KR20020033588A - certification/payment device for M-commerce, system and method using the same - Google Patents

Abstract

PURPOSE: An electronic commerce service system and method is provided to offer an electronic commerce service by inserting a detachable authentication and payment module into a data port of a mobile terminal or connecting a card type authentication and payment device to a connector inserted into a data port of a mobile terminal. CONSTITUTION: The method comprises steps of displaying an initial payment page on a display of a mobile terminal, and enabling a user to input a secret number of an authentication and payment module at the payment page(S60), transferring the secret number to the authentication and payment module and asking if the user uses the authentication and payment module(S61), enabling a CPU to read a pseudo card user number from an EEPROM, to decode the secret number and to generate one time card user number, and displaying the generated one time card user number(S62), enabling the user to transmit the one time card user number to a sale system for making a payment for purchased goods or services, enabling the sale system to transmit the transaction statement, the card user number and an ID number of the authentication and payment module to a payment system(S63-S64), enabling the payment system to search for a current card user number in an authentication management database according to a usage sequence and comparing the searched card user number with the transmitted card user number(S65), if the two numbers are identical, enabling the payment system to request a transaction approval to a card company(S67), and if the credit card company approves the transaction, enabling the payment system to transmit an approval result and the card user number to the sale system(S68).

Description

Authentication / payment device for mobile e-commerce, electronic commerce system using same and method therefor {certification / payment device for M-commerce, system and method using the same}

The present invention relates to an electronic commerce system and a method through a wireless network, and more particularly, to a system and method for performing payment or authentication through a wireless network using a payment card module detachable to a terminal.

Recently, with the development of information and communication technology and the explosive spread of global communication infrastructure such as the Internet, e-commerce is emerging as a new mode of economic activity that overcomes time and space constraints. As a result, countries around the world are promoting the activation of electronic commerce as a key means to strengthen their national competitiveness, and the Internet is now becoming a business battleground without borders.

The definition of Electronic Commerce (EC) can vary from many perspectives, but it supports and supports all commercial activities for buying and selling goods and services in cyberspace, such as the Internet, among individuals, businesses, and governments. It is common to define a set of actions that include activities that do.

The biggest advantage of e-commerce is that there is no time and space constraints, which saves you the hassle of going directly to the store, virtually no distribution costs, no rent, no inventory, and all Internet subscribers worldwide. It is likened to a high-tech golden fishery in that respect. In addition, e-commerce is a key means of dramatically improving the efficiency and transparency of the entire economy by reducing the distribution stage and drastically reducing transaction costs and recording and managing all transactions through a computer.

However, apart from the global use of e-commerce, the progress of e-commerce in Korea is minimal.

There are many reasons for the low utilization of e-commerce, but in the case of e-commerce (non-face-to-face transactions) on the Internet where customers and stores do not meet physically, e-payment transmits credit card information through an open network such as the Internet. For the Electronic Payment System, users in the regions that are more conservative than Westerners, and where the use of cash has been important, may point out that they are anxious about exposing personal credit information.

In fact, the biggest problem with e-commerce is protecting credit information efficiently. To this end, various payment methods such as prepaid card type, credit card type, deposit transfer type and electronic cash type are used, but fundamental user protection is impossible.

At present, there are attempts to standardize and strengthen the electronic payment security technology as a way to solve the user information security problem related to the activation of electronic commerce, but this cannot be a fundamental solution when the credit card user number is exposed when using the electronic commerce. .

In this regard, FIG. 1 illustrates an online shopping mall purchase process using a Secure Electronic Transaction (SET) method in connection with a standardization method of an electronic payment security technology.

When attempting an existing e-commerce, a user accesses a shopping mall, enters a product name or a credit card number into an order on a browser, and then applies for a purchase. The credit card number and the order are encrypted with respective keys and transmitted to the shopping mall company (104). ), The encrypted order is decrypted using a corresponding decryption key at the shopping mall site (106), and the encrypted credit card number may be a credit card company (sometimes a VAN operator, in which case VAN or PG). (paymnt gateway) can be forwarded to the credit card company to the credit card company to request authorization (108).

The credit card company, which has received a request for approval in connection with the credit limit, decodes the credit card number using a decryption key corresponding to the encryption key to obtain the credit card number (110), and then, the credit related information about the number, etc. Search for and transmit the result of the approval request to the shopping mall company (112).

In the shopping mall, a series of electronic commerce is performed by displaying information to the buyer (116) regarding a transaction completion or inability to deal with the result of the approval request.

As can be seen in FIG. 1, data is necessarily encrypted in order to send and receive a purchase order or a credit card number on which personal information is currently described via the Internet. However, it is also a matter of privacy from the point of view that personal information is more than necessary to an unrelated agency, so only the shopping mall can use encrypted orders and only credit card companies can decrypt encrypted credit card numbers. Use

However, in addition to strengthening the security of personal information from this point of view, a separate plan must be prepared for the case where the hacking or credit card number is found in an unjust manner.

On the other hand, Figure 2 is an illustration of a case where the e-commerce through the Internet is hacked. Assuming a home, business, or PC, such as using an individual PC 202 to purchase goods or attempt banking via e-commerce, the information you want to transfer is not a leased line to a server 204 such as an e-commerce company or bank. When delivered over a network (eg, the Internet) has the disadvantage that it can be exposed to third parties 206 via the network.

Next, in connection with the user authentication of a credit card, a utility model has been recently applied for an "apparatus for authenticating a credit card user" (registration utility model No. 1999-23246) which can be used only by entering a password. In the above application, before the user uses the credit card, the user can authenticate himself or herself without using an external device by using the function of the user authentication device provided on the credit card itself, thereby preventing the use of the credit card by another person. Provide the device.

However, according to the contents disclosed by the above application, since the credit card number is fixed for each card and the fixed user number must be entered during the e-commerce process, the credit card user number is exposed to the other person so that the other person can use the user number during the e-commerce transaction. It is defenseless against fraudulent use to steal.

That is, when the card users enter the card user number in the e-commerce, the prior arts can be secretly peeped around an individual single-head machine such as a kiosk installed in a workplace, a stock room or a public place to be used for public use, or a hacking program. If a program such as the above is installed on a PC used for electronic commerce and the card user number is obtained and used, there is a disadvantage in that it cannot fundamentally prevent fraudulent use.

3 illustrates a card user number system utilized by an existing card company in relation to such a fixed user number.

Reference numeral 302 in Fig. 3 denotes BIN No. 1. A card unique identification number is shown, reference numeral 304 denotes a card-specific rating, and reference numeral 306 denotes a card type for distinguishing an individual or a corporation. Reference numerals 308 to 312 are components for indicating information about an individual, and reference numeral 308 denotes a personal identification number, and reference numeral 310 denotes a subscriber classification for indicating whether an individual or a family. And reference numeral 312 denotes an issuing order for indicating whether theft / loss is indicated. Finally, reference numeral 314 is the error identification number portion for number stealing or verification of any input attempt.

As can be seen from the above, in the existing card system, if a card number used in e-commerce is used, for example, a malicious third party does not try to find the last digit of the 16-digit number. There is a good chance that we can make a name in another person's name.

In order to make up for this shortcoming, an e-commerce transaction requires an individual to register as a member of the e-commerce company service while registering information such as a social security number, and encrypts this information together with payment approval request information to request approval and approval. The card company may use a method of confirming whether the card company matches the information of the card customer and granting the approval.

However, due to the fact that most of the current Internet users can use information about themselves arbitrarily in internet marketing, they avoid evaluating detailed information such as social security numbers when they register, even if they register and use it. The problem is that a malicious third-party can obtain all such material and steal it completely.

On the other hand, in relation to network security, a time-synchronized RSA Secure ID, a one time password (OTP) secure token, a secure card, a once ID, and the like are used for user authentication.

However, this method uses a separate terminal as a two-factor method, but the number displayed on the terminal for user authentication corresponds to a password. Thus, the function is limited to user authentication only. There is a problem that can not be.

In addition, with the development of the technology of electronic commerce through such a network, Internet services using mobile wireless terminals such as mobile phones and personal digital assistants (PDAs) are being started so that users can obtain the desired information anytime and anywhere. E-mail reception, information retrieval, or product purchase are being performed using a terminal.

However, when the user receives the product information using the wireless communication terminal and makes a purchase decision and then pays for the product, due to the limitation (size) of the input device of the wireless communication terminal, the payment is made as well as the name of the user. It is not easy to enter shipping information such as information of the means (for example, a credit card number), a shipping address, and the like.

For this reason, electronic commerce such as product purchase using a wireless communication terminal is rarely performed. In addition, when a credit card payment is made using a wireless communication terminal, a user can easily perform mobile commerce (M). -COMMERCE) is becoming a major factor in hesitation.

