KR102403759B1 - System for providing electronic payment by authenticating patient and using card information, method thereof and non-transitory computer readable medium having computer program recorded thereon - Google Patents

Abstract

The present invention discloses an electronic payment system using patient authentication and card information, a method thereof, and a nonvolatile recording medium in which a computer program is recorded. That is, according to the present invention, when automatic payment registration is requested from the terminal after self-authentication and card information authentication for automatic payment through a medical institution, the affiliated store terminal corresponding to the medical institution receives the card information by interworking with the payment server. After checking the validity of the card, the transaction management server and authentication server in the payment server separate and encrypt the corresponding card information and store it. By performing the payment function with the card company server, it is possible to prevent leakage of customer information, improve user convenience through simple payment, and prevent data inconsistency between additional tasks required for data mining processing and data processing tasks at each stage. have.

Description

Electronic payment system using patient authentication and card information, the method and a nonvolatile recording medium in which a computer program is recorded thereon}

The present invention relates to an electronic payment system using patient authentication and card information, a method thereof, and a non-volatile recording medium on which a computer program is recorded. In particular, for automatic payment through a medical institution, after identity authentication and card information authentication, automatic payment from a terminal When payment registration is requested, the merchant terminal corresponding to a medical institution checks the validity of the card information by interworking with the payment server, and then separates and encrypts the card information from the transaction management server and authentication server in the payment server. Electronic payment system, method and computer program using patient authentication and card information that stores and performs a payment function with a card company server with actual card information by checking the separately stored card information in the payment server when automatic payment is requested from the merchant terminal It relates to a recorded non-volatile recording medium.

In payment made regularly/irregularly in e-commerce, after receiving credit card information from the user's terminal for the first time at the merchant terminal, when the amount to be paid is generated in relation to the terminal, the credit stored in the merchant terminal A payment function is provided by linking with a payment server using card information.

If a payment function is provided using credit card information stored in such merchant terminals, it is a violation of the current regulations that cannot store credit card information other than a qualified payment gateway (PG), Damage to users may occur due to leakage of personal information due to the storage of credit card information by unqualified business operators and security systems.

Korean Patent Laid-Open Patent No. 10-2012-0007700 [Name: Automatic withdrawal payment service relay processing method and system and relay processing server therefor]

An object of the present invention is to perform an identity authentication process for a customer who wants to make a payment through mobile phone subscription information for payment through a medical institution, check the validity of the card through card information, and then check the validated card information An object of the present invention is to provide an electronic payment system using patient authentication and card information distributed and stored in an authentication server and a transaction management server, a method therefor, and a nonvolatile recording medium in which a computer program is recorded.

Another object of the present invention is to provide an authentication server, an approval server, a transaction management server, and a card company server in an affiliated store terminal when a payment request is transmitted from the terminal after identity authentication and card information authentication for payment through a medical institution. An object of the present invention is to provide an electronic payment system using patient authentication and card information that performs a payment function by interworking, a method thereof, and a nonvolatile recording medium in which a computer program is recorded.

Another object of the present invention is when card information, hospital member information, etc. are transmitted from a terminal for automatic payment through a medical institution, an authentication server, a transaction management server, an approval server, and a card company server are interlocked in an affiliated store terminal After checking the validity of the corresponding card information by the , if the validity is confirmed, the token for automatic payment provided from the authentication server is managed, and when the amount for payment is generated by the completion of treatment for the customer related to the terminal An object of the present invention is to provide an electronic payment system using patient authentication and card information that requests approval based on a token and performs an automatic payment function according to the approval request, a method thereof, and a non-volatile recording medium in which a computer program is recorded.

The electronic payment method using patient authentication and card information according to an embodiment of the present invention is based on automatic payment consent information, card information, password information, customer patient registration number and terminal identification information transmitted from the terminal by the affiliated store terminal. transmitting automatic payment registration request information for the terminal to an authentication server; transmitting, by the authentication server, validation request information including card information related to the terminal based on automatic payment registration request information transmitted from the affiliated store terminal; receiving, by the authentication server, approval response information transmitted in response to the validation request information; When the authorization response information includes information indicating that the card information is in a valid state, the authentication server transmits an automatic payment token for automatic payment related to the terminal to the affiliated store terminal, and interworks with the transaction management server to distribute and store the card information; And, by the affiliated store terminal, the automatic payment token transmitted from the authentication server in response to the transmitted automatic payment registration request information is stored in conjunction with the automatic payment consent information transmitted from the terminal, the customer registration number and the identification information of the terminal may include the step of

As an example related to the present invention, the step of receiving the approval response information may include, by the transaction management server, provisional approval for validation of card information related to the terminal based on the validation request information transmitted from the authentication server. Transmitting the request information to the card company server via the approval server; transmitting, by the card company server, the approval response information indicating whether the card information is valid based on the card information included in the provisional approval request information, to the transaction management server via the approval server; transmitting, by the transaction management server, the approval response information to the authentication server that has transmitted the validation request information; and receiving, by the authentication server, the approval response information transmitted from the transaction management server in response to the transmitted validation request information.

As an example related to the present invention, the step of distributing and storing the card information may include, by the transaction management server, a process of hardware-encrypting and storing the card number in the card information through a hardware security module (HSM); a process of hardware-encrypting and storing, by the transaction management server, the validity period in the card information through the HSM; separating, by the transaction management server, the card authentication value in the card information into a first part and a second part; generating a first information block by encrypting, by the transaction management server, a part of the card authentication value corresponding to the separated first part based on the HSM using the password information; storing, by the transaction management server, the generated first information block; By the authentication server, in cooperation with the transaction management server, the rest of the card authentication values corresponding to the separated second part are encrypted based on the HSM using the first information block to generate a second information block process; and storing, by the authentication server, the generated second information block.

As an example related to the present invention, when a payment item related to the terminal occurs, transmitting, by the affiliated store terminal, automatic approval request information based on the stored automatic payment token to the approval server; transmitting, by the approval server, card information request information related to the terminal to the transaction management server to request card information distributed and stored in the transaction management server and the authentication server based on the automatic authorization request information; performing, by the transaction management server, a verification procedure on the automatic payment token included in the card information request information by interworking with the authentication server based on the card information request information; checking, by the transaction management server, card information related to the terminal distributed and stored in the transaction management server and the authentication server in conjunction with the authentication server, when the verification procedure for the automatic payment token is normally performed; transmitting, by the transaction management server, card information related to the identified terminal to the approval server; performing, by the approval server, a payment function in conjunction with the card company server based on the received card information and the automatic approval request information; and providing, by the approval server, a result of performing a payment function to the terminal.

A computer program for performing the method according to the above-described embodiment may be stored in a computer-readable non-volatile recording medium in which the program according to the embodiment of the present invention is recorded.

The electronic payment system using patient authentication and card information according to an embodiment of the present invention provides automatic payment for the terminal based on automatic payment consent information, card information, password information, customer patient registration number and terminal identification information transmitted from the terminal. Merchant terminal for transmitting payment registration request information; and transmitting validation request information including card information related to the terminal based on automatic payment registration request information transmitted from the affiliated store terminal, receiving approval response information transmitted in response to the validation request information, and When the approval response information includes information indicating that the card information is in a valid state, an automatic payment token for automatic payment related to the terminal is transmitted to the affiliated store terminal, and the card information is distributed and stored in conjunction with the transaction management server It may include an authentication server that

As an example related to the present invention, the affiliated store terminal receives the automatic payment token transmitted from the authentication server in response to the transmitted automatic payment registration request information, automatic payment consent information transmitted from the terminal, customer parallel registration number, and identification of the terminal Information can be stored in conjunction with it.

As an example related to the present invention, the approval response information indicating whether the card information is valid based on card information included in the provisional approval request information transmitted from the transaction management server is transmitted to the transaction management server via the approval server. the card company server for transmitting; and transmits provisional approval request information to the card company server via the approval server to check the validity of the card information related to the terminal based on the validity check request information transmitted from the authentication server, and transmits the validity check request information It may further include the transaction management server for transmitting the authorization response information to the authentication server.

As an example related to the present invention, the transaction management server stores the card number in the card information by hardware encryption through the HSM, and stores the validity period in the card information by hardware encryption through the HSM, The card authentication value in the card information is divided into a first part and a second part, and a part of the card authentication value corresponding to the separated first part is encrypted based on the HSM using the password information to first generating an information block, storing the generated first information block, and the authentication server, in cooperation with the transaction management server, assigns the remainder of the card authentication values corresponding to the separated second part to the first information block can be used to generate a second information block by encryption based on the HSM, and store the generated second information block.

As an example related to the present invention, the affiliated store terminal transmits automatic approval request information to the approval server based on the stored automatic payment token when a payment item related to the terminal occurs, and the approval server includes the automatic approval In order to request card information distributed and stored in the transaction management server and the authentication server based on the request information, card information request information related to the terminal is transmitted to the transaction management server, and the transaction management server requests the card information By interworking with the authentication server based on the information, a verification procedure for the automatic payment token included in the card information request information is performed, and when the verification procedure for the automatic payment token is normally performed, by the transaction management server, the In conjunction with an authentication server, the transaction management server and the card information related to the terminal distributed and stored in the authentication server are checked, and the checked card information related to the terminal is transmitted to the approval server, the card company server comprising: In conjunction with the approval server, a payment function may be performed based on the card information and the automatic approval request information.

The present invention performs a self-authentication process for a customer who wants to pay through mobile phone subscription information for payment through a medical institution, checks the validity of the card through card information, and then sends the validated card information to the authentication server By distributing and storing them in the transaction management server and the transaction management server, it is possible to prevent leakage of customer information.

In addition, the present invention relates to an authentication server, an approval server, a transaction management server, and a card company server in the affiliate store terminal when a payment request is transmitted from the terminal after identity authentication and card information authentication for payment through a medical institution By performing the payment function by , it is possible to improve user convenience through simple payment and to prevent data mismatch problems between additional tasks required for data mining processing and data processing tasks at each stage.

In addition, the present invention provides an authentication server, a transaction management server, an approval server, and a card company server in the affiliate store terminal when card information, hospital member information, etc. are transmitted from the terminal for automatic payment through a medical institution by interworking with the card company server , after checking the validity of the card information, if the validity is confirmed, the token for automatic payment provided from the authentication server is managed. By requesting approval as a basis for approval and performing the automatic payment function according to the request for approval, when the amount to be paid occurs at the merchant terminal that has previously approved automatic payment in the terminal possessed by the customer, it is fast and convenient through the token stored in the merchant terminal It performs payment functions to increase user satisfaction, protect customer information, modularize repeatedly used functions to facilitate quick application and change of functions, automate repetitive tasks in the data mining process, and effectively result It has the effect of intuitively checking and changing the mining process by quickly inquiring and visualizing it through the graphical user interface.

1 is a block diagram showing the configuration of an electronic payment system using patient authentication and card information according to an embodiment of the present invention.
2 is a block diagram showing the configuration of a terminal according to an embodiment of the present invention.
3 to 5 are flowcharts illustrating an electronic payment method using patient authentication and card information according to a first embodiment of the present invention.
6 to 7 are flowcharts illustrating an electronic payment method using patient authentication and card information according to a second embodiment of the present invention.

It should be noted that the technical terms used in the present invention are only used to describe specific embodiments, and are not intended to limit the present invention. In addition, the technical terms used in the present invention should be interpreted as meanings generally understood by those of ordinary skill in the art to which the present invention belongs, unless otherwise specifically defined in the present invention, and excessively comprehensive It should not be construed in the meaning of a human being or in an excessively reduced meaning. In addition, when the technical term used in the present invention is an incorrect technical term that does not accurately express the spirit of the present invention, it should be understood by being replaced with a technical term that can be correctly understood by those skilled in the art. In addition, the general terms used in the present invention should be interpreted according to the definition in the dictionary or according to the context before and after, and should not be interpreted in an excessively reduced meaning.

