KR102272922B1 - Method, computer program and apparatus for classifiying and processing quick response codes - Google Patents

Abstract

A method, computer program and apparatus for classifying and processing QR codes are provided. The method for classifying and processing the QR code is a method performed by a computer, comprising the steps of: scanning the QR code to obtain a data bit string; parsing the data bit string based on a pre-stored syntax database; Determining a service type corresponding to the QR code from among a plurality of service types according to a result of parsing analysis, and processing the QR code and a job corresponding to the service type.

Description

Methods of classifying and processing QR codes, computer programs and devices {METHOD, COMPUTER PROGRAM AND APPARATUS FOR CLASSIFIYING AND PROCESSING QUICK RESPONSE CODES}

The present invention relates to a method, computer program and apparatus for classifying and processing QR codes, and more particularly, to a method, computer program and apparatus capable of scanning and classifying various types of QR codes and performing corresponding processing .

A QR code (Quick Response Code) is a code system that can record information using an irregular black and white grid pattern. Unlike the one-dimensional barcode, the QR code is a two-dimensional matrix type using horizontal and vertical elements. Due to this, the QR code can store more numbers and characters, and has the advantage of being able to read the recorded data through scanning using the camera provided in the mobile device without a special reader device. Accordingly, QR codes are widely used both offline and online as a means of advertising and information provision in various fields.

In general, a QR code consists of cells forming a black-and-white grid pattern, a position detection pattern, a timing pattern, format information, version information, alignment pattern, blank space, and the like. It is possible to generate QR codes of various designs including basic components like this one. On the other hand, QR codes are standardized according to national or international standards, and anyone can use the specifications with confidence.

The way QR codes store data is the same as barcodes. Depending on whether the 'checkerboard' of the data area is black or white, it is divided into '0' and '1' expressed in computer binary numbers and stored in the form of a bit string.

Recently, many companies are applying QR codes as part of a simple payment system. Payment systems using QR codes are as follows. A user inputs and stores payment information in advance through an application or the like in the user terminal. The user displays the QR code on the user terminal through the application or the like in a situation where payment is required. The scanner provided at the affiliate store scans the corresponding QR code to obtain the recorded payment information and proceeds with the payment.

Currently, financial companies and card companies that provide QR codes as payment methods are very diverse, and each company's QR code can be scanned only through a corresponding QR code scanner. That is, when a random QR code is scanned with an arbitrary QR code scanner, even if formal image capturing is performed, the syntax recorded in the corresponding QR code cannot be analyzed.

On the other hand, as QR codes are used in various fields, there are frequent cases of victims of illegal acts using QR codes. For example, a phishing scam that disguises a QR code as being sent from a financial institution, a pharming scam that steals personal information by mistaking it to a real site, and a memory hacking QR code is also used

Registered Patent Publication No. 10-1450013, 2014.10.06

The problem to be solved by the present invention is a method that can scan and classify any QR code without distinguishing it according to the generation source of the QR code for QR codes provided by various service providers and process corresponding tasks, a computer It is to provide programs and general purpose devices.

In addition, the problem to be solved by the present invention is to provide a method, computer program and apparatus that can be protected from malicious attacks such as malicious QR codes and forged QR codes that may occur when using QR codes.

The problems to be solved by the present invention are not limited to the problems mentioned above, and other problems not mentioned will be clearly understood by those skilled in the art from the following description.

A method for classifying and processing a QR code according to an aspect of the present invention for solving the above-mentioned problems is a method performed by a computer, comprising the steps of scanning a QR code to obtain a data bit string, and in a pre-stored phrase database Parsing the data bit string based on the syntax, determining the service type corresponding to the QR code from among a plurality of service types according to the syntax analysis result, and processing the QR code and the job corresponding to the service type includes steps.

A computer program for classifying and processing a QR code according to another aspect of the present invention for solving the above-described problem is combined with a computer that is hardware to execute the method for classifying and processing the above-mentioned QR code, and a computer readable record stored on the medium.

A device for classifying and processing a QR code according to another aspect of the present invention for solving the above-described problems is a data management unit for storing and managing a syntax database, a scanning unit for scanning the QR code, and a communication unit for transmitting and receiving data bit strings , a syntax analysis unit for analyzing the syntax of the data bit string based on the syntax database, a service classification unit for determining a service type corresponding to the QR code from among a plurality of service types according to the syntax analysis result, and the QR code and and a processing unit for processing a job corresponding to the service type.

Other specific details of the invention are included in the detailed description and drawings.

According to the present invention, even a QR code from a different generation source can be scanned through one device and a job corresponding to the information recorded in the QR code can be processed. That is, there is no need to provide a corresponding QR code scanner according to the QR code generating entity. Therefore, the service user using the QR code can use the service using the QR code not only at the designated affiliated store, but also at any place equipped with only equipment that can scan the QR code.