On the other hand, when using a credit card or the like at the time of payment on-line, an expensive card reader is necessarily required, and therefore, costs for purchasing an expensive card reader are required in each offline store.

Therefore, the technical problem to be achieved by the present invention is to enable convenient and easy payment or authentication according to the use of a wireless network anytime, anywhere using a wireless communication terminal.

In particular, the first technical problem to be achieved by the present invention is a removable module-type mobile electronics capable of communicating with the portable terminal by updating the card user number at every transaction and inserting the data port of the portable terminal into a personal portable terminal such as a cellular phone. An authentication / payment device for commerce, or an authentication / payment device for mobile e-commerce in the form of a card communicating with a mobile terminal through a connector inserted into a data port of the mobile terminal.

In addition, the second technical problem to be achieved by the present invention is to provide a system and method for performing authentication / payment according to the electronic commerce in conjunction with the authentication / payment device for mobile e-commerce.

In addition, a third technical problem to be achieved by the present invention is to provide a system and method for making a payment according to the purchase made offline using a communication terminal without a separate expensive reader.

1 is a diagram illustrating a seven-step online shopping mall purchase using Secure Electronic Transaction (SET).

2 is an exemplary diagram of a case where e-commerce through the Internet is hacked.

3 is an exemplary diagram of a card user number system utilized by an existing card company.

4 is a schematic diagram showing a mobile terminal and an authentication / payment apparatus for mobile e-commerce according to a first embodiment of the present invention.

5 is a diagram illustrating the structure of an electronic commerce system interworking with an authentication / payment apparatus for mobile e-commerce according to a first embodiment of the present invention.

6 is a diagram illustrating a sequential flow of an electronic commerce method using an authentication / payment apparatus for mobile electronic commerce according to the first embodiment of the present invention.

7 is a diagram sequentially illustrating a procedure performed in the authentication / payment apparatus for mobile e-commerce according to the first embodiment of the present invention.

8 is an exemplary view of a screen displayed on a display unit of a user's portable terminal displayed by the control of the authentication / payment apparatus for mobile e-commerce according to the first embodiment of the present invention.

9 is another example of an authentication / payment apparatus for mobile e-commerce according to the first embodiment of the present invention.

FIG. 10 is an exemplary view of a screen that may be displayed on a display unit of the payment card module shown in FIG. 9.

11 is an overall structural diagram of an electronic commerce system according to a second embodiment of the present invention.

12 is a flowchart sequentially illustrating a payment card module registration and account opening process according to a second embodiment of the present invention.

13 is a flowchart sequentially illustrating a mobile banking process using a payment card module according to a second embodiment of the present invention.

14 is an exemplary view of a screen displayed on a display unit of a terminal according to a mobile banking process according to a second embodiment of the present invention.

15A and 15B are flowcharts sequentially illustrating a commerce and a payment process using a payment card reading module according to a second embodiment of the present invention.

16 is an exemplary view of a screen displayed on a display unit of a terminal according to a commerce and payment process according to a second embodiment of the present invention.

17A and 17B are flowcharts sequentially illustrating a commerce and payment processing process according to a third embodiment of the present invention.

18 is an exemplary view of a screen displayed on a display unit of a terminal according to a commerce and payment process according to a third embodiment of the present invention.

19A and 19B are flowcharts sequentially illustrating a commerce and a payment process using a payment card reading module according to a fourth embodiment of the present invention.

An authentication / payment apparatus according to a feature of the present invention for achieving the first technical problem of the present invention is an authentication / payment apparatus capable of connecting a display unit and an input unit to a wireless communication terminal, wherein a plurality of encrypted card user numbers are stored. Memory; Whenever a password is input from the input unit of the wireless communication terminal, one encrypted card user number is read out from the memory in order according to a setting sequence, and then the card user number read based on the input password is read. And a processing unit for decrypting and providing the decrypted card user number to the wireless communication terminal for display on the display unit.

According to another aspect of the present invention, there is provided an authentication / payment apparatus, which is an authentication / payment apparatus connectable to a wireless communication terminal including a display unit and an input unit, comprising: a memory in which card-specific information is stored; Each time a password is input from the input unit, card user unique information is read from the memory, and then a card user number is generated by processing based on the input password, and the generated card user number is sent to the wireless communication terminal. And a processing unit for providing the display on the display adverb.

In the authentication / payment apparatus having this feature, the processing unit decrypts the encrypted card user number corresponding to the transmitted password when the password inputted through the input unit and the transmitted password match. Here the card user number can be used as an authentication number for user authentication.

On the other hand, the wireless communication terminal may further include an interface for communicating with the data port, in addition, the authentication / payment device may be connected to the data port of the wireless communication terminal via a connector to communicate data.

The payment system according to a feature for achieving the second technical problem of the present invention is a payment system connected to a seller's sales system through a network to perform a payment process. A database correspondingly stored; And a processing device which receives a card user number from the sales system, reads the card user number from the database, determines whether to match, and finds a card number corresponding to the card user number and performs a payment process when the card user number is matched. And the processing device reads one card user number from among the plurality of card user numbers stored in the database in order according to the setting order and compares the card user number transmitted from the sales system.

In addition, a payment method according to another feature for achieving the second technical problem of the present invention is connected via a network with a seller's sales system, stores a card number usable for each buyer, and a plurality of cards for each card number A payment method of a payment system including a database having corresponding user numbers stored therein, the method comprising: searching for a corresponding card number by searching the database when an identification number and a card user number are received from the sales system; Determining whether to approve the transaction for the card number; And when the transaction approval for the card number is determined, informing the transaction system of the transaction approval, wherein the card user number sent from the sales system matches the card user number corresponding to the order currently to be used. If so, the card number corresponding to the card user number is found.

In the payment system and method having such a feature, the sales system transmits the card user number identified from the payment card module to the payment system, and a payment card module in which a plurality of encrypted card user numbers are stored is inputted. Decrypting the encrypted card user number corresponding to the order currently to be used, and provides the decrypted card user number to the wireless communication terminal including the display unit to be displayed on the display unit.

E-commerce method according to a feature of the present invention for achieving the third technical problem of the present invention, a plurality of terminals that can be attached to the payment card module, payment / authentication demand system and the e-commerce of the system that is connected via the network and the bank system A method comprising: providing a plurality of payment / authentication demand system information to a terminal equipped with the payment card module connected through a network; Connecting the terminal to the payment / authentication demand system when the terminal requests access to one payment / authentication demand system; If the encryption number for requesting product payment / authentication is transmitted from the terminal, decrypting the encryption number and authenticating that the buyer is a user who can make payment / authentication based on the decrypted information; And requesting the payment for the goods purchased by the buyer to the bank system, so that payment / authentication of the goods purchased by the buyer is performed.

In addition, the electronic commerce method according to another aspect for achieving the third technical problem of the present invention, a plurality of terminals that can be attached to the payment card module, payment / authentication demand system and the electronic commerce method of the system connected to the bank system and the network When the payment / authentication request according to the product purchase made through the terminal from the payment / authentication demand system is input, requesting transmission of information for payment / authentication to the corresponding terminal; If the encryption number for product payment / authentication is transmitted from the terminal equipped with the payment card module, decrypting the encryption number and authenticating that the buyer is a user who can make payment / authentication based on the decrypted information; And requesting the payment for the goods purchased by the buyer to the bank system, so that payment / authentication of the goods purchased by the buyer is performed.

According to another aspect of the present invention, there is provided an electronic commerce method. The electronic commerce method of a system in which a buyer's payment card module, a payment card module is detachable from a seller terminal, and a system connected to a bank system are provided. Transmitting, by the seller terminal, an encryption number for requesting payment of a goods when the payment card module of the buyer who purchased the goods is mounted; If the encryption number is transmitted from the seller terminal, decrypting the encryption number and authenticating that the payment card module can make a payment based on the decrypted information; And requesting payment for the goods purchased by the buyer to the bank system when the authentication process is performed, such that payment for the goods is made.

In addition, an electronic commerce method according to another feature for achieving the third technical problem of the present invention, a plurality of buyer terminal detachable payment card module, and the electronic commerce method of the system connected to the bank system via the network, If an encryption number for requesting network banking is transmitted from a buyer terminal equipped with a payment card module, decrypting the encryption number and authenticating that the buyer is a user capable of network banking based on the decrypted information; And when the authentication process is performed, connecting the purchaser terminal to the bank system to perform network banking.

In the electronic commerce method of the present invention having such a feature, the encryption number is encrypted with a user number corresponding to the current order of the identification number of the payment card module and a plurality of user numbers stored in the payment card module. The encryption number may be transmitted for payment / authentication together with all or part of the terminal's telephone number or the terminal's unique number.

