KR20070113442A - System and method for processing electronic document and program recording medium - Google Patents

Abstract

A method and a system for processing an electronic document, and a program recording medium therefor are provided to convert a paper document, which a financial agency has to manage for a certain period, into an electronic document and store the electronic document in a predetermined electronic document storage unit, thereby reducing significantly a large amount of paper documents. An information checking unit(455) checks whether there is an electronic preliminary document(or paper document) which is prestored and managed in association with a customer when transmitting finance transaction information(or data) to the customer. An information transmission unit(465) transmits the electronic document conversion consent request of the electronic preliminary document(or paper document) to the customer together when transmitting the finance transaction information(or data) to the customer if there is the electronic preliminary document(or paper document). An electronic document generating unit(475) converts the electronic preliminary document(or paper document) into an electronic document by using the customer authentication unit of the customer when the customer consents to the conversion into the electronic document. An information storage unit(440) stores and manages the converted electronic document to a predetermined storage medium.

Description

System and Method for Processing Electronic Document and Program Recording Medium

1 is a diagram showing a system configuration for processing a paper document into a digital document according to an embodiment of the present invention.

2A and 2B are diagrams showing a preferred configuration for document management information for converting a paper document into an electronic document according to an embodiment of the present invention.

3 is a diagram illustrating a process of processing a paper document into a digital document according to an embodiment of the present invention.

4 is a diagram illustrating a configuration of an electronic document conversion system for converting a paper document into an electronic document according to one embodiment of the present invention.

5 is a diagram illustrating a process of requesting a financial institution to convert a paper document into an electronic document by a financial institution according to an exemplary embodiment of the present invention.

6 is a diagram illustrating a process of generating an electronic document from a digital document (or paper document) according to one embodiment of the present invention.

7 is a diagram illustrating a process of registering an electronic document in an electronic document repository according to one embodiment of the present invention.

8 is a diagram illustrating a method for generating an electronic signature by attaching an electronic signature to a digital document in a customer terminal according to an embodiment of the present invention.

9 is a diagram illustrating a method of confirming an electronic signature attached to an electronic document in the electronic document registration server according to an embodiment of the present invention.

10 is a diagram illustrating a method for encrypting and transmitting an electronic document in a symmetric key (or secret key) method in a customer terminal according to an embodiment of the present invention.

FIG. 11 is a diagram illustrating a method of decrypting an electronic document encrypted and received at an electronic document registration server by a symmetric key (or secret key) method according to an embodiment of the present invention.

12 is a diagram illustrating a method for encrypting and transmitting an electronic document in a public key infrastructure scheme in a client terminal according to an embodiment of the present invention.

FIG. 13 illustrates a method for decrypting an electronic document encrypted and received by an electronic document registration server according to an embodiment of the present invention using a public key infrastructure.

14 is a diagram illustrating a method for encrypting and transmitting an electronic document in an electronic envelope method in a customer terminal according to an embodiment of the present invention.

15 is a diagram illustrating a method of decrypting an electronic document encrypted and received by an electronic document registration server according to an embodiment of the present invention by an electronic envelope method.

16 is a diagram illustrating a method of encrypting and transmitting an electronic document in a key exchange method in a customer terminal according to an embodiment of the present invention.

17A and 17B illustrate a method of decrypting an electronic document encrypted and received by an electronic document registration server according to an embodiment of the present invention by a key exchange method.

18 is a diagram illustrating a configuration of an electronic document conversion system for converting a paper document into an electronic document according to another embodiment of the present invention.

19 is a diagram illustrating a process of connecting an internet banking-based financial transaction channel according to an embodiment of the present invention.

20 is a diagram illustrating a process of requesting a financial institution to convert a paper document into an electronic document by a financial institution according to another exemplary embodiment of the present invention.

FIG. 21 illustrates a process of generating an electronic document from a digital document (or paper document) according to another embodiment of the present invention.

22 is a diagram illustrating a process of registering an electronic document in an electronic document repository according to another exemplary embodiment of the present invention.

FIG. 23 is a diagram illustrating a method for generating an electronic signature by attaching an electronic signature to a digital document in a customer terminal according to an embodiment of the present invention.

24 is a diagram illustrating a method of confirming an electronic signature attached to an electronic document in the electronic document registration server according to an embodiment of the present invention.

25 is a diagram illustrating a method for encrypting and transmitting an electronic document in a symmetric key (or secret key) method in a customer terminal according to an embodiment of the present invention.

FIG. 26 is a diagram illustrating a method of decrypting an electronic document encrypted and received at an electronic document registration server by a symmetric key (or secret key) method according to an embodiment of the present invention.

FIG. 27 is a diagram illustrating a method for encrypting and transmitting an electronic document in a public key infrastructure in a client terminal according to an embodiment of the present invention.

FIG. 28 is a diagram illustrating a method of decrypting an electronic document encrypted and received by an electronic document registration server according to an embodiment of the present invention using a public key infrastructure.

FIG. 29 is a diagram illustrating a method of encrypting and transmitting an electronic document in an electronic envelope method in a customer terminal according to an embodiment of the present invention.

30 is a diagram illustrating a method of decrypting an electronic document encrypted and received by an electronic document registration server according to an embodiment of the present invention by an electronic envelope method.

FIG. 31 is a diagram illustrating a method for encrypting and transmitting an electronic document in a key exchange method in a customer terminal according to an embodiment of the present invention.

32A and 32B illustrate a method of decrypting an electronic document encrypted and received by an electronic document registration server according to an embodiment of the present invention by a key exchange method.

<Description of main parts of drawing>

400: electronic document registration server 405: interface unit

410: interface generation unit 415: document extraction unit

420: document transmission unit 425: document receiving unit

430: validity authentication unit 435: document registration unit

440: storage medium 445: information providing server

450: information confirmation unit 455: information confirmation unit

460: information generating unit 465: information transmitting unit

470: customer communication means 475: customer terminal

The present invention refers to the financial transaction customer with reference to the document management information in the process of providing at least one or more message information (eg, loan due date request, etc.) to at least one financial transaction customer in connection with the financial system in a financial institution. Requesting to convert the paper document into a predetermined electronic document, and when the financial transaction customer approves (or agrees to) converting the paper document into an electronic document, the digital document generated from the paper document is used. An electronic document processing method and system for converting a document into an electronic document.

In order to provide at least one financial service to at least one financial transaction customer in a financial institution, at least one paper document is created between the financial institution and the financial transaction customer.

For example, in order for the financial transaction customer to borrow a predetermined amount from the financial institution, the financial transaction customer first prepares at least one or more documents requested by the financial institution for loan services, and / or at least one or more documents. At least one document required for the loan service must be issued by a public institution, and a bond / debt relationship with respect to the loan amount is made between the financial transaction customer and the financial institution by preparing and stamping a loan contract corresponding to the loan service. The document and / or loan agreement, etc. should be made of paper documents.

In addition, in order for the customer provided with the loan service to extend the maturity of the loan amount, the financial transaction customer must first prepare an application for maturity extension of the loan amount, and the financial institution responds to the application for extension of the maturity. The expiration date must be completed and sealed, and the application for extension and / or the expiration date shall be made of paper documents.

In addition, when the loan amount is returned, the financial transaction customer and the financial institution prepare a document for specifying that the bond / debt relationship for the loan amount has been extinguished, and the document is also made of a paper document.

The financial institution must manage at least one or more paper documents prepared to provide at least one or more financial services to the at least one financial transaction customer for a period of time. In order to manage the paper document to be produced, it involves a huge cost.

An object of the present invention is to check whether there is an electronic preliminary document (or paper document) that is stored and managed by the customer, and if the result of the check, the electronic preliminary document (or paper document) related to the customer exists, The electronic document conversion agreement request information of the digitalization preliminary document (or paper document) is sent to the customer, and when the customer agrees to convert the electronic document, the electronic preliminary document (or paper) is used by the customer authentication means of the customer. An electronic document processing method and system for converting a document) into an electronic document and storing and managing the converted electronic document in a predetermined storage medium.

The electronic document processing system according to the present invention, when sending information related to the financial transaction (or data) to the customer, information for checking whether there is an electronic preliminary document (or paper document) that is already stored and managed in relation to the customer Identification means; As a result of the confirmation, when the electronic document (or paper document) related to the customer exists, when the financial transaction related information (or data) is sent to the customer, the electronic document of the electronic document (or paper document) is converted to the customer. Information transmitting means for sending consent request information; An electronic document generating means for converting the digitalized preliminary document (or paper document) into an electronic document using the customer authentication means of the customer when the customer agrees to convert the electronic document; And information storage means for storing and managing the converted electronic document in a predetermined storage medium.

According to the present invention, the electronic document processing system, the financial company server or financial company that performs financial transactions with the customer electronic document conversion agreement information and / or electronic document conversion information of the electronic document preliminary document (or paper document) Characterized in that it further comprises information transmitting means for notifying the branch terminal.

According to the present invention, the electronic document conversion processing means, using the certificate of the customer, characterized in that to display the content identification and / or confirmation of the customer and / or self-created information on the generated electronic document do.

According to the invention, each of the means is characterized in that provided in a single server, or provided separately in a plurality of servers and / or terminals.

On the other hand, the electronic document processing method according to the present invention comprises the steps of checking whether there is a preliminary document (or paper document) that is stored, managed by the customer-related device in the predetermined information checking means; Sending the electronic document conversion consent request information of the electronic preliminary document (or paper document) to the customer by a predetermined information transmission means when the customer-prepared electronic document (or paper document) exists; If the customer agrees to convert the electronic document, converting the digitalized preliminary document (or paper document) into an electronic document using a customer authentication means of the customer in a predetermined electronic document generating means; And storing and managing the converted electronic document in a predetermined storage medium by predetermined information storage means.

According to the present invention, the electronic document processing method, the predetermined information transmission means for the electronic document conversion agreement information and / or the electronic document conversion information of the electronicized preliminary document (or paper document) to the financial transaction with the customer The method may further include the step of notifying the financial institution server or the financial institution branch terminal.

On the other hand, the present invention includes a computer-readable recording medium, characterized in that for recording the program for executing the above-described electronic document processing method.

Hereinafter, with reference to the accompanying drawings and description will be described in detail the operating principle of the preferred embodiment of the present invention. However, the drawings and the following description shown below are for the preferred method among various methods for effectively explaining the features of the present invention, the present invention is not limited only to the drawings and description below. In addition, in the following description of the present invention, if it is determined that a detailed description of a related known function or configuration may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted. In addition, terms to be described below are terms defined in consideration of functions in the present invention, which may vary according to intentions or customs of users and operators. Therefore, the definition should be based on the contents throughout the present title.

In addition, preferred embodiments of the present invention to be carried out below are provided in each system functional configuration to efficiently describe the technical components constituting the present invention, or system functions that are commonly provided in the technical field to which the present invention belongs. The configuration will be omitted, and described mainly on the functional configuration to be additionally provided for the present invention. If those skilled in the art to which the present invention pertains, it will be able to easily understand the function of the components that are conventionally used among the omitted functional configuration not shown below, and also the configuration omitted as described above The relationship between the elements and the components added for the present invention will also be clearly understood.

In addition, the following examples will be used to appropriately modify the terms so that those skilled in the art to clearly understand the technical features of the present invention to effectively understand, but the present invention It is by no means limited.

For example, the electronic preliminary document is a document image obtained by scanning the paper document, and / or an electronic copy of the paper document, which is referred to as a digital document in the following embodiment for convenience.

As a result, the technical spirit of the present invention is determined by the claims, and the following examples are one means for efficiently explaining the technical spirit of the present invention to those skilled in the art to which the present invention pertains. It is only.

1 is a diagram showing a system configuration for processing a paper document into a digital document according to an embodiment of the present invention.