In addition, according to the present invention, it is possible to be protected from malicious attacks such as forged QR code and phishing, pharming, memory hacking, etc. because the scanned QR code is filtered. Accordingly, services such as a payment system using a QR code can be used more safely.

Effects of the present invention are not limited to the effects mentioned above, and other effects not mentioned will be clearly understood by those skilled in the art from the following description.

1 is a block diagram schematically showing the configuration of a system for classifying and analyzing a QR code according to an embodiment of the present invention.
2 is a block diagram of a processor terminal according to an embodiment of the present invention.
3 is a flowchart schematically illustrating a process of a method for classifying and analyzing a QR code according to an embodiment of the present invention.
4 is a flowchart illustrating in detail a step of analyzing a syntax of a data bit string according to another embodiment of the present invention.
5 is a flowchart illustrating in detail a step of filtering a data bit stream according to another embodiment of the present invention.
6 is a conceptual diagram schematically illustrating a process in which a processor terminal classifies and processes a QR code according to an embodiment of the present invention.
7 is an exemplary diagram illustrating a syntax information table for a service identifier stored in a syntax database according to an embodiment of the present invention.
8 is a flowchart schematically illustrating a method of classifying and processing a QR code using a two-way QR code according to an embodiment of the present invention.

Advantages and features of the present invention and methods of achieving them will become apparent with reference to the embodiments described below in detail in conjunction with the accompanying drawings. However, the present invention is not limited to the embodiments disclosed below, but may be implemented in various different forms, and only these embodiments allow the disclosure of the present invention to be complete, and those of ordinary skill in the art to which the present invention pertains. It is provided to fully understand the scope of the present invention to those skilled in the art, and the present invention is only defined by the scope of the claims.

The terminology used herein is for the purpose of describing the embodiments and is not intended to limit the present invention. As used herein, the singular also includes the plural unless specifically stated otherwise in the phrase. As used herein, “comprises” and/or “comprising” does not exclude the presence or addition of one or more other components in addition to the stated components. Like reference numerals refer to like elements throughout, and "and/or" includes each and every combination of one or more of the recited elements. Although "first", "second", etc. are used to describe various elements, these elements are not limited by these terms, of course. These terms are only used to distinguish one component from another. Accordingly, it goes without saying that the first component mentioned below may be the second component within the spirit of the present invention.

In this specification, "user terminal" refers to an electronic device that can display a QR code and transmit and receive information. For example, the user terminal may be a mobile device such as a smart phone, a tablet, or a personal digital assistant (PDA), but is not limited thereto.

In the present specification, "processor terminal" refers to an electronic device that is provided in an affiliated store so that a clerk of the affiliated store can scan a QR code to obtain information and process a corresponding task. As a specific example, there is a device such as a QR code scanner, but is not limited thereto, and includes a smart phone, a tablet, etc. like a user terminal. That is, it includes any electronic device capable of scanning a QR code through image capturing.

As used herein, "merchant" refers to a store or store affiliated with a company that provides a service associated with a specific QR code, or an unmanned device.

In this specification, "service server" refers to a server operated and managed by a company that provides a service related to a QR code.

As used herein, the term “data bit string” refers to a shape in which bits representing data as 0 or 1 are connected to indicate special information.

In this specification, "syntax" means the structure of the data bit string and rules governing the structure.

As used herein, "syntax database" means a set of data for the above syntax. In an embodiment, the syntax database is pre-stored in the processor terminal 20 , and the processor terminal 20 communicates with the service server 30 to periodically or real-time update the syntax database to maintain the latest information.

In this specification, "abnormal QR code" means a QR code other than a normal QR code. For example, there are forged QR codes and malicious QR codes for the purpose of phishing, pharming, and memory hacking. However, the present invention is not limited thereto, and all QR codes in which information that can cause damage to users or processors are recorded are included in the category of abnormal QR codes.

Unless otherwise defined, all terms (including technical and scientific terms) used herein will have the meaning commonly understood by those of ordinary skill in the art to which this invention belongs. In addition, terms defined in a commonly used dictionary are not to be interpreted ideally or excessively unless specifically defined explicitly.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 is a block diagram schematically showing the configuration of a system for classifying and analyzing a QR code according to an embodiment of the present invention.

Referring to FIG. 1 , the system for classifying and analyzing QR codes of the present invention includes a user terminal 10 , a processor terminal 20 and a service server 30 .

The user terminal 10 is an electronic device provided by a user requesting a service. The user terminal 10 is equipped with a display capable of displaying a QR code, and serves to display the generated QR code on the display so that the processor terminal 20 can scan the QR code.

The user terminal 10 generates and displays a QR code through software such as a built-in or installed application (Application). The QR code generated by the user terminal 10 records user information and service information requested by the user, but is not limited thereto, and may include one or more arbitrary information necessary for service provision.

For example, when a user uses a payment service using a QR code, an application of a company providing a corresponding payment system is built-in or installed in the user terminal 10 . A user may execute the application in the user terminal 10 to access a screen for payment to generate and display a QR code. The generated QR code may include information about user information, card number, bank information of the linked account, account number of the linked account, balance of the linked account, and the like.

