KR101902990B1 - Pass card issue and operating system by using security module and method thereof - Google Patents

Abstract

The present invention relates to a system and method for issuing a traffic card by requesting a traffic card based on data including a user ID by a separate terminal, the issuing unit controlling the issuing process; A first storage unit connected to the issuing unit and storing a card ID assigned to a traffic card to be issued; An issuing SAM connected to the issuing unit and generating a unique key corresponding to a card ID to be issued; The issuing unit separates the data including the user ID, the card ID, and the unique key from the data requiring security storage and the data not requiring security storage in different storage spaces, and storing the predetermined data including the card ID To the terminal.
In addition, the present invention relates to a system and method for charging the issued traffic card using a charging or transportation card, the operating system being connected to the traffic card and communicating charging information to the terminal; And a storage unit connected to the operation unit and storing data requiring security storage and data not requiring secure storage.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention [0001] The present invention relates to a traffic card issuance and management system using a security module,

The present invention relates to a system and method for issuing and operating a traffic card, and more particularly, to a system and method for issuing and operating a traffic card using a security module.

With the development of public transportation and its discounted services, transportation cards are a necessary means of payment for our daily life.

The first-generation traffic card is a form in which a predetermined amount of money is charged to physical media of various shapes similar to a card or a card. Each traffic card has a structure in which a card ID exists, which is charged, paid, and settled based on the card ID. In order to charge and settle, the information is exchanged between the traffic card and payment terminal.

Information exchange takes place using signed data including the card and the unique key of the terminal. That is, when the card is used, the unique key must never be exposed, and when the key is exposed, the third party may charge the card without paying the amount of money, or may issue a serious problem . In the case of a physical card, the unique key of the card is embedded in the card together with the card ID when issuing the card.

Physical first-generation transportation cards had the disadvantage of having to carry them, and also had the problem of losing money because the cards were bearer cards when they were lost.

The second-generation traffic card is a type of so-called app card, in which a virtual traffic card of a smart phone is issued and charged. There is a tremendous advantage in that there are no physical cards.

The app card is also operated using the unique key, and the unique key is stored in the USIM in the smartphone. Since the unique key is stored in the USIM, it can be used without activating the screen of the smartphone.

However, in such a case, if the smartphone is lost, the USIM is lost and there is a problem in security, and it is a good structure to abuse the information in the middle. Therefore, the traffic card is usually operated in such a way as to limit the amount of use per day and to minimize the damage even if it is exposed.

All traffic cards have two problems.

First, both the physical card and the app card are hard to recover when the balance is lost. In the case of app cards, even if you change a USIM, not a lost one, you must use a new card (a procedure for storing a unique key in USIM).

Second, it is vulnerable to security because it inherits the inherent key physically.

Third, in the case of app cards, there are cases where it can be used depending on the type of USIM, the type of smart phone, the case where it can not be used, cooperation with partner companies is necessary, and the use is very limited .

The present invention has been made to solve the above-mentioned problems, and it is an object of the present invention to provide a method for reusing a transportation card used by a user without re-purchasing a transportation card even if the transportation card is lost or a smartphone is changed, And smart phones and affiliates.

According to another aspect of the present invention, there is provided a system for issuing a traffic card by issuing a traffic card issuance request based on data including a user ID by a terminal, the issuer comprising: A first storage unit connected to the issuing unit and storing a card ID assigned to a traffic card to be issued; An issuing SAM connected to the issuing unit and generating a unique key corresponding to a card ID to be issued; The issuing unit separates the data including the user ID, the card ID, and the unique key from the data requiring security storage and the data not requiring security storage in different storage spaces, and storing the predetermined data including the card ID To the terminal.

In one embodiment of the issuing system, the predetermined data does not include a unique key.

In one embodiment of the issuing system, the data including the user ID, the card ID, and the unique key are separated into data requiring security storage by the first security module and data not requiring secure storage, And the issuing unit stores each piece of data in a different storage space.

In one embodiment of the issuing system, the different storage spaces are a second storage unit and a second security module.

