KR101724619B1 - Financial open platform and method for providing financial service using identification information which replaces account number, and computer program for the same - Google Patents

Financial open platform and method for providing financial service using identification information which replaces account number, and computer program for the same Download PDF

Info

Publication number
KR101724619B1
KR101724619B1 KR1020150076556A KR20150076556A KR101724619B1 KR 101724619 B1 KR101724619 B1 KR 101724619B1 KR 1020150076556 A KR1020150076556 A KR 1020150076556A KR 20150076556 A KR20150076556 A KR 20150076556A KR 101724619 B1 KR101724619 B1 KR 101724619B1
Authority
KR
South Korea
Prior art keywords
user
server
financial
service
code
Prior art date
Application number
KR1020150076556A
Other languages
Korean (ko)
Other versions
KR20160140218A (en
Inventor
손병환
김봉규
배청원
김태진
석창규
윤완수
Original Assignee
농협은행(주)
농업협동조합중앙회
웹케시 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 농협은행(주), 농업협동조합중앙회, 웹케시 주식회사 filed Critical 농협은행(주)
Priority to KR1020150076556A priority Critical patent/KR101724619B1/en
Publication of KR20160140218A publication Critical patent/KR20160140218A/en
Application granted granted Critical
Publication of KR101724619B1 publication Critical patent/KR101724619B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/206Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Abstract

A financial open platform is a financial server that provides data for financial services; And an open API (Application Programming Interface) based request including identification information corresponding to user account information from a server or a user terminal associated with a Fintech service, And a platform server configured to receive from the server and transmit the received data to the server or the user terminal. The platform server processes the open API-based request for identification information generated in a predetermined manner instead of the account number of the user, so that the PIN tech company can prevent the security number from being used and stored directly by the user And the security can be maintained by selectively blocking the request based on the identification information corresponding to the organization or user where the leakage occurs even if a security leak occurs in the PIN tech company or the user.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a financial open platform and a financial service providing method using identification information for replacing an account number, and a computer program for the same. BACKGROUND OF THE INVENTION 1. Field of the Invention [

Embodiments relate to a financial open platform, a platform server, a financial service providing method, and a computer program therefor using identification information for replacing an account number. More specifically, the present invention relates to a financial open platform, Fintech) service and to provide the pin-tec service through the identification information generated in a predetermined manner.

Fintech is a combination of financial and technical means finance. It is based on information technology (IT) such as mobile payment and remittance, personal property management, and cloud funding. It refers to a new form of financial technology. Recently, as the technology related to mobile devices such as smartphones has been rapidly developed, conventional financial services have focused on product development, launch and operation by financial institutions such as banks. However, The company has become a pin-tec company and provides pin-tec service tailored to the user's convenience and demand through smart phone application and internet web service.

However, until now, the PINTECH service has merely expanded the conventional Internet banking service to mobile transactions, so that the provider providing the PINTECH service obtains the necessary data from the financial institution in real time and services the user There is a problem that it is not easy. In addition, since the account number of the user is directly transmitted and received through the network, a problem of security is generated when a network packet is leaked.

Japanese Patent Application Laid-Open No. 10-2014-0115861

According to an aspect of the present invention, in implementing a Fintech service using an open API (Application Program Interface) provided by a financial server, identification information generated in a predetermined manner in place of a user's account number A financial open platform, a platform server, a financial service providing method, and a computer program for providing the financial open platform can be provided

A financial open platform according to one embodiment includes a financial server for providing data for a financial service; And an open API (Application Programming Interface) based request including identification information corresponding to user account information from a server or a user terminal associated with a Fintech service, And a platform server configured to receive from the server and transmit the received data to the server or the user terminal.

In one embodiment, the platform server is configured to convert the identification information into the user account information based on a pre-stored database, and receive the processing result from the financial server using the user account information.

In another embodiment, the platform server transmits the unique code included in the identification information to the financial server, receives the user account information corresponding to the unique code from the financial server, To receive the processing result from the financial server.

In one embodiment, the identification information includes a unique code assigned to a combination of financial institution, PINTECH service, and user account information.

In one embodiment, the platform server is further configured to perform verification of the request using the identification information, and to request processing of the verified request to the financial server.

In one embodiment, the platform server receives the user account information from a server or user terminal associated with the PINTECH service, generates the identification information corresponding to the user account information, To the user terminal.

The platform server according to an exemplary embodiment receives an open API (Application Programming Interface) based request including identification information corresponding to user account information from a server or a user terminal associated with the pin tech service and uses the identification information A verification unit configured to verify the request; An account determination unit configured to determine user account information corresponding to the identification information when the request is verified by the verification unit; And an execution unit configured to receive a processing result corresponding to the request from the financial server using the user account information, and to provide the processing result to a server or a user terminal associated with the PinTech service.

In the platform server according to an embodiment, the account determination unit is configured to determine the user account information corresponding to the identification information based on a database stored in advance.