The processor terminal 20 is a device capable of acquiring recorded information by scanning a QR code provided in an affiliated store.

The processor terminal 20 serves to scan the QR code, obtain and analyze the recorded data bit string, determine the service type and service identifier, and process the corresponding operation. A detailed description will be given later with reference to FIG. 2 .

The service server 30 is a server operated and managed by a company providing a service. The service server 30 receives service request information from the processor terminal 20 to provide a corresponding service or process a job.

In an embodiment of the present invention, the service server 30 may process a task corresponding to the service to provide a corresponding service to the user and transmit only the processing information to the processor terminal 20 . Alternatively, the service server 30 may determine whether to provide the requested service and transmit it to the processor terminal 20 , and the processor terminal 20 may directly provide a corresponding service to the user.

Meanwhile, unlike shown in FIG. 1 , the service server 30 may be individually built for each service providing company and connected to the processor terminal 20 . That is, although only one service server 30 is connected to the processor terminal 20 in FIG. 1 for convenience, a plurality of service servers 30 may be connected to the processor terminal 20 . Also, in some embodiments, in relation to two or more services, one service server 30 instead of the plurality of service servers 30 may be integrated and connected to the processor terminal 20 .

The management subject of the service server 30 is each service provider. However, the present invention is not limited thereto, and it is also possible that the operator providing the processor terminal and the system is the management subject of the service server 30 . That is, the management subject of the service server 30 may also manage the processor terminal and the system.

2 is a block diagram of a processor terminal 20 according to an embodiment of the present invention.

Referring to FIG. 2 , the processor terminal 20 includes a data management unit 21 , a scan unit 22 , a communication unit 23 , a parsing unit 24 , a filter unit 25 , a service classification unit 26 , and a processing unit. (27).

The data management unit 21 serves to store and manage the syntax database. The syntax database is a set of information about a structure of a data bit string and a syntax that is a rule governing the structure. The syntax database may store syntax information by matching the service type and service identifier.

Meanwhile, the syntax database may be updated periodically or in real time when the processor terminal 20 communicates with the service server 30 .

As an embodiment of the present invention, the service type includes, but is not limited to, a payment system using a QR code, a cryptocurrency-related service, and the like, and includes all services that can be provided using a QR code. The syntax database can be managed by grouping syntax information according to the service type. That is, it can be managed as a syntax information group for a payment system, a syntax information group for a cryptocurrency-related service, and a syntax information group for other self-identification services.

Accordingly, the processor terminal 20 analyzes the syntax included in the data bit string obtained by scanning the QR code, and matches the service type matching the specific syntax information to identify and classify the type of service provided through the QR code can do.

In one embodiment of the present invention, the specific syntax information includes an identification code. A data bit string is a concatenation and arrangement of bits representing data as 1 or 0. That is, 1 and 0 are connected according to a specific rule. In this case, a code value located at a specific digit always included in a specific service type may be used as the identification code.

That is, specific syntax information capable of distinguishing a service type and a service identifier includes not only a code value consisting of an array of 1's or 0's, but also information on the number of digits in which the corresponding code is located in the entire data bit string.

As a specific example, it may be characterized in that the identification code for the payment service using the QR code is '1011' and is located in the 5th to 8th positions in the data bit string. In this case, not only '1011' is included in the data bit string, but also the location must exactly match to be recognized as a corresponding service type or service identifier.

Accordingly, although a data bit string such as '10110010101011' includes '1011', it is located in the 1st to 4th digit and the positions do not match, so it will be determined that it does not correspond to the matching service type or service identifier. On the other hand, since a data bit string such as '101010110101011' includes '1011' and matches the location, it can be analyzed that it corresponds to the matching service type or service identifier.

The identification code may be stored and managed by the data management unit 21 of the processor terminal 20 received from the service server 30 .

The scanning unit 22 is provided with a means for image capturing (Image Capturing) for scanning the QR code, and serves to scan the QR code displayed on the user terminal 10 to obtain the recorded information. The scanning unit 22 scans the QR code to obtain a data bit string.

The communication unit 23 serves to transmit and receive information to and from the user terminal 10 and the service server 30 .

The communication unit 23 includes a short-range communication device such as Bluetooth, Wi-Fi, NFC, and the like, and a broadband communication device such as 3G, LTE, which can communicate with the user terminal 10 and the service server 30 .

The communication unit 23 receives syntax information about the service type and service identifier from the service server 30 .

The communication unit 23 transmits/receives service request information, service provision information, and approval information to and from the user terminal 10 and the service server 30 .

"Service request information" is information about a user requesting a specific service through the user terminal 10 .

"Service provision information" is information about the service server 30 confirms the service requested by the user and provides a corresponding service.

