KR101674812B1

KR101674812B1 - Method for Providing Payment based on One Time Password Card

Info

Publication number: KR101674812B1
Application number: KR1020150090873A
Authority: KR
Inventors: 김종서
Original assignee: (주)에이티솔루션즈
Priority date: 2015-06-26
Filing date: 2015-06-26
Publication date: 2016-11-09

Abstract

The present invention relates to a method for making an account transfer using an oticid card, the method comprising the steps of: generating a One Time Password (OTP) for banking, the method comprising the steps of: And the authentication rule of the authentication key generated by the OTP card is mapped and stored. When the payment request using the account transfer is confirmed, the program of the wireless terminal generates an OTP for banking through the chip of the OTP card And provides the OTP card to the wireless terminal in a chip of the OTP card. In the chip of the OTP card, the OTP for banking is generated through the designated seed provided in the chip and the dynamic seed, And generates an authentication key to be authenticated through the operation server, and transmits the unique information of the OTP card and the generated When the authentication information including the authentication key is encrypted to be decrypted through the bank server and the response information including the encrypted OTP for banking and the encrypted authentication information is provided to the wireless terminal through the contactless interface, Wherein the program receives response information including the encrypted banking OTP and the encrypted authentication information from the chip of the OTP card through the contactless interface, and the program of the wireless terminal receives the withdrawal account information and the account password An OTP for banking encrypted in a chip of the OTP card so as to be dynamically generated in a chip of an OTP card that is contactlessly interfaced to the wireless terminal and decrypted through a designated bank server, The authentication key generated from the chip of the card is decrypted through the operation server The operating server receives the withdrawal account information, the account password, the encrypted OTP for banking, and the encrypted authentication information from the program of the wireless terminal when the encrypted authentication information is transmitted in the chip, Decrypts the encrypted authentication information and restores the unique information of the OTP card and the authentication key generated in the chip of the OTP card, and the operation server generates the authentication information in the chip of the OTP card using the authentication rule mapped to the unique information Wherein the operation server authenticates the validity of one authentication key, and when the validity of the authentication key is verified, the operating server transmits the withdrawal account information and the account password input through the program of the mobile terminal, A corresponding bank account information, an encrypted OTP for banking which is generated in the chip of the OTP card and decrypted through a designated bank server Wherein the encrypted authentication information is not decrypted through the program of the wireless terminal, and the encrypted OTP for the banking is transmitted to the designated bank server through the bank transfer server, It is not decoded through the program or operating server of the wireless terminal.

Description

[0001] The present invention relates to a payment method for a one-time password card,

The present invention provides a method for executing an OTP card, which is executed through an operation server communicating with a program installed in a wireless terminal of a user, wherein the operating server generates unique information of an OTP card for generating an OTP (One Time Password) for banking, The program of the wireless terminal determines a dynamic seed for generating an OTP for banking through a chip of the OTP card and transmits the non-contact to the wireless terminal when the payment request is confirmed using the account transfer, And an OTP card for banking is generated through the dynamic seed and a designated seed provided in the chip on the chip of the OTP card and is encrypted to be decrypted through a designated bank server, Generates authentication key to be authenticated, and transmits authentication information including the unique information of the OTP card and the generated authentication key to the bank server And providing response information including the encrypted OTP for banking and the encrypted authentication information to the wireless terminal through the noncontact interface, the program of the wireless terminal is transmitted from the chip of the OTP card through the contactless interface Receiving the response information including the encrypted OTP for banking and the encrypted authentication information, and transmitting the withdrawal account information and the account password input from the user to the program of the wireless terminal and a chip of the OTP card contact- An OTP for banking encrypted in a chip of the OTP card to be dynamically generated and decrypted through a designated bank server, unique information provided in a chip of the OTP card, and an authentication key generated in a chip of the OTP card, And transmits the encrypted authentication information in the chip of the OTP card to be decrypted through the OTP card, Receives the withdrawal account information, the account password, the encrypted OTP for banking, and the encrypted authentication information from the program of the wireless terminal, and the operation server decrypts the encrypted authentication information and stores the unique information of the OTP card The operation server authenticates the validity of the authentication key generated in the chip of the OTP card by using the authentication rule mapped to the unique information, and the validity of the authentication key Upon authentication, the operation server generates deposit account information, account password, deposit account information corresponding to the settlement request, input through the program of the wireless terminal based on the authentication result of the authentication key, And the OTP for encrypted banking to be decrypted through the designated bank server, And the encrypted authentication information is not decrypted through the program of the wireless terminal and the encrypted OTP for banking is not decrypted through the program or the operation server of the wireless terminal The present invention relates to a payment method of a direct debit payment using an oticid card.

In order to settle the settlement based on the conventional money transfer service, it is necessary to input the designated account information of the store by using the Internet banking, transfer the settlement amount to the account, or transfer the designated account information of the store through mobile banking using the banking app installed in the user's wireless terminal A complicated procedure for inputting a key and transferring a settlement amount to a bank, and complicated procedures such as key input of a random number of a security card or key input of an OTP generated through an OTP generator in the process of using the Internet banking / mobile banking There was a problem that the procedure had to be performed.

In order to partially solve the complexity of such account transfer, a service has been proposed, such as transferring money by using account information in the form of a telephone number, or transferring money by mapping an e-mail address or a mobile phone number with account information, Since the proposed method has security risks, the operator could provide such services after depositing certain accident deposits with the bank in preparation for the financial crisis. In this way, Day or 100,000 won a day if the deposit is enough).

In order to solve the above problems, an object of the present invention is to provide a method for executing an OTP (One Time Password) for banking, which is executed through an operation server communicating with a program installed in a user's wireless terminal, A first step of mapping the unique information of the OTP card and the authentication rule of the authentication key generated by the OTP card and storing the mapping information; and a step of, when the payment request is confirmed using the account transfer, A second step of determining a dynamic seed for generating the OTP for a banking through a dynamic seed and a designated seed provided in the chip in a chip of the OTP card, Generating an authentication key to be authenticated through the operation server, generating an authentication key to be authenticated through the operation server, When the authentication information including the generated authentication key is encrypted to be decrypted through the bank server and the response information including the encrypted OTP for banking and the encrypted authentication information is provided to the wireless terminal through the contactless interface, A third step of the program of the terminal receiving response information including the encrypted banking OTP and the encrypted authentication information from the chip of the OTP card through the contactless interface; An OTP for banking encrypted in the chip of the OTP card so as to be dynamically generated from a chip of an OTP card dynamically generated in a contactless interface with the wireless terminal and decrypted through a designated bank server, The unique information and the authentication key generated from the chip of the OTP card are decrypted through the operation server When the encrypted authentication information is transmitted in the chip of the OTP card, the operating server receives the payment account information, the account password, the encrypted OTP for banking, and the encrypted authentication information from the program of the wireless terminal A fourth step of decrypting the encrypted authentication information, and a fifth step of decrypting the encrypted authentication information and restoring the unique information of the OTP card and the authentication key generated in the chip of the OTP card, A step of authenticating the validity of the authentication key generated in the chip of the OTP card using the rule, and a step of, when validating the authentication key, the operation server notifying the program of the wireless terminal based on the authentication result of the authentication key Withdrawal account information and account password input through the OTP card, deposit account information corresponding to the settlement request, And a seventh step of providing the account transfer request information including the encrypted OTP for banking to be decrypted through the bank server to the designated bank server to request settlement based on the account transfer, And the encrypted banking OTP is not decrypted through the program of the terminal but is not decrypted through the program or the operation server of the wireless terminal.

A method for making an account transfer using an oticid card according to the present invention is a method executed by an operation server communicating with a program provided in a user's wireless terminal, the operation server generating an OTP (One Time Password) for banking A first step of mapping the unique information of the OTP card and the authentication rule of the authentication key generated by the OTP card and storing the mapping information; and a step of, when the payment request is confirmed using the account transfer, A second step of determining a dynamic seed for generating the OTP for a banking through a dynamic seed and a designated seed provided in the chip in a chip of the OTP card, Generates an authentication key to be authenticated through the operation server, generates unique information of the OTP card, The method comprising: encrypting authentication information including the generated authentication key to be decrypted through the bank server and providing response information including the encrypted OTP for banking and encrypted authentication information to the wireless terminal through the contactless interface; A third step of the program of the wireless terminal receiving response information including the encrypted OTP for banking and the encrypted authentication information from the chip of the OTP card through the contactless interface; An OTP for banking encrypted in the chip of the OTP card so as to be dynamically generated from a chip of an OTP card dynamically generated in a contactless interface with the wireless terminal and decrypted through a designated bank server, And the authentication key generated in the chip of the OTP card is decrypted through the operation server The operating server receives the withdrawal account information, the account password, the encrypted OTP for banking, and the encrypted authentication information from the program of the wireless terminal when the encrypted authentication information is transmitted in the chip of the OTP card A fourth step and a fifth step of the operating server decrypting the encrypted authentication information and restoring the unique information of the OTP card and the authentication key generated in the chip of the OTP card; A sixth step of authenticating the validity of an authentication key generated in the chip of the OTP card using an authentication rule; and a sixth step of authenticating the validity of the authentication key, The deposit account information, the account password, the deposit account information corresponding to the settlement request, the payment account information generated in the chip of the OTP card And a seventh step of providing the account transfer request information including the encrypted OTP for banking to be decrypted through the bank server to the designated bank server to request settlement based on the account transfer, The encrypted banking OTP is not decrypted through the program of the wireless terminal and is not decrypted through the program or the operation server of the wireless terminal.

delete

According to another aspect of the present invention, there is provided a method for transferring money using an oticid card, wherein the operating server further includes a step of mapping information on a vendor of a vendor to be requested for payment and information on a transfer account of the vendor, The operational server may further include checking the deposit account information mapped with the business information corresponding to the settlement request.

