KR101797222B1 - Method and apparatus for providing users with secure financial transactions based on whether a private terminal is carried or not - Google Patents

Method and apparatus for providing users with secure financial transactions based on whether a private terminal is carried or not Download PDF

Info

Publication number
KR101797222B1
KR101797222B1 KR1020160029625A KR20160029625A KR101797222B1 KR 101797222 B1 KR101797222 B1 KR 101797222B1 KR 1020160029625 A KR1020160029625 A KR 1020160029625A KR 20160029625 A KR20160029625 A KR 20160029625A KR 101797222 B1 KR101797222 B1 KR 101797222B1
Authority
KR
South Korea
Prior art keywords
financial transaction
terminal
financial
identification information
requested
Prior art date
Application number
KR1020160029625A
Other languages
Korean (ko)
Other versions
KR20170106586A (en
Inventor
정연일
Original Assignee
(주)수지원넷소프트
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)수지원넷소프트 filed Critical (주)수지원넷소프트
Priority to KR1020160029625A priority Critical patent/KR101797222B1/en
Publication of KR20170106586A publication Critical patent/KR20170106586A/en
Application granted granted Critical
Publication of KR101797222B1 publication Critical patent/KR101797222B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/30Transportation; Communications
    • G06Q50/32Post and telecommunications
    • GPHYSICS
    • G08SIGNALLING
    • G08CTRANSMISSION SYSTEMS FOR MEASURED VALUES, CONTROL OR SIMILAR SIGNALS
    • G08C17/00Arrangements for transmitting signals characterised by the use of a wireless electrical link
    • G08C17/02Arrangements for transmitting signals characterised by the use of a wireless electrical link using a radio link
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

A method for automatically providing a financial transaction requested by a user to a financial transaction processing terminal according to the present invention includes the steps of receiving account information requested for a financial transaction; providing the account information to a remote server, The method comprising the steps of: receiving, from the server, device identification information associated with the Bluetooth module, for example, an address of the Bluetooth module; and transmitting the wireless signal from the other module, The method comprising the steps of: detecting, via the Bluetooth module, whether the received device identification information exists in the detected signal; performing the requested financial transaction if the device identification information exists in the detected signal; Rejecting the requested financial transaction.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method and apparatus for providing a secure financial transaction to an individual based on whether or not a personal terminal is carried,

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method and an apparatus for providing stability to financial transactions such as cash withdrawal or transfer using personal financial automation equipment and the like.

Financial institutions are installing a lot of unmanned automation devices at each branch, shop or place where people come and go. Most people deal with simple financial transactions, such as cash withdrawals and transfers, in automated devices.

In addition, wired and wireless communication networks have developed, and individuals have been able to use terminals (such as smart phones or PCs) capable of accessing such communication networks at all times. Each financial institution also reflects such a common communication infrastructure And supports online financial transactions using the Internet, so that individuals can easily handle desired financial transactions, such as transfer between accounts, using a communication support terminal such as a PC.

However, since the financial service that can conveniently conduct financial transactions without using the direct bank counter is generalized, unexpected financial accidents, which are a side effect thereof, frequently occur. For example, if an individual loses his / her ID card and a wallet with a deposit / withdrawal card or a check card, and another person learns it, he / she can use the card to withdraw cash from the account of the lost person Or transfer it to another third party's account.

Of course, in order to prevent such financial accidents, an authentication procedure is required to input an individual's password in a financial transaction in an automation device, etc. However, in order to avoid forgetting a password in a modern life in which individuals need to use various passwords The user tends to designate a specific number assigned to himself / herself, for example, a resident registration number. In accordance with this tendency, if the user loses his or her ID card together with the number written on the ID card, It is possible to conduct illegal financial transactions by passing the self-certification procedure.

In addition, new malicious financial fraud techniques such as voice phishing are emerging, and authentication information (for example, a withdrawal password, a transfer security card number, etc.) enabling financial transactions on an automatic machine or online is also used together with account information The criminals often take cash out and escape by using automated devices or personal terminals connected to the network by using the information obtained through such financial fraud techniques. And transferring it to an anonymous third party account created for crime, causing financial harm to the individual.

Accordingly, a method of granting information to an individual for authentication in an automated device or an online financial transaction, and selectively approving the requested financial transaction based on whether or not the information is authenticated, It is practically difficult to prevent fraud at its source.

It is an object of the present invention to provide a method and an apparatus for preventing an accident or a malicious crime in a financial transaction by using a personal terminal always carried by an individual.

It is another object of the present invention to provide a method and apparatus for improving safety in financial transactions based on whether or not an individual terminal is carried, on the basis of characteristics of individuals in financial transactions.

