card 300 is used to implement the technical idea of the present invention will be described. However, the technical idea of the present invention can be implemented through the user device other than the card 300 The average expert in the field of the invention will readily be able to deduce.

(For example, a card number, an expiration date, etc.) of payment means (for example, a payment card or the like) set in advance so as to correspond to the card 300 when the card 300 is implemented such that it can not independently perform a financial transaction, Etc.) may be registered in the payment-side system 200. Then, as described later, when the card 300 is authenticated by the payment-side system 200, settlement can be performed by the payment means corresponding to the card 300. [

In any case, the card 300 may generate certain one-time information to implement the technical idea of the present invention. For example, when the card 300 is tagged with the digital system 100, power is supplied through electromagnetic induction, and the one-time information can be generated by the IC chip included in the card 300 through the electromagnetic induction. The processor included in the IC chip may generate the one-time information when power is supplied through the communication with the digital system 100, and may enable the digital system 100 to read the generated one-time information. Of course, at this time, the digital system 100 may be required to be an authorized system capable of reading the one-time information. Of course, an authenticated application capable of reading the one-time information can be installed in the digital system 100 for this purpose.

The one-time information may be information that can be authenticated by the payment-side system 200. To this end, the payment-side system 200 may be provided with a card authentication unit for authenticating the one-time information. The card authentication unit can generate one-time information by itself to authenticate the one-time information as described later. That is, the card 300 may operate as an OTP client, for example, and the card authentication unit may operate as an OTP server. Hereinafter, the one-time information generated by the card 300 is referred to as card one-time information for convenience of description, and the one-time information generated by the payment-side system 200 is defined as server one-time information.

As described above, according to the technical idea of the present invention, the card 300 generates card one-time information, and the generated card one-time information can be authenticated by the payment-side system 200. Therefore, the card 300 can be authenticated by using the fixed identification information such as the UID (Unique Identification Number) of the card 300 that can be acquired from the card 300, There is an effect that the risk of forgery and falsification of the card identification information can be remarkably lowered.

According to one embodiment, the one-time information on the card generated by the card 300 is information on settlement financial information, that is, information required for settlement, such as information stored in the IC chip of the card 300 , CVC code, etc.) (e.g., card identification information, time information or any value, etc.). In this case, since the settlement financial information is not circulated to the digital system 100 or the settlement side system 200, the one-time information of the card is circulated, so that the security of the settlement method according to the technical idea of the present invention can be enhanced. Particularly, since the one-time information on the card is also generated from information irrelevant to the settlement financial information, the possibility is low, but the settlement financial information is leaked through reverse engineering by leakage of the one-time information and the one- It also has the effect of reducing risk. In order to enhance the convenience and accuracy of card identification, such effect is included in the confirmation signal together with one-time information and card identification information (e.g., UID, etc.) capable of identifying the card irrespective of the settlement financial information The same effect can be obtained.

The digital system 100 communicates with the card 300 to receive the card one-time information generated by the card 300 and to include it in the confirmation signal according to the technical idea of the present invention, To the system 200. Then, the payment-side system 200 can authenticate the card 300 using the card one-time information included in the confirmation signal. When the card 300 is authenticated, it can approve a predetermined settlement request.

The settlement request may have been transmitted to the settlement system 200 before the confirmation signal is transmitted to the settlement system 200. For example, the payment request may be a payment request transmitted from the predetermined data processing device 400 to the payment-side system 200. The data processing apparatus 400 is a separate device from the digital system 100 used by a user of the digital system 100 and the payment system 200 A billing system for performing payment directly, and an authentication system related to payment authentication in conjunction with a billing system such as a VAN company PG, etc.), a computer, a mobile terminal, Set-top box, IPTV, and the like. For example, a user may perform a payment request through a method of inputting identification information (e.g., a telephone number) of the digital system 100 through the data processing apparatus 400. [

According to an embodiment, the data processing apparatus 400 may be a predetermined merchant terminal (a POS device installed in a store, a mobile merchant terminal, or the like), or the like. In this case, the user or the merchant can transmit the payment request to the payment-side system 200 by inputting the identification information (e.g., telephone number) of the digital system 100 of the user to the merchant terminal. In some cases, the user may notify identification information of his or her digital system 100 to a merchant site to perform payment at a remote site. Then, the merchant may transmit the settlement request to the payment-side system 200 by inputting the identification information using the data processing apparatus 400, that is, the computer used at the merchant, or the merchant terminal. Such an example will be described in detail later with reference to FIGS. 4 and 5. FIG.

According to another embodiment, the payment request may be transmitted to the payment system 200 together with the confirmation signal. Such an example will be described with reference to FIG.

The settlement side system 200 authenticates the card 300 as described above based on the received confirmation signal when a payment request is received and an acknowledgment signal is received from the digital system 100, And can approve payment of the received payment request.

According to an embodiment, the confirmation signal may further include not only the card one-time information but also the card identification information of the card. The payment-side system 200 can identify the card 300 that communicated with the digital system 100 through the card identification information. When the card 300 is identified, the card 300 can be authenticated by generating server one-time information corresponding to the card 300. Of course, the card 300 may be identified based on the identification information (e.g., telephone number) of the digital system 100 or the terminal identification information of the digital system 100 to be described later. At this time, the identification information (or the terminal identification information) of the digital system 100 and the identification information of the card 300 corresponding thereto may be registered in the payment system 200 in advance. At this time, it is not necessary that only one card 300 is registered for each identification information (or terminal identification information) of the digital system 100.