On the other hand, the authentication processing step, if the identification number of the payment card module included in the decrypted information is a registered number, the authentication process when the user number is a number corresponding to the order currently being used; Requesting a password input for confirming that the user is a user who is capable of electronic commerce to the purchaser terminal; And when the password is a registered password, performing final authentication as a purchaser capable of electronic commerce.

Here, the terminal may be a wireless communication terminal, and the seller terminal may also be a wireless communication terminal.

In addition, the electronic commerce system according to another feature for achieving the third technical problem of the present invention, a payment card module is a system that is connected through a network with a plurality of removable terminals, payment / authentication demand system and the bank system, A database including card module information, terminal information, and information for payment / authentication; and an encryption number for requesting payment / authentication according to product purchase from a terminal equipped with the payment card module through a network. An authentication processing unit for decrypting the number and searching the database based on the decrypted information to authenticate the purchaser as a user who can make payment / authentication, wherein the authentication processing unit is provided with the goods purchased by the buyer to the banking system after the authentication processing. Request a payment for the purchaser Ensure payment / authentication for the product.

In addition, the electronic commerce method according to another aspect for achieving the third technical problem of the present invention, a system that is connected via a network with a plurality of seller terminal, payment / authentication demand system and the bank system that the payment card module of the buyer can be removable A database containing payment card module information, seller terminal information, and information for payment / authentication; And an encryption number for requesting payment / authentication according to a product purchase is transmitted from a seller terminal equipped with the payment card module through a network, decrypting the encryption number and searching the database based on the decrypted information. And an authentication processing unit for authenticating that the buyer having a payment / authentication is a user, and wherein the authentication processing unit requests the payment for the goods purchased by the buyer to the bank system after the authentication processing, Make payment / authentication for

In addition, the electronic commerce method according to another aspect for achieving the fourth technical problem of the present invention, a plurality of buyers wireless communication terminal and wired communication terminal, and the bank system and payment / authentication demand system and network that the payment card module is removable In an e-commerce method of an e-commerce system connected through a network, when a buyer's wired communication terminal accesses the payment / authentication demand system and requests product information, the payment / authentication demand system provides product information to the wired communication terminal. Doing; Requesting an e-mail address for the wireless communication terminal of the purchaser if the purchase of goods from the wired communication terminal of the purchaser and payment of the payment card module accordingly are requested; Sending, by the payment / authentication demand system, a payment page of a product purchased by the buyer to an e-mail address provided from the wired communication terminal of the buyer; Requesting a payment card module to be installed by the payment / authentication demand system when a purchaser accesses the e-mail address using a wireless communication terminal and then accesses the shopping mall system through the transmitted payment page; When an encryption number for requesting network banking is transmitted from the wireless communication terminal of the purchaser equipped with the payment card module, the electronic commerce system decrypts the encryption number and based on the decrypted information, the purchaser is a user capable of network banking. Authentication processing; And when the authentication process is performed, connecting the purchaser terminal to the bank system to perform network banking.

The payment page transmitted to the e-mail address may be a one-time use, and the payment / authentication demand system may provide product information or request an e-mail address to the wired communication terminal of the purchaser through the e-commerce system.

DETAILED DESCRIPTION Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.

4A and 4B illustrate an authentication / payment device for mobile e-commerce according to the first embodiment of the present invention (in this example, an authentication / payment device is implemented as a payment card module, but the present invention is not necessarily limited thereto. It can be used as an authentication module for performing user authentication, etc. based on the contents described below) and a connection state with the wireless communication terminal.

4A and 4B, the payment card module 4 according to the first embodiment of the present invention includes a CPU 41, an EEPROM 42, a clock unit 43, and an interface unit 44. It includes. In addition, the payment system further includes a URL transmission button 45 for allowing one-click access without a separate connection process, and an authentication button 46 for requesting payment. The payment card module 4 having such a structure may be implemented as a one-chip type memory control unit (MCU) integrating a CPU, an EEPROM, and a clock unit.

The payment card module 4 is detachably connected to the purchaser terminal 2, that is, the wireless communication terminal 2, and the wireless communication terminal 2 includes a data port 21 for data input / output of the wireless communication terminal, Keypad 22 consisting of a plurality of keys for inputting data such as a password, display unit 23 and wireless transceiver 24.25 for displaying data input / output or data provided from payment card module 4, received data Is transmitted to the payment card module 4, and processes the data transmitted from the payment card module 4 to be displayed on the display unit 23 or transmitted through the transmission unit 24.

On the other hand, the interface 44 of the payment card module 4 is connected to the data port 21 to communicate data, in this case, but communicates data in the RS-232C method, but is not limited thereto. The CPU 41 of the payment card module 4 is in serial communication with the display unit 23 and the keypad 22 mounted in the wireless communication terminal via an RS-232 interface. To this end, it is preferable that the inside of the wireless communication terminal and the CPU of the payment card module of the present embodiment have the same data protocol, and if the internal voltage of the wireless communication terminal and the voltage required by the CPU of the payment card module are different, this is adjusted. It is obvious that a DC-DC converter or regulator is needed to do this.

For example, the CPU 41 of the payment card module 4 is a protocol adopted by each wireless communication terminal company, for example, an ESMS protocol (data format on the SK side) or an EIF protocol (similar to ESMS but based on the Internet). Performs data communication using the same protocol as.

In the EEPROM 42 of the payment card module 4, a pseudo user number, CPU procedure basic information, and the like are stored. In particular, a plurality of pseudo user numbers are stored and used one by one according to a set order (named use order).

The CPU 41 stores the pseudo card user number stored in the EEPROM 42 whenever a password is input via the keypad 22 of the wireless communication terminal 2 in accordance with the clock signal provided from the clock unit 43. A card user who can read and decrypt one pseudo user number in order according to the order of use among the plurality of pseudo user numbers stored in the EEPROM 42 when the button 46 for authentication is activated. Generate a number. Then, the generated card user number and the serial number of the payment card module are encrypted, and the encrypted information and a part of the telephone number of the terminal provided from the wireless communication terminal 2 are transferred to the payment system 1 through the wireless communication terminal 2. Send to request payment or authentication.

It is apparent that the EEPROM 42 may store card user specific information (previous card user number, or encrypted personal identification information and time or step information), and the like to generate the card user number according to a set of rules.

5 illustrates a structure of a system for performing authentication / payment in connection with a payment card module and a wireless communication terminal having such a structure. As shown in FIG. 5, the authentication / payment system according to the first embodiment of the present invention (in this example, a system for performing payment will be described as an example, but is not limited thereto). The same applies to the system.) 1 is connected to the purchaser terminal 2 and the sales system 3 through a network (including wired and wireless networks (including online internet, mobile internet, future network, etc.) M1, In addition, it is connected to the approval system 5 for payment approval.

The authentication payment / system, that is, the payment system 1 may be operated by a VAN operator, and includes a database module D1 for storing various information for providing a payment service using the payment card module 4 and a database module. On the basis of the information stored in (D1), it includes a processing unit (D2) for providing a payment service to buyers who are registered as members, and further includes an interface server (D3) and a mail server (D4).

Specifically, the database module D1 includes a member information database D11, an authentication information database D12, and a payment information database D13.

The member information database D11 stores a plurality of pieces of information for each buyer, who are registered as a member who can receive a payment service using the payment card module 4. For example, a name, a password for payment, a bank account number, a terminal phone number, a payment card module serial number, and various cards (credit cards) for each payment identification number given to a buyer who purchased a payment card module. Alternatively, buyer information such as a unique card number of a department store card, a social security number, a contact information (e-mail address, 7-mail address, a landline phone number, etc.), and a place of residence may be stored.

In the authentication information database D12, a plurality of card user numbers indicating permission to use are matched and stored in correspondence with various card numbers to be used for each identification number assigned to the payment card module. Multiple card user numbers are used in turn in order of use. However, when generating a card number through a rule, it may be implemented such that one or more card user numbers are stored in the authentication information database D12.

The payment information database D13 stores a card paid for each buyer who has requested a payment and payment details thereof.

The processing device D2 that provides the payment service based on the information stored in each of the databases D11 to D13 includes a member management unit D21, a number issuing unit D22, a payment processing unit D23, and an information transmitting unit D24. ).

Member management unit (D21) is responsible for the interface with other systems (buyer terminal, sales system, authentication system) connected through the network (M1), in particular, registration as a member who can receive payment services according to the present invention And member login and the like at the time of connection.

The number generator D22 assigns a card user number indicating usage permission for each card of each buyer registered as a member.

When the card user number is transmitted from the sales system 3, the payment processing unit D23 matches with the card user number (the card user number which is the turn to be currently used in the order of use) stored in the authentication information database D12. Determine, and request the transaction approval to the approval system (5) according to the determination result. On the other hand, if the payment system (1) is a card company that issued the card itself, a separate card in which the payment processing unit (D23) stores information such as transaction limit and credit for each card member, instead of through the approval system (5). Transaction approval is processed based on information stored in an information database (not shown).

