KR101697432B1 - Method for certifying of financial transaction using location information - Google Patents

Method for certifying of financial transaction using location information Download PDF

Info

Publication number
KR101697432B1
KR101697432B1 KR1020150134917A KR20150134917A KR101697432B1 KR 101697432 B1 KR101697432 B1 KR 101697432B1 KR 1020150134917 A KR1020150134917 A KR 1020150134917A KR 20150134917 A KR20150134917 A KR 20150134917A KR 101697432 B1 KR101697432 B1 KR 101697432B1
Authority
KR
South Korea
Prior art keywords
financial transaction
information
location information
terminal
user authentication
Prior art date
Application number
KR1020150134917A
Other languages
Korean (ko)
Inventor
황정환
정재욱
Original Assignee
주식회사 우리은행
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 우리은행 filed Critical 주식회사 우리은행
Priority to KR1020150134917A priority Critical patent/KR101697432B1/en
Application granted granted Critical
Publication of KR101697432B1 publication Critical patent/KR101697432B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01SRADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
    • G01S19/00Satellite radio beacon positioning systems; Determining position, velocity or attitude using signals transmitted by such systems
    • G01S19/01Satellite radio beacon positioning systems transmitting time-stamped messages, e.g. GPS [Global Positioning System], GLONASS [Global Orbiting Navigation Satellite System] or GALILEO
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Abstract

The present invention relates to a financial transaction authentication method using position information. More specifically, the present invention relates to a method for authenticating a location of a financial transaction terminal for on-line banking in real time, The present invention relates to a method of authenticating a financial transaction using location information that allows a user to determine whether to approve a financial transaction through real-time comparison with information.
A method for authenticating a financial transaction using location information according to the present invention is a method for authenticating a user applied to an online financial transaction system, the method comprising the steps of: acquiring, by using IP / MAC address information, A first localization step of grasping information in real time; A second locating step of realizing the location information of the user authentication terminal in real time for the user who is attempting the online financial transaction; And an online financial transaction when the location information of the online financial transaction terminal identified through the first localization step and the location information of the user authentication terminal identified through the second location step coincide within a predetermined error range, Approved financial transaction approval phase; And the like.

Description

METHOD FOR CERTIFICATION OF FINANCIAL TRANSACTION USING LOCATION INFORMATION [0002]

The present invention relates to a financial transaction authentication method using position information. More specifically, the present invention relates to a method for authenticating a location of a financial transaction terminal for on-line banking in real time, The present invention relates to a method of authenticating a financial transaction using location information that allows a user to determine whether to approve a financial transaction through real-time comparison with information.

According to the Bank of Korea's announcement of Internet banking service usage in the first quarter of 2014, the total number of registered Internet banking users is approximately 97.7 million, and the total number of Internet banking usage is an average of 63.69 million per day, among which the number of registered mobile banking customers Approximately 525 million people use an average of 27.6 million per day. Also, most of the mobile banking is based on smartphones.

Internet banking such as mobile banking is superior to any existing financial transaction method in terms of ease of use, but is vulnerable to risks such as phishing. In other words, in response to an increase in the number of online banking users such as Internet banking, fraudulent funds transfer (financial transaction) is performed illegally by taking personal financial information (account number, account password, security card number, The number of accidents involving the taking of funds is continuously increasing.

In order to prevent this, financial institutions such as banks have provided safeguards such as receiving additional authentication using mobile terminals owned by customers. However, since electronic bank fraud methods are becoming more detailed and sophisticated day by day, However, the amount of damages and the number of electronic financial losses are not decreasing at all.

Therefore, in using online banking such as Internet banking, it is required to introduce a more effective and strong security authentication procedure that can be safe from electronic financial fraud such as phishing.

Korean Patent Laid-Open Publication No. 10-2005-0035979 (Title: User Authentication System Using One-Time Connection Number) Korean Patent Laid-Open Publication No. 10-2013-0106331 (entitled " System and Method for Preventing Deferred Automatic Debit &

Disclosure of Invention Technical Problem [8] Accordingly, the present invention has been made in order to solve the above problems, and it is an object of the present invention to provide a real- The present invention also provides a method of authenticating a financial transaction using location information that allows a user to determine whether to approve a financial transaction.

