KR20020083195A - System and Method for the electronic billing process and authentication using the synchronized wire-wireless complex system - Google Patents

Abstract

PURPOSE: A system for processing and authenticating an electronic payment using a synchronized wire/wireless complex system is provided to prevent an electronic paying system from being used in improper method by an intentional hacking by integrally processing an electronic paying process and an authentication process using the Internet through a wire Internet network, a wireless communication, and a wireless Internet network. CONSTITUTION: Basic information data which are inputted by a client(480) who wishes to perform a payment on an Internet web site in a payment process are received, and a wireless communication terminal information data input of the client is requested. After receiving wireless communication terminal information data of the client are received from the client(480), it is checked whether the information data are identified with information data stored in a client information D/B of a mobile communication system(450) in advance. If the data are identified therewith, an input of a payment approval number(or secret key) is requested to a wireless communication terminal of the client(480) through the wireless communication terminal. The payment approval number(or secret key) is received from the wireless communication terminal of the client(480) and authenticates a payment process.

Description

System and Method for the electronic billing process and authentication using the synchronized wire-wireless complex system}

The present invention is an electronic payment processing and authentication system using a synchronized wired / wireless complex system, and the electronic payment processing and authentication process using the Internet is combined through a wired internet network, a wireless communication, and a wireless internet network, thereby intentional hacking. The present invention relates to a method and a system for blocking the electronic payment system from being exploited in an inappropriate manner.

An electronic payment system should be basically guaranteed with anonymity, security, portability, and two-way. The contents of the electronic payment system are as follows.

Anonymity of the electronic payment system means that the purchase history of the Internet shopping mall or the e-commerce system should not be known to third parties, and security means that purchase and payment information on the Internet should not be stored, and the electronic payment system may be forged in an improper way. It should not be possible. The portability of an electronic payment system is that many customers use a single electronic payment system, and that the same payment method must be used in multiple Internet stores. The interactivity means that the payment method used by customers for payment is inappropriate due to counterfeiting or illegal copying. There must be a certification process that ensures mutual guarantees from customers and Internet stores that they are not used as a method.

The representative electronic payment system that satisfies the basic characteristics of the electronic payment system includes an electronic cash payment system using electronic money that can be used on the Internet, an electronic check payment system that implements a check that is one of the payment methods on the Internet, and a virtual on the Internet. Electronic bank transfer system using a bank (Cyberbank), and an Internet credit card payment system that implements real-world credit card transactions on the Internet, and the details are as follows.

The electronic cash payment system replaces the real-world cash payment system on the Internet as it is. First, a new electronic money commonly used in the virtual space of the Internet is issued, and then used as a payment method on the Internet. In general, the electronic cash payment system is similar to the real world currency payment system, and the electronic cash payment system is mainly used for the micro payment on the Internet, as the cash payment using the real world currency is used for the micro payment rather than the high payment. Representative examples of electronic payment using the electronic cash payment system are information products such as database search service, information and content providing service, and payment methods such as image files, music files, video files, and file download services such as software. It is used a lot.

The electronic check payment system is an implementation of checks used in the real world on the Internet. Like the real world check, the user of the electronic check must have a credit account in the bank. Like the real check check system, the electronic check payment system Is mainly used for high payments such as business transactions. Due to the characteristics of the electronic check system, the electronic check system requires a high level of authentication and security, and in recent years, the method of signing and endorsing the electronic check is a method of personal computer memory card international association. The hardware-based signature method using the PCMCIA memory card.

The electronic money transfer system is a real-time money transfer service on the Internet, such as bank deposit, phone banking, and ATM, which has less time and space constraints than the existing money transfer system, and the money transfer process is automated. As a result, the treatment cost is low. However, the biggest disadvantage is that it has a more open type of process than the existing system, and the possibility of misuse in an improper manner is very high.