The information transceiving unit D24 performs information transceiving with the sales system 3, and in particular, transmits the transaction approval result to the sales system 3 via the network M1.

The interface server D3 allows a plurality of terminals 2 and the systems 3 and 5 to be connected through the network M1, and transmits various information provided through the processing server D2 to a communication standard (for example, HTTP). Protocol and the like to be converted and provided to a plurality of terminals 2 or systems 3 and 5, or information transmitted from a plurality of terminals 2 or systems 3 and 5 via a network M1. It receives and provides a function to the processing device (D2), and may include a database interworking device (CGI) for transmitting and receiving information with a web server or other system. The interface server D3 may be an internet information server (IIS) of Microsoft Corporation.

On the other hand, when the system performs the authentication-related functions at the same time as disclosed by the present invention, it is a matter of course that the database of the system can be built to suit these functions.

The electronic commerce method according to the first embodiment of the present invention will be described based on the payment card module and the electronic commerce system having the above structure.

6 shows a sequential flow of an electronic commerce method according to the first embodiment of the present invention.

When the user registered as a member who can receive payment service of the payment system inserts the interface 44 of the payment card module 4 into the data port 21 of the wireless communication terminal 2, the wireless communication terminal 2 Command for obtaining the control right of the display unit 23 (for example, SETLCD = 1) and command for obtaining the control right for the keypad 22 of the wireless communication terminal (for example, SETKEY = 1) automatically. The processor 26 of the wireless communication terminal 2 (or terminal for convenience) 2 transfers the control right to the CPU 41 of the payment card module 4.

Subsequently, a payment initial screen is displayed on the display unit 23 of the terminal, and when a user inputs a password of the payment card module 4 to make a payment, the password is transferred to the payment card module ( It is input to the CPU 41 of 4) (S60). The CPU 41 of the payment card module 4 causes the usage confirmation message to be displayed (may be omitted in some cases) on the display unit 23 of the terminal 2, so that the user can use the payment card module for mobile e-commerce. Check again whether or not to use (4) (S61).

After confirmation, the CPU 41 reads from the EEPROM 42 the pseudo card user number corresponding to the turn to be used in the order of use, and then decrypts the input password with the decryption key to generate the card user number. The card user number generated on the display unit 23 of the terminal 2 is displayed (S62).

As described above, the payment card module 4 performs a decryption process using the decryption key to generate and display a card user number, and stores the password for decryption in the payment card module 4 at the first operation. It is also possible to compare the number entered in the future with the stored password and display the decrypted card user number if it matches.

When the card user number is displayed on the display unit 23 of the terminal 2 communicating with the payment card module 4 according to the password input, the user provides the card user number to the sales system 3 so that payment can be made. do. In other words, when a user purchases a product at a shopping mall site through a network (including online internet and mobile internet), the card user number is transmitted to a sales system that is a shopping mall site by using a purchaser terminal. In this case, the card user number is provided to the merchant to be entered into the sales system, which is a card inquiry machine. In particular, when a user wants to access a sales system or the like on a mobile Internet using a wireless communication terminal to receive commerce or authentication, the payment card module is inserted into the wireless communication terminal as described above, and thus displayed on the terminal. The card user number is directly transmitted to the sales system on the mobile Internet through the corresponding terminal for use.

The sales system 3 provided with the card user number from the user transmits the transaction details and the matters related to the card user number to the payment system 1 through the network. Here, the identification number given to the payment card module 4 for mobile e-commerce may be included among the data transmitted to the payment system (S63 to S64).

The payment processing unit D23 of the payment system receives the matters related to the card user number and the transaction details transmitted from the sales system 3, and then searches the authentication information database D12 based on the received identification number to make a payment. From the plurality of card user numbers assigned to the requesting buyer's payment card module, one card user number corresponding to the turn to be used is found according to the order of use, and it is determined whether the card user number is transmitted from the sales system (S65). Payment authentication is performed according to whether two card user numbers match.

If the two card user numbers match, the card number and transaction details of the card company matching the card user number are transmitted to the authorization system 5 operated by the card company to request transaction approval (S67). On the other hand, when the company providing the service according to the present invention issued the card itself, information about the transaction limit and the current service availability status for each card may be stored in the payment system 10, in which case the card It is possible to determine whether to approve payment itself without asking a company to approve a transaction, and thus, the step of requesting the approval of the transaction may be omitted.

When the transaction approval is notified from the approval system 5 or the transaction approval is determined on its own, the transaction approval result along with the corresponding card user number (which may be a member ID when accessing to use e-commerce) is displayed. (S68).

On the other hand, the payment system 1 indicates that the transaction approval was not performed together with the corresponding card user number (or member ID) even when the transaction approval rejection from the authorization system 5 or the transaction approval was rejected by itself. The message is sent to the sales system 3. In this case, the user is notified that the transaction cannot be authorized, and the correct number is entered.If this authorization error is repeated a certain time, or if the correct card user number is entered within a certain time, the user may not be authorized or may be authorized. When the number input exceeds a predetermined time, the payment can be stopped immediately and the card user can be wirelessly notified to the card user to immediately prevent the illegal use.

After notifying the approval result according to the payment request, the payment processing unit D23 of the payment system 1 records that the transaction is made once in response to the card in which the payment was made regardless of the approval result or, if approved, the next transaction. When using the card, use the card user number that corresponds to the following procedure.

A procedure performed in the authentication / payment device for mobile e-commerce, that is, the payment card module is sequentially illustrated in FIG. 7.

The payment card module 4 for mobile e-commerce may not perform the step of selecting the type or company of the card used, and after the button input signal is input through the keypad 22 in the normal waiting step S70, If a password is input (S71), the use confirmation message is displayed via the display unit 23 to inquire again whether it is used (S72).

Next, when the user presses the OK button (S73), the card is canceled again and is queried through the display unit 23 to be used next time (S74). If not, the entered password matches the stored password. Regardless of whether or not it is used, the card user number is decrypted by decrypting the pseudo card user number (pseudo card user number to be used in the current transaction, according to the setting sequence) stored in the EEPROM 42 using the entered password as a decryption key. To generate (S75).

Next, if the password is the same as the stored password, the pseudo card user number is decrypted with the correct decryption key so that the card user number which can be authorized for transaction is displayed on the display unit 23 (S76). If it is not the same as the stored password, the pseudo card user number is decrypted with the wrong decryption key, so that the card user number which cannot be authorized for the transaction is displayed on the display unit 23 (S79). Therefore, if a third party maliciously enters a random number as a password, a card user number that is decrypted using this number, that is, a number that cannot be authorized, is displayed. If you try to do so, you will not be able to obtain authorization, so you can easily prevent damage from card theft.

On the other hand, the pseudo card user number may be sequentially decoded and displayed in order of use only when the password matches each stored password, and in this case, the password may be set to double to improve security.

In this way, the CPU 41 of the payment card module 4 for mobile e-commerce displays the card user number decoded according to the password input on the display unit 23 of the terminal. After the display operation is stopped, the operation returns to the standby state (S78). In some cases, steps S73 to S75 may be appropriately omitted depending on the modified embodiment.

8 illustrates an example of a screen that can be displayed on a display unit of a user's wireless communication terminal by the control of a payment card module, which is an authentication / payment apparatus for mobile e-commerce according to a first embodiment of the present invention.

(A) of FIG. 8 is a screen waiting for input of a password for decrypting a user number, (b) of FIG. 8 is a screen for inputting a password, and (c) and (d) of FIG. The screen displayed on the display unit so that the user number is known to the user is shown.

9 shows another example of the payment card module according to the first embodiment of the present invention. The payment card module illustrated in FIG. 9, that is, the payment card module 4 ′ is formed in a general card form and has a separate connector inserted into the data port 21 of the terminal 2.

Here, the payment card module 4 'includes an ASIC chip 41' having a general card thickness, and a separate connector 44 'provides an interface between the terminal 2 and the payment card module 4'. do. The ASIC chip 41 'is a one chip including a CPU, an EEPROM, and a clock portion.

The payment card module 4 'having such a structure also operates to make a commerce payment in the same manner as the payment card module described in the first embodiment. Unlike the above embodiment, the connector 44' is used. In order to provide an interface between the terminal 2 and the ASIC chip 41 ', it may be made in the form of a card of a general standard, for example, ISO 7816 standard. Therefore, the same form as that of a general credit card can be provided, so that the magnetic stripe can be included, so that general card information recorded on the magnetic stripe can be read by an ATM or a CD terminal at the time of offline payment.

In addition, the payment card module 4 'is inserted into the connector 44' into the data port 1 of the terminal 2, and the password required by the ATM or CD terminal in the same manner as described in the above embodiment. Can be generated.