In the platform server according to another embodiment, the account determination unit is configured to deliver a unique code included in the identification information to the financial server, and receive user account information corresponding to the unique code from the financial server.

In one embodiment, the identification information includes a unique code assigned to a combination of financial institution, PINTECH service, and user account information.

The platform server according to an embodiment receives user account information from a server or a user terminal associated with the PINTECH service, generates the identification information corresponding to the user account information, and transmits the identification information to a server or a user terminal And an identification information generating unit configured to transmit the identification information.

A financial service providing method according to an embodiment can be performed using a platform server and / or a financial open platform according to the above-described embodiments.

According to an exemplary embodiment of the present invention, there is provided a method of providing a financial service, the method comprising: receiving an open API (Application Programming Interface) based request from a server or a user terminal associated with a PINTECH service, the request including identification information corresponding to user account information; Receiving a processing result corresponding to the request from a financial server that provides data for the financial service; And transmitting the processing result to a server or the user terminal associated with the PinTech service.

In one embodiment, the step of receiving the processing result comprises the steps of: converting the identification information into the user account information based on a pre-stored database; And receiving the processing result from the financial server using the converted user account information.

In another embodiment, the step of receiving the processing result includes: transmitting a unique code included in the identification information to the financial server; Receiving the user account information corresponding to the unique code from the financial server; And receiving the processing result from the financial server using the received user account information.

In the method of providing a financial service according to an embodiment, the identification information includes a unique code assigned to a combination of financial institution, PINTECH service, and user account information.

The method of providing a financial service according to an exemplary embodiment of the present invention includes: performing verification of the request using the identification information before receiving the processing result; And requesting the financial server to process the verified request.

The method further includes receiving the user account information from a server or a user terminal associated with the PINTECH service before receiving the request. Generating the identification information corresponding to the received user account information; And transmitting the generated identification information to a server or a user terminal associated with the PINTECH service.

A computer program according to one embodiment is for execution of the above-described financial service providing method in combination with hardware, and may be stored in a computer-readable medium.

According to an aspect of the present invention, there is provided a financial open platform, a platform server, and a financial service providing method, wherein an open API (application programmer interface) provided by a financial server is used, In providing the service, the PINTECH service provider can prevent the security risk from occurring by directly using and storing the account number of the user, and can provide the PINTECH service using the identification information that replaces the account number. Since the identification information includes the corresponding PIN tech service and a code corresponding to the user account, even if a security leak occurs in the PIN tech company or the user side, the identification information does not need to be modified in the entire security system, Only the request based on the identification information can be selectively blocked to maintain security.

1 is a block diagram showing a schematic configuration of a financial open platform according to an embodiment.
2 is a flowchart illustrating a process of generating identification information for providing financial services according to an exemplary embodiment of the present invention.
3 is a flowchart illustrating a process of generating identification information for providing financial services according to another embodiment of the present invention.
4 is a conceptual diagram showing a configuration of a unique code of identification information generated by a platform server according to an embodiment.
5 is a flowchart illustrating each step of a method for providing a financial service according to an embodiment.
6 is a flowchart showing each step of a financial service providing method according to another embodiment.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

1 is a block diagram showing a schematic configuration of a financial open platform according to an embodiment.

Referring to FIG. 1, a financial open platform according to embodiments includes a platform server 1 and a financial server 2. The platform server 1 is configured so that the Fintech service server 3 provides the PIN tech service to the users of the user terminals 41, 42, ... 4n based on the financial server 2, Verification, conversion, etc. of identification information used to replace the account number. Here, PinTech is a compound word of finance and technique, which means finance. It is a combination of financial technology based on information technology such as mobile payment and remittance, personal wealth management, and cloud funding. it means. The identification information generated by the platform server 1 is used to request data to the financial server 2 based on an open API (Application Programmer Interface) provided by the financial server 2. [

The financial open platform according to embodiments may be entirely hardware, or partly hardware, and partly software. For example, the platform server 1, the financial server 2, and the units included therein constitute a financial open platform, a device for sending and receiving data of a specific format and contents through an electronic communication system, It can be called collectively. The terms "part", "module", "server", "system", "platform", "device", or "terminal" in this specification refer to a combination of hardware and software . For example, the hardware may be a data processing device comprising a CPU or other processor. Also, the software driven by the hardware may refer to a running process, an object, an executable, a thread of execution, a program, and the like.

The platform server 1, the financial server 2, the pin tech service server 3 and the user terminals 41, 42, ... 4n may be connected to each other via a wired and / or wireless network so as to be able to communicate with each other. Methods of communication over a wired and / or wireless network may include all communication methods that objects and objects can network and are not limited to wired communications, wireless communications, 3G, 4G, or otherwise.

The user terminals 41, 42, ..., 4n are terminals used by service users who want to use the pin tech service provided by the pin tech service server 3. The user of the PINTECH service accesses the PINTECH service server 3 or the financial server 2 by using the user terminals 41, 42 ... 4n and uses various contents for the PINTECH service to access various financial services .