More specifically, FIG. 1 generates a digital document by digitalizing a paper document including financial transaction contents provided by a financial institution to at least one financial transaction customer through a predetermined scanner and digitizing the digital document. The present invention relates to a system configuration for storing a document in a predetermined document D / B 115, and a person of ordinary skill in the art may refer to and / or modify this paper to digitally convert the paper document. Various system configurations for processing into documents may be inferred, but the present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In order to provide at least one financial service to at least one financial transaction customer at a financial institution, at least one paper document is created between the financial institution and the financial transaction customer, and the paper document is converted into a predetermined electronic document. In order to store in a predetermined electronic document storage and to discard the paper document, the financial institution must digitize the paper document using a predetermined scanner to generate a predetermined document image. At least one scanner for digitizing a document, and the manager terminal 120 to control the scanner to obtain a predetermined document image, and attach the predetermined document information to the document image.

Referring to FIG. 1 according to the embodiment of the present invention, a system for processing the paper document into a digital document includes at least one manager terminal 120, the manager terminal 120, and a predetermined number provided in the financial institution. A document management server 100 connected through a communication means and receiving at least one or more digital documents from the manager terminal 120 through the communication means and storing them in a predetermined document D / B 115; And a financial system 125 connected with the document management server 100 (and / or document management server 100) through a predetermined communication means.

The manager terminal 120 is a terminal device provided to process the paper document into a digital document at the financial institution, and obtains a document image by digitizing at least one or more paper documents through at least one scanner, and the document image. It is characterized in that the predetermined digital document is generated by attaching the predetermined sentence information.

Here, the document information attached to the document image includes the document image type (or paper document type), financial service information and financial transaction customer information corresponding to the document image, and the document information includes the manager. Input through the terminal 120 and / or extracted from the customer ledger of the financial transaction customer provided in the financial system 125 (and / or the ledger associated with the financial service provided in the financial system 125). It is preferable.

Those skilled in the art to which the present invention pertains may include a method of digitalizing a predetermined paper document through the scanner in the manager terminal 120 to generate a predetermined document image, and / or the predetermined document image. Since it will be familiar with how to generate a predetermined digital document by attaching the document information, detailed description thereof will be omitted for convenience.

The financial institution is characterized by having a predetermined financial system 125 for providing at least one financial transaction (eg, credit, receiving, foreign exchange, financial investment, etc.) services to at least one financial transaction customer.

The financial system 125 provided in the financial institution is connected to at least one or more window terminals provided in branches (and / or branch offices) of the financial institution through a predetermined financial network (for example, a branch network). And, through the window terminal provides a financial transaction service of face to face at least one financial transaction customer.

In addition, the financial system 125 may include at least one financial terminal including a cash dispenser / automatic teller machine (CD / ATM) provided at a branch (and / or branch) of the financial institution, and / or the financial institution; At least one financial terminal provided in at least one affiliated financial institution (and / or another financial institution branch) and / or at least one financial terminal provided in a public place and a predetermined financial network (eg, CD Network), and provides a non-face-to-face financial transaction service to at least one financial transaction customer through the financial terminal.

In addition, the financial system 125 is characterized in that it is associated with a predetermined Internet banking server, a network (eg, wired Internet, and / or IEEE 802.11x based) connected to the TCP / IP-based backbone network through the Internet banking server At least one or more client terminals (e.g., personal computer (PC) and / or laptop equipped with the wired Internet access and browsing function) connected to a wireless LAN, and / or an IEEE 802.16x-based portable Internet, and the wireless LAN Provide a non-face-to-face financial transaction service to at least one financial transaction customer through a laptop and / or a mobile terminal equipped with a mobile Internet access and browsing function).

In addition, the financial system 125 is characterized in that associated with a predetermined wireless banking server, a predetermined wireless network (for example, code division multiple access (CDMA) based mobile communication network, and / or through the wireless banking server) At least one wireless terminal (e.g., a personal communication system (PCS) having access and browsing functions connected to the mobile communication network) and / or connected to an IEEE 802.16x-based portable Internet and / or a DataTAC / Mobitex-based wireless data communication network. Non-face-to-face financial transactions with at least one financial transaction customer via a Global System for Mobile (GSM) terminal and / or Personal Digital Assistant (PDA) and / or Smart Phone and / or Telematics) Provide service.

In addition, the financial system 125 is characterized in that associated with a predetermined IC chip-based wireless banking server, a predetermined wireless network (for example, code division multiple access (CDMA) based on the IC chip-based wireless banking server) At least one or more through at least one wireless terminal (e.g., a wireless terminal having a financial IC chip) connected to a mobile communication network and / or an IEEE 802.16x based portable Internet, and / or a DataTAC / Mobitex based wireless data communication network. It provides IC chip-based non-face-to-face financial transaction service to financial transaction customers.

In addition, the financial system 125 is characterized in that it is associated with a predetermined telebanking server, and is connected to a predetermined wired voice call network (eg, a Public Switched Telephone Network (PSTN)) through the telebanking server. At least one wired communication terminal (e.g., a telephone) and / or at least one wireless communication terminal (e.g., a PCS and / or a mobile communication network based on a code division multiple access (CDMA)). Or a non-face-to-face financial transaction service to at least one or more financial transaction customers through a GSM terminal and / or a smart phone.

In addition, the financial system 125 is characterized in that associated with a predetermined home banking server, at least one or more home appliances connected to a predetermined home network through the home banking server (eg, digital TV connected to the home network and / Or a non-face-to-face financial transaction service to at least one financial transaction customer through a refrigerator or the like.

In addition, the financial system 125 is characterized in that associated with a predetermined TV banking server, at least one digital TV (for example, two-way digital TV, connected to a predetermined return channel (Return Channel) through the TV banking server) The non-face-to-face financial transaction service is provided to at least one financial transaction customer through a satellite DMB terminal or a terrestrial DMB terminal.

Referring to FIG. 1, the financial system 125 is provided with a financial institution to open at least one financial account to at least one financial transaction customer and provide at least one financial transaction service based on the financial account. An accounting system for processing a window service such as credit or reception or trust or foreign exchange occurring in at least one branch (or window), an information system for processing a headquarters business, support for branch information, and customer information management Interconnection between the financial system 125 and at least one other financial system 125 (and / or payment system), and / or at least one non-face-to-face financial transaction means (e.g., provided in at least one external communication network) Financial system in Internet banking, wireless banking, IC chip-based wireless banking, tele banking, TV banking, etc.) Access to 125, and / or an external system providing various financial transaction interfaces through at least one common network (eg, CD common network, financial common network). 125 is an interface module corresponding to a middleware platform that provides interfacing between components in the financial system 125, and predetermined information required for performing each function in the components in the financial system 125. And a DBMS (DataBase Management System) including at least one database for storing and managing (eg, ledger information, and / or customer information, and / or management information).

In addition, the financial system 125 is intended by those skilled in the art and / or the types of financial institutions (eg, commercial banks, savings banks, trust banks) provided with the financial system 125 and the purpose of the financial system 125. And according to the features, it is possible to further include at least one or more components, such as foreign exchange module (not shown), investment funding module (not shown), international module (not shown), in the technical field to which the present invention belongs Those skilled in the art will be familiar with the detailed technical details of the financial system 125, and thus the detailed description thereof will be omitted for convenience, and the present invention is not limited thereto.

According to the invention, the DBMS provided in the financial system 125, the financial institution opens at least one financial account to at least one financial transaction customer, at least one financial transaction service based on the financial account And at least one ledger D / B for storing at least one ledger for providing, wherein the ledger D / B is at least one for processing at least one financial transaction to be provided to the financial transaction customer by the financial institution. The above ledger information (e.g., customer ledger, reception ledger, collateral ledger, etc.) and at least one ledger additional information corresponding to each ledger information (e.g., more specifically and / or supplementing the attributes / functions of each ledger) are relational It is characterized in that it is stored in association with (Relationship).

Those skilled in the art to which the present invention pertains include at least one ledger information provided in the ledger D / B and each ledger according to the type of each financial institution and the purpose and characteristics of the financial system 125. In addition to being familiar with at least one ledger additional information corresponding to the information, each ledger information is linked and stored in a relational manner, and / or the predetermined ledger information and at least one ledger additional information are linked in a relational manner. Since it will be understood that the stored information, detailed description thereof will be omitted for convenience.

Referring to FIG. 1, the document management server 100 is connected to the manager terminal 120 through a predetermined communication means, and at least one digital document generated by the manager terminal 120 through the communication means. And a document storage unit 110 for storing the digital document in the predetermined document D / B 115.

According to the method of the present invention, the document management server 100 is a predetermined D / B server provided in the financial institution, and / or the information system provided in the financial system 125, and / or It is possible to include any one of the servers provided in the specialized document storage, thereby the present invention is not limited.

In addition, the document D / B 115 may be both provided outside the financial system 125 and / or provided in the DBMS 130 in the financial system 125, thereby limiting the present invention. Not.

After the predetermined digital document generated in the manager terminal 120 is stored in the document D / B 115, the manager terminal 120 (and / or the document management server 100) transmits the data through the communication means. The document management information corresponding to the digital document is generated and stored in the DBMS 130 on the financial system 125. A preferred embodiment of the document management information will be described in detail with reference to FIGS. 2A and 2B.

2A and 2B illustrate a preferred configuration for document management information for converting a paper document into an electronic document according to an embodiment of the present invention.

In more detail, Figures 2a and 2b include storing (and / or linked) predetermined document management information registered in the customer ledger through a system for processing the paper document shown in Figure 1 into a digital document, and / or And / or an implementation method for configuring information to be stored in a predetermined database associated with the customer ledger, specifically, FIG. 2A relates to an implementation method in which the document management information is processed in association with the customer ledger and stored. FIG. 2B illustrates an implementation method in which the document management information is stored in a predetermined database associated with the customer ledger.

Those skilled in the art will be able to infer various implementation methods for storing the document management information by referring to and / or modifying the drawings 2a and 2b. It includes all the implementation methods that are, and is not limited to the implementation method shown in Figures 2a and 2b.

Referring to Figure 2a, the customer ledger is CIF (Customer Information File) number, country code, contact person ID, sales office number, customer classification, customer name, customer address, region classification code, telephone number, business number, trade name, classification code , Expiration date, status headquarters information, settlement date, cash available date, surname, name, social security number, company address, company phone number, mailing address, account number, president, business type, legal representative, initial transaction date, TRW, DB, usage, Parent company number. Country name, transmission, sex resident, occupation, mailing address, company name, guardian name, guardian telephone number, legal representative business number, construction process classification, tax classification, area code, group code and postal code, etc. However, those skilled in the art to which the present invention pertains, since the contents and features of the information contained in the customer ledger will be clearly understood, detailed description thereof will be omitted for convenience.

In addition, referring to Figure 2a, the customer ledger account number, CIF number, point number, currency, opening date, status, product type, interest rate, password, balance, RBI balance 1, RBI balance 2, bank balance, bankbook Number, current interest, time extension, time extension amount, ARS setting, final deposit date, final withdrawal date, final deposit amount, final withdrawal amount, unpaid account transactions, interest rate accounting, flat consolidation, final payment interest, final payment transaction number, It is relationally processed with a predetermined ledger (or ledger) that includes at least one or more individual interest rate reference and the date of final interest calculation, etc., and the ledger (or ledger) includes account number, withdrawal (months), period ( Number of days), periodic reception information including at least one term extension, expiration date and target amount, and / or trust including at least one account number, deposit amount, par value, pension date and number of shares corresponding to the account ledger. Receiving information, and / or account number, transaction number, date, point number, commodity type, transaction type, cash amount, other ticket, batch number (Batch No.), combination transaction, date of payment, bank account line, Briefly, transactional information including at least one or more including CIF is processed in relational relations, etc. If one of ordinary skill in the art to which the present invention belongs, the ledger to be processed in relation to the customer ledger is the reception ledger ( It will be clearly understood that other types of ledgers (eg, loan ledgers, collateral ledgers, securities ledgers, remittance ledgers, funds ledgers, customer ledgers, etc.) may also be included in addition to the general ledger). Since at least one or more additional information processed in conjunction with the ledger of the obvious will be familiar with, the detailed description thereof will be omitted for convenience.

