KR101754486B1 - Method for Providing Mobile Payment Service by Using Account Information - Google Patents

Method for Providing Mobile Payment Service by Using Account Information Download PDF

Info

Publication number
KR101754486B1
KR101754486B1 KR1020150141320A KR20150141320A KR101754486B1 KR 101754486 B1 KR101754486 B1 KR 101754486B1 KR 1020150141320 A KR1020150141320 A KR 1020150141320A KR 20150141320 A KR20150141320 A KR 20150141320A KR 101754486 B1 KR101754486 B1 KR 101754486B1
Authority
KR
South Korea
Prior art keywords
information
authentication
mobile terminal
account
account information
Prior art date
Application number
KR1020150141320A
Other languages
Korean (ko)
Other versions
KR20170042392A (en
Inventor
김진호
맹준영
박인준
장용진
Original Assignee
주식회사 케이지이니시스
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 케이지이니시스 filed Critical 주식회사 케이지이니시스
Priority to KR1020150141320A priority Critical patent/KR101754486B1/en
Publication of KR20170042392A publication Critical patent/KR20170042392A/en
Application granted granted Critical
Publication of KR101754486B1 publication Critical patent/KR101754486B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/16Payments settled via telecommunication systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]

Abstract

A mobile payment service providing method using account information executed by a relay server that communicates with a mobile terminal in which an application for a payment service is installed, the method comprising: A PIN number to be used for the payment service, a member ID corresponding to the service subscription information of the user, and an asymmetric key for mutual authentication, and stores the generated image matrix authentication information Setting the selected image entity group information and the image entity information from the mobile terminal through the interface and setting the image entity information and image entity information as image matrix authentication information, encryption And when the account information to be used in the settlement service is received from the mobile terminal, generates the unique payment number of the user, and withdraws the unique payment number, user information and account information of the user in cooperation with the financial institution server Requesting authentication processing for an account corresponding to the account information, and after the authentication processing for the account is completed, first encrypts the account information with the terminal ID, and then transmits the account information to the relay server using the secret key of the relay server 2 When the first authentication using the PIN number provided from the mobile terminal is completed when using the payment service using the application, the image objects included in the image matrix authentication information set for the secondary authentication are randomly Constructs an applied image matrix and provides it to the mobile terminal, And transmits the generated image matrix information to the mobile terminal via SMS. The mobile terminal transmits the image matrix information, which is rearranged according to the coordinate value, And the payment processing using the account information is performed. In the fifth step, the authentication value generated using the member ID and the time information data of the relay server is provided to the mobile terminal Wherein the relay server processes authentication for the relay server within a designated time period, receives an authentication value generated using the member ID and time information data of the terminal from the mobile terminal, processes the authentication for the mobile terminal, Once the authentication is processed, the dual encrypted account information is decrypted By, request a payment by debit transfer processing server.

Description

Technical Field [0001] The present invention relates to a method of providing a mobile payment service using account information,

The present invention provides a method for providing a mobile payment service using account information executed by a relay server that communicates with a mobile terminal in which an application for a payment service is installed, the method comprising: receiving a terminal ID received from the mobile terminal, And generating and storing a member ID corresponding to the service subscription information of the user and an asymmetric key for mutual authentication and providing an interface for setting the image matrix authentication information necessary for the secondary authentication when using the payment service to the mobile terminal, The mobile terminal confirms image object group information or image object information inputted or selected through the interface and sets the image object group information and the image entity information as image matrix authentication information, encrypts and stores the set image matrix authentication information, Use When the account information is received, the system generates the unique payment number of the user, provides the unique payment number, the user information and the account information of the user to the withdrawal transfer server linked with the financial institution server, Encrypts the account information with the terminal ID, secondly encrypts the account information with the secret key of the relay server and stores the encrypted account information, and when using the payment service using the application, And an image matrix in which image objects included in the image matrix authentication information set for the secondary authentication are randomly applied and provided to the mobile terminal when the primary authentication using the PIN number provided from the mobile terminal is completed, The image matrix authentication information corresponding to the image matrix authentication information provided to the mobile terminal The mobile terminal generates a coordinate value in which the image object is to be placed, transmits the coordinate value to the mobile terminal via SMS, processes the secondary authentication using the image matrix information rearranged according to the coordinate value from the mobile terminal, And the fifth step is to provide the mobile terminal with the authentication value generated using the member ID and the time information data of the relay server to process the authentication for the relay server within the designated time Receives the authentication value generated from the mobile terminal using the member ID and the time information data of the terminal, processes the authentication for the mobile terminal, and when the authentication for the mobile terminal is processed, the dual encrypted account information is decrypted , And requesting payment to the withdrawal transfer processing server It relates to a method for providing mobile payment services using the information left.