It is still another object of the present invention to provide a method and apparatus for allowing a financial transaction based on whether or not an individual terminal is portable to be safely extended and used.

It is to be understood that the object of the present invention is not limited to the explicitly stated objects, but, of course, it is an object of the present invention to achieve the effect which can be derived from the following specific and exemplary description of the present invention.

According to an aspect of the present invention, a method for automatically providing a requested financial transaction from a user to a financial transaction processing terminal includes the steps of: receiving account information requested for a financial transaction; providing the account information to a remote server And receiving, from the server, device identification information listed in association with the account information; and a second step of detecting a wireless signal from another module capable of communicating in a mutually non-contact state through a short range wireless communication module, If the device identification information exists in the detected signal, performing the requested financial transaction; and if not, rejecting the requested financial transaction. / RTI >

In one embodiment of the present invention, the method may further include transmitting unique identification information of the financial transaction processing terminal to the server to request approval of the requested financial transaction. In this case, the fourth step executes the requested financial transaction only when there is an approval response to the request.

In an embodiment of the present invention, the step of requesting approval may be made when the device identification information is present in the detected signal, or when providing the account information to the server.

In an embodiment according to the present invention, the method further comprises, in response to the approval request from the financial transaction processing terminal, at a terminal having the unique identification information or at another terminal installed in the same space as the terminal, And an authentication step of confirming whether the financial transaction has been performed for the account information, and if the financial transaction has been performed, an approval response to the financial transaction processing terminal is made, and if there is no fulfillment, the rejection response is made.

In the above embodiment, the authentication step may further carry out the additional authentication procedure when there is no fulfillment, and selectively reject the authentication in accordance with whether or not the authentication is failed in the additional authentication procedure. In the additional authentication procedure, a subscriber associated with the account information requests a telephone number to be used for authentication by connecting a call to a pre-specified telephone number, and the inputted number is a number To determine whether the authentication is successful or unsuccessful. More specifically, if the pre-designated telephone number is of a type assigned to a telephone terminal capable of mobile communication, a request is made to a respondent of a call for input of a number generated by the one-time password generator (OTP) When the telephone number is a type assigned to a telephone terminal of a wired communication, the call respondent is requested to input at least a part of the card number previously registered at the time of subscription, or a number guided by voice.

According to an embodiment of the present invention, in response to the approval request from the financial transaction processing terminal, the requested financial transaction may be transmitted to a specific service confirming at the time of financial transaction whether previously designated device identification information is detected in the vicinity And if it is not the first time, at the terminal having the unique identification information or at another terminal installed in the same space as the terminal, And a response step of selectively acknowledging the transaction according to whether or not there has been a previous transaction with respect to the account information.

In the embodiment, in the case where the requested financial transaction is the first after the subscription to the specific service, if the predetermined time period has elapsed from the time when the specific service has been acquired, the additional authentication step is performed, And the approval response is selectively made according to the success or failure of the authentication in the additional authentication procedure.

According to another aspect of the present invention, a terminal apparatus for processing a financial transaction request from a user includes an interface unit for inputting information requesting a financial transaction from a user and displaying a result of a financial transaction, A short range wireless communication module configured to detect a wireless signal from another module capable of corresponding communication and to confirm the device identification information of another module from the detected signal; A client unit configured to receive the device identification information from the server and to receive the device identification information registered in association with the account information from the server and to control the near field wireless communication module to confirm the device identification information for peripheral devices, The identification information includes information that matches device identification information received from the server If present is configured to include a control unit configured to notify the client unit. The client unit performs the financial transaction requested by the user through the interface unit if the identical device identification information exists, and refuses the requested financial transaction if it does not exist.

The terminal device according to the present invention may be an ATM (Automated Teller Machine) installed in a financial institution or a computing device used by individuals such as a PC, a notebook computer, a tablet computer, and the like.

At least one embodiment of the present invention, as described in detail above with reference to the present invention or the accompanying drawings, is to provide financial transactions through devices (ATMs, online PCs, etc.) It is possible to prevent an accident in an automated financial transaction by checking whether the individuals possessing the portable terminal can be convinced as the true owner of the account in which the transaction is made and then carrying out the requested financial transaction. In addition, in spite of improving the stability in the financial transaction, the user does not have to perform any operation (manipulation, contact with the financial terminal, etc.) of his / her portable terminal in such a financial transaction process, To make the financial transactions the same as before.

Further, according to the embodiments of the present invention, it is possible to selectively accept the requested financial transaction after the additional authentication, depending on whether or not there is a previous transaction in the same device or place, .

