KR101877345B1 - Method for approving the use of credit card by using token id based on blockchain and merkle tree structure related thereto, and server using the same - Google Patents

Abstract

The present invention relates to a method for approving usage of a card by using a token ID, which can minimize the risk of exposing card information, comprising: a step (a) of acquiring a push token ID or a data message, and requesting a user terminal for an authentication for order data or supporting another device to request the same; a step (b) of managing third and fourth block chain transaction IDs; and a step (c) of managing fifth and sixth block chain transaction IDs, and transmitting approval result information to at least one of a service providing terminal and the user terminal, or supporting another device to transmit the same.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention [0001] The present invention relates to a method of using a token ID based on a block chain and a token ID based on a merge tree structure linked to the block chain, and a server using the same. SERVER USING THE SAME}

The present invention relates to a method for approving card usage using a block chain and a merge tree-based token ID linked to the block chain, and a server using the method. More particularly, Acquiring a push token ID registered in the first block chain database using the first block chain transaction ID corresponding to the identification information, acquiring a data message from the second block chain database using the second block chain transaction ID, Acquires the push token ID registered in the first block chain database with the merge tree information and leaf node information stored in the first block chain database in association with the first representative hash value included in the data message, Authentication of the order data to the user terminal. If the validity of the user signature value signed by the user's private key is validated, the order data is registered in the first block chain database and the corresponding third block chain transaction ID is managed A second representative hash value obtained by calculating a second specific hash value generated by applying a hash function to the order data and a second hash value matched with the second specific hash value, And transmits the approval request information to the financial server to verify the order data and to transmit the approval result information corresponding to the verification result, When the approval result information is obtained from the financial server, And a fifth block chain transaction ID corresponding to the fifth block chain transaction ID, and managing a fifth block chain transaction ID corresponding to the fifth block chain transaction ID. When the triggering condition is satisfied, a third specific hash value generated by applying a hash function to the acknowledgment result information, A third block hash value computed in the second block chain database, a sixth block chain transaction ID corresponding to the sixth block chain transaction ID, and transmits the approval result information to at least one of the service providing terminal and the user terminal. A method and server for authorizing a card using a token ID based on a merge tree structure.

As the number of credit card users increases at online online shopping malls and offline stores, credit cards are becoming an important payment tool together with cash.

Conventionally, a general payment flow using a credit card is as follows.

First, a user makes a purchase request to a service provider such as a shopping mall by purchasing a specific commodity or service, and inputs a card number to an online certifier.

Then, the online authenticator requests the card company to authenticate the card number, and receives the authentication result of the card number from the card company. If the authentication result is successful, the online authentication company delivers the authentication number to the service provider, the shopping mall transmits the encrypted card number and the authentication number to the payment agency (PG company), and the payment agency transmits the authentication number to the VAN company And the VAN company sends back to the credit card company in a chain. The approval result from the card company is transmitted again to the VAN company, from the VAN company to the payment agency, from the payment agency to the service provider, and the final approval result is received by the user.

In the conventional general payment method, a separate user authentication and a card authentication are performed in order to perform an online settlement, and then the registered general payment password is inputted together with the card number of the credit card of the user. In this case, It is a payment method by inputting a card number of a credit card which is in a weak form of confirmation. In addition, since the payment agency and the VAN company store and use the user's card number, there is a drawback that the card issuer is greatly exposed to the risk of leakage of the card information.

Accordingly, in order to maintain the conventional payment system, excessive cost and effort are required to obtain the information security certification, the qualified PG company and the PCI-DSS certification qualification, and the abnormal transaction tracking system such as the FDS (abnormal state recognition system) While it is necessary to have a manpower operation, it is a reality that it lacks a professional manpower.

The settlement flow of simple settlement, which is a step further than this general settlement method, is as follows.

First, when the user makes a purchase request to the service provider, the service provider requests payment to the payment agency. Then, the payment agency sends an authentication request signal to the simple payment app provided to the user's mobile terminal by the payment agency, and the user takes an authentication confirmation action such as inputting a predetermined password as a response to the authentication request signal . Then, the card number of the credit card is transmitted from the simple payment application to the settlement agency, the settlement agency itself confirms the authentication, delivers the encrypted card number to the VAN company, and the VAN company again delivers the card number to the card company . The approval result from the card company is transmitted again to the VAN company, from the VAN company to the payment agency, from the payment agency to the service provider, and the final approval result is received by the user.

Such a simple payment is a service that makes complicated and inconvenient payment of an ordinary payment method in an online settlement simply by inputting an app password.

However, such a simple payment is also a method of storing and using the card number of the user through the application of the payment agency that has obtained the qualification of the qualified PG company. Since the payment agency and the VAN store and use the user's credit card information, There is a risk of information disclosure.

As with the disadvantages of the above-mentioned general payment method, the simple payment method requires excessive expense and efforts for obtaining information security certification, qualified PG company and PCI-DSS certification qualification, Tracking system and manpower are needed, but there is a lack of professional manpower.

Furthermore, in a situation where there is no absolute operator of the simple payment method, the user must register the card number of the credit card he often uses in various easy payment applications. Particularly, in the case where a variety of simple payment apps exist, there is a disadvantage that credit card information must be repeatedly registered when the service provider does not have a simple payment app mainly used by a user.

SUMMARY OF THE INVENTION The present invention has been made to solve all the problems described above.

It is another object of the present invention to minimize the risk of exposing card information in the approval process for using the card.

Further, the present invention prevents the card information from being transmitted and received between entities participating in the approval of card use, thereby protecting the personal information from being exposed, It is another purpose to make it happen.

It is another object of the present invention to make it possible to prevent a change in approval information by registering and managing a transaction relating to approval of card use in a block chain database of virtual money.

Another object of the present invention is to simplify the system and reduce the maintenance cost by using the block chain database without using the VAN company or the PG company in the approval of the card use.

In order to accomplish the above object, a representative structure of the present invention is as follows.

According to an embodiment of the present invention, there is provided a method of authorizing use of a card using a token ID, the method comprising the steps of: (a) providing a card token ID corresponding to the card information of the user, user identification information for identifying the user, A push token ID corresponding to an application installed in a user terminal, and a public key of the user in a first block chain database, and manages a first block chain transaction ID corresponding to the push token ID, the card token ID, A first representative hash value obtained by computing the first specific hash value generated by applying the hash function to the public key and the at least one neighbor hash value matched with the first specific hash value, A value obtained by processing the representative hash value is registered in the second block chain database, and the value of the second block chain transaction When the payment request information including the user identification information and the order data corresponding to the use of the card of the user is obtained from the service providing terminal, the mediating server transmits (1) Acquiring the push token ID registered in the first block chain database using the first block chain transaction ID corresponding to the user identification information; (2) Acquiring a data message from the second block chain database using a first block hash value and a second block chain transaction ID; The merge tree information and the leaf node information stored in the block chain database Acquiring the push token ID registered in the first block chain database by referring to the retrieved merch tree information and the leaf node information, searching the first block chain database, and acquiring the push token ID registered in the first block chain database, Requesting authentication of the order data to the terminal or requesting another device to request it; (b) if a user signature value obtained by signing the order data with the user's private key is received from the user terminal in response to the authentication request for the order data, (1) registering the order data in the first block chain database or registering another device with the first block chain database, if the user signature value is valid, checking whether the user signature value is valid using the public key of the user, (2) managing a third block chain transaction ID corresponding to the third block chain transaction ID, and (2) if a triggering condition for registering a predetermined hash value in the second block chain database is satisfied, And a second hash value calculating unit that calculates a hash value and at least one neighbor hash value matching the second specific hash value, Further comprising: table hash value or register the first value by processing a second hash value representative of said second block chain database, or support to enable registration to other devices and managing the fourth block chain transaction ID corresponding thereto; And (c) the intermediary server sends (i) authorization request information including the card token ID corresponding to the user identification information and the order data to the financial server, The server verifies the order data included in the approval request information with reference to the order data registered in the first block chain database corresponding to the card token ID included in the approval request information, (2) when the approval result information is obtained from the financial server, (1) the approval result information is registered in the first block chain database or the other device is registered And manages the fifth block chain transaction ID corresponding to the fifth block chain transaction ID, (2) If the triggering condition for registering a predetermined hash value in the two-block chain database is satisfied, a third specific hash value generated by applying a hash function to the acknowledgment result information and at least one neighbor hash that matches the third specific hash value Value or a value obtained by processing the third representative hash value is registered in the second block chain database or the other device is registered, and the sixth block chain transaction ID corresponding to the third block hash value is managed And transferring the approval result information to at least one of the service providing terminal and the user terminal or allowing the other device to transmit the approval result information.