Internet credit card payment system is a real world credit card payment system implemented on the Internet, and is currently used as the most representative payment method of B2C transactions over the Internet. Compared to the existing offline credit card payment system, the system reads the user's personal information and card information stored in the magnetic band of the card through the credit card terminal and processes the payment through the closed communication network. The user's personal information required for payment is stored in a database in advance through a process such as membership registration, and the card information is confirmed through user input at the time of payment, and this is secured through a security system such as public key encryption. By final confirmation, a method of processing payment for a user's purchase is used. In particular, unlike an offline credit card payment system, an Internet credit card payment system operating in an open network called the Internet requires a high level of security. In order to satisfy the security of the Internet credit card payment system, an open network system Secures payment system using SET (Secure Electronic Transaction) protocol developed to securely transmit personal or financial information.

1 is a simple block diagram of the most basic Internet credit card payment system using the SET protocol security system.

The SET protocol is a professional security protocol developed by Visa and MasterCard to provide secure electronic payment methods for credit and debit cards on the Internet. Defined as Issuer, Card Acquirer, Payment Gateway, Brand, and Third Parties, and then verify the identity of credit card participants through the Certificate Authority, By issuing certificates, it ensures that all trading participants can be trusted.

In the SET protocol component, a customer means an internet user and a client who purchases an item or a service in an internet shopping mall, and a seller means an e-commerce credit card merchant that provides a product or a service such as an internet shopping mall or a content provider. A card issuer is an institution that issues credit cards to customers by making a contract with a brand such as a Visa or Mastercard. A card voucher purchaser means a merchant-approved financial institution of a seller or a financial institution with an account of a seller. In other words, the payment information relay agency means an institution that requests the financial institution to approve payment using the payment information of the customer requested by the seller.

The SET protocol organically combines the components described above, providing basic functions such as confidentiality, authentication, integrity, and nonrepudiation that security systems on the Internet must have. . However, since the scope of the regulation only specifies the security requirements for data transmission and reception between e-commerce participants, system security measures for intrusion into the internal system by the ineligible person or abused by improper methods must be established by the relevant institutions. . This means that any existing electronic payment security system does not provide a system security measure that can fundamentally block intentional hacking, and can only confirm the ineligibility of the trading participants.

The hacking technology on the Internet is now being used to overcome high level hacking techniques such as packet sniffing and IP spoofing. It is available on the Internet in a variety of documents and software. Anyone can easily hack any security system, and such high-level hacks are no longer reserved for a few computer experts. In particular, hacking techniques such as packet sniffing and IP spoofing are not due to errors in the electronic payment system or OS, but because of the inherent structure of the Internet.

2 is a simplified system configuration block diagram of a mobile communication network or a code division multiple access (CDMA) communication network used for wireless authentication of the present invention.

The mobile communication network is composed of a switch (Mobile Switching Center), a network operation preservation device, a base station controller, a base station transceiver base system. The exchange stores the HLR (Home Location Register) and the VLR (Visitor Location Register) as the D / B for the subscriber, and provides access to other communication networks such as public switched telephone networks (PSTN) and analog mobile networks. The HLR is a D / B storing the subscriber's registration and personal information, and the VLR is a D / B storing information on the subscriber receiving the roaming service. The network operation preservation device monitors the entire system and operation status of the mobile communication network through the exchange, and the control station controls the base stations and provides a connection between the exchange and the base station. The base station secures a wireless communication channel and a data channel with a wireless communication terminal, and in the case of a synchronous communication network, synchronizes the entire mobile communication network through a GPS satellite.

Since the mobile communication network as shown in FIG. 2 basically implements the existing PSTN network through wireless communication, the mobile communication network can provide all the services available in the PSTN as well as the compatibility with the existing PSTN. Therefore, the mobile communication network as shown in FIG. 2 can provide functions such as an automatic response system such as an automatic response system / audio response system (ARS) and a computer telephony inergration (CTI) system, which have been operated in a conventional PSTN network. The present invention provides a method for identifying which keyboard is input from a wireless communication terminal of a mobile communication network. This means that the wireless authentication process of the present invention provides an interface that can be achieved through the existing wireless communication network in addition to the wireless internet network.