Also, the singular expression used in the present invention includes the plural expression unless the context clearly dictates otherwise. In the present invention, terms such as “consisting of” or “comprising” should not be construed as necessarily including all of the various components or various steps described in the invention, and some components or some steps may not be included. It should be construed that it may further include additional components or steps.

Also, terms including ordinal numbers such as first, second, etc. used in the present invention may be used to describe the elements, but the elements should not be limited by the terms. The terms are used only for the purpose of distinguishing one component from another. For example, without departing from the scope of the present invention, a first component may be referred to as a second component, and similarly, the second component may also be referred to as a first component.

Hereinafter, a preferred embodiment according to the present invention will be described in detail with reference to the accompanying drawings, but the same or similar components are assigned the same reference numerals regardless of reference numerals, and redundant description thereof will be omitted.

In addition, in the description of the present invention, if it is determined that a detailed description of a related known technology may obscure the gist of the present invention, the detailed description thereof will be omitted. In addition, it should be noted that the accompanying drawings are only for easy understanding of the spirit of the present invention, and should not be construed as limiting the spirit of the present invention by the accompanying drawings.

1 is a block diagram showing the configuration of an electronic payment system 10 using patient authentication and card information according to an embodiment of the present invention.

As shown in FIG. 1 , the electronic payment system 10 using patient authentication and card information includes a terminal 100 , an affiliated store terminal 200 , an authentication server 300 , a transaction management server 400 , and an approval server 500 . ), a mobile communication company server 600 and a card company server 700 . Not all of the components of the electronic payment system 10 shown in FIG. 1 are essential components, and the electronic payment system 10 may be implemented by more components than those shown in FIG. 1 , and less The electronic payment system 10 may also be implemented by components.

In the terminal 100, card information, a sick record number, etc. are registered in advance in the affiliated store terminal 200, and after confirming the validity of card information related to the terminal 100 in the affiliated store terminal 200, the authentication server 300 provides Stores an automatic payment token related to the corresponding terminal 100 and the affiliated store terminal 200 . Thereafter, when the customer of the terminal 100 registered for automatic payment in the affiliated store terminal 200 receives services such as medical treatment and treatment from the affiliated store terminal 200 , the affiliated store terminal 200 is connected to the corresponding terminal 200 . In relation to this, a payment is requested to the approval server 500 through a pre-stored automatic payment token. Thereafter, the approval server 500 checks the card information distributed and stored in the transaction management server 400 and the approval server 500, and then uses the checked card information to interwork with the card company server 700 to perform a payment function. .

The terminal 100 includes a smart phone, a portable terminal, a mobile terminal, a personal digital assistant (PDA), a portable multimedia player (PMP) terminal, and a telematics terminal. , navigation terminal, personal computer, notebook computer, slate PC, tablet PC, ultrabook, wearable device, for example, a watch-type terminal (Smartwatch), Glass-type terminal (Smart Glass), HMD (Head Mounted Display), etc.), Wibro terminal, IPTV (Internet Protocol Television) terminal, smart TV, digital broadcasting terminal, Television, 3D television , a home theater system, an AVN (Audio Video Navigation) terminal, an A/V (Audio/Video) system, a flexible terminal, and the like.

As shown in FIG. 2 , the terminal 100 includes a communication unit 110 , a storage unit 120 , a display unit 130 , an audio output unit 140 , and a control unit 150 . Not all of the components of the terminal 100 shown in FIG. 2 are essential components, and the terminal 100 may be implemented by more components than the components shown in FIG. 2, and even by fewer components. The terminal 100 may be implemented.

The communication unit 110 communicates with any internal component or at least one external terminal through a wired/wireless communication network. At this time, the external arbitrary terminal may include an affiliated store terminal 200 , an authentication server 300 , a transaction management server 400 , an approval server 500 , a mobile communication company server 600 , a card company server 700 , etc. can Here, as wireless Internet technologies, wireless LAN (WLAN), DLNA (Digital Living Network Alliance), WiBro (Wireless Broadband: Wibro), Wimax (World Interoperability for Microwave Access: Wimax), HSDPA (High Speed Downlink Packet Access) ), High Speed Uplink Packet Access (HSUPA), IEEE 802.16, Long Term Evolution (LTE), Long Term Evolution-Advanced (LTE-A), Wireless Mobile Broadband Service (WMBS), etc. In this case, the communication unit 110 transmits and receives data according to at least one wireless Internet technology within a range including Internet technologies not listed above. In addition, short-range communication technologies include Bluetooth, Radio Frequency Identification (RFID), Infrared Data Association (IrDA), Ultra Wideband (UWB), ZigBee, and Near Field Communication (NFC). , Ultra Sound Communication (USC), Visible Light Communication (VLC), Wi-Fi (Wi-Fi), Wi-Fi Direct (Wi-Fi Direct), etc. may be included. In addition, the wired communication technology may include Power Line Communication (PLC), USB communication, Ethernet, serial communication, optical/coaxial cable, and the like.

Also, the communication unit 110 may mutually transmit information with an arbitrary terminal through a universal serial bus (USB).

In addition, the communication unit 110 is a technical standard or communication method for mobile communication (eg, GSM (Global System for Mobile communication), CDMA (Code Division Multi Access), CDMA2000 (Code Division Multi Access 2000), EV- Enhanced Voice-Data Optimized or Enhanced Voice-Data Only (DO), Wideband CDMA (WCDMA), High Speed Downlink Packet Access (HSDPA), High Speed Uplink Packet Access (HSUPA), Long Term Evolution (LTE), LTE-A (LTE-A) Long Term Evolution-Advanced (Long Term Evolution-Advanced, etc.)) It transmits and receives wireless signals to and from the server 700 .

In addition, the communication unit 110 receives the authentication number from the terminal 100 corresponding to the identification information of the corresponding terminal 100 transmitted from the mobile communication company server 600, and transmits the authentication number according to the user input to the mobile communication company server 600 ) is sent to

The storage unit 120 (or memory) stores various user interfaces (UIs), graphic user interfaces (GUIs), and the like.

In addition, the storage unit 120 stores data and programs necessary for the terminal 100 to operate.

That is, the storage unit 120 may store a plurality of application programs (application programs or applications) driven in the terminal 100 , data for operation, and commands. At least some of these application programs may be downloaded from an external service providing device through wireless communication. In addition, at least some of these application programs may exist in the terminal 100 from the time of shipment for basic functions (eg, incoming calls, outgoing functions, message reception, and outgoing functions). Meanwhile, the application program may be stored in the storage unit 120 , installed in the terminal 100 , and driven to perform an operation (or function) by the control unit 150 .

In addition, the storage unit 120 is a flash memory type (Flash Memory Type), a hard disk type (Hard Disk Type), a multimedia card micro type (Multimedia Card Micro Type), a card type memory (eg, SD or XD memory) etc.), magnetic memory, magnetic disk, optical disk, RAM (Random Access Memory: RAM), SRAM (Static Random Access Memory), ROM (Read-Only Memory: ROM), EEPROM (Electrically Erasable Programmable Read-Only Memory), PROM (Programmable Read-Only Memory) may include at least one storage medium. In addition, the terminal 100 may operate a web storage that performs a storage function of the storage unit 120 on the Internet, or may operate in relation to the web storage.

In addition, the storage unit 120 stores the authentication number in the terminal 100 corresponding to the identification information of the corresponding terminal 100 received through the communication unit 110 .

The display unit 130 may display various contents such as various menu screens using a user interface and/or a graphic user interface stored in the storage unit 120 under the control of the control unit 150 . Here, the content displayed on the display unit 130 includes various text or image data (including various information data) and a menu screen including data such as icons, list menus, and combo boxes. Also, the display unit 130 may be a touch screen.

In addition, the display unit 130 includes a liquid crystal display (LCD), a thin film transistor liquid crystal display (TFT LCD), an organic light-emitting diode (OLED), a flexible display ( It may include at least one of a flexible display), a three-dimensional display (3D display), an e-ink display, and a light emitting diode (LED).

Also, the display unit 130 may be configured as a stereoscopic display unit for displaying a stereoscopic image.

A three-dimensional display method such as a stereoscopic method (glasses method), an auto stereoscopic method (glasses-free method), or a projection method (holographic method) may be applied to the stereoscopic display unit.

In addition, the display unit 130 displays an authentication number, etc. on the terminal 100 corresponding to the identification information of the corresponding terminal 100 received through the communication unit 110 under the control of the control unit 150 .

The audio output unit 140 outputs audio information included in a signal processed by a predetermined signal by the controller 150 . Here, the audio output unit 140 may include a receiver, a speaker, a buzzer, and the like.

In addition, the voice output unit 140 outputs a guide voice generated by the control unit 150 .

In addition, the voice output unit 140 outputs voice information corresponding to the authentication number to the terminal 100 corresponding to the identification information of the terminal 100 received through the communication unit 110 by the control unit 150 .

The control unit 150 executes an overall control function of the terminal 100 . In this case, the control unit may be a processor or an engine.

In addition, the control unit 150 executes the overall control function using the program and data stored in the storage unit 120 . The controller 150 may include RAM, ROM, CPU, GPU, and a bus, and the RAM, ROM, CPU, GPU, etc. may be connected to each other through a bus. The CPU may access the storage unit 120 and perform booting using the O/S stored in the storage unit 120 , and various operations using various programs, contents, data, etc. stored in the storage unit 120 . can be performed.

In addition, when the terminal 100 intends to register as a member in the affiliated store terminal 200 , the control unit 150 transmits identification information, card information, password information, etc. of the terminal 100 to the affiliated store terminal 200 through the communication unit 110 . ) is sent to Here, the identification information of the terminal 100 includes a mobile directory number (MDN), mobile IP, mobile MAC, subscriber identity module (Sim) card unique information, serial number, and the like. In addition, the card information includes a credit card number (or check card number), an expiration date, a card authentication value (CAV) (or a card validation value), and the like. In addition, the password information includes PIN information (or PIN number) related to the corresponding terminal 100 (personal identification number).

In addition, the control unit 150 performs a user authentication procedure by interworking with the mobile communication company server 600 .

That is, the control unit 150 receives the authentication number transmitted from the mobile communication company server 600 through the communication unit 110 in response to the previously transmitted identification information of the terminal 100 .

Also, the control unit 150 outputs the received authentication number through the display unit 130 and/or the voice output unit 140 .

In addition, the control unit 150 is an authentication number according to the user input (for example, when the user who has confirmed the authentication number displayed on the display unit 130 inputs the same authentication number corresponding to the authentication number according to the user input, the corresponding authentication number) to the mobile communication company server 600 through the communication unit 110 .

In addition, the control unit 150 transmits the authentication result transmitted from the mobile communication company server 600 to the communication unit 110 according to the user authentication performed in the corresponding mobile communication company server 600 according to the authentication number transmitted to the mobile communication company server 600 . ) is received through

In addition, the control unit 150 outputs the received authentication result through the display unit 130 and/or the voice output unit 140 . Here, the authentication result includes self-authentication failure information for the corresponding terminal 100, self-authentication success information, and the like.

In addition, when the customer of the terminal 100 in the terminal 100 wants to register automatic payment at the medical institution being treated, the control unit 150 provides automatic payment consent information, card information, password information, customer patient registration number, The identification information of the terminal 100 is transmitted to the affiliated store terminal 200 through the communication unit 110 . Here, the automatic payment consent information includes information indicating consent to automatic payment for the corresponding payment amount when the amount to be paid by the user of the terminal 100 occurs with respect to the medical institution related to the affiliated store terminal 200. do.

In addition, when the terminal 100 wants to request a payment in relation to the payment amount for a specific treatment item, the control unit 150 transmits a payment request signal, identification information of the terminal 100, etc. to the affiliated store terminal through the communication unit 110 . Send to 200.

In addition, the control unit 150 performs an identity authentication function (or identity authentication procedure) by interworking with the authentication server 300 .

That is, the control unit 150 receives the PIN information input request information transmitted from the authentication server 300 in response to the previously transmitted payment request signal, etc. through the communication unit 110 .