According to an embodiment of the present invention, there is provided an intermediary server for authorizing use of a card using a token ID, the intermediary server comprising: a card token ID corresponding to the card information of the user; user identification information for identifying the user; A push token ID corresponding to an application installed in a user terminal, and a public key of the user in a first block chain database, and manages a first block chain transaction ID corresponding to the push token ID, the card token ID, A first representative hash value obtained by computing the first specific hash value generated by applying the hash function to the public key and the at least one neighbor hash value matched with the first specific hash value, A value obtained by processing the representative hash value is registered in the second block chain database, and the second block chain trans A communication unit for acquiring payment request information including the user identification information and the order data corresponding to the use of the card of the user from the service providing terminal while the transaction ID is managed; And (1) obtaining the push token ID registered in the first block chain database using the first block chain transaction ID corresponding to the user identification information of the payment request information, (2) Obtains a data message from the second block chain database using the second block chain transaction ID corresponding to the user identification information of the second block chain database and the first representative hash value or the first representative hash value Searching the first block chain database for the merge tree information and the leaf node information stored in the first block chain database in association with the processed value, and referring to the retrieved merge tree information and the leaf node information, Obtains the push token ID registered in the block chain database, A first process of requesting authentication of the order data to the user terminal corresponding to the acquired push token ID or requesting another device to request the authentication of the order data from the user terminal, Verifies the validity of the user signature value using the public key of the user registered in the first block chain database when the user signature value obtained by signing the data with the private key of the user is obtained, (1) registering the order data in the first block chain database or registering it with another device, and managing a third block chain transaction ID corresponding to the third block chain transaction ID, (2) If the triggering condition for registering the hash value of < RTI ID = 0.0 > A second representative hash value obtained by calculating a second specific hash value generated by applying a hash function to the order data and at least one neighboring hash value matching the second specific hash value or a second representative hash value obtained by processing the second representative hash value A second process for registering a value in the second block chain database or for registering with another device and managing a corresponding fourth block chain transaction ID, and (i) And transmits the approval request information including the card token ID and the order data or transmits the approval request information to the other device so as to allow the financial server to transmit the approval request information including the card token ID and the order data to the first block chain database Which is included in the approval request information, And (ii) when the approval result information is obtained from the financial server, (1) the approval result information is transmitted to the first block chain (2) if the triggering condition for registering a predetermined hash value in the second block chain database is satisfied, the step of registering the hash value in the second block chain database A third representative hash value obtained by computing a third specific hash value generated by applying a hash function to the result information and at least one neighboring hash value matching the third specific hash value or a value obtained by processing the third representative hash value To register in the second block chain database or to allow other devices to register, and to perform a sixth block chain transaction And a processor that manages the media and performs the third process of transmitting the approval result information to at least one of the service providing terminal and the user terminal or transmitting the information to at least one of the service providing terminal and the user terminal, .

In addition, a computer readable recording medium for recording a computer program for executing the method of the present invention is further provided.

The present invention has the following effects.

The present invention minimizes the risk of exposing card information in the approval process for the card use by registering the card token ID corresponding to the card information in the block chain database and performing approval for the use of the card.

Further, the present invention prevents the card information from being transmitted and received between entities participating in the approval of card use, thereby protecting the personal information from being exposed, .

In addition, the present invention can improve the reliability and security of the card use approval system because it is impossible to change the approval information by registering and managing the transaction related to approval of card use in the block chain database of virtual money.

In addition, the present invention can simplify the system and reduce the maintenance cost by using the block chain database without using the VAN company or the PG company in the approval of the card use.

In addition, since the present invention does not require a complicated process via a conventional settlement agency or a VAN company, a service provider such as a shopping mall has an effect of eliminating the need to introduce a complicated system such as a simple settlement, a general settlement, and a secure settlement .

FIG. 1 schematically illustrates a system for performing approval of card use using a token ID according to an embodiment of the present invention,
2 schematically illustrates a process of registering a card according to an embodiment of the present invention,
3 and 4 schematically illustrate a process of triggering a transaction related to card usage to a second block chain database according to an embodiment of the present invention,
FIG. 5 schematically illustrates a method of using a token ID according to an embodiment of the present invention,
FIG. 6 is a schematic view illustrating a process of accepting a card using a token ID according to an embodiment of the present invention. Referring to FIG.

The following detailed description of the invention refers to the accompanying drawings, which illustrate, by way of illustration, specific embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the invention in connection with an embodiment. It is also to be understood that the position or arrangement of the individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is to be limited only by the appended claims, along with the full scope of equivalents to which such claims are entitled, if properly explained. In the drawings, like reference numerals refer to the same or similar functions throughout the several views.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings, so that those skilled in the art can easily carry out the present invention.

FIG. 1 schematically illustrates a system for performing approval of card use using a token ID according to an embodiment of the present invention. The system includes a user terminal 10, a service providing terminal 20, a mediation server 100 ), And a financial server (200).

The user terminal 10 includes a mobile computer, a PDA / EDA, a mobile phone, a smart phone, a tablet, and the like as a mobile device that receives information corresponding to card use and performs user confirmation on the received information can do. The user terminal 10 is not limited to this, and may include all mobile devices such as a portable game machine having a wired / wireless communication function, a digital camera personal navigation, and the like. In addition, the user terminal 10 may include a communication unit for supporting transmission and reception of information and a processor for processing information.

In addition, the user terminal 10 may include an application (APP), which is a user interface provided by the intermediary server.

In addition, the service providing terminal 20 may include a payment terminal of the offline shopping mall or a payment server of the online shopping mall. In addition, the service providing terminal 20 may include all terminals capable of paying a fee corresponding to a service provision or a purchase of a product on-line or off-line using a card

Next, the mediation server 100 may include the communication unit 110 and the processor 120. [ The mediation server 100 may be composed of a plurality of servers each performing respective functions related to approval of card use. Further, the mediation server 200 may be a server corresponding to each node of the first block-chain database, or a server that manages each node of the first block-chain database. If the triggering condition is satisfied, the mediation server 100 may register a representative hash value of information related to card usage in the second block chain database 400. [ In this case, the first block chain database may be a private block chain database, and the second block chain database 400 may be another private block chain database or a public block chain database interlocked with the first block chain database. In addition, the mediation server 100 may be a transaction server that manages transactions with other devices with respect to authorization to use the card.

Specifically, the mediation server 100 typically includes a computing device (e.g., a computer processor, memory, storage, input and output devices, and other devices capable of including components of a conventional computing device; (E. G., An electronic information storage system such as a network attached storage (NAS) and a storage area network (SAN)) and computer software (i. E. Instructions that cause a computing device to function in a particular manner) Performance. ≪ / RTI >

The communication unit 110 of such a computing device can send and receive requests and responses to and from other interworking computing devices. As an example, such requests and responses can be made by the same TCP session, For example, as a UDP datagram.

The processor 120 of the computing device may include a hardware configuration such as a micro processing unit (MPU) or a central processing unit (CPU), a cache memory, and a data bus. It may further include a software configuration of an operating system and an application that performs a specific purpose.

Next, the financial server 200 may include a communication unit and a processor. The financial server 200 may provide authorization for the use of the card by the user and services for the purchase of the service provider. In addition, the financial server 200 may be a card issuer server, but the present invention is not limited thereto. The financial server 200 may include all servers providing an approval service for card use. And a plurality of servers corresponding to the subject. The financial server 200 may include a first financial server 210 and a second financial server 220. The first financial server 210 may include a mediation server 200, The first financial server 210 and the second financial chain server 400. The second financial server 220 can communicate with the first financial server 210 and the second block chain database 400, And can perform the approval operation for the use of the card confirmed by the financial server 210. [ At this time, the second financial server 220 can perform communication with the first financial server 210 using an open API (application interface).

Specifically, the financial server 200 typically includes a computing device (e.g., a computer processor, memory, storage, input and output devices, and other devices capable of including components of a conventional computing device; (E. G., An electronic information storage system such as a network attached storage (NAS) and a storage area network (SAN)) and computer software (i. E. Instructions that cause a computing device to function in a particular manner) Performance. ≪ / RTI >

A method for accepting a card using a token ID according to an embodiment of the present invention will now be described with reference to FIG.

First, a method of registering a card according to an embodiment of the present invention will be described with reference to FIG.

In a state where the user is connected to the mediation server 100 through the user terminal 10 to register a card to be used by the user, for example, the user executes an application installed in the user terminal 10 for card registration, The user identification information, and the card information (S101). At this time, the personal information may include the user's name, date of birth, etc., and the user identification information is unique information given by the user for identification of the user and includes user ID, resident registration number, user terminal ID, A MAC address of the terminal, and a telephone number. The card information may include the card number and the key number of the card, but is not limited thereto. The card information may include information on the issuer of the card, that is, information on the card company, expiration date, card user information, and the like.

When the user inputs the personal information, the user identification information, and the card information and requests card registration, the user terminal 10 transmits the card registration information including the user's personal information, the user identification information, the card information, and the push token ID And transmits the request information to the mediation server 100 or another device (S102). At this time, the push token ID is a token ID corresponding to the app installed in the user terminal 10. [ Unlike the case where the user terminal 10 inputs the user's personal information and the user identification information, the user terminal 10 may extract and transmit the personal information and the user identification information from the storage unit of the user terminal 10.

Then, the mediation server 100 acquires the card registration request information including the user's personal information, the user identification information, the card information, and the push token ID from the user terminal 10, To request verification of information or to request another device (S103).