The user terminals 41, 42, ... 4n may include an input device for inputting data, an output device for outputting the result of the process, and a computing device for computing and processing the data input through the input device and generating the result of the process have. The user terminals 41, 42, ..., 4n generate and output the processing results based on the input data, thereby providing the user with a pin tech service. The user terminals 41, 42, ... 4n may be a mobile computing device such as a smartphone, a personal computer, a notebook, a netbook, a tablet PC, a PDA (Personal Digital Assistant) But is not limited thereto.

The PINTECH service of the present specification may be any one based on at least one of a financial service and a service model provided by a financial institution or the like, and the content for the PINTECH service may be provided through the user terminal 41, 42, ... 4n A smartphone application (or an app), and an Internet web service. For example, financial services may include balance inquiry, remittance, settlement, transfer of deposits and withdrawals, credit card settlement, cash IC card settlement, and may include customer asset management and company asset management. The service model can also include various business models or applications that can be served using financial information and open APIs.

The PINTECH service server 3 calls the financial server 2 through the open API provided by the financial server 2 and receives the content for the financial service from the financial server 2 via the open API To the user terminals 41, 42, ..., 4n. In this case, the pin tech service company can provide various pin tech services based on the content. In addition, the PINTECH service server 3 may at least partially relay the communication between the user terminal 41, 42, ..., 4n using the contents and the financial server 2. [ That is, the PinTech service server 3 can function as an application server for the operation of the content executed on the user terminals 41, 42, ..., 4n. Further, the FinTech service server 3 may include one or more FinTech service servers 31, 32, ..., 3n provided by the same or different operators.

Each of the PINTECH service servers 31, 32, ... 3n uses an open API provided by the financial server 2 according to various control commands inputted from a business terminal (not shown) , And can request the use of open API to the financial server (2), such as joining a portal for membership, applying a financial open API, using a development guide, transmitting user's security, and various control commands necessary for issuing a test and authentication key .

Here, an API has a language or message format used when an application communicates with a system program such as an operating system or a database management system, and an API calls a function that provides a connection to a specific subroutine for execution in the program . Therefore, one API has several program modules or routines that already exist or must be connected to perform the task requested by the function call.

In particular, the open API refers to an API that allows an Internet user to develop web applications and services as well as provide web search results and a user interface. The open API may be any one or more of REST (Representational State Transfer), SOAP (Simple Object Access Protocol), RSS / ATOM, and RDF (Resource Description Framework).

Each of the PINTECH service servers 31, 32, ... 3n transmits the contents using one or more of the financial information and the platform provided through the open API in the financial server 2 through the above- May be distributed to one or more user terminals (41, 42, ..., 4n). However, this is an illustrative example, and the PINTECH service server 31, 32, ... 3n only performs the function of uploading the content to an app market server such as a Google Play Store or an Apple App Store, The process of distributing to the user terminals 41, 42, ... 4n may be performed through the above-described app market server.

In one embodiment, the PINTECH service servers 31, 32, ... 3n are provided with a balance inquiry API, a remittance API, a payment API, a deposit and withdrawal transfer API, a credit card payment API, a customer asset management customer asset Management, vendor asset management, and vendor asset management API, and can provide the pin-tec service contents using the selected open API. However, the above-described open API is not limited to the above-described embodiment, and can be additionally changed as necessary. For example, open APIs can be further modified in accordance with the types and limitations of financial services offered by financial institutions, the demand of FinTech vendors and service users, and changes in financial markets.

The PINTECH service contents described in this specification are produced on the basis of the open APIs provided by financial institutions as described above, and thus can be used not only for various financial services provided by financial institutions, but also for finishing companies and service users It can be produced in a variety of contents tailored to convenience and demand. When the content for the pin tech service is distributed by the pin tech service servers 31, 32, ... 3n, the service user can use various pin tech services through the user terminals 41, 42, ... 4n as described above .

The platform server 1 plays a role of supporting the Pin Tech service provider to operate the Pin Tech service based on the data of the financial server 2. For example, the platform server 1 and the financial server 2 together form a financial institution computer network. However, this is an illustrative example, and the platform server 1 may exist outside the financial institution computer network and be communicably connected to the financial server 2. In this specification, a financial institution refers to any institution in which a user account can be opened regardless of the first financial institution or the second financial institution, and may be, for example, a bank, a savings bank, a cooperative association, a mutual fund, no.

The platform server 1 provides identification information for configuring an open API based request in the PIN tech service server 31, 32, ... 3n and / or the user terminal 41, 42, ... 4n, The request is verified and the account number corresponding to the identification information received together with the request is determined and an operation corresponding to the request based on the open API is executed based on the determined account number. Here, the account number may be a real account number opened in a financial institution and capable of paying cash, or may be a virtual account number associated with the real account number.