With the recent development of smart phones and the development of mobile electronic commerce, a service for users to pay through an application installed in a smart phone using payment method information registered in advance is provided.

On the other hand, when the user registers the payment means information in advance, the payment means information of the user is stored in a financial institution such as a card company or a bank, and therefore the payment relay service provider has to perform only a payment relay role.

However, in recent years, as a method for simplifying settlement of e-commerce transactions has become an issue, some payment intermediary service providers have been provided with technical capability and competitive settlement service provider's information, so that a payment relay service provider can use a settlement service information of a user, .

In the case of a payment service using a conventional smart phone, a previously set password is simply input at the time of payment, or an authentication number is generated at each payment, and is input after being provided.

However, these methods have a problem that the set password is perceived by a third party, or there is a concern of exposure when inputting authentication information.

Accordingly, it is necessary to find a new method for a more secure smartphone settlement service while solving these problems.

In order to solve the above problems, an object of the present invention is to provide a mobile payment service providing method using account information executed by a relay server that communicates with a mobile terminal in which an application for a payment service is installed, A member ID corresponding to the service subscription information of the user, and an asymmetric key for mutual authentication are generated and stored, and when the payment service is used, the image matrix authentication information setting necessary for the secondary authentication is set To the mobile terminal, the image entity group information and the image entity information inputted or selected through the interface from the mobile terminal are checked and set as the image matrix authentication information, and the set image matrix authentication information is encrypted The first stage to store A second step of generating a unique payment number of the user when the account information to be used in the payment service is received from the mobile terminal, and a step of withdrawing the unique payment number, user information and account information of the user, A third step of requesting an authentication processing for an account corresponding to the account information by providing the account information to a transfer processing server; and a third step of first encrypting the account information with a terminal ID when the authentication processing for the account is completed, A fourth step of secondarily encrypting the PIN using the secret key and storing the encrypted PIN in the image matrix authentication information set for the secondary authentication when the primary authentication using the PIN number provided from the mobile terminal is completed when using the payment service using the application And the image matrix is applied to the mobile terminal A coordinate value to be placed in the image matrix corresponding to the image matrix authentication information among the image matrices provided to the mobile terminal is transmitted to the mobile terminal through SMS, And a fifth step of processing the secondary authentication using the image matrix information to process the settlement processing using the account information, wherein the fifth step includes the steps of: generating by using the member ID and the time information data of the relay server And the authentication value generated by using the member ID and time information data of the terminal is received from the mobile terminal, and the authentication value is transmitted to the mobile terminal , Authentication is performed for the mobile terminal When, the double decrypts the encrypted account information, and the step of requesting the payment server to process a transfer withdrawal further comprising providing the mobile payment service providing method using the account information.

delete

delete

According to another aspect of the present invention, there is provided a method of providing a mobile payment service using account information executed by a relay server communicating with a mobile terminal installed with an application for a payment service, the method comprising: PIN numbers, user IDs corresponding to user's service subscription information, and asymmetric keys for mutual authentication are generated and stored, and an interface for setting image matrix authentication information necessary for secondary authentication when a payment service is used is provided to the mobile terminal A first step of checking image object group information or image object information inputted or selected through the interface from the mobile terminal and setting the image object group information and image object authentication information to the image terminal authentication information and then encrypting and storing the image matrix authentication information, Lt; RTI ID = A second step of generating the unique payment number of the user when the account information to be used for the service is received, and a second step of providing the unique payment number, user information and account information of the user to the withdrawal transfer server linked with the financial institution server, A third step of requesting an authentication process for an account corresponding to the account information; and a third step of encrypting the account information by the terminal ID after the authentication process for the account is completed, secondly encrypting the account information with the secret key of the relay server When the first authentication using the PIN number provided from the mobile terminal is completed, the image object included in the image matrix authentication information set for the secondary authentication is randomly applied And provides the image matrix to the mobile terminal, The method of claim 1, further comprising: generating a coordinate value to which an image entity corresponding to the image matrix authentication information is to be arranged, transmitting the coordinate value to the mobile terminal via SMS, And a fifth step of processing authentication and processing to perform settlement processing using the account information. In the fifth step, the authentication value generated using the member ID and the time information data of the relay server is transmitted to the mobile terminal Wherein the mobile terminal receives the authentication value generated using the member ID and time information data of the terminal from the mobile terminal to process the authentication for the mobile terminal, When the authentication for the terminal is processed, the dual encrypted account information is decrypted And further characterized in that said method further comprises requesting the payment server to the withdrawal process variants.

delete

delete

delete

According to the present invention, the first step further includes transmitting the subscription time, the member ID, the encrypted terminal ID, the encrypted telephone number, and the encrypted carrier identifier to the third authorized electronic document repository server for storage .