In response to the card information verification request from the mediation server 100, the financial server 200 confirms the card information requested to be verified. If it is determined that the card information requested to be verified matches the registered card information and is valid, 200 generates a card index key corresponding to the card information, and transmits the card information verification result including the card index key to the mediation server 100 or to transfer the card information to another device (S106).

In this case, when the financial server 200 includes the first financial server 210 and the second financial server 220, the first financial server 210 transmits a card information verification request received from the intermediary server 100 The second financial server 220 requests the second financial server 220 to verify the card information or request another device to request it (S104), and the second financial server 220 transmits the card information requested to be verified The second financial server 220 generates a card index key corresponding to the card information, and performs card information verification including the card index key The first financial server 210 transmits the result to the first financial server 210 or supports another device to transmit the result to the first financial server 210. The first financial server 210 receives the card index key received from the second financial server 220, The result of the information verification Jugeona and transmits it to 100 to cause the support to the other transmission device (S106).

Then, the mediation server 100 generates a card token ID corresponding to the card index key by referring to the card information verification result received from the financial server 200 (S107).

The mediation server 100 refers to the card registration request information obtained from the user terminal 10 to confirm the user. At this time, the user confirmation may use a public key infrastructure (PKI) certificate or use personal information of the user, but the present invention is not limited thereto. For example, it is possible to identify a specific issuer through a public key-based certificate, an authorized certificate, an OPSign certificate, or the like, or to verify the identity of an individual, a bank or an organization such as a resident registration number, passport, corporation registration number, The user can be confirmed through personal information.

When the user is confirmed, the mediation server 200 requests the user corresponding to the push token ID included in the card registration request information, i.e., the user terminal 100 installed in the corresponding application, (S108).

Then, the user terminal 100 generates a public key and a private key, which are authentication keys, in response to the user authentication request (S109), and sets confirmation information for controlling the user access to the private key by the user. At this time, the confirmation information is path information for accessing the private key, and may include at least one of a password, a PIN code, fingerprint information of a user, and biometric information of a user. Alternatively, the setting of confirmation information for access control on the private key may be omitted. Further, the confirmation information may be set before generating the user's authentication key.

Then, the user terminal 100 extracts the public key of the user among the authentication keys, and at least transmits authentication information including the extracted public key of the user to the mediation server 100 or supports the transmission of the authentication information to the intermediary server 100 S110).

The mediation server 100 performs the user authentication and the user authentication after the generation of the card token ID. Alternatively, if the card registration request information is acquired from the user terminal 10, the mediation server 100 performs the user authentication and the user authentication, 200). ≪ / RTI >

Then, the mediation server 100 registers or registers with the first block-chain database which makes the card token ID, the user identification information, the push token ID, and the public key impossible to copy or up / modulate S111).

For example, the mediation server 100 registers card registration information including a card token ID, user identification information, a push token ID, and a public key in a first block chain database, and registers a card token registered in the first block chain database A first block-chain transaction ID indicating the location information on the first block-chain database of the card registration information including the ID, the user identification information, the push token ID, and the public key.

When the triggering condition for registering a predetermined hash value in the second block chain database 400 is satisfied, the mediation server 100 sends a hash function to the card token ID, the user room information, the push token ID, and the public key And generates a value obtained by processing the first representative hash value or the first representative hash value that is the merge root by calculating at least one neighboring hash value matching the first specific hash value and the first specific hash value generated by applying ).

In addition, the mediation server 100 registers the generated first representative hash value or the first representative hash value in the second block chain database 400 or supports the other device to register it (S113 ), A second block chain transaction ID indicating the location information on the second block chain database 400 of the Merkrou which is a value obtained by processing the first representative hash value or the first representative hash value registered in the second block chain database 400 Or acquire another device (S114).

Meanwhile, the mediation server 100 may store and manage the first specific hash value and the at least one neighbor hash value in a predetermined data structure. Here, the data structure may be various, for example, a merkle tree structure.

That is, the mediation server 200 may support the first specific hash value to generate or generate a merkle tree assigned to a particular leaf node, and if the triggering condition is met, at least the first particular hash value It is possible to register or register a value obtained by processing the first representative hash value or the first representative hash value, which is a merge root generated by computing a hash value assigned to one leaf node, in the second block chain database 400 .

More specifically, (x1) the mediating server 100 computes or computes a hash value assigned to the sibling node of the node to which (i) the first specific hash value and (ii) the first specific hash value are assigned And support to assign or assign a hash value for the operation value to the parent node of the node. (x2) If the parent node is the root node of the merge tree, the hash value assigned to the parent node is the first representative hash value. (x3). On the other hand, if the parent node is not the root node of the merge tree, the mediation server 100 repeats (x1) to (x3) with the hash value assigned to the parent node as the first specified hash value .

The mediation server 200 finally registers the hash value assigned to the root node of the merge tree as the first representative hash value in the second block chain database 400 or supports the other device to register the hash value. At this time, a value obtained by processing the first representative hash value may be registered. For example, a result obtained by performing the hex operation on the first representative hash value may be registered.

On the other hand, when the mediation server 100 stores the first specific hash value and the at least one neighbor hash value in a predetermined fifth data structure, and then stores and manages a sixth data structure of the same type as the fifth data structure , The fifth data structure and the sixth data structure may be connected in a chain form.

In particular, if the fifth data structure and the sixth data structure are merc trees as in the above example, a root value of the fifth data structure or a hash value of the root value may be assigned to the first leaf node of the sixth data structure .

Further, when the sixth data structure is generated, verification of the fifth data structure is performed, so that data integrity can be further guaranteed. Verification of the sixth data structure will be described later.

In addition, in the case of the first one of the at least one merch tree connected in a chain form, the first leaf node of the first merch tree may be assigned a hash value or a processed value of predetermined message data composed of text, numbers, or symbols have. For example, a hash value of an input message initially assigned by the mediation server 100 can be assigned when generating a merge tree.

Figures 3 and 4 illustrate an example of a merge tree generated in accordance with an embodiment of the present invention.

FIG. 3 shows a merge tree having four leaf nodes. Since the illustrated merge tree is the first merge tree (tree_id = 0), it can be seen that a hash value (sha256 (coinplug_unique_message)) of a predetermined message data is assigned to the first leaf node h0. If there is a registration request for the record data (i.e., a transaction registration request related to card use), the mediation server 100 generates the next leaf node of the last leaf node of the currently configured merge tree, And assigns or assigns a processed value of the first specific hash value. For example, if a new leaf node is to be created in a state in which the value assignment from the merge tree to the h1 node as the second leaf node is completed, a h2 node, which is the next leaf node, is generated to generate a first specific hash value or a specific hash value (Sha256 (input2)) can be assigned to the value. In addition, the mediation server 100 may support computing or computing (i) a first specific hash value assigned to the h2 node and (ii) a hash value assigned to the h3 node, which is a sibling node of the h2 node. The hash value for the operation value is assigned to the h2 node and the parent node (h23 node) of the h3 node. Since the parent node (h23 node) is not the root node of the merge tree, the mediation server 100 can repeat the above process with the hash value assigned to the h23 node as the first specified hash value. That is, the hash value assigned to the h23 node is set as the first specific hash value, the hash value assigned to the h23 node and the hash value assigned to the h01 node are computed and assigned to the h23 node and the parent node (h0123 node) of the h01 node can do. Since the h0123 node is the root node of the merge tree, the mediation server 100 registers the value (hex (h {node_index}) obtained by processing the hash value assigned to the node h0123 in the second block chain database 400 Can help other devices register

On the other hand, the above-mentioned triggering conditions include (i) a condition in which a transaction related to card use is generated by a predetermined number, (ii) a condition in which a predetermined time elapses, (iii) a condition in which a block is generated in the first block chain database, (iv) conditions for service characteristics.

On the other hand, for example, if a transaction related to card use is acquired for the number of leaf nodes of the merge tree, a merge tree is generated, a root value of the merge tree is registered in the second block chain database 400, .

Further, the mediation server 100 may generate the root value of the above-described merge tree at predetermined time intervals (condition (ii) above). In this case, when a predetermined time elapses, the mediation server 100 generates a merge tree using the input values up to that time, registers the root value of the merge tree in the second block chain database 400, or registers another device .

In this case, although a predetermined time has elapsed, a value may not be assigned to a sibling node of a node to which a particular hash value of the merge tree is assigned. If the hash value is not allocated to the sibling node of the node to which the first specific hash value is allocated even though the triggering condition is satisfied, the mediation server 100 supports to assign or assign a predetermined hash value to the sibling node, The route value of the merge tree can be calculated in one way. For example, the mediation server 100 may support copying and assigning or assigning a first specific hash value to a sibling node.

The service characteristic is information indicating the cost information provided by the issuer that issued the transaction related to the use of the card, the time zone information in which the transaction related to the card use is performed, the area information in which the card usage related transaction registration service is performed, And may be at least a part of the company type information. However, the present invention is not limited to the one described here, but includes various condition information in which a generally accepted differential service can be provided.

On the other hand, when a new merge tree creation is started and the triggering condition is satisfied when there is no transaction related to a card use, the mediation server 100 generates a merge tree in which predetermined message data is allocated to the first leaf node and the second leaf node And support the registration or registration of the root value of the merge tree or the processed value in the second block chain database 400. In this case, a merge tree with two leaf nodes may be created.