The objects of the present invention are not limited to the above-mentioned objects, and other objects and advantages of the present invention which are not mentioned can be understood by the following description and more clearly understood by the embodiments of the present invention. It will also be readily apparent that the objects and advantages of the invention may be realized and attained by means of the instrumentalities and combinations particularly pointed out in the appended claims.

According to another aspect of the present invention, there is provided a method for authenticating a financial transaction using location information, the method comprising: receiving an IP / MAC address information for an online financial transaction; A first locating step of locating the location information of the on-line financial transaction terminal in real time; A second locating step of realizing the location information of the user authentication terminal in real time for the user who is attempting the online financial transaction; And an online financial transaction when the location information of the online financial transaction terminal identified through the first localization step and the location information of the user authentication terminal identified through the second location step coincide within a predetermined error range, Approved financial transaction approval phase; And the like.

Here, it is preferable that the second location step is configured to grasp the location information of the user authentication terminal in real time using GPS or WIFI location information.

According to another aspect of the present invention, there is provided a user authentication method applied to an online financial transaction system, comprising: an information registration step of receiving and registering connection time information of an online financial transaction and corresponding connection area information from a user; A first localization step of realizing the location information of the on-line financial transaction terminal attempting on-line financial transaction in real time using the IP / MAC address information; And a financial transaction approval step of approving an online financial transaction when the access time and access area information registered through the information registration step match the location information of the online financial transaction terminal identified through the first location determination step It is possible to provide a financial transaction authentication method using location information.

The present invention may further include a second positioning step of realizing the location information of the user authentication terminal in real time with respect to the user attempting the online financial transaction. In this case, The connection time and access area information registered through the information registration step, the location information of the online financial transaction terminal identified through the first location determination step, and the location information of the user authentication terminal identified through the second location step May be configured to approve an online banking transaction if they match within a predetermined margin of error.

In this case, the second positioning step may be configured to grasp the location information of the user authentication terminal in real time using GPS or WIFI location information.

In the present invention as described above, the financial transaction approval step may be configured to perform the authentication procedure through the user authentication terminal after the position information is confirmed to coincide within a predetermined error range.

According to the present invention as described above, it is possible to perform financial transactions only when it is determined that the two terminals exist substantially at the same position through real-time position confirmation of the financial transaction terminal and the user authentication terminal for performing online banking , It is possible to prevent personal information leakage due to voice phishing and other illegal online financial transactions accordingly.

In addition, the time and location information for the online financial transaction is registered in advance, and when the financial transaction terminal attempts a financial transaction that is incompatible with the time and location information, the transaction is not approved, And making online banking transactions virtually impossible.

FIG. 1 is an explanatory view conceptually showing a system configuration of a financial transaction authentication method using location information according to the present invention.
2 is a flowchart illustrating a financial transaction authentication method using location information according to an embodiment of the present invention.

The above and other objects, features, and advantages of the present invention will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings, which are not intended to limit the scope of the present invention. In the following description, well-known functions or constructions are not described in detail since they would obscure the invention in unnecessary detail.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the drawings, the same reference numerals are used to denote the same or similar elements.

FIG. 1 is an explanatory view conceptually showing a system configuration of a financial transaction authentication method using location information according to the present invention.

1, a system for applying a financial transaction authentication method using location information according to an embodiment of the present invention includes a banking server 110, a database 115, an online financial transaction terminal 120, and a user authentication terminal 130 ), And the like.

The banking server 110 is provided in a financial institution such as a bank and processes a request task input from the online financial transaction terminal 120 connected to the banking server 110 and performs management tasks for each account and the like. The banking server 110 may include a database 115 to systematically manage various data such as user information, account information, and transaction history information.

The online financial transaction terminal 120 refers to all terminal devices for processing a financial transaction work through wired / wireless communication network. The online financial transaction terminal 120 includes personal terminal devices such as a PC, a notebook, and a smart phone as well as an automatic teller machine . ≪ / RTI > The online financial transaction using the online financial transaction terminal 120 may include log-in of the Internet / smart banking, transfer of funds, issuance of an authorized certificate, change of customer information, termination / .