In addition, referring to Figure 2a, the customer ledger is financial information, including at least one or more CIF number, year, B / S amount, P / L amount, manufacturing cost amount, financial ratio, and / or CIF number, period, loan Analysis of profitability, including at least one or more of the balance, fund contribution rate, credit code, credit balance, credit interest, and / or CIF number, year, cash inflows, cash revenue, cash flows, cash flows, cash flows Additional information, such as cash flow information, including at least one or more amounts is processed. If the person having ordinary knowledge in the technical field to which the present invention belongs, the additional information processed in connection with the customer ledger is the financial information, profitability analysis. In addition to the information and cash flow information, other types of additional information (e.g., contact information for the financial transaction customer, branch information, country code information, area code information, group) Code information, postal code information, limit information per customer information file (CIF), financial institution transaction status information, major shareholder information, follow-up management information, temporary checking base information, etc.) Detailed description thereof will be omitted for convenience.

In FIG. 2A according to a preferred embodiment of the present invention, the document management information for converting the paper document into an electronic document is stored in the form of additional information processed in association with the customer ledger. Preferably, the document management information includes at least one CIF number, a paper document creation date, a digital document generation date, a document expiration date, an electronic document generation date, and the like, for cooperatively processing the document management information with the customer ledger.

Here, the paper document creation date of the document management information is a date on which the original paper document processed into a predetermined digital document is created through the system configuration shown in FIG. 1, and includes a date that is a standard of the document expiration date.

Further, the digital document generation date of the document management information is a date when a predetermined digital document is generated by digitizing the paper document through the system configuration shown in FIG. 1, and the digital document stored in the document D / B 115. Information for managing.

In addition, the document expiration date of the document management information, the date that the paper document (and / or digital document, and / or electronic document) is invalidated on the basis of the paper document creation date, and / or the paper document (and / Or the date on which the digital document and / or electronic document is automatically discarded, the financial institution shall manage the paper document (and / or digital document, and / or electronic document) until the document expiration date.

The electronic document generation date of the document management information may include attaching a predetermined customer electronic signature to the digital document, generating a predetermined electronic document, and storing the electronic document in a predetermined electronic document repository (e.g., an electronic document provided in a financial institution). Document storage, or an authorized electronic document storage provided outside the financial institution, and when a valid date is included in the electronic document generation date, the paper document is converted into an electronic document according to the present invention. Is considered.

Referring to FIG. 2B, document management information for converting the paper document into an electronic document is processed in association with a CIF number corresponding to the customer ledger and stored in a predetermined database, whereby the document management information stored in the database is stored in the ledger. The customer ledger stored in the D / B (200) is characterized in that the relational processing.

Preferably, the information item included in the document management information includes at least one paper document creation date, digital document generation date, document expiration date, electronic document generation date and the like.

Here, the paper document creation date of the document management information is a date on which the original paper document processed into a predetermined digital document is created through the system configuration shown in FIG. 1, and includes a date that is a standard of the document expiration date.

Further, the digital document generation date of the document management information is a date when a predetermined digital document is generated by digitizing the paper document through the system configuration shown in FIG. 1, and the digital document stored in the document D / B 115. Information for managing.

In addition, the document expiration date of the document management information, the date that the paper document (and / or digital document, and / or electronic document) is invalidated on the basis of the paper document creation date, and / or the paper document (and / Or the date on which the digital document and / or electronic document is automatically discarded, the financial institution shall manage the paper document (and / or digital document, and / or electronic document) until the document expiration date.

The electronic document generation date of the document management information may include attaching a predetermined customer electronic signature to the digital document, generating a predetermined electronic document, and storing the electronic document in a predetermined electronic document repository (e.g., an electronic document provided in a financial institution). Document storage, or an authorized electronic document storage provided outside the financial institution, and when a valid date is included in the electronic document generation date, the paper document is converted into an electronic document according to the present invention. Is considered.

3 is a diagram illustrating a process of processing a paper document into a digital document according to an embodiment of the present invention.

In more detail, Figure 3 is a process for generating a predetermined digital document by digitizing at least one or more paper documents based on the system configuration shown in Figure 1, having a common knowledge in the art Growing up, it is possible to infer various implementation methods of processing the paper document to generate a predetermined digital document by referring to and / or modifying the drawing 3, but the present invention includes all the inferred implementation methods. It is not limited to the implementation method shown in FIG.

Hereinafter, in FIG. 3, the manager terminal 120 illustrated in FIG. 1 is referred to as a “terminal” for convenience, and the document management server 100 illustrated in FIG. 1 is referred to as a “server” for convenience.

Referring to FIG. 3, the terminal scans and digitizes at least one paper document through at least one scanner, thereby generating a predetermined document image corresponding to the paper document (300), and generating a predetermined document in the document image. The digital document is generated by attaching the information (305).

Thereafter, the terminal transmits the digital document to the server via a predetermined communication means (310), and the server receives the digital document and stores it in the predetermined document D / B 115 (315).

Thereafter, the terminal (and / or server) generates predetermined document management information corresponding to the digital document and stores it in the DBMS 130 on the financial system 125 (320), thereby allowing the financial institution to In the process of providing at least one message information (eg, loan expiration extension request, etc.) to at least one financial transaction customer in connection with the financial system 125, the paper document is sent to the financial transaction customer with reference to the document management information. Request the conversion to a predetermined electronic document, and / or refer to the document management information in the course of processing the predetermined financial transaction by the financial transaction customer in connection with the financial system 125 through at least one financial transaction system. To request the financial transaction customer to convert the paper document into a predetermined electronic document.

According to the exemplary embodiment of the present invention, the process of generating the digital document by processing the paper document in the terminal is preferably repeated until all the paper documents managed by the financial institution are generated as digital documents (325). ).

4 is a diagram illustrating a configuration of an electronic document conversion system for converting a paper document into an electronic document according to one embodiment of the present invention.

In more detail, FIG. 4 illustrates the document management information in the process of providing at least one message information (eg, loan expiration extension request, etc.) to at least one or more financial transaction customers in connection with the financial system 125 at the financial institution. When the financial transaction customer is requested to convert the paper document into a predetermined electronic document, and the financial transaction customer approves (or agrees to) converting the paper document into an electronic document, it is generated from the paper document. The present invention relates to a system configuration for converting the paper document into an electronic document using a digital document, and a person of ordinary skill in the art to which the present invention pertains can refer to and / or modify the paper document to modify the paper document. Various system configurations for converting to a predetermined electronic document may be inferred, but the present invention infers the above. It comprises all of the embodiments and method, to which the present invention is not limited by the figure 4.

Referring to FIG. 4 according to an embodiment of the present invention, the electronic document switching system includes a financial system 125 having a DBMS 130 for storing document management information shown in FIGS. 2A and 2B, and An information providing server 445 requesting to convert the paper document into an electronic document in the course of providing predetermined message information to at least one information providing target customer (eg, a loan expiration request customer) in connection with the financial system 125. And a predetermined customer terminal 475 which performs an information processing function for the customer to convert the paper document into an electronic document, and is connected to the customer terminal 475 through predetermined network means. An electronic document registration server 400 which processes the customer terminal 475 to generate a predetermined electronic document by providing the digital document 475; and the electronic document registration server 400 (and / or It is characterized by comprising receiving a desired digital document from the customer terminal 475) having an electronic document management server 100 to store in a storage medium.

The financial system 125 provided in the financial institution opens at least one financial account to at least one financial transaction customer, and is provided to the financial institution to provide at least one financial transaction service based on the financial account. A system comprising: an accounting system for processing window services such as credit or receiving or trust or foreign exchange occurring in at least one branch (or window), an information system for processing headquarters operations, branch office information support, and customer information management; Interconnection between the financial system 125 and at least one or more other financial systems 125 (and / or payment systems), and / or at least one non-face-to-face financial transaction means (eg, the Internet) provided in at least one or more external communication networks. Banking, wireless banking, IC chip based wireless banking, tele banking, TV banking, etc.) And an external system that provides access to the stem 125 and / or various financial transaction interfaces through at least one or more common networks (e.g., a CD common network, a financial common network). 125 is an interface module corresponding to a middleware platform that provides inter-component interfacing within the financial system 125, and predetermined functions required for performing respective functions in the components in the financial system 125. And a DBMS 130 (DataBase Management System) including at least one database for storing and managing information (eg, ledger information, and / or customer information, and / or management information). .

In addition, the financial system 125 is intended by those skilled in the art and / or the types of financial institutions (eg, commercial banks, savings banks, trust banks) provided with the financial system 125 and the purpose of the financial system 125. And according to the features, it is possible to further include at least one or more components, such as foreign exchange module (not shown), investment finance module (not shown), international module (not shown), in the technical field to which the present invention belongs Those skilled in the art will be familiar with the detailed technical details of the financial system 125, and thus the detailed description thereof will be omitted for convenience, and the present invention is not limited thereto.

In addition, the DBMS 130 provided in the financial system 125 may allow the financial institution to open at least one financial account to at least one financial transaction customer, and provide at least one financial transaction service based on the financial account. And a ledger D / B 200 for storing at least one ledger for providing, wherein the ledger D / B 200 includes at least one finance that the financial institution will provide to the financial transaction customer. At least one or more ledger information (eg, customer ledger, ledger, collateral ledger, etc.) for transaction processing, and at least one corresponding to each ledger information (eg, to further refine and / or supplement the attributes / functions of each ledger) The ledger additional information is characterized in that it is stored in association with the relationship.

Those skilled in the art to which the present invention pertains include at least one ledger information provided in the ledger D / B 200 according to the type of each financial institution and the purpose and characteristics of the financial system 125 and In addition to being familiar with at least one ledger additional information corresponding to each ledger information, each ledger information is linked and stored in relational relation, and / or predetermined ledger information and at least one ledger additional information are relational. As it will be appreciated that it is stored in a cooperative process, a detailed description thereof will be omitted for convenience.

According to the present invention, the DBMS 130 included in the financial system 125 stores document management information including at least one of a paper document creation date, digital document generation date, document expiration date, electronic document generation date, and the like. In this case, the electronic document generation date of the document management information corresponding to the customer who has previously converted the paper document into the electronic document may include a valid date, and conversely, to the customer who has not previously converted the paper document into the electronic document. The electronic document generation date of the corresponding document management information may contain an invalid date (or a null value).

Referring to FIG. 4, the information providing server 445 is connected to the financial system 125 to identify at least one or more information target customers through a predetermined interface means, and a predetermined interface. An information confirming unit 455 for confirming whether to request the confirmed information providing target customer to convert the paper document into an electronic document by means of the financial system 125 through the means; When requesting to convert a document into an electronic document, an information generation unit 460 for generating message information including the predetermined electronic document conversion request information, and the message information to the customer communication means through a predetermined information transmission means. It is characterized by comprising an information transmission unit 465 to transmit.

The customer verification unit 450 may identify at least one or more information provision target customers who need to provide predetermined message information from the financial institution in connection with the financial system 125 through a predetermined interface means.

For example, the customer identification unit 450 is linked to the financial system 125 through a predetermined interface means (for example, referring to at least one loan ledger provided in the DBMS 130 on the financial system 125). The customer who is approaching the loan expiration time can be identified as an information target customer who must provide the loan expiration information.

When the at least one information providing target customer is confirmed by the customer confirming unit 450, the information confirming unit 455 is connected to the financial system 125 through the interface means (eg, the financial system 125). By reading the document management information stored on the DBMS 130 on the above) to check whether the information providing target customer is requested to convert a predetermined paper document into an electronic document.

According to an exemplary embodiment of the present invention, when the electronic document generation date of the document management information stored on the DBMS 130 on the financial system 125 includes a valid date (for example, when the paper document is previously converted to an electronic document). The information checking unit 455 confirms not to request the information providing customer to convert a predetermined paper document into an electronic document.

On the other hand, if the effective date of the electronic document generation date of the document management information stored on the DBMS 130 on the financial system 125 does not include a valid date (for example, if the paper document is not converted to an electronic document), the information check The unit 455 confirms to request the information target customer to convert a predetermined paper document into an electronic document.