In addition, the control unit 150 transmits PIN information according to the user input to the authentication server 300 through the communication unit 110 .

In addition, the control unit 150 transmits the authentication result transmitted from the authentication server 300 according to the personal authentication performed in the corresponding authentication server 300 according to the PIN information transmitted to the authentication server 300 through the communication unit 110 . receive

In addition, the control unit 150 outputs the received authentication result through the display unit 130 and/or the voice output unit 140 . Here, the authentication result includes self-authentication failure information for the corresponding terminal 100, self-authentication success information, and the like.

In addition, when a payment function is performed using card information related to the terminal 100 by interworking between the approval server 500 and the card company server 700 according to the payment approval request information, the control unit 150 controls the approval server 500 ) or a result of performing a payment function performed by interworking between the approval server 500 and the card company server 700 transmitted from the card company server 700 is received through the communication unit 110 . Here, the result of performing the payment function includes the payment amount for each treatment item, identification information of the affiliated store terminal 200, the affiliated store name, the affiliated store contact information, affiliated store location information, the total total amount, payment date and time information, payment card type, and the like.

In addition, when the automatic payment function is performed using card information related to the terminal 100 by interworking between the approval server 500 and the card company server 700 according to the automatic payment request from the affiliated store terminal 200, the control unit ( 150) receives through the communication unit 110 a result of performing a payment function according to an automatic payment performed by interworking of the approval server 500 and the card company server 700 transmitted from the approval server 500 or the card company server 700 do.

In addition, the control unit 150 outputs the received payment function execution result through the display unit 130 and/or the audio output unit 140 .

In addition, the terminal 100 may further include an interface unit (not shown) serving as an interface with all external devices connected to the terminal 100 . For example, the interface unit includes a wired/wireless headset port, an external charger port, a wired/wireless data port, a memory card port, a port for connecting devices equipped with an identification module, and audio I/O ( Input/Output) port, video I/O (Input/Output) port, earphone port, etc. may be configured. Here, the identification module is a chip storing various information for authenticating the usage right of the terminal 100 , and includes a user authentication module (UIM), a subscriber identity module (SIM), a universal user authentication module. (Universal Subscriber Identity Module: USIM) and the like. In addition, the device provided with the identification module may be manufactured in the form of a smart card. Accordingly, the identification module may be connected to the terminal 100 through the port. Such an interface unit receives data or power from an external device and transmits it to each component inside the terminal 100 , or allows data inside the terminal 100 to be transmitted to an external device.

In addition, the interface unit is a path through which power from the cradle is supplied to the terminal 100 when the terminal 100 is connected to an external cradle, or various command signals inputted from the cradle by the user to the terminal 100 It can be a pathway to Various command signals or corresponding power input from the cradle may be operated as signals for recognizing that the terminal 100 is correctly mounted in the cradle.

In addition, the terminal 100 is an input unit (not shown) for receiving a signal according to a button operation by a user or a selection of an arbitrary function, or a command or control signal generated by an operation such as touching/scrolling a displayed screen. city) may be further included.

The input unit is a means for receiving at least one of a user's command, selection, data, and information, and may include a plurality of input keys and function keys for receiving numeric or character information and setting various functions.

In addition, the input unit includes a key pad, a dome switch, a touch pad (static pressure/capacitance), a touch screen, a jog wheel, a jog switch, a jog shuttle, and a mouse. , various devices such as a stylus pen, a touch pen, and the like may be used. In particular, when the display unit is formed in the form of a touch screen, some or all of the input functions may be performed through the display unit.

In addition, each component (or module) of the terminal 100 may be software stored in a memory (or storage) of the terminal 100 . The memory may be an internal memory of the terminal 100, an external memory, or another type of storage device. Also, the memory may be a non-volatile memory. The software stored in the memory may include an instruction set that causes the terminal 100 to perform a specific operation when executed.

The affiliated store terminal 200 communicates with the terminal 100 , the authentication server 300 , the transaction management server 400 , the approval server 500 , the mobile communication company server 600 , the card company server 700 , and the like. Here, the affiliated store terminal 200 performs a payment function using card information, and may be provided (or installed/configured) in a medical institution (or a storage facility in the medical institution).

In addition, the affiliated store terminal 200 may include a configuration for the communication unit 110 , the storage unit 120 , the display unit 130 , the voice output unit 140 , and the control unit 150 included in the terminal 100 . .

In addition, the affiliated store terminal 200 receives identification information, card information, password information, etc. of the terminal 100 transmitted from the terminal 100 .

In addition, the affiliated store terminal 200 transmits the received identification information of the terminal 100 , card information, password information, identification information of the affiliated store terminal 200 , and the like to the authentication server 300 . Here, the identification information of the affiliated store terminal 200 includes a unique ID related to the affiliated store terminal 200 .

In addition, the affiliated store terminal 200 is the authentication result transmitted from the authentication server 300 in response to the previously transmitted identification information, card information, password information, identification information of the affiliated store terminal 200, etc. of the terminal 100, the approval response receive information, etc. Here, the authentication result includes self-authentication failure information for the corresponding terminal 100, self-authentication success information, and the like. In addition, the approval response information includes card information valid status information or card information invalid status information indicating whether card information related to the terminal 100 is valid.

In addition, the affiliated store terminal 200 displays the received authentication result, approval response information, and the like.

In addition, the affiliated store terminal 200 receives automatic payment consent information, card information, password information, customer's patient registration number, identification information of the terminal 100, etc. transmitted from the terminal 100 .

In addition, the affiliated store terminal 200 requests the authentication server 300 for an automatic payment registration request for the corresponding terminal 100 based on the received automatic payment consent information, card information, password information, customer patient registration number, and the like.

That is, the affiliated store terminal 200 transmits automatic payment registration request information for the customer (or the terminal 100 ) corresponding to the received automatic payment consent information to the authentication server 300 . Here, the automatic payment registration request information includes automatic payment consent information, card information, password information, customer patient registration number, identification information of the terminal 100 , identification information of the affiliated store terminal 200 , and the like.

In addition, the affiliated store terminal 200 receives the automatic payment token transmitted from the authentication server 300 in response to the automatic payment registration request information transmitted earlier.

In addition, the affiliated store terminal 200 stores the received automatic payment token, automatic payment consent information, customer patient registration number, identification information of the terminal 100 and the like in conjunction with each other.

In addition, the affiliated store terminal 200 receives a payment request signal transmitted from the terminal 100 , identification information of the terminal 100 , and the like.

Also, the affiliated store terminal 200 transmits payment authentication request information to the authentication server 300 based on the received payment request signal. Here, the payment authentication request information includes a payment request signal, identification information of the terminal 100 , identification information of the affiliated store terminal 200 , and the like.

In addition, the affiliated store terminal 200 receives the payment authentication token transmitted from the authentication server 300 in response to the previously transmitted payment authentication request information.

In addition, the affiliated store terminal 200 transmits payment approval request information to the approval server 500 based on the received payment authentication token. Here, the payment approval request information includes a payment authentication token, a payment amount for each treatment item, identification information of the terminal 100, identification information of the affiliated store terminal 200, an affiliated store name, affiliated store contact information, affiliated store location information, and the like.

In addition, when a customer (or patient) related to the terminal 100 receives a service (eg, including medical treatment, treatment, etc.) provided by a medical institution related to the affiliated store terminal 200 , a payment item (or amount to be paid) occurs In this case, the affiliated store terminal 200 transmits automatic approval request information to the approval server 500 based on the automatic payment token previously stored in relation to the customer for the payment amount corresponding to the corresponding payment item. Here, the automatic approval request information includes an automatic payment token related to the corresponding terminal 100, payment amount for each treatment item, identification information of the terminal 100, identification information of the affiliated store terminal 200, affiliated store name, affiliated store contact information, affiliated store location information, etc. includes

The authentication server 300 communicates with the terminal 100 , the affiliated store terminal 200 , the transaction management server 400 , the approval server 500 , the mobile communication company server 600 , the card company server 700 , and the like.

In addition, the authentication server 300 may include a configuration for the communication unit 110 , the storage unit 120 , the display unit 130 , the voice output unit 140 , and the control unit 150 included in the terminal 100 . .

In addition, the authentication server 300 receives identification information, card information, password information, identification information of the affiliated store terminal 200, etc. of the terminal 100 transmitted from the affiliated store terminal 200 .

In addition, the authentication server 300 requests authentication for the received identification information of the terminal 100 from the mobile communication company server 600 .

That is, the authentication server 300 transmits the authentication request information for the customer (or the terminal 100 ) corresponding to the received identification information of the terminal 100 to the mobile communication company server 600 .

In addition, the authentication server 300 receives the authentication result transmitted from the mobile communication company server 600 in response to the previously transmitted authentication request information for the identification information of the terminal 100 .

In addition, the authentication server 300 transmits the received authentication result to the affiliated store terminal 200 that has previously transmitted identification information, card information, password information, identification information of the affiliated store terminal 200, etc. of the terminal 100. .

Also, the authentication server 300 may perform an authentication function for the corresponding terminal 100 in conjunction with an external authentication server (not shown).

In addition, the authentication server 300 requests the transaction management server 400 to check the validity of the card information related to the identification information of the corresponding terminal 100 based on the authentication result.

That is, when self-authentication is successful based on the previously received authentication result, the authentication server 300 performs card information related to the corresponding terminal 100 in order to check the validity of the card information related to the identification information of the corresponding terminal 100 . and transmits the validation request information (or validation request information for card information related to the terminal 100 ) to the transaction management server 400 .

In addition, the authentication server 300 receives the approval response information transmitted from the transaction management server 400 in response to the previously transmitted validation request information for the card information related to the terminal 100 .

In addition, the authentication server 300 transmits the received approval response information to the corresponding affiliated store terminal 200 that previously transmitted identification information, card information, password information, identification information of the affiliated store terminal 200, etc. of the terminal 100 do.

In addition, the authentication server 300 receives automatic payment registration request information transmitted from the affiliated store terminal 200 .

In addition, the authentication server 300 requests the transaction management server 400 to check the validity of the card information related to the identification information of the corresponding terminal 100 based on the received automatic payment registration request information.

That is, the authentication server 300 includes validation request information including card information related to the terminal 100 (or the terminal 100) in order to verify the validity of the card information related to the identification information of the corresponding terminal 100. Validation request information for card information related to ) is transmitted to the transaction management server 400 .

In addition, the authentication server 300 receives the approval response information transmitted from the transaction management server 400 in response to the previously transmitted validation request information for the card information related to the terminal 100 .

In addition, when the authentication server 300 includes information indicating that the card information is in a valid state in the approval response information based on the received approval response information, the terminal 100 (or the customer / of the terminal 100) An automatic payment token (or an automatic payment token related to the corresponding terminal 100 and the merchant terminal 200) for automatic payment for the payment amount to be generated later in relation to the user/patient) is transmitted to the merchant terminal 200 .

In addition, when card information related to the terminal 100 is valid based on the received approval response information, the authentication server 300 interworks with the transaction management server 400 to link some of the card information (for example, among the card authentication values) part) is encrypted and stored.

That is, the authentication server 300 interworks with the transaction management server 400 to transmit the 1-2 card authentication value corresponding to the second part separated by the transaction management server 400 by the transaction management server 400 . A second information block is generated by encryption based on a hardware security module (HSM) using the generated first information block, and the generated second information block is stored. At this time, the authentication server 300 transmits the 1-2 card authentication value to the HSM using the previously generated first information block together with the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 . Based on encryption, the second information block may be generated, and the generated second information block may be stored.

Also, the authentication server 300 receives payment authentication request information transmitted from the affiliate store terminal 200 .

In addition, the authentication server 300 performs a user authentication function by interworking with the corresponding terminal 100 based on the received payment authentication request information.