Since a password used in a general ATM or CD terminal requires 4 digits, the operation of the display unit of the terminal, which is another example of the embodiment according to the first embodiment of the present invention, has two selection modes unlike the above first embodiment. It is desirable to. Here, the password used for the ATM or CD terminal can be utilized by utilizing a specific four-digit number of the user number generated by using a user number generation algorithm that can be generated according to the present invention.

10 shows an example of a screen that can be displayed on a display unit of a payment card module, which is another example of the first embodiment of the present invention.

(A) of FIG. 10 is a screen for allowing a user to select which number of a card user number and an ATM password required for an online payment, and FIGS. 10 (b) and (c) are for decrypting a user number. A screen in which a password is input, FIG. 10D illustrates a screen displayed so that a user can know a currently available card user number. FIG. 10E shows a screen displayed so that the user can know the currently available card user number.

The card-type payment device, which is another example of the first embodiment of the present invention, may also implement a function of a general electronic money by utilizing a communication function of a wireless communication terminal. That is, when the card-type payment device is inserted into the terminal through the connector, the wireless communication terminal having the Internet function can access a specific site that provides the electronic money service, purchase electronic money, and charge the payment device. And the balance may be transferred to the authentication / payment device for mobile e-commerce of others.

As described above, the payment card module according to the first embodiment of the present invention may be inserted into the side or the bottom of the wireless communication terminal in addition to the module form and the card form inserted into the data port of the wireless communication terminal. That is, it may be made in the form of a SIM card or a user identify moudle (UIM).

Meanwhile, in the first embodiment described above, the card user number stored in the memory (EEPROM) of the payment card module connected with the wireless communication terminal is read and processed when the password is input and displayed on the display of the wireless communication terminal. When the payment card module is connected to the wireless communication terminal, the card user number is generated in the payment card module and stored in the memory of the wireless communication terminal so that the password card module does not communicate with the payment card module in the memory of the wireless communication terminal. The stored card user number may be displayed on the display unit.

In addition, when authentication or payment is required, the user may selectively insert a card type authentication / payment device into the wireless communication terminal.

11 shows the structure of an electronic commerce system according to a second embodiment of the present invention. As shown in FIG. 11, the electronic commerce system according to the second embodiment of the present invention is made in the same manner as the first embodiment, but only through the network M1 and the bank system 6 and the shopping mall system. It is also connected to (7).

The bank system 6, which is connected to the payment system 1 and performs commerce payment, opens an account to a buyer having a payment card module at the request of the payment system 1, and transfers the account according to the payment request. Use to make a payment.

The shopping mall system 7 is a system between selling a product (here, the product includes all types of goods and services that can be sold or not (items, services, contents, etc.) through a network. Certification demand system. In the second embodiment, the sales system 3 may be a PC or a wireless communication terminal of a sales shop selling goods off-line.

Next, the electronic commerce method according to the second embodiment of the present invention based on the electronic commerce system having such a structure will be described.

First, a process of opening an account of an electronic bank for registering and paying a plurality of buyers as a member who can receive a commerce payment using a payment card module according to a second embodiment of the present invention will be described.

12 sequentially shows a registration and account opening process according to the second embodiment of the present invention.

Users who wish to receive commerce and payment services using the payment card module purchase the payment card module at an offline sales shop (S100). Upon purchase, a payment card module and an instruction manual are provided to the user, and a membership registration application for registration as a member who can receive a service using the payment card module according to the present invention is provided.

Information such as name, address, gender, terminal phone number, serial number given to the payment card module purchased, password for payment, account number of the bank with which you do business, job and e-mail address in the membership registration application. Enter and, whether the account is opened in the electronic banking system according to the present invention (S110).

As described above, the manager of the sales shop provides the information written in the application to the payment system 1 through the sales system 3 based on the application in which the various information of the user is filled. The user's membership information recording process may be made in writing such as paper or the like, and an application may be displayed on the sales system 3 so that the user can fill it in directly. The written user information may be input into the sales system 3 through various methods such as a method in which an administrator directly inputs the sales system 3, and a method of scanning and inputting the sales system 3.

The sales system 3 provides the information of the input user, that is, the user who purchased the payment card module and applied for membership registration, to the payment system 1 through the network (internet, leased line, etc.) (S120). The payment processing unit D23 of 1) extracts the payment card module serial number from the input user information, converts the payment card module serial number into a card identification number, and sets the password and the terminal number (for example, The four digits after the wireless terminal telephone number are added together to finally generate a payment identification number of the payment system (S130 to S140).

The member manager D21 of the payment system 1 stores the user's information provided from the sales system 3 in the member information database D11 in correspondence with the payment identification number generated by the payment processor D23, and registers the member. Perform (S150).

Next, in order to open an electronic bank account for payment to a newly registered user, the member manager D21 requests the user to open an account by providing a user's payment identification number to the bank system 6 which is an electronic bank. The bank system 6 opens a new electronic bank account corresponding to the payment identification number (S160). At this time, the member manager D21 provides only the user information (for example, address, name, social security number, terminal phone number, etc.) necessary for opening an account with the payment identification number.

When member registration and account opening of the payment system 1 are completed, the bank system 6 notifies the terminal 2 of the user of the account opening completion (S170). The establishment completion notification may be made through an e-mail or a document.

In this way, when the user is notified of the completion of the electronic bank account opening according to the member registration from the bank system 6, the user performs electronic commerce using the purchased payment card module.

Next, a mobile banking method using the payment card module will be described.

13 illustrates a mobile banking process according to the second embodiment of the present invention sequentially, and an example of information displayed on a user terminal according to mobile banking is sequentially illustrated in FIG. 14.

As shown in FIG. 13, first, a user registered as a member of a payment system and opened an electronic bank account is mounted on a wireless communication terminal in which a payment card module is registered (S200). When the user inserts the interface 61 of the payment card module 4 into the data port 21 of the wireless communication terminal 2, which is a purchaser terminal, the display unit of the wireless communication terminal 2, as in the first embodiment, Instructions for obtaining the control right of 23 are automatically transmitted to the wireless communication terminal 2 so that the control right of the wireless communication terminal 2 is transferred to the CPU 41 of the payment card module 4.

When the user presses the URL sending button 45 installed in the payment card module 4 for electronic commerce using the wireless communication terminal 2, the CPU 41 of the payment card module 4 is connected to the wireless communication terminal 2. ) Provides a URL of the payment system 1 according to an embodiment of the present invention and accesses the payment system 1 (S210). At this time, the CPU 41 reads the terminal manufacturing number from the memory (not shown) of the connected wireless communication terminal 2, grasps the model of the terminal, and the URL of the payment system 1 with the URL sending method according to this model. Together with the wireless network (M1).

URL information of the payment system 1 transmitted from the wireless communication terminal 2 is converted into a wireless markup language (WML) through a wireless application protocol (WAP) gateway and then transmitted to a mobile communication service system (not shown) through a wireless network. The mobile communication service system then connects the user's wireless communication terminal 2 to the payment system 1 according to the URL information.

The information transmitter D24 of the payment system 1 provides a connection initial screen for selecting a service (such as shopping or banking) provided to the connected wireless communication terminal 2 (S220), and the user selects the wireless communication terminal ( 2) For example, among the menus displayed on the screen, if "Banking" is selected, the interface server D3 of the payment system 1 transmits a message requesting the long press of the authentication button to confirm the user's selection. (S230-S240).

When a message is displayed on the wireless communication terminal 2, the user selectively presses the authentication button 46, and the CPU 41 of the payment card module 4 is set by the authentication button 46, for example. If the operation is more than the time to make the mobile banking as follows (S250).

First, the CPU 41 of the payment card module 4 obtains the terminal telephone number from the wireless communication terminal 2 through the interface unit 44, and the pseudo user number corresponding to the turn to be currently used in the order of use. The ID number is read from the EEPROM 42 to generate a card user number, and then the serial number of the payment card module 4, that is, the card identification number and the card user number (or pseudo user number) is encrypted (S260). And a part of the encrypted number and the telephone number of the terminal (for example, "2345" corresponding to the middle part when the terminal telephone number is 011-2345-5674) through the transmitter 24 of the wireless communication terminal 2. Transfer to payment system 1 (S270).

When the encrypted information is transmitted from the wireless communication terminal 2 via the wireless network M1, the payment system 1 decodes the encrypted information to restore the card user number and the card identification number ( S280). Next, it is determined whether the corresponding payment card reading module is registered according to whether the restored card identification number is stored in the authentication information database D12, and the restored card identification number is stored in the authentication information database D12. If there is an authentication process, then a password input for service provision is requested to the wireless communication terminal 2 (S290 to S300).

As shown in Fig. 14, when a message for requesting a password input is displayed on the wireless communication terminal 2, the user inputs the password set at the time of registration using the keypad 22, and the entered password is settled in the payment system 1 (S310).