In addition, as described above, the mediation server 100 stores the first specific hash value and the at least one neighbor hash value in a predetermined fifth data structure, and then stores the sixth data structure in the same form as the fifth data structure If managed, the fifth data structure and the sixth data structure may be connected in a chain form. In particular, if the fifth data structure and the sixth data structure are merc trees, the root value of the fifth data structure or the hash value of the root value may be assigned to the first leaf node of the sixth data structure.

4 is a diagram illustrating a merge tree generated as a sixth data structure according to an embodiment of the present invention.

Referring to FIG. 4, it can be seen that the root value (hex (h0123)) of the merge tree (tree_id = 0) of FIG. 3 is assigned to the first leaf node (h4 node) of the new merge tree (sha256 (input4)). The present invention has an advantage of improving data integrity by enabling easy tracking even when data is modulated in the middle by connecting a plurality of data structures generated at the time of occurrence of a transaction.

Then, the mediation server 100 transmits the card token ID and the card index key to the financial server 200 or to transfer the card index key to another device (S115).

Then, the financial server 200 stores the card token ID received from the mediation server 100 (S116), and maps the card index key, which is card information, to the card token ID (S117). That is, the financial server 200 refers to the card index key received from the intermediary server 100, identifies the card index key transmitted as the card information verification result, and maps the card index key and the card index key, which are verified. In this case, when the financial server 200 includes the first financial server 210 and the second financial server 220, the above operation can be performed by the first financial server 210.

Also, the mediation server 100 transmits the result of registering the card registration information including the card token ID, the user identification information, the push token ID, and the public key to the first block chain database to the user terminal 10, So that the user can confirm the card registration result through the user terminal 10. [

A method of accepting a card using a token ID according to an embodiment of the present invention with the card registered in this way will be described with reference to FIG.

2, a card token ID corresponding to the user's card information, user identification information for identifying the user, a push token ID corresponding to the application installed in the user terminal 10 of the user, and a user's public key 1 block chain database and manages a first block chain transaction ID corresponding to the first block chain transaction ID, a first specific hash value generated by applying a hash function to a card token ID, a user identification information, a push token ID, and a public key, A first representative hash value obtained by computing at least one neighboring hash value matching the first specified hash value or a value obtained by processing the first representative hash value is registered in the second block chain database 400, In the event that a user is managing a block-chain transaction ID, an online order or an offline order In order to settle the cost based on the data, the service providing terminal 20 inputs or provides the user identification information corresponding to the use of the card by the service providing terminal 20 (S201) 20 stores order data, which is information on a service or products ordered by a user (S202), transmits payment request information including user identification information and order data to the mediation server 100, (S203).

Then, the intermediary server 100 can use the first block chain transaction ID corresponding to the user identification information of the payment request information acquired from the service providing terminal 20, that is, acquired and managed in the card registration operation, Acquires a data message from the second block chain database 400 by using the second block chain transaction ID corresponding to the user identification information or by checking the push token ID of the user registered in the chain database, 1 representative hash value or a value obtained by processing the first representative hash value, searches the first block chain database for the merch tree information and leaf node information stored in the first block chain database, Verifies the push token ID registered in the first block chain database by referring to the information, And obtains the confirmed push token ID (S204).

The mediation server 100 requests the user terminal 10 having the application corresponding to the push token ID, that is, the application corresponding to the push token ID, to authenticate the order data including the order data, (S205).

Then, the user terminal 10 requests the user to confirm the order data and to authenticate the order data (S206). After confirming that the user agrees with the contents ordered by the user through the order data, if the user inputs the confirmation information set by the user including at least one of the password, the PIN code, the fingerprint, and the biometric information, Confirms whether the confirmation information input by the user matches the confirmation information previously set by the user (S207).

When the confirmation information input by the user matches the preset confirmation information, the user terminal 10 generates a user signature value for the order data and transmits the user's signature value to the mediation server 100, (S208). For example, if the confirmation information input to the user matches the preset confirmation information, the user terminal 10 is permitted to access the stored private key of the user, And transmits the generated user signature value to the mediation server 100.

Then, the mediation server 100 confirms whether the user signature value that signed the order data obtained from the user terminal 10 is valid (S209).

For example, the intermediary server 100 checks the public key of the user registered in the first block chain database using the first block chain transaction ID managed in response to the card registration, 1 block chain database. Also, the mediation server 100 confirms the processed value of the first representative hash value or the first representative hash value included in the data message obtained from the second block chain database 400 using the second block chain transaction ID Acquires a push token ID registered in the first block chain database by referring to the merch tree information and leaf node information stored in the first block chain database, which is retrieved using the first representative hash value or the first representative hash value, You may. Then, the mediation server 100 confirms whether the user signature value is valid using the obtained public key. At this time, the mediating server 100 extracts the order data from the user signature value using the public key, confirms whether the order data extracted from the user signature value matches the order data included in the payment request information, And judges whether it is valid or not.

If it is determined that the user signature value is valid, the mediation server 100 registers the order data acquired from the payment request information in the first block chain database or supports other devices to register the transaction data in step S210. At this time, the intermediary server 100 acquires and manages the third block chain transaction ID corresponding to the order data indicating the order information of the order data registered in the first block chain database.

If the triggering condition for registering a predetermined hash value in the second block chain database 400 is satisfied, the mediating server 100 may compare the second specific hash value generated by applying the hash function to the order data, And generates a value obtained by processing the second representative hash value or the second representative hash value, which is the merge root, by computing at least one neighboring hash value matching the hash value (S211).

Then, the mediation server 100 registers a value obtained by processing the generated second representative hash value or the second representative hash value in the second block chain database 400 or supports other devices to register (S212 , A fourth block chain transaction ID indicating the location information on the second block chain database 400 of the Merkrou which is a value obtained by processing the second representative hash value or the second representative hash value registered in the second block chain database 400 Or acquire another device (S213).

Meanwhile, the mediation server 100 may store and manage the second specific hash value and the at least one neighbor hash value in a predetermined data structure. Here, the data structure may be various, for example, a merkle tree structure.

That is, the mediation server 200 may support to generate or generate a second specific hash value for a particular leaf node, and if the triggering condition is satisfied, at least the second specific hash value It is possible to register or register a value obtained by processing the second representative hash value or the second representative hash value, which is a merge root generated by computing the hash value assigned to one leaf node, to the second block chain database 400 .

More specifically, (x1) the mediation server 100 computes or computes a hash value assigned to the sibling node of the node to which (i) the second specific hash value and (ii) the second specific hash value are assigned And support to assign or assign a hash value for the operation value to the parent node of the node. (x2) If the parent node is the root node of the merge tree, the hash value assigned to the parent node is the second representative hash value. (x3). On the other hand, if the parent node is not the root node of the merge tree, the mediation server 100 repeats (x1) to (x3) with the hash value assigned to the parent node as the second specified hash value .

The mediation server 200 finally registers the hash value assigned to the root node of the merge tree as the second representative hash value in the second block chain database 400 or supports other devices to register. At this time, a value obtained by processing the second representative hash value may be registered. For example, a result obtained by performing a hex operation on the second representative hash value may be registered.

On the other hand, when the intermediary server 100 stores the second specific hash value and the at least one neighbor hash value in a predetermined first data structure and then stores and manages the second data structure of the same type as the first data structure , The first data structure and the second data structure may be connected in a chain form.

In particular, if the first data structure and the second data structure are merc trees as in the above example, the root value of the first data structure or the hash value of the root value may be assigned to the first leaf node of the second data structure .

In addition, when the second data structure is created, verification of the first data structure is performed, so that data integrity can be further guaranteed.

In addition, in the case of the first one of the at least one merch tree connected in a chain form, the first leaf node of the first merch tree may be assigned a hash value or a processed value of predetermined message data composed of text, numbers, or symbols have. For example, a hash value of an input message initially assigned by the mediation server 100 can be assigned when generating a merge tree.

After that, the mediation server 100 transmits the approval request information including the card token ID corresponding to the user identification information and the order data to the financial server 200 or supports the other device to transfer the approval request information (S214). At this time, the approval request information may include a third block chain transaction ID corresponding to the order data indicating the position information of the order data registered in the first block chain database.

Then, the financial server 200 verifies the order data (S216).

For example, the financial server 200 verifies the order data included in the approval request information by referring to the order data registered in the first block chain database in correspondence with the card token ID contained in the approval request information, and responds to the verification result And transmits the approval result information to the intermediary server 100 or transmits the result to the other device.

In this case, when the financial server 200 includes the first financial server 210 and the second financial server 220, when the first financial server 210 receives the approval request information included in the approval request information acquired from the intermediary server 100 The order data included in the approval request information is verified by referring to the order data registered in the first block chain database in correspondence with the card token ID. That is, the first financial server 210 confirms the order data registered in the first block chain database using the third block chain transaction ID corresponding to the order data, and transmits the order data registered in the first block chain database and the approval It is determined whether or not the order data included in the request information coincides with each other to determine whether the order data is valid. If it is determined that the verification result is valid, the first financial server 210 stores the order data (S219), and requests the second financial server 220 to approve the order data (S217). At this time, the first financial server 210 requests the second financial server 220 to approve order data or request another device using the card index key matched with the card token ID. Then, the second financial server 220 confirms the card information using the card index key requested for approval, approves the payment for the order data corresponding to the confirmed card information, and transmits the approved result to the first financial server 210 or supports other devices to transmit (S218).