That is, the authentication server 300 transmits the PIN information input request information to the terminal 100 corresponding to the identification information of the corresponding terminal 100 based on the received payment authentication request information. Also, the authentication server 300 receives PIN information transmitted from the terminal 100 in response to the PIN information input request information transmitted to the terminal 100 . In addition, the authentication server 300 performs an authentication function for the terminal 100 by confirming the received PIN information and the PIN information previously issued in relation to the corresponding terminal 100 .

In addition, when the identity authentication function fails based on the result of performing the identity authentication function, the authentication server 300 transmits information indicating that the authentication function has failed to the terminal 100 and the affiliated store terminal 200 .

In addition, when the identity authentication function is normally performed based on the result of performing the identity authentication function, the authentication server 300 transmits the payment authentication token to the affiliate store terminal 200 .

In addition, the authentication server 300 interlocks with the transaction management server 400 to prevent transaction forgery and falsification by the affiliated store based on the request information of card information related to the terminal 100 . ) to perform the verification procedure.

In addition, when the verification of the interlocked one-time authentication value fails, the authentication server 300 (or the transaction management server 400) provides information indicating that the verification of the interworking one-time authentication value has failed to the approval server 500. .

In addition, when verification of the interworking one-time authentication value is successful, the authentication server 300 checks (or decrypts) card information distributed and stored in the authentication server 300 in conjunction with the transaction management server 400 .

In addition, the authentication server 300 provides the verified (or decrypted) card information to the transaction management server 400 .

In addition, the authentication server 300 interworks with the transaction management server 400 to automatically pay in advance in the terminal 100 based on the request information of the card information related to the terminal 100 received from the transaction management server 400 . In order to verify (or determine/verify/identify) whether automatic payment is requested from the affiliated store terminal 200 that has applied for (or registered), the verification procedure for the automatic payment token included in the request information of the corresponding card information is performed. carry out

In addition, when the verification of the automatic payment token fails, the authentication server 300 (or the transaction management server 400 ) provides information indicating that the verification of the automatic payment token has failed to the approval server 500 .

In addition, if the verification of the automatic payment token is successful, the authentication server 300 interworks with the transaction management server 400 to check the card information distributed and stored in the authentication server 300 in conjunction with the transaction management server 400 ( or decrypt).

In addition, the authentication server 300 provides the verified (or decrypted) card information to the transaction management server 400 .

The transaction management server 400 communicates with the terminal 100 , the affiliated store terminal 200 , the authentication server 300 , the approval server 500 , the mobile communication company server 600 , the card company server 700 , and the like.

In addition, the transaction management server 400 may include a configuration for the communication unit 110 , the storage unit 120 , the display unit 130 , the voice output unit 140 , and the control unit 150 included in the terminal 100 . have.

In addition, the transaction management server 400 receives validation request information for card information related to the terminal 100 transmitted from the authentication server 300 .

In addition, the transaction management server 400 checks the validity of the card information related to the terminal 100 based on the received validation request information (or the validation request information for the card information related to the terminal 100). For this, a provisional approval is requested from the approval server 500 .

That is, the transaction management server 400 transmits the provisional approval request information to the approval server 500 to check the validity of the card information related to the terminal 100 .

In addition, the transaction management server 400 receives the approval response information transmitted from the approval server 500 in response to the previously transmitted provisional approval request information.

In addition, the transaction management server 400 transmits the received approval response information to the authentication server 300 that has previously transmitted the validation request information for the card information related to the terminal 100 .

In addition, when card information related to the terminal 100 is valid based on the received approval response information, the transaction management server 400 encrypts the card number in the card information in hardware through the HSM and stores it. In this case, the transaction management server 400 may encrypt and store not only the card number in the card information, but also the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 .

In addition, the transaction management server 400 hardware-encrypts and stores the validity period in the card information through the HSM. At this time, the transaction management server 400 determines the validity period in the card information based on the HSM using the previously received password information along with the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 . The first information block may be generated by encryption, and the generated first information block may be stored.

In addition, the transaction management server 400 distributes the card authentication value (or credit card validation value) in the card information based on the previously received password information in conjunction with the authentication server 300, and distributes the distributed card authentication value. It is encrypted and distributed and stored in the transaction management server 400 and the authentication server 300, respectively.

That is, the transaction management server 400 separates (or divides) the card authentication value into a plurality of parts, and sets the 1-1 card authentication value corresponding to the separated first part to the HSM using the previously received password information. A first information block is generated by encryption based on , and the generated first information block is stored. At this time, the transaction management server 400 transmits the 1-1 card authentication value to the HSM using the previously received password information along with the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 . Based on encryption, the first information block may be generated, and the generated first information block may be stored.

In addition, the authentication server 300 works with the transaction management server 400 to encrypt the 1-2 card authentication value corresponding to the separated second part based on the HSM using the previously generated first information block. A second information block is generated, and the generated second information block is stored. At this time, the authentication server 300 transmits the 1-2 card authentication value to the HSM using the previously generated first information block along with the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 . Based on encryption, a second information block may be generated, and the generated second information block may be stored.

Also, the transaction management server 400 receives request information of card information related to the terminal 100 transmitted from the approval server 500 .

In addition, the transaction management server 400 interlocks with the authentication server 300 based on the received request information of card information related to the corresponding terminal 100 to prevent transaction forgery and falsification by the affiliated store. authentication value) is verified.

In addition, when the verification procedure for the transaction-linked one-time authentication value fails, the transaction management server 400 transmits information indicating that the verification procedure for the transaction-linked one-time authentication value has failed to the approval server 500 .

In addition, when the verification procedure for the transaction-linked one-time authentication value is normally performed, the transaction management server 400 interworks with the authentication server 300 and is distributed and managed in the transaction management server 400 and the authentication server 300 . Card information related to the corresponding terminal 100 is checked (or decrypted), and the checked card information related to the corresponding terminal 100 is transmitted to the approval server 500 .

In addition, the transaction management server 400 automatically pays at the affiliated store terminal 200 that has previously applied for (or registered) automatic payment in the terminal 100 based on the received request information of card information related to the corresponding terminal 100 . In order to verify (or determine/verify/identify) whether or not the card is in the requested state, a verification procedure for the automatic payment token included in the request information of the corresponding card information is performed in conjunction with the authentication server 300 .

Also, when the verification procedure is not normally performed, the transaction management server 400 transmits information indicating that the verification procedure has failed to the approval server 500 .

In addition, when the verification procedure is normally performed, the transaction management server 400 interworks with the authentication server 300 and relates to the terminal 100 distributed and managed in the transaction management server 400 and the authentication server 300 . The card information is checked (or decrypted), and card information related to the checked terminal 100 is transmitted to the approval server 500 .

In addition, the transaction management server 400 may interwork with a Fraud Detection System Server to verify whether the automatic payment request requested from the affiliated store terminal 200 is an illegal transaction.

Also, when the automatic payment request requested from the affiliated store terminal 200 is an illegal transaction, the transaction management server 400 may cancel the automatic payment.

In addition, when the automatic payment request requested from the affiliated store terminal 200 is not an illegal transaction, the transaction management server 400 may normally perform an automatic payment function.

The approval server 500 communicates with the terminal 100 , the affiliated store terminal 200 , the authentication server 300 , the transaction management server 400 , the mobile communication company server 600 , the card company server 700 , and the like.

In addition, the approval server 500 may include a configuration for the communication unit 110 , the storage unit 120 , the display unit 130 , the voice output unit 140 , and the control unit 150 included in the terminal 100 . .

Also, the approval server 500 receives provisional approval request information transmitted from the transaction management server 400 .

Also, the approval server 500 transmits the received provisional approval request information to the card company server 700 .

In addition, the approval server 500 receives the approval response information transmitted from the card company server 700 in response to the previously transmitted provisional approval request information. Here, the approval response information includes card information valid status information or card information invalid status information indicating whether card information related to the terminal 100 is valid.

Also, the approval server 500 transmits the received approval response information to the transaction management server 400 .

In addition, the approval server 500 receives payment approval request information transmitted from the affiliated store terminal 200 .

In addition, in order to request card information distributed and stored in the transaction management server 400 and the authentication server 300 in relation to the corresponding terminal 100 based on the received payment approval request information, the approval server 500, the corresponding terminal ( 100) of the related card information request information (or card information request information) is transmitted to the transaction management server 400 .

In addition, the approval server 500 receives card information related to the terminal 100 transmitted from the transaction management server 400 in response to the previously transmitted request information for card information related to the terminal 100 .

In addition, the approval server 500 performs a payment function in conjunction with the card company server 700 based on the received card information, payment approval request information, and the like.

Also, the approval server 500 receives automatic approval request information transmitted from the affiliate store terminal 200 .

In addition, the approval server 500 requests card information distributed and stored in the transaction management server 400 and the authentication server 300 in relation to the terminal 100 based on the received automatic approval request information, the terminal ( 100) of the related card information request information (or card information request information) is transmitted to the transaction management server 400 . here, The card information request information includes automatic approval request information and the like.

In addition, the approval server 500 receives card information related to the terminal 100 transmitted from the transaction management server 400 in response to the previously transmitted request information for card information related to the terminal 100 .

In addition, the approval server 500 performs a payment function in conjunction with the card company server 700 based on the received card information, automatic approval request information, and the like.

In addition, the approval server 500 provides the result of performing the payment function to the terminal 100 . Here, the result of performing the payment function includes the payment amount for each treatment item, identification information of the affiliated store terminal 200, the affiliated store name, the affiliated store contact information, affiliated store location information, the total total amount, payment date and time information, payment card type, and the like.

In the embodiment of the present invention, the authentication server 300 , the transaction management server 400 and the approval server 500 are separately described, but the corresponding authentication server 300 , the transaction management server 400 and the approval server 500 . may be configured as one payment server (or payment system) (not shown).

In addition, when the authentication server 300 , the transaction management server 400 , and the approval server 500 are configured in one payment server, the payment server is distributed and stored in the authentication server 300 and the transaction management server 400 . A plurality of databases (or a plurality of storage units) (not shown) are configured so that card information related to the corresponding terminal 100 can be continuously distributed and stored, and card information related to the corresponding terminal 100 is stored in the plurality of databases. It can be distributed and stored.

The mobile communication company server 600 communicates with the terminal 100 , the affiliated store terminal 200 , the authentication server 300 , the transaction management server 400 , the approval server 500 , the card company server 700 , and the like.

In addition, the mobile communication company server 600 may include a configuration for the communication unit 110 , the storage unit 120 , the display unit 130 , the voice output unit 140 , and the control unit 150 included in the terminal 100 . have.

Also, the mobile communication company server 600 receives authentication request information for the identification information of the terminal 100 transmitted from the authentication server 300 .

In addition, the mobile communication company server 600 performs an identity authentication procedure by interworking with the terminal 100 .

That is, the mobile communication company server 600 transmits an authentication number to the terminal 100 corresponding to the identification information of the corresponding terminal 100 based on the received authentication request information for the identification information of the terminal 100 . Also, the mobile communication company server 600 receives the authentication number transmitted from the terminal 100 in response to the authentication number transmitted to the terminal 100 . In addition, the mobile communication company server 600 checks (or compares) the received authentication number with the previously transmitted authentication number to the terminal 100, and performs an authentication procedure for the corresponding terminal 100.

Also, the mobile communication company server 600 transmits the authentication result to the authentication server 300 . Here, the authentication result includes self-authentication failure information for the corresponding terminal 100, self-authentication success information, and the like.

The card company server 700 communicates with the terminal 100 , the affiliated store terminal 200 , the authentication server 300 , the transaction management server 400 , the approval server 500 , the mobile communication company server 600 , and the like.

In addition, the card company server 700 may include a configuration for the communication unit 110 , the storage unit 120 , the display unit 130 , the voice output unit 140 , and the control unit 150 included in the terminal 100 . .

Also, the card company server 700 receives provisional approval request information transmitted from the approval server 500 .

In addition, the card company server 700 generates approval response information indicating whether the corresponding card information is valid based on the card information included in the provisional approval request information, and transmits the generated approval response information to the approval server 500 . do. Here, the approval response information includes card information valid status information or card information invalid status information indicating whether card information related to the terminal 100 is valid.

