KR101858678B1 - Method for scrapping user information of card-company and application system thereof - Google Patents

Abstract

Disclosed are a user information scraping method and a system thereof. The user information scraping method comprises the steps of: allowing an application system, installed in a terminal of a user, to acquire a first information set or a second information set from the user wherein the first information set includes a card number, a card password, and a CVC number of the user and the second information set includes a phone number of the terminal, gender, nationality, date of birth, and communications company information of the user when the terminal is under the name of the user; allowing the application system to reset authentication information required for login as system authentication information using the received first and second information sets; allowing the application system to log-in an account of the user using the reset system authentication information; and allowing the application system to perform a scrapping process for scrapping user information of the card company by logging-in the account.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method for scrapping user information of a card company,

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to scraping, and more particularly, to a method and system for easily scraping user information required by an application providing a predetermined service to a user.

Scraping techniques have been widely known.

1 is a view for explaining a conventional scraping method.

Referring to FIG. 1, a conventional scraping method is a method in which a predetermined service server 20 can log in from a client 10 in order to scrape user information that can be confirmed only by logging into a system 30 of a predetermined target institution Information (e.g., ID / PWD or authorized certificate and certificate password, etc.). The service server 20 may access the system 30 of the target organization by using the received information, and then scrape necessary user information. Of course, for this scraping, the service server 20 may generate an event to pretend to the user of the target institutional system 30.

Such a scraping scheme may cause not only a problem that the service server 20 generates a relatively large load on the target institutional system 30 but also a problem that the target institutional system 30 has an unsolicited login form, An abusing issue may occur in the server 30. In this case, the service server 20 may be disconnected.

In the case where the service server 20 acquires the public certificate and the public certificate password as login information, even if there is no or minimal issue of the service server 20 in the target institution system, There is a problem that the psychological burden is relatively large. Therefore, it is very difficult to acquire the authorized certificate and the authorized certificate password from the users themselves.

Also, even if the information to be scraped can be verified by simply logging in with ID / PWD without requiring a relatively strong authentication means such as a public certificate, if the user can not remember the ID / PWD according to the type of the target institution There is a problem that the user takes a considerably long time to check the ID / PWD when the ID / PWD is requested at the time when scraping is required. This is because the service server 20 or the corresponding client 10 It can cause a problem that the necessary services can not be provided in a timely manner.

Korean Registered Patent No. 10-0460712 "Credit Rating System and Method Through Interfacing with Internet-Related Sites and Related Organizations"

Therefore, it is an object of the present invention to provide an efficient method and system for easily scraping user information necessary for a service from a target organization at any time on the service side.

According to an aspect of the present invention, a user information scraping method for scraping user information of a card issuer that can be confirmed by logging in an account of a card company system, includes the steps of: Acquiring a second information set including a first information set including a password, a CVC number, or a phone number, sex, nationality, date of birth, and communication company information of the terminal when the terminal is the user's name; Resetting the authentication information required for login using the first information set or the second information set received by the application system to system authentication information; and resetting the system authentication information using the reset system authentication information, , ≪ / RTI > This system includes the step of log in to the account to perform the scraping process for scraping the user information of the card company.

Wherein the user information scraping method further includes the step of the application system checking an authentication information setting condition of the credit card company, and the application system generating the system authentication information corresponding to an authentication information setting condition based on a result of the checking .

Wherein the application system scrapes a part of the system authentication information in the terminal and stores a remaining part of the system authentication information in a service server corresponding to the application system. When scraping user information of the card company, The application system may further include a part of the system authentication information stored in the terminal and a remaining part stored in the service server, and re-logging into the account.

The user information scraping method may further include requesting application authentication information of the user to be used in the application system, and confirming a part of the system authentication information stored in the terminal when the application authentication information is confirmed.

Wherein the user information scraping method further comprises the steps of redirecting the terminal to a page for subscription to the card company's system when the user is not subscribed to the credit card company's system, And automatically inputting at least a part of the first information set or the second information set received from the user to a user interface that requires input of at least a part of the available information.

Wherein the user information scraping method further comprises: when the application system attempts to re-log into the account using the system authentication information when re-scraping the card information of the card company; if the re-login fails, Setting the system authentication information, and re-login to the account using the set new system authentication information.

Wherein the user information scraping method further comprises the step of re-inputting the first information set or the second information set from the user when the re-login fails, wherein the first information set or the second information set The new system authentication information can be set.

Wherein the user information scraping method includes a scraping operation including at least one of the system authentication information, the time at which the system authentication information is set, the time at which the application system logs in using the system authentication information, and the scraped user information of the card company And storing the information at a predetermined location.