FIG. 3 is a simple block diagram of a wireless internet network implemented using the wireless communication network as shown in FIG.

Wireless Internet is basically developed to use wired Internet in wireless environment. Mobility and portability that can be used while moving more freely due to the limitation of time and space than wired internet due to light weight of wireless internet terminal. ) Is an internet network emphasized.

In FIG. 3, a wireless internet terminal refers to a personal communication service (Personal Communication Service) equipped with a web browser for a terminal, a PDA equipped with a CDMA function, and a smartphone and a wireless communication device. It plays a role of buffering wire and wire between internet servers, and a content provider is a web server on a wired internet that provides wireless internet services to a wireless communication terminal.

In Figure 3, the wireless Internet network is based on a wireless Internet protocol such as WAP (Wireless Application Protocol), WML (Wireless Markup Language), HDML (Handheld Device Markup Language), c-HTML (compact-HTML), and s-HTML ( It operates by using a wireless internet language such as small-HTML), and the wired internet network is operated by an internet language such as HTML based on the TCP / IP protocol. Gateway plays a role in applying wireless Internet to wired Internet and vice versa in the middle of different wired and wireless Internet.

An object of the present invention to solve the above problems is to block the intentional hacking for the electronic payment system, such as electronic cash payment system, electronic check payment system, electronic money transfer system, and Internet credit card payment system. It provides a method of preventing the electronic payment system from being misused by high-level hacking techniques such as illegal packet sniffing or IP spoofing. Secret key cryptography (symmetric key cryptography), public key cryptography (asymmetric key cryptography) System), digital envelopes, and digital signatures such as digital signatures, and SET-based security protocols such as dual signature protocols and certificate usage protocols. Wired Internet for electronic payment authentication information through wireless complex payment system Separation and transfer over a wireless communications network and the Internet, and has such a wired and wireless complex billing system, a method and system for fundamentally blockade in that the electronic payment system exploited improperly by deliberate hacking through to provide.

1 is a simplified block diagram of the most basic Internet credit card payment system utilizing the SET protocol security system.

2 is a simple system configuration block diagram of a mobile communication network or a code division multiple access (CDMA) communication network used for wireless authentication of the present invention.

3 is a simple block diagram of a wireless Internet network implemented using a wireless communication network as shown in FIG.

4 is a block diagram in which a wireless authentication system using the wireless Internet is mounted on an Internet credit card payment system equipped with an ET security system.

FIG. 5 is a simple example of inputting wireless communication information at a step in which a customer registers at an internet shopping mall of a seller, and confirming the corresponding information using the customer information D / B of the mobile communication system.

6 is a confirmation of whether a new mobile subscriber is a normal mobile communication user through the customer information D / B of the mobile communication system using the wireless communication information entered in the step of registering a new member in the seller's Internet shopping mall, A flowchart of a process of generating wired / wireless combined payment information and storing it in a wireless Internet authentication system.

7 is an exemplary diagram for requesting credit card payment authorization using the payment system of the present invention.

8 is an exemplary diagram for final payment approval by inputting a credit card password using wireless Internet.

9 is a flowchart illustrating a process of approving a final payment through a wireless internet authentication system after inputting credit card information in a wired internet for a wired / wireless complex payment using a credit card.

<Description of main parts of drawing>

400: wireless Internet authentication system 410: payment information relay

420: card issuer 430: card slip buyer

440: seller 450: mobile communication system

460: certification authority 470: wireless Internet terminal

480: customer

The present invention is an electronic payment processing and authentication system using a synchronized wired / wireless complex system, and the electronic payment processing and authentication process using the Internet is combined through a wired internet network, a wireless communication, and a wireless internet network, thereby intentional hacking. The present invention relates to a method and a system for blocking the electronic payment system from being exploited in an inappropriate manner.