"Approval information" is information about approval of processing a task corresponding to the service requested by the user terminal 20 when the interactive QR code method is used. A detailed description of the two-way QR code method will be described later.

The syntax analysis unit 24 analyzes the syntax of the acquired data bit string, and analyzes whether it matches the syntax information stored in advance based on the syntax database.

As described above, the data bit string is an arrangement of 1 or 0 of information to be transmitted in a specific order.

According to an embodiment of the present invention, the data bit string may include a specific code value for identifying the format of the data bit string, a service type, a service identifier, and the like according to a specific rule. That is, the data bit string may include a specific bit string or pattern that can be used for parsing the corresponding data bit string. Meanwhile, the data bit string may further include information necessary for service provision.

As a specific example, the format of the data bit string includes a URL format, a standardized data standard, other data standards, and a cipher text format. The processor terminal 20 may process a job corresponding to the format analyzed by the syntax analysis unit 24 . For example, in the case of a URL format including "http://" , the same code value (identification value of the address format, etc.) is included in the same number of digits of the data bit string as information that can be identified. Accordingly, it can be understood that the format of the data bit string obtained based on this corresponds to the URL format.

The parsing unit 24 analyzes the syntax of the data bit string to determine the format, service type, and service identifier from the data bit string based on the pre-stored syntax database. The service classification unit 26 searches for a service type and a service identifier based on the syntax information analyzed by the syntax analysis unit 24 . A detailed description of the search process will be described in the section describing the service classification unit 26 .

The order of parsing the syntax proceeds in the order of analyzing the format of the data bit string, analyzing the service type, and analyzing the service identifier. However, the present invention is not limited thereto, and it is possible to proceed simultaneously or in a different order.

In an embodiment of the present invention, an RSA encryption system may be used. That is, the present invention can also be applied to a QR code in which a data bit string of a cipher text format is recorded in order to strengthen the security of the QR code.

The RSA encryption system is one of public key encryption systems that encrypts and decrypts a public key and a private key as a set. When a cipher text encrypted with specific information is generated and transmitted through specific encryption information, only when there is specific decryption information corresponding to the generated cipher text, the information can be obtained by decrypting the encrypted information to generate a plain text. That is, it can be seen that the encryption information and the decryption information are composed of a set.

As a specific example, the data management unit 21 of the processor terminal 20 may receive the private key corresponding to each service identifier from the service server 30 and store and manage the private key database. In addition, the private key database may be updated periodically or in real time.

When the processor terminal 20 scans the QR code in which the encrypted data bit string is recorded using the public key of the service identifier, the data bit string in the form of a cipher text obtained using the private key of the pre-stored service identifier is converted into plaintext. It is possible to decrypt the form. Through this, damage caused by abnormal QR codes such as forged or forged QR codes can be prevented, and information leakage that may occur in the process of using services using QR codes can be prevented.

The filter unit 25 serves to filter the acquired data bit stream from an abnormal QR code, such as a malicious QR code or a forged QR code.

With the spread of QR codes, illegal activities such as fraud using QR codes are emerging as an important issue. Compared to barcodes, QR codes have a larger amount of information that can be recorded and are easier to distribute with malicious codes or harmful website addresses. Therefore, it is very important to have a device to prevent such damage in advance.

In this specification, a malicious QR code means a QR code produced for the purpose of phishing, pharming, memory hacking, etc. It means the generated QR code. On the other hand, abnormal QR code is a term that includes malicious QR code and forged QR code. However, this includes, but is not limited to, any type of illegal QR code that can harm users and processors for illegal purposes.

In an embodiment of the present invention, the filter unit 25 uses a method similar to packet filtering as a method of filtering a malicious QR code.

Packet filtering is a filtering technique that restricts the passage of packets having a specific address. Packet filtering is performed based on the sender's IP address, Transmission Control Protocol (TCP), and User Datagram Protocol (UDP) port numbers.

As a specific example, the data management unit 21 of the processor terminal 20 stores and manages the abnormal QR code database. The abnormal QR code database is a set of information about a specific bit string or pattern recorded in various types of malicious QR codes. The abnormal QR code database may be updated periodically or in real time. In addition, it is possible to additionally store and manage information (a specific bit string or pattern) about the filtered abnormal QR code classified as an abnormal QR code in the filtering process. Through this, when an abnormal QR code with a filtered history is scanned again, it is possible to effectively filter and respond.

The filter unit 25 receives the acquired data bit string from the parsing unit 24 . The filter unit 25 identifies whether the received data bit string corresponds to an abnormal QR code based on the abnormal QR code database. As a result of identification, if the obtained data bit string corresponds to an abnormal QR code, the filter unit 25 blocks and filters the data bit string without transmitting the data bit string to the QR code processing unit 27. The service classification unit 26 It plays a role in determining the type of service and the service identifier.

The service classification unit 26 determines the service type and service identifier of the data bit string obtained based on the result of the analysis of the data bit string by the syntax analysis unit 24 and the syntax database pre-stored in the data management unit 21 .

