KR102505977B1 - System for processing offline payment, method of processing offline payment using secondary authentication based on personal information question and method and apparatus for the same - Google Patents

Abstract

Disclosed are an offline payment processing system, an offline payment processing method using personal information query-based secondary authentication, and a device using the same. Acquire check-in information corresponding to the store the user entered, receive primary authentication information for primary authentication corresponding to pre-approval for purchase corresponding to the store from the mobile terminal, and if primary authentication is valid, 1 In order to perform secondary authentication dependent on primary authentication, secondary authentication information in the form of questions and answers is transmitted to at least one of the mobile terminal and the POS corresponding to the store, and based on the secondary authentication result using the secondary authentication information, Offline payments can be made.

Description

Offline payment processing system, offline payment processing method using secondary authentication based on personal information query, and device using the same }

The present invention relates to an offline payment technology using secondary authentication based on personal information query, and in particular, an offline payment processing system that can conveniently perform payment by using questions and answers related to a user for final payment after performing primary authentication, and personal information. It relates to an offline payment processing method using information query-based secondary authentication and an apparatus using the same.

As mobile terminals become more common, the need for payment using mobile terminals is continuously increasing both online and offline. Security and convenience, such as user authentication, can be cited as important themes in such mobile terminal-based payment. In other words, it is necessary to prevent fraudulent payments by efficiently detecting abnormal payments while requiring minimum procedures or operations from the user when making payments.

Conventionally, there is a technology for convenience, such as making a payment in advance through a mobile terminal before a user arrives at a store, and then receiving a pre-paid product when the user arrives at the store. However, such a technology is that the user selects a product through a mobile terminal before visiting the store and pays for it. The user directly visits the store, determines the product to purchase, and pays for it through a simpler process at the store's POS. There is a difference between the technique and the

In addition, even in such a simple payment process, it is difficult to find a security technology for blocking the possibility of fraudulent payment by checking whether a buyer who receives the product and a payer who makes the payment match each other in the prior art.

Therefore, in the present invention, a user visits a store, first performs pre-authentication for final payment on a mobile terminal, and then performs secondary authentication in response to questions related to the user to safely and conveniently purchase products through 2-channel authentication. We would like to introduce a new offline payment technology that exists.

Korean Patent Registration No. 10-1352710, registered on January 10, 2014 (Name: Credit card mock payment system and mock payment method in the payment system and device for it)

An object of the present invention is to provide convenience of payment by performing secondary authentication only by responding to a question generated based on information of a user's mobile terminal when a user performs an offline payment using a mobile terminal.

In addition, an object of the present invention is to provide a more stable offline payment system by varying the authentication level for payment according to monitoring conditions before payment.

Also, an object of the present invention is to prevent a security risk that may occur in a purchase process after the first authentication is completed by performing the second authentication based on the first authentication.

In addition, an object of the present invention is to perform offline payment safely and conveniently only with a mobile terminal without taking out a wallet or card separately by processing payment based on pre-authentication.

An offline payment processing device according to the present invention for achieving the above object includes a check-in information acquisition unit for acquiring check-in information corresponding to a store entered by a user; a primary authentication unit receiving primary authentication information for primary authentication corresponding to pre-approval for purchase corresponding to the store from a mobile terminal; a second authentication unit that transmits second authentication information in the form of questions and answers to at least one of the mobile terminal and the POS corresponding to the store in order to perform second authentication subordinate to the first authentication when the first authentication is valid; and a payment processor performing offline payment at the store based on a result of the second authentication using the second authentication information.

At this time, the secondary authentication unit obtains a user response to a question corresponding to the secondary authentication information from the user, and performs the secondary authentication by comparing whether a correct answer corresponding to the question matches the user response. can do.

At this time, the second authentication information is generated by obtaining corresponding information within a preset past period from the time when the first authentication is performed from the mobile terminal, and may be generated within a preset number of characters.

In this case, the second authentication level may be performed corresponding to the second authentication level adjusted according to the monitoring result of the mobile terminal until the product corresponding to the purchase is submitted to the POS.

At this time, the second authentication unit determines that, when the monitoring result indicates that the time from the first authentication until the product is submitted to the POS exceeds a preset reference purchase time, the moving distance of the mobile terminal after the first authentication The number of letters corresponding to the correct answer is increased to determine if the number of letters corresponding to the correct answer corresponds to at least one of a case where a preset standard moving distance is exceeded and a case where the moving speed of the mobile terminal exceeds a preset standard moving speed after the first authentication. The second authentication level can be improved.

In this case, the primary authentication corresponds to authentication with release conditions, and the secondary authentication information may be invalidated when the primary authentication is released.

In this case, the first authentication may be performed corresponding to the first authentication level adjusted according to the monitoring result of the mobile terminal obtained based on the check-in information.

At this time, the primary authentication unit determines that the monitoring result is a case where the time from obtaining the check-in information until the primary authentication is performed exceeds a preset reference authentication time and the number of fraudulent mobile payments generated in the store is a preset number. The first authentication level may be adjusted to be improved when at least one of the cases exceeding the reference number is met.

In addition, a mobile terminal according to the present invention includes a check-in information collection unit for obtaining check-in information corresponding to a store entered by a user; a primary authentication performing unit that inputs primary authentication information and performs primary authentication corresponding to pre-approval for purchases corresponding to the store; a second authentication unit generating second authentication information corresponding to a response to a question for second authentication subordinate to the first authentication when the first authentication is valid; and a payment execution unit configured to transmit the second authentication information to any one of a server and a POS corresponding to the store and receive a result of the offline payment in order to perform an offline payment at the store.

In addition, the offline payment processing method according to the present invention includes the steps of acquiring check-in information corresponding to a store entered by a user; Receiving primary authentication information for primary authentication corresponding to pre-approval for purchase corresponding to the store from a mobile terminal; Transmitting second authentication information in the form of questions and answers to at least one of the mobile terminal and the POS corresponding to the store in order to perform second authentication subordinate to the first authentication when the first authentication is valid; and performing offline payment at the store based on a result of the second authentication using the second authentication information.

At this time, the transmitting step includes acquiring a user response to a question corresponding to the second authentication information from the user, and comparing whether a correct answer corresponding to the question and the user response match the second authentication information. Car authentication can be performed.

At this time, the second authentication information is generated by obtaining corresponding information within a preset past period from the time when the first authentication is performed from the mobile terminal, and may be generated within a preset number of characters.

In this case, the second authentication level may be performed corresponding to the second authentication level adjusted according to the monitoring result of the mobile terminal until the product corresponding to the purchase is submitted to the POS.

At this time, in the transmitting step, if the monitoring result indicates that the time from the first authentication to the submission of the product to the POS exceeds a preset reference purchase time, the moving distance of the mobile terminal after the first authentication The number of letters corresponding to the correct answer is increased to determine if the number of letters corresponding to the correct answer corresponds to at least one of a case where a preset standard moving distance is exceeded and a case where the moving speed of the mobile terminal exceeds a preset standard moving speed after the first authentication. The second authentication level can be improved.

In this case, the primary authentication corresponds to authentication with release conditions, and the secondary authentication information may be invalidated when the primary authentication is released.

In this case, the first authentication may be performed corresponding to the first authentication level adjusted according to the monitoring result of the mobile terminal obtained based on the check-in information.

At this time, the receiving step is based on the monitoring result, when the time from obtaining the check-in information until the first authentication is performed exceeds a preset reference authentication time and the number of fraudulent mobile payments generated in the store is a preset number. A step of adjusting the first authentication level to be improved when the number of times corresponding to at least one of cases exceeding a reference number of times is exceeded.

In addition, as another means for solving the problem of the present invention, a computer program stored in a medium to execute the above-described method is provided.

According to the present invention, when a user performs an offline payment using a mobile terminal, convenience of payment can be provided by performing secondary authentication only by responding to a question generated based on information of the mobile terminal.

In addition, the present invention can provide a more stable offline payment system by varying the authentication level for payment according to monitoring conditions before payment.

In addition, the present invention can prevent security risks that may occur in the purchase process after the first authentication is completed by performing the second authentication based on the first authentication.

In addition, the present invention can perform offline payment safely and conveniently only with a mobile terminal without taking out a wallet or card separately by processing payment based on pre-authentication.