FIG. 1 illustrates an example of an overall system in which a method for providing a secure financial transaction service based on whether or not a personal terminal is carried, according to the present invention,
2 is a block diagram of a configuration of a financial transaction processing terminal according to an embodiment of the present invention,
3 is a diagram illustrating a signal flow between related apparatuses according to a process of providing a secure financial transaction service based on whether a personal terminal is carried or not according to an embodiment of the present invention,
4 illustrates an exemplary signal flow between related devices according to a process of providing a secure financial transaction service based on whether a personal terminal is carried or not according to another embodiment of the present invention,
FIG. 5 is a flowchart illustrating a process of selectively performing additional authentication in order to satisfy user convenience and financial transaction security according to another embodiment of the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

In the description of the embodiments according to the present invention and the accompanying drawings, like reference numerals denote like elements unless otherwise specified. Of course, for convenience of explanation and understanding of the present invention, the same constituent elements may be assigned with different numbers if necessary.

FIG. 1 illustrates an example of an overall system in which a method of providing a secure financial transaction service based on whether a user carries a portable terminal according to the present invention can be performed. The financial transaction processing server 101 of a financial institution, (110) capable of automatically performing a general financial transaction (withdrawal, deposit, transfer, etc.) required by users and a financial server (10) And a dedicated communication network 100 of a financial institution that provides a data communication path between the ATMs 110.

As shown in the figure, the system includes a public communication network 200, which can be freely accessed and used by users of the financial transaction service, for example, the Internet, a PC capable of accessing the public communication network, , A tablet computer, and the like may be further included. 1, a gateway 102 for providing a data path between the dedicated communication network 100 and the public communication network 200 is further included, and users can access the online The data is transmitted to and received from the financial server 101 via the gateway 102.

2 is a block diagram illustrating a configuration of a financial transaction processing terminal 10 (hereinafter, abbreviated as a 'financial terminal') for providing a secure financial transaction based on whether a user carries an individual terminal, according to an embodiment of the present invention. As shown in Fig.

The financial terminal 10 includes a communication unit 12 for performing data communication with a connected communication network and a financial transaction processing client unit 12 for performing a financial transaction requested by an individual through information exchange with the financial server 101. [ (Hereinafter referred to as a "financial client unit"), a user interface for receiving input from a user via a keypad or a touch screen, and for providing information to the user on the screen 14a A short range communication module 15 for detecting a radio signal from a short range wireless communication module of a wireless signal system, for example, a Bluetooth module, , And a control unit (11) for controlling the components (12 to 15) or exchanging data / information so that a financial transaction according to a user's request can be safely performed. The.

The financial terminal 10 having the configuration shown in FIG. 2 may be the ATM 110 of FIG. 1 or the terminal 201 which can be used individually. 2, a card recognizer capable of recognizing a deposit / withdrawal card, a check card, and the like, and a teller (not shown) including an ejector capable of ejecting stored banknotes, etc. are provided in the financial terminal 10 (20) is further included. In the latter case, the financial terminal 10 may be a personal computer, a notebook computer, a tablet computer, or the like. In this case, the software for performing the secure financial transaction method according to the present invention may be implemented by a conventional method It is presumed that it is downloaded from a remote site (for example, a customer support server of a specific financial institution) and installed / executed in the corresponding device.

3 is a diagram illustrating a signal flow between related apparatuses for providing a secure financial transaction service based on whether or not a user carries an individual terminal according to an embodiment of the present invention. A method for providing a secure financial transaction service according to the present invention will be described in detail.

An individual who wishes to use a secure financial transaction service based on whether a user carries a personal terminal according to the present invention first visits a branch of a financial institution he wants to use, provides necessary information, and subscribes to the service. At the time of subscribing to this service, the user is required to have a unique identification number (for example, a Bluetooth module) of a short range wireless communication module provided in a terminal, such as a mobile communication terminal For example, a 12-digit hexadecimal Bluetooth address) through a search device provided at a bank or a window.

According to the embodiment of the present invention, it is possible to use an ID that can uniquely identify a specific place frequently used by a customer (a branch of the financial institution or the like) or a specific terminal such as a PC or a notebook (for example, MAC address of the LAN card, etc.).

The additional information provided from the user for joining the safe financial transaction service according to the present invention may include information for existing financial transactions (for example, account number, account name, password, etc.) Is transmitted from the terminal to the financial server 101 and registered (P30).