According to another aspect of the present invention, there is provided a method of payment transfer using an oticid card, the operating server including: receiving payment request information including payment information of a user and a wireless terminal information of a user from an affiliate server; The server may further include providing the payment history information to a program of a wireless terminal corresponding to the wireless terminal information, wherein the payment history information may include a payment amount for payment request, order information, and business information .

delete

According to another aspect of the present invention, there is provided a method of payment transfer using an OTP card, the method comprising the steps of: providing, by a program of the wireless terminal, withdrawal account information and an account password input from a user to a chip of the OTP card; The step of encrypting the withdrawal account information and the account password so as to be decrypted through the bank server and the step of providing the response information including the encrypted withdrawal account information and the account password from the chip of the OTP card to the non- And further comprising:

delete

According to the present invention, in the method for payment by wire transfer using the oticid card, the program of the wireless terminal determines an argument value for generating an authentication key in the chip of the OTP card, and transmits the OTP card chip to the wireless terminal And generating an authentication key to be authenticated through an operation server based on the factor value in a chip of the OTP card.

delete

According to another aspect of the present invention, there is provided a method of payment transfer using an oticid card, the method including the step of generating an authentication key to be authenticated through the operation server using a factor value designated by a chip of an OTP card that is contact- .

delete

According to the present invention, the authentication result of the authentication key may be given a status equivalent to the account transfer request through the banking app corresponding to the bank server in response to the account transfer request through the program of the wireless terminal that is in contactless contact with the OTP card have.

According to another aspect of the present invention, there is provided a method of payment transfer using an oticid card, the method comprising: receiving, from the bank server, the account transfer result information for the account transfer request information; And providing the program of the wireless terminal as a program.

According to the present invention, the OTP card for generating the OTP for banking is contactlessly interfaced to the user's wireless terminal, so that the OTP for banking is not input, or the OTP for banking is input without using the banking app of the bank, There is an advantage in providing payment based on account transfer by giving the same status as using an app.

1 is a diagram illustrating a configuration of an account transfer based payment system using an OTP card according to an embodiment of the present invention.
2 is a diagram showing a configuration of an OTP card according to an embodiment of the present invention.
3 is a diagram showing a functional configuration of a wireless terminal and a program according to an embodiment of the present invention.
4 is a diagram illustrating a payment request process using an OTP card according to an embodiment of the present invention.
5 is a diagram illustrating an OTP card and a wireless terminal interworking process for OTC-based payment using an OTP card according to an embodiment of the present invention.
6 is a diagram illustrating a settlement process based on an account transfer using an OTP card according to an embodiment of the present invention.

The operation principle of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

1 is a diagram illustrating a configuration of an account transfer based payment system using an OTP card 200 according to an embodiment of the present invention.

More specifically, FIG. 1 illustrates an example in which an OTP card 200 for generating a one time password for banking is contactlessly interfaced to a user's wireless terminal 300, and the OTP card 200 for banking, which is generated through the OTP card 200, When the validity of the OTP card 200 that generated the OTP for banking is authenticated in the process of providing settlement based on the account transfer, the OTP for banking 200 may be input to the banking OTP The banking application of the bank is provided with the same status as that of the banking application, and the settlement of accounts is provided based on the account transfer. If the person skilled in the art is familiar with the present invention, 1 and / or modifying the OTP card 200 in accordance with various implementations of the OTC-based payment system using the OTP card 200 (e.g., some components are omitted, Would be able to infer how struck embodiment), the present invention is made, including any exemplary way in which the inference, to which the technical feature that is not limited to the exemplary method shown in the figure 1.

The system of the present invention generates an OTP for banking for account transfer, generates a predetermined authentication key for authenticating the validity of the banking OTP and generates unique identification information for identifying itself, An OTP card (200) having authentication information including an authentication key, the OTP card (200) having a chip (205) for encrypting the banking OTP and authentication information with different encryption rules different from each other, and an OTP The OTP card 200 is connected to the card 200 in a noncontact manner and is generated through the chip 205 of the OTP card 200 and is provided with the OTP for banking and the authentication information encrypted with different encryption rules, 205 of the user and the wireless terminal 300 of the user installing the program 320 for requesting the account transfer transaction by constituting the account transfer information including the OTP for banking and the authentication information, And receives the account transfer information from the program 320 of the wireless terminal 300 by communicating with the wireless terminal 300 via the communication network to decrypt and recover the encrypted authentication information of the account transfer information, An operation server 100 that authenticates the validity of the OTP card 200 that generated the OTP for the OTP and requests settlement based on the account transfer to the designated bank server 160 based on the result of the authentication, And a bank server (160) for processing the requested account transfer transaction, wherein the operating server (100) is an affiliate of a partner company that requests settlement based on the account transfer using the OTP card (200) A server 150 and a payment request terminal 145 for requesting settlement based on the account transfer to the affiliate server 150 through a designated communication network. According to the present invention, when the operation server 100 authenticates the validity of the OTP card 200 that generated the OTP for banking through the authentication information, the OTP for banking is transmitted from the user's wireless terminal 300 to the key Even when the user does not receive an input or requests a bank transfer transaction without using a banking app of a designated bank installed in the user's wireless terminal 300, the banking OTP for the banking is inputted or the same status as that using the banking app of the bank is given And provides settlement based on the account transfer.

The OTP card 200 includes a chip 205 having a function of generating an OTP for banking and a function of providing the generated OTP to the nearby wireless terminal 300 using proximity wireless communication Generally, an OTP is generated by substituting a seed value (for example, a stored fixed seed value and a dynamic seed value dynamically determined at the OTP generation time) specified in a designated code generation algorithm, and provided through Near Field Communication (NFC) And an NFC-OTP card 200. [ Hereinafter, the OTP card 200 will be described as an OTP card 200 having an NFC function. However, the present invention is not limited thereto.

According to the embodiment of the present invention, the OTP generated through the OTP card 200 is an OTP for banking for non-face-to-face financial transactions. Accordingly, the OTP card 200 can be issued through the window of the designated bank, or the function of generating the OTP of the bank designated in the issued card can be issued later. The chip 205 of the OTP card 200 can decrypt the generated OTP for banking only through the designated bank server 160. In this case, the OTP for banking encrypted through the chip 205 of the OTP card 200 is not decrypted through the wireless terminal 300 that is in contactless contact with the OTP card 200, And is not decrypted by any network device or server existing between the bank server 160 and the bank server 160. Even the OTP for banking encrypted through the chip 205 of the OTP card 200 is not decrypted through the operation server 100. [ Meanwhile, the chip 205 of the OTP card 200 may be configured such that the OTP card 200 is not encrypted according to the encryption method of the present invention for OTP authentication such as conventional Internet banking or mobile banking in addition to the present invention, (300), and the present invention is not limited thereto.

The chip 205 of the OTP card 200 may include an OTP card 200 for generating the OTP for banking through the designated operation server 100 in addition to the function for generating the OTP for banking, (Or validity of the chip 205 of the OTP card 200, hereinafter referred to as " validity of the OTP card 200 "). The chip 205 of the OTP card 200 may generate an authentication key for authenticating the validity of the OTP card 200 by substituting the factor value specified in the designated key generation algorithm. The chip 205 of the OTP card 200 generates the authentication key and at the same time the unique information of the OTP card 200 stored in the chip 205 of the OTP card 200 is combined with the generated authentication key And generate authentication information for authenticating the validity of the OTP card 200 through the designated operating server 100. Here, the authentication information is a term named for collectively referring to the unique information and the authentication key, and is not limited to an information set in which unique information and an authentication key are combined. In the present invention, the unique information of the OTP card 200 functions as an identification means for authenticating the validity of the OTP card 200, and the authentication key includes authentication means for authenticating the validity of the OTP card 200 Function. The chip 205 of the OTP card 200 can encrypt the generated authentication information so that it can be decrypted only through the operation server 100. [ The chip 205 of the OTP card 200 encrypts the unique information and the authentication key so as to be decryptable only through the operation server 100 or transmits the authentication information including the unique information and the authentication key to the operation server 100). &Lt; / RTI > In this case, the authentication information encrypted through the chip 205 of the OTP card 200 is not decrypted through the wireless terminal 300 that is in contactless contact with the OTP card 200, But is not decrypted by any network device existing between the operating servers 100.