The user authentication terminal 130 may be a mobile terminal capable of transmitting data such as location information and may be configured as a dedicated terminal for user authentication. Preferably, the user authentication terminal 130 is a general terminal such as a mobile phone or a smart phone It may be a portable terminal device.

That is, the present invention may include the user authentication terminal 130 separately from the terminal 120 for the online banking transaction, and when the online banking transaction is attempted from the online banking transaction terminal 120, the IP / MAC address information And then compares the position information with the position information of the user authentication terminal 130 in real time to determine whether the two terminals 120 and 130 are substantially at the same position, Provide a configuration that allows you to decide whether to approve the transaction.

In other words, when an arbitrary user tries to transfer money through internet banking using the PC 120, the banking server 110 obtains the location information thereof by using the IP / MAC address information of the corresponding PC 120 , And obtains real-time location information of the user authentication terminal (130) owned by the user and compares the two pieces of location information, thereby determining that the current location of the user authentication terminal (130) The transaction can be approved by the banking server 110 only.

At this time, the location information of the user authentication terminal 130 including the mobile terminal can be grasped through GPS information, WIFI information, and the like.

Further, according to the present invention, the access time information of the online financial transaction and the access area information corresponding thereto are received from the user and managed through the database 115, thereby causing an attempt of an online financial transaction to be incompatible with the corresponding time and area information It is possible to reject the approval of the user.

In other words, when the user registers limited access areas such as Seoul or Gangnam-gu for the connection time from 08:00 to 18:00 on weekdays, the banking server 110 may not approve the attempt of the online banking transaction which is inconsistent with this. At this time, as in the case described above, it is natural that additional authentication of the location information through the location information of the user authentication terminal 130 may be possible.

In the meantime, when it is determined that the location of the online financial transaction terminal 120 and the user authentication terminal 130 is completed and the financial transaction can be performed accordingly, the user authentication terminal 130 transmits the authentication number It is also possible to provide a structure such that the financial transaction is approved only when the final additional authentication is performed. Regarding the transmission of the authentication number and the execution of the authentication procedure using it, any conventional method may be applied.

2 is a flowchart illustrating a method of authenticating a financial transaction using location information according to an embodiment of the present invention.

Referring to FIG. 2, a financial transaction authentication method using location information according to an embodiment of the present invention includes an information registration step S210, a first location confirmation step S220, a second location confirmation step S230, A transaction approval step (S240), and the like.

The information registration step (S210) is a process of receiving the connection time information of the online financial transaction and the corresponding connection area information from the user and registering the connection time information, that is, As shown in FIG.

It is preferable that the registration of the connection time and the connection area information can be freely registered by various methods, and it may be desirable to allow for duplicate registration for two or more regions with respect to the same time information.

The first location checking step (S220) is a process of confirming a location where an attempt is made for a financial transaction through the online financial transaction terminal. The location information of the online financial transaction terminal can be grasped by IP / MAC address information, have.

The second location checking step S230 is a process of confirming the location of the user authentication terminal. The second location checking step S230 is a step of checking the location of the mobile terminal for user authentication, which is used for transmission of an authentication number, And the like.

In other words, the present invention compares the real-time location of the on-line financial transaction terminal identified through the first location determination step (S220) with the connection time and access area information of the user registered in advance through the information registration step (S210) Or the position of the user authentication terminal identified through the second position checking step (S230), and to approve the financial transaction only when the compared two positions match. Here, it may be more preferable that the two positions to be compared are determined in consideration of a predetermined error range.

At this time, when the connection time and the connection area information registered through the information registration step (S210) are different from the location information of the online financial transaction terminal that is recognized through the first location determination step (S220) ) And the location information of the user authentication terminal identified through the second location confirmation step (S230) do not coincide with each other, the connection error is detected through the online financial transaction terminal or the user authentication terminal It is also possible that information can be transmitted and a function of automatically disconnecting the connection when there is a continuous connection attempt in the case of a connection error.

In addition, when error information due to a connection attempt not attempted by the user is received, the user himself / herself may be provided with a function of blocking the financial transaction through only a minimum procedure such as authentication of the user.