1 is a block diagram showing an offline payment system using application pay according to an embodiment of the present invention.
2 is a block diagram showing an offline payment processing device according to an embodiment of the present invention.
3 is a block diagram illustrating a mobile terminal according to an embodiment of the present invention.
4 to 8 are diagrams showing a payment progress screen in the case of an application member in a payment method through BLE PUSH according to an embodiment of the present invention.
9 to 15 are diagrams showing a member sign-up screen in the case of a non-member of an application in a payment method through BLE PUSH according to an embodiment of the present invention.
16 is a diagram illustrating an example of performing secondary authentication using a mobile terminal according to the present invention.
17 is a diagram illustrating an example of performing secondary authentication using a POS of a store according to the present invention.
18 is an operational flowchart illustrating an offline payment processing method according to an embodiment of the present invention from the side of an offline payment processing device.
19 is an operational flowchart illustrating an offline payment processing method according to an embodiment of the present invention from the side of a mobile terminal.
FIG. 20 is a diagram showing in detail a process of increasing the second authentication level of the second authentication among the offline payment processing methods shown in FIG. 18 .
FIG. 21 is a diagram showing in detail a process of improving the first authentication level of the first authentication among the offline payment processing methods shown in FIG. 18 .

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. However, detailed descriptions of well-known functions or configurations that may obscure the gist of the present invention will be omitted in the following description and accompanying drawings. In addition, it should be noted that the same components are indicated by the same reference numerals throughout the drawings as much as possible. Embodiments of the present invention are provided to more completely explain the present invention to those skilled in the art. Accordingly, the shapes and sizes of elements in the drawings may be exaggerated for clarity.

The terms or words used in this specification and claims described below should not be construed as being limited to a conventional or dictionary meaning, and the inventors should appropriate the concept of terms to describe their invention in the best way. It should be interpreted as a meaning and concept consistent with the technical spirit of the present invention based on the principle that it can be defined in the following way. Therefore, the embodiments described in this specification and the configurations shown in the drawings are only one of the most preferred embodiments of the present invention, and do not represent all of the technical ideas of the present invention, so various alternatives can be made at the time of this application. It should be understood that there may be equivalents and variations. In addition, terms such as first and second are used to describe various components, and are used only for the purpose of distinguishing one component from another, and are not used to limit the components.

1 is a block diagram showing an offline payment system using application pay according to an embodiment of the present invention.

Referring to FIG. 1, a payment system using application pay according to an embodiment of the present invention includes an application server 110, a terminal 120, a POS device 130, a BLE server 140, and a BLE device 150. include

A payment system according to an embodiment of the present invention may correspond to a system for performing payment using an application pay based on an application installed in a user's mobile terminal when purchasing a product in an offline store.

The application server 110 may be a server that provides the user's terminal 120 with information related to payment and an application 111 for performing payment to proceed with payment-related procedures. At this time, the application server 110 may transmit and receive data through a network.

At this time, the application server 110 may be an offline payment processing device according to an embodiment of the present invention. In addition, the application server 110 may include an offline payment processing device according to an embodiment of the present invention.

At this time, the network provides a path through which data is transmitted between the application server 110 and the terminal 120, and is a concept encompassing both existing networks and networks that can be developed in the future. For example, the network includes a wired and wireless local area network that provides communication between various information devices within a limited area, a mobile communication network that provides communication between mobile bodies and between mobile bodies and the outside of the mobile body, and a satellite that provides communication between earth stations and earth stations. It may be a satellite communication network or any one of wired and wireless communication networks, or a combination of two or more. Meanwhile, the transmission method standards of the network are not limited to existing transmission method standards, and may include all transmission method standards to be developed in the future. In addition, the network used between the application server 110 and the terminal 120 in FIG. 1 is different from the network used between the application server 120 and the POS device 130 and the BLE server 140 and the terminal 120 It may be one, or it may be the same.

The terminal 120 receives information corresponding to product payment from the application server 110 using an application and provides the information to the user.

At this time, the terminal 120 is a device that is connected to a communication network and can run an application, such as a mobile phone, PMP (Portable Multimedia Played), MID (Mobile Internet Device), smart phone (Smart Phone), tablet computer (Tablet PC), It may be a mobile terminal having various mobile communication specifications, such as a notebook, a net book, a personal digital assistant (PDA), and an information communication device.

In addition, the terminal 120 may receive various information such as numbers and text information, set various functions, and transmit input signals related to function control of the terminal 120 to the control unit through the input unit. In addition, the input unit of the terminal 120 may include at least one of a keypad and a touchpad that generate an input signal according to a user's touch or manipulation. At this time, the input unit of the terminal 120 is configured in the form of a single touch panel (or touch screen) together with the display unit of the terminal 120 to simultaneously perform input and display functions. In addition, all types of input means that may be developed in the future may be used for the input unit of the terminal 120 in addition to input devices such as a keyboard, keypad, mouse, joystick, and the like. In particular, the input unit of the terminal 120 according to the present invention may transmit an input signal for selecting a card or making a payment based on an optimal card recommendation system to the control unit of the terminal 120 .

In addition, the display unit of the terminal 120 may display information about a series of operation states and operation results occurring while the terminal 120 performs functions. Also, the display unit of the terminal 120 may display a menu of the terminal 120 and user data input by a user. Here, the display unit of the terminal 120 includes a liquid crystal display (LCD), a thin film transistor LCD (TFT-LCD), a light emitting diode (LED), and an organic light emitting diode (OLED). , Organic LED), active-type organic light emitting diode (AMOLED, Active Matrix OLED), Retina Display, flexible display, and 3D display. At this time, when the display of the terminal 120 is configured in the form of a touch screen, the display of the terminal 120 may perform some or all of the functions of the input unit of the terminal 120 . In particular, the display unit of the terminal 120 according to the present invention may display information related to the optimal recommended card and payment provided based on the optimal card recommendation system on the screen.

In addition, the storage unit of the terminal 120 is a device for storing data, includes a main storage device and an auxiliary storage device, and may store application programs necessary for the functional operation of the terminal 120 . The storage of the terminal 120 may largely include a program area and a data area. Here, when the terminal 120 activates each function in response to a user's request, the corresponding application programs are executed under the control of the controller to provide each function. In particular, the storage unit of the terminal 120 according to the present invention may store an operating system for booting the terminal 120 and a program for recommending a card or making a payment based on an optimal card recommendation system. In addition, the storage unit of the terminal 120 may store a content DB for storing a plurality of contents and information of the terminal 120 . In this case, the content DB includes execution data for executing the content and attribute information about the content, and may store content use information according to content execution. And, the information of the terminal 120 may include terminal specification information.

In addition, the communication unit of the terminal 120 may perform a function for transmitting and receiving data with the application server 110 through a network. Here, the communication unit of the terminal 120 may include an RF transmitting means for up-converting and amplifying the frequency of a transmitted signal, and an RF receiving means for low-noise amplifying a received signal and down-converting the frequency. The communication unit of the terminal 120 may include at least one of a wireless communication module and a wired communication module. And, the wireless communication module is a component for transmitting and receiving data according to a wireless communication method, and when the terminal 120 uses wireless communication, using any one of a wireless network communication module, a wireless LAN communication module, and a wireless fan communication module Data may be transmitted and received to the application server 110 . In addition, the wired communication module is for transmitting and receiving data by wire. The wired communication module may access a network through a wire and transmit/receive data to the application server 110 . That is, the terminal 120 may access a network using a wireless communication module or a wired communication module and transmit/receive data with the application server 110 through the network. In particular, in the network according to the present invention, the terminal 120, the application server 110, and the BLE server 140 communicate with each other to transmit and receive data necessary for recommending an optimal card based on an optimal card recommendation system.

In addition, the control unit of the terminal 120 may be an operating system (OS) and a process device that drives each component. For example, the control unit controls the entire process of accessing the application server 110. When accessing the application server 110 through a separate service application, it is possible to control the overall process of executing the service application according to the user's request, and at the same time as the execution, a service use request is sent to the application server 110. It can be controlled to be transmitted, and at this time, the information of the terminal 120 necessary for user authentication can be controlled to be transmitted together.

Also, the control unit of the terminal 120 may execute specific content stored in the storage unit of the terminal 120 according to a user's request. In this case, the controller may store a content use history according to content execution as content use information.

In addition, the user's terminal 120 has an application for the application pay service installed, and may correspond to the user's terminal 120 subscribed to the application pay service.

The POS device 130 is a device for performing product payment in the store 160 and may correspond to a device capable of performing an application pay service based on communication with the application server 110 .

The BLE server 140 may be a server for locating the terminal 120 and providing information using Bluetooth low energy.