In one embodiment of the issuing system, the issuing unit is a server, and the first and second security modules are separate hardware devices.

In one embodiment of the issuing system, the first storage unit and the second storage unit are logically divided into one storage space.

In one embodiment of the issuing system, the issuing unit is a server, and the first and second security modules are configured as a single device, and are logically or hardwarely divided.

According to another aspect of the present invention, there is provided a method of issuing a transportation card using a transportation card issuing server, the method comprising: receiving a card issuing request based on data including a user ID; Generating a unique key corresponding to a card ID to be issued by the traffic card issuing server; Separating the data including the user ID, the card ID, and the unique key into data that requires secure storage and data that does not require secure storage, by the transportation card issuing server; And storing the data requiring security and the data not requiring security in different storage devices.

The traffic card issuing server may further include a step of receiving a card ID to be issued by a separate server or reading the card ID to be issued in a first storage unit after receiving a traffic issuance request, .

The issuing server transmits data including the card ID to the issuing SAM connected to the traffic card issuing server through a predetermined communication method in the step of generating the unique key, The issuing SAM further includes generating a unique key and transmitting the unique key to the issuing server, and the issuing server further comprises receiving the unique key.

In one embodiment, the issuing server separates data including the user ID, the card ID, and the unique key into a first security device connected to the issuing server through a predetermined communication method Wherein the first security device separates data including a user ID, a card ID, and a unique key into data requiring secure storage and data not requiring secure storage, To the issuing server.

In an embodiment of the method of issuing a traffic card, the step of storing in the different storage devices may be such that the issuance server stores data requiring security storage in the second security device, The method comprising the steps of:

A system for charging a transportation card is connected to the transportation card by using a terminal including a transportation card storing information including a user ID and a card ID as means for solving the problem of the present invention, An operating unit communicating with the terminal; And a storage unit connected to the operation unit and storing data requiring security storage and data not requiring secure storage.

According to an aspect of the present invention, there is provided a system for paying a fee using a terminal including a traffic card storing information including a user ID and a card ID, the system being connected to the traffic card, An operating unit for communicating with the terminal; And a storage unit connected to the operation unit and storing data requiring security storage and data not requiring secure storage.

The effects of the present invention are as follows.

First, when issuing a card, issuing it using the information of the user has an advantage in that even if the card is lost, even if the USIM of the smartphone is changed, the card used by the user can be used as it is.

Second, you do not have to worry about losing your unique key even if you lose the card because you do not store the unique key on the card and store it on a separate security device.

1 is a conceptual diagram of an embodiment of a traffic card issuing system proposed in the present invention.
Figs. 2 to 7 A transportation card issuing method proposed in the present invention
8 is a conceptual diagram of an embodiment of a traffic card charging system proposed in the present invention
9 is a flow chart of a traffic card charging method proposed in the present invention.
10 is a conceptual diagram of an embodiment of a payment system using a transportation card proposed in the present invention
11 is a flowchart of a payment method using a transportation card proposed in the present invention

While the invention is susceptible to various modifications and alternative forms, specific embodiments thereof are shown by way of example in the drawings and will herein be described in detail. It should be understood, however, that the invention is not intended to be limited to the particular embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention. Like reference numerals are used for like elements in describing each drawing.

The terms first, second, A, B, etc. may be used to describe various elements, but the elements should not be limited by the terms. The terms are used only for the purpose of distinguishing one component from another. For example, without departing from the scope of the present invention, the first component may be referred to as a second component, and similarly, the second component may also be referred to as a first component. And / or < / RTI > includes any combination of a plurality of related listed items or any of a plurality of related listed items.

It is to be understood that when an element is referred to as being "connected" or "connected" to another element, it may be directly connected or connected to the other element, . On the other hand, when an element is referred to as being "directly connected" or "directly connected" to another element, it should be understood that there are no other elements in between.

The terminology used in this application is used only to describe a specific embodiment and is not intended to limit the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise. It is to be understood that the term "comprises" or "having" in the present application does not preclude the presence or addition of features, numbers, steps, operations, components, parts, or combinations thereof described in the specification .