According to the method of the present invention, the chip 205 of the OTP card 200 encrypts the banking OTP and the authentication information with different encryption rules different from each other. That is, the chip 205 of the OTP card 200 decrypts the OTP for banking only through the designated bank server 160, and encrypts the authentication information so that it can be decrypted only through the designated operation server 100 .

The wireless terminal 300 is generated through the chip 205 of the OTP card 200 in a non-contact interface with the OTP card 200 through a designated non-contact interface standard (including NFC standard, for example) A general term of a wireless communication terminal that is provided with an OTP for banking and authentication information each of which is encrypted according to a rule and installed a program 320 for requesting an account transfer transaction using the OTP for the banking transaction, ), A smart phone, a tablet PC, and the like.

The operation server 100 is provided between the wireless terminal 300 and the bank server 160 to authenticate the validity of the OTP card 200 that generated the OTP for banking through the authentication information, (OTP) for banking to the bank server 160, which requests the settlement based on the account transfer corresponding to the account transfer transaction requested from the wireless terminal 300. In this case, The unique information of the OTP card 200 and the authentication rule of the authentication key generated by the chip 205 of the OTP card 200 are mapped and stored and the authentication key of the authentication information is authenticated based on the stored authentication rule, 200) can be authenticated.

The affiliate server 150 is a general term of a server provided in an affiliate company that requests settlement based on an account transfer using the OTP card 200 for generating the OTP for banking to the operation server 100, , Or a server of an off-line vendor communicating with a store terminal (e.g., POS terminal) of an off-line store.

The settlement request terminal 145 is a collective term of a terminal selecting a settlement based payment using the OTP card 200 and requesting the settlement request terminal 145 to the cooperative server 150, (For example, a wired terminal or a wireless terminal 300 used by a user) requesting settlement based on an account transfer based on the OTP card 200 or a bank transfer server using an OTP card 200 as a confidential server of an offline affiliate company (E.g., a POS terminal) that requests payment of a payment request.

Referring to FIG. 1, the operation server 100 authenticates the validity of the unique information of the OTP card 200 for generating banking OTP and the authentication key generated in the chip 205 of the OTP card 200 And an information storage unit 105 for mapping and storing the authentication rules.

The OTP card 200 has a function of generating an OTP for banking and issuing (or issuing) an OTP card 200 having a function of generating authentication information according to the present invention to a user, (Or post-issuance) procedure of the OTP card 200 and confirms the authenticity of the authentication key generated in the chip 205 of the OTP card 200 For example, a key generation algorithm, at least one factor value for generating an authentication key, and the like, and then maps the unique information of the OTP card 200 and the authentication rule of the authentication key, and stores the mapping information in a designated storage medium.

According to an embodiment of the present invention, the information storage unit 105 registers the company information of the affiliated company and the deposit account information of the affiliated company from one or more affiliated companies, maps the company information to the deposit account information, And can be stored in a storage medium. If the payment account information of the affiliated company is provided at the time of the payment request of the affiliate server 150, the deposit account information may not be registered and stored in advance. According to an embodiment of the present invention, the deposit account information may include account information of a relay account (for example, an escrow account) for transferring funds to the account of the affiliate company, and thus the present invention is not limited thereto.

1, the operation server 100 receives from the affiliate server 150 information of the user's wireless terminal 300 to be in non-contact with the user's OTP card 200 and payment history information for the user's payment request A payment request confirmation unit 110 for receiving payment request information including the payment information of the mobile terminal 300 and an information providing unit 115).

When the settlement request terminal 145 selects settlement based on the account transfer based on the user's OTP card 200 and requests the settlement request to the cooperative server 150, the cooperative server 150 transmits the settlement request to the operation server 100 (For example, a product name, a product number, an order number, an order option, an order identification number, etc.) for a payment request (for example, a sales amount of a merchandise of a partner company, a discount amount applied to a user, (For example, a business name, a company identification code mapped with the deposit account information of an affiliated company (or a deposit account information of an affiliated company may be included), etc.), and the payment history information including the OTP card 200 The payment request confirmation unit 110 transmits the payment request information including the information of the wireless terminal 300 of the contactless interface user and the payment request confirmation unit 110 includes the information of the user's wireless terminal 300 from the affiliate server 150 remind It receives the payment request information, which includes the payment history information for the payment request of the user. The information of the user's wireless terminal 300 is information for identifying the user's wireless terminal 300 to provide the payment history information and includes at least one of various identification numbers assigned to the user's wireless terminal 300 . The information of the user's wireless terminal 300 may include at least one of the identification numbers registered in the affiliate server 150 by being mapped with the identification number and / or the user information keyed in the payment request terminal 145.

The information providing unit 115 performs mapping management (or referencing) of the user's wireless terminal 300 information with the app identification value for identifying the program 320 provided in the user's wireless terminal 300, It is determined whether the program 320 is loaded on the user's wireless terminal 300 based on the user's wireless terminal 300 information confirmed through the payment request confirmation unit 110. [ If the program 320 is not installed in the user's wireless terminal 300, the information providing unit 115 performs a procedure for mounting the program 320 in the user's wireless terminal 300 can do. Meanwhile, when the program 320 is installed in the user's wireless terminal 300, the information providing unit 115 transmits the payment history information (or payment history information) to the program 320 of the wireless terminal 300 Information to be exposed to the user). Preferably, the information providing unit 115 may perform a push notification procedure to provide the payment history information to the program 320 of the wireless terminal 300.

According to an embodiment of the present invention, the information providing unit 115 generates a random number for generating an OTP for banking on the chip 205 of the OTP card 200 that is in contactless contact with the user's wireless terminal 300 (Or confirm) the program to the program 320 of the wireless terminal 300. Meanwhile, if the random number value is not used in the process of generating OTP for banking on the chip 205 of the OTP card 200, the step of providing the random number value may be omitted.

According to the embodiment of the present invention, the information providing unit 115 generates an argument value for generating an authentication key in the chip 205 of the OTP card 200 contactlessly interfaced with the user's wireless terminal 300 Or provide it to the program 320 of the wireless terminal 300. Meanwhile, in the process of generating the authentication key in the chip 205 of the OTP card 200, the process of providing the factor value may be omitted when the factor value provided by the operation server 100 is not used.

The program 320 of the wireless terminal 300 receives the payment history information from the operation server 100 and outputs the payment history information to the screen of the wireless terminal 300. The program 320 of the wireless terminal 300 outputs an interface screen for receiving the withdrawal account information and the account password of the user and receives the withdrawal account information and the account password of the user through the interface screen. The program 320 of the wireless terminal 300 outputs a screen for guiding the user's OTP card 200 to contactlessly interface with the wireless terminal 300 and the OTP card 200 of the user is contactlessly interfaced A procedure for generating and supplying OTP and authentication information for banking through the OTP card 200 is performed. The above process can be performed sequentially or batchwise according to a designated procedure, and the present invention is not limited by the order.

According to the first card interlocking embodiment of the present invention, the program 320 of the wireless terminal 300 includes a dynamic seed for generating an OTP for banking through the chip 205 of the OTP card 200 And / or a random number determined by the wireless terminal 300 and / or a random value determined by the server (e.g., the operation server 100 or the bank server 160) To the chip 205 of the OTP card 200, which is contactlessly interfaced. If the dynamic seed can be determined dynamically from the chip 205 of the OTP card 200, the dynamic seed may be transferred from the program 320 of the wireless terminal 300 to the chip 205 of the OTP card 200, May not be provided. The chip 205 of the OTP card 200 is stored in the chip 205 of the OTP card 200 at the time of issuing (or issuing the OTP card 200) And generates the OTP for banking using the dynamic seed, and encrypts the generated OTP for banking so as to be decryptable through the designated bank server 160, and then transmits a response including the encrypted OTP for banking Information to the non-contact-interface-connected wireless terminal 300. In this case, the encrypted OTP for banking is not decrypted through the program 320 or the operation server 100 of the wireless terminal 300.

According to the second card interlocking embodiment of the present invention, the program 320 of the wireless terminal 300 determines an argument value for generating an authentication key in the chip 205 of the OTP card 200, To the chip 205 of the OTP card 200 that is in noncontact contact with the card 300. In this case, the factor value may include at least one of a value determined by the program 320 of the wireless terminal 300 and / or a value provided from the operation server 100. The chip 205 of the OTP card 200 may be authenticated by the operating server 100 based on the factor value provided from the wireless terminal 300 (and / or the factor value included in the chip 205) And transmits authentication information including the generated authentication key and the unique information of the OTP card 200 to the operation server 100. [ And provides the response information including the encrypted authentication information to the non-contact-interface-connected wireless terminal 300. The non-contact- The encrypted authentication information is not decrypted through the program 320 of the wireless terminal 300. [

According to the third card interlocking embodiment of the present invention, the authentication key may be generated through a factor value provided in the chip 205 of the OTP card 200. In this case, the chip 205 of the OTP card 200 generates an authentication key to be authenticated through the operation server 100 using a designated factor among the values stored in the chip 205, And encrypts authentication information including the generated authentication key and unique information of the OTP card 200 so that the authentication information can be decrypted through the operation server 100, Contacted wireless terminal (300). The encrypted authentication information is not decrypted through the program 320 of the wireless terminal 300. [

According to the fourth card interlocking embodiment of the present invention, the program 320 of the wireless terminal 300 provides the withdrawal account information input from the user and the account password to the chip 205 of the OTP card 200 which is in contactless interface And the chip 205 of the OTP card 200 encrypts the withdrawal account information and the account password so that they can be decrypted through the designated bank server 160 and then includes the encrypted withdrawal account information and the account password Contacted wireless terminal (300). In this case, the encrypted withdrawal account information and the account password are not decrypted through the program 320 or the operation server 100 of the wireless terminal 300. The program 320 of the wireless terminal 300 may transmit at least one of information included in the payment history information received from the operation server 100 (for example, payment amount, order information, The chip 205 of the OTP card 200 may further include the provided information and transmit the information to the designated bank server 200. In this case, 160, and thus the present invention is not limited thereto. Hereinafter, the features of the present invention will be described focusing on the embodiment in which the withdrawal account information and the account password are encrypted for convenience.