According to another aspect of the present invention, there is provided a user information scraping method for scraping user information of a card company that can be confirmed by logging in an account of a card company system, wherein an application system installed in a terminal of the user is a service server stored in the terminal or the application system The method of claim 1, further comprising the steps of: confirming system authentication information stored in at least one of the plurality of application programs; attempting to log into the account using the system authentication information; Obtaining a second information set including a first information set including a password, a CVC number, or a phone number, sex, nationality, date of birth, and communication company information of the terminal when the terminal is the user's name; The application system Resetting the new system authentication information to the new system authentication information using the first information set or the second information set received, logging in the account of the user using the new system authentication information that has been reset by the application system, And performing an scraping process for an application system to log into the account and scrape the card company's user information.

According to another aspect of the present invention, there is provided a user information scraping method for scraping user information of a card company that can be confirmed by logging in an account of a card company system, Checking whether existing authentication information of the existing system authentication information exists, and if the existing authentication information exists, the application system attempts to log in to the account using the system authentication information, A first information set including the card number of the user, a card password, and a CVC number, or a telephone number of the terminal if the terminal is the user's name, when the generated system authentication information does not exist, Sex, nationality, date of birth, Acquiring a second information set including the first information set and the second information set, resetting login authentication information to system authentication information using the acquired first information set or the second information set, and using the reconfigured system authentication information, And performing a scraping process for scraping the card company's user information by logging into the account of the user.

The above method can be performed by a computer program recorded on a medium.

According to an embodiment of the present invention, an application system installed in a user's terminal for scraping user information of a card issuer that can be confirmed by logging in an account of a card company system is provided from the user to the card number, card password, and CVC A second information set including a telephone number, sex, nationality, date of birth, and carrier information of the terminal if the terminal is the name of the user, A control module for re-establishing authentication information required for login using the first information set or the second information set to system authentication information, a login processing module for logging into the account of the user using the reset system authentication information, , And for scraping the card company's user information from the logged in account It comprises a wrapping module.

According to another embodiment of the present invention, an application system installed in a terminal of a user for scraping user information of a card company that can be confirmed by logging in an account of a card company system is installed in at least one of the terminal or the service server stored in the application system A login process module for confirming the authentication information of the stored login and attempting to log in to the account using the confirmed system authentication information and a login process module for registering the card number, the card password, and the CVC number of the user, A second information set including a telephone number, sex, nationality, date of birth, and communication company information of the terminal when the terminal is the name of the user, 1 information set or the second information set A control module for resetting login authentication information to system authentication information; and a control module for resetting the first target institutional user information when the user is logged in to the account of the user using the reset system authentication information by the login processing module, Lt; / RTI >

According to an embodiment of the present invention, there is an effect that, in the case of a user, convenience of the user is improved by performing scrapping by performing log-in at the service side without performing the authentication means or login information necessary for log-in for scraping directly to the service side.

Also, the service side can solve the problems that may occur when it is necessary to receive important personal information, that is, information or means for logging in, or to receive login information from the user only when scraping is required. That is, instead of receiving the log-in information itself, it is possible to quickly and efficiently perform scraping by allowing information to reset the log-in information to be received in advance and resetting the log-in information at a required time relatively quickly.

In addition, according to the present invention, since scrapping is performed in each terminal of the users, the issue of abusing from the target organization can be reduced.

BRIEF DESCRIPTION OF THE DRAWINGS A brief description of each drawing is provided to more fully understand the drawings recited in the description of the invention.
1 is a view for explaining a conventional scraping method.
FIG. 2 is a view for explaining the concept of a user information scraping method according to the technical idea of the present invention.
3 is a diagram for explaining a schematic configuration of an application system according to an embodiment of the present invention.
FIG. 4 is a diagram for schematically explaining a data flow of a user information scraping method according to an embodiment of the present invention.
5 is a diagram for explaining a concept of setting system authentication information based on an authentication information setting condition according to an embodiment of the present invention.
6 is a diagram for explaining a concept that system authentication information is divided and stored in a client and a server according to an embodiment of the present invention.
FIG. 7 is a diagram for explaining a concept of effectively inducing membership to a target organization according to an embodiment of the present invention.
8 is a view for explaining activity information according to an embodiment of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS The present invention is capable of various modifications and various embodiments, and specific embodiments are illustrated in the drawings and described in detail in the detailed description. It is to be understood, however, that the invention is not to be limited to the specific embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.

The terms first, second, etc. may be used to describe various components, but the components should not be limited by the terms. The terms are used only for the purpose of distinguishing one component from another.

The terminology used in this application is used only to describe a specific embodiment and is not intended to limit the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise.