After the registration of the subscription information for the secure financial transaction service according to the present invention, the corresponding user can access the arbitrary financial terminal 10 (the terminal may be an ATM installed in a financial institution or a convenience store, (For example, a personal computer, a personal computer, or the like), inputs necessary information through the interface unit 14 according to an ordinary method, and requests the desired financial transaction (P31) .

When the terminal to be used is an ATM, the account information (account number, account name, etc.) of a user who wishes to conduct a financial transaction can be provided through a card recognizer included in the telecommunication unit 20, In the case of a terminal, the account information of the user can be specified through a login procedure according to a normal method on the Internet banking page of the financial institution.

When the account information is input as described above, there is a request for a financial transaction desired by the user (in the case of ATM, withdrawal of money or transfer of money, or transfer of money if the financial terminal 10 is a personal terminal such as a PC) The control unit 11 determines whether or not the information accompanying the request (the requested financial transaction information (the withdrawal demand amount, the account number to be transferred and the transfer amount, hereinafter referred to as "financial transaction request information"), To the financial client unit (13).

Then, the financial client 13 once stores the transferred information, and then transmits the account information through the communication unit 12 with the financial server 101 as a destination, (For example, the address of the above-described Bluetooth module) (step S31). The request may be routed to the financial server 101 via the dedicated communication network 100 or may be routed to the financial server 101 via the public communication network 200 and the gateway 102, And is routed to the server 101.

Upon receipt of the request, the financial server 101 confirms whether the account (or an account account) is subscribed to the secure financial transaction service based on the account information received together with the request, and if the account The portable terminal identification information registered in the subscription information is read (P32) and provided to the financial terminal 10 (S32). The provision of this identification information is made in the reverse direction along the same path through which the request is transmitted.

The financial client unit 13, which receives the identification information transmitted from the financial server 101 via the communication unit 12, transmits the identification information to the control unit 11. [ If the financial client 101 receives a notice from the financial server 101 that the corresponding account number is not entered into the secure financial transaction service according to the present invention, the financial client unit 13 transmits the financial transaction request information The processing according to the normal method is performed. In the execution of the requested financial transaction, operation of the teller unit 20 (such as cash withdrawal) according to the exchange of necessary information with the control unit 11 is performed, or the financial server 101 or another financial settlement server To be transferred between the accounts based on the financial transaction request information in accordance with the information exchange of the financial transaction request information. Of course, when conducting a financial transaction such as transfer between accounts, the financial client unit 13 transfers the processing result information to the control unit 11 so that the control unit 11 transmits the processing result information to the interface unit 14 ).

Upon receiving the identification information for the portable terminal, the controller 11 controls the short-range communication module 15 (for example, a Bluetooth module) That is, a Bluetooth module capable of communicating in correspondence with each other). The short-range communication module 15 detects a signal in a non-contact state with another apparatus that can be mutually corresponded, decodes the detected signal in a designated manner, and transmits the decoded signal to another apparatus, that is, a mobile communication terminal The control unit 11 is notified of the identification information of the short distance communication module, for example, the Bluetooth address (P33).

If the identification information of the other wireless devices found in the vicinity is notified, the controller 11 confirms whether the identification information received from the financial client unit 13 exists in the searched identification information (P34). If the same identification information is not found, the control unit 11 stops the financial transaction requested by the user and displays information for guiding the displayed financial transaction on the screen 14a of the interface unit 14, (13).

In one embodiment of the present invention, when the same identification information is not found in the primary search result, the control unit 11 may search for the requested financial transaction again without immediately stopping the transaction. This re-search may be performed only when there is an input of " confirmation " from the user after the guidance message such as "activate the Bluetooth function of the user's mobile phone!" Is outputted through the interface unit 14 . If the same identification information is not searched again in the re-search, the control unit 11 stops the requested financial transaction of the user.

If the same identification information is found in the primary search or the re-search, the control unit 11 notifies the financial client unit 13 of the fact that the financial client unit 13, As described above, the requested financial transaction of the user is performed according to a conventional method.

As described above, when an arbitrary user requests a financial transaction through the financial terminal 10, the requested financial transaction is selectively transferred to the financial transaction terminal 10 depending on whether the requested account state is almost always carried by the personal terminal By doing so, the requested financial transaction will not be made if there is no real account in the field. Accordingly, even if account information of an arbitrary service subscriber and a password necessary for transaction are exposed to another person or a criminal by hacking, voice phishing, or an individual mistake, thereby being abused in a financial transaction or used for a crime, Such an account is fundamentally blocked because the account principal is not at the scene.