When the information confirming unit 455 confirms that the information providing customer is requested to convert the paper document into an electronic document, the information generating unit 460 generates predetermined message information to be provided to the information providing customer. In addition, after generating the predetermined electronic document switch request information corresponding to the verification result of the information confirming unit 455, the electronic message switch request information is further generated in the generated message information. .

On the other hand, when the information confirming unit 455 confirms that the information providing customer is requested to convert the paper document into an electronic document, the information generating unit 460 provides predetermined message information to be provided to the information providing customer. Only generates

When predetermined message information to be provided to the information providing customer is generated as described above, the information transmitting unit 465 transmits the generated message information to the customer communication means through a predetermined information transmitting means.

According to one embodiment of the invention, the customer communication means preferably comprises a customer's landline and / or wireless telephone (mobile phone), wherein the message information is a predetermined voice announcement (or counselor) Preferably, the information transmission means for providing the message information includes a communication configuration (for example, a public switched telephone network (PSTN), mobile) for transmitting the message information to the customer communication means. Communication network).

According to another exemplary embodiment of the present invention, the customer communication means preferably comprises a mail address and / or a messenger account of the customer, wherein the message information is in the form of a message for a predetermined email and / or messenger. Preferably, the information transmission means for providing the message information comprises a communication configuration (for example, mail transmission and reception system, etc.) for transmitting the message information to the customer communication means.

According to another embodiment of the present invention, the customer communication means preferably comprises a wireless terminal of the customer, wherein the message information is at least one Short Message Service (SMS) and / or Preferably, the message is provided in the form of a wireless message including a multimedia messaging service (MMS), wherein the information transmitting means for providing the message information transmits the message information to the customer communication means (eg, a web-to-phone). (Web-To-Phone) message sending system, etc.).

Those skilled in the art to which the present invention pertains may infer various customer communication means in addition to the above-described customer communication means, but the present invention includes all of the inferred customer communication means, It is not limited to customer communication means.

When the customer who has received the electronic document conversion request information from the information providing server 445 wants to convert the paper document into the electronic document, the customer is provided with a predetermined certificate (eg, an Internet banking certificate). The electronic document registration server 400 is connected to the electronic document registration server through a predetermined client terminal 475 using predetermined network means.

The customer terminal 475 may be a wired network based on Transmission Control Protocol / Internet Protocol (TCP / IP) (eg, Asymmetric Digital Subscriber Line (ADSL) / Very High-data Rate Digital Subscriber Line (VDSL) and / or cable communication network). At least one wired terminal including a desktop computer and / or a notebook computer connected to the electronic document registration server 400 through a connection, and / or connected to a code division multiple access (CDMA) based mobile communication network. A wireless terminal comprising at least one mobile communication terminal, and / or a portable internet terminal connected to an IEEE 802.16 based high speed wireless internet, and / or a wireless data communication terminal connected to a DataTAC / Mobitex based wireless data communication network. And at least one), wherein the customer terminal 475 is connected to the electronic document registration server 400. Attaching the electronic signature of the customer to a function configuration (for example, a browser program and a communication function) for outputting at least one interface screen provided, and a predetermined digital document provided by the electronic document registration server 400; And / or a predetermined public certificate for encryption is provided.

Those skilled in the art to which the present invention pertains will be able to easily infer the characteristics of the customer terminal 475 corresponding to at least one or more wired terminal and / or wireless terminal, detailed description thereof Omit for convenience.

When the customer terminal 475 is a wired terminal according to an embodiment of the present invention, the network means includes the TCP / IP based wired network, and when the customer terminal 475 is a wireless terminal, The network means preferably comprises at least one of the CDMA based mobile communication network, and / or IEEE 802.16 based high speed wireless Internet, and / or DataTAC / Mobitex based wireless data communication network.

According to an embodiment of the present invention, the electronic document registration server 400 is provided with the customer terminal 475 through the network means to provide a web interface corresponding to the customer terminal 475 and the network means. And an interface unit 405 for connecting and managing a communication channel, whereby the electronic document registration server 400 communicates with the customer terminal 475 through a wired network and / or a wireless network. It has the function of a web server.

According to an embodiment of the present invention, when the customer terminal 475 is a wired terminal to which a communication channel is connected through a wired network based on TCP / IP, the interface unit 405 may connect the customer terminal 475 and HTTP ( Connect a predetermined communication channel based on the Hyper-Text Transfer Protocol protocol, and convert the electronic document to an interface screen in the form of a Hyper-Text Markup Language (HTML) compatible document to the customer terminal 475 through the communication channel. It is preferable to perform a function of including and providing a predetermined digital document, and receiving and processing the electronic document generated by attaching the digital signature of the customer to the digital document through the interface screen in the customer terminal 475.

According to another exemplary embodiment of the present invention, when the customer terminal 475 is a wireless terminal to which a communication channel is connected through a CDMA based wireless network, the interface unit 405 connects to the customer terminal 475 and a WAP (Wireless). Connect a predetermined communication channel based on the Application Protocol and / or Mobile Explorer (ME) protocol, and the interface in the form of a WML (Wireless Markup Language) and / or HTML compatible document to the customer terminal 475 through the communication channel. Provide a predetermined digital document to be converted into an electronic document on the screen, and receives and processes the electronic document generated by attaching the digital signature of the customer to the digital document through the interface screen in the customer terminal 475 It is preferable to carry out.

According to another exemplary embodiment of the present invention, when the customer terminal 475 is a wireless terminal to which a communication channel is connected through an IEEE 802.16 based wireless network, the interface unit 405 is connected to the customer terminal 475. A predetermined communication channel is connected based on a wireless protocol corresponding to the IEEE 802.16 standard, and an interface screen including a predetermined digital document is transmitted to the customer terminal 475 via the communication channel and outputted. It is preferable to perform a function of receiving and processing a predetermined electronic document generated through the interface screen 475, and / or the communication terminal is connected to the customer terminal 475 through a DataTAC / Mobitex based wireless network. In the case of a wireless terminal, the interface unit 405 is predetermined based on a wireless protocol corresponding to the customer terminal 475 and the DataTAC / Mobitex standard. Connects a communication channel, transmits and outputs an interface screen including a predetermined digital document to the customer terminal 475 via the communication channel, and generates a predetermined electronic image generated through the interface screen from the customer terminal 475. It is preferable to perform a function of receiving and processing a document.

Referring to FIG. 4, the electronic document registration server 400 may access the document D / B 115 when a predetermined customer terminal 475 accesses the electronic document registration server 400 through the interface unit 405. Attach the electronic signature of the customer to a document extracting unit 415 for extracting at least one digital document to be provided to the customer terminal 475 and a predetermined digital document extracted by the document extracting unit 415. An interface generation unit 410 for generating (or extracting) a predetermined interface screen for generating a predetermined electronic document, and the digital terminal to the customer terminal 475 in association with the interface unit 405. A document transmitter 420 for providing an interface screen and a document receiver for receiving an electronic document generated by attaching the digital signature of the customer to the digital document through the interface screen in the client terminal 475. 425, a validity authentication unit 430 for authenticating the validity of the received electronic document, and a document registration unit 435 for providing and registering the validity-certified electronic document to a predetermined electronic document management server 100. It is characterized by comprising a).

The document extracting unit 415 is connected to the electronic document registration server 400 through a predetermined customer terminal 475 through the interface unit 405. And extracting at least one digital document to be provided.

According to an exemplary embodiment of the present invention, when a predetermined customer registers (or logs in) through the customer terminal 475, the document extractor 415 may generate the document based on the membership (or log in) information. It is preferable to extract at least one digital document to be provided to the customer terminal 475 by referring to document information (eg, customer information corresponding to the digital document) of the digital document stored in the D / B 115.

The interface generator 410 extracts the digital document from the document D / B 115 at least one digital document to be provided to the customer terminal 475. Providing and outputting to the terminal 475, a predetermined electronic signature attached to the digital document, and / or encrypted by the customer terminal 475 through a predetermined certificate to transmit to the electronic document registration server 400 Interface screen to be generated, and / or extracted from a predetermined database (not shown).

The document transmission unit 420 works in conjunction with the interface unit 405 to display an interface screen (for example, a screen for providing a digital document) generated by the interface generation unit 410 through the network means. 475), at least one digital document to be converted into the electronic document is output to the customer terminal 475.

If the customer corresponding to the digital document approves (or agrees) to convert the digital document (or paper document) into a predetermined electronic document, the customer attaches the digital signature to the digital document through a predetermined certificate. Generate a predetermined electronic document, wherein the electronic document includes at least one of a symmetric key (or secret key) encryption method, a public key encryption method, and / or an electronic envelope encryption method, and / or a key exchange encryption method. The data is encrypted by an encryption method and transmitted to the electronic document registration server 400.

When the electronic document (eg, a digital document to which the electronic signature of the customer is attached) is transmitted from the customer terminal 475 through the network means, the information receiving unit 425 works in conjunction with the interface unit 405. Characterized in that the document is received, the received electronic document is provided to the validity authentication unit 430.

The validity authentication unit 430 decrypts the electronic document using at least one decryption method corresponding to the encryption method when the electronic document is received encrypted by the at least one encryption method in the customer terminal 475. This ensures confidentiality, authentication and integrity that the customer has approved (or agreed to) converting the digital document (or paper document) to the electronic document.

Also, the validity authentication unit 430 confirms (or agrees) that the customer converts the digital document (or paper document) into the electronic document by checking the electronic signature attached to the decrypted electronic document. Authentication, Integrity and Nonrepudiation are secured.

If the validity of the electronic document is authenticated, the document registration unit 435 provides the electronic document (eg, a digital document to which the electronic signature of the customer is attached) to a predetermined electronic document management server 100, thereby providing the electronic document. The electronic document is managed in a predetermined storage medium managed by the document management server 100.

According to another embodiment of the present invention, the document registration unit 435 is a paper document before the electronic document (or digital document) is generated from the branch (or branch) of the financial institution of the electronic document (or digital document) By transmitting to the teller terminal of the branch (or branch) of the financial institution that manages the, the validity of the electronic document (or digital document) from the teller terminal is authenticated, the electronic document validated at the teller terminal said By providing the electronic document management server 100, it is possible to manage the electronic document by storing it in a predetermined storage medium managed by the electronic document management server 100, whereby the present invention is not limited.

According to one embodiment of the invention, the electronic document management server 100 preferably comprises an electronic document management server 100 of the electronic document storage provided in the financial institution, in this case the electronic document registration server The 400 and the electronic document management server 100 may be connected through the financial network and / or implemented on one server according to the intention of the person skilled in the art, and the present invention is not limited thereto.

According to another embodiment of the present invention, the electronic document management server 100 preferably comprises an electronic document management server 100 of the authorized electronic document storage provided outside the financial institution, in this case Electronic document registration server 400 and the electronic document management server 100 is preferably connected through a predetermined communication network, the electronic document transmission and reception procedure between the electronic document registration server 400 and the electronic document management server 100 is Comply with the communication standards defined by the electronic document storage.

Referring to FIG. 4, the electronic document management server 100 includes an electronic document receiving unit 105 that receives at least one electronic document from the electronic document registration server 400, and stores the received electronic document in a predetermined storage medium. Characterized in that the electronic document storage unit 110 to be stored in the.

According to the present invention, when the electronic document management server 100 is provided in the authorized electronic document storage outside the financial institution, the electronic document management server 100 receives the electronic document registration result of the financial institution and / or customer And a registration result notification unit for notifying the communication means.

According to another embodiment of the present invention, before the electronic document storage unit 110 stores the electronic document in the storage medium, the electronic document (or digital document) is generated from a branch (or branch) of the financial institution. By providing the electronic document (or digital document) to a teller terminal of a branch (or branch) of a financial institution that manages a paper document before it is received, the validity of the electronic document (or digital document) is authenticated from the teller terminal. In addition, it is possible to store the electronic document validated in the window terminal on the storage medium, and the present invention is not limited thereto.