At this time, the Bluetooth low energy technology is a short-distance wireless communication technology that periodically transmits object information based on Bluetooth 4.0 within a certain radius of the surrounding area. That is, even if the user of the terminal 120 does not take a separate action, the user's location can be automatically identified and a signal for payment service can be provided.

At this time, beacon is a short-range data communication technology that utilizes BLE (Bluetooth Low Energy), and provides various application services such as object and situation recognition, content push, indoor positioning, automatic check-in, and geofencing based on proximity positioning. can make it possible. Compared to similar technologies in the past, it can serve as a catalyst for the formation of a new service market because it is more convenient and can be provided at a lower cost. In this case, a beacon may mean any device that periodically transmits a certain signal to inform. For example, the BLE device 150 shown in FIG. 1 may correspond to a beacon.

Such beacons can be divided into sound-based low-frequency beacons, LED beacons, Wi-Fi beacons, Bluetooth beacons, etc., according to the method of transmitting signals. In addition, the beacon can transmit periodic signals in a small packet of approximately 21 bytes, does not require pairing separately from the target receiving the signal, and operates with low power, but the ID value and received signal strength of the beacon transmitter up to 50 meters It is possible to transmit a signal corresponding to In addition, since the price is low and it is small and can be easily attached anywhere, it can be freely used anywhere even in offline stores.

For example, when a beacon is installed at a specific place in the store 160 and a user or customer carrying the terminal 120 enters the area of the BLE beacon, the corresponding terminal 120 can be detected and a signal including information can be transmitted. .

The store 160 may correspond to an offline store where payment is performed, and may correspond to an application pay service affiliated store in which an application pay agent and a BLE device 150 are installed.

Below, a payment system according to an embodiment of the present invention will be described according to a service flow.

First, the user may enter the store 160 with the terminal 120 .

At this time, it is possible to detect that the user has entered the store 160 using a beacon, which is a BLE-based short-range data communication technology.

That is, according to the present invention, the BLE signal transmitted from the BLE device 150, which is a beacon located in the store 160, can be received using the BLE SDK 141 in the Bluetooth-enabled terminal 120. At this time, the BLE signal may be received through the application 111 installed based on the BLE SDK 141. Then, when the terminal 120 transmits the information included in the BLE signal to the BLE server 140, the BLE server 140 may provide the terminal 120 with information related to BLE benefits corresponding to the BLE signal. .

Thereafter, the terminal 120 may access the application server 110 based on the BLE benefit information received from the BLE server 140 through the application.

At this time, the application server 110 may include at least one module for performing payment.

For example, the application server 110 may include a membership providing module capable of providing membership information based on user information of the terminal 120 and store information corresponding to the store 160 . In this case, the membership providing module may include a separate database capable of storing membership information for each user and store information for each store.

For another example, the application server 110 may include an application pay payment module for performing payment through application pay. In this case, the application pay payment module may include credit card information or bank information for performing payment through application pay. For example, when a user makes an application pay payment using a credit card to purchase a product at the store 160, the application pay payment module and the credit card application may transmit and receive data for real-time payment.

In this case, the application pay payment module may include an optimal card recommendation device that recommends an optimal card considering discount benefits, store benefits, and accumulation among credit cards owned by the user based on credit card information. For example, it is possible to recommend an optimal card according to a discount rate or accumulation rate by combining benefit information provided when a target performance of the previous month is achieved for each type of credit card and benefit information provided through a membership card. In addition, the optimal card recommendation device may be configured independently of the application pay payment module.

For another example, the application server 110 provides membership information through a membership providing module, along with benefit information on coupons or gifticons that can be used by the user at the store 160, events and marketing information in progress at the store 160, and the like. May include a store information providing module capable of providing. For example, the store information providing module searches for gifticons or coupons that can be used in the store 160 by the user through the application and provides them to the application server 110, so that the user can receive gifticons or coupons through the application installed in the terminal 120. You can use coupons. In addition, the store information providing module provides event information and marketing information corresponding to a plurality of stores providing services according to the payment system according to an embodiment of the present invention to the application server 110, thereby providing the store visited by the user. In operation 160 , information on ongoing events and marketing may be provided to the user's terminal 120 .

Thereafter, the user accessing the application server 110 through the terminal 120 may perform pre-authentication in the application pay service to purchase a product at the store 160 . For example, a step for pre-authentication may be entered by receiving a purchase-related push message through the BLE device 150 and clicking a purchase button included in the push message. At this time, various methods such as PIN number input, picture image gesture, and touch gesture may be used as a means of pre-authentication for purchase, that is, primary authentication.

At this time, the offline payment processing device that is included in the application server 110 or may correspond to the application server 110 receives primary authentication information corresponding to the primary authentication performed in the terminal 120 and determines whether or not authentication is performed. can judge

Thereafter, the user moves to the POS device 130 with a product to be purchased at the store 160, expresses an intention to pay through the application pay at the store clerk, and performs secondary authentication for product purchase and payment. can do.

In this case, the second authentication may be authentication subordinate to the first authentication, and the second authentication may be performed in a state in which the first authentication is valid.

For example, as a secondary authentication method, a method in which the user has the terminal 120 and is located in a zone for payment near the POS device 130, and inputs a motion gesture pattern using the terminal 120 within the payment zone. method, a method of inputting a touch pattern to a sign pad included in the POS device 130, a method of generating intersections on a sign pad, a question and answer method, and the like.

In addition, in the second authentication, after the clerk of the store 160 scans the purchase product, the user who uses the application pay service can be confirmed through the POS device 130, and then the payment can be made.

Thereafter, when the second authentication is completed, the application server 110 may transmit a message indicating whether or not the payment through the application pay has been successfully performed to at least one of the user's terminal 120 and the POS device 130 .

If such a payment system using application pay is used, it is more safe and convenient for a user to pay for a product using an optimal card simply by performing primary authentication at the store 160 and simple secondary authentication. possible.

2 is a block diagram showing an offline payment processing device according to an embodiment of the present invention.

Referring to FIG. 2 , an offline payment processing device according to an embodiment of the present invention includes a communication unit 210, a check-in information acquisition unit 220, a primary authentication unit 230, a secondary authentication unit 240, and a payment processing unit. (250) and storage (260).

The communication unit 210 serves to transmit/receive information necessary for offline payment processing with a user's mobile terminal through a communication network such as a network. In particular, the communication unit 210 according to an embodiment of the present invention may receive information for performing check-in, primary authentication, and secondary authentication from the mobile terminal, and may provide the mobile terminal with information corresponding to offline payment processing. there is.

In this case, information for performing offline payment processing may be received from a separate application server or a POS installed in a store.

The check-in information acquisition unit 220 acquires check-in information corresponding to a store entered by the user.

In this case, the check-in information may be obtained using Bluetooth low energy (BLE) technology, WiFi, GPS, and the like. For example, a device such as a BLE beacon may be installed at the entrance of a store, and when a user's mobile terminal enters the area of the BLE beacon, the terminal may be sensed and a signal including store information may be transmitted. At this time, the mobile terminal receiving the signal may acquire store information included in the corresponding signal through an application and transmit the corresponding information to the offline payment processing device as check-in information.

At this time, any technology capable of detecting that the user's mobile terminal has visited a store can be used as a technology for obtaining check-in information without being limited to any technology.

The primary authentication unit 230 receives primary authentication information for primary authentication corresponding to pre-approval for purchase corresponding to a store from a mobile terminal.

In this case, the first authentication may correspond to pre-payment authentication performed before a product to be purchased or an amount to be paid is confirmed during an offline payment.

In this case, the primary authentication may correspond to inputting a PIN number into the mobile terminal. That is, the first authentication may be performed in the mobile terminal. For example, when a PIN number is input to perform primary authentication in a mobile terminal, the PIN number input to the mobile terminal is recognized as primary authentication information and transmitted to an offline payment processing device, thereby enabling primary approval. .

In addition, primary authentication may be performed through various methods such as fingerprint recognition, face recognition, and voice recognition available through a mobile terminal.

In this case, the primary authentication corresponds to authentication with release conditions, and when the primary authentication is released, the secondary authentication information may be invalidated. That is, the primary authentication may correspond to authentication accompanied by spatial or temporal release conditions.

At this time, as one of the conditions for canceling the primary authentication, a timeout period corresponding to the effective time of the primary authentication may be set. That is, when a preset timeout time is exceeded after performing the first authentication, the first authentication may be automatically canceled.

At this time, the timeout time may be set differently according to the type of store. For example, in a store such as a supermarket, a time-out time may be set from 30 minutes to 1 hour suitable for shopping time. Also, in a store such as a restaurant, a time-out time may be set to about 2 to 3 hours appropriate for a meal time.