In this specification, the terms "comprises" or "having" and the like refer to the presence of stated features, integers, steps, operations, elements, components, or combinations thereof, But do not preclude the presence or addition of features, numbers, steps, operations, components, parts, or combinations thereof.

Also, in this specification, when any one element 'transmits' data to another element, the element may transmit the data directly to the other element, or may be transmitted through at least one other element And may transmit the data to the other component. Conversely, when one element 'directly transmits' data to another element, it means that the data is transmitted to the other element without passing through another element in the element.

Hereinafter, the present invention will be described in detail with reference to the embodiments of the present invention with reference to the accompanying drawings. Like reference symbols in the drawings denote like elements.

FIG. 2 is a view for explaining the concept of a user information scraping method according to the technical idea of the present invention.

Referring to FIG. 2, an application system 100 may be implemented to implement a user information scraping method according to the technical idea of the present invention. The application system 100 may be installed in a predetermined terminal 1 to implement the technical idea of the present invention.

Although the terminal 1 can be implemented as a mobile phone used by a user, it can communicate with the target institutional system 200, 210 to implement the technical idea of the present invention, and the application system 100 is installed The implementation of the data processing apparatus may be various as long as the technical idea of the present invention can be implemented.

The application system 100 is a system in which software (application) installed in the terminal 1 and hardware of the terminal 1 driving the application are combined and implemented in order to implement the technical idea of the present invention It can mean.

The application that defines the application system 100 may be a separate proprietary application for scrapping the technical idea of the present invention, i.e., user information, but may be an application that provides a predetermined service to a user. In this case, the functions defined in this specification, i.e., the function for scraping the user information, may be a function in addition to the function for the service provided by the application to the user. Of course, the service provided by the application may be a service using scraped information according to the technical idea of the present invention.

The services provided by the application may vary. According to an example, the service may be a financial service such as a remittance service, a payment service (an intermediary service), a loan service, etc. In this case, the user information to be scrapped may include a user's card usage history, The information of the user closely related to the financial service. At this time, the target institution corresponding to the target institution system 200 or 210 may be a financial institution that maintains / manages user information such as a card company, a bank, and the like. However, the above-mentioned service, the user information, and the implementation of the target organization may vary widely, and the average expert in the technical field of the present invention can easily deduce that the scope of the present invention is not limited to these embodiments .

The application system 100 can provide a service provided by the application system 100 to a user by performing communication with the service server 300. [ In addition, the service server 300 may perform some functions to implement the scraping method of user information according to the technical idea of the present invention. This will be described later.

The application system 100 may access the target institutional system 200, 210 and log in to the account of the user who wants to scrape. And may output a predetermined request to the target institution system 200 or 210 in order to acquire necessary user information after login. It is well known and utilized that this series of scraping processes can be done by the application system 100 outputting a signal to simulate a user's actions to the target institutional system 200,210, .

However, the user information scraping method according to the technical idea of the present invention differs from the conventional method in which the server 20 described in FIG. 1 performs scraping, in that the application system 100, that is, Has a feature of performing scraping.

Accordingly, there is an effect that the risk of blocking the scraping is released from the target institution system 200 or 210, and the information to be scraped is primarily stored in the terminal of the user.

Of course, it is possible that the application system 100 performs scraping based on the consent and appropriate authority of the users.

Meanwhile, the user information scraping method according to the technical idea of the present invention has a feature of obtaining login changeable information, unlike the conventional method of obtaining login information for logging into a user's account.

That is, depending on the type of the service or the target institution, it is often the case that it is burdensome for the user to obtain the login information (for example, ID / PWD or the official certificate and the certificate password) or the user does not recognize the login information frequently .

In such a case, it may be more effective to obtain from the user information that can be given permission to change all or a part of the log-in changeable information, that is, login information, rather than the login information of the user.

Of course, for some users who already know the login information (for example, ID / PWD), login can be performed using the login information (for example, ID / PWD), but login changeable information can be used for the remaining users have.

Moreover, the login information is dependent on the target institutional system 200, 210, so that the type can be different according to the target institutional system 200, 210 and can be defined only by membership in the target institutional system 200, 210 , The login changeable information may be information that is less dependent on the target institutional system 200, 210, and may be specified even if it is not registered as a member.

For example, if the target organization is a financial institution such as a card company or a bank, the login information may be ID / PWD. Or there is a case where a public certificate and a certificate password are required as login information according to the type of user information to be scraped. The login information may be information that can be specified only if a user who is engaged in a transaction with the financial institution is a member of the financial institution, that is, a member of the target institution system 200 or 210 and has an account.

However, the log-in changeable information does not depend on the target institutional system 200 or 210, such as the card number, the card password, the CVC number, etc., in the case of the card company, Information.