According to the embodiment of the present invention, the chip 205 of the OTP card 200 is connected to the first card interlocking embodiment and the second or third card interlocking embodiment among the first to fourth card interlocking embodiments (Including the fourth card interlocking embodiment) to the program 320 of the wireless terminal 300 in a sequential manner in accordance with a specified order or collectively integrate the card interlocking embodiments to provide the response information to the program 320 of the wireless terminal 300 have.

The program 320 of the wireless terminal 300 transmits the account transfer information including the response information to the wireless terminal 300 by providing the response information designated by the chip 205 of the OTP card 200 contact- And transmits it to the operation server 100. Preferably, the program 320 of the wireless terminal 300 encrypts the response information (or account transfer information) according to a security protocol agreed with the operation server 100 and transmits the encrypted response information (or account transfer information) to the operation server 100, The operation server 100 may receive and decode the response information (or the account transfer information). Hereinafter, it will be apparent that the communication includes an encryption / decryption procedure even if the encryption / decryption procedure is not mentioned in the communication between the program 320 of the wireless terminal 300 and the operation server 100. [

According to the embodiment of the first account transfer information configuration of the present invention, the program 320 of the wireless terminal 300 displays the withdrawal account information and the account password input from the user, and the OTP card (OTP) for banking which is dynamically generated in the chip 205 of the OTP card 200 and decrypted through the designated bank server 160 and the chip of the OTP card 200 according to the second or third card- 205, and the unique information of the OTP card 200 to the operating server 100, and transmits the authentication information to the operating server 100 .

The program 320 of the wireless terminal 300 may be transferred to the bank server designated in the chip 205 of the OTP card 200 according to the fourth card interlocking embodiment 160 and the account password and the password generated by the chip 205 of the OTP card 200 according to the first card interlocking embodiment and decrypted through the designated bank server 160 The authentication key generated by the chip 205 of the OTP card 200 and the unique information of the OTP card 200 in accordance with the second or third card interlocking embodiment, 100 to the operating server 100 and transmit the decrypted account transfer information to the operating server 100.

Referring to FIG. 1, the operation server 100 is configured to transmit withdrawal account information and account password input from a user through a program 320 provided in a user's wireless terminal 300, The OTP for banking encrypted in the chip 205 of the OTP card 200 so as to be decrypted through the designated bank server 160 dynamically generated in the chip 205 of the interface OTP card 200, The unique information of the OTP card 200 and the authentication key generated by the chip 205 of the OTP card 200 are encrypted in the chip 205 of the OTP card 200 so as to be decryptable through the operation server 100 An authentication information restoration unit 120 for decrypting the authentication information and restoring the unique information of the OTP card 200 and the authentication key generated by the chip 205 of the OTP card 200, And an authentication rule mapped to the inherent information, the chip (20) of the OTP card (200) A validity authentication unit 130 for authenticating the validity of the authentication key generated by the authentication key generation unit 5 in the validity of the authentication key, A transaction information constructing unit 135 configuring the account transfer request information including the inputted withdrawal account information and the account password, the deposit account information corresponding to the settlement request, and the OTP for banking generated and encrypted in the OTP card 200 ) And the account transfer request information to the designated bank server 160 to confirm the account transfer result information or the account transfer result information and transmit the account transfer result information to the program 320 of the wireless terminal 300 and the affiliate server 150 And a transaction procedure unit 140 for performing a procedure of providing the transaction procedure unit 140 to the user.

In the program 320 of the wireless terminal 300, the withdrawal account information and the account password input from the user according to the first or second account transfer information configuration example are stored in the chip 205 of the OTP card 200 And an OTP card 200 for decrypting the OTP card 200 in a chip 205 of the OTP card 200 so as to be decrypted through the designated bank server 160. [ The authentication information generated by the chip 205 of the mobile terminal 100 is encrypted by the operating server 100 so as to be decrypted, and the authentication information is transmitted to the wireless terminal 300 and the account password and the OTP for banking which are generated in the chip 205 of the OTP card 200 and encrypted so as to be decryptable through the bank server 160, , Generated in the chip 205 of the OTP card 200 It receives a money transfer information to be decoded includes an authentication information encrypted using zero server 100.

The operation server 100 transmits the encrypted OTP for banking (including the withdrawal account information encrypted in the chip 205 of the OTP card 200 and the account password) in the chip 205 of the OTP card 200 The authentication information encrypted in the chip 205 of the OTP card 200 can be decrypted.

The restoring unit decrypts the encrypted authentication information in the chip 205 of the OTP card 200 according to the designated decryption rule and stores the decrypted authentication information in the OTP card 200, And restores the authentication key generated by the chip 205 of the mobile terminal 200.

When the unique information of the OTP card 200 that generated the OTP for banking and the authentication key generated by the chip 205 of the OTP card 200 are restored through the authentication information restoring unit 125, The OTP card 200 checks the authentication rule for the authentication key using the unique information of the restored OTP card 200 as identification means and checks the authentication rule for the authentication key on the chip 205 of the OTP card 200 And authenticates the validity of the generated authentication key, thereby authenticating the validity of the OTP card 200 that generated the OTP for banking. Preferably, the validity authentication unit 130 generates a verification key value to be compared with an authentication key generated by the chip 205 of the OTP card 200 using the authentication rule, So that the validity of the authentication key can be verified.

If the validity of the OTP card 200 that generated the OTP for banking is authenticated by authenticating the authentication key generated by the chip 205 of the OTP card 200 through the validity authentication unit 130, Unit 135 includes the withdrawal account information and the account password input through the program 320 of the wireless terminal 300 (encrypted through the chip 205 of the post-OTP card 200), and the payment request information (Or OTP information included in the payment request information) corresponding to the business information included in the OTP card 200, and includes an OTP for banking generated and encrypted in the OTP card 200, The account transfer request information including the account transfer amount included in the account transfer request information.

The transaction processing unit 140 transmits the bank account information to the bank server 160 corresponding to the withdrawal account information (or the bank server 160 that provides the account transfer transaction using the OTP for banking generated through the OTP card 200) And provides the account transfer request information configured through the transaction information construction unit 135 to the confirmed bank server 160 so that the account transfer request based on the account transfer request information through the bank server 160 (For example, the amount calculated in the deposit account by subtracting a specified amount from the withdrawal account (for example, the account transfer amount or the account transfer amount plus a predetermined fee) (for example, The amount transferred, or the amount transferred from the withdrawal account to the account transfer amount).

The bank server 160 performs the account transfer procedure using the account transfer request information, and provides the account transfer result information corresponding to the account transfer request information to the operating server 100. The transaction procedure unit 140 receives the account transfer result information from the bank server 160 and provides the account transfer result information to the program 320 of the wireless terminal 300 and the affiliate server 150 .

2 is a diagram illustrating the configuration of an OTP card 200 according to an embodiment of the present invention.

2 illustrates an OTP generation function for generating an OTP for banking and decrypting the OTP card for decryption through a designated bank server 160, an OTP generation function for generating an authentication key for validity authentication of the OTP card 200, (300), which is in non-contact with the OTP card (200) according to an embodiment of the present invention, Contact type OTP card 200 having an encryption function for encrypting the withdrawal account information and the account password inputted through the bank server 160 so as to be decryptable through the bank server 160, Those skilled in the art will be able to refer to and / or modify the FIG. 2 to derive various implementations of the configuration of the OTP card 200, And the technical features thereof are not limited only by the method shown in FIG. Preferably, the OTP card 200 of FIG. 2 may include at least one of a contactless IC card, an RF card, and an NFC card.

2, the OTP card 200 includes a communication unit 215 for performing a non-contact interface with the adjacent wireless terminal 300 through an antenna 220, a memory 225 having at least one storage area, An OTP generation function for generating the OTP for banking and decrypting the OTP for decryption through the designated bank server 160; an authentication function for authenticating the validity of the OTP card 200; And an authentication information generating function for decrypting the encrypted authentication information through the operation server 100 designated together with the OTP card 200. In accordance with an embodiment of the present invention, And a control unit 210 for executing / controlling an encryption function for encrypting the withdrawal account information and the account password so that they can be decrypted through the bank server 160. [ A combination of the control unit 210 and the memory 225 or a combination of the control unit 210 and the memory 225 and the communication unit 215 is implemented in the form of a chip 205 embedded in the card.