In addition, when a user of a financial institution subscribes to the safe financial transaction service according to the present invention, there is no need to perform a special operation on the personal terminal that he / she always carries at the time of actual financial transaction, It is not necessary to perform a specific mutual action with respect to the terminal, for example, to make contact with a specific area (for example, contact for communication according to the RFID system). That is, the user can carry out a desired financial transaction by carrying out the same operation as before with respect to the financial terminal while keeping the mobile communication terminal as it is in his pocket or bag. Therefore, in the financial transaction method according to the present invention, the convenience of use remains the same as the previous transaction method, although the safety in the financial transaction is greatly improved.

According to the embodiment of the present invention, when the identification information of the portable terminal of the user is searched, the trust transaction of the requested transaction can be confirmed without performing the financial transaction immediately following the request information. FIG. 4 is an exemplary illustration of signal flow between related devices when a method for providing a more secure financial transaction service is made, according to the present embodiment.

In the embodiment having the signal flow of FIG. 4, unlike in the embodiment according to FIG. 3, if a device having the same identification information is found by the close range communication module 15 (P34) And will proceed with additional verification procedures to ascertain the reliability of the requested financial transaction.

To this end, the financial client unit 13, when there is a notification from the control unit 11 that the device of the same identification information, for example, the Bluetooth module, has been searched in the vicinity as described above, A message for confirming the previous transaction and the transaction approval for the corresponding account number (or account account) is formed and transmitted to the financial server 101 through the communication unit 12 (S41). Information for uniquely identifying the financial terminal 10 (for example, the MAC address 12a assigned to the communication unit 12) is read and included in the message as well as the account information .

The financial server 101 confirms the account information and the terminal unique identification information (hereinafter, referred to as 'terminal unique information') included in the message received from the financial terminal 10, It is confirmed whether the financial transaction has been implemented on the same terminal for the account state. The confirmation of whether or not the financial transaction has been performed before is made by retrieving the transaction history database constructed in real time by the financial server 101 from the transaction information reported from the financial terminal when the safe financial transaction according to the present invention is requested, Lt; / RTI >

The financial server 101 extracts the transaction history information registered as the same account number (or account note) in the transaction history database and confirms whether there is the same terminal specific information in the extracted transaction history information (P41) . Of course, at this time, it is possible to extract only the previous transaction details within a certain time (for example, one year) from the present.

If the terminal-specific information included in the received message is for an ATM operated by a financial institution, the financial server 101, in addition to the same terminal-specific information, Specific information about other ATMs installed at the same shop or branch is also confirmed. Of course, the ATMs installed together in the same space are stored in the financial server 101 as a separate ATM installation status database.

Therefore, if the received terminal specific information is for the ATM, the financial server 101 searches the ATM installation status database first and stores it in another ATM (ATM) And confirms whether there is at least one of the identified terminal specific information in the transaction history information extracted for the corresponding account number or account state extracted from the transaction history database (P41) . Confirmation of such previous transaction details is to verify whether the user has previously made a financial transaction in a space where the user wishes to conduct a financial transaction.

If the transaction history information extracted from the transaction history database as described above includes transaction details of the same device or at the same place (P42), the financial server 101 determines that the transaction currently requested for approval is reliable , And 'transaction approval information' (P45).

If there is no previous transaction details for the same device / place, the financial server 101 proceeds to an additional authentication procedure to determine whether to approve or deny the current transaction (S43) .

According to one embodiment of the present invention, when a subscriber specifies information on a device or a place to be used at the time of subscribing to the SAF service, it is checked whether the received unique information matches the specified information, Therefore, additional authentication procedures may be carried out selectively.

For this embodiment of performing additional authentication, information necessary to receive additional authentication (e.g., a unique number for the password generator (OTP), a subscriber telephone number, and / or a partial number such as a credit card) Is registered in advance in the financial server (101) or in a third server involved in the additional authentication, upon receipt from the user at the time of subscribing to the secure financial transaction service according to the invention.

When the additional authentication procedure is started, the financial server 101 confirms the telephone number of the service subscriber registered in advance for the account number or account state, and if the telephone number is the type assigned to the mobile telephone, After receiving the one-time number generated by the password generator, it is received by the user to input the one-time number generated by the password generator, and if the received one-time number matches the one-time password generated at that time in the pre-registered password generator, . The one-time password generated by the password generator may be notified to the other authentication server. If they match, it is determined that the additional authentication has succeeded, and the message of 'transaction approval information' is formed as described above (P45). If they do not match, a message of 'transaction denial information' is formed by determining that the additional authentication has failed (P46).