Unless otherwise defined, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.

Terms such as those defined in commonly used dictionaries are to be interpreted as having a meaning consistent with the contextual meaning of the related art and are to be interpreted as either ideal or overly formal in the sense of the present application Do not.

Hereinafter, a system and method for issuing and operating a traffic card using the security module according to the present invention will be described in detail with reference to the accompanying drawings.

The traffic card issuance and operation system is divided into three functions.

Transportation card issuance, transportation card recharging, and payment using a transportation card (purchase). Conventionally, a device for issuing, a device for charging, and a device for payment have been constituted. The issuing device has issued and delivered a transportation card, and the device for charging has been installed in a separate place. , A taxi, and a convenience store. The reason for this operation is to manage the security of the card ID for distinguishing the card and the unique key for generating the corresponding encrypted signature in order to issue, charge, and settle the card.

In the case of issuance, a process of generating a unique key corresponding to the card ID is required. An issuing SAM (Security Access Module) connected with the issuing device by a predetermined communication method (USB, TCP / IP, etc.) is used as the inherent key. The issuing SAM may be in the form of a card, a memory stick, or a separate device.

Based on the information including the card ID, the issuing SAM generates a unique key to be issued using the unique key possessed by the issuing SAM, encrypts the unique key, generates a signature, In the process of storing and storing the information including the unique key in the new card, it is checked whether the correct unique key is stored using the signature. At this time, the inherent key may or may not be encrypted, but it is desirable to encrypt the inherent key to improve security.

The issued card can store various data including the card ID, unique key, balance, and whether the transportation card is for the youth or general use, the area, and the card manufacturing information.

The charging device receives the signature information including the card ID and the unique key from the issued traffic card, and identifies the normal traffic card or the normal charging device to charge the desired amount.

The settlement apparatus also receives the signature information including the card ID and the unique key from the issued traffic card, and discriminates whether the normal traffic card or the device is a normal payment apparatus, thereby paying the desired amount.

In the case of a conventional method of issuing and operating a traffic card, a card ID (an anonymous name in the case of a traffic card) capable of identifying a unique key and a traffic card is used. That is, although the inherent key and the amount information are important information, they are usually stored without encryption. The reason is that ordinary traffic cards are charged in small amounts, and postpaid cards also have an upper limit on the amount of money.

However, the method of payment using the transportation card is expanding in various ways such as the convenience store fee in addition to the traffic fee, and when the card is re-issued due to the exposure of the unique key, the conventional amount reset, come. The present invention has been made to solve the above-mentioned problems.

The transportation card of the present invention may be a physical transportation card, but it may be an application card in a smart phone or a function (module) of a bank app.

Nowadays, smartphones manage smartphone apps by using user's mail information (GMAIL, iCloud), and in the case of bank apps, the bank app uses the CI number given to the individual, not the personal resident number, . That is, a module of an app card in a smart phone or a module of a bank app, all of which contain information that can identify the user.

The present embodiment will be described as an embodiment when it is implemented as a module in a bank app. However, the present embodiment may include all kinds of transportation cards implemented in various forms.

FIG. 1 is a conceptual diagram of a transportation card issuing system 1000.

When the transportation card issuing system 1000 requests issuance of the transportation card from the transportation card module built in the bank app of the separate terminal 10, the issuing unit 100 receives the request.

The terminal and the traffic card issuing system 1000 can communicate by a predetermined communication method, and LTE, TCP / IP, or the like can be used for a predetermined communication method.

When issuing the transportation card from the terminal 10, the bank app with the transportation card module 11 transmits the data including the user ID such as the CI information of the user (e-mail information in the case of the transportation card application, Can be transmitted. The module 11 is a software configured module.

In this case, the transmitted data includes information on various options such as whether the type of card to be issued is for adolescents or adults, in addition to the user ID. The issuing unit 100 can be implemented as a single hardware server, and the functions can be configured in a server by software as a library. The issuing unit 100 may be referred to as an issuing server.