The control unit 210 is a general term for a configuration for executing / controlling various operations of the OTP card 200 in at least one chip 205 incorporated in a card, and includes at least one processor and an execution memory . According to the present invention, the control unit 210 includes at least one program code loaded on the OTP card 200 through the processor, for loading the program code into the execution memory, or includes an integrated circuit for the operation. Hereinafter, the functional configuration of the chip 205 of the OTP card 200 of the present invention will be described in the control unit 210 for convenience.

The memory 225 is a generic name of a nonvolatile memory provided in the OTP card 200 and stores at least one program code executed through the control unit 210 and at least one data set used by the program code Respectively. Preferably, the memory 225 has at least one storage area of a read only storage area, a read / write storage area, and a write once read many (WORM) storage area.

The memory 225 stores unique information of the OTP card 200. Preferably, the unique information of the OTP card 200 includes the chip 205 information of the OTP card 200 or the unique identification number recorded in the process of issuing (or issuing the OTP card 200) .

The memory 225 stores a designated seed for dynamically generating an OTP for banking. The designated seed may be recorded in the process of issuing (or issuing) the OTP card 200, and may be recorded in the manufacturing process of the chip 205 of the OTP card 200 (for example, Chip 205 information, etc.) can be used as one of the designated seeds.

The memory 225 may store a bank encryption key for decryptively encrypting the dynamically generated OTP for banking through the designated bank server 160. Preferably, the bank cryptographic key may be recorded in the issuing (or issuing) of the OTP card 200, and the information stored in the manufacturing process of the chip 205 of the OTP card 200 (E.g., chip 205 information, etc.) can be used as a factor for generating the bank cryptographic key. On the other hand, during the process of creating the banking OTP, a bank encryption key (or a key value for generating a bank encryption key) for encrypting the OTP for banking is provided from the program 320 of the non-contact- The memory 225 may not store the encryption key for the bank.

The memory 225 may store an argument value for generating an authentication key generated for validity authentication of the OTP card 200. [ The OTP card 200 may be recorded in the process of issuing (or issuing) the OTP card 200, and the information stored in the process of manufacturing the chip 205 of the OTP card 200 (for example, Chip 205 information, etc.) can be used as a factor for generating the authentication key. Meanwhile, when the argument value is provided from the program 320 of the wireless terminal 300 that has been contactlessly interfaced during the process of generating the authentication information and the authentication key is generated using the argument value, the memory 225 stores the argument value It is acceptable.

The memory 225 is a memory for encrypting the authentication information including the authentication key generated for the validity authentication of the OTP card 200 and the unique information of the OTP card 200 so that the authentication information can be decrypted through the designated operation server 100 The encryption key for authentication can be stored. Preferably, the encryption key for authentication may be recorded in the process of issuing (or issuing) the OTP card 200, and the information stored in the process of manufacturing the chip 205 of the OTP card 200 (E.g., chip 205 information, etc.) can be used as a factor for generating the encryption key for authentication. On the other hand, when the encryption key for authentication (or the key value for generating the encryption key for authentication) for encrypting the authentication information is provided from the program 320 of the non-contact-interface-interfaced wireless terminal 300 during the process of generating the authentication information The memory 225 may not store the encryption key for authentication.

The communication unit 215 is a collective term for a unit for performing proximity wireless communication using a radio frequency signal as a communication medium at a proximity distance (for example, about 10 cm or less) in a noncontact interface with the wireless terminal 300. Preferably, And can process NFC communication with the wireless terminal 300.

2, the chip 205 of the OTP card 200 includes a reception processing unit 230 for receiving information necessary for generating an OTP for banking from the program 320 of the wireless terminal 300 that has been contactlessly interfaced, A seed identifying unit 235 for identifying a seed value including at least one of a designated seed and a dynamic seed for generating an OTP for banking; and a seed confirmation unit 235 for identifying a seed value for generating an OTP for dynamically generating banking OTP And an OTP encryption unit 245 for encrypting the generated OTP for banking so as to be decryptable only through the designated bank server 160. The OTP encryption unit 245 encrypts the OTP for decryption through the designated bank server 160, And a transmission processing unit 280 for constructing response information including the OTP for banking and providing the response information to the program 320 of the wireless terminal 300 via the communication unit 215.

The program 320 of the wireless terminal 300 may transmit the information necessary for generating the OTP for banking (for example, a command for generating an OTP for banking and / or a dynamic And the reception processing unit 230 receives information necessary for generating an OTP for banking from the program 320 of the wireless terminal 300 that has been contactlessly interfaced. The reception processing unit 230 may receive the information necessary for generating the OTP for banking from the program 320 of the wireless terminal 300 according to a specified order or may receive information necessary for generating the OTP for banking, Together with information necessary for generating the authentication information (or authentication key) or the withdrawal account information and the account password input from the user.

The seed confirmation unit 235 includes a dynamic seed that is included in the information received through the reception processing unit 230 and the designated seed stored in the memory 225 (or a dynamic seed dynamically determined in the chip 205) The OTP generation unit 240 substitutes the identified seed value into a designated code generation algorithm to dynamically generate an OTP for banking for transferring money through the designated bank server 160. [

The OTP encryption unit 245 confirms a bank encryption key for encrypting the OTP for banking (or generates a bank encryption key according to a designated procedure) from the memory 225, And encrypts the OTP for banking so as to be decryptable only through the designated bank server 160.

The transmission processing unit 280 configures response information including the encrypted banking OTP through the OTP encryption unit 245 and transmits the response information to the program 320 of the wireless terminal 300 through the communication unit 215 And transmits the response information. Preferably, the transmission processing unit 280 transmits the response information including the decrypted encrypted OTP for banking through the designated bank server 160 according to the designated order, or transmits the response information including the encrypted operation specified with the OTP for banking It is possible to collectively transmit the authentication information decryptable through the server 100 or the response information including the withdrawal account information decryptably decrypted through the designated bank server 160 and the account password.

Referring to FIG. 2, a chip 205 of the OTP card 200 receives authentication information (or an authentication key for validity authentication of the OTP card 200) from the program 320 of the wireless terminal 300, A factorization value checking unit 250 for determining a factor value for generating the authentication key, and a factorization unit 250 for assigning the factor value to the designated key generation algorithm, And an authentication key generation unit 255 for generating authentication information including the generated authentication key and unique information of the OTP card 200 and transmitting authentication information for encrypting the authentication key to be decryptable only through the designated operation server 100 And a decryption unit 260. The decryption unit 260 generates response information including decryption-decrypted authentication information through the designated operation server 100 and transmits the decrypted authentication information to the program 320 of the wireless terminal 300 through the communication unit 215 ) Provided by And a transmission processing section 280. The

The program 320 of the wireless terminal 300 transmits information necessary to generate authentication information (or an authentication key) for validity authentication of the OTP card 200 to the chip 205 of the OTP card 200 The reception processing unit 230 provides the authentication information (or the authentication key) from the program 320 of the non-contact-interface-type wireless terminal 300 Or an authentication key). Preferably, the reception processing unit 230 receives the information required to generate the authentication information (or the authentication key) according to the specified order, or receives the information necessary for generating the authentication information (or the authentication key) Can be collectively received from the information necessary for generating the account information and the account information and account information input from the user.

The factor value confirmation unit 250 identifies at least one factor value among factor values stored in the memory 225 and / or factor values included in the information received through the reception processing unit 230, The generation unit 255 generates an authentication key for validity authentication of the OTP card 200 through the identified factor and the designated key generation algorithm.

The authentication information encryption unit 260 identifies the unique information of the OTP card 200 and configures authentication information including the generated authentication key and the unique information. The authentication information encryption unit 260 confirms an authentication encryption key for encrypting the authentication information from the memory 225 (or generates a encryption key for authentication in accordance with a specified procedure) And encrypts the authentication information so as to be decryptable only through the designated operating server 100. [

The transmission processing unit 280 composes response information including the encrypted authentication information through the authentication information encryption unit 260 and transmits the response information to the program 320 of the wireless terminal 300 through the communication unit 215 And transmits the response information. Preferably, the transmission processing unit 280 transmits response information including decrypted encrypted authentication information through the designated operation server 100 according to a specified order, or transmits the response information including the encrypted authentication information to the designated bank server The OTP for banking encrypted to be decrypted through the bank server 160 and the response information including the account password and the account password encrypted so as to be decryptable through the bank server 160. [

2, the chip 205 of the OTP card 200 receives the withdrawal account information input from the user among the information received from the program 320 of the wireless terminal 300 through the reception processing unit 230, And a transaction information encryption unit (275) for encrypting the confirmed withdrawal account information and the account password so that they can be decrypted only through the designated bank server (160). The transaction information encryption unit (275) A transmission processing unit (not shown) configured to provide response information including decrypted withdrawal account information and account password decrypted through the bank server 160 and providing the response information to the program 320 of the wireless terminal 300 through the communication unit 215 280).