Here, the present invention may be configured such that the connection time and connection area information set through the information registration step (S210), the location information of the online financial transaction terminal identified through the first location determination step (S220) It is of course possible to provide a structure such that the location information of the user authentication terminal identified through the above-mentioned process is collected, and the financial transaction is approved only when all three pieces of information are identical.

In addition, if it is determined that the location of the online financial transaction terminal and the user authentication terminal is completed and the financial transaction is possible, the final authentication is performed through transmission of the authentication number through the user authentication terminal, and the financial transaction is approved As described above.

According to the present invention as described above, the user of the online banking registers the connection time and the connection area in advance, and the approval of the financial transaction is made only when there is an attempt of the financial transaction through the corresponding online access terminal , Or an on-line access terminal for online banking transactions and a user authentication terminal for authenticating a user, the financial transaction is approved only when the positions of the two terminals are determined to be the same, It is possible to fundamentally block the occurrence of financial transactions, and as a result, it is possible to effectively prevent financial transaction fraud by using voice phishing and the like.

The present invention is not limited to the above-described embodiments, and various changes, substitutions, and alterations can be made hereto without departing from the scope of the present invention. But the present invention is not limited thereto.

110: banking server 115: database
120: online financial transaction terminal 130: user authentication terminal

Claims (6)

A user authentication method applied to an online financial transaction system,
A first localization step of realizing the location information of the on-line financial transaction terminal attempting an online financial transaction in real time using IP / MAC address information;
A second locating step of realizing the location information of the user authentication terminal in real time for the user who is attempting the online financial transaction; And
If the location information of the online financial transaction terminal identified through the first localization step matches the location information of the user authentication terminal identified through the second location step within a predetermined error range, And a financial transaction approval step,
The financial transaction approval step
If the location information of the online financial transaction terminal does not match the location information of the user authentication terminal, the connection error information is transmitted through the user authentication terminal, and the additional authentication is performed through the location information of the user authentication terminal And performing an automatic shutdown function if there is an access attempt in a connection error situation.
The method according to claim 1,
Wherein the second positioning step grasps the location information of the terminal for user authentication in real time using GPS or WIFI location information.
A user authentication method applied to an online financial transaction system,
An information registration step of receiving connection time information of an online financial transaction and corresponding connection area information from a user and registering the information;
A first localization step of realizing the location information of the on-line financial transaction terminal attempting on-line financial transaction in real time using the IP / MAC address information;
A second locating step of realizing the location information of the user authentication terminal in real time for the user who is attempting the online financial transaction; And
And a financial transaction approval step of approving an online financial transaction when the connection time and access area information registered through the information registration step match the location information of the online financial transaction terminal identified through the first location determination step ,
The financial transaction approval step
If the location information of the online financial transaction terminal does not match the location information of the registered access time and access area information, connection error information is transmitted through the user authentication terminal, and additional authentication And performing an automatic shutdown function if there is an access attempt in the connection error state.
The method of claim 3,
The financial transaction approval step includes:
The connection time and access area information registered through the information registration step, the location information of the online financial transaction terminal identified through the first location determination step, and the location information of the user authentication terminal identified through the second location step Is approved within the predetermined error range, the online financial transaction is approved.
5. The method of claim 4,
Wherein the second positioning step grasps the location information of the terminal for user authentication in real time using GPS or WIFI location information.
The method according to any one of claims 1, 2, 4, and 5,
Wherein the financial transaction approval step performs an authentication procedure through the user authentication terminal after it is confirmed that the position information matches within a predetermined error range.
KR1020150134917A 2015-09-23 2015-09-23 Method for certifying of financial transaction using location information KR101697432B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150134917A KR101697432B1 (en) 2015-09-23 2015-09-23 Method for certifying of financial transaction using location information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150134917A KR101697432B1 (en) 2015-09-23 2015-09-23 Method for certifying of financial transaction using location information

Publications (1)

Publication Number Publication Date
KR101697432B1 true KR101697432B1 (en) 2017-01-18

Family

ID=57992095

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150134917A KR101697432B1 (en) 2015-09-23 2015-09-23 Method for certifying of financial transaction using location information