In one embodiment, the platform server 1 includes a verification unit 12, an account determination unit 13, and an execution unit 14. In addition, in one embodiment, the platform server 1 further includes an identification information generating section 11. [ In this specification, each of the parts 11 to 14 constituting the platform server 1 is not necessarily intended to refer to a separate component which is physically separated. 1, the identification information generation unit 11, the verification unit 12, the account determination unit 13, and the execution unit 14 are shown as separate blocks separated from each other, Lt; RTI ID = 0.0 > functionally < / RTI > Depending on the embodiment, some or all of the parts described above may be integrated into one and the same device, or one or more parts may be implemented as separate devices physically separated from one another. For example, the identification information generation unit 11, the verification unit 12, the account determination unit 13, and the execution unit 14 may be components that are communicably connected to each other under a distributed computing environment. This also applies to the relationship between the platform server 1 and the financial server 2.

The identification information generating unit 11 generates one or more pieces of user account information for the pin tech service from one or more pin tech service servers 31, 32, ... 3n and / or one or more user terminals 41, And generates identification information corresponding to the received user account information. The user account information may include information such as a name of a financial institution corresponding to the account, an account number, and a deposit account name. The identification information may constitute a part of the request to invoke the financial server 2 via the open API at the PINTECH service server 31, 32, ... 3n and / or the user terminal 41, 42, ... 4n have. The specific form of the identification information will be described later in detail with reference to FIG.

The verifying unit 12 verifies whether or not the financial service server 31, 32, ... 3n or the user terminal 41, 42, ... 4n receives the financial information from the fin tech service server 31, 32, ... 3n through the content provided by the fin tech service server 31, Receives an open API-based request to receive data for the service, and performs verification of the received request. The received request may be based on the identification information generated by the identification information generating unit 11. [ Here, the verification may refer to a process of determining whether the identification information included in the received request conforms to the identification information generation rule by the identification information generation unit 11 and is valid.

When the open API-based request is verified by the verification unit 12, the account determination unit 13 converts the identification information included in the open API-based request into user account information. The account determination unit 13 includes a database storing the association between the identification information and the user account information, and can determine the user account information corresponding to the identification information using the database. Alternatively, the database in which the association between the identification information and the user account information is stored is stored in the financial server 2, and the account determination unit 13 determines the user account information corresponding to the identification information by querying the financial server 2 It is possible.

The execution unit 14 requests the financial server 2 to perform processing corresponding to the request using the open API-based request and the user account information corresponding to the identification information included in the request, and receives the processing result . The execution unit 14 also transmits the processing result received from the financial server 2 to the PIN tech service server 31, 32, ... 3n and / or the user terminal 41, 42, ..., 4n that transmitted the request .

2 is a flowchart illustrating a process of generating identification information for providing financial services according to an exemplary embodiment of the present invention.

Referring to FIG. 2, the platform server 1 may receive one or more user account information for the PIN tech service from one or more PIN tech service servers 31, 32, ..., 3n (S11). The user account information includes information such as the financial institution name, account number, account name, and the like. Also, the user account information may be received along with user information such as a user's name, date of birth, mobile phone number, and the like. For example, in the pin tech service servers 31, 32, ... 3n, a list of users using services through the pin tech service servers 31, 32, ... 3n can be transmitted to the platform server 1. [

Next, the platform server 1 can perform the consistency verification of the received account information by communicating with the financial server 2 corresponding to the received user account information. Specifically, the platform server 1 sends the name, date of birth, account number, etc. of the user to the financial institution server 4 where the account is opened to request authentication (S12). By receiving the authentication result (S13) It is possible to confirm the consistency of the account, that is, whether or not the user's account exists in the financial institution effectively.

If the received user account information is authenticated as valid, the platform server 1 may generate identification information used to substitute the user account information based on the user account information (S14). At this time, the identification information may be generated by referring to the account information, the related country information, the related financial server information, the related pin tech service information, and the like. The resulting identification information may have the form of a code uniquely assigned to each user account information, which will be described in detail with reference to FIG.

Next, the platform server 1 can transmit the generated identification information to the PIN tech service servers 31, 32, ..., 3n (S15). 3n and / or user terminals 41, 42, ... 4n using the contents provided by the FinTech service servers 31, 32, ... 3n, The identification information may be used when transmitting the request to the platform server 1. [ As described above, when transmitting an open API-based request, only the identification information is used and the user's account number is not used.

In addition, the platform server 1 may transmit the generated identification information and corresponding user account information to the financial server 2 (S16). As a result of this process, if an open API-based request using the identification information is transmitted to the financial server 2 at the future PIN tech service server 31, 32, ... 3n or the user terminal 41, 42, ... 4n, The server 2 may convert the identification information included in the open API-based request into the account information of the user using the information received in the step S16. However, when the platform server 1 stores the association between the identification information and the user account information in the form of a database, the process of converting the identification information into the user account information is performed in the platform server 1, ) May be omitted.

3 is a flowchart illustrating a process of generating identification information for providing financial services according to another embodiment of the present invention.