If the telephone number of the registered subscriber is of the type assigned to the wired telephone, additional authentication is performed in a manner different from the above. For example, at this time, the financial server 101 connects a call to the telephone of the corresponding telephone number, and then causes the receiver to input a part of the credit card (for example, the following 8 digits) Or to voice a specific number, and then have the recipient enter the number. In the former case, the inputted number is compared with a card number or the like for additional authentication, and the latter is compared with the number sent out by voice. If they match, it is determined that the additional authentication is successful, otherwise, it is determined that the authentication is unsuccessful, and a message is formed accordingly.

As described above, the reason why the additional authentication method is different according to the type of the previously registered phone number at the time of the service subscription is that there is no possibility that the mobile phone is lost together with the exposure of the user account information due to the loss of the wallet or the like. When such a rare case occurs, the authentication method of inputting the credit card information or inputting the number of the voice guided through the incoming mobile telephone does not help to prevent a financial transaction accident.

On the other hand, the wire telephone number is for a telephone set fixed to a place (house, office, etc.) predetermined by the user, and the wire telephone has no relation with the loss, so inputting the number through the wire telephone is a secure additional authentication . If the user currently using the financial terminal 10 is away from the wired telephone for additional authentication, it is possible to respond to a call to the wired telephone through appropriate personal communication means You need to be informed in advance that you will be granted additional certification.

The financial server 101 having configured the approval or rejection message according to the success or failure of the additional authentication responds to the transaction approval request preceding the financial terminal 10 as the configured message (P47). In response to this response, a message informing the transaction approval or rejection is transmitted to the financial terminal 10 via the dedicated communication network 100 (or the public communication network 200) (S42).

This response message is received by the financial client unit 13 via the communication unit 12 of the financial terminal 10. If the response message is "denied" (P48), the financial client unit 13 causes the financial transaction requested by the user to be terminated under the control of the control unit 11, and if it is "approved" (P48) The control unit 11 refers to the requested financial transaction request information to perform the financial transaction requested by the user or to perform the necessary procedure directly by the control unit 11 according to the normal method as described above (P49).

When the financial transaction is stopped by receiving the rejection message in response to the approval request, the control unit 11 notifies the interface unit 14 of the cause of the interruption of the requested financial transaction (for example, ≪ / RTI > location / location authentication fails).

The control unit 11 notifies the financial client unit 13 of the completion of the financial transaction (for example, cash withdrawal) requested by the user in accordance with the transaction approval.

When the financial client unit 13 has a notification of "completion of financial transaction normal" from the control unit 11 or normally completes a financial transaction directly (for example, transfer between accounts) And provides transaction fulfillment information to the financial server 101 (S43). The financial transaction fulfillment information includes information on the transaction account information, the terminal specific information of the financial terminal 10, and the transaction date and time.

When the financial transaction fulfillment information is received, the financial server 101 registers the received information as a new item in the above-described transaction history database to determine whether the subsequent transaction request is a financial transaction request in the same device / space Reference to verification.

In the safety financial transaction according to the embodiment illustrated in FIG. 4, it is verified whether the financial transaction requested by the user is reliable by the additional authentication, so that the service subscriber can use the card and / Illegal financial transactions are virtually completely blocked, even if the mobile phone is lost, along with a purse containing identification, or if it is robbed by a criminal. This is because there is no possibility that a malicious user or a criminal acquiring the account information or the mobile communication terminal requests a financial transaction at the same device and place as the place where the account trader normally used the financial transaction.

In an embodiment according to the present invention, the requested financial transaction may alternatively be verified to be the same as the device / location where the transaction was previously performed. FIG. 5 is a flowchart of a process of the financial server 101 selectively performing additional authentication according to the present embodiment.

5, when the financial transaction server 101 receives a previous transaction confirmation and a transaction approval request from the financial terminal, the financial server 101 checks whether there is a previous transaction history at the same device / The requested financial transaction confirms first whether the user requests the financial transaction service after subscribing to the safe financial transaction service according to the present invention (P51). That is, it confirms that there is no transaction history previously registered for the account number or account state.

If it is confirmed in the confirmation that the request for the first financial transaction is received, the financial server 101 determines whether the current financial transaction request has been received within a predetermined period (for example, three months , 6 months, etc.) have not passed (P52). This is because, when there is a request for a financial transaction after a period of unused use for a considerable period after joining the service, there is no possibility that the first financial transaction is requested by another person after the account information and the mobile communication terminal are lost.

If the elapsed period from the service date is within the predetermined period, the financial server 101 responds to the transaction approval request from the financial terminal as transaction approval (P57), and after the predetermined period of time elapses , The additional authentication procedure described above is performed (P53). The operation according to the success or failure of the additional authentication is the same as in the above-described embodiment.