According to the implementation method of the present invention, the electronic document is normally registered in the electronic document repository from the registration result notification unit of the electronic document management server 100 to the financial institution (for example, the electronic document registration server 400). If notified, it is preferable that the financial institution dispose of the paper document, thereby reducing the paper document management cost.

5 is a diagram illustrating a process of requesting a financial institution to convert a paper document into an electronic document by a financial institution according to an exemplary embodiment of the present invention.

In more detail, FIG. 5 refers to the financial transaction customer with reference to the document management information in the process of providing at least one or more message information (eg, loan expiration extension request, etc.) to at least one financial transaction customer at a predetermined financial institution. The present invention relates to a process of requesting the paper document to be converted into a predetermined electronic document. Those skilled in the art may refer to and / or modify the paper document to convert the paper document into a predetermined electronic document. Various implementation methods may be inferred for requesting conversion to a document, but the present invention includes all of the inferred implementation methods, and the present invention is not limited by the drawings.

Hereinafter, in FIG. 5, the information providing server 445 shown in FIG. 4 is referred to as a "server" for convenience.

Referring to FIG. 5, the server provides at least one information in connection with a financial system 125 (eg, a financial system 125 having a DBMS 130 for storing document management information) provided in the financial institution. Identifying the target customer 500 and extracting and reading predetermined document management information for the information providing target customer from the DBMS 130 on the financial system 125 to correspond to the target information providing target customer. In operation 510, whether to request to convert at least one digital document (or paper document) to a predetermined electronic document is checked.

If the verification result does not request to convert the digital document (or paper document) of the information providing customer to a predetermined electronic document (515), the server generates only predetermined message information to be provided to the information providing customer communication means. (520).

On the other hand, if the verification result is requested to convert the digital document (or paper document) of the information target customer to a predetermined electronic document (515), the server provides at least one digital document (or paper document) to the information target customer Generates predetermined message information to be provided to the information providing customer communication means, including the electronic document switching request information requesting to switch to a predetermined electronic document (525).

Thereafter, the server transmits the generated message information to the customer communication means through a predetermined information transmission means (530), and the message information transmission process is repeatedly performed for all the confirmed information providing target customers. It is preferred (535).

According to an embodiment of the present invention, the customer who has received the message information including the electronic document switch request information is shown in FIG. 4 through a predetermined network means by using the customer terminal 475 shown in FIG. By connecting to the electronic document registration server 400, a process of converting the digital document (or paper document) into a predetermined electronic document is started.

6 is a diagram illustrating a process of generating an electronic document from a digital document (or paper document) according to an embodiment of the present invention.

More specifically, FIG. 6 approves (or agrees) that a financial transaction customer who has received message information including predetermined electronic document conversion request information through the process shown in FIG. 5 converts the paper document into an electronic document. In this case, the financial institution provides the digital document to the customer terminal 475, and the process of generating a predetermined electronic document by adding the digital signature of the customer to the digital document, the present invention Those skilled in the art will be able to infer various implementation methods for generating a predetermined electronic document from the digital document (or paper document) by referring to and / or modifying the present invention. All inferred implementation methods are included, and the present invention is not limited by the drawing.

Hereinafter, in FIG. 6, the customer terminal 475 shown in FIG. 4 is called "terminal" for convenience, and the electronic document registration server 400 shown in FIG. 4 is called "server" for convenience.

Referring to FIG. 6, a financial transaction customer who has received message information including predetermined electronic document conversion request information through the process shown in FIG. 5 approves (or agrees) to convert the paper document into an electronic document. In this case, the financial transaction customer accesses the server through a predetermined network means using a predetermined terminal and performs a membership (or login) procedure for predetermined customer authentication (600). It is checked whether the at least one digital document (or paper document) is converted into a predetermined electronic document by referring to the document D / B 115 shown in FIG. 4 through the membership (or login) information (605). .

According to an embodiment of the present invention, at least one digital document (for example, digital to be converted into a predetermined electronic document) that matches the membership (or login) information in the document D / B 115 shown in FIG. Document), the server confirms that the digital document (or paper document) should be converted into a predetermined electronic document.

If it is determined that the digital document (or paper document) does not need to be converted into a predetermined electronic document (for example, matching the registration (or login) information to the document D / B 115 shown in FIG. If at least one digital document does not exist) (610), the server terminates the process of converting at least one digital document (or paper document) to an electronic document.

On the other hand, if the digital document (or paper document) needs to be converted into a predetermined electronic document as a result of the verification (for example, at least a document matching the membership (or login) information to the document D / B 115 shown in FIG. If one or more digital documents exist) (610), the server extracts (615) at least one or more digital documents to be converted to a predetermined electronic document from the document D / B 115 shown in Figure 4, the digital Generate (or extract) a predetermined electronic document switching interface screen including a document (620), and provide and output an electronic document switching interface screen including the extracted digital document to the terminal through a predetermined network means ( 625).

Thereafter, the terminal checks the digital document through the electronic document switching interface screen, and confirms whether the user approves the conversion of the digital document (or paper document) into a predetermined electronic document (630).

According to an embodiment of the present invention, when a procedure of attaching a predetermined electronic signature to the digital document is initiated through the public certificate of the customer, the customer converts the digital document (or paper document) into a predetermined electronic document. It is considered to be approved.

If the terminal is approved to convert the digital document (or paper document) into a predetermined electronic document (635), the terminal attaches the electronic signature of the customer to the digital document through a predetermined certificate (640) ), A predetermined electronic document corresponding to the digital document (or paper document) is generated.

Thereafter, the terminal performs an encryption procedure for the electronic document (eg, a digital document with a customer electronic signature attached) (645), and transmits the encrypted electronic signature to the server through a predetermined network means (650). ).

7 is a diagram illustrating a process of registering an electronic document in an electronic document repository according to an embodiment of the present invention.

In more detail, in FIG. 7, when a predetermined electronic document is generated through the digital document (or paper document) through the process illustrated in FIG. 6, the drawing 7 registers the generated electronic document in a predetermined electronic document repository. For example, those of ordinary skill in the art to which the present invention pertains may refer to and / or modify this drawing 7 to transfer a predetermined electronic document generated from the digital document (or paper document) to a predetermined electronic document repository. Various implementation methods of registering may be inferred, but the present invention encompasses all of the inferred implementation methods, and the present invention is not limited by the drawing.

In the following, the digital signature registration server shown in FIG. 4 is referred to as "server" in FIG.

Referring to FIG. 7, when a predetermined electronic document is generated, encrypted, and transmitted in the customer terminal 475 through the process illustrated in FIG. 6, the server receives the encrypted electronic document and the customer terminal 475. In step 700, a decryption procedure for decrypting the electronic document is performed by using a predetermined decryption method corresponding to the encryption method performed in FIG.

Thereafter, the server verifies the validity of the electronic document by checking the electronic signature included in the electronic document (705). If the validity of the electronic document is not authenticated (710), the server checks the electronic signature. Validation error information for the document is generated and transmitted to the customer terminal 475 (715), and the process of registering the electronic document in a predetermined electronic document storage is terminated.

On the other hand, if the validity of the electronic document is authenticated (710), the server transmits the electronic document of the validity is authenticated to the electronic document management server 100 and requests to register in the electronic document storage (720), In response, the electronic document management server 100 receives the electronic document and stores the electronic document in a predetermined storage medium (725).

Thereafter, the electronic document management server 100 generates an electronic document registration result for the electronic document and transmits it to the server (eg, a financial institution) (730). Disposal procedures for paper documents converted to electronic documents can be performed.

8 is a diagram illustrating a method for generating an electronic signature by attaching an electronic signature to a digital document in the client terminal 475 according to the embodiment of the present invention.

In more detail, FIG. 8 illustrates an implementation method of generating a predetermined electronic document by attaching an electronic signature to a digital document provided from the electronic document registration server 400 in the customer terminal 475. However, the present invention may infer various implementation methods of electronic signature processing of the digital document in the client terminal 475 by referring to and / or modifying the present invention. It includes all the implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 8 according to the embodiment of the present invention, the customer private key is preferably read from the public certificate provided in the customer terminal 475, the public certificate is a predetermined provided in the customer terminal (475) Stored in a memory unit and / or stored in an ID-000 type IC chip (or IC card) mounted on or detached from the customer terminal 475, and / or a predetermined IC in the customer terminal 475 When a card reader is provided, it is possible to store all of the IC card inserted into the IC card reader, and the present invention is not limited thereto.

Referring to FIG. 8, when it is approved to convert the digital document (or paper document) into a predetermined electronic document (800), the customer terminal 475 is assigned a predetermined one-way hash function (e.g., the length of the digital document). A one-way hash function that generates a Message Digest that contains a hash code of any length, and cannot identify (or infer) the original message via the hash code (or message digest). Hash Function) The sender and the receiver use the same hash function to generate a predetermined message digest from the digital document (805).

Here, the one-way hash function is defined as a one-way hash function identical to the hash function defined in the electronic document registration server 400 for confirming the electronic signature according to FIG. 8.

Thereafter, the customer terminal 475 extracts a predetermined customer private key for encrypting the message digest from the authorized certificate (810), and encrypts the message digest using the extracted customer private key (815).

Here, the encryption function of the customer terminal 475 is called E (Encryption), the customer private key is k1 (key), the message digest is M (Messge digest), and the message digest encrypted with the customer private key is C. In the case of (Ciphertext), the encryption function of the customer terminal 475 can be expressed by a formula such as "Ek1 (M) = C".

According to an embodiment of the present invention, the algorithm for encrypting the message digest by the customer terminal 475 via the customer private key includes RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), and DH. (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, at least one of the ECDH is preferably included. In addition to the various encryption algorithms may be used, the present invention by a specific encryption algorithm It is not limited.

For example, in the case of encrypting the message digest through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the customer terminal 475 may be expressed as" C = Ek1 (M) = Me mod n ".

Thereafter, the customer terminal 475 connects the digital document and the message digest encrypted with the customer private key to generate a predetermined electronic document (820), and the generated electronic document is then encrypted using at least one encryption method. Can be.

9 is a diagram illustrating a method for confirming an electronic signature attached to an electronic document in the electronic document registration server 400 according to an embodiment of the present invention.

In more detail, FIG. 9 is an embodiment in which the electronic document registration server 400 confirms the customer electronic signature attached to an electronic document generated by attaching a customer electronic signature to a predetermined digital document from the customer terminal 475. As to a method, the present invention is known to those skilled in the art to which the present invention pertains, referring to and / or modifying the digital signature of the electronic signature attached to the electronic signature in the customer terminal 475. Various implementation methods for identifying may be inferred, but the present invention includes all the inferred implementation methods and is not limited to the implementation method shown in FIG.

In this figure 9 according to an embodiment of the present invention, the customer public key for confirming the electronic signature is preferably extracted from a predetermined directory operated and managed by a certification authority that issues the certificate to the customer terminal 475. And / or a copy of the certificate including the customer public key may be further received from the customer terminal 475 and received by the electronic document registration server 400 (not shown), thereby limiting the present invention. No.

Referring to FIG. 9, when a predetermined electronic document is provided to the validity authentication unit 430 (900), the validity authentication unit 430 is a predetermined directory and / or the authorized certificate operated and managed by the certification authority. A customer public key for decrypting the message digest encrypted with the customer private key is extracted from the client public key (905), and the encrypted message digest is decrypted using the extracted customer public key (910).

Here, the decryption function of the digital signature verification unit is called D (Decryption), the message digest encrypted with the customer public key k2 (key), the message digest encrypted with the customer private key C (Ciphertext), and the customer public key. If M is a message digest, the function of the digital signature verification unit to decrypt the encrypted message digest may be expressed by a formula such as "Dk2 = M, or Dk2 (Ek (M)) = M".