The first financial server 210 transmits the approval result obtained from the second financial server 220 to the intermediary server 100 or supports another device to transmit the approval result (S219).

Then, when the approval result information is obtained from the financial server 200, the intermediary server 100 registers the approval result information on the order data in the first block chain database or supports the other device to register it (S220) And acquires and manages a fifth block chain transaction ID corresponding to the result.

When the triggering condition for registering a predetermined hash value in the second block chain database 400 is satisfied, the mediation server 100 generates a third specific hash value generated by applying a hash function to the approval result information, A value obtained by processing the third representative hash value or the third representative hash value, which is the merge root, is generated by calculating at least one neighboring hash value matching the specific hash value (S221).

In addition, the mediation server 100 registers a value obtained by processing the generated third representative hash value or the third representative hash value in the second block chain database 400 or supports other devices to register (S222 ), A sixth block chain transaction ID indicating the location information on the second block chain database 400 of the Merkrou which is a value obtained by processing the third representative hash value or the third representative hash value registered in the second block chain database 400 Or acquire another device (S223).

Meanwhile, the mediation server 100 may store and manage the fifth specific hash value and the at least one neighbor hash value in a predetermined data structure. Here, the data structure may be various, for example, a merkle tree structure.

That is, the mediation server 200 can support the third specific hash value to generate or generate a merkle tree assigned to a particular leaf node, and if the triggering condition is satisfied, at least the third specific hash value A third representative hash value that is generated by computing a hash value assigned to one leaf node, and a value obtained by processing the third representative hash value may be registered or registered in the second block chain database 400 .

More specifically, (x1) the mediation server 100 computes or computes a hash value assigned to the sibling node of the node to which (i) the third specific hash value and (ii) the third specific hash value are assigned And support to assign or assign a hash value for the operation value to the parent node of the node. (x2) If the parent node is the root node of the merge tree, the hash value assigned to the parent node is the third representative hash value. (x3). On the other hand, if the parent node is not the root node of the merge tree, the mediation server 100 repeats (x1) to (x3) with the hash value assigned to the parent node as the third specified hash value .

The mediation server 200 finally registers the hash value assigned to the root node of the merge tree as the third representative hash value in the second block chain database 400 or supports other devices to register. At this time, a value obtained by processing the third representative hash value may be registered. For example, a result obtained by performing a hex operation on the third representative hash value may be registered.

Meanwhile, when the intermediary server 100 stores the third specific hash value and at least one neighbor hash value in a predetermined third data structure and then stores and manages a fourth data structure of the same type as the third data structure , The third data structure and the fourth data structure may be connected in a chain form.

In particular, if the third data structure and the fourth data structure are merc trees as in the above example, the root value of the third data structure or the hash value of the root value may be assigned to the first leaf node of the fourth data structure .

In addition, when the fourth data structure is generated, verification of the third data structure is performed, so that data integrity can be further guaranteed.

In addition, in the case of the first one of the at least one merch tree connected in a chain form, the first leaf node of the first merch tree may be assigned a hash value or a processed value of predetermined message data composed of text, numbers, or symbols have. For example, a hash value of an input message initially assigned by the mediation server 100 can be assigned when generating a merge tree.

Then, the mediation server 100 transmits the approval result information to at least one of the service providing terminal 20 and the user terminal 10 or supports the other device to transmit (S224, S225). At this time, the approval result information may include a fifth block chain transaction ID corresponding to the approval result information.

Also, when the approval result information is received from the intermediary server 100, the service providing terminal 20 can store the approval result information (S226).

Referring to FIG. 6, a method for requesting purchase of approved order data by the service provider in a state in which approval of card use is performed by the above method will be described.

5, accepts the use of the card by the user, registers the resultant information in the first block chain database and the second block chain database 400, When proceeding (S301), the service providing terminal 20 stores the purchase request information (S302). For example, the service providing terminal 20 stores the embedded data including at least one order data selected by the service provider from among the order data approved in response to the user's order and registered in the first block chain database.

In step S303, the service providing terminal 20 transmits transfer request information including embedded data to the intermediary server 100 or to transfer the transfer request information to another device.

Then, the mediation server 100 confirms whether the purchase request information acquired from the service providing terminal 20 is valid (S304).

For example, the mediation server 100 confirms the embedded data included in the embedded request information, and confirms that the order data included in the embedded data is valid. That is, the mediating server 100 confirms the order data included in the embedded data, and transmits the order data, that is, the order data registered in the first block chain database, using the fifth block chain transaction ID corresponding to the approved order data And checks whether or not the order data registered in the first block chain database matches the order data included in the purchase request information. If they match, it is determined that the purchase data is valid.

Then, the mediation server 100 requests the service providing terminal 20 to confirm the embedded data or request another device to request the embedded data (S305).

Then, the service providing terminal 20 requests the service provider to confirm the embedded data confirmed by the intermediary server 100. When the confirmation signal is input from the service provider, the service providing terminal 20 transmits an authentication result to the mediation server 100 Or to transmit another device (S306).

When the result of the authentication check is obtained from the service providing terminal 20, the mediation server 100 registers the authenticated verified data in the first block chain database or supports other devices to register (S307) And acquires and manages the seventh block chain transaction ID corresponding to the embedded data which is the position information on which the embedded data is registered in the block chain database 300.

When the triggering condition for registering a predetermined hash value in the second block chain database 400 is satisfied, the mediating server 100 may compare the fourth specific hash value generated by applying the hash function to the embedded data, A value obtained by processing the fourth representative hash value or the fourth representative hash value, which is the merge root, is generated by calculating at least one neighboring hash value matching the hash value (S308).

Then, the mediation server 100 registers a value obtained by processing the generated fourth representative hash value or the fourth representative hash value in the second block chain database 400 or supports registration by another device (S309 ), An eighth block chain transaction ID indicating the location information on the second block chain database 400 of the MECHUBOT, which is a value obtained by processing the fourth representative hash value or the fourth representative hash value registered in the second block chain database 400 Or acquire another device (S310).

Meanwhile, the mediation server 100 may store and manage the fourth specific hash value and the at least one neighbor hash value in a predetermined data structure. Here, the data structure may be various, for example, a merkle tree structure.

That is, the mediation server 200 may support the fourth specific hash value to generate or generate a merkle tree assigned to a particular leaf node, and if the triggering condition is met, at least the fourth specific hash value A fourth representative hash value that is generated by computing a hash value assigned to one leaf node and a fourth representative hash value that is a merge root generated by processing the fourth representative hash value may be registered or registered in the second block chain database 400 .

More specifically, (x1) the mediation server 100 computes or computes a hash value assigned to the sibling node of the node to which (i) the fourth specific hash value and (ii) the fourth specific hash value are assigned And support to assign or assign a hash value for the operation value to the parent node of the node. (x2) If the parent node is the root node of the merge tree, the hash value assigned to the parent node is the fourth representative hash value. (x3). On the other hand, if the parent node is not the root node of the merge tree, the mediation server 100 repeats (x1) to (x3) with the hash value assigned to the parent node as the fourth specific hash value .

Then, the mediation server 200 registers the hash value finally assigned to the root node of the merge tree as a fourth representative hash value in the second block chain database 400 or to register another device. At this time, a value obtained by processing the fourth representative hash value may be registered. For example, a result obtained by performing a hex operation on the fourth representative hash value may be registered.

Meanwhile, when the intermediary server 100 stores the fourth specific hash value and at least one neighbor hash value in a predetermined seventh data structure, and then stores and manages the eighth data structure of the same type as the seventh data structure , The seventh data structure and the eighth data structure may be connected in a chain form.

In particular, if the seventh data structure and the eighth data structure are merc trees as in the above example, a root value or a hash value of the root value of the seventh data structure may be assigned to the first leaf node of the eighth data structure .

Further, when the eighth data structure is generated, verification of the seventh data structure is performed, so that data integrity can be further guaranteed.

In addition, in the case of the first one of the at least one merch tree connected in a chain form, the first leaf node of the first merch tree may be assigned a hash value or a processed value of predetermined message data composed of text, numbers, or symbols have. For example, a hash value of an input message initially assigned by the mediation server 100 can be assigned when generating a merge tree.

Thereafter, the intermediary server 100 transmits the purchase request information including the embedded data to the financial server 200 or supports the other device to transfer (S311). At this time, the embedded request information may include a seventh block chain transaction ID corresponding to the embedded data indicating location information of the embedded data registered in the first block chain database.

Then, the financial server 200 confirms whether the embedded data included in the embedded request information is valid (S312).