In some embodiments, the confirmation signal may include terminal identification information of the digital system 100. The terminal identification information may be identification information (e.g., USIM identification information, IMSI, IMEI, etc.) of the hardware of the digital system 100. When the terminal identification information is included, the payment-side system 200 can approve the payment only when the terminal identification information is registered in advance. Therefore, if the confirmation signal is not received through the digital system 100, which is a pre-registered terminal, payment is not approved even if the confirmation signal is transmitted. In other words, it is possible to designate a digital system, thereby blocking an illegal settlement request through another terminal. In addition, since the settlement confirmation action (settlement authentication action) can be performed only through the designated digital system, there is an effect that smashing or manned middle attack can be prevented.

Meanwhile, the settlement according to the embodiment of the present invention may be implemented such that the digital system 100 and the card 300, which form a pair in advance, are approved to perform communication. For this purpose, the digital system 100 can transmit the acknowledgment signal only when the digital system 100 communicates with the card 300, which is set in advance with the digital system 100. According to another embodiment, when the payment system 200 receives an acknowledgment signal, the information included in the acknowledgment signal (for example, identification information (or terminal identification information) of the digital system 100) It is determined whether the digital system 100 and the card 300 are a device forming a pair based on the identification information of the digital system 100 and the card identification information of the digital system 100, The payment can be approved only when it is a device forming a pair. In this case, even if the digital system 100 and / or the card 300 are registered in advance so as to perform payment according to the technical idea of the present invention, if communication between two devices forming a pair is not performed in advance, The security of the digital system 100 and / or the card 300 can be remarkably high even if the digital system 100 and / or the card 300 are lost or stolen.

Meanwhile, the card one-time information generated by the card 300 is displayed by the digital system 100, and by allowing a user to input the one-time information of the card, the inputted card one-time information may be included in the confirmation signal have.

However, according to the embodiment of the present invention, the display of the one-time card information and the inputting process by the user are automatically included in the confirmation signal, thereby providing convenience of settlement by the user. In addition, since there is no process of inputting the one-time information of the card by the user, the risk of leakage of the card one-time information through key logging may be lowered. Of course, in this case, the non-repudiation prevention may be achieved by allowing the user to input the user authentication information (e.g., PIN) of the card 300 and allowing the final payment approval only after the user is authenticated through the user authentication information It is possible.

The settlement side system 200 receives a settlement request to perform card settlement, communicates with the digital system 100 and / or the data processing apparatus 400, or decides whether to approve payment Which can be defined to include all systems that do. For example, the payment system 200 may receive a payment request directly from the digital system 100 or the data processing apparatus 400, or may receive the payment request through a predetermined web server or a web system. For example, the payment-side system 200 receives a payment request directly from the data processing apparatus 400, for example, a user's computer, an affiliate terminal (e.g., POS, mobile payment terminal) A web server providing an online market, etc.).

In addition, the payment-side system 200 is a credit card company system in which the card company system capable of processing the settlement request with the card 300 (the credit card company system in the present invention is not limited to an independent card company system, And means an engine system (not shown). In addition, according to an embodiment, the payment system 200 may further include a VAN system or a PG, which is connected to the card company system through a network to mediate a payment process.

In any case, the payment system 200 receives at least one payment request directly or indirectly from the digital system 100 or the data processing apparatus 400, and determines at least one Quot; system "

On the other hand, the function of the card authentication unit 230 (for example, 230 in FIG. 3) for authenticating the card 300 or authenticating the user authentication information may be provided inside the payment-side system 200, And may be implemented as a system independent of the payment-side system 200. That is, an authentication system (not shown) that performs the function of the card authentication unit may be implemented independently of the payment-side system 200, and may communicate with the payment-side system 200 through a wired / The technical idea of the invention may be implemented.

In addition, the authentication system (not shown) may be installed in the payment-side system 200 or may be connected through a network to perform a payment service according to the technical idea of the present invention. However, For example, a service that can be provided when the authentication of the user is performed such as login, transfer, certificate issuance, etc.).

That is, the authentication system (not shown) authenticates the various authentication functions performed by the payment-side system 200 of the present invention, that is, the card 300, the terminal identification information of the digital system 100 , It is possible to authenticate whether the card 300 and the digital system 100 are a pair or authenticate the user authentication information and to provide the authentication service through these various authentications. The average expert will be able to reason easily.

Hereinafter, the process of settlement according to the technical idea of the present invention will be described in more detail. Hereinafter, for convenience of explanation, the digital system 100 is implemented as a mobile phone, and the identification information of the digital system 100 is a mobile phone number of the mobile phone. However, The scope of rights is not limited thereto.

2 shows a schematic configuration of a digital system according to an embodiment of the present invention.

Referring to FIG. 2, the digital system 100 includes a control module 110, a card communication module 120, and a communication module 130.

Herein, a module may mean a functional and structural combination of hardware for carrying out the technical idea of the present invention and software for driving the hardware. For example, each of the above configurations may refer to a logical unit of a predetermined code and a hardware resource for executing the predetermined code, and may be a code physically connected to one another or a specific type of hardware May be easily deduced to the average expert in the field of the present invention. Thus, each of the above configurations refers to a combination of hardware and software that performs the functions defined herein, and does not mean a specific physical configuration.

The control module 110 controls the functions and / or the resources of other components included in the digital system 100 (for example, the card communication module 120 and / or the communication module 130) .

The card communication module 120 may perform communication with the card 300. FIG. The communication may be contact or non-contact communication as described above. According to an example, the communication may be a contactless short range wireless communication (e.g., NFC communication). When the communication is the NFC communication, the user can be made to approve payment only by tagging the digital system 100 and the card 300, thereby enhancing the convenience of the user. The NFC communication can be performed without removing the card 300 even in the case where the card 300 is in the pocket, so that convenience of settlement can be enhanced.

The control module 110 may generate an acknowledgment signal according to the technical idea of the present invention.