When the request from the terminal 10 is received by the issuing unit 100, the issuing unit reads the card ID from the first storage unit 210 in which the card ID of the transportation card to be newly issued is stored. The card ID may be received each time it is issued by the card issuer server 20, or a plurality of card IDs may be issued at a time according to a predetermined rule and stored in the first storage unit 210 for use. It is not guaranteed that communication with the card issuer server 20 is possible at all times. Therefore, it is preferable to issue a plurality of card IDs at a time and operate the cards.

The issuing unit 100 transmits predetermined information including the card ID corresponding to the user ID to the issuing SAM 310. The issuing unit 310 issues a unique key corresponding to the card ID based on the built- And transmits the generated unique key to the issuing unit 100 together with the signature. When transmitted, the unique key may or may not be encrypted, but it is desirable to encrypt it with security.

The issuing unit 100 uses the digital signature of the received unique key and the digital signature to confirm whether or not the unique key has been correctly received. If it is correctly received, it is possible to separate data (DS) that requires security, and data (DD) that does not require security, including the requested information such as a unique key, a user ID, and a card ID.

Thereafter, data requiring security is encrypted, and data not requiring security is not encrypted. Encrypted data and unencrypted data are separately generated, and the two data are indexed (DI) using the same specific flag. Each indexed data can be indexed to identify the separate data when it joins the separate data. In addition, each signature can be additionally generated and included in the data, which can be used to verify that the data has been correctly transmitted / received.

Data that requires security will be represented by a unique key including a unique key, an amount, and a transaction serial number. Data that does not require security may be represented by a card ID.

The separation of the data requiring security and the data not requiring security can be performed inside the issuing unit 100. However, the first security module 400 may be separately constructed to enhance the security. In the case where the first security module 400 is configured as a separate device, the first security module 400 may be connected by a communication method such as TCP / IP, communication using USB, PCI, etc. In the case where the issuer 100 is configured as a server, It can be configured in the form of USB in the server by being inserted in a module form.

When a separate first security module 400 is used, the issuing unit 100 signs data including an encrypted unique key, a user ID, a card ID, and various option information in the first security module 400, To the first security module (400).

When the first security module 400 receives the data including the signature from the issuing unit 100, it decrypts the encrypted inherent key and confirms the inherent key using the signature value.

If it is determined that the signature is correct, the first security module 400 separates the security data DS and the data DD that do not require security, and the security data can be encrypted , And data not requiring security may not be encrypted.

If encryption is performed, the encrypted data and the unencrypted data are separately generated, and the two data are indexed using the same specific flag. With indexing, the divided data can be identified as one piece of data.

The indexing may be configured by sequentially issuing a value having a predetermined serial number in the issuing unit 100 and giving it an ID, and may be configured using a user ID, a card ID, and the like.

Also, before sending the separated data to the issuing unit 100, the issuing unit 100 can confirm whether the separated data includes a signature and has received the correct unique key through the signature.

The data requiring indexed security and the data not requiring security are separated through the issuing unit 100 and stored in a security-enhanced storage unit and a storage unit having no security. The storage may be a storage device inside the issuing unit 100 or may be stored in a separate device.

Preferably, data that does not require security is stored in the second storage unit 220, and data requiring security is stored in the second security module 500.

The second security module 500 may be configured in the same or similar form as the first security module 400 described above. It is most preferable from the viewpoint of security to use a separate device called a hardware security module (HSM) for the first and second security modules. When HSM is used, the operator can not see or manipulate the information of the data requiring security except for the supervisor.

The second security module 500 includes a function of storing data requiring security and decrypting the encrypted data if it is encrypted and a separate authentication module 510 for identifying whether the unique key is correct using a signature ). The authentication module 510 includes a function capable of verifying a signature and generating a signature.

The issuing unit 100 separately stores data requiring security including indexing and data not requiring security and provides basic information (card ID, user ID, option information, etc.) to the transportation card module 11 The transportation card module 11 may include a transportation card to complete the transportation card issuance. At this time, the balance becomes 0 yen. The basic information does not include a unique key.