For example, the financial server 200 verifies the embedded data included in the embedded request information by referring to the embedded data registered in the first block chain database in correspondence with the embedded data included in the embedded request information, And transmits the purchase result information to the mediation server 100 or to send another device to the intermediation server 100 (S316).

In this case, when the financial server 200 includes the first financial server 210 and the second financial server 220, the first financial server 210 transmits the purchase request information included in the purchase request information acquired from the intermediary server 100 The order data included in the purchase request information is verified by referring to the embedded data registered in the first block chain database in response to the embedded data. That is, the first financial server 210 checks the embedded data registered in the first block chain database using the seventh block-chain transaction ID corresponding to the embedded data, and stores the embedded data registered in the first block- It is determined whether or not the embedded data included in the request information are identical to each other to determine whether the embedded data is valid. If it is determined that the verification result is valid, the first financial server 210 requests the second financial server 220 to purchase the embedded data (S313). At this time, the first financial server 210 requests the second financial server 220 to purchase the embedded data or request another device using the card index key matched with the card token ID. Then, the second financial server 220 confirms the card information using the card index key requested to be embedded, approves the settlement of the purchase data corresponding to the confirmed card information, and transmits the approved purchase result information to the first financial To the server 210 or to send another device (S314).

The first financial server 210 transmits the purchase result information obtained from the second financial server 220 to the intermediary server 100 or supports another device to transfer the purchase result information to the intermediary server 100 (S316). At this time, the first financial server 210 may store the purchase result information obtained from the second financial server 220 (S315).

Then, the mediation server 100 registers the purchase result information for the embedded data acquired from the financial server 200 in the first block chain database or supports other devices to register (S317) 9 block chain transaction ID is obtained and managed.

When the triggering condition for registering a predetermined hash value in the second block chain database 400 is satisfied, the mediation server 100 stores the fifth specific hash value generated by applying the hash function to the embedded result information, A value obtained by processing the fifth representative hash value or the fifth representative hash value, which is the merge root, is generated by computing at least one neighboring hash value matching the specific hash value at step S318.

In addition, the mediation server 100 registers the generated value of the fifth representative hash value or the fifth representative hash value in the second block chain database 400 or supports other devices to register (S319 ), A tenth block chain transaction ID indicating the location information on the second block chain database 400 of the Merkrou which is a value obtained by processing the fifth representative hash value or the fifth representative hash value registered in the second block chain database 400 Or acquire another device (S320).

Meanwhile, the mediation server 100 may store and manage the fifth specific hash value and the at least one neighbor hash value in a predetermined data structure. Here, the data structure may be various, for example, a merkle tree structure.

That is, the mediation server 200 can support the fifth specific hash value to generate or generate a merkle tree assigned to a particular leaf node, and if the triggering condition is satisfied, The fifth block hash value generated by computing the hash value assigned to one leaf node may be registered or registered in the second block chain database 400 .

More specifically, (x1) the mediation server 100 computes or computes a hash value assigned to the sibling node of the node to which (i) the fifth specific hash value and (ii) the fifth specific hash value are assigned And support to assign or assign a hash value for the operation value to the parent node of the node. (x2) If the parent node is the root node of the merge tree, the hash value assigned to the parent node is the fifth representative hash value. (x3). On the other hand, if the parent node is not the root node of the merge tree, the mediation server 100 repeats (x1) through (x3) with the fifth hash value assigned to the parent node as the fifth specified hash value .

The mediation server 200 finally registers the hash value assigned to the root node of the merge tree as the fifth representative hash value in the second block chain database 400 or supports other devices to register. At this time, a value obtained by processing the fifth representative hash value may be registered. For example, a result obtained by performing hex operation on the fifth representative hash value may be registered.

On the other hand, when the mediation server 100 stores the fifth specific hash value and the at least one neighbor hash value in a predetermined ninth data structure and then stores and manages a tenth data structure of the same type as the ninth data structure , The ninth data structure and the tenth data structure may be connected in a chain form.

In particular, if the ninth data structure and the tenth data structure are merc trees as in the above example, the root value of the ninth data structure or the hash value of the root value may be assigned to the first leaf node of the tenth data structure .

In addition, when the tenth data structure is generated, verification of the ninth data structure is performed, so that data integrity can be further guaranteed.

In addition, in the case of the first one of the at least one merch tree connected in a chain form, the first leaf node of the first merch tree may be assigned a hash value or a processed value of predetermined message data composed of text, numbers, or symbols have. For example, a hash value of an input message initially assigned by the mediation server 100 can be assigned when generating a merge tree.

Then, the mediation server 100 transmits the purchase result information to the service providing terminal 20 or supports the other device to transmit the result. At this time, the embedded result information may include a ninth block-chain transaction ID corresponding to the embedded result.

In addition, when the buying result information is received from the mediation server 100, the service providing terminal 20 can store the approval result information.

In addition, the embodiments of the present invention described above can be implemented in the form of program instructions that can be executed through various computer components and recorded in a computer-readable recording medium. The computer-readable recording medium may include program commands, data files, data structures, and the like, alone or in combination. The program instructions recorded on the computer-readable recording medium may be those specially designed and constructed for the present invention or may be those known and used by those skilled in the computer software arts. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tape, optical recording media such as CD-ROMs and DVDs, magneto-optical media such as floptical disks, media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions include machine language code such as those generated by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware device may be configured to operate as one or more software modules for performing the processing according to the present invention, and vice versa.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, Those skilled in the art will appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims.

Therefore, the spirit of the present invention should not be construed as being limited to the above-described embodiments, and all of the equivalents or equivalents of the claims, as well as the following claims, I will say.

10: user terminal,
20: service providing terminal,
100: mediation server,
200: financial server,
210:
220: processor,
210: first financial server,
220: second financial server,
400: second block chain database

Claims (35)