At this time, when the primary authentication is canceled because the timeout period is exceeded, payment through the mobile terminal may not be performed regardless of whether the secondary authentication is effective or not. Accordingly, in order to perform payment through the mobile terminal after the first authentication is released, the first authentication may be performed again and then the second authentication may be performed to process the payment.

In addition, when the mobile terminal moves away from the store by more than a predetermined distance, primary authentication may be canceled. For example, the location of the mobile terminal is determined using a short-range wireless communication device installed at the entrance of the store and various places inside the store, and the primary authentication is released when it is determined that the mobile terminal has moved out of the store and has moved away from the store by a certain distance or more. It can be.

In this case, the first authentication may be performed corresponding to the first authentication level adjusted according to the result of monitoring the mobile terminal obtained based on the check-in information. That is, if an abnormality is found in the monitoring result, security can be strengthened depending on the situation by increasing the primary authentication level for more secure authentication.

In this case, the monitoring result may correspond to a situation prior to performing the first authentication.

At this time, as a result of monitoring, at least one of the cases in which the time from acquiring check-in information to the first authentication is performed exceeds the preset standard authentication time, and the number of fraudulent mobile payments in the store exceeds the preset standard number. In the case corresponding to , the 1st authentication level can be adjusted to be improved. In other words, if it took an unusually long time before the first authentication was performed after the user with the mobile terminal entered the store, or if the store the user entered was a store in which fraudulent mobile payments frequently occurred, it would be more For secure payment, the primary authentication level for primary authentication can be improved.

At this time, the first authentication may be performed by adjusting to add a PIN number input procedure when the first authentication level is improved. For example, if the primary authentication level is increased, the keyboard of the mobile terminal can be changed every time a PIN is input instead of simply inputting a PIN. In addition, a method of inputting a PIN and then inputting a color pattern or using a dummy number to increase the length of the PIN may be used. In addition, when inputting a PIN, if earphones or headphones are connected to the audio jack of the mobile terminal and listening to music, a method of inputting a PIN through audio feedback may be used as the primary authentication level improves.

In this case, the first authentication level may be improved by changing conditions that may be additionally considered in the first authentication according to the method of the first authentication. For example, assuming that the first authentication method corresponds to fingerprint recognition, fingerprint recognition of another finger may be additionally requested as the first authentication level is improved. Also, in the case of face recognition, the left or right side of the face may be recognized in addition to recognizing the front of the face.

When the first authentication is valid, the second authentication unit 240 transmits the second authentication information in the form of questions and answers to at least one of the mobile terminal and the POS corresponding to the store in order to perform the second authentication subordinate to the first authentication.

In this case, the second authentication information in the form of questions and answers may be generated based on information stored in the user's mobile terminal. For example, a Q&A may be generated using appointment information stored in a calendar of a user's mobile terminal, or a Q&A may be generated using a call log. That is, the security of authentication can be improved by generating questions and answers based on information that only the individual user can know.

In this case, questions and answers in the form of questions and answers may be generated in the mobile terminal, or may be generated in the offline payment processing device and server by obtaining information from the mobile terminal.

At this time, a user response to a question corresponding to the secondary authentication information may be obtained from the user, and a correct answer corresponding to the question and a user response may be compared to perform secondary authentication.

At this time, the second authentication information may be transmitted to at least one of the user's mobile terminal or POS, and the method of comparing the correct answer and the user's response may be different. For example, assuming that a question about second authentication information is transmitted to a mobile terminal, a user may input and transmit a user response through a touch input of the mobile terminal. As another example, assuming that a question about second authentication information is transmitted to a POS corresponding to a store, a store clerk may confirm a question about second authentication information transmitted to the POS and directly ask a user a question. That is, if the clerk's store compares the user's response with the correct answer to the question transmitted to the POS and matches, the secondary authentication may be processed as completed.

In this case, the second authentication information is generated by obtaining corresponding information within a preset past period from the time when the first authentication is performed from the mobile terminal, and may be generated within a preset number of characters.

For example, if a user creates a question corresponding to secondary authentication information based on information that is too long in the past compared to the current date when the user visited the store, surely even the user of the mobile terminal correctly answers the question It can be difficult. Therefore, by generating secondary authentication information based on recent information about a week past so that the user can easily remember it, it is possible to prevent problems with secondary authentication during offline payment.

At this time, the preset past period can be freely modified by the user or the application manager.

In addition, the amount of information when transmitting and receiving the second authentication information can be adjusted by limiting the number of characters for the questions and answers corresponding to the second authentication information. In addition, when a user performs secondary authentication, convenience can be promoted by preventing problems in secondary authentication due to correct answers corresponding to a large number of characters.

In this case, the number of words for the question corresponding to the secondary authentication information and the number of words for the correct answer may be set differently.

At this time, the second authentication may be performed corresponding to the second authentication level adjusted according to the monitoring result of the mobile terminal until the product corresponding to the purchase is submitted to the POS. That is, a second authentication level may be determined in consideration of a situation from when the first authentication is performed until the second authentication is performed.

At this time, if the monitoring result indicates that the time from the first authentication until the product is submitted to the POS exceeds the preset standard purchase time, if the moving distance of the mobile terminal after the first authentication exceeds the preset standard movement distance, and When the moving speed of the mobile terminal exceeds the predetermined reference moving speed after the first authentication, the second authentication level may be adjusted to be improved in a case corresponding to at least one of the cases.

In this case, the preset reference purchase time may correspond to a time less than the timeout time satisfying the release condition of the first authentication.

At this time, the second authentication level may be improved by increasing the number of correct answers to the question corresponding to the second authentication information. For example, if the preset number of characters of the correct answer corresponding to the second authentication level is set to 3 characters when the second authentication level is low, if the second authentication level is higher, the preset number of characters of the correct answer is set from 5 characters to 5 characters. It can be set to increase up to 7 characters. That is, security can be improved by generating a question corresponding to a more difficult answer than when the second authentication level is low.

In this case, the second authentication may have a lower authentication level than the first authentication. That is, since the purchase intention of the user who wants to purchase a product is confirmed through the primary authentication through the mobile terminal, if the primary authentication is not canceled because the conditions for canceling the primary authentication are satisfied, the purchase can be made only with the secondary authentication of a lower level. Even if confirmed, the possibility of fraudulent payment may be reduced. Accordingly, the second authentication level may be lower than that of the first authentication method, but may be an authentication method that maximizes user convenience.

Also, the secondary authentication may correspond to authentication subordinate to the primary authentication. That is, based on the primary authentication using the mobile terminal, secondary authentication information for secondary authentication is provided to the store's POS, and the POS performs secondary authentication for a user who wants to purchase a product using the secondary authentication information provided. can be done

The payment processing unit 250 performs offline payment at the store based on the result of the second authentication using the second authentication information. That is, when the second authentication is completed, the payment for the product or service that the user wants to purchase can be completed.

As described above, the storage unit 260 stores various information generated in the offline payment processing service process according to an embodiment of the present invention.

Depending on the embodiment, the storage unit 260 may be configured independently of the offline payment processing device to support functions for offline payment processing services. At this time, the storage unit 260 may operate as a separate mass storage and may include a control function for performing an operation.

Meanwhile, the offline payment processing device is equipped with a memory and can store information in the device. In one implementation, the memory is a computer readable medium. In one implementation, the memory may be a volatile memory unit, and in another implementation, the memory may be a non-volatile memory unit. In one implementation, the storage device is a computer readable medium. In various different implementations, the storage device may include, for example, a hard disk device, an optical disk device, or some other mass storage device.

By using such an offline payment processing device, when a user performs an offline payment using a mobile terminal, the convenience of payment is improved by performing secondary authentication only by responding to a question generated based on information of the user's mobile terminal. can provide

In addition, the present invention can provide a more stable offline payment system by varying the authentication level for payment according to monitoring conditions before payment.

In addition, the present invention can prevent security risks that may occur in the purchase process after the first authentication is completed by performing the second authentication based on the first authentication.

In addition, the present invention can perform offline payment safely and conveniently only with a mobile terminal without taking out a wallet or card separately by processing payment based on pre-authentication.

3 is a block diagram illustrating a mobile terminal according to an embodiment of the present invention.

Referring to FIG. 3 , a mobile terminal according to an embodiment of the present invention includes a check-in information collection unit 310, a primary authentication unit 320, a secondary authentication unit 330, and a payment execution unit 340. include

The check-in information collection unit 310 obtains check-in information corresponding to a store entered by the user.