3 differs from the embodiment of FIG. 2 in that the user account information for the PinTech service is received from each user's terminal 41, 42, ... 4n rather than the PinTech service server . 3, the platform server 1 may receive a registration request to use the pin tech service from each user's terminal 41, 42, ..., 4n (S21). The registration request may include the account information of the user, and the platform server 1 can perform authentication of the integrity of the received account information by communicating with the financial server 2 (S22, S23).

In one embodiment, the platform server 1 is configured to authenticate via a Short Message Service (SMS), a Multimedia Message Service (MMS), or a push notification of an application that can be received at the user terminals 41, 42, The procedure may be further performed. The platform server 1 transmits the authentication request through the SMS or the like to the user terminals 41, 42 ... 4n (S24), receives the authentication number or the like (S25) . However, this is an exemplary one, and in another embodiment, the authentication process (S24, S25) may be omitted.

If the validity and authenticity of the user account are authenticated, the platform server 1 may generate identification information used to replace it based on the user account information (S26). In addition, the platform server 1 may provide the identification information to the user terminals 41, 42, ... 4n and / or the financial server 2 (S27, S28). Since steps S26 to S28 are the same as steps S14 to S16 of the above-described embodiment with reference to FIG. 2, detailed description thereof will be omitted in order to avoid duplication of description.

4 is a conceptual diagram showing a configuration of a unique code of identification information generated by a platform server according to an embodiment.

Referring to FIG. 4, the identification information may have a unique code form in which a plurality of numbers from 0 to 9 are arranged. However, this is illustrative, and in other embodiments the unique code may be based on or further comprise letters and / or symbols. In one embodiment, the unique code includes a first code 100 corresponding to a financial institution corresponding to a user account, a second code 300 corresponding to a PINTECH service to be used in association with the user account, And a third code 300 corresponding to the second code. The unique code thus configured is to be used in place of the account number of the user in the process of linking the PINTECH service and the financial server. Each code 100, 200, 300 may be in the form of a number having a predetermined number of digits.

Since the unique code is assigned to the combination of the relevant financial institution, the related pin tech service and the related user account, one identification information is limited to the combination of the financial institution, the pin tech service and the user account. The provider providing the pin tech service can construct the content to call the financial server through the open API using only the identification information issued by the identification information generation device without having to collect and store the account number of the user. Therefore, while the user's account number is prevented from being leaked through the PIN-TECH service server, the PIN information can be newly issued according to the PIN-TECH service, so that the expansion possibility to various affiliate services can be maintained.

In one embodiment, the second code 200 corresponding to the PinTech service includes the institution code 201 corresponding to the PinTech provider and the service code 202 assigned to the PinTech service provided by the institution. For example, when there are a plurality of pin tech services provided by the pin tech provider having 00001 as the institution code 201, the second code corresponding to each pin tech service is 00001001, 00001002 ... And the like.

In one embodiment, the third code 300 corresponding to the user account information includes a user code 301 for identifying a user and an account code 302 indicating a serial number assigned to each account of the user. The user code 301 is a number assigned to identify each user, for example, a serial number or a number generated using personal information of a user (e.g., a mobile phone number, etc.). The account code 302 may be a serial number assigned to accounts of the same user, in order to distinguish each account when a user cooperates with a plurality of accounts with a PIN tech service.

In one embodiment, the unique code further comprises a fourth code 400 corresponding to the country. The fourth code 400 may be used to indicate nationality corresponding to the financial institution in which the user account was created, to indicate the nationality of the PinTech provider, and / or to indicate the nationality of each individual user.

In one embodiment, the unique code further includes a fifth code 500 for verifying the validity of the other code. The fifth code 500 is for confirming that the unique code is effectively generated by the identification information generating apparatus. The fifth code 500 is a check digit that is calculated by inputting another code of the unique code into a predetermined mathematical expression and may be a check digit.

However, the form of the unique code described above with reference to FIG. 4 is merely exemplary, and the unique code may be generated by combining numbers, characters, and / or symbols, etc. in different and different ways.

5 is a flowchart illustrating each step of a method for providing a financial service according to an embodiment.

Referring to FIG. 5, the platform server 1 may receive an open API-based request from the user terminal 41, 42,... 4n (S31). The open API-based request is based on the identification information generated by the platform server 1 to replace the account information of the user, and is for receiving the financial data required for the PINTECH service from the financial server 2. [ The user may transmit the request via content (e.g., an application) running on the user terminal 41, 42, ... 4n as provided by the PingTech service provider.

Although the platform server 1 is illustrated as receiving directly from the user terminals 41, 42, ... 4n in Figure 5, the PinTech service server (not shown) And the platform server 1, the platform server 1 may receive the open API-based request via the PINTECH service server.

Upon receipt of the request, the platform server 1 may perform verification of the identification information included in the received request (S32). Here, verification refers to whether or not the identification information itself is effectively generated and whether or not the use of the open API for each of the institutions and users included in the identification information is justified. Specifically, the platform server 1 can verify whether the identification information included in the received request is validly generated by the platform server 1. [ The verification may include checking the check digit of the fifth code 500 described above with reference to FIG.