The type of service includes, but is not limited to, a payment system using a QR code, a cryptocurrency-related service using a QR code, and a login system using a QR code as a self-identification service, a payment system, an ATM service, etc. Includes any service for which code is available.

The identifier of the service includes the operator providing the corresponding service according to each service type. For example, in a payment system using a QR code, there may be identifiers such as A-Pay, B-Payment, C-Card, D-remittance, etc., and as a service provider providing cryptocurrency related services, identifiers such as A-Coin, B-Money, C-Market there may be

7 is an exemplary diagram illustrating a syntax information table for a service identifier stored in a syntax database according to an embodiment of the present invention.

Referring to FIG. 7 , syntax information matching each service identifier is stored in a syntax database. Accordingly, when the syntax analysis unit 24 analyzes the syntax information for determining the service identifier, the service classification unit 26 searches for and matches the service identifier corresponding to the syntax information.

For example, when the type of service is a payment system using a QR code, the service classification unit 26 may additionally determine an identifier of the service. Referring to FIG. 7 , as a service provider that provides a payment system using a QR code, A-Pay, B-Pay, C-Pay, and the like are included in the syntax database. The service providers are matched with service identifiers 1, 2, 3, and the like, respectively. In addition, each service identifier is matched with specific syntax information through a syntax information table. The specific syntax information includes information about a specific code value and the number of digits in which the code value is located.

Referring to the example shown in FIG. 7 , when the QR code displayed on the user terminal 10 is the payment QR code of the Pay A operator, the matching service identifier is '1'. In addition, in the data bit string recorded in the QR code, a code value of '1000' as unique syntax information may be included in the 5th to 8th digits. Therefore, the parsing unit 24 analyzes it and based on the database pre-stored in the data management unit 21, the data bit string recorded in the QR code scanned by the scanning unit 22 corresponds to the QR payment service, and the service The operator can understand that it is Pay A.

The processing unit 27 serves to process a job corresponding to the QR code and the service type.

In an embodiment of the present invention, the processing unit 27 transmits the data bit string recorded in the QR code to the service server 30 . The service server 30 processes a job for the service requested by the user based on the received data bit string. For example, in the case of a payment system using a QR code, information necessary for payment is included in the data bit string, so the service server 30 may approve the payment based on the data bit string and transmit the payment information to the payment server. .

In another embodiment of the present invention, the processing unit 27 may directly process the service requested by the user. That is, based on the analyzed service type and service identifier, a job corresponding to the data bit string recorded in the QR code is processed. In the case of a payment system using a QR code, the processing unit 27 of the processor terminal 20 may directly check payment information and proceed with payment.

3 is a flowchart schematically illustrating a process of a method for classifying and analyzing a QR code according to an embodiment of the present invention.

Referring to FIG. 3 , the method of classifying and processing a QR code includes the steps of obtaining a data bit string ( S110 ), analyzing the syntax of the data bit string ( S120 ), filtering the data bit string ( S130 ), and a service Determining the type (S140) and processing the corresponding task (S150).

In the step of obtaining the data bit string (S110), the scanning unit 22 of the processor terminal 20 scans the QR code displayed on the user terminal 10 to obtain the data bit string recorded in the corresponding QR code. is a step

The step of analyzing the syntax of the data bit string (S120) is a step of analyzing the syntax of the acquired data bit string by the parsing unit 24 of the processor terminal 20. Specifically, the format of the data bit string and the service It is a step of analyzing syntax information that can identify types and service identifiers.

The syntax analysis unit 24 analyzes whether the characteristics of the syntax information included in the syntax database pre-stored in the data management unit 21 are included in the data bit string. Characteristics of the syntax information include the arrangement of a specific identification code, the number of digits located in the entire data bit string, and the like.

In an embodiment of the present invention, when the RSA encryption system is applied, the parsing unit 24 recognizes that the data bit string recorded in the QR code is in the form of a cipher text using the RSA encryption system. The parsing unit 24 decrypts the data bit string in the cipher text form based on the private key database pre-stored in the data management unit 21 to obtain the data bit string in the plain text form.

Specifically, the parsing unit 24 searches for a private key matching a public key that encrypted the cipher text in the private key database pre-stored in the data management unit 21 . If there is a matching private key, the encrypted data bit string can be decrypted using the corresponding private key.

The private key database may be updated periodically or in real time by communicating with the service server 30 .

In the step of filtering the data bit string (S130), the filter unit 25 of the processor terminal 20 receives the data bit string from the parsing unit 24 and identifies whether it corresponds to the abnormal QR code, and the abnormal QR This is the stage of filtering if applicable to the code.

In an embodiment of the present invention, the step of filtering the data bit string ( S130 ) may be performed after the step of determining the service type ( S140 ). That is, after determining the type of service and the identifier of the service, it is possible to identify and filter whether the corresponding QR code corresponds to an abnormal QR code. In this case, it is possible to store more detailed data for the abnormal QR code. For example, the frequency of occurrence of abnormal QR codes for each service type and service identifier, the type of abnormal QR code found, etc. may be additionally identified and stored. In addition, based on such additional information, it is possible to store and manage a database for an abnormal QR code that is a target of filtering for each service type and service identifier.