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

delete

According to the present invention, it is possible to apply a more secure image matrix authentication method to a smartphone settlement service using previously registered account information to provide a more secure settlement service for exposure of authentication information or for exposure of an authentication information input screen .

FIG. 1 is a block diagram of a mobile payment service providing system using account information according to an embodiment of the present invention. Referring to FIG.
2 is a diagram illustrating a process of registering service subscription information according to an embodiment of the present invention.
3 is a diagram illustrating an authentication setting information registration process for image matrix authentication according to an embodiment of the present invention.
4 is a diagram illustrating an account information registration process according to an embodiment of the present invention.
5 to 7 illustrate a process of providing a mobile settlement service using account information according to an embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

1 is a block diagram of a system for providing a mobile payment service using account information according to an embodiment of the present invention.

In more detail, in FIG. 1, a PIN number and image matrix authentication information are set and registered together with account information in advance, and at the time of providing a settlement service through the mobile terminal 170, addition of image matrix authentication information 1 is a block diagram illustrating a mobile payment service providing system according to an embodiment of the present invention; FIG. 2 is a block diagram illustrating a mobile payment service providing system according to an embodiment of the present invention; The mobile payment service providing system using the account information according to the present invention can be variously configured. However, the present invention includes all the embodiments to be inferred, and only the configuration shown in FIG. 1 Its technical characteristics are not limited.

Referring to FIG. 1, a user terminal operated by a user includes a wired terminal 165 and a mobile terminal 170, and the user provides a mobile payment service using the account information according to the present invention to the mobile terminal 170 You can install applications for services.

When the user purchases or purchases a product at an online or offline merchant through the wired terminal 165 or the mobile terminal 170, the user uses the account information according to the present invention through the application installed in the mobile terminal 170 Mobile payment service can be provided.

The illustrated relay server 100 may be located between the user terminal and the merchant (shopping mall) server 175 and the withdrawal transfer server 180 and may communicate with the user's mobile terminal 170 (or application) The mobile payment service using the account information can be handled and the mobile payment service using the account information can be provided when purchasing the product or purchasing the service.

More specifically, the relay server 100 includes a service subscription information processing unit 105, a mutual authentication key generation unit 110, an image matrix authentication information setting unit 115, an account information registration unit 120, an information storage unit A payment request receiving unit 130, a server authentication processing unit 135, an image matrix authentication processing unit 140, a terminal authentication processing unit 145, a payment processing relay unit 150, an electronic signature processing unit 155, 160, and can communicate with the communication company server 185 and the withdrawal transfer processing server 180 in the process of joining and using the mobile payment processing service using the account information.

The service subscription information processing unit 105 may be configured such that after the application for mobile payment processing service using the account information is installed in the mobile terminal 170 of the user, The service subscription information may include at least one of a user's name, a date of birth, a sex, a telephone number, and a user's authentication information including a communication company. . ≪ / RTI >

In the service subscription process, the service subscription information processing unit 105 may process the user authentication for the user in cooperation with the communication company server 185 corresponding to the communication subscriber.

In addition, the service subscription information processing unit 105 may receive a PIN number (application execution or authentication PIN number) from the mobile terminal 170. [

When the subscription information is received from the mobile terminal 170 through the service subscription information processing unit 105 and subscription is requested, the mutual authentication key generation unit 110 transmits the subscription information to the mobile terminal 170 and the relay server 100 (Public key and private key), and the service subscription information processing unit 105 generates a member ID for identifying the user.

When the asymmetric key is generated through the mutual authentication key generation unit 110 and the member ID is generated, the service subscription information processing unit 105 transmits the member ID and the public key to the mobile terminal 170 .

In addition, the service subscription information processing unit 105 stores a subscription time, a member ID, a terminal ID (encryption), a telephone number (encryption), and a communication company identifier (encryption) in a public electronic document repository server (Not shown) so that the user can not deny the fact of joining the service later.

The image matrix authentication information setting unit 115 may set image matrix authentication information for additionally authenticating a user who uses a service together with a PIN number in a mobile payment processing service using account information according to the present invention, Upon payment based on the matrix authentication information, image matrix authentication is performed.

In order to set image matrix authentication information for image matrix authentication, the image matrix authentication information setting unit 115 provides the mobile terminal 170 with an interface including one or more image object group information and one or more image object information can do.

The user selects or inputs desired image object group information and image object information through the interface provided to the mobile terminal 170, and the selected or inputted image object group information and image object information are input to the image matrix authentication information setting unit 115).