In other words, the traffic card is issued through such a series of processes, and the issued traffic card can be confirmed by the user using the traffic card application or the traffic card module. However, the traffic card application or module does not include important information such as a unique key, which is the key to settlement and charging of the traffic card. Important information is stored in a separate security module based on the user ID, And stored in the storage device.

If you implement this form, you will not expose your unique key, and even if you change your smartphone or lose your card, your card ID, amount, etc. will be stored in a separate module and / or store Therefore, it is possible to reuse the card that was used by the user other than the new card.

2 to 7 are flowcharts of a method of issuing a traffic card by the traffic card issuing system.

In step S100, the user requests issuance of the transportation card through the banking application in which the transportation card application installed in the terminal 10 or the transportation card module is installed (corresponding to the issuing unit 100 in the issuing system). When making the request, the data transmitted to the issuing server includes the user's ID, such as the CI used by the bank app or the user's email used by the smartphone, to identify the user.

In step S100, a traffic card application or a traffic card module is first executed (S110). A step S120 shown in a guidance message on whether or not a traffic card is issued. When the user desires to issue a traffic card, Step S130, and requesting issuance of a traffic card (S140).

When issuing a request for issuing a new traffic card, the issuing server obtains a card ID to be given to the new traffic card in step S200. In operation S200, the issuing server requests / receives a card ID to be issued to the traffic card company server in operation S210, stores the received card ID in the storage unit S220, and reads the stored card ID from the storage unit S230).

Through step S300, the issuing server requests and receives a unique key of a card to be newly issued to the issuing SAM. In step S300, the issuing server requests a unique key corresponding to the card ID to the issuing SAM in step S310. In step S320, the issuing server receives a signature identifying the encrypted unique key and the unique key from the issuing SAM. And checking whether the unique key is correct using the signed signature (S330). Each step may further include a procedure for confirming or authenticating the issuing server and the issuing SAM through a separate signature.

Through step S400, the issuing server can separately obtain security-required data and unsecured data including the issued signature, card ID, user ID, and option information. Each data including an indexing capable of identifying a pair of each data to obtain first data including security-free data and indexing, data requiring security and second data including indexing .

In operation S400, the issuing server transmits data including an encrypted unique key, a card ID, a user ID, option information, and a signature to a separately configured first security module (S410). The first security module encrypts the encrypted unique key (S430). If the unique key is correct, the first security module separates the data requiring security and the data not requiring security (S430). The first security module separates the data A step S440 of encrypting data requiring security, a step of generating a signature, and a step S450 of indexing data requiring security and data not requiring security, respectively, at step S450. The issuing server receives the indexed And fetching data requiring security and data not requiring security (S460). Each step may further include a procedure for confirming or authenticating the issuing server and the first security module through a separate signature.

Through step S500, the issuing server divides and stores the data requiring the indexed security and the data not requiring the security. Step S500 may include storing the indexed security-free data in the second storage unit (S510), and storing the data requiring indexed security in the second security module (S520). A procedure for confirming or authenticating the issuing server and the second security module and / or the second storage may be further included.

In step S600, the issuance server provides the transportation card app or the transportation card module with predetermined information including indexing information so that the issuing server can store the transportation card application or the transportation card module. A procedure for confirming or authenticating the issuing server and the terminal may be further included.

Each step divided into 10 groups may include all of them, and may include only a part thereof.

After the above process, the traffic card application or the traffic card module issues a new traffic card, but actually important information is stored in the first security module. In this case, at the time of settlement or charging, which will be described later, charging or payment can be performed using the information stored in the first security module based on the indexing information stored in the traffic card application or the traffic card module.

8 is a conceptual diagram of a traffic card offline charging system.

As described above, in the traffic card issuing system of the present invention, data (unique key, charge amount, etc.) requiring security is stored in a separate second security module. Therefore, in order to perform charging, the charging terminal, the traffic card application, the traffic card module, the charge authentication server, and the second security module are connected by a predetermined communication method, and the predetermined communication method may be different depending on the devices.