As described above, the abnormal QR code database is stored and managed in the data management unit 21 . The filter unit 25 analyzes whether the acquired data bit string includes a bit string or a pattern included in the abnormal QR code database, and identifies whether the obtained data bit string corresponds to the abnormal QR code.

Meanwhile, the abnormal QR code database may be updated periodically or in real time.

A detailed description of the filtering process will be described later.

The step of determining the service type ( S140 ) is a step in which the service classification unit 26 of the processor terminal 20 determines the service type and the service identifier.

The service classification unit 26 determines the service type and service identifier matching the syntax information analyzed based on the syntax information that the syntax analysis unit 24 analyzes the data bit string and the syntax database pre-stored in the data management unit 21 . do.

The step of processing the corresponding job ( S150 ) is a step in which the processing unit 27 of the processor terminal 20 processes the job corresponding to the determined service type and service identifier and the QR code.

In an embodiment of the present invention, step S150 includes transmitting the corresponding data bit string to the service server 30 of the corresponding service identifier. The transmitted data bit string contains the user's service request information, and the service server 30 can directly process the corresponding task. However, the present invention is not limited thereto, and the service server 30 may determine only whether to approve the provision of the service, transmit the approval information to the processor terminal 20 , and the processor terminal 20 may directly process the corresponding task.

4 is a flowchart illustrating in detail a step of analyzing a syntax of a data bit string according to another embodiment of the present invention.

Referring to FIG. 4 , the step of analyzing the format of the data bit string (S120) includes the step of analyzing the format of the data bit string (S121), the step of analyzing the service type (123), and the step of analyzing the service identifier (S125) includes

That is, the syntax analysis unit 24 analyzes the syntax information that can distinguish the format, service type, and service identifier of the data bit string obtained by the scan unit 22 . The order of analysis is not limited to the illustrated order, and may be performed simultaneously or in a different order. In addition, it is also possible to analyze only some of the format, service type and service identifier. As a specific example, when the syntax is standardized for each specific service type, only the format and service type may be analyzed and the service identifier may not be analyzed.

5 is a flowchart illustrating in detail a step of filtering a data bit stream according to another embodiment of the present invention.

Referring to FIG. 5 , the step of filtering the data bit string ( S130 ) includes the step of receiving the data bit string by the filter unit ( S131 ) and the step of identifying whether the data bit string corresponds to the abnormal QR code ( S133 ). In addition, if it corresponds to the abnormal QR code, it further includes a step (S135) of blocking the data bit string without transferring the data to the processing unit and a step of storing the abnormal QR code information (S137).

The step of receiving the data bit stream ( S131 ) is a step in which the filter unit 25 of the processor terminal 20 receives the data bit stream from the parsing unit 24 .

The step of identifying whether the abnormal QR code corresponds to the step (S133) is whether the data bit string received by the filter unit 25 of the processor terminal 20 corresponds to the abnormal QR code based on the pre-stored abnormal QR code database. It is a step to determine whether or not

In one embodiment of the present invention, filtering is performed using a packet filtering technique. The abnormal QR code database is a set of information on IP addresses, TCP/UDP port numbers, etc. for forged and forged QR codes and malicious QR codes. Accordingly, the filter unit 25 determines whether the received data bit string is transmitted from an IP address, TCP/UDP port number, etc. stored in the abnormal QR code database.

If it is transmitted from the IP address, TCP/UDP port number, etc. stored in the abnormal QR code database, the filter unit 25 blocks the corresponding data bit string without passing it to the service classification unit 26 or the processing unit 27 Filtering (S135). Therefore, by blocking the abnormal QR code for the purpose of a malicious attack in advance, the abnormal QR code is not processed. Due to this, it is possible to prevent damage that may occur due to malicious QR codes and forged QR codes.

The step of storing the abnormal QR code information (S137) is a step of storing information on the abnormal QR code that is identified as corresponding to the abnormal QR code and blocked in steps S133 and S135 in the data management unit 21 .

The information on the abnormal QR code includes information on the unique bit string, pattern, IP address, TCP/UDP port number, etc. of the abnormal QR code. However, the present invention is not limited thereto, and any information capable of distinguishing an abnormal QR code or a data bit string recorded in the corresponding QR code from other QR codes or other data bit strings is included.

Through step S137, even if it is re-exposed to an abnormal QR code with a filtered history in the past, it can be easily filtered, and there is an effect that the abnormal QR code database can be a richer set of data.

Meanwhile, referring to FIG. 5 , when it is identified that the data bit string received in step S133 does not correspond to the abnormal QR code, the service classification unit 26 determines the service type and service identifier in the same manner as in the general process. (S140), the processing unit 27 goes through a step (S150) of processing the corresponding job.