The image matrix authentication information setting unit 115 sets the received image object group information and image object information to authentication (authentication) when the image object group and the image object information selected or input through the interface are received from the mobile terminal 170 And stores the encrypted information in the storage medium 160 through the information storage unit 125. [

The account information registration unit 120 registers account information (e.g., a bank code, an account number, an application classification, a date of birth, a payment method nickname, etc.), a member ID and a terminal ID, a CI It is possible to generate a unique payer number for the user.

When the unique payer number is generated, the account information registration unit 120 may send the payer number and account information to the withdrawal transfer processing server 180 to request the account authentication processing.

The withdrawal transfer processing server 180 may be located between the relay server 100 and the bank server 190 and may be registered by a user subscribing to the mobile payment service using the account information through the relay server 100 An authentication process for the account may be performed in cooperation with the bank server 190, and the account authentication process result may be provided to the relay server 100.

In addition, after the authentication processing for the account of the user is performed, the withdrawal transfer processing server 180 can perform the collective transfer consent processing of the user through the relay server 100. [

The account information registration unit 120 can process the user's collection transfer consent in cooperation with the withdrawal transfer processing server 180 when the account authentication processing result is received from the withdrawal transfer processing server 180. [

Here, the relay server 100 can perform the mobile settlement service through the withdrawal transfer processing server 180 using the account information previously registered by the user through the collect transfer agreement.

When the processing for the collective transfer agreement is completed, the account information registration unit 120 may first encrypt the account information using the terminal ID as a secret key, and the account information primarily encrypted by the terminal ID It can be secondary encrypted again with the generated secret key for mutual authentication.

The information storage unit 125 may store one or more pieces of information received and generated in the service subscription process in the storage medium 160.

When the payment request is received from the merchant or shopping mall through the wired terminal 165 or the mobile terminal 170 of the user, the payment request receiving unit 130 receives payment request and order information from the merchant server (or shopping mall) .

The payment request receiving unit 130 may store the order information and request execution of an application installed in the mobile terminal 170. [

When the application is executed for payment at the mobile terminal 170 and the authentication value for authenticating the legitimacy of the relay server 100 is requested from the mobile terminal 170, After generating the authentication value using the generated private key for mutual authentication, the mobile terminal 170 transmits the generated authentication value to the mobile terminal 170, It is possible to authenticate the validity of the authentication server 100.

Here, the authentication value generated by the server authentication processing unit 135 may include or use a member ID and time information data of the relay server 100.

Also, the mobile terminal 170 can authenticate the legitimacy of the relay server 100 using the authentication value received from the relay server 100 within a predetermined time (e.g., 30 minutes).

When authentication of the relay server is performed through the authentication value in the mobile terminal 170, the server authentication processing unit 135 receives the PIN number input from the mobile terminal 170 and authenticates the PIN number Can be performed.

The image matrix authentication processing unit 140 may authenticate the PIN number and receive an image matrix authentication request from the mobile terminal 170. When the image matrix authentication is requested, One or more image objects corresponding to the stored image objects may be identified, and a temporary image matrix including the identified image objects may be generated.

The image matrix authentication processing unit 140 may transmit the generated temporary image matrix to the mobile terminal 170 and output the generated temporary image matrix to the mobile terminal 170. In the temporary image matrix, And transmit it to the mobile terminal 170 via SMS.

According to an embodiment of the present invention, when at least one entity corresponding to the user ID of the user is identified, the image matrix authentication processing unit 140 selects an arbitrary image entity to constitute an image matrix together with the identified entity (For example, a virtual URL, etc.) and a virtual code for an image object of the user and an arbitrary image object, and virtual connection information for each of the generated image objects And a virtual code is mapped to the corresponding image object, a temporary image matrix may be generated and transmitted to the mobile terminal 170 and output through the mobile terminal 170.

In addition, the image matrix authentication processing unit 140 maps the virtual access information and the virtual code for each image object to the corresponding object, and transmits the virtual connection information and the virtual code to the mobile terminal 170, And generate the temporary image matrix.

Here, the mobile terminal 170 may check the virtual connection information through the virtual code and acquire the corresponding object through the confirmed virtual connection information.

If the temporary image matrix is rearranged according to the coordinate values received via the SMS, the mobile terminal 170 may transmit the rearranged temporary image matrix information to the relay server 100, The processing unit 140 compares the coordinate values of the image objects included in the rearranged temporary image matrix information with the coordinate values transmitted through the SMS, checks the hidden image matrix authentication information in the temporary image matrix information, can do.

After the image matrix authentication is performed through the image matrix authentication processing unit 140, the terminal authentication processing unit 145 transmits an authentication value for authenticating that the mobile terminal 170 is a legitimate terminal to the mobile terminal 170 .

