KR102263220B1 - E-commerce Payment Method using Block Chain - Google Patents

Abstract

The present invention relates to an e-commerce payment model using a block chain, and more particularly, an e-commerce payment model capable of processing payment and settlement in e-commerce using a block chain without additional registration of public certificates, public keys, private keys, etc. is about

Description

E-commerce Payment Method using Block Chain

The present invention relates to an e-commerce payment model using a block chain, and more particularly, an e-commerce payment model capable of processing payment and settlement in e-commerce using a block chain without additional registration of public certificates, public keys, private keys, etc. is about

Recently, the spread of smart phones has expanded and mobile communication networks have evolved, and the online e-commerce market is continuously growing due to the expansion of the Internet shopping market and the spread of credit cards.

Currently, it is a system in which payment is made through a PG (Payment Gateway) when making an Internet e-commerce payment through a credit card. When using the PG (Payment Gateway) service, an additional fee for use occurs, and the PG (Payment Gateway) server itself is vulnerable to hacking, so there is a security problem.

The online e-commerce market continues to grow due to the spread of smartphones, the evolution of mobile communication networks, the expansion of internet shopping, and the spread of credit cards. It is evolving differently from before.

Internet e-commerce consists of suppliers, products, domains, shopping malls or homepages, servers, payment systems, product delivery systems, and consumers. Considering the results of consumer purchasing research, the payment system is a very important and essential element.

As an electronic payment system, the necessary requirements are mutual authentication that can verify the identity of the counterparty, confidentiality that prevents the transaction contents from being exposed to third parties, integrity that the message has not been tampered with during transmission, It is non-repudiation that can prevent unreasonable reversal of established transactions. In e-commerce, most consumers use credit or debit cards. In particular, for integrity and non-repudiation, transactions are carried out through PG (Payment Gateway). Therefore, transaction fees are inevitably generated due to the intervention of PG (Payment Gateway) or VAN (Value-added Network), which are transaction brokers. In the past, credit card transactions were relatively expensive transactions, and the transaction fee burden was not an issue due to the low transaction volume. As credit card penetration and credit card transaction rates increase due to complex factors such as the increase in convenience stores where payments are made, the problem of the payment fee system is emerging as a rapid social issue in the e-commerce market, centering on consumers and small business owners. In addition, when making internet e-commerce payments through credit or debit cards, PG (Payment Gateway) is currently required. Accordingly, PG (Payment Gateway) fees are generated, which is a cause of relatively increased e-commerce costs. is becoming

That is, in the case of Internet e-commerce payment through a conventional credit card, since it is a payment settlement system in which payment is made through a PG (Payment Gateway), there is a security problem such as an additional fee and the server being vulnerable to hacking.

Domestic Patent Publication No. 2000-0037110 (Integrity authentication and e-commerce method, published on July 5, 2000)

An object of the present invention is to build an e-commerce payment model that can guarantee security enhancement, transaction integrity, denial equipment, etc. through a distributed ledger, consensus algorithm, etc. using block chain technology.

In addition, the purpose is to manage e-commerce by digital signature and distributed ledger without additional registration of public certificates, public and private keys according to the authentication method that blockchain technology has.

The first step of generating a purchase QR code for a sale or service item in the app by running the app in the buyer's terminal, when the buyer proceeds to purchase using the purchase QR code, the block chain system works in conjunction with the app and a second step of generating and managing an order form with a valid signature and a third step of transmitting a payment result to the seller and the buyer through the purchase order form.

When the order form is generated, a digital signature is generated as a sign message, and the digital signatures of the buyer and the seller are collated, and verification is performed with a block chain.

The sign message is characterized in that the purchaser converts the message into a hash value, encrypts the hash value with the purchaser's private key, and generates a MAC (Message Authentication Code).

The effect according to the present invention is effective in that it is possible to rescue an e-commerce payment model that can enhance security and guarantee transaction document integrity, denial equipment, and the like.

In addition, the effect according to the present invention is to improve the integrity and non-repudiation of payment transactions by managing them by digital signatures and distributed ledgers without additional registration of public certificates, public keys and private keys according to the authentication method basically possessed by blockchain technology. It is effective in guaranteeing and avoiding transaction fees.