In other words, the present invention relates to an electronic cash payment system, an electronic check payment system, an electronic money transfer system, and an internet credit card payment system, such as packet sniffing or IP that cannot intentionally block intentional hacking. Secret key cryptography (symmetric key cryptography), public key cryptography (asymmetric key cryptography), electronic envelope (Digital Envelope) as a way to prevent the electronic payment system from being misused by high-level hacking techniques such as spoofing. , And electronic payment through a wired / wireless hybrid payment system that is synchronized in the process of applying basic encryption technology such as digital signature and SET-based security protocol such as dual signature protocol and certificate usage protocol. Separation of authentication information through wired and wireless internet Song, and the electronic payment system by intentional hacking through this complex wired and wireless payment system relates to a method for blocking a fundamentally being exploited in improper ways.

The present invention is characterized in that the wired Internet network, wireless Internet network, and mobile communication network is organically connected and can be described as the following two embodiments.

First of all, the basic information data (card number and expiration date) to be filled in during the payment processing from the client who wants payment processing on the Internet website (usually an internet shopping mall, which means a website that requires product payment). A first step of requesting input of wireless communication terminal information data (unique information data of the wireless communication terminal including a telephone number) of the client after receiving the basic information data to be filled in during the payment processing; After receiving the wireless communication terminal information data of the client, the second step and the second step of determining whether or not match with the information data previously stored in the mobile communication system customer information D / B (Data Base) of the wireless communication terminal If the information data determination result matches the data, A third step of requesting input of a payment approval number (or a secret key) to the wireless communication terminal of the client and a fourth step of receiving the payment approval number (or secret key) from the wireless communication terminal of the client and authenticating the payment processing; Through the above steps, the electronic payment processing and authentication process using the Internet is combined through the wired internet network, the wireless communication, and the wireless internet network, and the electronic payment system is misused by intentional hacking. The basic information data to be filled in during the payment process from the client who wants to process the payment on the method of blocking the source, and secondly, on the Internet website (usually, an Internet shopping mall, which means a website that requires product payment). Basic information data to be filled in the payment process, including the card number and expiration date) After receiving the first step of requesting input of the wireless communication terminal information data (specific information data of the wireless communication terminal including a telephone number) of the client and receiving the wireless communication terminal information data of the client from the client, If the data of the second step of determining whether or not the information data of the mobile communication system customer information D / B (Data Base) is already matched and the result data of the second step wireless communication terminal is identical, A third step of requesting input of a payment approval number (or secret key) to the wireless communication terminal of the client through a network, and receiving the payment approval number (or secret key) from the wireless communication terminal of the client to authenticate the payment processing; Including the fourth step, the electronic payment using the Internet through each step By Lee and complex process the authentication procedure through the wired Internet and wireless communication, and wireless Internet networks, a method of fundamentally blockade in that the electronic payment system exploited improperly by deliberate hacking.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. However, the following examples are one of various methods for most appropriately explaining the present invention, and the present invention is not limited to the following examples.

An embodiment of the present invention is a method for blocking hacking due to structural causes of wired Internet through a wireless authentication process using the wireless Internet for the Internet credit card payment system to which the SET based security system as shown in FIG. 1 is applied. to be.

4 is a block diagram in which a wireless authentication system 400 using the wireless Internet is mounted on an Internet credit card payment system equipped with a SET security system.

In FIG. 4, the certification authority 460, the payment information relay authority 410, the card issuer 420, and the card slip purchaser 430 are the same as the above-described SET security system. 460) from the moment the customer visits the seller's internet shopping mall, the customer selects the product, puts it in the shopping cart, selects the payment method, and mutually guarantees the security system for all processes of approving the payment. Provide services for financial institutions to safely trade.

The mobile communication system 450 and the customer information D / B mean a database that stores information on a mobile communication subscriber stored in an MSC or an HLR in a mobile communication network as shown in FIG. In the exemplary embodiment of the present invention, the telephone number, device name, and model number of the wireless terminal 470 currently used by the customer 480 in the step in which the customer 480 joins the seller's Internet shopping mall for more ideal operation. By inputting the same information as the information stored in the customer information D / B of the mobile communication network, such as serial number, manufacturer name, and the like to synchronize the customer information of the mobile communication system 450 with the Internet shopping mall information for the customer . The synchronized customer information is a method for automatically processing the wireless Internet authentication that the present invention intends to achieve without the customer 480 entering special information about the mobile communication system 450 or the wireless Internet network during the electronic payment process. If the customer 480 or the mobile communication provider changes the customer information stored in the mobile communication system 450, the customer information stored in the seller's Internet shopping mall is also automatically changed.