The payment processing unit D23 of the payment system 1 checks whether or not it is stored in the authentication information database D12 based on the transmitted password, the restored card identification number, and the card user number, so that the terminal for the user who requested the mobile banking. Authentication is performed (S320).

If a payment ID including the transmitted password and the restored card identification number is stored in the authentication information database D12 and final authentication is made, the payment processing unit D23 sends the user's payment identification number and terminal to the bank system 6. The mobile banking request is started while providing a phone number (S330). Accordingly, the bank system 6 provides a screen for mobile banking to the corresponding wireless communication terminal 2 (S340).

In this way, when authentication as a user who can perform mobile banking is finally made, as shown in FIG. 14, the "balance statement", "transfer", "transfer from another party" for mobile banking on the display unit 23 of the wireless terminal. A menu, such as "various settings" is displayed, and the user selects a desired menu to perform mobile banking (S350).

In addition, a user who purchases a payment card module may purchase a product after being authenticated as a user who can purchase a product as follows.

15A and 15B sequentially illustrate a product purchase process according to a second embodiment of the present invention, and FIG. 16 illustrates an example of information displayed on a user terminal according to a product purchase.

Detailed descriptions of the same processes as the mobile banking described above during the commerce process described below will be omitted.

As shown in FIG. 15A, in the same manner as the above mobile banking, when the user installs the payment card module in the wireless communication terminal and presses the URL transmission button 45, the wireless communication terminal 2 is connected to the payment system 1. Menus of services provided by the payment system are displayed on the terminal display unit 23 (S400 to S420).

When the user selects a shopping menu, the interface server D3 of the payment system 1 provides a screen indicating a plurality of shopping mall sites (S430 to S440), and the plurality of shopping mall sites are displayed on the display unit of the wireless communication terminal. When one of the sites is selected, the payment system 1 connects the wireless communication terminal 2 to the system 7 of the selected shopping mall site (S450).

Accordingly, the shopping mall system 7 provides the wireless communication terminal 2 with information about the products sold at its site (S460). When the user selects one product and indicates a purchase intention, the payment menu for the corresponding product is provided. To the wireless communication terminal 2 (S470 to S480).

If a user selects payment using a payment card module according to an embodiment of the present invention as a payment method for a product to be purchased by a user on the payment page of the shopping mall system 7 displayed on the wireless communication terminal 2 (S490), The shopping mall system 7 transmits detailed information of the corresponding product via the payment system or directly to the wireless communication terminal 2, and the information transmitter D24 of the payment system 1 inserts a payment card module while providing product information. Check whether or not (S500 ~ S510).

When a message indicating insertion of a payment card module is displayed on the display unit 23 of the terminal together with the detailed information of the product, the user presses the authentication button 46 for payment, and accordingly, wirelessly in the same manner as in the authentication process during mobile banking. A part of the card identification number and pseudo user number of the terminal encrypted from the communication terminal 2 and the telephone number of the terminal are transmitted to the payment system 1 (S520 to S540).

The payment processing unit D23 of the payment system 1 restores the pseudo user number and the card identification number by decrypting the encrypted information (S550), and performs authentication of the card identification number in the same manner as the mobile banking described above. As shown in FIG. 15B, the terminal 2 requests a password input to the terminal 2 (S560), and performs final authentication for the user who requested the payment according to the purchase of the product based on the transmitted password (S570 to S580).

When the final authentication as a user who can make a payment is made, the payment processing unit D23 requests the user's account information to the bank system 6 while providing the user's payment identification number (S590), and the bank system 6 The balance information of the electronic bank account corresponding to the payment identification number is provided to the payment system 1 to be transmitted to the wireless communication terminal 2 (S600). Accordingly, as shown in FIG. 16, on the display unit 23 of the wireless communication terminal 2, along with the balance of the user's electronic bank account, information such as the payment price and the payment destination of the product to be purchased is displayed. A button for confirming the purchase intention of the user is displayed.

When the user selects the purchase button, the payment processing unit D23 of the payment system 1 requests payment by transmitting payment information (for example, product price and account number of the shopping mall site) together with the payment identification number ( S610 to S620, and accordingly, the bank system 6 transfers the product price to the account number of the shopping mall site and performs the payment (S630).

Next, the bank system 6 notifies the payment system 1 of the completion of the payment (S640), and the information transmitter D24 of the payment system 1 sends the payment details (the buyer payment identification number corresponding to the purchaser's payment identification number). Merchandise information, shopping mall site information, payment amount, payment date, etc.) are stored in the payment information database D13, and the payment for the product is completed by the user's wireless communication terminal 2 and the shopping mall system 7. Notify that (S650).

Thereafter, the shopping mall site pays a certain fee according to the payment for the product to the payment system, and the payment system pays a part of the fee as a payment fee to the banking system.

Therefore, the user can continue to purchase and pay for the product using a variable card user number even when using the wireless communication terminal, thereby enabling safer commerce.

As described above, even when shopping through a wireless communication terminal, secure payment can be made, and payment for paid content can also be made.

After the user receives the paid content from the content providing site through the wireless communication terminal, the payment process for using the content is also performed through the payment card module in the same manner as the payment process according to the product purchase described above.

A person skilled in the art can also easily perform a payment processing process based on the use of the paid content based on the above description, and thus a detailed description thereof will be omitted.

Meanwhile, in the second embodiment described above, the user selects one of a plurality of sites provided by the payment system by attaching the payment card module to the wireless communication terminal and then accessing the payment system. After accessing a specific site without purchasing through a product or receiving content, a payment card module may be installed in a wireless communication terminal at the time of payment to receive payment according to a commerce through a payment system.

Specifically, when a user accesses a specific site through a wireless communication terminal and receives a product purchase or content, and then selects a payment method using a payment card module, the corresponding site, for example, a shopping mall system, provides a product or a product purchased by the user. The payment request is provided by providing information such as the received content to the payment system. Accordingly, the payment system checks whether the payment card module is inserted and performs payment using the payment card module as described above. In this case, when the payment card module is not installed in the user's wireless communication terminal, a message for requesting the payment card module to be installed is provided to the wireless communication terminal so as to be confirmed by the user.

Therefore, the user can access a plurality of sites through the payment system according to the second embodiment of the present invention to perform commerce and receive payment accordingly. Through payment can be provided using the payment card module.

Therefore, whenever and wherever, depending on the user's will be connected to the desired wireless network system to perform the commerce, payment can be easily and conveniently according to the commerce without additional information input.

In this way, the user can pay for the mobile commerce by installing the payment card module purchased by the user in his wireless communication terminal, and off through another wireless communication terminal that can lead the payment card module purchased by the user. You can also pay for goods purchased on the line.

In the third embodiment of the present invention, a payment card module purchased by a user is installed in a business wireless communication terminal (that is, a wireless communication terminal of another person) instead of a wireless communication terminal of the user.

The structure of the electronic commerce system according to the third embodiment of the present invention is the same as in the second embodiment described above, except that the member database D11 of the payment system 1 performs payment using the payment card module. Offline store information that can be received, for example, information such as a wireless communication terminal number, a store name, a store payment account number for a store, etc., which can receive a payment corresponding to an identification number provided for each store, is additionally stored.

17A and 17B sequentially illustrate a commerce and payment processing process according to a third embodiment of the present invention, and FIG. 18 shows an example of information displayed on a business wireless communication terminal at the time of payment processing. have.

When a user who purchases a product in a store on-line presents a payment card module according to the present invention to pay for a product price, the seller of the store inserts the payment card module 4 into a commercial wireless communication terminal. The structure of such a business wireless communication terminal is the same as that of the wireless communication terminal according to the second embodiment, and differs in that it can be registered in a server, that is, a payment system, to confirm that it is used only for a business in advance.

As shown in FIG. 17A, when inserted into the reading unit of the business wireless communication terminal which is the sales system 3, a standby screen is displayed on the display of the business wireless communication terminal, and as described above when the URL sending button is pressed. The business wireless communication terminal is connected to the payment system 1 (S700 to SS710). Accordingly, the information transmitter D24 of the payment system 1 provides the initial screen for the store to the business wireless communication terminal of the store (S720). ).

When the button for authentication is operated while the commercial wireless communication terminal is connected to the payment system 1 (S730), the serial number of the payment card module, that is, the card identification number, and the card user number are encrypted (S740). Some of the telephone numbers of the wireless communication terminal are transmitted together to the payment system 1 (S750). In this case, the telephone number of the commercial wireless communication terminal may not be used, and instead, for example, a password or a unique telephone number input by a mobile phone may be used.