According to the embodiment of the present invention, the algorithm for decrypting the message digest encrypted by the customer private key in the customer terminal 475 through the customer public key, RSA (Ron Rivest, Adi Shamir, Len Adleman) (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, ECDH, or at least one of the following. However, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

For example, in the case of decoding the message digest through the RSA decryption algorithm, among the decryption algorithms, n is a published method used in the decryption process, n is a non-disclosed prime number with different prime factors of n and a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). ) (b-1) ", wherein the decryption function of the digital signature verification unit may be expressed as" M = Dk2 = Cd mod n ".

Thereafter, the validity authentication unit 430 generates a predetermined message digest by applying a one-way hash function that is the same as the one-way hash function generated by the client terminal 475 to the digital document included in the electronic document. In operation 915, the validity of the electronic document is verified by comparing the generated message digest with the decrypted message digest.

If the generated message digest coincides with the decrypted message digest (925), the validity authentication unit 430 determines the confidentiality, authentication, integrity, and nonrepudiation of the electronic document. Non-repudiation) is processed to confirm the digital signature (930).

On the other hand, if the generated message digest and the decrypted message digest do not match (925), the validity authentication unit 430 processes the electronic document as invalid.

FIG. 10 is a diagram illustrating a method for encrypting and transmitting an electronic document in a symmetric key (or secret key) method in a client terminal 475 according to an embodiment of the present invention.

More specifically, FIG. 10 is a method for encrypting and transmitting an electronic document in a symmetric key (or secret key) method in a customer terminal 475 equipped with an encryption function as shown in FIG. 4. Those skilled in the art can refer to and / or modify this drawing 10 to implement various methods of encrypting the electronic document in a symmetric key (or secret key) manner at the client terminal 475 on the network means. It may be inferred, but the present invention includes all the inferred implementation method, and is not limited to the implementation method shown in FIG.

In this figure 10 according to the embodiment of the present invention, the symmetric key (or secret key) is preferably read from the public certificate provided in the customer terminal 475, the public certificate is the customer terminal 475 Stored in a predetermined memory unit and / or stored in an ID-000 type IC chip (or IC card) mounted on or detached from the customer terminal 475, and / or the customer terminal 475 In the case where a predetermined IC card reader is provided, all of them can be stored in an IC card inserted into the IC card reader, and the present invention is not limited thereto.

According to another embodiment of the present invention, the symmetric key (or secret key) is stored in the memory unit provided in the customer terminal 475 in addition to the public certificate, and / or from the electronic document registration server 400 to the customer terminal. It can be included in the interface screen provided in 475, and / or embedded in a communication program communicating with the electronic document registration server 400 on the customer terminal 475, thereby limiting the anti-invention. Not.

Referring to FIG. 10, when a predetermined electronic document is generated by attaching a predetermined pre-consultation to the digital document at the customer terminal 475 (1000), the customer terminal 475 is connected to the customer terminal 475. A predetermined symmetric key (or secret key) for encrypting the electronic document is read (1005) from the provided public certificate, and the electronic document is encrypted (1010) through the read symmetric key (or secret key).

Here, the encryption function of the customer terminal 475 is called E (Encryption), the symmetric key (or secret key) is k (key), the electronic document is P (Plaintext), and the symmetric key (or secret key). If the electronic document encrypted with C) is C (Ciphertext), the encryption function of the customer terminal 475 can be expressed by a formula such as "Ek (P) = C".

According to an embodiment of the present invention, the algorithm for encrypting the electronic document through the symmetric key (or secret key) by the customer terminal 475 may include SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA. It is preferable to include at least one or more of the International Data Encryption Algorithm, and in addition, various types of encryption algorithms may be used, but the present invention is not limited to a specific encryption algorithm.

The electronic document encrypted through the symmetric key (or secret key) as described above is transmitted to the electronic document registration server 400 through a predetermined network means (1015).

11 is a diagram illustrating a method of decrypting an electronic document encrypted and received by the electronic document registration server 400 using a symmetric key (or secret key) method according to an embodiment of the present invention.

In more detail, FIG. 11 shows a symmetric key (or a secret key) in the electronic document registration server 400 as shown in FIG. 4 for receiving the electronic document encrypted from the customer terminal 475 having the encryption function as shown in FIG. A method for decrypting by a method according to an embodiment of the present invention, and the present invention is known to those skilled in the art to which the present invention pertains. Various implementation methods for decrypting a document in a symmetric key (or secret key) manner may be inferred, but the present invention includes all the inferred implementation methods and is not limited to the implementation method shown in FIG.

In this figure 11 according to the embodiment of the present invention, the symmetric key (or secret key) is preferably read from the public certificate provided in the electronic document registration server 400, the public certificate is the electronic document registration server It is preferably stored in a predetermined database (not shown) that cooperates with 400, whereby the present invention is not limited.

Referring to FIG. 11, the document receiving unit 105 of the electronic document registration server 400 receives the encrypted electronic document through the network means and provides it to the validity authentication unit 430 (1100). The electronic document is preferably received via a communication protocol stack defined in the network means.

Thereafter, the validity authentication unit 430 extracts a predetermined symmetric key (or secret key) for decrypting the encrypted electronic document from the public certificate provided in the electronic document registration server 400 (1105). The encrypted electronic document is decrypted using the extracted symmetric key (or secret key) (1110).

Here, the decryption function of the validity authentication unit 430 is called D (Decryption), the symmetric key (or secret key) is k (key), and the electronic document encrypted with the symmetric key (or secret key) is C ( Ciphertext) and the electronic document to be decrypted are P (Plaintext), the function of the validity authentication unit 430 decrypting the encrypted electronic document is "Dk = P, or Dk (Ek (P)) = P". Can be expressed as an expression such as "

According to the embodiment of the present invention, the algorithm for decrypting the encrypted electronic document by the validity authentication unit 430 using the symmetric key (or secret key) may include SEED, DES (Data Encryption Standard), Triple-DES, At least one of Skipjack and International Data Encryption Algorithm (IDEA) is preferably included. Various types of decryption algorithms may be used. However, the decryption algorithm is based on the encryption algorithm used in the client terminal 475. Characterized by matching, the present invention is not limited by a specific decoding algorithm.

When the electronic document encrypted through the symmetric key (or secret key) is decrypted as described above, the validity authentication unit 430 checks the electronic signature attached to the electronic document.

FIG. 12 is a diagram illustrating a method for encrypting and transmitting an electronic document in a public key infrastructure in a client terminal 475 according to an embodiment of the present invention.

More specifically, FIG. 12 is an embodiment of the present invention for encrypting and transmitting the electronic document in a public key infrastructure structure in a customer terminal 475 equipped with an encryption function as shown in FIG. 4. In the technical field to which the present invention pertains, FIG. One of ordinary skill in the art would be able to infer various implementation methods for encrypting the electronic document in a public key manner at the client terminal 475 on the network means by referring to and / or modifying this drawing 12. Includes all of the inferred implementation methods and is not limited to the implementation method illustrated in FIG.

In this figure 12 according to the embodiment of the present invention, the financial company public key is preferably read from the public certificate provided in the customer terminal 475, and the public certificate is provided in the customer terminal 475 Is stored in a memory unit of the ID, and / or stored in an IC chip (or IC card) of ID-000 type to be mounted on or detached from the customer terminal 475, and / or to the customer terminal 475. When the IC card reader is provided, it is possible to store all of the IC card inserted into the IC card reader, and the present invention is not limited thereto.

Alternatively, the public company public key may be extracted from a predetermined directory (not shown) which is operated and managed by a certification authority that issues the public certificate to the customer terminal 475, and the present invention is not limited thereto.

Referring to FIG. 12, when a predetermined electronic document is generated by attaching a predetermined electronic document to the digital document in the customer terminal 475 (1200), the customer terminal 475 receives the electronic document from the authorized certificate. A predetermined financial company public key for encryption is extracted (1205), and the electronic document is encrypted (1210) using the extracted financial company public key.

Herein, the encryption function of the customer terminal 475 is called E (Encryption), the financial company public key is k1 (key), the electronic document is P (Plaintext), and the electronic document encrypted with the financial company public key is C ( Ciphertext), the encryption function of the customer terminal 475 can be expressed by an expression such as "Ek1 (P) = C".

According to an embodiment of the present invention, the algorithm for encrypting the electronic document by the customer terminal 475 through the public company public key includes RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), and DH. (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, at least one of the ECDH is preferably included. In addition to the various encryption algorithms may be used, the present invention by a specific encryption algorithm It is not limited.

For example, in the case of encrypting the electronic document through the RSA encryption algorithm among the encryption algorithms, the published method (Modulus) used in the encryption process is n, and the undisclosed prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the customer terminal 475 may be expressed as" C = Ek1 (P) = Pe mod n ".

The electronic document encrypted through the financial company public key as described above is transmitted to the electronic document registration server 400 through a predetermined network means (1215).

FIG. 13 is a diagram illustrating a method for decrypting an electronic document encrypted and received by an electronic document registration server 400 in a public key infrastructure according to an embodiment of the present invention.

In more detail, FIG. 13 shows the electronic document encrypted and received from the customer terminal 475 having the encryption function as shown in FIG. 4 in a public key infrastructure structure at the electronic document registration server 400 as shown in FIG. The present invention relates to an embodiment of decryption, which has a general knowledge in the technical field to which the present invention pertains. Various implementation methods for decrypting a document in a public key based structure may be inferred, but the present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In FIG. 13 according to the embodiment of the present invention, the financial company private key for decrypting the electronic document encrypted with the public company public key in a public key infrastructure is read from the public certificate provided in the electronic document registration server 400. Preferably, the public certificate is preferably stored in a predetermined database (not shown) interworking with the electronic document registration server 400, whereby the present invention is not limited.

Referring to FIG. 13, the document receiving unit 105 of the electronic document registration server 400 receives an encrypted electronic document through the network means and provides the encrypted electronic document to the validity authentication unit 430 (1300). Is preferably received via a communication protocol stack defined in said network means.

Thereafter, the validity authentication unit 430 extracts a financial company private key for decrypting the encrypted electronic document from the public certificate provided in the electronic document registration server 400 (1305), and extracts the extracted financial company private key. The encrypted electronic document is decrypted through 1310.

Here, the decryption function of the validity authentication unit 430 is called D (Decryption), and the financial document private key is k2 (key), and the electronic document encrypted with the financial company public key is decrypted with C (Ciphertext) and the financial company private key. When the electronic document is called P (Plaintext), the function of decrypting the encrypted electronic document by the validity authentication unit 430 may be expressed by a formula such as "Dk2 = P, or Dk2 (Ek (P)) = P". Can be.

According to an embodiment of the present invention, an algorithm for the validity authentication unit 430 to decrypt the electronic document encrypted with the financial company public key in the customer terminal 475 through the private financial company private key is RSA (Ron Rivest, Adi Shamir, Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. However, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

For example, when the electronic document is decrypted through an RSA decryption algorithm among the public key based decryption algorithms, n is a public method (Modulus) used in the decryption process and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decryption function of the validity authentication unit 430 may be expressed as" P = Dk2 = Cd mod n ".

When the electronic document encrypted with the financial company public key is decrypted by the financial terminal private key as described above, the validity authentication unit 430 checks the electronic signature attached to the electronic document.

14 is a diagram illustrating a method of encrypting and transmitting an electronic document in an electronic envelope method in a customer terminal 475 according to an embodiment of the present invention.

In more detail, FIG. 14 is an embodiment of the present invention for encrypting and transmitting the electronic document in an electronic envelope method in the customer terminal 475 equipped with an encryption function as shown in FIG. 4, which is common in the art. With knowledge, it would be possible to infer various implementation methods for encrypting the electronic document in an electronic envelope manner at the client terminal 475 on the network means by referring to and / or modifying this figure 14, It includes all the inferred implementation method, and is not limited to the implementation method shown in FIG.

In this figure 14 according to the embodiment of the present invention, the financial company public key is preferably read from the public certificate provided in the customer terminal 475, and the public certificate is provided in the customer terminal 475. Stored in a memory unit and / or stored in an ID-000 type IC chip (or IC card) mounted on or detached from the customer terminal 475, and / or a predetermined IC in the customer terminal 475 When a card reader is provided, it is possible to store all of the IC card inserted into the IC card reader, and the present invention is not limited thereto.