1 is a diagram illustrating a message authentication diagram according to an embodiment of the present invention;
2 is a view showing an e-commerce payment method according to an embodiment of the present invention.
Figure 3 is a view showing an electronic low transaction payment method according to an embodiment of the present invention.
4 is a block diagram of a merchant, consumer, and blockchain subsystem in accordance with an embodiment of the present invention.

Advantages and features of embodiments of the present invention, and methods of achieving them, will become apparent with reference to the embodiments described below in detail in conjunction with the accompanying drawings. However, the present invention is not limited to the embodiments disclosed below, but may be implemented in various different forms, and only these embodiments allow the disclosure of the present invention to be complete, and common knowledge in the art to which the present invention pertains It is provided to fully inform those who have the scope of the invention, and the present invention is only defined by the scope of the claims. Like reference numerals refer to like elements throughout.

In describing the embodiments of the present invention, if it is determined that a detailed description of a well-known function or configuration may unnecessarily obscure the gist of the present invention, the detailed description thereof will be omitted. In addition, the terms to be described later are terms defined in consideration of functions in an embodiment of the present invention, which may vary according to intentions or customs of users and operators. Therefore, the definition should be made based on the content throughout this specification.

Due to the spread of smartphones, etc., payments using smartphones are increasing. At this time, in payment using a smart phone, the smart phone uses a QR code (QR code) for input of ID or key value, because it can input more data than barcode (Bar Code).

In addition, as security is particularly emphasized in payment transactions of smartphones, a method of mutual authentication with an encrypted QR code (QR code) between consumers and merchants is required. Having a third party (third party) to manage the proof of the public key, the merchant must encrypt the payment information with the public key provided by the third party.

That is, the consumer requests a private key from a third party, and after receiving the merchant's payment information, decrypts it with the public key to authenticate the payment information. It is a good method for authentication between merchants and consumers, but there are disadvantages in that a key must be generated for every transaction, and the private key must be transferred from a third party to the consumer.

1 is a diagram illustrating a message authentication diagram according to an embodiment of the present invention. Referring to FIG. 1 , in general, as shown in FIG. 1 , a process in which authentication between a sender and a receiver is performed is as follows. The sender hashes the message. In this case, the hash is an act of converting specific data into data of a shorter length that symbolizes it, and the symbolic data has a characteristic that the original data is significantly changed even when the original data is slightly changed, so that integrity can be maintained.

Thereafter, a message authentication code (MAC) is generated by encrypting the hash value with the private key of the sender. A receiver hashes the received message to generate a hash value. The receiver (receiver) decrypts the received MAC (message authentication code) value with the public key of the sender, and generates a decrypted MAC value. Finally, the hash value and the decrypted MAC value are compared, and if the values are the same, the integrity of the message and non-repudiation of the sender are guaranteed.

In the above configuration, the procedure performed by the sender is referred to as a sign message, and the procedure performed by the receiver is referred to as a verify message, according to an embodiment of the present invention. In the e-commerce payment method using the block chain, the authentication method as described above is used.

2 is a diagram showing an e-commerce payment method according to an embodiment of the present invention, and FIG. 3 is a diagram showing an electronic commerce payment method according to an embodiment of the present invention. Hereinafter, an e-commerce payment method using a block chain according to an embodiment of the present invention will be described in more detail with reference to FIGS. 2 to 3 .

First, in order to proceed with the payment in the e-commerce transaction using the block chain, the first step of executing the app 100 in the purchaser terminal to generate a purchase QR code for the sale or service product in the app 100; When the purchaser proceeds to purchase using the purchase QR code, the block chain system 200 works with the app 100 to create and manage an order book with a valid signature through the second step and the purchase completed order book, The third step is to transmit the payment result to the seller and the buyer.

E-commerce consists of merchants, consumers, banks (or card companies), and payment settlement operators. In order to solve the problem of payment fees caused by transaction intermediaries, banks (or card companies) should replace the role of payment settlement operators. In the e-commerce model of the block chain cryptocurrency, the role of the bank (or card company) is performed by the block chain system 200 . Since the blockchain system 200 basically has a public key and a private key, it can replace the role of a bank (or card company). That is, the e-commerce payment method using a block chain according to an embodiment of the present invention uses a digital signature in a payment transaction to directly pay between the consumer's app 100 and the merchant (Internet shopping mall, etc.) without a payment service provider. It is about the blockchain technology and authentication method that is processed.