The communication module 130 may communicate with the payment-side system 200.

The control module 110 may generate an acknowledgment signal including the card one-time information upon receiving the card one-time information generated by the card from the card 300 through the card communication module 120. [ Then, the generated confirmation signal can be transmitted to the payment-side system 200 by controlling the communication module 130.

The control module 110 may include at least the card one-time information in the confirmation signal, and may further include the card identification information of the card obtained through the card communication module 120 according to an embodiment. Also, the control module 110 may further include terminal identification information of the digital system 100.

Then, the payment system 200 can authenticate the card 300 based on the card one-time information included in the confirmation signal. When the card 300 is authenticated, the settlement system 200 can approve the settlement request using the settlement financial information corresponding to the card registered in advance in the settlement system 200.

It goes without saying that when the confirmation signal further includes the card identification information, the payment system 200 can identify the card 300 based on the card identification information. When the identification signal further includes the terminal identification information, the payment system 200 determines whether the digital system 100 is registered in advance (that is, the technical idea of the present invention) The mobile terminal can determine whether or not the mobile terminal can perform settlement according to the received information.

According to an exemplary embodiment, the confirmation signal may further include payment financial information of the card. In a case where the settlement financial information is further included, the settlement side system 200 may determine whether the card is legitimate based on the settlement financial information of the card, and approve the settlement request. However, even if the confirmation signal includes the card one-time information, there is a risk that the settlement financial information may be leaked when the settlement financial information is included, and the discharged settlement financial information may be abused. Therefore, when the confirmation signal further includes the payment financial information of the card, the payment-side system 200 determines whether the digital system 100 is a terminal registered in advance, based on the terminal identification information, May be desirable.

Meanwhile, the communication module 130 may receive predetermined payment related information from the payment system 200 or the data processing device 400. The received payment related information may be displayed on a display device (not shown) provided in the digital system 100. The user can confirm the settlement related information and confirm the payment and tag the digital system 100 and the card 300 to perform a payment confirmation operation (or a payment authentication operation) so that payment is performed.

The payment related information may include payment details (e.g., payment amount, merchant identification information, etc.). In addition, the payment related information may include information indicating a request to communicate (e.g., tag) the digital system 100 and the card 300 for payment. The user can confirm the payment by checking the payment related information.

The communication module 130 may receive the settlement related information from the settlement side system 200 or may receive the settlement related information from the data processing apparatus 400. Such an example will be described later with reference to Figs.

Meanwhile, the control module 110 may determine whether the card 300 is a device forming a pair with the digital system 100. And transmit the confirmation signal to the payment side system only when the card 300 is a device forming a pair with the digital system 100. [

In addition, the control module 110 requests predetermined user authentication information (e.g., PIN) before or after performing communication with the card 300, and when the user authentication information is registered in the payment system 200 in advance And may acquire the card one-time information or transmit the confirmation signal only when it corresponds to the authentication information. It is possible to prevent the non-repudiation even if the user does not perform the process of checking the one-time information on the card and directly inputting it to the digital system 100 through the user authentication information.

If the user authentication using the user authentication information is not performed, the digital system may not transmit the confirmation signal to the payment-side system 200. For example, the digital system 100 may receive the user authentication information before communicating with the card 300. Or may receive the user authentication information from the user after the communication is performed. If the user authentication information does not correspond to the information set in the card 300 in advance, the confirmation signal may not be transmitted. According to an embodiment, the user authentication using the user authentication information may be performed by the digital system 100 after the confirmation signal is transmitted. In this case, the digital system 100 may further transmit a predetermined authentication signal indicating the result of user authentication using the user authentication information to the payment-side system 200 after transmitting the confirmation signal. Then, the payment-side system 200 having received the authentication signal may finally decide whether to approve the payment request.

FIG. 3 shows a schematic configuration of a settlement-side system according to an embodiment of the present invention.

3, the payment system 200 according to an exemplary embodiment of the present invention includes a control unit 210, a communication unit 220, and a card authentication unit 230. The payment-side system 200 may further include a DB 240.

The configuration of the control unit 210, the communication unit 220, the card authentication unit 230, and the DB 240 included in the payment-side system 200 includes hardware for performing the technical idea of the present invention, Or a functional combination of software for driving the system. For example, each of the above configurations may refer to a logical unit of a predetermined code and a hardware resource for executing the predetermined code, and may be a code physically connected to one another or a specific type of hardware May be easily deduced to the average expert in the field of the present invention. Thus, each of the above configurations refers to a combination of hardware and software that performs the functions defined herein, and does not mean a specific physical configuration.

Also, the payment-side system 200 does not mean any physical device. That is, the average expert in the technical field of the present invention can easily deduce that the payment system 200 can be implemented by organically combining different physical devices through a network.

The control unit 331 controls the functions and / or resources of other components (for example, the communication unit 220, the card authentication unit 230, and the DB 240) included in the payment-side system 200 .

The communication unit 220 may perform communication with the digital system 100. In particular, the communication unit 220 may receive an acknowledgment signal from the digital system 100.

The card authentication unit 230 can authenticate the card 300 based on the card one-time information included in the confirmation signal. The card identification information and / or the settlement financial information may be further confirmed and the card 300 may be authenticated.

When the card 300 is authenticated by the card authentication unit 230, the control unit 210 transmits the settlement financial information corresponding to the registered card 300 (for example, a card number, an expiration date, or a CVC Etc.) can be used to decide whether to accept the payment request already received or the payment request included in the confirmation signal.

As described above, the DB 240 stores card identification information, payment financial information, identification information of the digital system 100, and the like of the card 300 capable of performing settlement according to the technical idea of the present invention in advance . Information about the pair formation of the digital system 100 and the card 300, that is, information about which digital system 100 and which card 300 are formed in pairs, may be stored in advance.