The program 320 of the wireless terminal 300 provides information including the withdrawal account information and the account password input by the user to the chip 205 of the contactless interface OTP card 200, Receives the information including the withdrawal account information and the account password from the program 320 of the wireless terminal 300 that has been contactlessly interfaced. Preferably, the reception processing unit 230 receives the withdrawal account information and the account password input by the user in accordance with the specified order, or receives the information necessary for generating the OTP for banking, together with the withdrawal account information and the account password, Information necessary for generating information (or an authentication key) can be collectively received.

The transaction information verifying unit 270 confirms the withdrawal account information and the account password inputted from the user among the information received through the reception processing unit 230 and encrypts the withdrawal account information and the account password from the memory 225 (Or generates a cryptographic key for a bank in accordance with a specified procedure), encrypts the withdrawal account information and the account password so that it can be decrypted only through the bank server 160 designated through the cryptographic key for the bank do.

The transmission processing unit 280 composes response information including the withdrawal account information and the account password encrypted through the transaction information encryption unit 275 and transmits the program of the wireless terminal 300 through the communication unit 215 320). &Lt; / RTI > Preferably, the transmission processing unit 280 transmits response information including decrypted withdrawal account information and an account password through the designated bank server 160 in a designated order, or transmits the decrypted withdrawal account information and / The OTP for banking encrypted so as to be decryptable through the bank server 160 designated together with the account password, or the response information including the authentication information encrypted for decryption through the designated operation server 100 can be collectively transmitted.

FIG. 3 is a diagram illustrating a functional configuration of a wireless terminal 300 and a program 320 according to an embodiment of the present invention.

More specifically, FIG. 3 illustrates an OTP for banking encrypted to be decryptable through a bank server 160 created in a chip 205 of a contactless-interface-connected OTP card 200 and a chip 205 of the OTP card 200 And a function of the program 320 for requesting settlement based payment using the authentication information encrypted so as to be able to decrypt the unique information of the OTP card 200 through the designated operating server 100 3, the wireless terminal 300 may include a wireless terminal 300 and a wireless terminal 300. The wireless terminal 300 may include a wireless terminal 300, It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. Preferably, the wireless terminal 300 of FIG. 3 may include at least one of various smartphones, tablet PCs, PDAs, and mobile phones.

3, the wireless terminal 300 includes a control unit 302, a memory unit 318, a screen output unit 304, a user input unit 306, a sound processing unit 308, a wireless network communication unit 314, A near field network communication unit 312, an NFC module 310, a USIM reader unit 316, and a USIM, and has a battery for power supply.

The control unit 302 is a general term for controlling the operation of the wireless terminal 300. The control unit 302 includes at least one processor and an execution memory, BUS). According to the present invention, the control unit 302 loads at least one program code included in the wireless terminal 300 into the execution memory through the processor, and outputs the result through at least one configuration To control the operation of the wireless terminal 300. [ Hereinafter, the functional configuration of the program 320 of the present invention will be described in the control unit 302 for convenience.

The memory unit 318 is a general term of the nonvolatile memory included in the wireless terminal 300 and includes at least one program code executed through the control unit 302 and at least one data set used by the program code And stores it. The memory unit 318 basically includes a system program code and a system data set corresponding to the operating system of the wireless terminal 300, a communication program code and a communication data set for processing a wireless communication connection of the wireless terminal 300, The program code and the data set corresponding to the program 320 of the present invention are also stored in the memory unit 318. [

The screen output unit 304 includes a screen output unit (e.g., an LCD (Liquid Crystal Display) and the like) and a driving module for driving the screen output unit 304. The screen output unit 304 is connected to the control unit 302, And outputs an operation result corresponding to the output to the screen output device.

The user input unit 306 includes at least one user input device (e.g., a button, a keypad, a touch pad, a touch screen coupled to the screen output unit 304), and a drive module for driving the touch screen. And inputs a command for instructing various operations of the control unit 302 or data necessary for the operation of the control unit 302. [

The sound processing unit 308 includes a speaker and a microphone and a driving module for driving the speaker and microphone. The sound processing unit 308 decodes a calculation result corresponding to a sound output from among the various calculation results of the control unit 302 in cooperation with the control unit 302, And outputs the sound signal through the speaker or the sound signal input through the microphone to the controller 302.

The wireless network communication unit 314 collectively refers to a communication unit that connects the wireless terminal 300 to a wireless communication network via a base station. The wireless network communication unit 314 includes an antenna, an RF module, a baseband module, And transmits the calculation result corresponding to the wireless communication among the various calculation results of the controller 302 through the wireless communication network or receives data through the wireless communication network To the control unit 302, and performs the connection, registration, communication, and handoff procedures of the wireless communication. Preferably, the wireless network communication unit 314 includes a mobile communication structure that performs at least one of connection to a mobile communication network, location registration, call processing, call connection, data communication, and handoff according to the CDMA / WCDMA / LTE standard.

The short-range network communication unit 312 is a collective term for a communication unit that connects a communication session using a radio frequency signal within a predetermined distance (for example, 10 m) as a communication medium and connects the wireless terminal 300 to a communication network based on the communication session , The wireless terminal 300 may be connected to the communication network through at least one of Wi-Fi communication, Bluetooth communication, public wireless communication, and UWB.

The NFC module 310 may be a component of a wireless communication system that processes at least one of a two-way proximity wireless communication, a full-duplex proximity wireless communication, and a half-duplex proximity wireless communication using a radio frequency signal as a communication medium at a close distance (e.g., As a general term, it is possible to process the proximity wireless communication according to the NFC (Near Field Communication) standard of the 13.56 Mz frequency band.

The USIM reader unit 316 is a generic term of a configuration for exchanging at least one data set with a universal subscriber identity module that is mounted or detached from the mobile station 300 based on the ISO / IEC 7816 standard , And the data set is exchanged in a half duplex communication manner through an APDU (Application Protocol Data Unit). The USIM is a SIM type card having an IC chip 205 according to the ISO / IEC 7816 standard, and performs a procedure for managing and authenticating a communication network connection through the wireless network communication unit 314.

The program 320 of the present invention is downloaded from an application providing server (for example, an Apple App Store or the like), installed in the wireless terminal 300 according to a designated procedure, .

3, the program 320 of the wireless terminal 300 includes a payment history receiving unit 325 for receiving payment history information for account transfer based payment from the designated operating server 100, A settlement processing output unit 330 for outputting history information and displaying an interface screen for receiving the user's withdrawal account information and account password, an interface screen for receiving the withdrawal account information and the account password of the user, And a transaction information input unit 335 for inputting the withdrawal account information and the account password of the user through the screen.

The operating server 100 provides payment history information for settlement based on the account transfer requested from the affiliate server 150 affiliated with the program 320 of the wireless terminal 300 and the payment history receiving unit 325 Based payment settlement information from the operation server 100 and the payment processing output unit 330 outputs the payment history information in cooperation with the screen output unit 304. [

According to the method of the present invention, the payment processing output unit 330 outputs the payment history information (or in accordance with the designated order) and simultaneously transmits the withdrawal account information and the account password of the user through the user input unit 306 And displays an interface screen for input and reception.

The transaction information input unit 335 receives the withdrawal account information of the user and the account password through the user input unit 306 based on the interface screen displayed through the payment processing output unit 330.

According to the embodiment of the present invention, the payment processing output unit 330 may output a screen for guiding the user's OTP card 200 to contact the wireless terminal 300 in a non-contact manner.

Referring to FIG. 3, the program 320 of the wireless terminal 300 includes a card interlock verification unit 340 for checking whether the OTP card 200 is in non-contact with the OTP card 200 of FIG. 2 through the NFC module 310, Contact interface with the OTP card 200 through the chip 205 of the OTP card 200 as a chip 205 of the OTP card 200 when the contactless interface is confirmed and then decrypted through the designated bank server 160 It is possible to receive encrypted OTP for banking or to receive decrypted encrypted authentication information through the designated operating server 100 through the chip 205 of the OTP card 200 or to decrypt the encrypted authentication information through the designated bank server 160 A card interlocking procedure unit 345 for carrying out a card interlocking procedure designated to receive the encrypted withdrawal account information and the account password, the withdrawal account information of the user and the account password, Within the chip 205 And an OTP for banking which is decrypted through the bank server 160 so as to be decrypted. The authentication information is generated in the chip 205 of the OTP card 200 and decrypted through the operation server 100 And a transaction request processing unit 350 configured to transmit the account transfer information to the operation server 100. The transaction result processing unit 355 receives and outputs the account transfer result information corresponding to the account transfer information, Respectively.

The card interlocking confirmation unit 340 confirms whether or not the contactless interface with the OTP card 200 of FIG. 2 is interfaced through the NFC module 310. The card interlocking confirmation unit 340 may read the information received from the card that processes the proximity wireless communication through the NFC module 310 and check whether the contactless interface is interfaced with the OTP card 200.