In this case, the check-in information may be obtained using Bluetooth low energy (BLE) technology, WiFi, GPS, and the like. For example, when a user carries a mobile terminal and enters a store, the mobile terminal may receive a beacon signal from a BLE beacon device installed at the entrance of the store. In this case, the beacon signal may include check-in information including information of the corresponding store.

The primary authentication unit 320 performs primary authentication corresponding to pre-approval for purchases corresponding to the store. For example, when a PIN input window corresponding to primary authentication is received from a server corresponding to an application installed in a mobile terminal and an offline payment processing device, primary authentication may be performed by inputting a PIN using the mobile terminal. Thereafter, the server and the offline payment processing device may determine the PIN input through the mobile terminal and process primary authentication.

In this case, the first authentication may correspond to pre-payment authentication performed before a product to be purchased or an amount to be paid is confirmed during an offline payment.

In addition, primary authentication may be performed through various methods such as fingerprint recognition, face recognition, and voice recognition available through a mobile terminal.

In this case, the primary authentication corresponds to authentication with release conditions, and when the primary authentication is released, the secondary authentication information may be invalidated. That is, the primary authentication may correspond to authentication accompanied by spatial or temporal release conditions.

When the first authentication is valid, the second authentication unit 330 generates second authentication information corresponding to a response to a question for second authentication subordinate to the first authentication.

In this case, the secondary authentication information may be meta data corresponding to the user response. For example, when a question for second authentication is output to a user's mobile terminal, the user may input a user response to the question through the mobile terminal. At this time, the meta data corresponding to the user response is compared with the correct answer to the question, and if they match, the secondary authentication may be completed.

Also, secondary authentication information may be generated within a preset number of characters. For example, assuming that the number of characters of a user response that can be input by a user according to the level of secondary authentication is 3 characters, the user can only input up to 3 characters for a question for secondary authentication. At this time, the corresponding question may also be generated so that the correct answer to the question is within 3 letters.

Also, when the second authentication level increases, the preset number of characters may increase. For example, assuming that the second authentication level gradually improves from level 1 to level 3, when the level 2 is level 1, the preset number of characters is 3 characters, and when the level 2 level is 2, the preset number of characters is set to 3. The preset number of characters may be set to 5 characters, and the preset number of characters may be set to 7 characters when the secondary authentication level is the third level. That is, as the level of the second authentication is improved, it is difficult to answer the question corresponding to the second authentication information, so authentication stability can be strengthened.

To perform offline payment at the store, the payment execution unit 340 transmits the second authentication information to any one of the server and the POS corresponding to the store, and receives the offline payment result. For example, when offline payment is successful, a payment success message including the name of a store corresponding to the offline payment, a payment method, and a payment amount may be received. In addition, when the offline payment fails, a payment failure message briefly including details of the payment failure may be received.

4 to 8 are diagrams showing a payment progress screen in the case of an application member in a payment method through BLE PUSH according to an embodiment of the present invention.

4 to 8, in the payment method through BLE PUSH according to an embodiment of the present invention, when a user who has subscribed to the application pay service enters an offline store, a product through an application installed on a mobile terminal as shown in FIG. A benefit screen 410 is output to the user.

At this time, the BLE signal transmitted by the beacon installed in the store is recognized through the application installed in the mobile terminal, and the product benefit screen 410 including discount information and coupon information in the store included in the BLE signal is exposed to the mobile terminal. can That is, the mobile terminal may acquire discount information and coupon information by acquiring check-in information corresponding to the store through the beacon of the store. Also, the mobile terminal may provide check-in information to an offline payment processing device through an application.

In this case, the product benefit screen 410 may output discount information and coupon information along with a payment button on the lock screen 412 of the mobile terminal when the mobile terminal is locked.

In addition, the product benefit screen 410 may output discount information and coupon information along with a pay button to the BLE Noti 411 of the mobile terminal.

At this time, if the user selects the body area representing discount information and coupon information on the product benefit screen 410, the detailed screen 510 of the store corresponding to the product benefit screen 410 is displayed through the application as shown in FIG. can be output to the terminal.

At this time, more detailed discount and coupon information together with store information may be output on the detailed screen 510 of the store. In addition, a payment button may be output together so that the user may proceed with a payment procedure at any time.

At this time, when the user selects the payment button displayed on the store detail screen 510 or product benefits screen 410, the payment PIN input window ( 610) can be output. That is, based on the offline payment processing device linked through the application, a window for primary authentication corresponding to pre-approval at the corresponding store may be output to the mobile terminal.

At this time, the primary authentication may use a picture image gesture authentication method, a touch gesture authentication method, fingerprint recognition, face recognition, voice recognition, and the like, in addition to the PIN number input authentication method.

At this time, if the user inputs a PIN, the PIN may be transferred to the offline payment processing device to complete primary authentication.

Thereafter, when the first authentication is completed, the offline payment processing device may transmit second authentication information in the form of questions and answers to at least one of the mobile terminal and the POS corresponding to the store in order to perform the second authentication.

At this time, information such as a photo or phone number of a user corresponding to the second authentication information, that is, a purchaser, may be transmitted to the POS along with second authentication information.

After that, as shown in FIG. 7 , information corresponding to the user for whom the primary authentication has been completed, that is, the buyer for whom the primary authentication has been completed, may be displayed on the payment screen 710 of the POS device installed in the store.

In this case, when the user inputs a user response to a question corresponding to secondary authentication through the mobile terminal, and the user's response matches the correct answer to the question, secondary authentication may be completed. In addition, when a question corresponding to secondary authentication is output to the POS, secondary authentication may be performed in a manner in which a store clerk questions the user and compares the question with the correct answer.

Thereafter, when the secondary authentication is completed and the payment using the application pay is successful, a payment success message 811 may be transmitted to the user's mobile terminal as shown in FIG. 8 .

At this time, the payment success message 811 may display the name of the store where the payment was made, the payment method, and the payment amount.

In addition, when payment fails, a payment failure message 812 may be transmitted to the user's mobile terminal, and a payment screen 813 may be displayed on the mobile terminal in order to perform payment again.

At this time, a payment button or a barcode for application pay payment may be output on the payment screen 813 again.

9 to 15 are diagrams showing a member sign-up screen in the case of a non-member of an application in a payment method through BLE PUSH according to an embodiment of the present invention.

9 to 15, when a non-member of the application pay service enters an offline store in the payment method through BLE PUSH according to an embodiment of the present invention, as shown in FIG. A benefit screen 910 is output to the user.

At this time, the BLE signal transmitted by the beacon installed in the store is recognized through the application installed in the mobile terminal, and the product benefit screen 910 including discount information and coupon information in the store included in the BLE signal is exposed to the mobile terminal. can

At this time, the product benefit screen 910 displays discount information and coupon information on the lock screen 912 of the mobile terminal when the mobile terminal is locked, but the payment button may not be output because the user is not a member of the application pay service. .

In addition, the product benefit screen 910 may output discount information and coupon information to the BLE Noti 911 of the mobile terminal.

At this time, if the user selects a body area representing discount information and coupon information on the product benefit screen 910, a store detail screen 1010 as shown in FIG. 10 corresponding to the product benefit screen 910 is displayed on the mobile terminal. can be printed out.

At this time, more detailed discount and coupon information together with store information may be output on the detailed screen 1010 of the store. In addition, a pay app subscription button for subscribing to the application pay service may be output together so that the user can subscribe to the service for payment at any time.

At this time, if the user selects the pay app sign-up button, a terms and conditions agreement screen 1110 necessary for subscribing to the application pay service based on the offline payment processing system as shown in FIG. 11 can be output to the user's mobile terminal.

Thereafter, if the user agrees to the terms and conditions, as shown in FIG. 12 , the user authentication screen 1210 may be output to the mobile terminal to perform user authentication.

At this time, the identity authentication may be performed by inputting the user's name, resident registration number, telecommunications company and mobile phone number, and inputting an authentication number.

Thereafter, when user authentication is completed, a payment PIN registration screen 1310 may be displayed on the mobile terminal to register a payment PIN number to be used for primary authentication in the application pay service as shown in FIG. 13 .

At this time, not only the payment PIN registration screen 1310, but also various authentication means registration screens such as a fingerprint registration screen and a voice registration screen may be output according to the primary authentication method.

Thereafter, a card information registration screen 1410 may be displayed on the mobile terminal as shown in FIG. 14 in order to register a card to be used in the application pay service.