The settlement financial information corresponding to the card 300 does not necessarily mean the settlement financial information of the card 300 that communicated with the digital system 100. [ For example, the card 300 may be a device that can not independently perform a financial transaction such as an electronic ID card or an OPT device. In this case, when the user performs a payment confirmation operation through the card 300 in advance on the payment-side system 200, the payment financial information of the payment card (for example, credit card, check card, etc.) And the payment financial information of the payment card may be payment financial information corresponding to the card 300. [ According to an embodiment of the present invention, even when the card 300 that performs communication with the digital system 100 is a payment card capable of performing a financial transaction, It may be the settlement financial information of the payment card which is separate from the card 300. [

The communication unit 220 may receive a payment request from the data processing apparatus 400 or the digital system 100. It should be noted that the settlement request may include information on the settlement history, and the identification information (e.g., telephone number) of the digital system 100 may be included. Then, the control unit 210 can transmit settlement-related information to the digital system 100 or the data processing apparatus 400 through the communication unit 220. The user can confirm the settlement related information and communicate the digital system 100 and the card 300. [ Then, the communication unit 220 can receive an acknowledgment signal output from the digital system 100.

Then, the card authentication unit 230 can authenticate the card 300 using an acknowledgment signal including the card one-time information.

In order to authenticate the card 300, the card authentication unit 230 may first identify the card 300. FIG. For this, the card authentication unit 230 can identify the card 300 through the identification information (e.g., telephone number) or the terminal identification information of the digital system 100. In this case, the identification information (e.g., telephone number) of the digital system 100 or the card identification information corresponding to the terminal identification information may be stored in the DB 240 in advance. In addition, when the card identification information is included in the confirmation signal, the card 300 may be identified through the card identification information.

Then, the card authentication unit 230 can generate server one-time information corresponding to the card 300. To this end, the card authentication unit 230 may share at least one key (or a seed) for generating one-time information for each card with each card, or a method of obtaining the at least one key Algorithm). Also, as described above, the at least one key may be information (for example, card identification information such as UID, time information, or an arbitrary value) irrelevant to the payment financial information of the card 300, same. Of course, a function or algorithm for generating the server one-time information may also be the same as the function or algorithm in which the card 300 generates the card one-time information.

When the card authentication unit 230 generates the server one-time information, the card authentication unit 230 determines whether the generated server one-time information corresponds to the card one-time information included in the confirmation signal, You can authenticate. It is to be appreciated that the average expert in the field of the present invention can easily deduce that there are various embodiments of at least one key and one-time information generation algorithm for the card 300 and the card authentication unit 230 to generate one- It will be possible.

Meanwhile, when the terminal identification information is included in the confirmation signal, the controller 210 determines whether the terminal identification information corresponds to the information registered in advance in the DB 240. If the terminal identification information corresponds to the information registered in advance in the DB 240, You may.

The control unit 210 determines whether the digital system 100 and the card 300 form a pair with each other based on information previously registered in the DB 240. If the determination result is affirmative, The payment can be approved only when the card 100 and the card 300 form a pair as described above.

4 shows a schematic data flow of a payment method using a card according to an embodiment of the present invention.

4 shows an example in which a payment request is made via the digital system 100. Referring to FIG. 4, the digital system 100 transmits a payment request for a predetermined payment to the payment system 200 (S100). Then, the payment request is received through the communication unit 220 of the payment system 200, and the control unit 210 may transmit the payment related information to the communication module 130 of the digital system 100 (S110 ).

After confirming the payment related information, the user can communicate with the digital system 100 and the card 300 (S120). Then, the card 300 generates the card one-time information (S140), and the generated card one-time information may be acquired by the digital system 100 (S140). Of course, at this time, card identification information and payment financial information of the card 300 may be further acquired by the digital system 100. [

The digital system 100 may include at least the card one-time information in the payment-side system 200, and may include the card identification information, the payment financial information, and / or the terminal identification information of the digital system 100 (S150). ≪ / RTI > According to an exemplary embodiment, the control module 110 of the digital system 100 may not include the payment financial information in the confirmation signal. That is, the settlement financial information is not distributed through the network, thereby enhancing the security.

Then, the payment-side system 200 can authenticate the card 300 based on the confirmation signal (S160). Then, it is determined whether the payment is approved (S170), and the determined result can be transmitted to the digital system 100 (S180). The settlement side system 200 can determine whether payment is approved by using the settlement financial information corresponding to the card 300. It is possible to determine whether or not the terminal identification information corresponds to previously registered information and / It is also possible to determine whether the payment has been approved based on whether the digital system 100 and the card 300 form a pair.

According to an embodiment, the digital system 100 may determine whether the digital system 100 and the card 300 form a pair, and determine whether the digital system 100 and the card 300 transmit the confirmation signal, As shown above.

FIG. 5 shows a schematic data flow of a payment method using a card according to another embodiment of the present invention.

5, the data processing apparatus 400 receives the settlement request by inputting the identification information of the digital system 100. The settlement request is transmitted to the data processing apparatus 400, To the payment-side system 200 (S200).

The data processing apparatus 400 may be a computer or the like used by the user of the digital system 100. [ For example, the user can make a payment request online (S200) through a computer or the like, and in response, the payment-side system 200 can transmit settlement-related information to the computer (S210-1). The user can confirm the settlement related information displayed on the computer and perform a settlement confirming operation for communicating the digital system 100 with the card 300 in operation S220. According to an embodiment, the payment system 200 may transmit settlement related information to the digital system 100 (S210). Then, the user can perform the payment confirmation operation in response to this (S220).