The wireless Internet authentication system 400 plays a role of a content provider in a wireless Internet network as shown in FIG. 3 in terms of systems, and in terms of operations, authentication and payment for encryption codes transmitted from a wireless Internet terminal 470 of a customer. It is responsible for approving. In an embodiment of the present invention, the credit card information and the public key are transmitted through the existing wired internet network, and a secret key such as a credit card password is transmitted through the wireless internet network.

The wireless Internet terminal 470 and the customer 480 are synchronized in time and space, and the customer 480, the seller, and the financial institution manage all processes of goods or services traded through the Internet shopping mall. It is mutually guaranteed through the certification authority (460).

The customer 480 who wants to purchase a product or service from the seller has a wired Internet in which general credit card information such as a card number and a public key such as the expiration date of a credit card are already implemented, as in the Internet credit card payment system of an existing Internet shopping mall. Transmit using network. In this process, the customer 480 inputs Internet credit card payment information through a user interface implemented similarly to a payment system of an existing internet shopping mall, and clicks a payment button.

In the existing Internet shopping mall, the Internet credit card payment is completed only by the above-described process, but in the embodiment of the present invention, the above process is merely a process of obtaining information necessary for preparation and wireless authentication for payment, and has nothing to do with payment itself. Do. Therefore, attempts to hack Internet credit card payment information from the customer 480 or the seller in an inappropriate manner are completely meaningless.

The seller who receives the product purchase information and the information for internet credit card payment from the customer 480 causes the wireless internet authentication system 400 to transmit the credit card password to the wireless internet terminal 470 of the customer 480 through the information. It asks for a private key input. The input secret key is transmitted to the seller and payment information relay through the wireless Internet network and the wireless Internet authentication system 400 and used for payment and payment approval. In an embodiment of the present invention, the seller, the payment information relay agency, and the wireless Internet authentication system 400 are configured as a closed communication network to completely block information leakage due to structural causes of the Internet in the process of processing payment and approval. do.

FIG. 5 is a simple exemplary diagram of inputting wireless communication information at a step in which a customer 480 registers at a seller's Internet shopping mall and confirming the corresponding information using the customer information D / B of the mobile communication system 450. .

In FIG. 5, the basic input and the optional input are the same as the existing member registration method. In the embodiment of the present invention, the wireless input information is checked through more detailed and accurate input. The device name, model number, serial number, etc. of the wireless communication terminal 470 required for the new member in the member registration process of this embodiment are unique information for each terminal 470, which is the wireless communication terminal 470. The input will never be possible unless the battery connection is removed.

The new customer who correctly inputs the wireless information during the registration process clicks the wireless information check button, and the member information input form of the seller (hereinafter referred to as the subscription processing unit) sends the wireless information of the new customer to the customer information D of the mobile communication system 450. The verification process of / B confirms that the wireless communication information and basic input information are correct. In general, the customer information D / B of the mobile communication system 450 stores personal information corresponding to basic input items and wireless communication information corresponding to wireless information input items among the member input information of FIG. 5.

In this exemplary diagram, whether the user is a normal mobile communication user using both personal information and wireless communication information inputted by a new member during the membership registration process through the customer information D / B of the mobile communication system 450, or only wireless communication information By selectively confirming, the mobile communication information of the customer 480 is confirmed during the new member registration process, and the information for the wired / wireless hybrid payment system is stored in the wireless Internet authentication system 400.

FIG. 6 confirms whether a new subscriber is a normal mobile communication user through the customer information D / B of the mobile communication system 450 by using the wireless communication information input in the step of registering a seller to the Internet shopping mall of the seller. This is a flowchart of a process of generating wired / wireless complex payment information for a user and storing it in the wireless Internet authentication system 400.