Since the identification information includes the identification information of the financial institution, the pin tech company, and the user, the platform server 1 refers to the authorized institution and the user's database in the use of the open API, It is possible to determine whether the open API is available for use by the operator and the user. For example, when a security outflow occurs in any one of a financial institution, a pin tech company, or a user, the platform server 1 may modify the database to block use of an API of an institution or a user who has issued a security outflow. Thus, if an open API-based request is received that includes an identification number associated with the institution or user, such a request may be blocked in the verification step (S32) to prevent a second outflow from occurring.

If the identification information is verified, the platform server 1 can determine user account information corresponding to the identification information (S33). In this embodiment, the platform server 1 includes a database in which an association between identification information and user account information is stored, and by referring to the database, a user account corresponding to the identification information of the received request can be determined.

Next, the platform server 1 requests the financial server 2 for processing using the open API-based request and the user account information determined to correspond to the request (S34), and receives the processing result ( S35). That is, the financial server 2 performs an operation corresponding to an open API-based request, such as a balance inquiry, remittance, payment, deposit / withdrawal transfer, credit card settlement, cash IC card settlement, customer asset management, , And send the processing result to the platform server (1). At this time, the platform server 1 may be further configured to store transaction details in a log form.

In addition, the platform server 1 can transmit processing results to the user terminals 41, 42, ..., 4n (S36). When the Pin Tech service server (not shown) becomes an application server and relays communications between the user terminals 41, 42, ... 4n and the platform server 1, the platform server 1 transmits the processing results to the Pin Tech service server So that the user can be confirmed from the Pin Tech service server.

6 is a flowchart showing each step of a financial service providing method according to another embodiment.

6, the platform server 1 receives an open API-based request from the user terminal 41, 42, ..., 4n (S41), and performs verification of the identification information included in the received request (S42). At this time, the platform server 1 may receive the open API-based request via a pin tech service server (not shown). Since steps S41 to S42 are the same as steps S31 to S32 of the above-described embodiment with reference to FIG. 5, detailed description will be omitted in order to avoid duplication of description.

On the other hand, in the present embodiment, the database in which the association between the identification information and the user account information is stored is stored in the financial server 2, not in the platform server 1. [ Accordingly, the platform server 1 queries the financial server 2 for the user account information corresponding to the identification information of the received request (S43), and receives the user account information corresponding to the identification information from the financial server 2 (S44). When the user account information is received, the platform server 1 requests the financial server 2 for the corresponding processing using the received request and user account information (S45), receives the processing result, , ... 4n (S46, S47). Since steps S45 to S47 are the same as steps S34 to S36 of the embodiment described above with reference to FIG. 5, detailed description will be omitted in order to avoid duplication of description.

According to the platform server, the financial open platform, and the financial service providing method according to the embodiments described above, in providing fin tech services by FinTech providers using the open API provided by the financial server, It is possible to prevent the security risk from occurring by directly storing and using the account number of the user and to provide the pin tech service by using the identification information to replace the account number. In addition, since the identification information includes a code corresponding to the related PIN tech service and the user account, even if a security leak occurs in the PIN tech company or the user, it is not necessary to modify the entire security system, Only the request based on the corresponding identification information can be selectively blocked to maintain security.

The platform server, the financial open platform, and the financial service providing method according to the above-described embodiments may be at least partially implemented in a computer program and recorded in a computer-readable recording medium. A program for implementing a financial service providing method through a platform server and / or a financial open platform is recorded in the recording medium according to the embodiments, and the recording medium may be any kind of data that can be read by a computer . For example, computer-readable recording media include ROM, RAM, CD-ROM, magnetic tape, floppy disk, optical data storage, and the like. The computer readable recording medium may also be distributed over a networked computer system so that computer readable code is stored and executed in a distributed manner. In addition, functional programs, codes, and code segments for implementing the present embodiment may be easily understood by those skilled in the art to which this embodiment belongs.

While the invention has been shown and described with reference to certain embodiments thereof, it will be understood by those skilled in the art that various changes and modifications may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. However, it should be understood that such modifications are within the technical scope of the present invention. Accordingly, the true scope of the present invention should be determined by the technical idea of the appended claims.