Therefore, it is not burdensome for the user to acquire the login changeable information as compared with the case of acquiring the login information from the user, and it is also effective on the service side. In particular, considering that most users use the same or very similar login information for the other system as well as the target institutional systems 200 and 210, it is possible to obtain login changeable information It may be more secure to allow the application system 100 to set new login information (e.g., a password) and log in without knowing the login information (e.g., password) set by the user.

As a result, according to the technical idea of the present invention, the application system 100 can acquire the log-in changeable information from the user and acquire the obtained log-changeable information to connect to the predetermined target institutional system 200, 210.

The log changeable information may vary in the embodiment, and may vary depending on the type of the target organization and / or the type of user information to be scraped.

For example, the login changeable information may be a card number, a card password, a CVC number, and the like. Or login changeable information may be information used for so-called 'authentication of the mobile phone user', that is, name, sex, telephone number, communication company, date of birth, and the like. If the information required for authentication of the mobile phone is the login changeable information, the control module 110 may perform the action of re-inputting the authentication number received by the terminal 1 after inputting the login changeable information Of course it is. Such a case may be, for example, but not limited to, when the target organization is a credit card company.

The login changeable information may be an account number, an account password, a name, a date of birth, and the like. Such a case may be, for example, but not limited to, an account operating entity (for example, a bank, a securities company, etc.) in which the target institution operates the account.

Also, according to the embodiment, the login changeable information may include authentication information obtained through a separate physical authentication means (e.g., OTP, security card, etc.). In this case, the login changeable information may further include additional information such as OTP authentication information (disposable authentication information) or security card authentication information in the basic information set including the account number, account password, name, and date of birth. If the login changeable information includes the authentication information acquired from the physical authentication means, the application system 100 can request the login changeable information in real time from the user and obtain the login changeable information in response to the request have. In addition, when requesting login changeable information, the user can be informed of what additional information is required (for example, whether it is an OTP or what information is desired from the secure card).

In addition, according to the embodiment, the application system 100 acquires the login changeable information does not necessarily acquire all of the login changeable information at the same time, (E.g., additional information) may be acquired later. Information to be acquired later may be time-dependent information (e.g., time synchronization otp, etc.), thereby eliminating the need to re-input or request information to the user.

In any case, the application system 100 can reset the authentication information (e.g., password, secret pattern, etc.) among the login information using the log-in changeable information. Normally, even if the target institution system 200 or 210 knows the log-in changeable information, since the authentication information that has already been set is not given, the login information set by the user is not leaked. Then, using the reset authentication information, the application system 100 can log into the account of the user provided by the target institution system 200, 210. And can perform the scraping process.

According to an embodiment, the login changeable information may include information on the ID of the account, but the application system 100 may check the ID of the account through the login changeable information according to an embodiment. After confirming the ID of the account, the authentication information can be reset through the login changeable information.

Then, the application system 100 logs in the account of the user of the target institution system 200 or 210 through the reset authentication information, requests the necessary user information, and performs scraping in a predetermined manner.

The application system 100 according to the technical idea of the present invention for realizing this technical idea may have a configuration as shown in FIG.

3 is a diagram for explaining a schematic configuration of an application system according to an embodiment of the present invention.

Referring to FIG. 3, the application system 100 includes a control module 110, an acquisition module 120, a login processing module 130, and a scraping module 140.

According to an embodiment of the present invention, some of the above-mentioned components may not necessarily correspond to the components necessary for the implementation of the present invention, and in accordance with the embodiment, But may include more components.

The application system 100 may include hardware resources and / or software necessary to implement the technical idea of the present invention, and does not necessarily mean a single physical component or a single device . That is, the application system 100 may mean a logical combination of hardware and / or software provided to implement the technical idea of the present invention. If necessary, the application system 100 may be installed in a separate apparatus to perform respective functions And may be embodied as a set of logical structures for realizing the technical idea of the present invention.

In this specification, a module may mean a functional and structural combination of hardware for carrying out the technical idea of the present invention and software for driving the hardware. For example, the module may refer to a logical unit of a predetermined code and a hardware resource for executing the predetermined code, and it does not necessarily mean a physically connected code or a kind of hardware But can be easily deduced to the average expert in the field of the present invention.

The control module 110 may perform other functions included in the application system 100, such as, for example, the acquisition module 120, the login processing module 130, and / or the scraping module 140, and / You can control resources.

The acquisition module 120 may obtain the user's login changeable information for a given first target institutional system 210.