In addition, the card company server 700 performs a payment function in conjunction with the approval server 500 based on the card information received from the approval server 500, payment approval request information, and the like.

In addition, the card company server 700 performs a payment function in conjunction with the approval server 500 based on the card information received from the approval server 500, automatic approval request information, and the like.

In addition, the card company server 700 provides the payment function execution result to the approval server 500 and/or the terminal 100 .

In addition, the authentication server 300 , the transaction management server 400 , the authorization server 500 , the mobile communication company server 600 , and the card company server 700 may be implemented in the form of a web server, a database server, a proxy server, etc. . In addition, the authentication server 300, the transaction management server 400, the authorization server 500, the mobile communication company server 600, and the card company server 700 have a network load balancing mechanism, or the authentication server 300, the transaction management server ( 400), the approval server 500, the mobile communication company server 600, and the card company server 700 may be installed with one or more of various software to operate on the Internet or other networks, through which the computerized system can be implemented. Also, the network may be an http network, and may be a private line, an intranet, or any other network. Furthermore, the connection between the authentication server 300 , the transaction management server 400 , the approval server 500 , the mobile communication company server 600 , and the card company server 700 , and the terminal 100 and/or the affiliated store terminal 200 is It can be connected to a secure network to prevent data from being attacked by any hackers or other third parties. In addition, the authentication server 300 , the transaction management server 400 , the approval server 500 , the mobile communication company server 600 , and the card company server 700 may include a plurality of database servers, and these database servers are distributed databases. Implemented in a way that is separately connected to the authentication server 300, the transaction management server 400, the authorization server 500, the mobile communication company server 600, and the card company server 700 through any type of network connection including the server architecture can be

In addition, in the terminal 100, the transaction point terminal 200, the authentication server 300, the transaction management server 400, the approval server 500, the mobile communication company server 600 and the card company server 700 according to the present invention. The on-board processor may process program instructions for executing the method according to the present invention. In one implementation, the processor may be a single-threaded processor, and in another implementation, the processor may be a multi-threaded processor. Furthermore, the processor may process instructions stored in a memory or a storage device.

In this way, for payment through a medical institution, a self-authentication process is performed for a customer who wants to pay through mobile phone subscription information, the validity of the card is checked through card information, and the validated card information is transferred to the authentication server and the transaction management server can be distributed and stored.

In addition, when a payment request is transmitted from the terminal after identity authentication and card information authentication for payment through a medical institution as described above, the authentication server, the approval server, the transaction management server, and the card company server are interlocked in the affiliated store terminal payment function can be performed by

In addition, when card information, hospital member information, etc. are transmitted from the terminal for automatic payment through a medical institution in this way, the authentication server, the transaction management server, the approval server, and the card company server are interlocked in the affiliated store terminal. , after checking the validity of the card information, if the validity is confirmed, the token for automatic payment provided from the authentication server is managed. Approval may be requested based on the basis, and an automatic payment function may be performed according to the request for approval.

Hereinafter, an electronic payment method using patient authentication and card information according to the present invention will be described in detail with reference to FIGS. 1 to 7 .

3 to 5 are flowcharts illustrating an electronic payment method using patient authentication and card information according to a first embodiment of the present invention.

First, when the terminal 100 intends to register as a member in the affiliated store terminal 200 , the terminal 100 transmits identification information, card information, password information, etc. of the terminal 100 to the affiliated store terminal 200 . Here, the identification information of the terminal 100 includes MDN, mobile IP, mobile MAC, Sim card unique information, serial number, and the like. In addition, the card information includes a credit card number (or check card number), a valid period, a card authentication value (or a card validation value), and the like.

For example, when the first terminal 100 wants to register as a member to the first affiliated store terminal 200 provided in the AAA medical institution, the first terminal provides identification information of the first terminal and first card information (eg, 1234 ). 1st card number of -5678-9098-7654, 1st validity period of 0125 (January 2025), 1st card authentication value of 123, etc.), 1st password information (eg 1st PIN information) and so on to the first affiliated store terminal (S310).

Thereafter, the affiliated store terminal 200 receives identification information, card information, password information, etc. of the terminal 100 transmitted from the terminal 100 .

In addition, the affiliated store terminal 200 transmits the received identification information of the terminal 100 , card information, password information, identification information of the affiliated store terminal 200 , and the like to the authentication server 300 . Here, the identification information of the affiliated store terminal 200 includes a unique ID related to the affiliated store terminal 200 .

For example, the first affiliated store terminal receives the identification information of the first terminal, the first card information, the first password information, etc. transmitted from the first terminal, the received identification information of the first terminal, the first card information, The first password information and identification information of the first affiliated store terminal (eg, including a unique ID related to an AAA medical institution corresponding to the first affiliated store terminal) are transmitted to the authentication server 300 ( S320 ).

Thereafter, the authentication server 300 receives identification information, card information, password information, and identification information of the affiliated store terminal 200 of the terminal 100 transmitted from the affiliated store terminal 200 .

In addition, the authentication server 300 requests authentication for the received identification information of the terminal 100 from the mobile communication company server 600 .

That is, the authentication server 300 transmits the authentication request information for the customer (or the terminal 100 ) corresponding to the received identification information of the terminal 100 to the mobile communication company server 600 .

For example, the authentication server 300 receives the identification information of the first terminal, the first card information, the first password information, the identification information of the first affiliated store terminal, etc. transmitted from the first affiliated store terminal, and receives the received first In order to request authentication for the first terminal based on the identification information of the terminal, the first authentication request information is transmitted to the mobile communication company server 600 (S330).

Thereafter, the mobile communication company server 600 receives authentication request information for the identification information of the terminal 100 transmitted from the authentication server 300 .

In addition, the mobile communication company server 600 performs an identity authentication procedure by interworking with the terminal 100 .

That is, the mobile communication company server 600 transmits an authentication number to the terminal 100 corresponding to the identification information of the terminal 100 based on the received authentication request information for the identification information of the terminal 100, and the terminal ( Receive the authentication number transmitted from the terminal 100 in response to the authentication number transmitted to 100), and check (or compare) the received authentication number with the authentication number transmitted to the terminal 100 before the terminal 100 to perform the authentication procedure for

Also, the mobile communication company server 600 transmits the authentication result to the authentication server 300 . Here, the authentication result includes self-authentication failure information for the corresponding terminal 100, self-authentication success information, and the like.

For example, the mobile communication company server 600 receives the first authentication request information for the first terminal transmitted from the authentication server 300, and works with the first terminal based on the received first authentication request information to perform the first An authentication procedure for the terminal is performed.

In addition, the mobile communication company server 600 transmits the first authentication result for the first terminal (including, for example, self-authentication success information, etc.) to the authentication server 300 (S340).

Thereafter, the authentication server 300 receives the authentication result transmitted from the mobile communication company server 600 in response to the previously transmitted authentication request information for the identification information of the terminal 100 .

In addition, the authentication server 300 transmits the received authentication result to the affiliated store terminal 200 that has previously transmitted identification information, card information, password information, identification information of the affiliated store terminal 200, etc. of the terminal 100. .

For example, the authentication server 300 receives the first authentication result (including, for example, self-authentication success information, etc.) transmitted from the mobile communication company server 600 in response to the previously transmitted first authentication request information, and receives the received The first authentication result is transmitted to the first affiliated store terminal that has previously transmitted the identification information of the first terminal, the first card information, and the like (S350).

Thereafter, the affiliated store terminal 200 receives the authentication result transmitted from the authentication server 300 in response to the previously transmitted identification information, card information, password information, identification information of the affiliated store terminal 200, etc. of the terminal 100 . .

In addition, the affiliated store terminal 200 displays the received authentication result.

For example, the first affiliated store terminal first authentication transmitted from the authentication server 300 in response to the previously transmitted identification information of the first terminal, first card information, first password information, identification information of the first affiliated store terminal, etc. Receives a result (including, for example, self-authentication success information, etc.), and outputs the received first authentication result (S360).

In addition, the authentication server 300 requests the transaction management server 400 to check the validity of the card information related to the identification information of the corresponding terminal 100 based on the authentication result.

That is, when self-authentication is successful based on the previously received authentication result, the authentication server 300 performs card information related to the corresponding terminal 100 in order to check the validity of the card information related to the identification information of the corresponding terminal 100 . and transmits the validation request information (or validation request information for card information related to the terminal 100 ) to the transaction management server 400 .

For example, based on the first authentication result (eg, including self-authentication success information, etc.) transmitted from the authentication server 300 to the mobile communication company server 600, when the user authentication for the first terminal is successful, The authentication server 300 receives first validation request information related to the first card information (including, for example, first card information, etc.) in order to verify the validity of the first card information previously received in relation to the first terminal. It is transmitted to the transaction management server 400 (S370).

Thereafter, the transaction management server 400 receives validation request information for card information related to the terminal 100 transmitted from the authentication server 300 .

In addition, the transaction management server 400 checks the validity of the card information related to the terminal 100 based on the received validation request information (or the validation request information for the card information related to the terminal 100) For this, a provisional approval is requested from the approval server 500 .

That is, the transaction management server 400 transmits the provisional approval request information to the approval server 500 to check the validity of the card information related to the terminal 100 .

For example, the transaction management server 400 receives the first validation request information related to the first card information transmitted from the authentication server 300, and the validity of the first card information based on the first validation request information For confirmation, the first provisional approval request information is transmitted to the approval server 500 (S380).

Thereafter, the approval server 500 receives provisional approval request information transmitted from the transaction management server 400 .

Also, the approval server 500 transmits the received provisional approval request information to the card company server 700 .

For example, the approval server 500 receives the first provisional authorization request information transmitted from the transaction management server 400, and transmits the received first provisional authorization request information to the card company server 700 related to the first card information. It transmits (S390).

Thereafter, the card company server 700 receives the provisional approval request information transmitted from the approval server 500 .

In addition, the card company server 700 generates approval response information indicating whether the corresponding card information is valid based on the card information included in the provisional approval request information, and transmits the generated approval response information to the approval server 500 . do. Here, the approval response information includes card information valid status information or card information invalid status information indicating whether card information related to the terminal 100 is valid.

For example, the card company server 700 receives the first provisional authorization request information transmitted from the approval server 500, and checks whether the first card information included in the received first provisional authorization request information is valid, The first approval response information (eg, first card information valid status information) according to the verification result is transmitted to the approval server 500 ( S400 ).

Thereafter, the approval server 500 receives approval response information transmitted from the card company server 700 in response to the previously transmitted provisional approval request information.

Also, the approval server 500 transmits the received approval response information to the transaction management server 400 .

For example, the approval server 500 receives the first approval response information (eg, first card information valid status information) transmitted from the card company server 700 in response to the previously transmitted first provisional approval request information, The received first approval response information (eg, first card information valid status information) is transmitted to the transaction management server 400 requesting validation of the first card information (S410).

Thereafter, the transaction management server 400 receives the approval response information transmitted from the approval server 500 in response to the previously transmitted provisional approval request information.

In addition, the transaction management server 400 transmits the received approval response information to the authentication server 300 that has previously transmitted the validation request information for the card information related to the terminal 100 .

For example, the transaction management server 400 receives the first approval response information transmitted from the approval server 500 in response to the previously transmitted first provisional approval request information, and transmits the received first approval response information to the first The validation request information is transmitted to the transmitting authentication server 300 (S420).

Thereafter, the authentication server 300 receives the approval response information transmitted from the transaction management server 400 in response to the previously transmitted validation request information for the card information related to the terminal 100 .

In addition, the authentication server 300 transmits the received approval response information to the corresponding affiliated store terminal 200 that previously transmitted identification information, card information, password information, identification information of the affiliated store terminal 200, etc. of the terminal 100 do.

For example, the authentication server 300 receives the first approval response information transmitted from the transaction management server 400 in response to the previously transmitted first validation request information, and transmits the received first approval response information to the first terminal The identification information, the first card information, and the like are transmitted to the first affiliated store terminal (S430).