In order for the seller's Internet shopping mall to provide a stable e-commerce service to the customer 480, the member information of the customer 480 must be stored in the seller's database. Accordingly, the seller requests membership for a customer who first visits the seller's Internet shopping mall or a customer who does not register (600), and the seller provides a form in which the customer can input member information.

If a form for signing up a new member is provided in the seller's Internet shopping mall, the prospective new member enters personal information in basic input items (605). At this time, the seller checks whether the information of the new member prospective party is abnormal and whether the information is normal to prevent a conflict with existing customer information. If the personal information of the new member candidate is not normal or does not conflict with the existing member information, the subscription processing unit requests the corresponding new member candidate to input wireless communication information (615). On the contrary, if the new member information collides with the existing member information or is not normal information, the member registration processing unit requests the new member candidate to re-enter basic input items (625).

As described above, when the personal information input is normally performed, the member registration processing unit requests wireless communication information input from the prospective new member subscription subscriber (625). The wireless communication information input at this time is detailed information such as a device name, a model number, a serial number, and a manufacturer's name, as well as a mobile communication phone number of the new subscriber, and this information is directly transmitted from the corresponding wireless communication terminal 470. You can't enter it before you can confirm.

When all wireless communication information is input, the subscription processing unit transmits the corresponding information to the customer information D / B of the mobile communication system 450 (630), and the mobile communication system 450 is the same customer information transmitted from the seller. Verify that the file exists in the database (635). In this case, the information transmitted from the seller to the mobile communication system 450 may selectively transmit only personal information, wireless communication information, or wireless communication information. In some cases, information corresponding to a selection input may be transmitted.

If the customer information of the new member prospective person is stored in the customer information D / B of the mobile communication system 450, the mobile communication system 450 delivers it to the seller so that the member registration process can be continued. On the contrary, if wireless information does not exist (645), the mobile communication system 450 forwards the result to the seller (650) and requests the new subscriber to enter correct information (655).

The seller confirming from the mobile communication system 450 that the wireless communication information of the new member prospective person is normal (640) generates information necessary for the wired / wireless complex payment system using the information (660), and this is the wireless Internet authentication system. Send to 400. The wireless Internet authentication system 400 that receives the wired / wireless combined payment information for the new member from the seller stores the corresponding information (665).

The seller generates information necessary for the wire / wireless complex payment system of the new subscriber, which is stored in the wireless Internet authentication system 400, requests the new subscriber to enter the remaining information necessary for the membership (670). If the new member is expected to enter all the information correctly, the member information is stored and the new member is terminated (675).

7 is an exemplary diagram for requesting credit card payment authorization using the payment system of the present invention.

8 is an exemplary diagram for final payment approval by inputting a credit card password using wireless Internet.

The credit card payment approval request form of FIG. 7 is almost the same as the credit card payment approval request form of the existing wired Internet, and if there is another difference, a password input request is transmitted to the wireless communication terminal 470, and the corresponding wireless communication terminal 470 ) Is displayed on the screen that the payment is finally processed only after entering the password. This is because the present embodiment secures wireless communication information about the member or customer during the new member registration process, and the interface for inputting the wireless communication phone number, etc. in the card payment approval request form is not required for the final wireless payment approval. .

In this embodiment, the seller stores the purchase information and the payment information of the customer for a final approval for wireless payment, and when the wireless payment final approval is confirmed by the customer, the seller deletes the information of the customer. This is because wired payment approval and wireless payment final approval may not be synchronized due to the characteristics of wireless communication.If the customer does not approve the final wireless payment after a certain period of time, the seller confirms that the customer is not willing to purchase, Delete the purchase information and payment information.

8 is a screen for requesting a password input to the wireless communication terminal 470 of the customer through the wireless Internet authentication system 400 after the customer clicks the payment approval button in FIG. 7, and the wireless communication terminal 470. Shows simple information such as purchase information and payment amount.