According to another embodiment, the data processing apparatus 400 may be an affiliate terminal. The user can notify the merchant in the off-line store of the identification information of his / her digital system 100 or can input the identification information himself / herself. Alternatively, at a remote location, the user may request the merchant to perform a payment request for a predetermined payment through telephone, messaging, or e-mail. Then, when the identification information of the digital system 100 is input to the merchant terminal, a payment request may be transmitted to the payment-side system 200 (S200). At this time, payment related information may also be transmitted to the merchant terminal and / or the digital system 100 (S200, S200-1). The user can perform the payment confirmation operation in response to this (S220).

Then, the card 300 generates card one-time information (S230), and the generated card one-time information may be acquired by the digital system 100 (S240). Of course, at this time, card identification information and payment financial information of the card 300 may be further acquired by the digital system 100. [

The digital system 100 may include at least the card one-time information in the payment-side system 200, and may include the card identification information, the payment financial information, and / or the terminal identification information of the digital system 100 (S250). ≪ / RTI > Of course, in order to increase security, the settlement financial information may not be included in the confirmation signal even if the digital system 100 has acquired it.

Then, the payment-side system 200 can authenticate the card 300 based on the confirmation signal (S260). Then, it is determined whether the payment is approved (S270), and the determined result can be transmitted to the digital system 100 (S180). Or may be transmitted to the data processing apparatus 400 (S280-1). The settlement side system 200 can determine whether payment is approved by using the settlement financial information corresponding to the card 300. It is possible to determine whether or not the terminal identification information corresponds to previously registered information and / It is also possible to determine whether the payment has been approved based on whether the digital system 100 and the card 300 form a pair.

Meanwhile, the payment request may be performed by a person other than the user of the digital system 100. For example, a payment requester other than the user (that is, a payer) such as a family member, a relative or an acquaintance for the user to perform settlement may input the identification information of the user to the data processing apparatus 400, Side system 200 as shown in FIG. Or when the payment requester faces the identification information of the user to the merchant or remotely, the merchant transmits a payment request to the payment system 200 through the data processing device (e.g., merchant terminal 400) Output. Of course, at this time, information on the payment requester (for example, a name of a payment requester, a telephone number, etc.) may be further included, and information on the payment requester may be included in payment related information.

In this case, the payment-side system 200 may transmit settlement-related information to the digital system 100 of the user, and a payment confirmation operation as described above may be performed by the user. If the payment request is approved by the payment system 200, the payment result may be transmitted to the data processing apparatus 400 and the digital system 100.

According to another embodiment, a payment requester other than a user (that is, a payer) may input identification information of the digital system 100 to the data processing apparatus (for example, a computer 400, a payment requester's mobile terminal, When the payment requester faces the merchant's identification information or remotely notifies the merchant, the merchant can input the identification information of the digital system 100 to the data processing apparatus (e.g., merchant terminal 400) have. Then, the data processing apparatus 400 may transmit settlement related information to the digital system 100. Of course, in order to achieve this, predetermined software may be installed in the data processing apparatus 400 to implement the technical idea of the present invention. The payment related information may include information on the merchant, details of the payment, and / or information on the payment requester. If the user confirms the settlement related information and wishes to make a payment request corresponding to the settlement related information, the user can perform the settlement confirmation operation as described above. The digital system 100 may then transmit an acknowledgment signal as described above to the payment system 200. At this time, the confirmation signal may further include not only the one-time information on the card but also information required for a payment request (for example, information on a franchisee, payment details, etc.). That is, the confirmation signal may further include a payment request to be transmitted to the payment-side system 200.

Then, the payment system 200 can authenticate the digital system 100 and / or the card 300 used for the payment confirmation action based on the confirmation signal, and approve the payment request when authenticated. The payment system 200 may then transmit the payment results to the data processing device 400 and / or the digital system 100.

As a result, according to the technical idea of the present invention, it is possible to provide a solution with high security, which is very easy to perform payment on behalf of a third party, a payment requester.

4 and 5, according to the present invention, only the identification information of the digital system 100 is required to make a payment request. Therefore, there is an ease of payment request. In order to confirm payment, (E.g., tagging) the system 100 and its own card 300. As described above, although the ease of settlement request and the convenience of payment confirmation are convenient, the security can be very high as described above. Also, as shown in FIGS. 4 and 5, the user can easily check the payment even in the 2-channel payment due to the ease of the payment request and the convenience of the payment confirmation operation. Also, There is an effect that can carry out the act.

FIG. 6 shows a schematic data flow of a payment method using a card according to another embodiment of the present invention.

6, when the user notifies or inputs the identification information of his / her digital system 100, the data processing apparatus (e.g., merchant terminal 400) receives the identification information (S300) Related information to the digital system 100 (S310). It is needless to say that predetermined software for implementing the technical idea of the present invention may be installed in the data processing apparatus 400. According to an embodiment, the data processing apparatus 400 may be a mobile terminal used by an affiliate shop installed with the software.

In this case, the settlement-related information may include information necessary for a payment request, and if a payment confirmation action is performed by the user (S320), a card generated by the card 300 and acquired by the digital system 100 Information and the settlement request may be included in the confirmation signal and transmitted to the payment-side system 200 (S320, S330, S340, S350).

Then, the payment-side system 200 can authenticate the card 300 based on the confirmation signal (S360). In step S370, it is determined whether the payment is approved according to the settlement request, and the determined payment result may be transmitted to the digital system 100 in step S380-1.

According to another embodiment, the flows of FIGS. 5 and 6 may be applied to the third party payment as described above. For example, the child may notify the merchant of the identification information of the parent digital system 100, or may directly input the identification information and request the payment request for the predetermined payment. Then, the identification information of the digital system 100 may be input to the merchant terminal so that a payment request may be transmitted to the payment system 200 (S200 of FIG. 5) or the digital system (S310 of FIG. 6) . Then, the settlement can be made by the parent card according to the flow of FIG. 5 or 6.