The mobile terminal 170 generates an authentication value for authenticating that it is a legitimate terminal, and the generated authentication value may be generated by including or using the member ID and time information data of the terminal.

When the authentication value is received from the mobile terminal 170, the terminal authentication processing unit 145 may authenticate the legitimacy of the mobile terminal 170 using the authentication value within a designated time (e.g., 30 minutes) have.

When the validity of the mobile terminal 170 is authenticated through the terminal authentication processing unit 145, the payment processing relay unit 150 uses the terminal ID received from the mobile terminal 170 and the private key for mutual authentication Decrypts the double-encrypted account information, transmits the decrypted account information to the withdrawal transfer processing server 180 to request withdrawal transfer processing, and receives the withdrawal transfer processing result from the withdrawal transfer processing server 180 .

The digital signature processor 155 may sign the transaction information with the terminal ID and store the signature value and the transaction information in the storage medium 160 when the result of the withdrawal transfer process is received. Can be used for the prevention of non-repudiation of the transaction.

FIG. 2 is a diagram illustrating a service registration information registration process according to an embodiment of the present invention.

In more detail, FIG. 2 shows a process of registering service member subscription information to provide a mobile settlement service using account information. If a person skilled in the art is familiar with the present invention, It is to be understood that the present invention may be embodied in many different forms and should not be construed as being limited to the exemplary embodiments set forth herein, The technical features thereof are not limited only by the method shown in FIG.

Referring to FIG. 2, the illustrated method may be initiated (200) by installing an application (app) for a mobile payment processing service using image matrix authentication according to the present invention to a user's mobile terminal 170, .

After the application is installed in the mobile terminal 170, when the installed application is executed, the application generates a unique terminal ID (UUID) to be used for the mobile payment service using the account information, and registers the name, date of birth, Gender, telephone number, communication company, etc. (205).

Here, the terminal ID may be stored in a KeyChain (in the case of iOS) in the mobile terminal 170 or may be stored by encrypting IMEI, which is a manufacturer identification number, with a secret key.

The mobile terminal 170 may transmit the created terminal ID and the inputted subscription information to the relay server 100 in step 210. The relay server 100 may transmit the created subscription information to the correspondent server 100 based on the received subscription information, 185) to perform authentication of the user of the mobile terminal 170 (215).

Upon completion of the authentication of the user in the relay server 100, the relay server 100 may receive the PIN number setting information and the service registration request information input from the mobile terminal 170 (220) .

Here, the service subscription request information may include a carrier affiliation identifier CI, a terminal ID, a push token, and the like.

The relay server 100 then generates a member ID corresponding to the mobile terminal 170 or the user and transmits an asymmetric key (a public key, a secret key) for mutually authenticating the mobile terminal 170 and the relay server 100, Key) < / RTI >

When the member ID and the asymmetric key are generated, the relay server 100 stores membership subscription information, and may transmit the subscription result including the member ID and the public key to the mobile terminal 170 (230).

The relay server 100 may encrypt and store the member ID. In order to prevent the user from denying the registration of the service in the future, the relay server 100 may store the membership time, the member ID, the encrypted terminal ID, Identifier, and the like to the trusted electronic document archiving server, which is a third authority, which can be trusted (step 235).

FIG. 3 is a diagram illustrating an authentication setting information registration process for image matrix authentication according to an embodiment of the present invention.

FIG. 3 illustrates a process of setting up image matrix authentication information for image matrix authentication in addition to the PIN number, after registering service member subscription information for the mobile payment service of FIG. 2, Those skilled in the art will appreciate that, in order to provide higher security when providing a mobile payment service using the account information by referring to and / or modifying FIG. 3, It is to be understood that the present invention is not limited to the above-described embodiments, and that various modifications and changes may be made thereto without departing from the spirit and scope of the invention. .

Referring to FIG. 3, in the mobile settlement processing using the account information according to the present invention, after the process of FIG. 2 is performed, the illustrated method performs a second authentication after the first authentication based on the PIN number of FIG. (300) from the process of receiving an image entity setting request for image matrix authentication from the mobile terminal (170) of the user at the relay server (100) , Where the entity may include any one of a graphic, a number, and a character.

When the request for image object setting from the mobile terminal 170 is confirmed, the relay server 100 provides the image object group information and the information about the image object grouped at random to the mobile terminal 170 305), the mobile terminal 170 may request 310 to select an image object group and an image object.

The mobile terminal 170 may transmit information about the selected image object group and the image object together with the member ID to the relay server 100 in operation 315.

The relay server 100 extracts (320) one or more objects selected by the user from the image object group information and image object information received from the mobile terminal 170, and encrypts and stores the extracted image object information (325).

4 is a diagram illustrating an account information registration process according to an embodiment of the present invention.