By adding the process according to FIG. 5, convenience and security in the user's financial transaction can be satisfied at the same time.

In another embodiment according to the present invention, when the first financial transaction request is made after joining the safety financing transaction service according to the present invention, a 'transaction approval' response may be made to the request immediately without checking the elapsed period from the service date have.

If it is determined that the transaction is not the initial transaction in the step P51 of confirming whether or not the request is the first transaction request after joining the service, the financial server 101, as in the previous embodiment, Depending on whether there is a history (P55), additional authentication is selectively performed (P53), and a response of 'transaction approval' or 'refusal of transaction' is given to the corresponding financial terminal according to the authentication result (P54).

In the embodiment of the present invention, the transaction approval request (S41) is transmitted when the same identification information as the terminal identification information received from the financial server (101) by the financial terminal (10) It was done after it was found in the search. In another embodiment according to the present invention, the transaction approval request procedure may not be performed separately. In other words, when the financial terminal 10 requests the financial server 101 to determine whether the financial transaction requested by the user is fulfilled (S31), the request is directly referred to as a transaction approval request The financial server 101 may proceed with necessary procedures. Of course, in order to do this, information necessary for additional authentication, for example, the terminal specific information 12a of the financial terminal 10, is transmitted to the financial server 101 at the time of requesting the portable terminal identification information.

If the above-described additional authentication is not necessary, the financial server 101 responds to 'transaction approval' and provides the portable terminal identification information registered at the time of subscription to the financial terminal 10, When additional authentication is required, when the success of the additional authentication procedure is succeeded, 'transaction approval' is answered as in the previous case. When the portable terminal identification information is received from the financial server 101, the financial terminal 10 selectively performs a financial transaction requested by the user depending on whether the same identification information is found in the vicinity, If the identification information is not received from the financial server 101, it is regarded that the financial transaction request is rejected and the guiding operation is performed accordingly.

The various embodiments described above and the structures and operations described in the embodiments can be selectively combined with each other in various ways unless they are incompatible with each other.

It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the present invention. Alteration, substitution, addition, or the like.

10: terminal for financial transaction processing 11 :
12: communication unit 13: financial transaction processing client unit
14: user interface unit 15: local communication module
20: Teller unit 100: Dedicated communication network
101: financial transaction processing server 102: gateway
110: ATM 200: Public telecommunication network
201: Personal PC

Claims (11)

A method for automatically providing a financial transaction requested from a user to a financial transaction processing terminal,
A first step of receiving account information requested for a financial transaction,
Providing the account information to a remote server and receiving device identification information linked to the account information from the server;
A third step of detecting a radio signal from another module which can communicate with each other in a non-contact state through a short range wireless communication module and checking whether the received device identification information exists in the detected signal;
Performing the requested financial transaction if the device identification information exists in the detected signal, and rejecting the requested financial transaction if the device identification information does not exist,
The method comprises:
Transmitting unique identification information of the financial transaction processing terminal to the server and requesting approval of the requested financial transaction;
And checking whether the financial transaction has been performed for the account information in any of the terminals installed in the same space as the terminal having the unique identification information in response to the approval request from the financial transaction processing terminal, An authentication step of issuing an approval response to the financial transaction processing terminal if there has been an execution of the financial transaction processing terminal,
Wherein the step (4) is to execute the requested financial transaction only when there is an approval response to the approval request. delete The method according to claim 1,
Wherein the request for approval is made when the device identification information exists in the detected signal or when the account information is provided to the server. delete The method according to claim 1,
Wherein the authentication step further carries out the additional authentication procedure in the case where the user has not been enforced and selectively makes the rejection response in accordance with whether or not the authentication in the additional authentication procedure fails. 6. The method of claim 5,
In the additional authentication procedure, a subscriber associated with the account information requests a call to a pre-designated telephone number to input a number for authentication on the telephone, and the inputted number matches a previously registered number Or determining whether the authentication is successful or unsuccessful by confirming that the number matches the predetermined method. The method according to claim 6,
In the additional authentication procedure, if the pre-designated telephone number is a type assigned to a telephone terminal capable of mobile communication, a request is made to a respondent of a call for input of a number generated by the one-time password generator (OTP) How to provide financial transactions. The method according to claim 6,
In the additional authentication procedure, if the pre-designated telephone number is a type assigned to a telephone terminal of a wired communication, the call respondent is requested to input at least a part of the card number previously registered at the time of the call, How to provide financial transactions. The method according to claim 1,
Wherein the authenticating step confirms whether the requested financial transaction is the first one after the subscription to the specific service for confirming whether the previously designated device identification information is detected in the vicinity of the financial transaction, And a terminal that is installed in the same space as the terminal having the unique identification information if it is not the first terminal to perform an approval response in response to whether or not there was a previous transaction with respect to the account information, How to Provide Transactions. 10. The method of claim 9,
Wherein the step of authenticating further includes the step of, when the requested financial transaction is the first after the subscription to the specific service, if the predetermined period has elapsed from the acquisition of the specific service, Wherein the approval response is selectively made according to whether or not the authentication of the terminal device is successful. A system for processing a financial transaction request from a user,
The system includes a terminal device and a server for processing a financial transaction requested by the terminal device,
The terminal apparatus comprises:
An interface unit for inputting information requesting a financial transaction from the user and displaying a result of the financial transaction,
A short range wireless communication module configured to detect a wireless signal from another module that can communicate with each other in a non-contact state, and to identify the device identification information of the other module from the detected signal;
And a control unit configured to control the near-field wireless communication module to confirm the device identification information with respect to peripheral devices, and to confirm whether or not there is information matching the device identification information received from the server, Wow,
Wherein the server is configured to provide account information input through the interface to a remote server and receive device identification information registered in association with the account information from the server, Executing the financial transaction requested by the user through the interface unit only when the approval request is received for the approval request and the corresponding device identification information is confirmed by the control unit after requesting approval of the requested financial transaction, And a client unit configured to reject the requested financial transaction when it is determined by the control unit that there is no matching device identification information or when there is a rejection response from the server for the approval request,
The server confirms whether the financial transaction has been executed for the account information in any of the terminal devices installed in the same space as the terminal device in response to the approval request from the terminal device, The terminal device is configured to perform an approval response to the terminal device, and to reject the terminal device if the terminal device has not been executed.
KR1020160029625A 2016-03-11 2016-03-11 Method and apparatus for providing users with secure financial transactions based on whether a private terminal is carried or not KR101797222B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020160029625A KR101797222B1 (en) 2016-03-11 2016-03-11 Method and apparatus for providing users with secure financial transactions based on whether a private terminal is carried or not