For example, the acquisition module 120 can acquire the login changeable information by providing the user with a predetermined interface for requesting the login changeable information and receiving the login changeable information from the user through the corresponding interface. According to an embodiment, the service-side employee may receive the log-in changeable information through telephone or mail, and in such a case, the acquisition module 120 may update the login-change- Login changeable information may be obtained. The acquisition module 120 can acquire login changeable information notified from the user by any path.

Then, the control module 110 can reset authentication information (e.g., password, secret pattern, etc.) necessary for log-in using the obtained log-changeable information. The re-set authentication information is defined as system authentication information in this specification.

Then, the login processing module 130 can log in the account of the user's first target institutional system 200 using the system authentication information. If necessary, the login processing module 130 may perform a predetermined process for confirming the account ID of the first target institution system 200 of the user.

For example, the login processing module 130 may check the account ID from the login changeable information if the login changeable information includes the account ID. If necessary, the account ID can be confirmed from the first object institution system 200 using the login changeable information. It is needless to say that the login processing module 130 can perform an action for performing a series of processes scheduled by the first object institution system 200 for this purpose.

When the login is performed, the scraping module 140 can scrape desired user information from the first target institutional system 200 through a series of processes corresponding to the type of user information.

Meanwhile, in order for the control module 110 to set the system authentication information using the login changeable information, the authentication information setting condition defined in advance for each target organization to be logged in is confirmed, System authentication information may need to be set.

Such an example will be described with reference to FIG.

5 is a diagram for explaining a concept of setting system authentication information based on an authentication information setting condition according to an embodiment of the present invention.

5, the application system 100 connected to a predetermined first target institutional system 200 has an interface (e.g., a web page) for resetting authentication information (e.g., password) May be provided from the first target organ system 200 as shown in FIG.

The authentication information setting condition as shown in FIG. 5 may be guided to such an interface. The authentication information setting condition may be a condition that can be set as authentication information previously set in the first target institutional system 200.

For example, various authentication information setting conditions, such as a condition in which no consecutive numbers or alphabets should exist, at least one number must be included, and at least one symbol must be included, Can be defined.

The control module 110 determines whether the authentication information setting condition is satisfied through the first target institutional system 200 or a predefined storage device A method of inputting the authentication information setting condition into a predetermined storage device, or the like).

Then, the control module 110 may generate the system authentication information so as to correspond to the authentication information setting condition that is confirmed. And the generated system authentication information can be set as the authentication information of the first target institutional system 200.

As a result, the control module 110 may generate the system authentication information according to an authentication information setting condition that can be set differently for each target organization according to which target organization the target to be scraped is.

The generated system authentication information is used only once. In this case, even when scraping is performed in the same target institutional system, the application system 100 may generate new system authentication information and reset the authentication information of the corresponding user account have.

The system authentication information may be stored according to an embodiment. And stored system authentication information may be reused. The system authentication information may be simply stored in the terminal 1. However, according to the technical idea of the present invention, the system authentication information may be divided and stored in the terminal 1 and the service server 300. In the latter case, of course, security is increased.

That is, when the system authentication information capable of accessing the account of the user of the first target institutional system 200 is exposed, the control module 110 transmits the system authentication information to the first target institutional system 200 in order to reduce the risk of lethal damage to the user. The generated system authentication information can be divided and stored.

Therefore, even if only either the terminal 1 or the service server 300 is attacked, the system authentication information is not exposed to an attacker.

Such an example will be described with reference to Fig.

6 is a diagram for explaining a concept that system authentication information is divided and stored in a client and a server according to an embodiment of the present invention.

6, the system authentication information (e.g., "ACE! #% 086") generated by the control module 110 may be as shown in FIG. The system authentication information (e.g., "ACE! #% 086") may be information generated by the control module 110 to correspond to an authentication information setting condition of the target institutional system 200 or 210.

The control module 110 generates the system authentication information (e.g., " ACE! #% 086 ") after generating the system authentication information It can be divided and stored in the service server 300. The method of dividing the system authentication information (e.g., "ACE! #% 086") may be various. For convenience of explanation, the control module 110 simply stores the system authentication information (for example, "ACE! #% 086") in sequence across the terminal 1 and the service server 300 6, the system authentication information (e.g., "ACE! #% 086") may be partitioned in various manners in accordance with an embodiment. For example, the first letter may be stored in the terminal 1, and the remaining characters may be stored in the service server 300.

6, the control module 110 stores first partial system authentication information (e.g., "AE # 06") in the terminal 1, Authentication information (e.g., "C!% 8").

Then, when the application system 100 attempts to log in again to the account corresponding to the system authentication information (e.g., "ACE! #% 086"), the terminal 1 and the service server 300 Can be used.