4 is a flowchart illustrating a process of registering service subscription information for a mobile payment service using the account information of FIG. 2, and a process of registering authentication setting information of FIG. If a person having ordinary skill in the art to which the present invention belongs is referred to, it is possible to refer to and / or modify the FIG. 4 to register the account information to be used in the mobile payment service using the account information It is to be understood that the invention may be practiced otherwise than as specifically described herein. The invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth in the accompanying drawings.

Referring to FIG. 4, a method for registering account information for use in providing a mobile payment service using account information according to the present invention, after the process of FIG. 3 is performed, (400) from the process of inputting the account information to be used in providing the mobile settlement service using the account information.

The mobile terminal 170 may transmit the input account information to the relay server 100 together with the member ID and the terminal ID to request registration of the account information (405).

Here, the account information may include a bank code, an account number, an application classification, a date of birth, a payment instrument nickname, and the like.

The relay server 100 generates a payer number unique to the user corresponding to the received account information 410 and provides the payer number and account information to the withdrawal transfer processing server 180 to request the account authentication (415).

When the payee number and the account information are received from the relay server 100, the withdrawal transfer processing server 1800 processes the account authentication through the bank server 190 corresponding to the account information (420) To the relay server 100 (425).

If the account authentication is successfully performed, the relay server 100 can process the collection transfer consent of the user in conjunction with the withdrawal transfer processing server 180 and the mobile terminal 170 (430).

If the collective transfer agreement is successfully processed, the relay server 100 may first encrypt the account information using the terminal ID as a secret key (435).

Then, the relay server 100 encrypts the account information primarily encrypted by the terminal ID using the secret key generated for the mutual authentication (440), and transmits the account information of the primary and the secondary And stores the account information in the storage medium, and transmits the account information registration result to the mobile terminal 170 (445).

5 to 7 illustrate a process of providing a settlement service using account information according to an embodiment of the present invention.

FIGS. 5 to 7 are flowcharts illustrating a settlement service using account information according to an exemplary embodiment of the present invention in the course of performing electronic commerce through a merchant or a shopping mall after completing the settlement service using account information through the processes of FIGS. 2 to 4, Is provided.

In more detail, in FIG. 5, when a payment for goods purchase or service use is selected through a merchant or a shopping mall as a payment service using account information according to the present invention, 5 is a flowchart illustrating a process of performing PIN number authentication. Referring to FIG. 5, if a mobile payment service using the account information is provided, The present invention can be applied to various methods for authentication of the server 100 and the authentication process of the PIN number. However, the present invention includes all of the above-mentioned embodiments, Technical features are not limited.

Referring to FIG. 5, the illustrated embodiment may be initiated (500) from a process of receiving a payment request and order information from an affiliate store or a shopping mall in the relay server 100.

The relay server 100 may store the received order information and request execution of an application installed in the mobile terminal 170 in step 505. The relay server 100 may request the payment service in response to the order information from the mobile terminal 170 An application for authentication of the relay server 100 may be requested to the relay server 100 (510).

The relay server 100 transmits the member ID corresponding to the mobile terminal 170 and the time information data of the relay server 100 using the private key generated for mutual authentication at the request of the mobile terminal 170 (520) the authentication value for the relay server 100 by transmitting the generated authentication value to the mobile terminal 170 (S505).

When the authentication value is received, the mobile terminal 170 can authenticate the relay server 100 as a valid server within a designated time using the received authentication value (525).

When the authentication of the relay server 100 is completed, the mobile terminal 170 confirms the PIN number input from the user 530, and transmits the confirmed PIN number to the relay server 100 together with the member ID And may request authentication for the PIN number (535).

When the authentication result for the PIN number is received from the relay server 100 in step 540, the mobile terminal 170 transmits order information and registered account information (or an account information list) to the relay server 100, (545).

The relay server 100 can confirm the order information and the account information (or the account information list) according to the request of the mobile terminal 170 and transmit the order information to the mobile terminal 170 (550).

6 illustrates a process of performing secondary authentication through image matrix authentication after authentication of a relay server and PIN number authentication of a user is performed in the mobile terminal 170 through FIG. 5 Those skilled in the art will appreciate that, in the case of using the mobile payment service using the account information, the image matrix authentication process using the preset image entity, It is to be understood that the present invention is not limited to the above-described exemplary embodiments, and various changes and modifications may be made without departing from the scope of the present invention.

Referring to FIG. 6, the illustrated embodiment may be initiated (600) by transmitting the member ID from the mobile terminal 170 to the relay server 100 and requesting image matrix authentication.