The telephone number sent before the authentication process is checked to confirm that the information is sent from the commercial wireless communication terminal. The payment processing unit D23 of the payment system 1 that has received the encrypted information performs authentication of the card identification number as described above (S760), and according to the authentication, the information transmitter D24 corresponds to the business wireless communication terminal. Provide a payment screen of the store (S770), if the payment is input information transmitting unit (D24) transmits the input payment to the business wireless communication terminal for the seller or buyer to confirm (S780 ~ S800).

When the payment price is confirmed, the information transmitting unit D24 of the payment system 1 provides a screen for requesting a password input together with the payment price to the business wireless communication terminal so that the purchaser can confirm the payment price and the password through the business wireless communication terminal. Input is made (S810 to S820).

The payment processing unit D23 of the payment system 1 performs the final authentication for the user who requested the payment for the product purchase based on the password transmitted from the business wireless communication terminal (S830 to S840).

As shown in FIG. 17B, when final authentication as a user who can make a payment is made, the payment processing unit D23 provides the user's payment identification number and payment information (account number of the store, payment amount, etc.) of the bank system 6. Request a payment transfer to (S850), the bank system 6 processes the payment from the general bank account or electronic bank account corresponding to the payment identification number of the user to the account number of the store (S860).

When the payment is completed, the bank system 6 notifies the payment system 1 of the completion of the payment (S870), and accordingly, the information transmitter D24 of the payment system 1 receives the payment details (buyer payment identification number). Purchased product information, shopping mall site where the product was purchased, payment amount, payment date, etc.) in the payment information database D13, and then pays the product price at the business wireless communication terminal and the buyer's wireless communication terminal (2). Notify that the completion (S880 ~ S900).

According to the third embodiment, even when only the payment card module is carried without the wireless communication terminal, the user can pay for goods purchased through a commercial wireless communication terminal installed in an offline store or the like.

In the first to third embodiments described above, a process of selecting a product and checking a product information provided from a shopping mall system through a wireless communication terminal is performed, while a user checks the product information through a wired terminal such as a PC. And select a product to purchase and perform a payment process using a payment card module through a wireless communication terminal.

19A and 19B, a commerce and a payment process using the payment card reading module according to the fourth embodiment of the present invention is sequentially shown.

As shown in FIG. 19A, when a user who wants to purchase a product is connected to a shopping mall system 7 through a buyer wired communication terminal (hereinafter, referred to as a wired communication terminal) such as a PC, which is a buyer terminal 2, The shopping mall system 7 provides information on the goods to be sold to the wired communication terminal. Accordingly, the user can easily check the product information displayed on the wired communication terminal and select the product to purchase (S900 to S910). At this time, the process of connecting the purchaser's wired terminal to the shopping mall system 7 may be performed through the payment system 1 as in the third embodiment described above.

When the user selects a product and indicates a purchase intention, the shopping mall system 7 provides a payment menu for the product to the wired communication terminal, and the user selects a product on the payment page of the shopping mall system 7 displayed on the wired communication terminal. When a payment method using a payment card module according to an embodiment of the present invention is selected as a payment method for a product to be purchased, the shopping mall system 7 requests an e-mail address used exclusively by the user's wireless communication terminal (S920). S950).

Accordingly, the user provides an e-mail address, and the shopping mall system 7 transmits URL information of a page for making a payment while providing information of a product to be purchased by the user to an e-mail address provided by the user (S960). S970). The URL information is a wireless URL corresponding to a wired URL, and the shopping mall system 7 provides a wired UIRL and a wireless URL, respectively, for a page on which product information is provided and settled for URL transmission to a wireless communication terminal. It must be secured. In addition, the URL may actually be a page of a product provided by a shopping mall system, but may also be a payment window temporarily generated for payment using a payment card module according to an embodiment of the present invention.

When the URL information is transmitted to the e-mail address of the user's wireless communication terminal, the user checks the e-mail transmitted through the user's wireless communication terminal, selects the URL included in the e-mail, and accesses the shopping mall system 7 ( S980-S990).

When the user's wireless communication terminal is connected to the above URL, the shopping mall system 7 provides an instruction to install the payment card module according to the embodiment of the present invention in order to make a payment to the wireless communication terminal. The payment card module 4 is mounted on its wireless communication terminal (S1000 to S1100).

When the payment card module 4 is mounted in the wireless communication terminal, the CPU 41 of the payment card module 4 secures the control right of the wireless communication terminal, and then the encryption number (card The identification number and the card user number) are generated and a payment is requested by transmitting a portion of the encryption number and the telephone number of the wireless communication terminal to the payment system 1 through the wireless communication terminal (S100 to S1120).

Accordingly, similarly to the third embodiment described above, the payment processing unit D23 of the payment system 1 decrypts the encrypted information to restore the card user number and the card identification number (S1130), and is shown in FIG. 19B. As described above, authentication of the card identification number is performed, and final authentication is performed for the user who requested the payment according to the purchase of the product based on the password transmitted from the wireless communication terminal (S1140 to S1160).

Then, when the final authentication is made, the payment system 1 provides the user's payment identification number to the bank system 6 and performs payment according to the balance remaining in the user's account as in the third embodiment (S1170). S1250).

Meanwhile, in the fourth exemplary embodiment, the user is provided with the product information and the URL information for payment directly from the shopping mall system, but the information may be provided through the payment system. That is, the payment system may receive information of goods provided from the shopping mall system and provide the information to the wired communication terminal of the user, or may receive a URL for wireless payment from the shopping mall system and provide the information to the wireless communication terminal of the user.

According to the fourth exemplary embodiment, the user can easily check the product information through the wide display device of the wired communication terminal and select a desired product. Since the user does not need to input personal information through the wireless communication terminal, the personal information is leaked. Can be prevented.

In addition, since payment can be made through the payment card module mounted on the wireless communication terminal while checking the information through the wired terminal, information leakage during payment can be prevented, and in particular, since the URL information provided to the wireless communication terminal is disposable. The primary security is made, and the secondary security is made according to the payment using the payment card module, it is possible to further improve the security and reliability.

As described above, the payment card module according to the embodiment of the present invention, in addition to the module form and card form inserted into the data port of the wireless communication terminal, that is, the form that can be inserted into the side or the bottom of the wireless communication terminal, It may be in the form of a SIM card or a user identity module (UIM).

As described above, in the present embodiment, a purchaser who purchases a payment card module not only uses his or her wireless communication terminal but also uses another wireless communication terminal (another's wireless communication terminal, a business wireless communication terminal, etc.) to perform payment or authentication as described above. I can receive it.

In addition, in the embodiment described above, the product includes all the tangible and intangible goods (things, contents, services, etc.).

The invention is susceptible to various modifications and implementations without departing from the scope of the following claims.

As described above, the present invention can provide a payment method that is excellent in security and easy to use when payment on the mobile Internet is required.

In addition, the user number can be automatically renewed after a transaction to solve the disclosure of personal credit information, and provides an authentication / payment device for mobile e-commerce that can be inserted into a personal mobile terminal. According to the present invention, it is possible to fundamentally protect the card user even when the card user number is obtained in an illegal manner by allowing another card user number to be used at the next authentication / transaction.

In addition, not only can you be immediately notified of the authentication / payment status, but you can also receive information related to your current payment limit, so that you can use your card more smoothly. You can do this immediately and let the cardholder know about this immediately, thus avoiding any further losses.

In addition, in the case of using a card that can be renewed the user number according to the present invention, in addition to the advantage that the user number can be safely used the card as described in the above-described parts anyone skilled in the art as described above The card has the advantage that all authentication / payment related cards such as full credit card, bank card, stock card, department store card, gas station card, etc. can be integrated.

In addition, the authentication / payment device for mobile e-commerce according to the present invention can utilize the keypad portion and the display portion of the terminal necessary for the authentication / payment, the size of the module itself is more compact than the card, LCD and keypad of the terminal By using, the user has an advantage of more convenient authentication / payment.

In addition, the authentication / payment device for mobile e-commerce according to the present invention may have a card form of the ISO 7816 standard, the keypad and the display unit required through the magnetic stripe at the time of authentication / payment through the ATM or CD terminal of the terminal Since the size of the module itself is more compact than that of the card, the user can use the LCD and keypad of the terminal more conveniently.

In addition, according to the present invention, anytime, anywhere payment card module can be mounted on the wireless communication terminal to facilitate and convenient payment or mobile banking for mobile commerce without inputting additional payment information.

In addition, since the payment is made according to the purchase made in the offline 1 using the wireless communication terminal without an additional expensive reader, no additional cost is required for each offline payment.

In addition, the user can be notified immediately of the authentication / payment status, as well as information related to the current payment limit, so that the card can be used more smoothly.

In addition, the user can easily check the product information through the wide display device of the wired communication terminal to select the desired product, and even when making a payment through the wireless communication terminal, there is no need to input personal information, so personal information is leaked. Can be prevented. In this case, the seller providing the product or the content may receive payment for the purchased product or the content without a separate membership.