A method for authorizing use of a card using a token ID,
(a) a card token ID corresponding to the card information of the user, user identification information for identifying the user, a push token ID corresponding to an app installed in the user terminal of the user, and a public key of the user, A first specific hash value generated by applying a hash function to the card token ID, the user identification information, the push token ID, and the public key, A first representative hash value obtained by calculating at least one neighboring hash value matching the first specified hash value or a value obtained by processing the first representative hash value is registered in a second block chain database, In a state in which the transaction ID is managed, If the payment request information including the user identification information and the order data is obtained, the mediating server transmits (1) the first block of transaction IDs corresponding to the user identification information of the payment request information, (2) acquiring a data message from the second block chain database using the second block chain transaction ID corresponding to the user identification information of the payment request information , And the merge tree information and leaf node information stored in the first block chain database in association with a value obtained by processing the first representative hash value or the first representative hash value included in the data message, And searches the merge tree information and the leaf node information retrieved from the database. Acquiring the push token ID registered in the first block chain database, requesting authentication of the order data to the user terminal corresponding to the acquired push token ID, or requesting another device to request step;
(b) if a user signature value obtained by signing the order data with the user's private key is received from the user terminal in response to the authentication request for the order data, (1) registering the order data in the first block chain database or registering another device with the first block chain database, if the user signature value is valid, checking whether the user signature value is valid using the public key of the user, (2) managing a third block chain transaction ID corresponding to the third block chain transaction ID, and (2) if a triggering condition for registering a predetermined hash value in the second block chain database is satisfied, And a second hash value calculating unit that calculates a hash value and at least one neighbor hash value matching the second specific hash value, Further comprising: table hash value or register the first value by processing a second hash value representative of said second block chain database, or support to enable registration to other devices and managing the fourth block chain transaction ID corresponding thereto; And
(c) the intermediary server transmits (i) approval request information including the card token ID corresponding to the user identification information and the order data to the financial server, Verifies the order data included in the approval request information with reference to the order data registered in the first block chain database corresponding to the card token ID included in the approval request information, (Ii) when the approval result information is obtained from the financial server, (1) the approval result information is registered in the first block chain database or the other device is registered And manages a fifth block chain transaction ID corresponding to the second block chain transaction ID, (2) If the triggering condition for registering a predetermined hash value in the lock chain database is satisfied, a third specific hash value generated by applying a hash function to the approval result information and at least one neighbor hash value matching the third specific hash value And registers the third representative hash value or the value obtained by processing the third representative hash value in the second block chain database or register with another device, manages the sixth block chain transaction ID corresponding to the third block hash value, Transmitting the approval result information to at least one of the service providing terminal and the user terminal or supporting another device to transmit the approval result information;
The method comprising the steps of: The method according to claim 1,
The triggering condition includes:
(i) a condition in which a transaction related to the use of the card is generated by a predetermined number, (ii) a condition in which a predetermined time elapses, (iii) a condition in which a block is generated in the first block chain database, And a condition for the use of the card. The method according to claim 1,
In the step (b)
Wherein the mediation server supports the second specific hash value to generate or generate a merkle tree assigned to a leaf node,
If the triggering condition is satisfied, a value obtained by processing the second representative hash value or the second representative hash value generated by computing a hash value assigned to at least one other leaf node matching the second specific hash value To register in the second block chain database or to register another device. The method according to claim 1,
In the step (c)
The mediation server supports the third specific hash value to generate or generate a merkle tree assigned to a leaf node,
If the triggering condition is satisfied, a value obtained by processing the third representative hash value or the third representative hash value generated by computing a hash value assigned to at least one other leaf node matching the third specific hash value To register in the second block chain database or to register another device. The method according to claim 3 or 4,
If the merge tree is a first tree among at least one merge tree connected in a chain form, the first leaf node of the merge tree is assigned a hash value or a processed value of predetermined message data composed of text, numbers or symbols How to approve card usage. The method of claim 3,
If the triggering condition is satisfied,
(x1) the mediation server is configured to (i) calculate or calculate a hash value assigned to the sibling node of the node to which the second specific hash value and (ii) the second specific hash value are assigned, The hash value generated by applying the hash function to the value obtained by calculating the hash value assigned to the sibling node of the node to which the second specific hash value is assigned, and (ii) assigning the hash value generated to the parent node of the node Or assign,
(x2) if the parent node is the root node of the merge tree, register the hash value assigned to the parent node as the second representative hash value in the second block chain database or register with another device,
(x3) If the parent node is not the root node of the merge tree, the step (x1) to (x2) are repeated by using the hash value assigned to the parent node as the second specific hash value How to approve a card. The method according to claim 6,
In (x1) above,
If the hash value is not allocated to the sibling node of the node to which the second specific hash value is allocated even though the triggering condition is satisfied, the mediating server assists the sibling node to assign or assign a predetermined hash value, (x1) to (x3). 5. The method of claim 4,
If the triggering condition is satisfied,
(x1) the mediation server is configured to (i) calculate or calculate a hash value assigned to the sibling node of the node to which the third specific hash value and (ii) the third specific hash value are assigned, A hash value generated by applying a hash function to a value obtained by calculating the hash value assigned to the sibling node of the node to which the third specific hash value is assigned, and (ii) assigning a hash value generated to the parent node of the node Or assign,
(x2) if the parent node is the root node of the merge tree, register the hash value assigned to the parent node as the third representative hash value in the second block chain database or register with another device,
(x3) if the parent node is not the root node of the merge tree, the (x1) to (x2) are repeatedly performed using the hash value assigned to the parent node as the third specific hash value How to approve a card. 9. The method of claim 8,
In (x1) above,
If the hash value is not allocated to the sibling node of the node to which the third specific hash value is allocated even though the triggering condition is satisfied, the mediating server assists the sibling node to allocate or assign a predetermined hash value to the sibling node, (x1) to (x3). The method according to claim 1,
In the step (b)
If the intermediary server stores the second specific hash value and the at least one neighbor hash value in a predetermined first data structure and then stores and manages a second data structure of the same type as the first data structure, Wherein the first data structure and the second data structure are connected in a chain form. 11. The method of claim 10,
Wherein a root value of the first data structure or a hash value of the root value is assigned to a first leaf node of the second data structure if the first data structure and the second data structure are merc trees. How to approve use. The method according to claim 1,
In the step (c)
If the intermediary server stores the third specific hash value and the at least one neighbor hash value in a predetermined third data structure and then stores and manages a fourth data structure of the same type as the third data structure, Wherein the third data structure and the fourth data structure are connected in a chain form. 13. The method of claim 12,
A root value of the third data structure or a hash value of the root value is assigned to a first leaf node of the fourth data structure when the third data structure and the fourth data structure are merc trees. How to approve use. The method according to claim 1,
Wherein the financial server includes a first financial server and a second financial server,
In the step (c)
(i) the brokerage server transmits the approval request information to the first financial server to transmit the order data registered in the first block chain database in correspondence with the card token ID included in the approval request information (Ii) if it is determined that the order data is valid, requesting approval of the order data to the second financial server; (ii) Wherein when the approval result is transmitted from the second financial server to the first financial server, the mediation server receives the approval result information from the first financial server or receives the approval result information from the other financial server. The method according to claim 1,
Before the step (a)
(a01) When the card registration request information including the user's personal information, the user identification information, the card information, and the push token ID is obtained from the user terminal, the mediating server transmits the card information to the financial server Requesting verification of the data;
(a02) When a verification result including the card index key corresponding to the card information is obtained from the financial server, the mediating server generates a card token ID corresponding to the card index key, and corresponds to the push token ID Requesting user authentication to the user terminal or requesting another device to request the user authentication; And
(a3) if the public key of the user corresponding to the user authentication corresponding to the user authentication is obtained from the user terminal, (i) (1) the token ID, the user identification information, the push token ID, Registering the key in the first block chain database or registering it with another device and obtaining the corresponding first block chain transaction ID; (2) registering a predetermined hash value in the second block chain database; A first specific hash value generated by applying a hash function to the card token ID, the user identification information, the push token ID, and the public key if the triggering condition is satisfied, and at least one A value obtained by processing the first representative hash value or the first representative hash value obtained by calculating the neighborhood hash value of the second block chain (Ii) transferring the card token ID and the card index key to the financial server, or transferring the card to another financial institution, Allowing the financial server to map the card information and the card token ID;
Further comprising the step of: 16. The method of claim 15,
In the step (a03)
The mediation server supporting the first specific hash value to generate or generate a merkle tree assigned to a leaf node,
Wherein when the triggering condition is satisfied, a value obtained by processing the first representative hash value or the first representative hash value generated by computing a hash value assigned to at least one other leaf node matching the first specified hash value To register in the second block chain database or to register another device. 16. The method of claim 15,
In the step (a03)
When the intermediary server stores the first specific hash value and the at least one neighbor hash value in a predetermined fifth data structure and then stores and manages a sixth data structure of the same type as the fifth data structure, Wherein the fifth data structure and the sixth data structure are connected in a chain form. 16. The method of claim 15,
In the step (a03)
Wherein the mediation server requests the user authentication to generate the private key and the public key in response to the user authentication request and supports the user to request confirmation of the confirmation information, Wherein the method further comprises storing the confirmation information obtained from the user and receiving the public key from the user terminal or receiving the public key from another device. 16. The method of claim 15,
Wherein the financial server includes a first financial server and a second financial server,
In the step (a02)
(i) the intermediary server requests the first financial server to request verification of the card information to a second financial server by requesting verification of the card information, and (ii) When the verification result including the card index key corresponding to the card information is transmitted from the first financial server to the first financial server, the mediation server receives the verification result from the first financial server or receives the verification result from the first financial server,
In the step (a03)
Wherein the mediation server transmits the card token ID and the card index key to allow the first financial server to map the card information and the card token ID. The method according to claim 1,
(d) embedded data from the service providing terminal, wherein the embedded data includes at least one or more than one of the order data approved in the step (c) and requested from the service providing terminal for purchase from the order data registered in the first block chain database (I) whether or not the embedded data is valid, and transmits the result to the service providing terminal or to transmit the result to another device (1) registering the embedded data in the first block chain database or registering it with another device and registering the corresponding block data in the seventh block chain transaction ID (2) acquiring a predetermined block number in the second block chain database A fourth representative hash value calculated by applying a hash function to the embedded data if the triggering condition for registering the shash value is satisfied, and at least one neighboring hash value matching the fourth specific hash value, Or registering a value obtained by processing the fourth representative hash value in the second block chain database or registering with another device, and acquiring an eighth block chain transaction ID corresponding thereto; (ii) To the financial server so that the financial server confirms that the embedded data is valid and sends the embedded result information to the intermediary server, (iii) the buying result information is transmitted from the financial server to the financial server, (1) registering the purchase result information in the first block chain database, or (2) a fifth specific hash value generated by applying a hash function to the embedded result information and a fifth specific hash value generated by matching the fifth specific hash value with the fifth specific hash value A fifth representative hash value obtained by computing at least one neighboring hash value or a value obtained by processing the fifth representative hash value is registered in the second block chain database or supported by another device, Acquiring a transaction ID, transferring the purchase result information to the service providing terminal or supporting another device to transmit the purchase result information;