When the image matrix authentication is requested from the mobile terminal 170, the relay server 100 identifies the entity corresponding to the member ID, and generates a randomly arranged temporary image matrix including the identified entity (605), and the generated temporary image matrix may be transmitted to the mobile terminal (610).

In addition, the relay server 100 may generate coordinate values in which the image object corresponding to the member ID is to be placed in the temporary image matrix, and send the generated coordinate values to the mobile terminal 170 through SMS (615).

The mobile terminal 170 may hide the image matrix authentication information by arranging entities corresponding to the member IDs in the temporary encryption matrix corresponding to the coordinate values transmitted through the SMS (620).

Then, when the user refers to the coordinate values included in the SMS and rearranges the temporary image matrix displayed on the mobile terminal 170, the mobile terminal 170 displays the rearranged temporary image matrix Information to the relay server 100 and request authentication (625).

The relay server 100 extracts the hidden image matrix authentication information from the temporary image matrix information rearranged according to the coordinate value from the mobile terminal 170 and processes the authentication through the extracted image matrix authentication information (630).

If the image matrix authentication is successful, the relay server 100 may transmit the image matrix authentication result to the mobile terminal 170 (635).

7, after the secondary authentication is performed through the image matrix authentication in FIG. 7, the relay server 100 processes the terminal authentication for the mobile terminal 170, And the payment process is performed using previously registered account information according to the present invention. As far as a person skilled in the art is concerned, referring to and / or modifying FIG. 7, The present invention can be applied to all of the above-described methods of implementation, and the technical features of the present invention are limited only by the method shown in FIG. 7 Or more.

Referring to FIG. 7, in order to authenticate that the mobile terminal 170 communicating with the relay server 100 is a legitimate terminal, the illustrated embodiment uses a public key for mutual authentication in the mobile terminal 170 to authenticate the member ID And generating an authentication value including time information data of the terminal (700).

The mobile terminal 170 may transmit the generated authentication value to the relay server 100 together with the member ID and the terminal ID to request payment (705), and the relay server (100) The mobile terminal 170 may authenticate the mobile terminal 170 as a legitimate terminal within a predetermined time (710).

When the mobile terminal 170 is authenticated as a legitimate terminal, the relay server 100 decrypts the stored account information (715), transmits the account information to the withdrawal transfer processing server 180, (Payment) processing (720).

Thereafter, when the result of the withdrawal transfer process is received from the withdrawal transfer processing server 180 (725), the relay server 100 generates a payment signature value using the terminal ID and stores it together with the transaction information (730) And may provide the payment result to the mobile terminal 170 and the merchant (or shopping mall) server 735.

100: Relay server 105: Service subscription information processor
110: mutual authentication key generation unit 115: image matrix authentication information setting unit
120: an account information registration unit 125: an information storage unit
130: payment request receiver 135: server authentication processor
140: image matrix authentication processing unit 145: terminal authentication processing unit
150: Payment processing relay unit 155: Digital signature processing unit
160: storage medium 165: wired terminal
170: Mobile terminal 175: Merchant (shopping mall) server
180: withdrawal processing server 185:
190: Bank server

Claims (9)

A mobile payment service providing method using account information executed by a relay server that communicates with a mobile terminal in which an application for a payment service is installed,
The terminal ID received from the mobile terminal, the PIN number used for the payment service, the member ID corresponding to the service subscription information of the user, and the asymmetric key for mutual authentication are generated and stored, and the image Providing an interface for setting the matrix authentication information to the mobile terminal and setting the image entity group information and image entity information selected or selected through the interface from the mobile terminal as image matrix authentication information, A first step of encrypting and storing authentication information;
A second step of generating, when the account information to be used for the payment service is received from the mobile terminal, a unique payment agent number of the user;
A third step of providing an account number, user information and account information of the user to an account transfer server linked with a financial institution server and requesting authentication processing for the account corresponding to the account information;
A fourth step of first encrypting the account information with the terminal ID and then encrypting the account information with the secret key of the relay server when the authentication processing for the account is completed;
When the first authentication using the PIN number provided from the mobile terminal is completed when the payment service using the application is completed, an image matrix in which the image objects included in the image matrix authentication information set for the secondary authentication are randomly applied is constructed Generating coordinate values to be placed in the image matrix corresponding to the image matrix authentication information among the image matrices provided to the mobile terminal and transmitting the coordinate values to the mobile terminal through SMS; And a fifth step of processing the secondary authentication using the received image matrix information and performing the settlement processing using the account information,
In the fifth step,
The authentication information generated by using the member ID and the time information data of the relay server is provided to the mobile terminal to process the authentication for the relay server within a designated time, and the member ID and the time information data of the terminal are transmitted from the mobile terminal Receiving the generated authentication value, processing the authentication for the mobile terminal, decrypting the double encrypted account information and requesting payment to the withdrawal transfer processing server when the authentication for the mobile terminal is processed The method of claim 1, further comprising:
delete 2. The method according to claim 1,
Further comprising the step of: transmitting the subscription time, the member ID, the encrypted terminal ID, the encrypted telephone number, and the encrypted communication carrier identifier to the third authorized electronic document repository server and storing the same. A method of providing mobile payment services.
delete delete delete delete delete delete
KR1020150141320A 2015-10-08 2015-10-08 Method for Providing Mobile Payment Service by Using Account Information KR101754486B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150141320A KR101754486B1 (en) 2015-10-08 2015-10-08 Method for Providing Mobile Payment Service by Using Account Information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150141320A KR101754486B1 (en) 2015-10-08 2015-10-08 Method for Providing Mobile Payment Service by Using Account Information