Thereafter, the affiliated store terminal 200 receives the approval response information transmitted from the authentication server 300 in response to the previously transmitted identification information, card information, password information, identification information of the affiliated store terminal 200, etc. of the terminal 100 . do.

In addition, the affiliated store terminal 200 displays the received approval response information.

For example, the first affiliated store terminal is a first approval transmitted from the authentication server 300 in response to the previously transmitted identification information of the first terminal, first card information, first password information, identification information of the first affiliated store terminal, etc. Receives response information (eg, first card information valid status information) and outputs the received first approval response information (S440).

In addition, when card information related to the terminal 100 is valid based on the received approval response information, the transaction management server 400 encrypts the card number in the card information in hardware through the HSM and stores it. In this case, the transaction management server 400 may encrypt and store not only the card number in the card information, but also the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 .

In addition, the transaction management server 400 hardware-encrypts and stores the validity period in the card information through the HSM. At this time, the transaction management server 400 determines the validity period in the card information based on the HSM using the previously received password information along with the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 . The first information block may be generated by encryption, and the generated first information block may be stored.

In addition, the transaction management server 400 distributes the card authentication value (or credit card validation value) in the card information based on the previously received password information in conjunction with the authentication server 300, and distributes the distributed card authentication value. It is encrypted and distributed and stored in the transaction management server 400 and the authentication server 300, respectively.

That is, the transaction management server 400 separates (or divides) the card authentication value into a plurality of parts, and sets the 1-1 card authentication value corresponding to the separated first part to the HSM using the previously received password information. A first information block is generated by encryption based on , and the generated first information block is stored. At this time, the transaction management server 400 transmits the 1-1 card authentication value to the HSM using the previously received password information along with the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 . Based on encryption, the first information block may be generated, and the generated first information block may be stored.

In addition, the authentication server 300 works with the transaction management server 400 to encrypt the 1-2 card authentication value corresponding to the separated second part based on the HSM using the previously generated first information block. A second information block is generated, and the generated second information block is stored. At this time, the authentication server 300 transmits the 1-2 card authentication value to the HSM using the previously generated first information block along with the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 . Based on encryption, a second information block may be generated, and the generated second information block may be stored.

For example, the transaction management server 400 receives the first approval response information (eg, first card information valid status information) transmitted from the approval server 500 in response to the previously transmitted first provisional approval request information. .

In addition, when the first card information related to the first terminal is valid based on the received first approval response information (eg, the first card information valid status information), the transaction management server 400 is the first card The first card number (eg, 1234-5678-9098-7654) in the information is encrypted and stored in hardware through the HSM.

In addition, the transaction management server 400 hardware-encrypts and stores the first valid period (eg, 0125) in the first card information through the HSM.

In addition, the transaction management server 400 separates the first card authentication value (eg, 123) in the first card information into a first part (eg, the first two digits) and a second part (eg, the remaining one digit) and , by encrypting the 1-1 card authentication value (eg, 12) corresponding to the separated first part based on the HSM using the previously received first password information (eg, the first PIN information) 1 information block is generated, and the generated first information block is stored.

In addition, the authentication server 300 works with the transaction management server 400 to obtain the 1-2 card authentication value (for example, 3) corresponding to the separated second part using the previously generated first information block. A second information block is generated by encryption based on HSM, and the generated second information block is stored.

In this way, when it is confirmed that the card information related to the terminal 100 is valid, some of the card number, validity period, and card authentication value in the card information are stored in the transaction management server 400, and among the card authentication values in the card information As the remaining part is distributed and stored in the authentication server 300, damage caused by leakage of customer information (eg, card information, etc.) can be prevented (S450).

Thereafter, when the terminal 100 wants to request a payment in relation to the payment amount for a specific medical item, the terminal 100 transmits a payment request signal, identification information of the terminal 100, etc. to the affiliated store terminal 200 . .

For example, when the first terminal wants to request a payment in relation to the first payment amount according to X-ray imaging and ultrasound imaging at the AAA medical institution on July 1, 2017, the first terminal sends a first payment request signal, The identification information of the first terminal is transmitted to the first affiliated store terminal (S460).

Thereafter, the affiliated store terminal 200 receives a payment request signal transmitted from the terminal 100 , identification information of the terminal 100 , and the like.

Also, the affiliated store terminal 200 transmits payment authentication request information to the authentication server 300 based on the received payment request signal. Here, the payment authentication request information includes a payment request signal, identification information of the terminal 100 , identification information of the affiliated store terminal 200 , and the like.

For example, the first affiliated store terminal receives the first payment request signal transmitted from the first terminal, identification information of the first terminal, and the like, and based on the received first payment request signal, X-ray photographing and related to the first terminal; The first payment authentication request information for performing a payment function according to ultrasound imaging is transmitted to the authentication server 300 (S470).

Thereafter, the authentication server 300 receives payment authentication request information transmitted from the affiliated store terminal 200 .

In addition, the authentication server 300 performs a user authentication function by interworking with the corresponding terminal 100 based on the received payment authentication request information.

That is, the authentication server 300 transmits the PIN information input request information to the terminal 100 corresponding to the identification information of the corresponding terminal 100 based on the received payment authentication request information, and the PIN transmitted to the terminal 100 . An authentication function for the terminal 100 by receiving PIN information transmitted from the terminal 100 in response to the information input request information, and confirming the received PIN information and PIN information previously issued in relation to the terminal 100 carry out

For example, the authentication server 300 receives the first payment authentication request information transmitted from the first affiliated store terminal, and works with the first terminal based on the received first payment authentication request information to authenticate the first terminal to perform (S480).

Thereafter, the authentication server 300 transmits the payment authentication token to the affiliated store terminal 200 when the identity authentication function is normally performed based on the result of performing the identity authentication function.

For example, as a result of performing the authentication function for the first terminal, when the identity authentication function for the first terminal is normally performed, the authentication server 300 generates a first payment authentication token related to the first terminal, and the generated first The payment authentication token is transmitted to the first affiliated store terminal (S490).

Thereafter, the affiliated store terminal 200 receives the payment authentication token transmitted from the authentication server 300 in response to the previously transmitted payment authentication request information.

In addition, the affiliated store terminal 200 transmits payment approval request information to the approval server 500 based on the received payment authentication token. Here, the payment approval request information includes a payment authentication token, a payment amount for each treatment item, identification information of the terminal 100, identification information of the affiliated store terminal 200, an affiliated store name, affiliated store contact information, affiliated store location information, and the like.

For example, the first affiliated store terminal receives the first payment authentication token transmitted from the authentication server 300 in response to the previously transmitted first payment authentication request information.

In addition, the first merchant terminal includes a first payment authentication token, a payment amount for each first treatment item (eg, 2 x-rays 5,400 won, ultrasound 120,000 won, etc.), identification information of the first terminal, the first merchant terminal The first payment approval request information including the identification information of the AAA medical institution, the contact information of the AAA medical institution, the location information of the AAA medical institution, and the like is transmitted to the approval server 500 ( S500 ).

Thereafter, the approval server 500 receives payment approval request information transmitted from the affiliated store terminal 200 .

In addition, in order to request card information distributed and stored in the transaction management server 400 and the authentication server 300 in relation to the corresponding terminal 100 based on the received payment approval request information, the approval server 500, the corresponding terminal ( 100) of the related card information request information (or card information request information) is transmitted to the transaction management server 400 .

For example, the approval server 500 receives the first payment approval request information transmitted from the first merchant terminal, and requests the first card information related to the first terminal based on the received first payment approval request information. 1 The card information request information is transmitted to the transaction management server 400 (S510).

Thereafter, the transaction management server 400 receives request information of card information related to the terminal 100 transmitted from the approval server 500 .

In addition, the transaction management server 400 interlocks with the authentication server 300 based on the received request information of card information related to the corresponding terminal 100 to prevent transaction forgery and falsification by the affiliated store. authentication value) is verified.

As an example, the transaction management server 400 receives the first card information request information transmitted from the approval server 500 , and works with the authentication server 300 based on the received first card information request information to link the transaction for one-time use A verification procedure for the authentication value (or transaction authentication value) is performed (S520).

After that, when the verification procedure for the transaction-linked one-time authentication value is normally performed, the transaction management server 400 interworks with the authentication server 300 and is distributed and managed in the transaction management server 400 and the authentication server 300 . Card information related to the corresponding terminal 100 is checked (or decrypted), and the checked card information related to the corresponding terminal 100 is transmitted to the approval server 500 .

For example, when the verification procedure for the transaction-linked one-time authentication value is normally performed, the transaction management server 400 stores the encrypted first card number (eg, 1234-5678-9098-7654) in the transaction management server 400 . ) is decoded.

In addition, the transaction management server 400 decrypts the first valid period (eg, 0125) encrypted and stored in the transaction management server 400 .

In addition, the transaction management server 400 interworks with the authentication server 300 to check the 1-1 card authentication value (eg, 12) through the decryption process for the first information block, and to the second information block. The first card authentication value (for example, 3) is checked through the decryption process for For example, 123) is checked (or created).

In addition, the transaction management server 400 confirms (or decrypts) the first card information related to the first terminal (for example, the first card number of 1234-5678-9098-7654, the first validity period of 0125 ( 2025 ) year January), including the first card authentication value of 123) to the approval server 500 (S530).

Thereafter, the approval server 500 receives card information related to the terminal 100 transmitted from the transaction management server 400 in response to the previously transmitted request information of the card information related to the terminal 100 .

In addition, the approval server 500 performs a payment function in conjunction with the card company server 700 based on the received card information, payment approval request information, and the like.

In addition, the approval server 500 (or the card company server 700 ) provides the result of performing the payment function to the terminal 100 . Here, the result of performing the payment function includes the payment amount for each treatment item, identification information of the affiliated store terminal 200, the affiliated store name, the affiliated store contact information, affiliated store location information, the total total amount, payment date and time information, payment card type, and the like.

For example, the approval server 500 is a first card related to the first terminal transmitted from the transaction management server 400 in response to the first card information request information requesting the first card information related to the first terminal transmitted earlier Receive information (including, for example, the first card number of 1234-5678-9098-7654, the first validity period of 0125 (January 2025), the first card authentication value of 123, etc.).

In addition, the approval server 500 interworks with the card company server 700 based on the received first card information, first payment approval request information, etc., so that the customer (or patient) related to the first terminal receives the information provided by the AAA medical institution. It performs a payment function for the payment amount for X-ray imaging and ultrasound imaging.

Also, the card company server 700 provides the result of performing the payment function to the first terminal (S540).

6 to 7 are flowcharts illustrating an electronic payment method using patient authentication and card information according to a second embodiment of the present invention.

First, when the customer of the terminal 100 in the terminal 100 wants to register automatic payment at the medical institution being treated, the terminal 100 provides automatic payment consent information, card information, password information, customer patient registration number, The identification information of the terminal 100 is transmitted to the affiliated store terminal 200 . Here, the identification information of the terminal 100 includes MDN, mobile IP, mobile MAC, Sim card unique information, serial number, and the like. In addition, the automatic payment consent information includes information indicating consent to automatic payment for the payment amount when the amount to be paid by the user of the terminal 100 occurs with respect to the medical institution related to the affiliated store terminal 200. do.

As an example, when the second terminal 100 wants to register automatic payment to the second affiliated store terminal 200 provided in the BBB medical institution, the second terminal provides the second automatic payment consent information, the second card information (eg, For example, the second card number of 9876-5432-1012-3456, the second validity period of 0120 (January 2020), the second card authentication value of 987, etc.), the second password information (for example, the second PIN information), the second customer registration number (eg, 987-123456), and the identification information of the second terminal are transmitted to the second affiliated store terminal (S610).

Thereafter, the affiliated store terminal 200 receives automatic payment consent information, card information, password information, customer parallel number, identification information of the terminal 100, etc. transmitted from the terminal 100 .