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020160029625A KR101797222B1 (en) 2016-03-11 2016-03-11 Method and apparatus for providing users with secure financial transactions based on whether a private terminal is carried or not

Publications (2)

Publication Number Publication Date
KR20170106586A KR20170106586A (en) 2017-09-21
KR101797222B1 true KR101797222B1 (en) 2017-11-14

Family

ID=60034638

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020160029625A KR101797222B1 (en) 2016-03-11 2016-03-11 Method and apparatus for providing users with secure financial transactions based on whether a private terminal is carried or not

Country Status (1)

Country Link
KR (1) KR101797222B1 (en)

Also Published As

Publication number Publication date
KR20170106586A (en) 2017-09-21

Similar Documents

Publication Publication Date Title
JP7279973B2 (en) Identification method, device and server in designated point authorization
RU2742910C1 (en) Encoded information processing
US10757573B2 (en) Method and system for authenticating a user
US10467604B1 (en) ATM transaction with a mobile device
WO2014051316A1 (en) Credit card payment system and credit card payment method using iris information
MXPA05011481A (en) Systems and methods for verifying identities in transactions.
US20120303527A1 (en) Process and host and computer system for card-free authentication
US20170221059A1 (en) System and method for generating a location specific token
US10489565B2 (en) Compromise alert and reissuance
US20180204214A1 (en) Systems and methods for transaction authentication using dynamic wireless beacon devices
JP2004272827A (en) Individual identification system and method
US20210049568A1 (en) Method and System for Large Transfer Authentication
KR100563544B1 (en) Method for authenticating a user with one-time password
KR20070029537A (en) Authentication system and method using individual unique code linked with wireless terminal
JP3925613B2 (en) Personal authentication system and personal authentication method
KR101797222B1 (en) Method and apparatus for providing users with secure financial transactions based on whether a private terminal is carried or not
KR100977028B1 (en) Remittance system and remittance method
KR101697432B1 (en) Method for certifying of financial transaction using location information
KR20190033727A (en) Method for Operating Virtual Account based on Real Identity
EP3332370A1 (en) Systems and methods for interaction authentication using dynamic wireless beacon devices
JP7468723B2 (en) Personal authentication system
WO2019004786A1 (en) System for providing account-based payment and settlement service
JP7413601B1 (en) Trading systems, trading devices, trading methods, and programs
KR101232581B1 (en) Payment processing system and control method thereof
JP2006221434A (en) Financial affair processing system

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
GRNT Written decision to grant