Thereafter, after inputting all information, a subscription confirmation screen 1510 is finally output as shown in FIG. 15, and subscription may be completed when the user selects confirmation.

Thereafter, a payment button is output to the user's mobile terminal to perform primary authentication through a PIN number, and then the application pay service can be provided.

16 is a diagram illustrating an example of performing secondary authentication using a mobile terminal according to the present invention.

Referring to FIG. 16 , in order to perform secondary authentication using a mobile terminal according to the present invention, the mobile terminal may first receive secondary authentication information from an offline payment processing device or server.

Thereafter, a question for performing the second authentication based on the second authentication information in the form of a question and answer may be output to the question output window 1611 of the second authentication screen 1610 .

In this case, the question output on the question output window 1611 may be generated by obtaining corresponding information within a predetermined past period from the time when the first authentication is performed from the mobile terminal. Also, the question output to the question output window 1611 may be generated within a preset number of characters.

For example, a question displayed on the question output window 1611 of FIG. 16 may be generated using a call record of the mobile terminal.

Thereafter, the user can check the question on the question output window 1611 and input a user response to it on the input window 1612 to perform secondary authentication.

At this time, a user response may be input into the input window 1612 within a preset number of characters. For example, if it is assumed that the preset number of characters is three characters, it may be set so that no more than three characters are input into the input window 1612 .

Thereafter, the user's response input in the input window 1612 is transmitted to the server or the offline payment processing device, and the secondary authentication may be completed by comparing with the correct answer to the question. In addition, only the result of secondary authentication may be transmitted to a server or an offline payment processing device by comparing a direct user response and a correct answer to a question in the mobile terminal.

17 is a diagram illustrating an example of performing secondary authentication using a POS of a store according to the present invention.

Referring to FIG. 17, in the process of performing the second authentication using the POS of the store according to the present invention, the POS 1710 corresponding to the store may first receive the second authentication information from the offline payment processing device or server. .

After that, based on the second authentication information in the form of questions and answers, questions and answers for performing the second authentication may be output from the POS 1710 so that only the clerk 1720 can check them.

Thereafter, the clerk 1720 who has confirmed the question through the POS 1710 may directly ask the user 1730 a question for second authentication.

Thereafter, the clerk 1720 may compare the user response with the correct answer to the question output to the POS 1710 to complete secondary authentication. For example, when the user response matches the correct answer, the secondary authentication result may be transmitted to the offline payment processing device or server by inputting that the secondary authentication has been completed through the POS 1710 .

18 is an operational flowchart illustrating an offline payment processing method according to an embodiment of the present invention from the side of an offline payment processing device.

Referring to FIG. 18 , in the offline payment processing method according to an embodiment of the present invention, check-in information corresponding to a store entered by the user is acquired (S1810).

In this case, the check-in information may be obtained using Bluetooth low energy (BLE) technology, WiFi, GPS, and the like. For example, a device such as a BLE beacon may be installed at the entrance of a store, and when a user's mobile terminal enters the area of the BLE beacon, the terminal may be sensed and a signal including store information may be transmitted. At this time, the mobile terminal receiving the signal may acquire store information included in the corresponding signal through an application and transmit the corresponding information to the offline payment processing device as check-in information.

At this time, any technology capable of detecting that the user's mobile terminal has visited a store can be used as a technology for obtaining check-in information without being limited to any technology.

In addition, in the offline payment processing method according to an embodiment of the present invention, primary authentication information for primary authentication corresponding to pre-approval for purchase corresponding to a store is received from a mobile terminal (S1820).

In this case, the first authentication may correspond to pre-payment authentication performed before a product to be purchased or an amount to be paid is confirmed during an offline payment.

In this case, the primary authentication may correspond to inputting a PIN number into the mobile terminal. That is, the first authentication may be performed in the mobile terminal. For example, when a PIN number is input to perform primary authentication in a mobile terminal, the PIN number input to the mobile terminal is recognized as primary authentication information and transmitted to an offline payment processing device, thereby enabling primary approval. .

In addition, primary authentication may be performed through various methods such as fingerprint recognition, face recognition, and voice recognition available through a mobile terminal.

In this case, the primary authentication corresponds to authentication with release conditions, and when the primary authentication is released, the secondary authentication information may be invalidated. That is, the primary authentication may correspond to authentication accompanied by spatial or temporal release conditions.

At this time, as one of the conditions for canceling the primary authentication, a timeout period corresponding to the effective time of the primary authentication may be set. That is, when a preset timeout time is exceeded after performing the first authentication, the first authentication may be automatically canceled.

At this time, the timeout time may be set differently according to the type of store. For example, in a store such as a supermarket, a time-out time may be set from 30 minutes to 1 hour suitable for shopping time. Also, in a store such as a restaurant, a time-out time may be set to about 2 to 3 hours appropriate for a meal time.

At this time, when the primary authentication is canceled because the timeout period is exceeded, payment through the mobile terminal may not be performed regardless of whether the secondary authentication is effective or not. Accordingly, in order to perform payment through the mobile terminal after the first authentication is released, the first authentication may be performed again and then the second authentication may be performed to process the payment.

In addition, when the mobile terminal moves away from the store by more than a predetermined distance, primary authentication may be canceled. For example, the location of the mobile terminal is determined using a short-range wireless communication device installed at the entrance of the store and various places inside the store, and the primary authentication is released when it is determined that the mobile terminal has moved out of the store and has moved away from the store by a certain distance or more. It can be.

In this case, the first authentication may be performed corresponding to the first authentication level adjusted according to the result of monitoring the mobile terminal obtained based on the check-in information. That is, if an abnormality is found in the monitoring result, security can be strengthened depending on the situation by increasing the primary authentication level for more secure authentication.

In this case, the monitoring result may correspond to a situation prior to performing the first authentication.

At this time, as a result of monitoring, at least one of cases where the time from acquiring check-in information to the first authentication is performed exceeds the preset standard authentication time, and the number of fraudulent mobile payments in the store exceeds the preset standard number. In the case corresponding to , the 1st authentication level can be adjusted to be improved. In other words, if it took an unusually long time before the first authentication was performed after the user with the mobile terminal entered the store, or if the store the user entered was a store in which fraudulent mobile payments frequently occur, it would be more For secure payment, the primary authentication level for primary authentication can be improved.

At this time, the first authentication may be performed by adjusting to add a PIN number input procedure when the first authentication level is improved. For example, if the primary authentication level is increased, the keyboard of the mobile terminal can be changed every time a PIN is input instead of simply inputting a PIN. In addition, a method of inputting a PIN and then inputting a color pattern or using a dummy number to increase the length of the PIN may be used. In addition, when inputting a PIN, if earphones or headphones are connected to the audio jack of the mobile terminal and listening to music, a method of inputting a PIN through audio feedback may be used as the primary authentication level improves.

In this case, the first authentication level may be improved by changing conditions that may be additionally considered in the first authentication according to the method of the first authentication. For example, assuming that the first authentication method corresponds to fingerprint recognition, fingerprint recognition of another finger may be additionally requested as the first authentication level is improved. Also, in the case of face recognition, the left or right side of the face may be recognized in addition to recognizing the front of the face.

In addition, the offline payment processing method according to an embodiment of the present invention determines whether the first authentication is valid (S1825).

After that, if the primary authentication is valid as a result of the determination in step S1825, the offline payment processing method according to an embodiment of the present invention performs secondary authentication dependent on the primary authentication with second authentication information in a question-and-answer format. is transmitted to at least one of the mobile terminal and the POS corresponding to the store (S1830).

In this case, the second authentication information in the form of questions and answers may be generated based on information stored in the user's mobile terminal. For example, a Q&A may be generated using appointment information stored in a calendar of a user's mobile terminal, or a Q&A may be generated using a call record. That is, the security of authentication can be improved by generating questions and answers based on information that only the individual user can know.

In this case, questions and answers in the form of questions and answers may be generated in the mobile terminal, or may be generated in the offline payment processing device and server by obtaining information from the mobile terminal.

At this time, a user response to a question corresponding to the secondary authentication information may be obtained from the user, and a correct answer corresponding to the question and a user response may be compared to perform secondary authentication.

At this time, the second authentication information may be transmitted to at least one of the user's mobile terminal or POS, and the method of comparing the correct answer and the user's response may be different. For example, assuming that a question about second authentication information is transmitted to a mobile terminal, a user may input and transmit a user response through a touch input of the mobile terminal. As another example, assuming that a question about second authentication information is transmitted to a POS corresponding to a store, a store clerk may confirm a question about second authentication information transmitted to the POS and directly ask a user a question. That is, if the clerk's store compares the user's response with the correct answer to the question transmitted to the POS and matches, the secondary authentication may be processed as completed.