In addition, the affiliated store terminal 200 requests the authentication server 300 for an automatic payment registration request for the corresponding terminal 100 based on the received automatic payment consent information, card information, password information, customer patient registration number, and the like.

That is, the affiliated store terminal 200 transmits automatic payment registration request information for the customer (or the terminal 100 ) corresponding to the received automatic payment consent information to the authentication server 300 . Here, the automatic payment registration request information includes automatic payment consent information, card information, password information, customer patient registration number, identification information of the terminal 100 , identification information of the affiliated store terminal 200 , and the like.

As an example, the second affiliated store terminal receives the second automatic payment consent information, the second card information, the second password information, the second customer patient registration number, the identification information of the second terminal, etc. transmitted from the second terminal, and receives In order to register the automatic payment of the second terminal in the second merchant terminal based on the second automatic payment consent information, the second card information, the second password information, the second customer registration number, the identification information of the second terminal, etc. The second automatic payment registration request information is transmitted to the authentication server 300 (S620).

Thereafter, the authentication server 300 receives automatic payment registration request information transmitted from the affiliate store terminal 200 .

In addition, the authentication server 300 requests the transaction management server 400 to check the validity of the card information related to the identification information of the corresponding terminal 100 based on the received automatic payment registration request information.

That is, the authentication server 300 includes validation request information including card information related to the terminal 100 (or the terminal 100) in order to verify the validity of the card information related to the identification information of the corresponding terminal 100. Validation request information for card information related to ) is transmitted to the transaction management server 400 .

As an example, the authentication server 300 receives the second automatic payment registration request information transmitted from the second affiliated store terminal, and includes the second automatic payment registration request information based on the received second automatic payment registration request information. In order to check the validity of the second card information, second validation request information related to the second card information (eg, including the second card information) is transmitted to the transaction management server 400 (S630).

Thereafter, the transaction management server 400 receives validation request information for card information related to the terminal 100 transmitted from the authentication server 300 .

In addition, the transaction management server 400 checks the validity of the card information related to the terminal 100 based on the received validation request information (or the validation request information for the card information related to the terminal 100) For this, a provisional approval is requested from the approval server 500 .

That is, the transaction management server 400 transmits the provisional approval request information to the approval server 500 to check the validity of the card information related to the terminal 100 .

For example, the transaction management server 400 receives the second validation request information related to the second card information transmitted from the authentication server 300, and the validity of the second card information based on the second validation request information For confirmation, the second provisional approval request information is transmitted to the approval server 500 (S640).

Thereafter, the approval server 500 receives provisional approval request information transmitted from the transaction management server 400 .

Also, the approval server 500 transmits the received provisional approval request information to the card company server 700 .

For example, the approval server 500 receives the second provisional approval request information transmitted from the transaction management server 400, and transmits the received second provisional approval request information to the card company server 700 related to the second card information. transmit (S650).

Thereafter, the card company server 700 receives the provisional approval request information transmitted from the approval server 500 .

In addition, the card company server 700 generates approval response information indicating whether the corresponding card information is valid based on the card information included in the provisional approval request information, and transmits the generated approval response information to the approval server 500 . do. Here, the approval response information includes card information valid status information or card information invalid status information indicating whether card information related to the terminal 100 is valid.

For example, the card company server 700 receives the second provisional approval request information transmitted from the approval server 500, and checks whether the second card information included in the received second provisional approval request information is valid, The second approval response information (eg, second card information valid status information) according to the verification result is transmitted to the approval server 500 ( S660 ).

Thereafter, the approval server 500 receives approval response information transmitted from the card company server 700 in response to the previously transmitted provisional approval request information.

Also, the approval server 500 transmits the received approval response information to the transaction management server 400 .

For example, the approval server 500 receives the second approval response information (for example, the second card information valid status information) transmitted from the card company server 700 in response to the previously transmitted second provisional approval request information, The received second approval response information (eg, second card information valid status information) is transmitted to the transaction management server 400 requesting validation of the second card information (S670).

Thereafter, the transaction management server 400 receives the approval response information transmitted from the approval server 500 in response to the previously transmitted provisional approval request information.

In addition, the transaction management server 400 transmits the received approval response information to the authentication server 300 that has previously transmitted the validation request information for the card information related to the terminal 100 .

For example, the transaction management server 400 receives the second approval response information transmitted from the approval server 500 in response to the previously transmitted second provisional approval request information, and forwards the received second approval response information to the second The validation request information is transmitted to the transmitting authentication server 300 (S680).

Thereafter, the authentication server 300 receives the approval response information transmitted from the transaction management server 400 in response to the previously transmitted validation request information for the card information related to the terminal 100 .

In addition, when the authentication server 300 includes information indicating that the card information is in a valid state in the approval response information based on the received approval response information, the terminal 100 (or the customer / of the terminal 100) An automatic payment token (or an automatic payment token related to the corresponding terminal 100 and the merchant terminal 200) for automatic payment for the payment amount to be generated later in relation to the user/patient) is transmitted to the merchant terminal 200 .

For example, the authentication server 300 receives the second approval response information transmitted from the transaction management server 400 in response to the previously transmitted second validation request information.

In addition, when the received second approval response information includes the second card information valid status information, the authentication server 300 generates a payment amount related to the second terminal through the second affiliated store terminal registered in the second terminal A second automatic payment token is generated so that automatic payment can be performed at the time, and the generated second automatic payment token is transmitted to the second affiliated store terminal (S690).

Thereafter, the affiliated store terminal 200 receives the automatic payment token transmitted from the authentication server 300 in response to the automatic payment registration request information transmitted earlier.

In addition, the affiliated store terminal 200 stores the received automatic payment token, automatic payment consent information, customer patient registration number, identification information of the terminal 100 and the like in conjunction with each other.

For example, the second affiliated store terminal receives the second automatic payment token transmitted from the authentication server 300 in response to the previously transmitted second automatic payment registration request information, and the received second automatic payment token, the second automatic payment The consent information, the second customer's patient registration number, and the identification information of the second terminal are stored (S700).

In addition, when card information related to the terminal 100 is valid based on the received approval response information, the transaction management server 400 encrypts the card number in the card information in hardware through the HSM and stores it. In this case, the transaction management server 400 may encrypt and store not only the card number in the card information, but also the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 .

In addition, the transaction management server 400 hardware-encrypts and stores the validity period in the card information through the HSM. At this time, the transaction management server 400 determines the validity period in the card information based on the HSM using the previously received password information along with the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 . The first information block may be generated by encryption, and the generated first information block may be stored.

In addition, the transaction management server 400 distributes the card authentication value (or credit card validation value) in the card information based on the previously received password information in conjunction with the authentication server 300, and distributes the distributed card authentication value. It is encrypted and distributed and stored in the transaction management server 400 and the authentication server 300, respectively.

That is, the transaction management server 400 separates (or divides) the card authentication value into a plurality of parts, and sets the 1-1 card authentication value corresponding to the separated first part to the HSM using the previously received password information. A first information block is generated by encryption based on , and the generated first information block is stored. At this time, the transaction management server 400 transmits the 1-1 card authentication value to the HSM using the previously received password information along with the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 . Based on encryption, the first information block may be generated, and the generated first information block may be stored.

In addition, the authentication server 300 works with the transaction management server 400 to encrypt the 1-2 card authentication value corresponding to the separated second part based on the HSM using the previously generated first information block. A second information block is generated, and the generated second information block is stored. At this time, the authentication server 300 transmits the 1-2 card authentication value to the HSM using the previously generated first information block along with the identification information of the affiliated store terminal 200 and the customer's patient registration number related to the terminal 100 . Based on encryption, a second information block may be generated, and the generated second information block may be stored.

For example, the transaction management server 400 receives the second approval response information (eg, the second card information valid status information) transmitted from the approval server 500 in response to the previously transmitted second provisional approval request information. .

In addition, when the second card information related to the second terminal is in a valid state based on the received second approval response information (eg, the second card information valid state information), the transaction management server 400 sends the second card The second card number (eg, 9876-5432-1012-3456) in the information is encrypted and stored in hardware through the HSM.

In addition, the transaction management server 400 stores the second validity period (eg, 0120) in the second card information by hardware encryption through the HSM.

In addition, the transaction management server 400 separates the second card authentication value (eg, 987) in the second card information into a first part (eg, the first two digits) and a second part (eg, the remaining one digit) and , by encrypting the 2-1 card authentication value (eg 98) corresponding to the separated first part based on the HSM using the previously received second password information (eg, second PIN information) 1 information block is generated, and the generated first information block is stored.

In addition, the authentication server 300 works with the transaction management server 400 to obtain the 2-2 card authentication value (eg, 7) corresponding to the separated second part using the previously generated first information block. A second information block is generated by encryption based on HSM, and the generated second information block is stored.

In this way, when it is confirmed that the card information related to the terminal 100 is valid, some of the card number, validity period, and card authentication value in the card information are stored in the transaction management server 400, and among the card authentication values in the card information As the remaining part is distributed and stored in the authentication server 300, damage caused by leakage of customer information (eg, card information, etc.) can be prevented (S710).

Thereafter, a customer (or patient) related to the terminal 100 receives a service (eg, including medical treatment, treatment, etc.) provided by a medical institution related to the affiliated store terminal 200 , and a payment item (or amount to be paid) occurs In this case, the affiliated store terminal 200 transmits automatic approval request information to the approval server 500 based on the automatic payment token previously stored in relation to the customer for the payment amount corresponding to the corresponding payment item. Here, the automatic approval request information includes an automatic payment token related to the corresponding terminal 100, payment amount for each treatment item, identification information of the terminal 100, identification information of the affiliated store terminal 200, affiliated store name, affiliated store contact information, affiliated store location information, etc. includes

For example, when the patient of the second terminal wants to request automatic payment in relation to the second payment amount at the second merchant terminal according to the CT scan at the BBB medical institution on July 7, 2017, the second merchant terminal 2 The second automatic payment token related to the second terminal, the payment amount for each second treatment item (eg, including CT scan 250,000 won, etc.), the identification information of the second terminal, the identification information of the second merchant terminal, the name of the BBB medical institution, BBB medical The second automatic approval request information including the contact information of the institution and the location information of the BBB medical institution is transmitted to the approval server 500 (S720).

Thereafter, the approval server 500 receives automatic approval request information transmitted from the affiliated store terminal 200 .

In addition, the approval server 500 requests card information distributed and stored in the transaction management server 400 and the authentication server 300 in relation to the terminal 100 based on the received automatic approval request information, the terminal ( 100) of the related card information request information (or card information request information) is transmitted to the transaction management server 400 . here, The card information request information includes automatic approval request information and the like.

For example, the approval server 500 receives the second automatic approval request information transmitted from the second affiliated store terminal, and requests the second card information related to the second terminal based on the received second automatic approval request information. 2 The card information request information is transmitted to the transaction management server 400 (S730).

Thereafter, the transaction management server 400 receives request information of card information related to the terminal 100 transmitted from the approval server 500 .

In addition, the transaction management server 400 automatically pays at the affiliated store terminal 200 that has previously applied for (or registered) automatic payment in the terminal 100 based on the received request information of card information related to the corresponding terminal 100 . In order to verify (or determine/verify/identify) whether or not the card is in the requested state, a verification procedure for the automatic payment token included in the request information of the corresponding card information is performed in conjunction with the authentication server 300 .

For example, the transaction management server 400 receives the second card information request information transmitted from the approval server 500, and works with the authentication server 300 based on the received second card information request information to provide a second card A verification procedure is performed on the second automatic payment token included in the information request information (S740).

Thereafter, when the verification procedure is normally performed, the transaction management server 400 interworks with the authentication server 300 and relates to the terminal 100 distributed and managed in the transaction management server 400 and the authentication server 300 . The card information is checked (or decrypted), and card information related to the checked terminal 100 is transmitted to the approval server 500 .