6 is a conceptual diagram schematically illustrating a process in which a processor terminal classifies and processes a QR code according to an embodiment of the present invention.

Referring to FIG. 6 , the process of classifying and processing the QR code goes through the scan unit 22 , the parsing unit 24 , the filter unit 25 , and the service classification unit 26 of the processor terminal 20 , and the service type And when the service identifier is confirmed, the process of processing the task corresponding to the corresponding service is sequentially performed. However, it is not limited to this order, and each process may be performed simultaneously or may be performed in a different order.

As a specific example, the service classification unit 26 may classify the service type and service identifier before the filter unit 25 , and then the filter unit 25 may filter the abnormal QR code.

8 is a flowchart schematically illustrating a method of classifying and processing a QR code using a two-way QR code according to an embodiment of the present invention.

The method of using the two-way QR code in the present invention is not to generate a QR code only in the user terminal 10 as described above, but to process a corresponding task, and also generate and display a separate QR code in the manager terminal 20 way to do it It will be described in detail with reference to FIG. 8 .

Compared to the one-way QR code method described above, the added steps will be mainly described.

Referring to Figure 8, the method of classifying and processing a QR code using a two-way QR code is compared with the one-way QR code method, before the step (S110) of obtaining a data bit string, the user terminal 10 is the first QR code The step of generating (S101), further comprising the step of transmitting the first QR code (S103), the step of processing the corresponding job (S150), the step of transmitting the service request information (S151), service providing information transmitting (S152), the processor terminal 20 generating the second QR code (S153), transmitting the second QR code (S154), the user terminal 10 to the processor terminal 20 Transmitting approval information (S155), the processor terminal 20 transmitting the approval information to the service server 30 (S156), and the service server 30 processing the service (S157).

The step of generating the first QR code by the user terminal 10 (S101) is a step in which the user terminal 10 generates and displays the first QR code for a service request.

In the step (S103) of transmitting the first QR code and the step of obtaining the data bit string (S110), the processor terminal 20 scans the first QR code to obtain the data bit string recorded in the first QR code. This is the acquisition stage.

The step of obtaining the data bit string (S110), the step of analyzing the syntax of the data bit string (S120), the step of filtering the data bit string (S130), and the step of determining the service type (S140) refer to FIG. 3 . Therefore, since it is the same as described above, the overlapping detailed description will be omitted.

The step of transmitting the service request information ( S151 ) is a step in which the processor terminal 20 transmits the service request information of the user recorded in the first QR code to the service server 30 .

The service request information is information about a user requesting a specific service through the user terminal 10 .

The step of transmitting the service provision information ( S152 ) is a step in which the service server 30 transmits service provision information corresponding to the service request information to the processor terminal 20 .

The service provision information is information about the service server 30 confirming the service requested by the user and providing a corresponding service.

In the step (S153) of the processor terminal 20 generating the second QR code, the processing unit 27 of the processor terminal 20 processes the corresponding job, and receives the service provision information received from the service server 30 It is a step of generating a second QR code by recording it and displaying it so that the user can check it.

In an embodiment of the present invention, information about a service provided is recorded in the second QR code. For example, when the provided service is QR Pay (a payment system using a QR code), information such as user information, payment amount, payment merchant, connection account or card may be included.

Transmitting the second QR code (S154), the user terminal 10 scans the second QR code displayed on the processor terminal 20, obtaining the service provision information recorded in the second QR code to be.

The user terminal 10 transmits the approval information to the processor terminal 20 (S155) and the processor terminal 20 transmits the approval information to the service server 30 (S156), the user's approval information is transmitted from the user terminal 10 to the service server 30 through the processor terminal 20 .

The approval information is information about approval of processing a task corresponding to the service requested by the user terminal 20 when the two-way QR code method is used.

The user may determine whether to maintain and proceed the service request based on the service provision information obtained in step S154. That is, the information on the service to be finally provided is checked and approved. The corresponding service can be normally processed only when the user's approval information is transmitted to the processor terminal 20 or the service server 30 .

As another embodiment of the present invention, although only the service server 30 processes the service in the drawing, it is also possible that the subject processing the service is the processor terminal 20 .

The step of processing the service by the service server 30 ( S157 ) is a step of processing a corresponding job according to the determined service contents. As described above, it is also possible for the processor terminal 20 to process.

On the other hand, in one embodiment of the present invention, in order to solve a security problem that may occur in the process of transmitting and receiving information using a QR code, the user terminal 10 and the processor terminal 20 do not directly transmit and receive information, but rather a gateway in the middle. Information can be sent and received through the server. That is, a method in which all information is transmitted to the user terminal 10 or the processor terminal 20 via the server is possible.

In addition to this method, the case of applying the RSA encryption system is as follows.

The processor terminal 20 scans the first QR code displayed on the screen of the user terminal 10, and the identification information of the user terminal 10 recorded in the first QR code from the user terminal 10 based on the scan result and a data bit string.