A terminal including a traffic card storing information including a user ID and a card ID (the traffic card may be a traffic card application or a traffic card module), and a charging terminal including a charging SAM When charging is started using predetermined data, the traffic card exchanges a signature between an operating unit including a charging library and the charging terminal. In this process, since the unique key exists in the second security module, verification of the signature is performed in the second security module. That is, by transmitting information such as the unique key and balance of the traffic card in the second security module to the charge SAM, the charge can be performed.

The operating unit may include a separate module capable of generating and verifying the signature.

The method of paying for the charge during the above process can be cash or card, and if the banking app is included as a transportation card module, the money can be transferred from the bank app to the charging place .

Also, data that does not need security stored in the second storage unit during the above process can be used by matching the indexing.

5 is a flow chart showing main steps between devices for off-line charging.

A method for charging a traffic card issued in the present invention offline includes the steps of notifying the traffic card of start of charging to the charging terminal, and requesting the operation unit 1 of the traffic card; The operation unit requests the second security module to generate the signature 1, the second security module provides the signature 1 to the operation unit, the operation unit transmits the signature 1 to the traffic card, the traffic card transmits the received signature 1 To the charging terminal, the charging terminal verifying the received signature 1, if the charging terminal determines that the signature 1 is a valid signature, the charging terminal generates a signature 2 to request charging the transportation card, The card requesting the operation part 2 to verify the signature 2 and generate the signature 3; The operation unit requesting the second security module to perform signature 2 verification and signature 3 generation; Verifying the signature 2 by the second security module; If the second security module determines that the signature 2 is a valid signature, generating and sending the signature 3 to the operation unit, the operation unit transmitting the signature 3 to the traffic card, the traffic card transmitting the received signature 3 to the charging terminal The charging terminal verifying signature 3, and completing charging if signature 3 is determined to be a valid signature.

6 is a conceptual diagram of a traffic card online charging system.

In the case of the off-line charging method described above, the charging terminal includes a charging SAM, and charging is performed through authentication of the charging SAM. In the case of the traffic card of the present invention, data requiring security such as a unique key is stored in the second security module instead of the traffic card. Therefore, based on the unique key stored in the second security module in the charging process You must go through the process of signing a certificate.

In order to charge online, the operating department, including the charging library, will include an additional charging SAM, and if you request charging from the transportation card app or transportation card module (provided that you have to pay money first and use the banking app , It is preferable that the operating unit performs charging after authenticating based on the unique key stored in the second security module.

In this process, signature generation, exchange, and verification procedures can be performed to verify the exchange key between the charge SAM, the traffic card, the operation unit, and the second security module.

7 is a flow chart illustrating main steps between devices for on-line charging.

A method for charging a traffic card issued online according to the present invention is characterized in that the traffic card requests charging to the operation unit, the operation unit requests the signature 1 to the second security module, the second security module generates a signature 1 Requesting signature 2 while informing the second security module of the start of charging, if the signature 1 is judged to be a correct signature; and the second security module Generating a signature 2 and transmitting it to the operation unit, the operation unit verifying the signature 2, if the signature 2 is correct, requesting the signature 3 to the second security module. The second security module generates and transmits the signature 3 to the operation unit, the operation unit verifies the signature 3 and, if it is determined that the signature is correct, notifying the second security module of the completion of the charge.

8 is a flowchart illustrating a conceptual diagram and a payment method of a payment system using a transportation card.

Like the charging system, the payment system is a system for making payments using a unique key stored in the second security module.

The traffic card, the payment terminal, the operation unit, and the second security module are connected to each other by a predetermined communication method. The second security module contains data requiring security including a unique key. The card requests unique key information stored in the second security module and makes payment. At this time, in the case of data that does not need security stored in the second storage device, the data is used by matching the data with the data requiring security when necessary.