For example, when the verification procedure for the second automatic payment token is normally performed, the transaction management server 400 stores the second card number encrypted in the transaction management server 400 (eg 9876-5432-1012-3456) ) is decrypted.

In addition, the transaction management server 400 decrypts the second valid period (eg, 0120 ) encrypted and stored in the transaction management server 400 .

In addition, the transaction management server 400 interworks with the authentication server 300 to check the 2-1 card authentication value (eg, 98) through the decryption process for the first information block, and to the second information block. 2-2 card authentication value (for example, 7) is checked through the decryption process for For example, 987) is identified (or created).

In addition, the transaction management server 400 confirms (or decrypted) the second card information related to the second terminal (for example, the second card number of 9876-5432-1012-3456, the second validity period of 0120 (2020) January), including the second card authentication value of 987) is transmitted to the approval server 500 (S750).

Thereafter, the approval server 500 receives card information related to the terminal 100 transmitted from the transaction management server 400 in response to the previously transmitted request information of the card information related to the terminal 100 .

In addition, the approval server 500 performs a payment function in conjunction with the card company server 700 based on the received card information, automatic approval request information, and the like.

In addition, the approval server 500 (or the card company server 700 ) provides the result of performing the payment function to the terminal 100 . Here, the result of performing the payment function includes the payment amount for each treatment item, identification information of the affiliated store terminal 200, the affiliated store name, the affiliated store contact information, affiliated store location information, the total total amount, payment date and time information, payment card type, and the like.

For example, the approval server 500 is a second card related to the second terminal transmitted from the transaction management server 400 in response to the second card information request information for requesting the second card information related to the second terminal previously transmitted. Receive information (including, for example, the second card number of 9876-5432-1012-3456, the second validity period of 0120 (January 2020), the second card authentication value of 987, etc.).

In addition, the approval server 500 interworks with the card company server 700 based on the received second card information, the second automatic approval request information, and the like, so that the customer (or patient) related to the second terminal receives the information provided by the BBB medical institution. It performs the payment function for the payment amount for CT scan.

In addition, the card company server 700 provides the result of performing the payment function to the second terminal (S760).

The electronic payment system using patient authentication and card information according to an embodiment of the present invention can be written as a computer program, and codes and code segments constituting the computer program can be easily inferred by a computer programmer in the art. In addition, the corresponding computer program is stored in a computer readable media, and a computer or a terminal according to an embodiment of the present invention, an affiliated store terminal, an authentication server, a transaction management server, an approval server, a mobile communication company server , an electronic payment system using patient authentication and card information can be implemented by being read and executed by a card company server.

The information storage medium includes a magnetic recording medium, an optical recording medium, and the like. The computer program for implementing the electronic payment system using patient authentication and card information according to an embodiment of the present invention is stored in the internal memory of a terminal, an affiliated store terminal, an authentication server, a transaction management server, an approval server, a mobile communication company server, a card company server, etc. and may be installed. Alternatively, an external memory such as a smart card that stores and installs a computer program implementing an electronic payment system using patient authentication and card information according to an embodiment of the present invention is an interface to an electronic payment system using patient authentication and card information, etc. may be installed.

As described above, in the embodiment of the present invention, for payment through a medical institution, a self-authentication process for a customer who wants to pay through mobile phone subscription information is performed, and the validity of the corresponding card is verified through card information, By distributing and storing validated card information in the authentication server and transaction management server, leakage of customer information can be prevented.

In addition, as described above, in the embodiment of the present invention, when a payment request is transmitted from a terminal after identity authentication and card information authentication for payment through a medical institution, an authentication server, an approval server, and a transaction in the affiliated store terminal By interworking with the management server and the card company server, the payment function is performed, improving user convenience through simple payment, and preventing data inconsistency between additional tasks required for data mining processing and data processing tasks at each stage. have.

In addition, as described above, in the embodiment of the present invention, when card information, hospital member information, etc. are transmitted from a terminal for automatic payment through a medical institution, an authentication server, a transaction management server, and an approval server in the affiliated store terminal After checking the validity of the corresponding card information by interworking with the card company server, when the validity is confirmed, the token for automatic payment provided from the authentication server is managed, and payment is made by completing the treatment for the customer related to the terminal When an amount to be paid occurs at a merchant terminal that has previously approved automatic payment in the terminal possessed by the customer by requesting approval based on the token and performing the automatic payment function according to the request for approval Increase user satisfaction by performing payment functions quickly and conveniently through tokens stored in the merchant terminal, protect customer information, modularize functions that are used repeatedly, and facilitate quick application and change of functions, and improve the data mining process. By automating repetitive tasks, effectively retrieving the results quickly, and visualizing them through a graphical user interface, you can intuitively check and change the mining process.

Those of ordinary skill in the art to which the present invention pertains may modify and modify the above-described contents without departing from the essential characteristics of the present invention. Accordingly, the embodiments disclosed in the present invention are not intended to limit the technical spirit of the present invention, but to explain, and the scope of the technical spirit of the present invention is not limited by these embodiments. The protection scope of the present invention should be construed by the following claims, and all technical ideas within the scope equivalent thereto should be construed as being included in the scope of the present invention.

According to the present invention, when automatic payment registration is requested from a terminal after self-authentication and card information authentication for automatic payment through a medical institution, the validity of the card information by interworking with the payment server in the affiliated store terminal corresponding to the medical institution After checking, the transaction management server and authentication server in the payment server separate and encrypt the corresponding card information and store it. and payment function to prevent leakage of customer information, improve user convenience through simple payment, and prevent data inconsistency between additional tasks required for data mining processing and data processing tasks at each stage. , terminal field, server field, electronic payment field, etc. can be widely used.

10: electronic payment system 100: terminal
200: merchant terminal 300: authentication server
400: transaction management server 500: approval server
600: mobile operator server 700: card company server
110: communication unit 120: storage unit
130: display unit 140: audio output unit
150: control unit

Claims (10)

transmitting, by the affiliated store terminal, automatic payment registration request information for the terminal to the authentication server based on automatic payment consent information, card information, password information, customer registration number, and identification information of the terminal transmitted from the terminal;
transmitting, by the authentication server, validation request information including card information related to the terminal based on automatic payment registration request information transmitted from the affiliated store terminal;
receiving, by the authentication server, approval response information transmitted in response to the validation request information;
When the approval response information includes information indicating that the card information is in a valid state, the authentication server transmits an automatic payment token for automatic payment related to the terminal to the affiliated store terminal, and interworks with the transaction management server to distribute and store the card information;
By the affiliated store terminal, the automatic payment token transmitted from the authentication server in response to the transmitted automatic payment registration request information is stored in conjunction with the automatic payment consent information transmitted from the terminal, the customer's registration number and the identification information of the terminal step;
transmitting, by the affiliated store terminal, automatic approval request information based on the stored automatic payment token to the approval server when a payment item related to the terminal occurs;
transmitting, by the approval server, card information request information related to the terminal to the transaction management server to request card information distributed and stored in the transaction management server and the authentication server based on the automatic authorization request information;
performing, by the transaction management server, a verification procedure for the automatic payment token included in the card information request information by interworking with the authentication server based on the card information request information;
verifying, by the transaction management server, whether the automatic payment request requested from the affiliated store terminal according to the card information request information is an illegal transaction by interworking with a Fraud Detection System Server;
When the verification procedure for the automatic payment token is normally performed and the automatic payment request is not an illegal transaction, the transaction management server interworks with the authentication server and the terminal is distributed and stored in the transaction management server and the authentication server; checking relevant card information;
transmitting, by the transaction management server, card information related to the identified terminal to the approval server;
performing, by the approval server, a payment function in conjunction with a card company server based on the received card information and the automatic approval request information; and
and providing, by the approval server, a result of performing a payment function to the terminal. ◈Claim 2 was abandoned when paying the registration fee.◈ The method of claim 1,
Receiving the approval response information includes:
transmitting, by the transaction management server, provisional approval request information to the card company server via the approval server to check the validity of the card information related to the terminal based on the validation request information transmitted from the authentication server;
transmitting, by the card company server, the approval response information indicating whether the card information is valid based on the card information included in the provisional approval request information, to the transaction management server via the approval server;
transmitting, by the transaction management server, the approval response information to the authentication server that has transmitted the validation request information; and
and receiving, by the authentication server, the approval response information transmitted from the transaction management server in response to the transmitted validation request information. ◈Claim 3 was abandoned when paying the registration fee.◈ The method of claim 1,
Distributing and storing the card information comprises:
The process of encrypting, by the transaction management server, the card number in the card information in hardware through a hardware security module (HSM) and storing it;
a process of hardware-encrypting and storing, by the transaction management server, the validity period in the card information through the HSM;
separating, by the transaction management server, the card authentication value in the card information into a first part and a second part;
generating a first information block by encrypting, by the transaction management server, a part of the card authentication value corresponding to the separated first part based on the HSM using the password information;
storing, by the transaction management server, the generated first information block;
By the authentication server, in cooperation with the transaction management server, the rest of the card authentication values corresponding to the separated second part are encrypted based on the HSM using the first information block to generate a second information block process; and
and storing, by the authentication server, the generated second information block. delete delete Transmits automatic payment registration request information for the terminal based on automatic payment consent information, card information, password information, customer patient registration number, and identification information of the terminal transmitted from the terminal, and responds to the transmitted automatic payment registration request information to store the automatic payment token transmitted from the authentication server in conjunction with the automatic payment consent information transmitted from the terminal, the customer registration number and the identification information of the terminal, and when a payment item related to the terminal occurs, the stored automatic payment token Merchant terminal for transmitting automatic approval request information based on;
Transmitting validation request information including card information related to the terminal based on automatic payment registration request information transmitted from the affiliated store terminal, receiving approval response information transmitted in response to the validation request information, and the approval When the response information includes information indicating that the card information is in a valid state, the automatic payment token for automatic payment related to the terminal is transmitted to the affiliated store terminal, and the card information is distributed and stored in conjunction with the transaction management server an authentication server;
An approval server that transmits card information request information related to the terminal to the transaction management server to request card information distributed and stored in the transaction management server and the authentication server based on the automatic authorization request information received from the affiliated store terminal ;
Based on the card information request information, in conjunction with the authentication server, a verification procedure for the automatic payment token included in the card information request information is performed, and the card information is linked with a Fraud Detection System Server Verifies whether the automatic payment request requested from the affiliated store terminal according to the request information is an illegal transaction, and if the verification procedure for the automatic payment token is normally performed and the automatic payment request is not an illegal transaction, it works with the authentication server a transaction management server that checks card information related to the terminal distributed and stored in the transaction management server and the authentication server, and transmits the checked card information related to the terminal to the approval server; and
and a card company server that interworks with the approval server to perform a payment function based on the card information and the automatic approval request information. delete ◈Claim 8 was abandoned when paying the registration fee.◈ 7. The method of claim 6,
The card company server,
Transmitting the approval response information indicating whether the card information is valid based on card information included in the provisional approval request information transmitted from the transaction management server to the transaction management server via the approval server;
The transaction management server,
Based on the validation request information transmitted from the authentication server, the provisional approval request information is transmitted to the card company server via the approval server to check the validity of the card information related to the terminal, and the validation request information is transmitted Electronic payment system using patient authentication and card information, characterized in that transmitting the approval response information to the transmitted authentication server. ◈Claim 9 was abandoned at the time of payment of the registration fee.◈ 9. The method of claim 8,
The transaction management server,
The card number in the card information is hardware encrypted and stored through the HSM, the validity period in the card information is hardware encrypted and stored through the HSM, and the card authentication value in the card information is stored in the first part and in the first part. It is divided into two parts, and a part of the card authentication value corresponding to the separated first part is encrypted based on the HSM using the password information to generate a first information block, and the generated first information block save the
The authentication server,
In cooperation with the transaction management server, the rest of the card authentication values corresponding to the separated second part are encrypted based on the HSM using the first information block to generate a second information block, and the generated second information block is generated. 2 Electronic payment system using patient authentication and card information, characterized in that storing the information block. delete

Images