Claims (18)

A financial server that provides a portal for using an open API (Application Programming Interface) and provides data for financial services;
A balance inquiry API, a remittance API, a payment API, a deposit and withdrawal transfer API, a credit card payment API, a cash IC card, and a cash IC card provided by the financial server, accessing a portal for use of the open API, Payment API, and asset management API, distributes the PINTECH service contents for the PINTECH service based on the selected API, and provides the PINTECH service for providing the financial service to the user based on the PINTECH service contents server; And
Receiving, from the user terminal on which the PINTECH service content for the PINTECH service server or the PINTECH service is executed, the open API-based request including the identification information corresponding to the user account information, And a platform server configured to receive a result from the financial server and transmit the result to the PINTECH service server or the user terminal,
Wherein the platform server receives the user account information from the PINTECH service server or the user terminal and verifies the integrity of the user account information by communicating with the financial server corresponding to the user account information, When the user account information is authenticated as valid by the consistency verification process and the user is authenticated as the user, the identification information corresponding to the user account information And transmit the generated PIN to the PINTECH service server or the user terminal,
Wherein the identification information is for receiving data for a financial service by calling the financial server through the open API in the PINTECH service content, the identification code including a first code corresponding to a financial institution, 2 code, and a third code corresponding to the user account information,
Wherein the second code includes an authority code corresponding to the PINTECH service provider providing the PINTECH service and a service code assigned to the PINTECH service,
The third code includes a user code for identifying a user and an account code which is a serial number assigned to an account linked with the PINTECH service identified by the user code identified by the user code and,
Wherein the platform server refers to a database of an authorized institution and a user of the use of the open API and notifies the use of the open API by the user identified by the PIN code provider or the user code identified by the institution code Wherein the server is configured to perform the verification of the request by determining whether the request is valid or not, and if the request is verified, query the financial server for the user account information corresponding to the identification information included in the request, A financial open platform configured to receive user account information and request the financial server to process the verified request using the user account information received from the financial server.
delete delete delete delete delete delete delete delete delete delete The platform server receiving user account information from a user terminal on which the PINTECH service content for the PINTECH service server or PINTECH service is executed;
Performing the consistency verification of the user account information by the platform server communicating with the financial server corresponding to the user account information;
The platform server performing user identity authentication by sending an SMS, MMS or push notification to the user terminal;
When the platform server authenticates the user as the user by authenticating that the user account information is valid and performing the user identity authentication by performing the consistency verification, Generating information and transmitting the information to the PINTECH service server or the user terminal;
Receiving, by the platform server, an open API (Application Programming Interface) based request including the identification information corresponding to the user account information from the PINTECH service server or the user terminal;
The platform server performing verification of the request using the identification information;
Requesting the platform server for processing the verified request to the financial server providing data for a financial service;
The platform server receiving, from the financial server, a processing result corresponding to the request; And
And the platform server transmitting the processing result to the PINTECH service server or the user terminal,
The PIN-TECH service content includes a balance inquiry API provided by the financial server, the PIN-service service server accessing a portal for use of the open API provided by the financial server, A payment API, a settlement API, a deposit / withdrawal transfer API, a credit card settlement API, a cash IC card settlement API, and an asset management API, and based on the selected API, It is distributed by the server,
Wherein the identification information is for receiving data for a financial service by calling the financial server through the open API in the PINTECH service content, the identification code including a first code corresponding to a financial institution, 2 code, and a third code corresponding to the user account information,
Wherein the second code includes an authority code corresponding to the PINTECH service provider providing the PINTECH service and a service code assigned to the PINTECH service,
The third code includes a user code for identifying a user and an account code which is a serial number assigned to an account linked with the PINTECH service identified by the user code identified by the user code and,
Wherein the step of performing the verification of the request further comprises the step of referring to the database of the authorized institution and the user of the use of the open API to determine whether the user is identified by the PIN code provider or the user code identified by the institution code Determining whether the open API is available for use by the application;
Wherein requesting the financial server for providing the data for the financial service comprises processing the verified request,
Receiving the user account information from the financial server by querying the financial server for the user account information corresponding to the identification information included in the verified request; And
And requesting data for a financial service to the financial server using the user account information received from the financial server.
delete delete delete delete delete A computer program stored on a medium in combination with hardware for executing a financial service delivery method,
The financial service providing method includes:
Receiving user account information from a user terminal on which a PINTECH service server or PINTECH service content for a PINTECH service is executed;
Performing authentication verification of the user account information by communicating with a financial server corresponding to the user account information;
Performing user authentication by transmitting an SMS, an MMS or a push notification to the user terminal;
When the user is authenticated as the user by authenticating the user account information by performing the authentication verification and performing the user authentication, the identification information corresponding to the user account information is generated, To a PINTECH service server or the user terminal;
Receiving an open API (Application Programming Interface) based request including the identification information corresponding to the user account information from the PINTECH service server or the user terminal;
Performing verification of the request using the identification information;
Requesting the financial server for providing the data for the financial service to process the verified request;
Receiving, from the financial server, a processing result corresponding to the request; And
And transmitting the processing result to the PINTECH service server or the user terminal,
The PIN-TECH service content includes a balance inquiry API provided by the financial server, the PIN-service service server accessing a portal for use of the open API provided by the financial server, A payment API, a settlement API, a deposit / withdrawal transfer API, a credit card settlement API, a cash IC card settlement API, and an asset management API, and based on the selected API, It is distributed by the server,
Wherein the identification information is for receiving data for a financial service by calling the financial server through the open API in the PINTECH service content, the identification code including a first code corresponding to a financial institution, 2 code, and a third code corresponding to the user account information,
Wherein the second code includes an authority code corresponding to the PINTECH service provider providing the PINTECH service and a service code assigned to the PINTECH service,
The third code includes a user code for identifying a user and an account code which is a serial number assigned to an account linked with the PINTECH service identified by the user code identified by the user code and,
Wherein the step of performing the verification of the request further comprises the step of referring to the database of the authorized institution and the user of the use of the open API to determine whether the user is identified by the PIN code provider or the user code identified by the institution code Determining whether the open API is available for use by the application;
Wherein requesting the financial server for providing the data for the financial service comprises processing the verified request,
Receiving the user account information from the financial server by querying the financial server for the user account information corresponding to the identification information included in the verified request; And
And requesting data for financial services to the financial server using the user account information received from the financial server.
KR1020150076556A 2015-05-29 2015-05-29 Financial open platform and method for providing financial service using identification information which replaces account number, and computer program for the same KR101724619B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150076556A KR101724619B1 (en) 2015-05-29 2015-05-29 Financial open platform and method for providing financial service using identification information which replaces account number, and computer program for the same