Claims (25)

An authentication / payment apparatus connectable to a wireless communication terminal including a display unit and an input unit. A memory in which a plurality of encrypted card user numbers are stored; Whenever a password is input from the input unit of the wireless communication terminal, one encrypted card user number is read out from the memory in order according to a setting sequence, and then the card user number read based on the input password is read. A processing unit for decrypting and providing the decrypted card user number to the wireless communication terminal to be displayed on the display unit. Authentication / payment device comprising a. An authentication / payment apparatus connectable to a wireless communication terminal including a display unit and an input unit. A memory in which card user unique information is stored; Each time a password is input from the input unit, card user unique information is read from the memory, and then a card user number is generated by processing based on the input password, and the generated card user number is sent to the wireless communication terminal. Processing unit to display on the display unit Authentication / payment device comprising a. The method according to claim 1 or 2, And the processing unit decrypts an encrypted card user number corresponding to the transmitted password when the password inputted through the input unit and the transmitted password 7 match. The method according to claim 1 or 2, And the card user number is used as an authentication number for user authentication. The method according to claim 1 or 2, And an interface unit for communicating with a data port of the wireless communication terminal. The method according to claim 1 or 2, And the authentication / payment device is connected to a data port of the wireless communication terminal via a connector to communicate data. In an electronic commerce system connected to a seller's sales system and performing payment processing, A database in which a plurality of card user numbers are correspondingly stored for each card number available for each buyer; And A processing device which receives a card user number from the sales system, reads the card user number from the database to determine a match, and finds a card number corresponding to the card user number and performs a payment process when the card user number is matched. and, And the processing device reads one card user number from among a plurality of card user numbers stored in the database in order according to a setting order and compares the card user number transmitted from the sales system. The method of claim 7, wherein The sales system transmits the card user number confirmed from the payment card module to the electronic commerce system, The payment card module, which stores a plurality of encrypted card user numbers, decodes the encrypted card user number corresponding to the order to be used currently based on the input password and includes the display unit displaying the decrypted card user number. And provide it to be displayed on the display unit. In the e-commerce method of the e-commerce system connected to the seller's sales system through a network, the card number available for each buyer is stored, and a database in which a plurality of card user numbers are stored corresponding to each card number, If the identification number and the card user number are received from the sales system, searching the database to find the corresponding card number; Determining whether to approve the transaction for the card number; And In case the transaction approval for the card number is determined, notifying the commerce system of the transaction approval. Including, And the card number corresponding to the card user number is found if the card user number sent from the sales system matches the card user number corresponding to the order currently being used. The method of claim 9, The sales system transmits the card user number confirmed from the payment card module to the electronic commerce system, The payment card module, which stores a plurality of encrypted card user numbers, decodes the encrypted card user number corresponding to the order to be used currently based on the input password and includes the display unit displaying the decrypted card user number. The electronic commerce method, characterized in that to be displayed on the display unit. In the electronic commerce method of a plurality of terminals, a payment / authentication demand system, and a system connected to the banking system via a network, the payment card module is removable, Providing a plurality of payment / authentication demand system information to a terminal equipped with the payment card module connected through a network; Connecting the terminal to the payment / authentication demand system when the terminal requests access to one payment / authentication demand system; If the encryption number for requesting product payment / authentication is transmitted from the terminal, decrypting the encryption number and authenticating that the buyer is a user who can make payment / authentication based on the decrypted information; And Requesting the payment for the goods purchased by the buyer to the bank system, so that payment / authentication of the goods purchased by the buyer is made; E-commerce method comprising a. In the electronic commerce method of a plurality of terminals, a payment / authentication demand system, and a system connected to the banking system via a network, the payment card module is removable, Requesting transmission of information for payment / authentication to a corresponding terminal when a payment / authentication request corresponding to a product purchase made through the terminal is input from the payment / authentication demand system; If the encryption number for product payment / authentication is transmitted from the terminal equipped with the payment card module, decrypting the encryption number and authenticating that the buyer is a user who can make payment / authentication based on the decrypted information; And Requesting the payment for the goods purchased by the buyer to the bank system, so that payment / authentication of the goods purchased by the buyer is made; E-commerce method comprising a. In an electronic commerce method of a system in which a buyer's payment card module, a payment card module is detachable from a seller terminal, and a system connected to a banking system, Transmitting, by the seller terminal, an encryption number for requesting payment of a goods when the payment card module of the buyer who purchased the goods is mounted; If the encryption number is transmitted from the seller terminal, decrypting the encryption number and authenticating that the payment card module can make a payment based on the decrypted information; And Requesting payment for the goods purchased by the buyer to the bank system when the authentication process is performed, so that payment for the goods is made; E-commerce method comprising a. In the electronic commerce method of the plurality of buyer terminal that the payment card module is removable and the system that is connected through the network with the bank system, If an encryption number for requesting network banking is transmitted from the buyer terminal equipped with the payment card module, decrypting the encryption number and authenticating that the buyer is a user capable of network banking based on the decrypted information; And When the authentication process is performed, connecting the purchaser terminal to the bank system to perform network banking; E-commerce method comprising a. In the e-commerce method of a plurality of buyer wireless communication terminal and wired communication terminal detachable payment card module, and an e-commerce system connected through a network with a banking system and a payment / authentication demand system, When the buyer's wired communication terminal accesses the payment / authentication demand system and requests product information, the payment / authentication demand system providing product information to the wired communication terminal; Requesting an e-mail address for the wireless communication terminal of the purchaser if the purchase of goods from the wired communication terminal of the purchaser and payment of the payment card module accordingly are requested; Sending, by the payment / authentication demand system, a payment page of a product purchased by the buyer to an e-mail address provided from the wired communication terminal of the buyer; Requesting a payment card module to be installed by the payment / authentication demand system when a purchaser accesses the e-mail address using a wireless communication terminal and then accesses the shopping mall system through the transmitted payment page; When an encryption number for requesting network banking is transmitted from the wireless communication terminal of the purchaser equipped with the payment card module, the electronic commerce system decrypts the encryption number and based on the decrypted information, the purchaser is a user capable of network banking. Authentication processing; And When the authentication process is performed, connecting the purchaser terminal to the bank system to perform network banking; E-commerce method comprising a. The method of claim 15, The payment page sent to the e-mail address, characterized in that the one-time e-commerce method. The method of claim 18, And the payment / authentication demand system provides product information or requests an e-mail address to a wired communication terminal of a purchaser through the electronic commerce system. The method according to any one of claims 11 to 15, The encryption number is And an identification number of the payment card module and a user number corresponding to a current order of the plurality of user numbers stored in the payment card module are encrypted. The method of claim 18, And the encryption number is transmitted for payment / authentication together with all or part of the terminal's telephone number or the terminal's unique number. The method of claim 19, The authentication processing step, Performing an authentication process when the identification number of the payment card module included in the decrypted information is a registered number and the user number is a number corresponding to an order to be currently used; Requesting a password input for confirming that the user is a user who is capable of electronic commerce to the purchaser terminal; And If the password is a registered password, performing final authentication as a purchaser capable of electronic commerce E-commerce method comprising a. The method according to any one of claims 11 to 14, And the terminal is a wireless communication terminal. The method of claim 13, And said seller terminal is a wireless communication terminal. In a system in which a payment card module is detachable from a plurality of terminals, a payment / authentication demand system, and a bank system and a network, A database including payment card module information, terminal information, and information for payment / authentication; And When an encryption number for requesting payment / authentication according to a product purchase is transmitted from a terminal equipped with the payment card module through a network, the buyer decrypts the encryption number and searches the database based on the decrypted information. Payment processing unit that authenticates the user as possible Including, The payment processing unit requests the payment for the goods purchased by the buyer to the bank system after the authentication process, so that the payment / authentication for the goods purchased by the buyer is made. In a system in which a buyer's payment card module is connected to a plurality of detachable seller terminals, a payment / authentication demand system, and a banking system, A database including payment card module information, seller terminal information, and information for payment / authentication; And When an encryption number for requesting payment / authentication according to a product purchase is transmitted from a seller terminal equipped with the payment card module through a network, the encryption card is decrypted and the database is searched based on the decrypted information to retrieve the payment card module. Payment processing unit that authenticates that the buyer has a user who can pay / verify Including, The payment processing unit requests the payment for the goods purchased by the buyer to the bank system after the authentication process, so that the payment / authentication for the goods purchased by the buyer is made. The method of claim 23 or 24, The database is A member database storing information including an identification number assigned to each payment card module and a phone number of the terminal when the purchaser terminal is a wireless communication terminal; And An authentication database in which a plurality of card user numbers are matched and stored for each identification number assigned to a payment card module. Including; The plurality of user numbers are each used in turn according to the set order used for each payment / authentication.