For example, if the login process module 130 wishes to re-scrape the user information from the target institutional system (e.g., 200) in which the system authentication information (e.g., "ACE! #% 086 & (E.g., " C!% 8 ") stored in the first partial system authentication information (e.g.," AE # 06 ") stored in the service server 300 and the second partial system authentication information The system authentication information (e.g., "ACE! #% 086") can be reused by checking the system authentication information (e.g., "ACE! #% 086"). That is, the system administrator can re-log into the account of the target institution system 200 using the system authentication information (e.g., "ACE! #% 086").

Depending on the embodiment, it may require the user's permission action to reuse the system authentication information (e.g., "ACE! #% 086"). This permitting action may be performed by requesting the user for the application authentication information and confirming the application authentication information. That is, the application system 100 is implemented to verify the authentication information of the first target institutional system 200 generated by the application system 100 before the user is authenticated using the authentication information unique to the application system 100 It is possible.

When the application authentication information is confirmed, the control module 110 may transmit a part of the system authentication information stored in the terminal to the login processing module 130. Of course, the system authentication information (e.g., "ACE! #% 086") stored by the control module 110 and / or each part thereof may be protected through a predetermined encryption method or the like.

On the other hand, as described above, after the authentication information of the user's account is changed to the system authentication information by the application system 100, it may be necessary to access the account directly by the user, not by the application system 100 have.

To this end, the control module 110 may authenticate the user with the authentication information of the application system 100, and then provide the (stored) stored system authentication information to the user when the user is authenticated. In this case, the user may log in to the account using the provided system authentication information. Of course, according to an embodiment, the user can also perform authentication information re-setting using the login changeable information. The user can log in to his / her account through resetting of the authentication information.

In any case, the user can change the authentication information reset by the application system 100 in a manner desired by himself. In this case, when the application system 100 attempts to log in to the account again, it may fail to log in because it will attempt to log in using the existing authentication information.

At this time, the login changeable information may be reacquired from the user.

That is, after the application system 100 obtains login changeable information and generates the system authentication information, the application change system 100 discards the login changeable information and may not store it anywhere. When the login changeable information is re-requested, the login changeable information can be obtained again from the user, thereby improving the security and reducing the possibility that the login changeable information is unlimitedly used by the user.

According to an example, the user information scraping method according to the present invention through the use of the system authentication information and the use of the login changeable information may be performed as shown in FIG.

FIG. 4 is a diagram for schematically explaining a data flow of a user information scraping method according to an embodiment of the present invention. 8 is a view for explaining activity information according to an embodiment of the present invention.

Referring to FIGS. 4 and 8, the application system 100 may determine that it is necessary to acquire user information of a specific user from a specific target institution system at a predetermined time (S100).

In this case, the application system 100 can confirm whether the system authentication information for the specific target institutional system of the specific user has already been generated. This confirmation can be made using the activity information as shown in FIG.

The activity information may refer to a history of information related to scraping of user information acted upon by the application system 100.

For example, as shown in FIG. 8, the activity information includes system authentication information (e.g., pwd1, pwd2), a set time of the system authentication information (e.g., t1, t2), a target organization 2 target entities), and scraping information (e.g., card usage history, account balance, etc.).

Although not explicitly shown in FIG. 8, the system authentication information can be divided and stored in the terminal 1 and the service server 300, respectively, as described above.

Using the activity information, the application system 100 can confirm whether the system authentication information to be used for the account of the specific user has already been generated for the specific target institution system 200 or 210 (S110).

If it has not been generated, the application system 100 may obtain login changeable information of the specific user corresponding to the specific target institution system (e.g., 210) (S130). Then, the application system 100 can generate system authentication information using the obtained login changeable information and reset the authentication information to the authentication information of the account for the specific target institution system (for example, 210) of the specific user ( S140).

On the other hand, if system authentication information for a specific user's account has already been generated for the specific target institutional system (e.g., 210), the application system 100 can confirm the system authentication information that has already been generated (S120). Confirmation of such system authentication information can be performed as described above with reference to FIG.

Then, the application system 100 may attempt to log into the account of the specific user with the confirmed system authentication information (S150). If the result of the login attempt is successful (S155), it may mean that the system authentication information has not been changed by the user yet. Then, the application system 100 can scrape the desired user information since the login is successful (160).

If the log-in is unsuccessful after attempting to log in with the confirmed system authentication information (S155), it may mean that the system authentication information has been changed. In this case, the application system 100 may reacquire login changeable information from the user (S170).

Then, new system authentication information can be set using re-acquired login changeable information (S180).

If the login is successful, the desired user information can be scraped (S150, S155, S160).

On the other hand, as described above, since the present invention obtains log-in changeable information from a user, it may be that the user has not joined the membership in a predetermined target institution system (for example, 200) to acquire user information.