Contact interface with the OTP card 200 through the card interlocking confirmation unit 340. The card interlocking procedure unit 345 causes the chip 205 of the contactless-interfaced OTP card 200 to contact the OTP card 200, The OTP card 200 may be provided with a decryption encrypted OTP generated through the chip 205 of the card 200 and decrypted through the designated bank server 160 or may be provided through the chip 205 of the OTP card 200, ) Or performs a card association procedure designated to receive decrypted decrypted withdrawal account information and an account password through the designated bank server 160. [

According to the first card interlocking embodiment of the present invention, the card interlocking procedure unit 345 may include a dynamic seed (for example, a time value and / or a time value) for generating an OTP for banking through the chip 205 of the OTP card 200 A random number value determined by the wireless terminal 300 and / or a random value determined by the server side (e.g., the operation server 100 or the bank server 160) To the chip 205 of the interface OTP card 200. If the dynamic seed can be determined dynamically from the chip 205 of the OTP card 200, the card interlocking procedure unit 345 does not provide the dynamic seed to the chip 205 of the OTP card 200 It is acceptable. The chip 205 of the OTP card 200 is stored in the chip 205 of the OTP card 200 at the time of issuing (or issuing the OTP card 200) And generates the OTP for banking using the dynamic seed, and encrypts the generated OTP for banking so as to be decryptable through the designated bank server 160, and then transmits a response including the encrypted OTP for banking Information to the non-contact-interface-connected wireless terminal 300.

According to the second card interlocking embodiment of the present invention, the card interlocking procedure unit 345 determines an argument value for generating an authentication key in the chip 205 of the OTP card 200, To the chip 205 of the OTP card 200 which is contactlessly interfaced with the IC card 200. At this time, the factor value may include at least one of the value determined by the card interlocking procedure unit 345 and / or the value provided from the operation server 100. The chip 205 of the OTP card 200 may be authenticated by the operating server 100 based on the factor value provided from the wireless terminal 300 (and / or the factor value included in the chip 205) And transmits authentication information including the generated authentication key and the unique information of the OTP card 200 to the operation server 100. [ And provides the response information including the encrypted authentication information to the non-contact-interface-connected wireless terminal 300. The non-contact-

According to the third card interlocking embodiment of the present invention, the authentication key may be generated through a factor value provided in the chip 205 of the OTP card 200. In this case, the chip 205 of the OTP card 200 generates an authentication key to be authenticated through the operation server 100 using a designated factor among the values stored in the chip 205, And encrypts authentication information including the generated authentication key and unique information of the OTP card 200 so that the authentication information can be decrypted through the operation server 100, Contacted wireless terminal (300).

According to the fourth card interlocking embodiment of the present invention, the card interlocking procedure unit 345 can provide the withdrawal account information input from the user and the account password to the chip 205 of the OTP card 200 that is contactlessly interfaced , The chip 205 of the OTP card 200 decrypts the withdrawal account information and the account password so as to be decryptable through the designated bank server 160 and then transmits the encrypted withdrawal account information and the response password Contacted wireless terminal (300). Meanwhile, according to the method, the card interlocking procedure unit 345 may transmit at least one piece of information (for example, at least one of the payment amount, order information, and business information) included in the payment history information received from the operation server 100 The chip 205 of the OTP card 200 may further include the provided information so that the designated bank server 160 may receive the information The present invention is not limited thereto.

According to the embodiment of the present invention, the chip 205 of the OTP card 200 is connected to the first card interlocking embodiment and the second or third card interlocking embodiment among the first to fourth card interlocking embodiments (Including the fourth card interlocking embodiment) may be sequentially processed in a specified order or may be collectively integrated to transmit the response information to the wireless terminal 300. The card interlocking procedure The unit 345 includes an OTP for banking which is generated from the chip 205 of the OTP card 200 through the chip 205 of the OTP card 200 and decrypted through the designated bank server 160, Authentication information decryptably decrypted through the designated operating server 100 via the chip 205 of the OTP card 200, withdrawal account information decryptably decrypted through the designated bank server 160, and account password Specify the response information in the specified order It is provided along with (or in batches).

The transaction request processing unit 350 forms the account transfer information including the response information and transmits the information to the operation server 100. [ The transaction request processing unit 350 encrypts the response information (or the account transfer information) according to a security protocol agreed with the operation server 100 and transmits the response information to the operation server 100, 100 can receive and decode the response information (or account transfer information).

According to the embodiment of the first account transfer information configuration of the present invention, the transaction request processing unit 350 receives the withdrawal account information and the account password input from the user and the password of the OTP card 200 according to the first card interlocking embodiment (OTP) for banking which is dynamically generated in the chip 205 and decrypted through the designated bank server 160 and generated in the chip 205 of the OTP card 200 according to the second or third card interlocking embodiment It is possible to configure the account transfer information including the authentication key and the unique information of the OTP card 200 to be decryptable through the operation server 100 and to transmit the transfer information to the operation server 100.

According to the embodiment of the second account transfer information configuration of the present invention, the transaction request processing unit 350 transmits the transaction information to the transaction server 350 via the bank server 160 specified in the chip 205 of the OTP card 200 according to the fourth card interlocking embodiment Decryptable decrypted withdrawal account information and an account password and a decrypted encrypted banking through a designated bank server 160 dynamically generated in the chip 205 of the OTP card 200 according to the first card interlocking embodiment, The authentication key generated by the chip 205 of the OTP card 200 and the unique information of the OTP card 200 are transmitted to the operation server 100 via the operation server 100 according to the second or third card- It is possible to construct the account transfer information including the decrypted and encrypted authentication information and transmit it to the operation server 100. [

The operation server 100 requests the bank transfer server 160 to transfer the account transfer result information corresponding to the account transfer information to the bank server 160 based on the account transfer information, The processing unit 355 receives the account transfer result information corresponding to the account transfer information from the operation server 100 and outputs the account transfer result information in cooperation with the screen output unit 304. [

4 is a diagram illustrating a payment request process using the OTP card 200 according to an embodiment of the present invention.

In more detail, FIG. 4 illustrates a case where a settlement request terminal 145 selects a settlement-based payment using a user's OTP card 200 and requests settlement with the affiliate server 150, Based payment procedure using the OTP card 200 to the operation server 100 communicating with the OTP card 300. If the person skilled in the art is familiar with the present invention, , It is possible to refer to and modify various aspects of the payment request process using the OTP card 200 (for example, omitting some steps or changing the order) The present invention includes all of the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

4, a settlement request terminal 145 selects a settlement-based settlement using a user's OTP card 200 (400), transfers the account transfer using the OTP card 200 to a designated cooperative server 150 The affiliate server 150 receives the information of the user's wireless terminal 300 contactlessly interfaced with the user's OTP card 200 according to the payment request of the payment request terminal 145 (For example, receiving information from the payment request terminal 145) or confirming the information (for example, the information of the mobile terminal 300 mapped with the user information corresponding to the payment request terminal 145 (or received from the payment request terminal 145) (410), generates or confirms payment history information for account transfer based payment using the OTP card (415), and transmits information of the user's wireless terminal (300) to the designated operating server (100) Payments that include payment history information to request a transfer-based payment The Agency provides information (420).

The operation server 100 receives the payment request information including the information of the user's wireless terminal 300 and the payment history information from the affiliate server 150 and stores the payment request information for a designated valid period of time 425, The payment history information is received and output to the user's wireless terminal 300 corresponding to the terminal 300 information and is checked to see if the specified program 320 is loaded in conjunction with the user's OTP card 200 . If the program 320 specified in the user's wireless terminal 300 is not mounted, the operation server 100 performs a procedure for mounting the program 320 in the user's wireless terminal 300 (435).

FIG. 5 is a diagram illustrating a process of interworking between an OTP card 200 for settlement-based settlement using an OTP card 200 and a wireless terminal 300 according to an embodiment of the present invention.

5 shows an OTP for banking dynamically generated from a chip 205 of the OTP card 200 and decrypted through a designated bank server 160 by a chip 205 of the OTP card 200 The unique information of the OTP card 200 and the authentication key generated by the chip 205 of the OTP card 200 can be decrypted through the designated operating server 100. [ And decrypts the withdrawal account information and the account password input by the user in accordance with the method of operation through the bank server 160 specified by the chip 205 of the OTP card 200 The wireless terminal 300 of the user and the OTP card 200 interact with each other. Those skilled in the art will be able to refer to FIG. 5 and / Or the OTP card 200 and the wireless terminal 300 It is to be understood that the invention may be practiced otherwise than as specifically described herein, but it is to be understood that the invention may be practiced otherwise than as specifically described herein, The technical features thereof are not limited by the implementation method alone.

5, the operation server 100 provides the payment history information received from the affiliate server 150 to the program 320 of the wireless terminal 300 corresponding to the user's wireless terminal 300 information (500 ). The program 320 of the wireless terminal 300 receives the payment history information from the operation server 100 (505), and simultaneously outputs the received payment history information (or in accordance with the designated order) And displays the interface screen for receiving the information and the account password (510), and receives the withdrawal account information and the account password from the user based on the interface screen (515).