Country Status (1)

Country Link
KR (1) KR101697432B1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020204261A1 (en) * 2019-04-05 2020-10-08 주식회사 한메가 Financial transaction service operating system and method using qr code
KR20200124811A (en) * 2019-04-24 2020-11-04 농협은행(주) Apparatus and method for monitoring self abnormal financial transaction

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20050035979A (en) 2003-10-14 2005-04-20 주식회사 퓨쳐위즈 User authentication system using a one-time connection number
KR20120044688A (en) * 2010-10-28 2012-05-08 주식회사 케이티 Method and apparatus for measuring position of access point
KR20130082703A (en) * 2011-12-14 2013-07-22 비씨카드(주) Method and server for payment
KR20130106331A (en) 2013-08-20 2013-09-27 (주) 아이티메이트 System and method of automatic withdrawal fraud prevention through payer consent authentication
KR20150084109A (en) * 2014-01-13 2015-07-22 에스케이플래닛 주식회사 Payment system and method using information of location and time

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20050035979A (en) 2003-10-14 2005-04-20 주식회사 퓨쳐위즈 User authentication system using a one-time connection number
KR20120044688A (en) * 2010-10-28 2012-05-08 주식회사 케이티 Method and apparatus for measuring position of access point
KR20130082703A (en) * 2011-12-14 2013-07-22 비씨카드(주) Method and server for payment
KR20130106331A (en) 2013-08-20 2013-09-27 (주) 아이티메이트 System and method of automatic withdrawal fraud prevention through payer consent authentication
KR20150084109A (en) * 2014-01-13 2015-07-22 에스케이플래닛 주식회사 Payment system and method using information of location and time

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020204261A1 (en) * 2019-04-05 2020-10-08 주식회사 한메가 Financial transaction service operating system and method using qr code
KR20200124811A (en) * 2019-04-24 2020-11-04 농협은행(주) Apparatus and method for monitoring self abnormal financial transaction
KR102275173B1 (en) * 2019-04-24 2021-07-09 농협은행(주) Apparatus and method for monitoring self abnormal financial transaction

Similar Documents

Publication Publication Date Title
JP6821828B2 (en) A method of approving the use of a card using the token ID of the blockchain platform and a server using this {METHOD FOR APPROVIN
US8180686B2 (en) Multi-step authentication-based electronic payment method using mobile terminal
US11615408B2 (en) Multi-signature verification network
RU2651245C2 (en) Secure electronic entity for authorising transaction
EP3185195A1 (en) Method and system for cross-authorisation of a financial transaction made from a joint account
US20160342979A1 (en) Systems and methods for transaction authentication using dynamic wireless beacon devices
KR101804182B1 (en) Online financial transactions, identity authentication system and method using real cards
CN109741070B (en) Account management method and device based on network certificate
KR101697432B1 (en) Method for certifying of financial transaction using location information
KR20150146061A (en) Voice recognition authentication system and method for providing authentication service using voice recognition
JP2018505465A (en) Electronic commerce service provision method using service usage information relationship of multiple buyers
KR101328993B1 (en) An authentication system using mobile phone and the authentication method
KR20150063197A (en) Method for processing settlement using short message service
CN106161528B (en) A kind of method and device for business processing
CN107491967B (en) Method and system for inputting password through network payment
KR20130015881A (en) Method and system for call authentication and providing reliability
Neville et al. Efficiently achieving full three-way non-repudiation in consumer-level ecommerce and M-Commerce transactions
KR101847243B1 (en) Method and system for financial transaction using certifying of terminal
KR20160076580A (en) Loan-based mobile instant loan services linked through the Internet, the Web service method
WO2009108066A1 (en) Method and arrangement for secure transactions
KR20090019278A (en) Authentication system for electonic service using telephone network
KR20150092864A (en) Method and system for reinforce a settlement security
JP2006215699A (en) Authentication apparatus, authentication system, authentication support system and function card
Raghavendra et al. An emphasis of digital wallets for E-commerce transactions
JP3198589U (en) A system that uses a variable barcode for identification

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20191219

Year of fee payment: 4