Further comprising the step of: 21. The method of claim 20,
The mediation server comprises:
(i) the fourth specific hash value supports creating or generating a merkle tree assigned to a leaf node,
If the triggering condition is satisfied, a value obtained by processing the fourth representative hash value or the fourth representative hash value generated by computing a hash value assigned to at least one other leaf node matching the fourth specific hash value To register in the second block chain database or to register another device,
(ii) the fifth specific hash value supports creating or generating a merkle tree assigned to a leaf node,
If the triggering condition is satisfied, a value obtained by processing the fifth representative hash value or the fifth representative hash value generated by computing a hash value assigned to at least one other leaf node matching the fifth specified hash value To register in the second block chain database or to register another device. 21. The method of claim 20,
(i) the intermediary server stores the fourth specific hash value and the at least one neighbor hash value in a predetermined seventh data structure, and then stores an eighth data structure of the same type as the seventh data structure, The seventh data structure and the eighth data structure are connected in a chain form,
(ii) the intermediary server stores the fifth specific hash value and the at least one neighbor hash value in a predetermined ninth data structure, and then stores a tenth data structure of the same type as the ninth data structure, Wherein the ninth data structure and the tenth data structure are connected in a chain form. 21. The method of claim 20,
The intermediation server transmits the purchase request information to the financial server to help the customer to check whether the purchase data included in the purchase request information is registered in the first block chain database, And to support that the embedded data is judged to be valid. 21. The method of claim 20,
Wherein the financial server includes a first financial server and a second financial server,
(i) the mediating server transmits the purchase request information to the first financial server so as to confirm whether the embedded data included in the purchase request information is registered in the first block chain database, And to request the second financial server to purchase the embedded data if the embedded data is valid,
(ii) when the buying result information is transmitted from the second financial server to the first financial server, the broker server receives the buying result information from the first financial server or receives the buying result information from the other financial server How to approve a card. 1. A mediation server for authorizing use of a card using a token ID,
A card token ID corresponding to the card information of the user, user identification information for identifying the user, a push token ID corresponding to the application installed in the user terminal of the user, and the public key of the user are registered in the first block chain database And managing a first block chain transaction ID corresponding to the first block chain ID and the first specific hash value generated by applying a hash function to the card token ID, the user identification information, the push token ID, and the public key, A first representative hash value obtained by computing at least one neighboring hash value matching a specific hash value or a value obtained by processing the first representative hash value is registered in a second block chain database and a second block chain transaction ID In a state in which the user is managing the card, Communication unit for acquiring the payment request information including the user identification information and the order data; And
(1) obtaining the push token ID registered in the first block chain database using the first block chain transaction ID corresponding to the user identification information of the payment request information; (2) Acquiring a data message from the second block chain database using the second block chain transaction ID corresponding to the user identification information and transmitting the first representative hash value or the first representative hash value included in the data message Searching the first block chain database for the merge tree information and the leaf node information stored in the first block chain database in association with the machined value and referring to the retrieved merge tree information and the leaf node information, Obtains the push token ID registered in the chain database, A first process for requesting authentication of the order data to the user terminal corresponding to the obtained push token ID or for requesting another device to request authentication of the order data from the user terminal in response to the authentication request for the order data, Verifies the validity of the user signature value using the public key of the user registered in the first block chain database if the user signature value signed by the user's private key is obtained and if the user signature value is valid (1) registering the order data in the first block chain database or registering it with another device, and managing a third block chain transaction ID corresponding to the third block chain transaction ID, (2) If the triggering condition for registering the hash value is satisfied, A second representative hash value obtained by computing a second specific hash value generated by applying a hash function to the order data and at least one neighboring hash value matching the second specific hash value or a value obtained by processing the second representative hash value (I) a second process of registering in the second block chain database or supporting another device to register and managing a corresponding fourth block chain transaction ID, and (i) To the first block chain database in response to the card token ID included in the approval request information, by transmitting the approval request information including the token ID and the order data, The order data stored in the approval request information with reference to the registered order data, (Ii) when the approval result information is obtained from the financial server, (1) the approval result information is transmitted to the first block chain database (2) if the triggering condition for registering a predetermined hash value in the second block chain database is satisfied, the approval result information A third representative hash value obtained by computing a third specific hash value generated by applying a hash function to at least one neighboring hash value and at least one neighboring hash value matching the third specific hash value or a value obtained by processing the third representative hash value, To register in the second block-chain database or to allow other devices to register, and to correspond to the sixth block- And a third process for managing the management information and for transmitting the approval result information to at least one of the service providing terminal and the user terminal or for allowing another device to transmit the approval result information;
Wherein the card usage approval mediation server comprises: 26. The method of claim 25,
The triggering condition includes:
(i) a condition in which a transaction related to the use of the card is generated by a predetermined number, (ii) a condition in which a predetermined time elapses, (iii) a condition in which a block is generated in the first block chain database, And a condition for the card usage approval mediation server. 26. The method of claim 25,
The processor comprising:
In the second process,
Wherein the second particular hash value supports creating or generating a merkle tree assigned to a leaf node,
If the triggering condition is satisfied, a value obtained by processing the second representative hash value or the second representative hash value generated by computing a hash value assigned to at least one other leaf node matching the second specific hash value To register in the second block chain database or to register another device. 26. The method of claim 25,
The processor comprising:
In the third process,
Wherein the third specific hash value supports to generate or generate a merkle tree assigned to a leaf node,
If the triggering condition is satisfied, a value obtained by processing the third representative hash value or the third representative hash value generated by computing a hash value assigned to at least one other leaf node matching the third specific hash value To register in the second block chain database or to register another device. 26. The method of claim 25,
Wherein the financial server includes a first financial server and a second financial server,
The processor comprising:
In the third process,
And transmits the approval request information to the first financial server to refer to the order data registered in the first block chain database corresponding to the card token ID included in the approval request information, And to request approval of the order data to the second financial server if the verification result indicates that the order data is valid; (ii) Wherein when the approval result is transmitted to the financial server, the mediation server receives the approval result information from the first financial server or receives the approval result information from another device. 26. The method of claim 25,
The processor comprising:
Prior to the first process,
When the communication unit obtains the card registration request information including the user's personal information, the user identification information, the card information, and the push token ID from the user terminal, the communication unit requests the financial server to verify the card information ,
When a verification result including the card index key corresponding to the card information is obtained from the financial server, generates a card token ID corresponding to the card index key, and authenticates the user terminal corresponding to the push token ID Request or request another device,
(I) if the public key of the user corresponding to the user authentication is obtained from the user terminal, (i) the first token ID, the user identification information, the push token ID, (2) if the triggering condition for registering a predetermined hash value in the second block chain database is satisfied, the second block chain database A first specific hash value generated by applying a hash function to the token ID, the user identification information, the push token ID, and the public key, and at least one neighbor hash value matched with the first specific hash value, 1 representative hash value or the value obtained by processing the first representative hash value is registered in the second block chain database (Ii) transferring the card token ID and the card index key to the financial server, or supporting another device to transfer the card token to the financial server, And to cause the financial server to map the card information and the card token ID. 31. The method of claim 30,
The processor comprising:
Wherein the first particular hash value supports creating or generating a merkle tree assigned to a leaf node,
Wherein when the triggering condition is satisfied, a value obtained by processing the first representative hash value or the first representative hash value generated by computing a hash value assigned to at least one other leaf node matching the first specified hash value To register in the second block chain database or to register another device. 31. The method of claim 30,
Wherein the financial server includes a first financial server and a second financial server,
The processor comprising:
Requesting verification of the card information to request the first financial server to request verification of the card information to a second financial server, and (ii) requesting verification of the card information from the second financial server to the first financial server When the verification result including the card index key corresponding to the card information is transmitted, the mediation server receives the verification result from the first financial server or receives the verification result from the first financial server,
Wherein the first card issuance server transmits the card token ID and the card index key to the first financial server to map the card information and the card token ID. 26. The method of claim 25,
The processor comprising:
The embedded data from the service providing terminal includes at least one order data which is approved in the third process and requests for purchase from the service providing terminal among the order data registered in the first block chain database (I) confirms whether the embedded data is valid, and transmits the result to the service providing terminal or to transmit the result to the other device; and (1) registering the embedded data in the first block chain database or registering it with another device and acquiring a seventh block-chain transaction ID corresponding thereto, (2) the second block chain database A fourth representative hash value calculated by applying a hash function to the embedded data and at least one neighboring hash value matched with the fourth specific hash value, when the triggering condition for registering the hash value is satisfied, Value or a value obtained by processing the fourth representative hash value in the second block chain database or by registering with another device and obtaining an eighth block-chain transaction ID corresponding thereto, (ii) To the financial server, thereby enabling the financial server to confirm whether the embedded data is valid and to transmit the embedded result information to the intermediary server; (iii) (1) the purchase result information is registered in the first block chain database (2) a fifth specific hash value generated by applying a hash function to the embedded result information and a fifth specific hash value generated by matching the fifth specific hash value with the fifth specific hash value A fifth representative hash value obtained by computing at least one neighboring hash value or a value obtained by processing the fifth representative hash value is registered in the second block chain database or supported by another device, Acquiring a transaction ID, transmitting the purchase result information to the service providing terminal, or supporting another device to transmit the purchase result information to the service providing terminal. 34. The method of claim 33,
The processor comprising:
(i) the fourth specific hash value supports creating or generating a merkle tree assigned to a leaf node,
If the triggering condition is satisfied, a value obtained by processing the fourth representative hash value or the fourth representative hash value generated by computing a hash value assigned to at least one other leaf node matching the fourth specific hash value To register in the second block chain database or to register another device,
(ii) the fifth specific hash value supports creating or generating a merkle tree assigned to a leaf node,
If the triggering condition is satisfied, a value obtained by processing the fifth representative hash value or the fifth representative hash value generated by computing a hash value assigned to at least one other leaf node matching the fifth specified hash value To register in the second block chain database or to register another device. 34. The method of claim 33,
Wherein the financial server includes a first financial server and a second financial server,
The processor comprising:
(i) transmitting the purchase request information to the first financial server to confirm whether the embedded data included in the embedded request information is registered in the first block chain database to determine whether the embedded data is valid And to request the second financial server to purchase the embedded data if the embedded data is valid,
(ii) when the buying result information is transmitted from the second financial server to the first financial server, receiving the buying result information from the first financial server or receiving the buying result information from the other financial server .

Images