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150076556A KR101724619B1 (en) 2015-05-29 2015-05-29 Financial open platform and method for providing financial service using identification information which replaces account number, and computer program for the same

Publications (2)

Publication Number Publication Date
KR20160140218A KR20160140218A (en) 2016-12-07
KR101724619B1 true KR101724619B1 (en) 2017-04-18

Family

ID=57573556

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150076556A KR101724619B1 (en) 2015-05-29 2015-05-29 Financial open platform and method for providing financial service using identification information which replaces account number, and computer program for the same

Country Status (1)

Country Link
KR (1) KR101724619B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20210053040A (en) * 2019-11-01 2021-05-11 주식회사 국민은행 Cloud-based payment platform system and mehtod capable of using a brand of small traders and enterposers

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA3065506A1 (en) * 2017-06-14 2018-12-20 Visa International Service Association System and logic to convert an existing online bank transfer transaction
KR102119449B1 (en) * 2019-08-30 2020-06-08 주식회사쿠콘 Aggregation open api platform system, method for prividing financial services using the same and computer program for the same
KR102325993B1 (en) 2019-10-02 2021-11-12 신한카드 주식회사 Apparatus and method of changing financial information based on card payment
KR102182131B1 (en) * 2020-04-22 2020-11-24 주식회사쿠콘 System and method for facilitating loan service and computer program for the same

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20140115861A (en) 2013-03-22 2014-10-01 주식회사스카이유엠에스 Method of banking services using mobile device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20210053040A (en) * 2019-11-01 2021-05-11 주식회사 국민은행 Cloud-based payment platform system and mehtod capable of using a brand of small traders and enterposers
KR102398576B1 (en) * 2019-11-01 2022-05-13 주식회사 국민은행 Cloud-based payment platform system and mehtod capable of using a brand of small traders and enterposers

Also Published As

Publication number Publication date
KR20160140218A (en) 2016-12-07

Similar Documents

Publication Publication Date Title
US11615414B2 (en) Virtualization and secure processing of data
US11250391B2 (en) Token check offline
US20160019536A1 (en) Secure processing of data
KR101724619B1 (en) Financial open platform and method for providing financial service using identification information which replaces account number, and computer program for the same
CN101711383A (en) The method and system that is used for authenticating transactions side
CN102770881A (en) Verification mechanism
US10769631B2 (en) Providing payment credentials securely for telephone order transactions
CN111784347B (en) Resource transfer method and device
US20200410494A1 (en) Systems and Methods of Electronic Identity Verification
KR101737559B1 (en) Apparatus and method for generating identification information for replacing account number, and computer program for the same
KR101795849B1 (en) Authentication apparatus and method for connectivity of fintech services, and computer program for the same
US10318951B2 (en) Transaction management
KR100822939B1 (en) System and Method for Providing Unfaced Channel User Interface by Using Nickname and Recording Medium
KR101703342B1 (en) Method for Verifying Information for Non-faced Financial Transaction
TWI839875B (en) Payment method, user terminal, device, equipment, system and medium
US20220068092A1 (en) System and method for deposit and withdrawal service using automated teller machine and computer program for the same
KR20100002507A (en) System and method for loan service linked with installment savings goods and program recording medium
KR101093127B1 (en) Method for Establishing Import Finance Representation Limit
TWI642009B (en) System and method for updating digital wallet data
KR101848935B1 (en) Sistem for disposable splash number offer for small loan
KR100976519B1 (en) Method for Settling for Long Time Free of Interest Payment in Installment Using Mobile
KR20100086532A (en) System and method for global card service and program recording medium
KR20090023449A (en) System for processing capital transfer approval with swift preamble
KR20090009364A (en) System and method for integrated payment of trade transaction service and program recording medium
KR20070107846A (en) System and method for processing becoming a member by using banking server and program recording medium

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment
X701 Decision to grant (after re-examination)
GRNT Written decision to grant