The processor terminal 20 transmits the received identification information of the user terminal 10 to the gateway server.

Based on the identification information of the user terminal 10 received from the processor terminal 20, the gateway server determines whether software such as the application built-in and installed in the user terminal 10 or the user terminal 10 corresponds to the support target. Identifies whether

As a result of identification, it is possible to proceed to the next step only if it corresponds to the target of support. Therefore, through this process, there is an effect that can primarily block illegal acts of randomly generating or changing QR codes for the purpose of hacking and information leakage.

The gateway server transmits a result of identifying whether the user terminal 10 is a support target to the processor terminal 20 . If it corresponds to the support target, the processor terminal 20 proceeds the above-described processes S110, S120, S130, S140 and S150 based on the received data bit string to classify and process the QR code.

In addition, as in FIG. 8, a method including steps S151 to S157 by applying a bidirectional QR method is also possible.

The steps of a method or algorithm described in relation to an embodiment of the present invention may be implemented directly in hardware, as a software module executed by hardware, or by a combination thereof. A software module may contain random access memory (RAM), read only memory (ROM), erasable programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), flash memory, hard disk, removable disk, CD-ROM, or It may reside in any type of computer-readable recording medium well known in the art to which the present invention pertains.

As mentioned above, although embodiments of the present invention have been described with reference to the accompanying drawings, those skilled in the art to which the present invention pertains can realize that the present invention can be embodied in other specific forms without changing its technical spirit or essential features. you will be able to understand Therefore, it should be understood that the embodiments described above are illustrative in all respects and not restrictive.

10: user terminal
20: handler terminal
30: service server

Claims (10)

A method performed by a computer comprising:
obtaining a data bit string by scanning the QR code;
parsing the syntax of the data bit string based on a pre-stored syntax database;
determining a service type corresponding to the QR code from among a plurality of service types according to the parsing result;
processing the job corresponding to the QR code and the service type; and
Comprising the step of determining a service identifier corresponding to the QR code among the determined service types according to the parsing result,
The steps to determine the service type are:
Analyze the service type with the identification code and digits of the syntax information obtained by analyzing the syntax of the data bit string,
Determining the service identifier comprises:
Determine the service provider that provides the service according to the service type through the determined service identifier;
The step of processing the job corresponding to the QR code and the service type,
transmitting the service request information recorded in the QR code;
transmitting service provision information corresponding to service request information;
generating a service QR code by recording the received service provision information;
Sending service provision information recorded in the service QR code by scanning the service QR code;
Including processing the service by sending authorization information for the requested service;
How to classify and process QR codes. delete According to claim 1,
The pre-stored syntax database,
A method of classifying and processing QR codes, storing one or more service types and one or more syntax information corresponding to the service types. According to claim 1,
When the QR code corresponds to an abnormal QR code, further comprising the step of filtering by blocking the data bit string without passing the data bit string to the QR code processing unit that processes the job corresponding to the QR code and the service type, QR code How to classify and process them. 5. The method of claim 4,
The filtering step is
identifying whether the QR code corresponds to the abnormal QR code based on the abnormal QR code database in which the abnormal QR code including the malicious QR code or forged QR code is pre-stored; and
As a result of the identification, when the QR code corresponds to the abnormal QR code, the method of classifying and processing a QR code, comprising the step of filtering by blocking without transmitting the data bit string to the QR code processing unit. 6. The method of claim 5,
The method of classifying and processing a QR code, further comprising the step of storing information about the abnormal QR code. According to claim 1,
The steps of processing the above work are:
A method of classifying and processing a QR code, comprising the step of delivering at least a portion of the data bit stream to a service server corresponding to the service type. delete A computer program, which is stored in a computer-readable recording medium in combination with a computer as hardware, to execute the method of any one of claims 1 and 3 to 7. a data management unit for storing and managing the syntax database;
a scanning unit to scan a QR code to obtain a data bit string recorded in the QR code;
a syntax analysis unit that analyzes the syntax of the data bit string based on the syntax database;
a service classification unit for determining a service type corresponding to the QR code from among a plurality of service types according to the parsing result; and
A processing unit for processing a job corresponding to the QR code and the service type,
service classification department,
Determining a service identifier corresponding to the QR code among the determined service types according to the result of parsing analysis by the parsing unit,
Analyze the service type with the identification code and digits of the syntax information obtained by analyzing the syntax of the data bit string,
Determine the service provider that provides the service according to the service type through the determined service identifier;
processing unit,
Send the service request information recorded in the QR code to the service server,
Receive service provision information corresponding to service request information from the service server,
Record the received service provision information to generate a service QR code,
By scanning the service QR code of the user terminal, the service provision information recorded in the service QR code is transmitted to the user terminal,
Receiving approval information for the requested service from the user terminal, and transmitting the approval information to the service server,
A device for classifying and processing QR codes.

Images