The e-commerce payment of the block chain consists of a smartphone app 100 and a block chain system 200 of merchants and consumers.

First, the merchant sells goods or services in the shopping mall 300 and requests the consumer to pay for the blockchain cryptocurrency. At this time, when the merchant makes a payment request, it is not an online payment request, but a QR code (QR code) displayed on the consumer's web screen.

At this time, according to an embodiment of the present invention, the payment was made by requesting a QR code (QR code), but according to another embodiment, in addition to the QR code (QR code), NFC, Wifi, light (LED or backlight, etc.), IrDA It is also possible to proceed with cloud image recognition app services that can recognize images such as , beacons, and computer vision.

In order to know whether the consumer has paid, the merchant requests the blockchain system 200 to confirm whether the consumer has paid. After that, the consumer purchases a product or service from the merchant, scans a QR code, and pays the merchant the amount. At this time, instead of paying directly to the merchant, a payment request is made to the blockchain system 200 with the transaction ledger (order book).

The blockchain system 200 deducts the payment amount from the consumer's account and increases the payment amount in the merchant's account. That is, the block chain system 200 transmits the payment result to the merchant after performing the account transfer. If the payment result is normal, the merchant delivers the goods or provides a service to the consumer. In addition, at this time, the block chain system 200 transmits the payment result to the consumer's app 100 .

Through the payment procedure as described above, payment authentication is performed in three components of the merchant, the consumer's app 100 , and the block chain system 200 . That is, a digital signature is generated as a sign message (Sign Message) by the merchant, and then a digital signature called a sign message (Sign Message) is generated in the consumer's app 100 . The digital signature of the merchant and the digital signature of the consumer are verified in the blockchain system 200 by a function called a verify message.

That is, the digital signature and verification performed in the payment process are as shown in FIG. 3 . The parameters transmitted between the merchant, the consumer app 100 , 100 and the blockchain system 200 are the merchant's address, quantity, processing time, processing ID, merchant's digital signature, and consumer's digital signature. Merchants and consumers each have their own public and private keys.

4 is a block diagram of a merchant, consumer, and block chain subsystem according to an embodiment of the present invention. It is a block diagram of a merchant, consumer, and block chain subsystem that is a block chain authentication subject, performed in each subsystem. It is a diagram showing the authentication processing method and procedure. As shown in Fig. 4, the merchant configures the merchant's address, quantity, processing time, and processing ID as a message, signs with the merchant's private key to generate the merchant's digital signature, and then displays 5 parameters on the merchant's shopping mall screen. Displays the QR code (QR code) that contains the variable. The consumer gets the message and the merchant's digital signature (hereinafter, the first digital signature) through the QR code. The first digital signature thus obtained is signed with the consumer's private key, and the consumer's digital signature (hereinafter referred to as the second digital signature) is generated.

After that, the consumer transmits the message received from the merchant, the first digital signature, and the second digital signature created by the consumer to the blockchain system 200 . The blockchain system 200 receives a message (merchant's address, quantity, processing time, processing ID), a first digital signature, and a second digital signature from the consumer. After that, the first digital signature and the second digital signature are verified with the public key of the consumer. If the results match, it is verified that the message of the first digital signature has integrity, and that only the consumer sent the message of the first digital signature. After that, the first digital signature and message (merchant's address, quantity, processing time, processing ID) are verified with the merchant's public key. If the results match, it is verified that the message (merchant's address, quantity, processing time, processing ID) has integrity and that only the merchant sent the message. Through the verification procedure as described above, the integrity and non-repudiation of payment transactions are guaranteed.

That is, the order book (transaction ledger) is digitally signed as a sign message when the order book (transaction ledger) is created, and the digital signatures of the buyer and seller are collated, verified by blockchain, and the signature In the message (Sign Message), the buyer converts the message into a hash value, encrypts the hash value with the buyer's private key, and generates a MAC (Message Authentication Code).