After the customer inputs the payment information through the wired Internet, the customer can access the wireless internet authentication system 400 at any time for a certain period of time to approve the final payment. As long as the wireless payment final approval is confirmed, the seller and the payment information The relay will not process payments for that customer.

9 is a flowchart illustrating a process of approving a final payment through a wireless internet authentication system 400 after inputting credit card information in a wired internet for a wired / wireless complex payment using a credit card.

When a customer enters credit card information for payment for a product purchased at a seller's Internet shopping mall (900) and requests payment approval (905), the seller checks whether the customer's wired / wireless combined payment information exists. (910). If the wired / wireless combined payment information of the customer exists in the seller or the wireless internet authentication system 400, the seller requests the wireless internet authentication system 400 for a service for final payment approval of the customer (915). On the contrary, if the wired / wireless composite payment information of the customer does not exist (920), the payment information is changed, or the payment information is no longer available, the seller requests the purchaser to enter wireless communication information. (925). At this time, since the wireless communication information input checks whether the information is normal information using the customer information D / B of the mobile communication system 450 as shown in FIG. 7, if it is modified or modified in an inappropriate manner, the wireless communication information input cannot be used normally.

Upon receiving the final payment approval request from the seller (915), the wireless Internet authentication system 400 connects to the wireless communication terminal 470 of the corresponding customer based on the wired / wireless complex payment information of the corresponding customer, and the wireless communication terminal ( After accessing the wireless Internet authentication system 400 through the wireless Internet 470, the final payment approval may be made (930). If the wireless payment approval is normally performed through the wireless communication terminal 470, the wireless Internet authentication system 400 transmits the result to the payment information relay authority (935). On the contrary, if the wireless internet authentication system 400 cannot connect with the wireless communication terminal 470 of the customer, or if final payment approval is not performed from the wireless communication terminal 470 (940), the wireless internet authentication system 400 is fixed. By repeatedly performing the wireless payment approval process during the period, the customer is allowed to perform the final wireless payment approval.

After confirming the final payment approval from the wireless communication terminal 470 of the customer, the wireless Internet authentication system 400 transmits the result to the payment information relay agency, and the payment information relay agency processes the payment through the card issuer and the card slip purchaser. 945, the payment process is the same as the existing wired Internet payment processing method.

If payment for the customer's purchase from the payment information relay agency is normally processed, the seller deletes the customer's purchase information and payment information (950) and delivers the purchased product to the customer according to a given method.

In this embodiment, since the seller, the wireless Internet authentication system 400, and the payment information relay agency are connected by a dedicated line, they cannot be misused in an inappropriate manner. Security and system maintenance for the process that the result is transmitted is made by the wireless Internet authentication system 400.

According to the present invention, by transmitting the electronic payment authentication information separately through the wired and wireless Internet and the communication network through a synchronized wired and wireless complex payment system, existing packet sniffing or IP spoofing There is an advantage in providing a secure payment means that can block the deliberate hacking of a high degree of difficulty such as.

Claims (6)