7 is a diagram for explaining a process of a card-authenticating system of a payment-side system according to an embodiment of the present invention.

Referring to FIG. 7, a series of processes of authenticating the card 300 communicating with the digital system 100 by the card authenticating unit 230 of the payment-side system 200 will be described. May acquire an acknowledgment signal including the card one-time information (S361).

The card authentication unit 230 can also identify the card 300 (S362). The card authentication unit 230 identifies the card 300 using an acknowledgment signal including the card one-time information or transmits the identification information or terminal identification information of the digital system 100, 240 may be used to identify the card 300 as described above.

Then, the card authentication unit 230 may generate server one-time information corresponding to the identified card 300 (S363).

Then, it can be determined whether the generated server one-time information corresponds to the card one-time information received from the digital system 100 (S364). Then, it is determined that the authentication of the card 300 is successful (S365), and it may be determined that the authentication of the card 300 fails (S366).

If the authentication of the card 300 is successful, the settlement request of the settlement request can be approved by using the settlement financial information stored in the DB 240 in advance, corresponding to the card 300.

8 is a diagram for explaining a process in which a digital system transmits an acknowledgment signal according to an embodiment of the present invention.

Referring to FIG. 8, a user can input user authentication information (e.g., PIN) of the card 300 through a predetermined application installed in the digital system 100 to perform a payment confirmation operation (S400). Then, the digital system 100 and the card 300 can be communicated (S410). Of course, the input of the user authentication information may be performed after the digital system 100 and the card 300 are communicated. If the user authentication information corresponds to the information set on the card 300, the digital system 100 may receive the card one-time information generated by the card 300 (S420). Then, the digital system 100 may generate an acknowledgment signal including the card one-time information and transmit it to the payment-side system 200 (S450). Of course, the card identification information and the payment financial information of the card 300 may be further received (S430), and the card identification information or the payment financial information may be further included in the confirmation signal. In addition, the digital system 100 may determine whether the digital system 100 and the card 300 form a pair (S440). For this purpose, the card identification information of the card 300 forming a pair with the digital system 100 may be registered in the digital system 100 in advance. According to an embodiment, identification information or terminal identification information of the digital system 100 forming a pair with the card 300 may be stored in the storage device of the card 300. In this case, the card 300 confirms the identification information or the terminal identification information of the digital system 100, and if the confirmed information does not correspond to the information stored in advance in the storage device, the card 300 generates the one- It may not.

In any case, when the digital system 100 and the card 300 are not a device forming a pair, the digital system 100 can not transmit the confirmation signal to the payment-side system 200, (S460).

8, the input of the user authentication information (e.g., PIN) of the card 300 may be performed immediately before the payment approval is performed after the card authentication is performed by the payment-side system 200. [ That is, after transmitting the confirmation signal to the payment-side system 200, the digital system 100 may receive user authentication information of the card 300 and authenticate the user. In this case, the digital system 100 may further transmit a predetermined authentication signal indicating the authentication result to the payment-side system 200. Then, the control module 110 included in the payment-side system 200 may determine whether the payment is finally approved after confirming the authentication signal. In this case, the input of user authentication information (e.g., PIN) can serve as a non-repudiation prevention function.

According to an embodiment of the present invention, the digital system 100 transmits user authentication information to the payment system 200, and authentication of the user authentication information may be performed by the payment system 200. In this case, the digital system 100 may transmit the user authentication information to the payment-side system 200 at any time before the payment request is approved by the payment-side system 200. For example, the user authentication information may be included in the confirmation signal, and the user authentication information may be transmitted to the payment-side system 200 at any time before or after the transmission of the confirmation signal. Then, the card authentication unit 230 included in the payment-side system 200 is set on the card 300 and authenticates the user authentication information using the information registered in the payment-side system 200 in advance . When the user authentication is successful and the card 300 is authenticated as described above, it may be determined whether the payment request is approved by the control module 110.

The payment method using the card according to the embodiment of the present invention can be implemented as a computer-readable code on a computer-readable recording medium. A computer-readable recording medium includes all kinds of recording apparatuses in which data that can be read by a computer system is stored. Examples of the computer-readable recording medium include a ROM, a RAM, a CD-ROM, a magnetic tape, a hard disk, a floppy disk, an optical data storage device, and the like in the form of a carrier wave (for example, . In addition, the computer-readable recording medium may be distributed over network-connected computer systems so that computer readable codes can be stored and executed in a distributed manner. And functional programs, codes, and code segments for implementing the present invention can be easily inferred by programmers skilled in the art to which the present invention pertains.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims. Accordingly, the true scope of the present invention should be determined by the technical idea of the appended claims.