For example, the application system 100 may include an application that performs a remittance service. A user may be a member of the application system 100 and use a service (e.g., a remittance service) provided by the application system 100. And the subject institutional system (e.g., 200) may be a card issuer system. The application system 100 scrapes the card usage history of the user and may determine the credibility of the user or the one-time remittance limit for each user adaptively. However, the user may only use the card, but may not have joined the card company system corresponding to the card.

As described above, the application system 100 obtains the log-in changeable information from the user, and by using the log-changeable information, the application system 100 may attempt to log into the target institution system 200 (e.g., 200) to confirm that the user is not registered.

In this case, it may be necessary to induce the user to subscribe to the target institutional system (e.g., 200) for service consistency or stability per user of the application system 100.

To this end, the application system 100 can increase the convenience of joining the user by using the login changeable information acquired in advance.

Such an example will be described with reference to FIG.

FIG. 7 is a diagram for explaining a concept of effectively inducing membership to a target organization according to an embodiment of the present invention.

Referring to FIG. 7, the login processing module 130 included in the application system 100 determines, based on the log-in changeable information that has already been obtained, an object institution system (for example, , 200) can not be registered. (For example, a name, a resident registration number, etc.) included in the log-in changeable information may be determined by checking the ID on the basis of the login changeable information, judging whether such ID exists or not, To confirm whether or not to join the service.

If it is determined that the subscription has not been made, the login processing module 130 may redirect the terminal to the page for subscription of the target institutional system (for example, 200).

The pages may then be provided with interfaces as shown in FIG.

In order to register a member, it is necessary to input the member's name, card number, card password, and CVC number as shown in FIG. Then, the login processing module 130 can automatically input all or a part of the information included in the login changeable information among the input necessary information. For example, when the target institutional system (e.g., 200) is a card issuer system, the login changeable information may be an information set including a card number, a card password, and a CVC number. Alternatively, the login changeable information may be a second information set including the phone number, sex, nationality, date of birth and carrier information of the terminal 1. The second information set may be a case of performing so-called mobile phone authentication .

Then, the login processing module 130 can automatically input information (for example, a card number, a card password, and a CVC number) included in the log-in changeable information on the membership page shown in FIG.

In addition, some of the information necessary for subscription may be known in the application system 100 in advance. For example, the name of the user may not be included in the log-in changeable information, but the application system 100 may know it in advance.

In this case, the application system 100 may automatically input known information into the interface included in the member registration page.

In any case, the technical idea of the present invention is that the login changeable information is information that can be specified even before the membership registration, so that the user can easily join the membership of a predetermined target institution system (for example, 200) while attempting scraping .

The application system 100 may scrape user information from a first target institutional system (e.g., card company 200) through the technical idea as described above. The application system 100 may then need to scrape the user information from the second target institutional system (e.g., bank 210).

In such a case, as described above, the acquisition module 120 may obtain the second login changeable information of the user for the second target institutional system (e.g., 210). For example, in the case of a bank, the second log-in changeable information may be a third information set including a user's account number, account password, name, and date of birth, but is not limited thereto.

The control module 110 may then reset the second system authentication information using the second login changeable information. Then, the login processing module 130 performs login using the second system authentication information, and the scraping module 140 scrapes the desired user information in the second logged-in account.

According to an embodiment, the application system 100 or the terminal 1 comprising it may comprise a processor and a memory for storing a program executed by the processor. The processor may include a single-core CPU or a multi-core CPU. The memory may include high speed random access memory and may include non-volatile memory such as one or more magnetic disk storage devices, flash memory devices, or other non-volatile solid state memory devices. Access to the memory by the processor and other components can be controlled by the memory controller. Here, when the program is executed by a processor, the program may cause the application system 100 according to the present embodiment to perform the above-described method of providing a software use restriction system.

Meanwhile, the user information scraping method according to an exemplary embodiment of the present invention may be implemented in the form of a computer-readable program command and stored in a computer-readable recording medium. The control program and the target program May also be stored in a computer-readable recording medium. A computer-readable recording medium includes all kinds of recording apparatuses in which data that can be read by a computer system is stored.

Program instructions to be recorded on a recording medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of software.

Examples of the computer-readable recording medium include magnetic media such as a hard disk, a floppy disk and a magnetic tape, optical media such as CD-ROM and DVD, a floptical disk, And hardware devices that are specially configured to store and execute program instructions such as magneto-optical media and ROM, RAM, flash memory, and the like. The computer readable recording medium may also be distributed over a networked computer system so that computer readable code can be stored and executed in a distributed manner.

Examples of program instructions include machine language code such as those produced by a compiler, as well as devices for processing information electronically using an interpreter or the like, for example, a high-level language code that can be executed by a computer.