In this case, the second authentication information is generated by obtaining corresponding information within a preset past period from the time when the first authentication is performed from the mobile terminal, and may be generated within a preset number of characters.

For example, if a user creates a question corresponding to secondary authentication information based on information that is too long in the past compared to the current date when the user visited the store, surely even the user of the mobile terminal correctly answers the question It can be difficult. Therefore, by generating secondary authentication information based on recent information about a week past so that the user can easily remember it, it is possible to prevent problems with secondary authentication during offline payment.

At this time, the preset past period can be freely modified by the user or the application manager.

In addition, the amount of information when transmitting and receiving the second authentication information can be adjusted by limiting the number of characters for the questions and answers corresponding to the second authentication information. In addition, when a user performs secondary authentication, convenience can be promoted by preventing problems in secondary authentication due to correct answers corresponding to a large number of characters.

In this case, the number of words for the question corresponding to the secondary authentication information and the number of words for the correct answer may be set differently.

At this time, the second authentication may be performed corresponding to the second authentication level adjusted according to the monitoring result of the mobile terminal until the product corresponding to the purchase is submitted to the POS. That is, a second authentication level may be determined in consideration of a situation from when the first authentication is performed until the second authentication is performed.

At this time, if the monitoring result indicates that the time from the first authentication until the product is submitted to the POS exceeds the preset standard purchase time, if the moving distance of the mobile terminal after the first authentication exceeds the preset standard movement distance, and When the moving speed of the mobile terminal exceeds the predetermined reference moving speed after the first authentication, the second authentication level may be adjusted to be improved in a case corresponding to at least one of the cases.

In this case, the preset reference purchase time may correspond to a time less than the timeout time satisfying the release condition of the first authentication.

At this time, the second authentication level may be improved by increasing the number of correct answers to the question corresponding to the second authentication information. For example, if the preset number of characters of the correct answer corresponding to the second authentication level is set to 3 characters when the second authentication level is low, if the second authentication level is higher, the preset number of characters of the correct answer is set from 5 characters to 5 characters. It can be set to increase up to 7 characters. That is, security can be improved by generating a question corresponding to a more difficult answer than when the second authentication level is low.

In this case, the second authentication may have a lower authentication level than the first authentication. That is, since the purchase intention of the user who wants to purchase a product is confirmed through the primary authentication through the mobile terminal, if the primary authentication is not canceled because the conditions for canceling the primary authentication are satisfied, the purchase can be made only with the secondary authentication of a lower level. Even if confirmed, the possibility of fraudulent payment may be reduced. Accordingly, the second authentication level may be lower than that of the first authentication method, but may be an authentication method that maximizes user convenience.

Also, the secondary authentication may correspond to authentication subordinate to the primary authentication. That is, based on the primary authentication using the mobile terminal, secondary authentication information for secondary authentication is provided to the store's POS, and the POS performs secondary authentication for a user who wants to purchase a product using the secondary authentication information provided. can be done

In addition, if the primary authentication is not valid as a result of the determination in step S1825, primary authentication information may be received in order to perform the primary authentication again.

In addition, the offline payment processing method according to an embodiment of the present invention performs offline payment at a store based on a result of secondary authentication using secondary authentication information (S1840). That is, when the second authentication is completed, the payment for the product or service that the user wants to purchase can be completed.

In addition, although not shown in FIG. 18, the offline payment processing method according to an embodiment of the present invention transmits and receives information necessary for offline payment processing with a user's mobile terminal through a communication network such as a network. In particular, information for performing check-in, primary authentication, and secondary authentication may be received from the mobile terminal, and information corresponding to offline payment processing may be provided to the mobile terminal.

In this case, information for performing offline payment processing may be received from a separate application server or a POS installed in a store.

In addition, although not shown in FIG. 18, the offline payment processing method according to an embodiment of the present invention stores various information generated in the offline payment processing service process according to an embodiment of the present invention as described above.

Depending on the embodiment, the storage module for storing information may be configured independently of the offline payment processing device to support a function for offline payment processing service. At this time, the storage module may operate as a separate mass storage and may include a control function for performing the operation.

Through this offline payment processing method, when a user makes an offline payment using a mobile terminal, it is possible to provide convenience in payment by performing secondary authentication only by responding to a question generated based on information of the user's mobile terminal. can

In addition, the present invention can provide a more stable offline payment system by varying the authentication level for payment according to monitoring conditions before payment.

In addition, the present invention can prevent security risks that may occur in the purchase process after the first authentication is completed by performing the second authentication based on the first authentication.

In addition, the present invention can perform offline payment safely and conveniently only with a mobile terminal without taking out a wallet or card separately by processing payment based on pre-authentication.

19 is an operational flowchart illustrating an offline payment processing method according to an embodiment of the present invention from the side of a mobile terminal.

Referring to FIG. 19 , in the offline payment processing method according to an embodiment of the present invention, check-in information corresponding to a store entered by the user is acquired (S1910).

In this case, the check-in information may be obtained using Bluetooth low energy (BLE) technology, WiFi, GPS, and the like. For example, when a user carries a mobile terminal and enters a store, the mobile terminal may receive a beacon signal from a BLE beacon device installed at the entrance of the store. In this case, the beacon signal may include check-in information including information of the corresponding store.

In addition, the offline payment processing method according to an embodiment of the present invention performs primary authentication corresponding to pre-approval for a purchase corresponding to a store (S1920). For example, when a PIN input window corresponding to primary authentication is received from a server corresponding to an application installed in a mobile terminal and an offline payment processing device, primary authentication may be performed by inputting a PIN using the mobile terminal. Thereafter, the server and the offline payment processing device may determine the PIN input through the mobile terminal and process primary authentication.

In this case, the first authentication may correspond to pre-payment authentication performed before a product to be purchased or an amount to be paid is confirmed during an offline payment.

In addition, the offline payment processing method according to an embodiment of the present invention determines whether the first authentication is valid (S1925).

In addition, primary authentication may be performed through various methods such as fingerprint recognition, face recognition, and voice recognition available through a mobile terminal.

In this case, the primary authentication corresponds to authentication with release conditions, and when the primary authentication is released, the secondary authentication information may be invalidated. That is, the primary authentication may correspond to authentication accompanied by spatial or temporal release conditions.

As a result of the determination in step S1925, if the primary authentication is not valid, primary authentication may be performed.

In addition, if the primary authentication is valid as a result of the determination in step S1925, the offline payment processing method according to an embodiment of the present invention provides a secondary authentication corresponding to a response to a question for secondary authentication dependent on the primary authentication. Authentication information is generated (S1930).

In this case, the secondary authentication information may be meta data corresponding to the user response. For example, when a question for second authentication is output to a user's mobile terminal, the user may input a user response to the question through the mobile terminal. At this time, the meta data corresponding to the user response is compared with the correct answer to the question, and if they match, the secondary authentication may be completed.

Also, secondary authentication information may be generated within a preset number of characters. For example, assuming that the number of characters of user response that can be input by the user according to the level of secondary authentication is 3 characters, the user can only input up to 3 characters for the question for secondary authentication. At this time, the corresponding question may also be generated so that the correct answer to the question is within 3 letters.

Also, when the second authentication level increases, the preset number of characters may increase. For example, assuming that the second authentication level gradually improves from level 1 to level 3, when the level 2 is level 1, the preset number of characters is 3 characters, and when the level 2 level is 2, the preset number of characters is set to 3. The preset number of characters may be set to 5 characters, and the preset number of characters may be set to 7 characters when the secondary authentication level is the third level. That is, as the level of the second authentication is improved, it is difficult to answer the question corresponding to the second authentication information, so authentication stability can be strengthened.

In addition, the offline payment processing method according to an embodiment of the present invention transmits the second authentication information to any one of the server and the POS corresponding to the store in order to perform offline payment at the store, and receives the offline payment result. Do (S1940). For example, when offline payment is successful, a payment success message including the name of a store corresponding to the offline payment, a payment method, and a payment amount may be received. In addition, when the offline payment fails, a payment failure message briefly including details of the payment failure may be received.

FIG. 20 is a diagram showing in detail a process of increasing the second authentication level of the second authentication among the offline payment processing methods shown in FIG. 18 .