If the withdrawal account information and the account password of the user are inputted, the program 320 of the wireless terminal 300 checks whether it is in non-contact with the OTP card 200 of the user in operation 520. If the program 320 of the wireless terminal 300 is interfaced to the OTP card 200 through the bank server 160 designated as the chip 205 of the OTP card 200, The chip 205 of the OTP card 200 checks a seed value for generating an OTP for banking 530 and dynamically generates an OTP for banking through the seed value (Step 535) and encrypts the OTP for banking so as to be decryptable through the designated bank server 160 (step 540). Meanwhile, the program 320 of the wireless terminal 300 can decode the request through the operating server 100 designated as the chip 205 of the OTP card 200 simultaneously with the request for the banking OTP The chip 205 of the OTP card 200 may check the value of an authentication key for generating the authentication key 545 and transmit the authentication value to the OTP card 200 through the argument value, (550). At the same time, unique information of the OTP card (200) is confirmed (555), authentication information including the unique information and the authentication key is transmitted to the designated operation server (100) (560). &Lt; / RTI > Meanwhile, the program 320 of the wireless terminal 300 according to an embodiment of the present invention may be configured to simultaneously transmit (or in accordance with a designated order) the request for the banking OTP or authentication information to the chip 205 of the OTP card 200 The chip 205 of the OTP card 200 confirms the withdrawal account information and the account password 565 and decrypts the withdrawn account information and the account password through the bank server 160 The withdrawal account information and the account password are encrypted (570).

The chip 205 of the OTP card 200 includes an OTP for banking encrypted so as to be decryptable through the designated bank server 160 and authentication information encrypted so as to be decryptable through the designated operation server 100, (575) the withdrawal account information and the account password encrypted so as to be decryptable through the bank server (160) to the non-contact-interface-connected wireless terminal (300) The program 320 of the wireless terminal 300 includes authentication information for banking and authentication information encrypted in different types of different methods from the chip 205 of the contactless interface OTP card 200 (Including the withdrawal account information and the account password) (580).

FIG. 6 is a diagram illustrating a settlement process based on a bank transfer using the OTP card 200 according to an embodiment of the present invention.

6 shows an OTP for banking (the chip 205 of the OTP card 200) which is generated in the chip 205 of the OTP card 200 and encrypted so as to be decryptable through the designated bank server 160, And the account password generated by the chip 205 of the OTP card 200 and decrypted through the designated operation server 100 so as to be encrypted Based on the information on the account transfer based on the account transfer based on the account transfer information. As a matter of course, the person skilled in the art will be able to refer to and / It will be appreciated that various implementations of the payment process (e.g., some steps may be omitted or alternate implementations) may be inferred, but the present invention encompasses all of the above- Only the exemplary method shown in plane 6 is not limited that technical feature.

6, the program 320 of the wireless terminal 300 includes an OTP (OTP) for banking, which is generated in the chip 205 of the non-contact interface OTP card 200 and decrypted through the designated bank server 160 (Which further includes the withdrawal account information and the account password that are decrypted through the bank server 160 in the chip 205 of the OTP card 200) and the chip 205 of the OTP card 200 (600) constituting account transfer information including different kinds of encryption information including authentication information encrypted so as to be decryptable through the operation server (100), and transmits the account transfer information to the designated operation server (100) 605).

The operating server 100 receives OTP for banking (withdrawal account information and account password generated in the chip 205 of the OTP card 200 and encrypted in a heterogeneous manner from the program 320 of the wireless terminal 300 (610), decrypts the authentication information generated and generated by the chip 205 of the OTP card (200), and stores the unique information of the OTP card (200) and the account information of the OTP card And restores the authentication key for validity authentication of the OTP card 200 (615). If the unique information and the authentication key are restored, the operation server 100 confirms the authentication rule for the authentication key using the unique information as an identification means, authenticates the validity of the authentication key through the authentication rule, (620).

If the validity of the authentication key is authenticated, the operation server 100 confirms the deposit account information corresponding to the settlement request from the affiliate server 150 (625) and displays the withdrawal account information included in the account transfer information (Including, for example, the withdrawal account information encrypted by the chip 205 of the OTP card 200 and the account password) and includes the confirmed deposit account information, and the banking information included in the account transfer information (OTP for banking generated by the chip 205 of the OTP card 200 and encrypted so as to be decrypted through the designated bank server 160), and the settlement amount corresponding to the settlement request is converted into a transfer amount (630), and requests the account transfer transaction by providing the account transfer request information to the designated bank server 160 (for example, the bank server 160 corresponding to the deposit account information) (635).

The bank server 160 receives the account transfer request information for the account transfer transaction from the operation server 100 in operation 640 and transfers the account transfer transaction according to the designated account transfer transaction procedure using the account transfer request information (645). If the account transfer transaction is processed, the bank server 160 generates the account transfer result information for the account transfer transaction (650) and transmits the generated account transfer result information to the operation server (100) 655).

The operation server 100 receives the account transfer result information from the bank server 160 and provides the transfer result information to the program 320 of the wireless terminal 300 and the affiliate server 150 in operation 660, The program 320 of the OTP card 300 receives and outputs the account transfer result information for the account transfer transaction using the OTP card 200 of the user in operation 665. The affiliate server 150 transmits the account transfer result information to the OTP card 200 ) To the settlement request terminal 145 (step 670).

100: Operation server 105: Information storage unit
110: payment request confirmation unit 115: information providing service
120: information receiving unit 125: authentication information restoring unit
130: validity authentication unit 135: transaction information configuration unit
140: Transaction Procedure Section 145: Payment Request Terminal
150: Affiliate server 160: Bank server
200: OTP card 300: wireless terminal
310: NFC module 320: program

Claims

1. A method executed via an operating server communicating with a program stored in a wireless terminal of a user,
A first step of mapping and storing unique information of an OTP card for generating an OTP (One Time Password) for banking and an authentication rule of an authentication key generated in the OTP card;
A second step of determining a dynamic seed for generating an OTP for banking through a chip of the OTP card and providing the dynamic seed to a chip of the OTP card that is contactless-interfaced to the wireless terminal when the payment request using the account transfer is confirmed, ;
Generating an OTP for banking through a designated seed provided in the chip of the OTP card and the dynamic seed, encrypting the OTP for decryption through a designated bank server, generating an authentication key to be authenticated through the operation server, And transmits the response information including the encrypted OTP for banking and the encrypted authentication information to the wireless terminal through the contactless interface A third step of the program of the wireless terminal receiving response information including the encrypted OTP for banking and the encrypted authentication information from the chip of the OTP card through the contactless interface;
Wherein the program of the wireless terminal is dynamically generated from a chip of the OTP card that is contactless-interfaced to the wireless terminal and decrypted through the designated bank server, And transmits the authentication information, which is encrypted in the chip of the OTP card, to be decrypted through the operating server, to the OTP card, A server receiving the withdrawal account information, the account password, the encrypted OTP for banking, and the encrypted authentication information from the program of the wireless terminal;
A fifth step of decrypting the encrypted authentication information and restoring the unique information of the OTP card and the authentication key generated in the chip of the OTP card by decrypting the encrypted authentication information;
A sixth step of authenticating validity of an authentication key generated in a chip of the OTP card by using an authentication rule mapped to the unique information; And
When the validity of the authentication key is verified, the operating server transmits the withdrawal account information and the account password input through the program of the wireless terminal, the deposit account information corresponding to the payment request, the OTP card, And an encrypted OTP for banking to be decrypted through a designated bank server, and providing the bank transfer request information to a designated bank server to request a settlement based payment,
The encrypted authentication information is not decrypted through the program of the wireless terminal,
Wherein the encrypted OTP for banking is not decrypted through a program or an operation server of the wireless terminal.

The method according to claim 1,
Wherein the operation server further includes a step of mapping the supplier information of the partner company to be requested for payment and the deposit account information of the partner company,
Wherein the operating server further comprises checking the deposit account information mapped with the vendor information corresponding to the settlement request when validating the validity of the authentication key.

The method according to claim 1,
The operation server receiving payment request information including payment information of the user and the wireless terminal information of the user from the affiliate server;
And the operation server providing the payment history information to a program of a wireless terminal corresponding to the wireless terminal information,
Wherein the payment history information includes a payment amount for requesting payment, order information, and business information.

delete

The method according to claim 1,
The program of the wireless terminal providing the withdrawal account information and the account password input by the user to the chip of the OTP card;
Encrypting the withdrawal account information and the account password so as to be decrypted through a designated bank server in the chip of the OTP card; And
And providing response information including the encrypted withdrawal account information and the account password from the chip of the OTP card to the contactless interface-connected wireless terminal.

delete

The method according to claim 1,
The program of the wireless terminal determining an argument value for generating an authentication key in a chip of the OTP card and providing it as a chip of an OTP card that is contactless-interfaced to the wireless terminal; And
And generating an authentication key to be authenticated through an operation server based on the factor value in a chip of the OTP card.

The method according to claim 1,
Further comprising the step of generating an authentication key to be authenticated through the operation server using a factor value designated in a chip of an OTP card that is contactlessly interfaced with the wireless terminal.

delete

2. The method according to claim 1,
Wherein the account transfer request through the program of the wireless terminal which is in contactless contact with the OTP card is given a status equivalent to the account transfer request through the banking app corresponding to the bank server.

The method according to claim 1,
Receiving the account transfer result information for the account transfer request information from the bank server; And
And the operation server providing the account transfer result information to the mobile terminal as a program of the mobile terminal.