In the system for payment of a traffic card issued in the present invention, a payment terminal (for example, a bus terminal) informs the traffic card of the start of payment (payment transaction); The operation unit requests the second security module to generate the signature 1, the second security module provides the signature 1 to the operation unit, the operation unit transmits the signature 1 to the traffic card, the traffic card transmits the received signature 1 To the payment terminal, the payment terminal verifies the received signature 1, if the payment terminal determines that the signature 1 is a valid signature, the payment terminal generates the signature 2 and requests payment to the transportation card, The card requesting the operation part 2 to verify the signature 2 and generate the signature 3; The operation unit requesting the second security module to perform signature 2 verification and signature 3 generation; Verifying the signature 2 by the second security module; If the second security module determines that the signature 2 is a valid signature, generating and transmitting the signature 3 to the operation unit, the operation unit transmitting the signature 3 to the transportation card, the transportation card transmitting the received signature 3 to the payment terminal The payment terminal includes verifying the signature 3, and if the signature 3 is determined to be a valid signature, completing the payment (completing the payment).

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, Those skilled in the art will appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims.

Therefore, the spirit of the present invention should not be construed as being limited to the above-described embodiments, and all of the equivalents or equivalents of the claims, as well as the following claims, I will say.

10 terminal
20 card company server
100 issuer
200 storage unit
210 First storage unit
220 Second storage unit
310 issued SAM
320 charge SAM
330 Payment SAM
400 first security module
500 second security module
600 Operations Department
610 charge library
620 Payment Library
1000 Transportation Card Issuing System
2000 charging system
3000 Payment System

Claims (14)

A system for issuing a traffic card by issuing a traffic card issuance request based on data including a user ID by a separate terminal,
An issuer for receiving a traffic card issuance request including the user ID from the terminal and issuing the traffic card by controlling an issuance process when the issuance request is received;
A first storage unit connected to the issuing unit and storing a card ID assigned to a traffic card to be issued;
An issuing SAM connected to the issuing unit and generating a unique key corresponding to a card ID to be issued;
A first security module for separating data including a user ID, a card ID, and a unique key of a traffic card issued by the issuing unit into data requiring security and data not requiring security,
A second security module for receiving and storing data requiring security among data separated by the first security module; And
And a second storage unit for receiving and storing data not required for security among data separated by the first security module,
Wherein the issuing unit controls the separated data to be stored in different storage spaces, and transmits only the data that does not need security among the separated data to the terminal. delete delete delete The method according to claim 1,
Wherein the issuing unit is a server, and the first security module and the second security module are separate hardware devices. The method according to claim 1,
Wherein the first storage unit and the second storage unit are logically divided in one storage space. The method according to claim 1,
Wherein the issuing unit is a server and the first security module and the second security module are constituted by one device and are logically or hardwarely divided. A method of issuing a traffic card by a traffic card issuing server by issuing a traffic card issuing request based on data including a user ID by a separate terminal,
Receiving a traffic card issuance request including the user ID from the terminal;
Providing a card ID when receiving the traffic card issuance request;
Generating a unique key corresponding to the card ID and issuing a traffic card;
Separating the data including the user ID, the card ID, and the unique key of the issued traffic card into data requiring security and data not requiring security;
Encrypting the data requiring security;
Storing the data requiring security and the data not requiring security in different storage devices; And
Transmitting only the data not requiring security to the terminal
The method comprising the steps of: 9. The method of claim 8,
The traffic card issuing server,
Further comprising receiving a card ID to be issued from a separate server or reading the card ID from the first storage unit after receiving a traffic issuance request. 10. The method of claim 9,
Wherein the generating the unique key comprises:
The issuing server transmits data including a card ID to an issuing SAM connected to a traffic card issuing server through a predetermined communication method. The issuing SAM generates a unique key and transmits the generated key to the issuing server. Further comprising the step of receiving the inherent key. 11. The method of claim 10,
The step of separating the data comprises:
Wherein the issuing server transmits data including a user ID, a card ID, and a unique key to a first security device connected to the issuing server through a predetermined communication method, the first security device includes a user ID, a card ID, The method of claim 1, further comprising the step of: separating data including security data into data requiring security storage and data not requiring security storage, and the first security device transmitting separated data to an issuing server . 12. The method of claim 11,
Wherein the storing in the different storage devices comprises:
Wherein the issuing server further comprises storing the data requiring security storage in the second security device and storing data in the second storage device that does not require secure storage.
delete delete

Images