Publications (2)

Publication Number Publication Date
KR20170042392A KR20170042392A (en) 2017-04-19
KR101754486B1 true KR101754486B1 (en) 2017-07-07

Family

ID=58705969

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150141320A KR101754486B1 (en) 2015-10-08 2015-10-08 Method for Providing Mobile Payment Service by Using Account Information

Country Status (1)

Country Link
KR (1) KR101754486B1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20210096878A (en) 2020-01-29 2021-08-06 주식회사 컴홈 Real time payment information provision system on messenger service platform
KR20210122431A (en) 2020-04-01 2021-10-12 주식회사 컴홈 Machining system for artificial intelligence processing on service platform
US11657136B2 (en) 2017-12-21 2023-05-23 Bitstrata Systems Inc. Secure association of an installed application instance with a service

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102417808B1 (en) * 2020-09-07 2022-07-06 파킹클라우드 주식회사 Method, system and computer readable storage medium for handling self-payment and non-payment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101039909B1 (en) * 2010-04-19 2011-06-09 인하대학교 산학협력단 User authentication system and method for immunizing from hacking

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101039909B1 (en) * 2010-04-19 2011-06-09 인하대학교 산학협력단 User authentication system and method for immunizing from hacking

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11657136B2 (en) 2017-12-21 2023-05-23 Bitstrata Systems Inc. Secure association of an installed application instance with a service
KR20210096878A (en) 2020-01-29 2021-08-06 주식회사 컴홈 Real time payment information provision system on messenger service platform
KR20210122431A (en) 2020-04-01 2021-10-12 주식회사 컴홈 Machining system for artificial intelligence processing on service platform

Also Published As

Publication number Publication date
KR20170042392A (en) 2017-04-19

Similar Documents

Publication Publication Date Title
US10594498B2 (en) Method and service-providing server for secure transmission of user-authenticating information
JP6713081B2 (en) Authentication device, authentication system and authentication method
US11568396B2 (en) Method for using and revoking authentication information and blockchain-based server using the same
KR101621254B1 (en) Payment method, computer readable recording medium and system using virtual number based on otp
US20160241405A1 (en) Method, Apparatus and Computer Program for Issuing User Certificate and Verifying User
JP6704919B2 (en) How to secure your payment token
WO2019050527A1 (en) System and method for generating trust tokens
US20140149294A1 (en) Method and system for providing secure end-to-end authentication and authorization of electronic transactions
CN105046488A (en) Method, apparatus, and system for generating transaction-signing one-time password
CA3042357A1 (en) Verifying an association between a communication device and a user
JP2013514556A (en) Method and system for securely processing transactions
TWI775288B (en) Payment token application method, equipment, system and server
US20130061051A1 (en) Method for authenticating electronic transaction, server, and terminal
KR101754486B1 (en) Method for Providing Mobile Payment Service by Using Account Information
CN112308555A (en) Remote transaction system, method and point-of-sale terminal
KR101604622B1 (en) Method for Processing Mobile Payment by Using Encryption Matrix Authentication
US10108937B2 (en) Method of registering a membership for an electronic payment, system for same, and apparatus and terminal thereof
EP2747363A1 (en) Transaction validation method using a communications device
Sung et al. Mobile Payment Based on Transaction Certificate Using Cloud Self‐Proxy Server
KR101799517B1 (en) A authentication server and method thereof
KR20150031594A (en) Payment system for using mobile phone and method thereof
KR101710950B1 (en) Method for distributing encrypt key, card reader and system for distributing encrypt key thereof
TW201804384A (en) Electronic card creating system and method thereof capable of effectively improving security of card information
Dass et al. Security framework for addressing the issues of trust on mobile financial services
KR101691169B1 (en) Method for distributing encrypt key, card reader, authentification server and system for distributing encrypt key thereof

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment
X701 Decision to grant (after re-examination)