Referring to FIG. 20, in the process of improving the second authentication level of the second authentication among the offline payment processing methods shown in FIG. That is, a second authentication level may be determined in consideration of a situation from when the first authentication is performed until the second authentication is performed.

Thereafter, it is determined whether the monitoring result satisfies the second authentication level improvement condition (S2015).

At this time, if the monitoring result indicates that the time from the first authentication until the product is submitted to the POS exceeds the preset standard purchase time, if the moving distance of the mobile terminal after the first authentication exceeds the preset standard movement distance, and When the moving speed of the mobile terminal exceeds the predetermined reference moving speed after the first authentication, it may be determined that the second authentication level enhancement condition is satisfied when the mobile terminal corresponds to at least one of the cases.

In this case, the preset reference purchase time may correspond to a time less than the timeout time satisfying the release condition of the first authentication.

If the monitoring result of the judgment in step S2015 satisfies the second authentication level improvement condition, the second authentication level is improved by increasing the number of correct answers to the question corresponding to the second authentication information (S2020).

For example, if the preset number of characters of the correct answer corresponding to the second authentication level is set to 3 characters when the second authentication level is low, if the second authentication level is higher, the preset number of characters of the correct answer is set from 5 characters to 5 characters. It can be set to increase up to 7 characters. That is, security can be improved by generating a question corresponding to a more difficult answer than when the second authentication level is low.

In addition, if the monitoring result of the judgment in step S2015 does not satisfy the condition for increasing the second authentication level, the second authentication level may be performed without performing a process for increasing the second authentication level.

FIG. 21 is a diagram showing in detail a process of improving the first authentication level of the first authentication among the offline payment processing methods shown in FIG. 18 .

Referring to FIG. 21 , in the process of improving the first authentication level of the first authentication among the offline payment processing methods shown in FIG. 18 , a monitoring result for a mobile terminal is first obtained based on check-in information (S2110). That is, if an abnormality is found in the monitoring result, security can be strengthened depending on the situation by increasing the primary authentication level for more secure authentication.

In this case, the monitoring result may correspond to a situation prior to performing the first authentication.

Thereafter, it is determined whether the monitoring result satisfies the first authentication level improvement condition (S2115).

At this time, as a result of monitoring, at least one of cases where the time from acquiring check-in information to the first authentication is performed exceeds the preset standard authentication time, and the number of fraudulent mobile payments in the store exceeds the preset standard number. If it corresponds to , it can be determined that the 1st authentication level improvement condition is satisfied. In other words, if it took an unusually long time before the first authentication was performed after the user with the mobile terminal entered the store, or if the store the user entered was a store in which fraudulent mobile payments frequently occur, it would be more For secure payment, the primary authentication level for primary authentication can be improved.

If the monitoring result of the determination in step S2115 satisfies the first authentication level improvement condition, the first authentication level is improved by adding elements considered in the first authentication according to the first authentication method (S2120). For example, if it is assumed that the primary authentication method is a PIN input, if the primary authentication level increases, the keypad of the mobile terminal may be changed every time a PIN is input, rather than simply inputting a PIN. In addition, a method of inputting a PIN and then inputting a color pattern or using a dummy number to increase the length of the PIN may be used. In addition, when inputting a PIN, if earphones or headphones are connected to the audio jack of the mobile terminal and listening to music, a method of inputting a PIN through audio feedback may be used as the primary authentication level improves.

In addition, if the monitoring result of the determination in step S2115 does not satisfy the first authentication level improvement condition, the first authentication level may be performed without increasing the first authentication level.

The offline payment processing method according to the present invention may be implemented in the form of program instructions that can be executed through various computer means and recorded on a computer readable medium. The computer readable medium may include program instructions, data files, data structures, etc. alone or in combination. Program instructions recorded on the medium may be those specially designed and configured for the present invention or those known and usable to those skilled in computer software. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic media such as floptical disks. - includes all types of hardware devices specially configured to store and execute program instructions, such as magneto-optical media, and ROM, RAM, flash memory, etc. Examples of program instructions may include high-level language codes that can be executed by a computer using an interpreter or the like as well as machine language codes generated by a compiler. These hardware devices may be configured to act as one or more software modules to perform the operations of the present invention, and vice versa.

As described above, the offline payment processing system according to the present invention, the offline payment processing method using the personal information query-based secondary authentication, and the device using the same are limited to the configuration and method of the embodiments described above. Rather, the above embodiments may be configured by selectively combining all or part of each embodiment so that various modifications can be made.

According to the present invention, check-in information corresponding to a store entered by the user is acquired, primary authentication information for primary authentication corresponding to pre-approval for purchase corresponding to the store is received from a mobile terminal, and primary authentication is performed. If valid, the second authentication information in the form of a question and answer is transmitted to at least one of the mobile terminal and the POS corresponding to the store in order to perform the second authentication subordinate to the first authentication, and based on the second authentication result using the second authentication information Thus, offline payment can be made at the store. Furthermore, it is possible to provide users with a stable offline payment service while maximizing convenience.

110: application server 111: application
120: Terminal 130: POS
140: BLE server 141: BLE SDK
150: BLE device 160: store
210: communication unit 220: check-in information acquisition unit
230: primary authentication unit 240: secondary authentication unit
250: payment processing unit 260: storage unit
310: check-in information collection unit 320: primary authentication unit
330: second authentication unit 340: payment unit
410, 910: Product benefit screen 411, 911: BLE Noti
412, 912: Lockscreen 510, 1010: Store details screen
610: payment PIN input window 710: payment screen
811: payment success message 812: payment failure message
813: Payment screen again 1110: Terms and conditions agreement screen
1210: Identity authentication screen 1310: Payment PIN registration screen
1410: Card information registration screen 1510: Subscription confirmation screen
1610: Second authentication screen 1611: Question output window
1612: input window 1710: POS
1720: clerk 1730: user

Claims (10)

a check-in information acquisition unit that obtains check-in information corresponding to a store entered by the user;
a primary authentication unit receiving primary authentication information for primary authentication corresponding to pre-approval for purchase corresponding to the store from a mobile terminal;
a second authentication unit that transmits second authentication information in the form of questions and answers to at least one of the mobile terminal and the POS corresponding to the store in order to perform second authentication subordinate to the first authentication when the first authentication is valid; and
A payment processing unit that performs an offline payment at the store based on a result of the second authentication using the second authentication information.
Including,
The second authentication unit monitors at least one of a purchase time, a moving distance, and a moving speed for the mobile terminal until a product corresponding to the purchase is submitted to the POS after the first authentication, and a result of monitoring the second authentication unit is preset. If the authentication level improvement condition is satisfied, the second authentication level is improved, and the question corresponding to the correct answer has more characters than the number of characters corresponding to the existing secondary authentication level before the upgrade to the improved second authentication level. Offline payment processing device, characterized in that for generating and transmitting the secondary authentication information based on. ◈Claim 2 was abandoned when the registration fee was paid.◈ The method of claim 1,
The second authentication unit
Obtaining a user response to a question corresponding to the second authentication information from the user, and performing the second authentication by comparing whether a correct answer corresponding to the question matches the user response. processing unit. ◈Claim 3 was abandoned when the registration fee was paid.◈ The method of claim 2,
The second authentication information is
The offline payment processing device, characterized in that generated by obtaining corresponding information within a preset past period from the time when the first authentication is performed from the mobile terminal, and generated within a preset number of characters. delete delete delete delete delete delete obtaining, by an offline payment processing device, check-in information corresponding to a store entered by the user;
receiving, by the offline payment processing device, primary authentication information for primary authentication corresponding to pre-approval for purchase corresponding to the store from a mobile terminal;
In order for the offline payment processing device to perform a second authentication subordinate to the first authentication when the first authentication is valid, the second authentication information in the form of a question and answer is sent to at least one of the mobile terminal and the POS corresponding to the store. transmitting; and
Performing, by the offline payment processing device, offline payment at the store based on a result of secondary authentication using the secondary authentication information
Including,
Transmitting the second authentication information to at least one of the mobile terminal and the POS corresponding to the store,
After the first authentication, the offline payment processing device monitors at least one of a purchase time, a moving distance, and a moving speed for the mobile terminal until a product corresponding to the purchase is submitted to the POS. If the condition for improving the second authentication level is satisfied, the second authentication level is improved, and the answer corresponding to the correct answer having more characters than the number of characters of the correct answer corresponding to the existing secondary authentication level before upgrading to the improved second authentication level The offline payment processing method further comprising generating and transmitting the second authentication information based on the question.

Images