The wired Internet network, wireless Internet network, and mobile communication network is characterized in that the organic connection is configured, Basic information data (card number and expiration date including card number and expiration date) to be filled in by the client who wants to process the payment on the internet website (in general, it means an internet shopping mall and a website which requires product payment). A first step of requesting input of wireless communication terminal information data (specific information data of the wireless communication terminal including a telephone number) of the client after receiving basic information data to be written; Receiving a wireless communication terminal information data of the client from the client, and then determining whether or not it matches information data previously stored in a mobile communication system customer information D / B (Data Base); A third step of requesting input of a payment approval number (or a secret key) to a wireless communication terminal of the client through a wireless Internet network when the data of the second data determination result of the second data communication terminal is identical; And And receiving a payment approval number (or a secret key) from the wireless communication terminal of the client to authenticate the payment processing. Through the above steps, the electronic payment processing and authentication process using the Internet is complexly processed through the wired internet network, the wireless communication, and the wireless internet network, thereby preventing the electronic payment system from being exploited in an inappropriate manner by deliberate hacking. Electronic payment processing and authentication method using a synchronized wired / wireless complex system. The wired Internet network, wireless Internet network, and mobile communication network is characterized in that the organic connection is configured, Information data (telephone number, device name, model number, serial number, manufacturer name) of the wireless communication terminal from a client connecting to an Internet website (usually an Internet shopping mall, which means a website requiring product payment). Receiving the unique information data of the wireless communication terminal including a; and determining whether or not to match the information data previously stored in the mobile communication system customer information D / B (Data Base); When the information data determination result data of the first stage wireless communication terminal is identical, the basic information data of the client (basic information specific to the client including a name and ID) and information data of the wireless communication terminal are used. A second step of generating and storing wired / wireless composite payment information data required for separate payment processing through wired / wireless when payment of goods on the Internet of the client; If the client requires payment processing on the Internet website, after receiving the basic information data (basic information data to be filled in the payment processing including the card number and expiration date) to fill out the payment processing through the wired Internet network A third step of requesting input of a payment approval number (or secret key) to a wireless communication terminal of the client through a wireless internet network by referring to the wired / wireless complex payment information data of the client; And And receiving a payment approval number (or a secret key) from the wireless communication terminal of the client to authenticate the payment processing. Through the above steps, the electronic payment processing and authentication process using the Internet is complexly processed through the wired internet network, the wireless communication, and the wireless internet network, thereby preventing the electronic payment system from being exploited in an inappropriate manner by deliberate hacking. Electronic payment processing and authentication method using a synchronized wired / wireless complex system. The electronic payment processing and authentication method according to claim 1 or 2, wherein the wired / wireless hybrid system is used. The Internet website of the client (generally, an Internet shopping mall, which means a website requiring product payment) and the customer information of the mobile communication system are synchronized with each other, and the wired internet network and the wireless internet network Electronic payment processing and authentication method using a wired / wireless hybrid system characterized in that the synchronization with each other. The method of claim 2, wherein the electronic payment processing and authentication method using the wired / wireless hybrid system, When the client or the mobile communication company changes the customer information data stored in the mobile communication system, the wired / wireless combined payment information data of the client is automatically changed. Electronic payment processing and authentication method. The method according to claim 1 or 2, wherein a request for inputting a payment approval number (or secret key) to the client's wireless communication terminal is performed. Electronic payment processing and authentication method using a wired / wireless combined system, characterized in that to present the client's payment information (purchase information including the purchase item and the payment amount) preferentially to the wireless communication terminal of the client. The wired Internet network, wireless Internet network, and mobile communication network is characterized in that the organic connection is configured, Information data (telephone number, device name, model number, serial number, manufacturer name) of the wireless communication terminal from a client connecting to an Internet website (usually an Internet shopping mall, which means a website requiring product payment). Receiving unique information data of the wireless communication terminal) including; Transmitting the received data to a mobile communication system on a mobile communication network and determining whether the received data matches information data previously stored in a customer information data base (D / B) in the mobile communication system; By using the client's basic information data (the client's own basic information data including the name and ID) and the information data of the wireless communication terminal, the wires and wireless necessary for separate payment processing when commodity payment on the Internet of the client Generating and storing wireless composite payment information data; If the client requires payment processing on the Internet website, after receiving the basic information data (basic information data to be filled in the payment processing including the card number and expiration date) to fill out the payment processing through the wired Internet network Transmitting payment approval number (or secret key) input request data to a wireless communication terminal of the client through a wireless Internet network with reference to the wired / wireless combined payment information data of the client; And And receiving the payment approval number (or secret key) from the wireless communication terminal of the client and authenticating the payment approval number (or secret key). Through the above functions, the electronic payment processing and authentication process using the Internet is complexly processed through the wired internet network, the wireless communication, and the wireless internet network, thereby preventing the electronic payment system from being exploited in an inappropriate manner by deliberate hacking. Electronic payment processing and authentication system using synchronized wired / wireless complex system.