Claims (29)

  1. In a payment method using a card,
    The digital system performing near field wireless communication with the card for settlement of a predetermined settlement request;
    The digital system receiving card one-time information generated by the card from the card via the short-range wireless communication; And
    The digital system transmitting an acknowledgment signal including the received card one-time information to a payment-side system,
    If the card is authenticated by the payment-side system based on the acknowledgment signal including the transmitted card one-time information, the settlement-side system is configured to use the settlement-banking information corresponding to the card previously registered in the settlement- Characterized in that approval or disapproval is determined,
    In the payment method using the card,
    Further comprising the step of the digital system determining whether the card is a preset card so as to correspond to the digital system,
    And transmits the confirmation signal to the payment-side system as a result of the determination.
  2. The method according to claim 1,
    Related information output from the payment-side system is displayed on the data processing apparatus or the digital system when the payment request including the identification information of the digital system is transmitted from the predetermined data processing apparatus to the payment-side system; And
    And the digital system performs the short-range wireless communication with the card to settle the payment request corresponding to the displayed payment related information.
  3. The method according to claim 1,
    When the identification information of the digital system is input to a predetermined data processing apparatus, the digital system receives payment related information output from the data processing apparatus; And
    And when the payment related information is received, the digital system performs the short-range wireless communication with the card.
  4. delete
  5. delete
  6. delete
  7. delete
  8. The digital system according to claim 1,
    And transmits the one-time information received from the card to the payment-side system without including the one-time information in the confirmation signal.
  9. The payment method according to claim 8,
    The digital system requesting a user of the digital system for user authentication information corresponding to the card; And
    Further comprising the step of the digital system transmitting the user authentication information inputted in response to the request to the settlement side system,
    And the payment request is approved if the user authentication information is further authenticated by the payment side system.
  10. delete
  11. The digital system according to claim 1,
    And does not include the settlement financial information of the card in the confirmation signal.
  12. In a payment method using a card,
    The digital system receives the first payment related information output by the data processing apparatus that receives the identification information of the digital system of the second user by the first user or the second payment request is received by the digital processing system by the data processing apparatus, Receiving, by the digital system, second payment related information corresponding to the second payment request output by the payment-side system after being transmitted to the system;
    The digital system performing near field wireless communication with a predetermined card;
    The digital system receiving card one-time information generated by the card from the card via the short-range wireless communication; And
    The digital system transmitting an acknowledgment signal including the received card one-time information to the payment-side system,
    When the card is authenticated by the payment-side system based on the acknowledgment signal including the transmitted card one-time information, the settlement-side system transmits the payment- The first payment request corresponding to the first settlement related information included in the second settlement request or the confirmation signal previously received from the first settlement related information is determined,
    In the payment method using the card,
    Further comprising the step of the digital system determining whether the card is a preset card so as to correspond to the digital system,
    And transmits the confirmation signal to the payment-side system as a result of the determination.
  13. When the digital system performs near field wireless communication with a predetermined card, the payment side system receives an acknowledgment signal including the card one-time information generated by the card from the digital system;
    Authenticating the card based on the confirmation signal including the card one-time information received by the payment-side system; And
    The settlement system transmits the settlement request received from the predetermined data processing apparatus or the settlement request included in the confirmation signal, which is received from the predetermined data processing apparatus by using the settlement financial information corresponding to the card registered in advance on the settlement side system, And if so,
    Wherein the step of determining whether to approve the payment request comprises:
    Determining whether the digital system in which the payment system transmits the confirmation signal and the card are a pair set in advance to correspond to the payment system in advance,
    And determining whether to approve the payment request according to a result of the determination.
  14. [14] The method of claim 13,
    The payment system receiving the payment request including identification information of the digital system from the data processing apparatus; And
    Further comprising the step of the payment-side system transmitting payment-related information to the digital system or the data processing apparatus in response to the reception,
    Wherein the settlement-side system determines whether the settlement-side system approves the settlement request after the settlement-related information is transmitted and the confirmation signal is received from the digital system.
  15. delete
  16. delete
  17. delete
  18. delete
  19. Receiving, by the payment-side system, a payment request output from the data processing apparatus that receives the identification information of the digital system of the second user by the first user;
    Transmitting the settlement related information corresponding to the received settlement request to the digital system;
    Receiving, by the payment system, an acknowledgment signal including card one-time information generated by the card from the digital system, when short-range wireless communication is performed between the digital system and a predetermined card;
    Authenticating the card based on the confirmation signal including the card one-time information received by the payment-side system; And
    And when the card is authenticated, determining whether to approve the settlement request using the settlement financial information corresponding to the card previously registered in the settlement-side system,
    Wherein the step of determining whether to approve the payment request comprises:
    Determining whether the digital system in which the payment system transmits the confirmation signal and the card are a pair set in advance to correspond to the payment system in advance,
    And determining whether to approve the payment request according to a result of the determination.
  20. A computer-readable recording medium recording a program for carrying out the method according to any one of claims 1 to 3, 8, 9, 11 to 14 or 19.
  21. In a digital system,
    A card communication module for performing short-range wireless communication with the card for payment of a predetermined payment request;
    And a control module for transmitting an acknowledgment signal including the received card-once information to the payment-side system upon receiving the card-generated one-time information from the card through the card communication module,
    When the card is authenticated by the payment-side system based on the acknowledgment signal including the transmitted card one-time information, the payment-side system authenticates the payment request using the payment- Or < / RTI >
    The control module includes:
    Determining whether the card is a preset card corresponding to the digital system, and transmitting the confirmation signal to the payment-side system if the card is a preset card.
  22. 22. The digital system of claim 21,
    When the payment request including the identification information of the digital system is transmitted from the predetermined data processing apparatus to the payment-side system, the payment-related information output from the payment-side system is received,
    Further comprising a communication module for receiving payment related information output from the data processing apparatus when identification information of the digital system is input to a predetermined data processing apparatus.
  23. delete
  24. delete
  25. delete
  26. delete
  27. Related information output by the data processing apparatus that has received the identification information of the digital system of the second user by the first user, or when the second payment request is transmitted to the payment-side system by the data processing apparatus A communication module for receiving second settlement related information corresponding to the second settlement request output by the settlement side system;
    A card communication module for performing short-range wireless communication with a predetermined card; And
    And a control module for transmitting an acknowledgment signal including the received card one-time information to the payment-side system when the card one-time information generated by the card is received from the card by the card communication module,
    When the card is authenticated by the payment-side system based on the acknowledgment signal including the transmitted card one-time information, the settlement-side system transmits the payment- The first payment request corresponding to the first settlement related information included in the second settlement request or the confirmation signal previously received from the first settlement related information is determined,
    The control module includes:
    Determining whether the card is a preset card corresponding to the digital system, and transmitting the confirmation signal to the payment-side system if the card is a preset card.
  28. In a payment system,
    A communication unit for receiving an acknowledgment signal including the card one-time information generated by the card from the digital system when the digital system performs near field wireless communication with a predetermined card;
    A card authentication unit for authenticating the card based on the confirmation signal including the received card one-time information; And
    When the card is authenticated by the card authentication unit, whether to accept the payment request previously received from the predetermined data processing apparatus or the payment request included in the confirmation signal using the payment financial information corresponding to the card registered in advance And a control unit for determining,
    Wherein,
    Wherein the payment system determines whether the digital system that has transmitted the confirmation signal and the card are a pair set in advance to correspond to the payment system, and determines whether to approve the payment request according to the determination result.
  29. In a payment system,
    Receiving a payment request output from a data processing apparatus that receives identification information of a digital system of a second user by a first user, transmitting payment related information corresponding to the payment request to the digital system, A communication unit for receiving an acknowledgment signal including a card one-time information output from the digital system when a predetermined card performs short-range wireless communication;
    A card authentication unit for authenticating the card based on the confirmation signal including the card one-time information received by the communication unit; And
    And a controller for determining whether to approve the settlement request using the settlement financial information corresponding to the card registered in advance when the card authentication unit authenticates the card,
    Wherein,
    Wherein the payment system determines whether the digital system that has transmitted the confirmation signal and the card are a pair set in advance to correspond to the payment system, and determines whether to approve the payment request according to the determination result.
KR1020130160693A 2013-12-20 2013-12-20 Method for payment using card, digital system, and settlment side system thereof KR101542111B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020130160693A KR101542111B1 (en) 2013-12-20 2013-12-20 Method for payment using card, digital system, and settlment side system thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020130160693A KR101542111B1 (en) 2013-12-20 2013-12-20 Method for payment using card, digital system, and settlment side system thereof