In other words, the blockchain technology to which the present invention is applied is not only financial business such as money, payment and remittance, but also real estate, distribution, identity management, media, authentication/permission/guarantee, IoT, voting, etc. value exchange and proof, It is used in many fields where innovation can occur, such as tracking over time, and in the e-commerce payment method according to an embodiment of the present invention, a purchase for goods or services is executed using a QR code from a buyer app, and a block chain The system includes the process of creating an order book (transaction ledger) with a valid signature, managing it with the block chain, and transmitting the payment result to the seller and buyer through the order book that has been purchased in the block chain system.

The functions of individual or selectively combined components (user terminals, nodes, servers, etc.) constituting the e-commerce payment method using the block chain according to an embodiment of the present invention are stored in a storage medium for execution through combination with a computer. It may be implemented as a stored computer program.

In addition, the individual or selectively combined components constituting the e-commerce payment method using the block chain according to an embodiment of the present invention may be implemented in the form of program instructions that can be executed through various computer means and recorded on a computer medium. have. The computer medium may include program instructions, data files, data structures, etc. alone or in combination. In addition, the program instructions recorded on the medium may be specially designed and configured for the present invention, or may be known and available to those skilled in the art of computer software.

Examples of the computer-readable recording medium include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic such as floppy disks. - includes magneto-optical media, and hardware devices specially configured to store and execute program instructions, such as ROM, RAM, flash memory, solid state drive (SSD), and the like. Examples of program instructions include not only machine language codes such as those generated by a compiler, but also high-level language codes that can be executed by a computer using an interpreter or the like.

In addition, the configuration such as a computer or computer program used in the present invention is transformed into a shape of a mobile communication terminal like a smartphone, and as computing power increases dramatically, it is also used in the same meaning as a smartphone or an application executed on a smartphone. can be used

In the above description, various embodiments of the present invention have been presented and described, but the present invention is not necessarily limited thereto. It will be readily appreciated that branch substitutions, transformations and alterations are possible.

100 : app
200: Blockchain system
300: shopping mall

Claims (4)

In an e-commerce payment method using a block chain system for performing payment and payment authentication,
In order to be able to purchase items sold or serviced on the shopping mall screen in the app through the app in the buyer's terminal, a message including the address, quantity, processing time, and processing ID of the merchant (seller) is constructed, and the merchant's private key A first step of generating and displaying a purchase QR code including the merchant's address, quantity, processing time, and processing ID on a shopping mall screen after signing and generating a digital signature of the merchant;
When the purchase proceeds using the purchase QR code by running the app in the purchaser terminal, the message and the merchant's digital signature (hereinafter referred to as the first digital signature) are obtained through the purchase QR code, and the obtained first digital signature is a second step of generating a digital signature (hereinafter, referred to as a second digital signature) of the consumer by signing with the consumer's private key;
a third step of transmitting, by the app in the purchaser terminal, an order including the message, the first digital signature, and the second digital signature generated by the purchaser terminal to the block chain system;
The block chain system receives the message, the first digital signature, and the second digital signature including the order form from the purchaser terminal, distributes and stores it, and then collates the first digital signature and the second digital signature with the public keys of the purchaser and the seller. a fourth step of verifying with a block chain;
a fifth step of the block chain system performing payment through the purchase order book after the verification, and transmitting the payment result to the seller terminal and the buyer terminal;
The fifth step is
When the seller terminal requests the block chain system to confirm whether the buyer has paid, and requests payment to the block chain system by photographing the purchase QR code from the buyer terminal, the block chain system is verified through a verification procedure If it is, it includes performing payment by transferring from the previously registered buyer's account to the seller's account,
The order is
When created, a digital signature is generated as a sign message, and the digital signatures of the buyer and seller are collated and verified with a blockchain.
Verification with the above blockchain,
After the buyer transmits the digital signatures of the buyer and the seller to the blockchain system, the digital signatures of the buyer and the seller are compared with the public key of the buyer, and then the digital signatures of the seller are compared with the public key of the seller. Verification is done
The sign message is
An e-commerce payment method using a block chain, characterized in that a buyer converts a message into a hash value, encrypts the hash value with the buyer's private key, and generates a MAC (Message Authentication Code).
delete delete A computer program that is paid using the electronic commerce payment method of claim 1 and stored in a recording medium.

Images