Alternatively, the public company public key may be extracted from a predetermined directory (not shown) which is operated and managed by a certification authority that issues the public certificate to the customer terminal 475, and the present invention is not limited thereto.

Referring to FIG. 14, when a predetermined electronic document is generated by attaching a predetermined electronic document to the digital document in the customer terminal 475 (1400), the customer terminal 475 secrets the electronic document. A predetermined random secret key for encrypting using a key, a symmetric key) is generated (1405), and the electronic document is encrypted (1410) using the generated secret key.

Here, the encryption function of the customer terminal 475 is called E (Encryption), the secret key is r (random secret key), the electronic document is P (Plaintext), and the electronic document encrypted with the secret key is C ( Ciphertext), the encryption function of the customer terminal 475 can be expressed by a formula such as "Er (P) = C".

According to an embodiment of the present invention, the algorithm for encrypting the electronic document by the customer terminal 475 using the secret key includes SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, and International Data Encryption Algorithm (IDEA). It is preferable to include at least one of), and in addition to the encryption algorithm of various forms may be used, but the present invention is not limited by a specific encryption algorithm.

Thereafter, the client terminal 475 encrypts the secret key (random secret key) used to encrypt the electronic document. For this purpose, the client terminal 475 extracts a predetermined financial company public key from the public certificate ( In operation 1420, the private key is encrypted using the financial company public key.

Here, the encryption function of the customer terminal 475 is referred to as E (Encryption), the financial company public key is k1 (key), the secret key is r (random Secret key), and the private key encrypted with the financial company public key. Suppose C (Ciphertext), the encryption function of the customer terminal 475 can be expressed by a formula such as "Ek1 (r) = C".

According to an embodiment of the present invention, the algorithm for the customer terminal 475 to encrypt the secret key through the financial company public key is RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), DH. (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, at least one of the ECDH is preferably included. In addition to the various encryption algorithms may be used, the present invention by a specific encryption algorithm It is not limited.

For example, in the case of encrypting the secret key through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the customer terminal 475 may be expressed as" C = Ek1 (r) = re mod n ".

If the electronic document is encrypted with the secret key and the secret key is encrypted with the financial company public key, the client terminal 475 associates the electronic document encrypted with the secret key with the private key encrypted with the financial company public key. The transaction data is transmitted to the electronic document registration server 400 through a predetermined network means (1425).

15 is a diagram illustrating a method of decrypting an electronic document encrypted and received by an electronic document registration server 400 in an electronic envelope method according to an embodiment of the present invention.

In more detail, FIG. 15 shows the transaction data in the electronic document registration server 400 as shown in FIG. 4, which receives the transaction data including the encrypted electronic document from the customer terminal 475 equipped with the encryption function as shown in FIG. The present invention relates to a method of decrypting by an electronic envelope method. If the present invention belongs to those skilled in the art, the electronic device of the customer terminal 475 on the network means may be referred to and modified with reference to FIG. Various implementation methods for decrypting the envelope-encrypted transaction data in the same electronic envelope method may be inferred, but the present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG. .

In this figure 15 according to the embodiment of the present invention, the financial company private key for decrypting the transaction data in an electronic envelope method is preferably read from the public certificate provided in the electronic document registration server 400, the public certificate Is preferably stored in a predetermined database (not shown) in conjunction with the electronic document registration server 400, thereby the present invention is not limited.

Referring to FIG. 15, the document receiving unit 105 of the electronic document registration server 400 receives predetermined transaction data including an encrypted electronic document through the network means and provides the received transaction data to the validity authentication unit 430. Preferably, the transaction data is received via a communication protocol stack defined in the network means.

Thereafter, the validity authentication unit 430 extracts a financial company private key for decrypting the encrypted secret key included in the transaction data from the public certificate provided in the electronic document registration server 400 (1505), and the extraction. Decrypting the secret key encrypted with the financial company public key in the customer terminal 475 through the financial company private key (1510), extracts a predetermined secret key for decrypting the electronic document (1515), the extracted secret By decrypting the electronic document using a key (1520), the electronic device (475) extracts the electronic document encrypted with the secret key (1525).

Here, the decryption function of the validity authentication unit 430 is referred to as D (Decryption), and the financial company private key is k2 (key), and the private key encrypted with the financial company public key is decrypted with C (Ciphertext) and the financial company private key. If the secret key is r (random secret key), the function of decrypting the encrypted secret key by the validity authentication unit 430 is expressed as "Dk2 = r, or Dk2 (Ek1 (r)) = r". It can be expressed as

According to an embodiment of the present invention, an algorithm for the validity authentication unit 430 to decrypt the private key encrypted with the financial company public key in the client terminal 475 through the private financial key, RSA (Ron Rivest, Adi Shamir, Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. However, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the secret key through the RSA decryption algorithm among the public key-based decryption algorithms, n is a public method (Modulus) used in the decryption process, and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decryption function of the validity authentication unit 430 may be expressed as" P = Dk2 = Cd mod n ".

Here, the decryption function of the validity authentication unit 430 is called D (Decryption), the secret key is r (random secret key), the electronic document encrypted with the secret key (C (Ciphertext)), and the decrypted When the electronic document is called P (Plaintext), the function of decrypting the encrypted electronic document by the validity authentication unit 430 may be expressed by a formula such as "Dr = P or Dr (Er (P)) = P". have.

According to the exemplary embodiment of the present invention, the algorithm for decrypting the encrypted electronic document by the validity authentication unit 430 may include SEED, Data Encryption Standard (DES), Triple-DES, Skipjack, and IDEA (International). It is preferable to include at least one or more of the Data Encryption Algorithm, and various types of decryption algorithms may be used, but the decryption algorithm is matched with the encryption algorithm used in the customer terminal 475. However, the present invention is not limited to the specific decoding algorithm.

When the electronic document is decrypted as described above, the validity authentication unit 430 performs a process of confirming the electronic signature attached to the electronic document.

16 is a diagram illustrating a method for encrypting and transmitting an electronic document in a key exchange method in a client terminal 475 according to an embodiment of the present invention.

In more detail, FIG. 16 is an embodiment of the present invention for encrypting and transmitting the electronic document in a key exchange method in a customer terminal 475 having an encryption function as shown in FIG. 4, which is common in the art. With knowledge, it would be possible to infer various implementation methods for encrypting the electronic document in a key exchange manner at the client terminal 475 on the network means by referring to and / or modifying this figure 16. It includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 16 according to the embodiment of the present invention, the customer private key and the financial company public key are preferably read from the public certificate provided in the customer terminal 475, and the public certificate is provided to the customer terminal 475. Stored in a predetermined memory unit and / or stored in an ID-000 type IC chip (or IC card) mounted on or detached from the customer terminal 475, and / or the customer terminal 475 In the case where a predetermined IC card reader is provided, all of them can be stored in an IC card inserted into the IC card reader, and the present invention is not limited thereto.

Alternatively, the customer private key and financial company public key may be extracted from a predetermined directory (not shown) operated and managed by a certification authority issuing the certificate to the customer terminal 475, whereby the present invention is provided. It is not limited.

Referring to FIG. 16, when a predetermined electronic document is generated by attaching a predetermined pre-consultation to the digital document in the customer terminal 475 (1600), the customer terminal 475 moves the electronic document in a predetermined one direction. Create a message digest including a hash function (eg, a hash code of a certain length regardless of the length of the electronic document), and identify the original message through the hash code (or message digest). A one-way hash function that cannot be inferred, and the client terminal 475 and the electronic document registration server 400 use the same hash function to generate a predetermined message digest (1605). Digitally sign 1610 by encrypting a message digest with the customer private key.

Here, the encryption function of the customer terminal 475 is called E (Encryption), the customer private key is t1 (17erminal side key), the message digest is m (message digest), and the message digest encrypted with the customer private key. If C (Ciphertext), the digital signature function of the customer terminal 475 can be expressed by a formula such as "Et1 (m) = C".

According to an embodiment of the present invention, the algorithm for encrypting the message digest by the customer terminal 475 via the customer private key includes RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), and DH. (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, at least one of the ECDH is preferably included. In addition to the various encryption algorithms may be used, the present invention by a specific encryption algorithm It is not limited.

For example, in the case of encrypting the message digest through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", where the digital signature function of the customer terminal 475 can be expressed as" C = Et1 (m) = me mod n ".

In addition, the client terminal 475 generates a random secret key for encrypting the electronic document using a secret key (symmetric key) method (1615), and the electronic document and the customer. The message digest encrypted with the private key and a copy of a certificate (for example, a certificate including a customer public key) included in the public certificate are linked to each other and encrypted through the generated secret key (1620).

Here, the encryption function of the client terminal 475 is called E (Encryption), the secret key is r (random secret key), the electronic document and the copy of the certificate P (Plaintext), and the electronic document encrypted with the secret key And a copy of the certificate C (Ciphertext), the encryption function of the customer terminal 475 can be expressed by a formula such as "Er (P) = C".

According to the method of the present invention, the algorithm for encrypting the electronic document and the copy of the certificate through the secret key, the customer terminal 475, SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA (International) It is preferable to include at least one or more of Data Encryption Algorithm, and in addition, various types of encryption algorithms may be used, but the present invention is not limited to a specific encryption algorithm.

In addition, the customer terminal 475 extracts a predetermined financial company public key from the authorized certificate to encrypt the private key that encrypts the electronic document (1625), and encrypts the electronic document using the financial company public key. One secret key is encrypted (1630).

Here, the encryption function of the customer terminal 475 is called E (Encryption), the financial company public key is s1 (server side key), the secret key is r (random Secret key), and the secret encrypted with the financial company public key. If the key is C (Ciphertext), the encryption function of the customer terminal 475 can be expressed by an expression such as "Es1 (r) = C".

According to an embodiment of the present invention, the algorithm for the customer terminal 475 to encrypt the secret key through the financial company public key is RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), DH. (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, at least one of the ECDH is preferably included. In addition to the various encryption algorithms may be used, the present invention by a specific encryption algorithm It is not limited.

For example, in the case of encrypting the secret key through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the customer terminal 475 may be expressed as" C = Es1 (r) = re mod n ".

When the electronic document, the message digest encrypted with the customer private key, and a copy of the certificate including the customer public key are linked to each other and encrypted through the generated private key, and the secret key is encrypted through the financial company public key, The client terminal 475 associates a copy of a certificate including the electronic document encrypted with the private key, the message digest encrypted with the customer private key, and the customer public key with a private key encrypted with the financial company public key. The transaction data is generated, and the generated transaction data is transmitted to the electronic document registration server 400 through a predetermined network means (1635).

17A and 17B illustrate a method of decrypting an electronic document encrypted and received by the electronic document registration server 400 by a key exchange method according to an embodiment of the present invention.

In more detail, FIGS. 17A and 17B illustrate an electronic document registration server 400 as illustrated in FIG. 4, in which transaction data including an encrypted electronic document is received from a customer terminal 475 having an encryption function as shown in FIG. 4. The present invention relates to a method of decrypting the transaction data in a key exchange method, and if the present invention belongs to one of ordinary skill in the art, referring to and / or modifying the drawing 17, the client terminal on the network means 475 However, various implementation methods for decrypting the transaction data encrypted by the key exchange scheme in the same key exchange scheme may be inferred, but the present invention includes all the inferred implementation methods, and the implementation method illustrated in FIG. It is not limited to this.

In FIG. 17 according to the embodiment of the present invention, the financial company private key and the customer public key for decrypting the transaction data in a key exchange method are read out from the public certificate provided in the electronic document registration server 400. In addition, the public certificate is preferably stored in a predetermined database (not shown) interworking with the electronic document registration server 400, and thus the present invention is not limited thereto.