Publications (2)

Publication Number Publication Date
KR20150072955A KR20150072955A (en) 2015-06-30
KR101542111B1 true KR101542111B1 (en) 2015-08-12

Family

ID=53518787

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020130160693A KR101542111B1 (en) 2013-12-20 2013-12-20 Method for payment using card, digital system, and settlment side system thereof

Country Status (1)

Country Link
KR (1) KR101542111B1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102005554B1 (en) * 2018-08-09 2019-07-30 주식회사 센스톤 Method and system for providing financial transaction using empty card
WO2020032344A1 (en) * 2018-08-09 2020-02-13 주식회사 센스톤 Concreteness-based virtual code verification method, apparatus, and system
KR102005549B1 (en) * 2018-08-09 2019-07-30 주식회사 센스톤 System, method and program for providing financial transaction by virtual code, vritual code generator and vritual code verification device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101140223B1 (en) * 2005-08-19 2012-04-26 주식회사 비즈모델라인 Device for Processing a Payment
KR101139096B1 (en) 2010-12-08 2012-04-30 에스케이씨앤씨 주식회사 Payment method using display apparatus having antenna for contactless reader

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101140223B1 (en) * 2005-08-19 2012-04-26 주식회사 비즈모델라인 Device for Processing a Payment
KR101139096B1 (en) 2010-12-08 2012-04-30 에스케이씨앤씨 주식회사 Payment method using display apparatus having antenna for contactless reader

Also Published As

Publication number Publication date
KR20150072955A (en) 2015-06-30

Similar Documents

Publication Publication Date Title
US10404461B2 (en) Token security on a communication device
US10511583B2 (en) Hybrid integration of software development kit with secure execution environment
AU2018202542B2 (en) Automated account provisioning
US20200294026A1 (en) Trusted remote attestation agent (traa)
JP2018088292A (en) System and method for secure transaction process by mobile equipment
US10417542B2 (en) Mobile device with scannable image including dynamic data
US20180139608A1 (en) Authentication using application authentication element
US9467292B2 (en) Hardware-based zero-knowledge strong authentication (H0KSA)
EP3259876B1 (en) Token and cryptogram using transaction specific information
US10826702B2 (en) Secure authentication of user and mobile device
EP3400696B1 (en) Systems and methods for device push provisioning
KR20170142130A (en) Method and device for conducting trusted remote payment transactions
US20170161726A1 (en) Account provisioning authentication
US10805423B2 (en) Device profile data usage for state management in mobile device authentication
US10515369B2 (en) Multi-device transaction verification
US20190122212A1 (en) Methods and systems for provisioning payment credentials
US8881977B1 (en) Point-of-sale and automated teller machine transactions using trusted mobile access device
US9436940B2 (en) Embedded secure element for authentication, storage and transaction within a mobile terminal
US20160005039A1 (en) Secure identity binding (sib)
US8639619B1 (en) Secure payment method and system
US8745716B2 (en) System and method for providing secure data communication functionality to a variety of applications on a portable communication device
JP5513626B2 (en) System and method for approving transactions
US8041338B2 (en) Mobile wallet and digital payment
US8650614B2 (en) Interactive phishing detection (IPD)
TWI587225B (en) Secure payment method, mobile device and secure payment system

Legal Events

Date Code Title Description
A201 Request for examination
A302 Request for accelerated examination
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment
E90F Notification of reason for final refusal
AMND Amendment
X701 Decision to grant (after re-examination)
FPAY Annual fee payment

Payment date: 20180703

Year of fee payment: 4

FPAY Annual fee payment

Payment date: 20190702

Year of fee payment: 5