The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

It will be understood by those skilled in the art that the foregoing description of the present invention is for illustrative purposes only and that those of ordinary skill in the art can readily understand that various changes and modifications may be made without departing from the spirit or essential characteristics of the present invention. will be. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. For example, each component described as a single entity may be distributed and implemented, and components described as being distributed may also be implemented in a combined form.

It is intended that the present invention covers the modifications and variations of this invention provided they come within the scope of the appended claims and their equivalents. .

Claims (13)

A user information scraping method for scraping user information of a card company which can be confirmed by logging into an account of a card company system,
Obtaining login changeable information that enables an application system installed in a user terminal to change authentication information necessary for the user to log in;
Resetting the authentication information required for login using the log-in changeable information input by the application system to system authentication information;
Logging in to the account of the user using the system authentication information with the application system reset; And
The application system logging in to the account and performing a scraping process for scraping the card company's user information.
2. The method according to claim 1,
Confirming an authentication information setting condition of the credit card company by the application system;
And generating the system authentication information corresponding to the authentication information setting condition by the application system based on a result of the checking.
2. The method according to claim 1,
The application system storing a part of the system authentication information in the terminal and the remaining part in a service server corresponding to the application system;
Further comprising the step of: when the application system attempts to scrape the user information of the card company, the application system checks a part of the system authentication information stored in the terminal and a remaining part stored in the service server, Scraping method.
The method of claim 3, wherein the user information scraping method further comprises:
Requesting application authentication information of the user for use in the application system;
Further comprising confirming a part of the system authentication information stored in the terminal when the application authentication information is confirmed.
2. The method according to claim 1,
Redirecting the terminal to a page for membership in the card company's system if the user is not a member of the card company's system;
Further comprising the step of automatically inputting at least a part of the login changeable information input from the user into a user interface for inputting at least a part of the log-changeable information for membership in the page.
2. The method according to claim 1,
Attempting to re-log into the account using the system authentication information when the application system attempts to re-scrape the user information of the card company;
If the re-login fails, the application system sets new system authentication information; And
And re-login to the account using the set new system authentication information.
7. The method according to claim 6,
Further comprising the step of re-inputting login changeable information from the user when the re-login fails,
And the new system authentication information is set using re-input log-in changeable information.
2. The method according to claim 1,
Wherein the application system includes scraping activity information including at least one of the system authentication information, the time at which the system authentication information is set, the time at which the system has been logged using the system authentication information, and the scraped- And storing the user information.
A user information scraping method for scraping user information of a card company which can be confirmed by logging into an account of a card company system,
Confirming system authentication information stored in at least one of an application system installed in a terminal of a user and a service server stored in the terminal or the application system;
The application system attempting to log into the account using the system authentication information;
When the login fails, the application system obtains log-in changeable information that can change authentication information necessary for the user to log in;
Resetting the application system to new system authentication information using the log-in changeable information input by the application system;
Logging in to the account of the user using the new system authentication information with the application system reset; And
The application system logging in to the account and performing a scraping process for scraping the card company's user information.
A user information scraping method for scraping user information of a card company which can be confirmed by logging into an account of a card company system,
Confirming whether the application system installed in the terminal of the user has the generated system authentication information of the account already created by the application system;
If the pre-existing system authentication information exists, the application system attempts to log into the account using the pre-generated system authentication information,
If the pre-existing system authentication information does not exist, the application system acquires the log-in changeable information capable of changing the authentication information necessary for the user to log in, and uses the acquired log- Resetting the information to system authentication information, and performing a scraping process for scraping the card company's user information by logging into the account of the user using the reset system authentication information.
A recorded computer program installed in a data processing apparatus for performing the method according to any one of claims 1 to 10.
An application system installed on a user's terminal for scraping user information of a card company that can be confirmed by logging in an account of a card company system,
An acquiring module for acquiring login changeable information from the user to change authentication information necessary for the user to log in;
A control module for reestablishing authentication information necessary for log-in using the acquired log-in changeable information as system authentication information;
A login processing module for logging into the account of the user using the reset system authentication information; And
And a scraping module for scraping the card company's user information from the logged-in account.
An application system installed in a user terminal for scraping user information of a card company that can be confirmed by logging in an account of a card company system,
A login processing module for confirming authentication information of a login stored in at least one of the terminal and the service server stored in the application system and attempting to log in to the account using the confirmed authentication information;
An acquisition module for, when the login fails, the application system acquiring the login changeable information of the user;
A control module for resetting login authentication information to system authentication information using the input login changeable information; And
And a scraping module for scraping user information of the card company when the account of the user is logged in using the reset system authentication information by the login processing module.

Images