Referring to FIGS. 17A and 17B, the document receiving unit 105 of the electronic document registration server 400 receives transaction data including the encrypted electronic document through the network means (1700), and transmits the transaction data. It is provided to the validity authentication unit 430 (1705), the transaction data is preferably received via a communication protocol defined in the network means, and / or with the electronic document and the customer private key encrypted with the secret key And a copy of the certificate including the encrypted message digest and the customer public key, and the private key encrypted with the financial institution public key.

Thereafter, the validity authentication unit 430 extracts the financial company private key from the authorized certificate provided in the electronic document registration server 400 to decrypt the private key encrypted with the financial company public key (1710). By decrypting the private key through a key (1715), the secret key for decrypting a copy of a certificate including the message digest encrypted with the electronic document and the customer private key and the customer public key is extracted (1720).

Here, the decryption function of the validity authentication unit 430 is referred to as D (Decryption), the private bank key is s2 (server side key), the private key encrypted with the bank public key is C (Ciphertext), and the bank private When a secret key decrypted with a key is r (random secret key), the function of the validity authentication unit 430 to decrypt the encrypted secret key is " Ds2 = r, or Ds2 (Es1 (r)) = r " The same formula can be used.

According to an embodiment of the present invention, an algorithm for the validity authentication unit 430 to decrypt the private key encrypted with the financial company public key in the client terminal 475 through the private financial key, RSA (Ron Rivest, Adi Shamir, Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. However, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the secret key through the RSA decryption algorithm among the public key-based decryption algorithms, n is a public method (Modulus) used in the decryption process, and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decryption function of the validity authentication unit 430 may be expressed as" P = Ds2 = Cd mod n ".

When the secret key is extracted as described above, the validity authentication unit 430 uses the extracted secret key to copy a certificate including the message digest and the customer public key encrypted with the electronic document and the customer private key. By decrypting (1725), a copy of the certificate including the electronic document encrypted with the secret key and the message digest encrypted with the customer private key and the customer public key is extracted.

Here, the decryption function of the validity authentication unit 430 is called D (Decryption), the secret key is r (random secret key), the electronic document encrypted with the secret key and the message digest encrypted with the customer private key and the If the copy of the certificate containing the customer public key is C (Ciphertext), and the copy of the certificate containing the decrypted electronic document and the customer private key and the copy of the certificate containing the customer public key is P (Plaintext), the validity The function of the authentication unit 430 decrypting the copy of the certificate including the encrypted message and the message digest encrypted with the customer private key is "Dr = P, or Dr (Er (P)) =". It can be expressed by an expression such as "P".

According to an embodiment of the present invention, the validity authentication unit 430 decrypts a copy of a certificate including the message digest encrypted with the encrypted electronic document and the customer private key and the customer public key through the secret key. Is preferably made of at least one of SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, and International Data Encryption Algorithm (IDEA), and various types of decryption algorithms may be used. The algorithm is characterized in that it matches the encryption algorithm used in the customer terminal 475, the present invention is not limited by a specific decryption algorithm.

In addition, the validity authentication unit 430 decrypts the message digest encrypted with the customer private key using the customer public key (1730), thereby generating a message digest generated and transmitted from the electronic document by the customer terminal 475. Extraction (1735).

Here, the decryption function of the validity authentication unit 430 is called D (Decryption), the customer public key is t2 (terminal side key), the message digest encrypted with the customer private key is C (Ciphertext), and the customer is disclosed. If the message digest to be decrypted with a key is m (Message Digest), the function of the validity authentication unit 430 to decrypt the encrypted message digest is "Dt2 = m, or Dt2 (Es1 (r)) = m". It can be expressed as an expression.

According to an embodiment of the present invention, an algorithm for the validity authentication unit 430 to decrypt a message digest encrypted with the customer private key in the customer terminal 475 through the customer public key may be RSA (Ron Rivest, Adi Shamir, Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. However, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the message digest through the RSA decryption algorithm of the public key-based decryption algorithm, n is a public method (Modulus) used in the decryption process and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decryption function of the validity authentication unit 430 may be expressed as" P = Dt2 = Cd mod n ".

Thereafter, the validity authentication unit 430 generates a predetermined message digest through the same one-way hash function of the received electronic document (1740), and then generates the generated message digest and the decrypted message. By comparing the message digest (1745), the validity of the received electronic document is verified.

If the generated message digest and the decrypted message digest coincide with each other (1750), the validity authentication unit 430 checks the electronic signature attached to the electronic document.

18 is a diagram showing the configuration of an electronic document conversion system for converting a paper document into an electronic document according to another embodiment of the present invention.

In more detail, FIG. 18 illustrates that the financial transaction customer is referred to the financial transaction customer by referring to the document management information in the process of processing the predetermined financial transaction in connection with the financial system 125 through a predetermined internet banking system. Request to convert a paper document into a predetermined electronic document, and when the financial transaction customer approves (or agrees to) converting the paper document into an electronic document, the paper document using the digital document generated from the paper document. As a system configuration for converting a document into an electronic document, those skilled in the art to which the present invention pertains, various systems for converting the paper document into a predetermined electronic document by referring to and / or modifying the drawing 18. It may be inferred from the configuration, but the present invention includes all of the inferred implementation method, The present invention is not limited.

Referring to FIG. 18 in accordance with an embodiment of the present invention, the electronic document conversion system provides an Internet banking service to at least one or more customer terminals 475 having a web browser and at least one or more customer terminals 475. Internet banking server 1800, the Internet banking server 1800 is associated with a financial system 125 for processing the financial business required to provide the Internet banking service through a predetermined interface means 1855. .

In addition, in order to convert a paper document into an electronic document based on the Internet banking system, the electronic document converting system is connected to the customer terminal 475 through a predetermined network means, and the digital to the customer terminal 475. An electronic document registration server 400 which processes to generate a predetermined electronic document in the customer terminal 475 by providing a document, and a predetermined value from the electronic document registration server 400 (and / or the customer terminal 475). And an electronic document management server 100 which receives the electronic document and stores the electronic document in a predetermined storage medium.

Those skilled in the art to which the present invention pertains can easily guess the omitted components for convenience because they do not include the core technical matters of the present invention in the Internet banking system shown in FIG. The present invention is not limited to the omitted elements.

That is, FIG. 18 shows the client terminal 475 and the Internet banking server based on a predetermined browser program (eg, Microsoft Internet Explorer, and / or Netscape's Netscape Navigator, etc.) included in the customer terminal 475. Although the method of implementing an Internet banking system for processing non-named channel-based financial transactions is illustrated, those skilled in the art to which the present invention pertains are based on Internet banking using a browser program shown in FIG. Refer to and / or modify a financial transaction channel connection method to process non-named channel-based financial transactions between the client terminal 475 and the internet banking server based on a predetermined internet banking program mounted on the client terminal 475. It would be possible to infer the configuration of the Internet banking system for the present invention, the present invention is the Internet banking Internet banking system provided based on the program, by which the present invention is not limited.

In addition, those skilled in the art to which the present invention pertains, in addition to the Internet banking system by referring to and / or modifying the configuration of the Internet banking system shown in Figure 18, non-face-to-channel based financial transactions in accordance with the present invention It would be possible to infer another banking system, such as a telebanking system and / or a wireless banking system and / or a TV banking system, but the present invention provides for such a telebanking system and / or a wireless banking system and / or a TV banking system. Or any non-face-to-face channel banking system including a non-face-to-face channel banking system proposed in the future, and the technical configuration of the present invention is not limited to the case of the Internet banking shown in FIG.

The client terminal 475 has at least one web browser for accessing the internet banking server 1800 and receiving a browsing-based wired web service based on the wired communication function based on TCP / IP and the wired communication function. And a wired terminal including at least one desktop computer and / or a notebook, wherein the Internet banking server is provided through a predetermined network means including the TCP / IP-based Internet. 1800 and a communication channel for internet banking are connected.

The financial system 125 is a computerized system provided to a predetermined financial institution to open at least one financial account to at least one or more customers and to process a financial transaction based on the financial account. Accounting system that handles window services such as credit or receiving or trust or foreign exchange, information system that processes headquarters operations, branch office information support and customer information management, financial system 125, homes, businesses, stores And external systems providing various electronic financial services (e.g., internet banking, phone banking, Cash Dispenser) / ATM (Automatic Teller Machine), foreign exchange, call center, financial settlement, etc. And an interface corresponding to a middleware platform for providing interfacing between components in the financial system 125. At least one module and stores and manages predetermined information (eg, ledger information, and / or customer information, and / or management information, etc.) required for each function in the components in the financial system 125. The database includes a database management system (DBMS 130) including the above database, and the intention of the person skilled in the art and / or the type of each financial institution (eg, commercial bank, savings bank, trust bank) and the financial system 125. According to the purpose and characteristics of, it is possible to further include at least one or more components, such as foreign exchange module (not shown), investment finance module (not shown), international module (not shown), the technology to which the present invention belongs Those skilled in the art will clearly understand the technical details of the financial system 125, and thus detailed description thereof will be omitted for convenience. The present invention will not limited.

According to an embodiment of the present invention, the internet banking server 1800 is interlocked with the financial system 125 through the external system, and for this purpose, the internet banking server 1800 is provided through a predetermined interface means. It is preferred to include a component for interworking with.

The internet banking server 1800 is a database for storing web operation data including at least one web page source and / or digital content for providing a predetermined web service to at least one customer terminal 475, and / or DBMS 130 or 1820 including a database for storing Internet banking information required to provide a predetermined Internet banking service in conjunction with the financial system 125, or the DBMS 130 according to the implementation method It is characterized by interworking with the data server provided 1820, thereby providing a predetermined Internet banking service to at least one or more of the customer terminal (475).

According to an embodiment of the present invention, the internet banking information may be configured to authenticate a customer corresponding to the customer terminal 475 when at least one or more customer terminals 475 access and log in to the internet banking server 1800, and / Or when the customer authenticates the financial transaction customer at least one financial transaction through the internet banking server 1800, and / or when the customer subscribes at least one financial product to the internet banking server 1800. Customer authentication information for authenticating a customer who subscribes to a product, and when a financial transaction request is made from the customer through the customer terminal 475, interworking with the financial system 125 to process a financial transaction corresponding to the financial transaction request. It is preferable to include banking element information for at least one, at least one or more necessary for Internet banking according to the intention of the skilled person Although the information may further include, in the case of FIG. 18 will be omitted for convenience.

Referring to FIG. 18, the Internet banking server 1800 connects and manages a Hyper-Text Transfer Protocol (HTTP) -based communication channel for providing a predetermined Internet banking service to at least one or more customer terminals 475. A web page operating unit 1815 for operating a web page to be provided to at least one or more customer terminals 475 in conjunction with an interface unit 1805, the web interface unit 1805, and the DBMS 1820, and A UI processing unit 1810 for generating a user interface (UI) screen for providing a predetermined Internet banking service to at least one customer terminal 475 in cooperation with the webpage operation unit 1815, and the UI processing unit Extracts predetermined content for providing the Internet banking service from the DBMS 1820 in conjunction with the 1810 or extracts predetermined content to be stored in the DBMS 1820 from the customer terminal 475. And a communication channel for processing Internet banking based on HTTP between the customer terminal 475 and the internet banking server 1800 by the functional configuration. The user interface is implemented.

In addition, the Internet banking server 1800 authenticates the customer with at least one customer terminal 475 by interworking with the webpage operation unit 1815 through a UI processing unit 1810 based on the customer authentication information of the Internet banking information. A customer authentication unit 1830 may be provided to provide an interface screen or receive at least one or more customer authentication information based on the interface screen.

In addition, the Internet banking server 1800 is linked to the web page operation unit 1815 through the UI processing unit 1810 based on the banking element information of the Internet banking information to the at least one customer terminal 475 financial transactions A banking processor 1835 may be provided to provide a related interface screen or receive at least one financial transaction related information based on the interface screen.

In addition, the Internet banking server 1800 includes a ledger processing unit 1840 that performs a ledger processing procedure corresponding to the financial transaction requested by the customer in cooperation with the financial system 125 through a predetermined interface means 1855. The ledger processing unit 1840 may be connected to the external system of the financial system 125 through the interface unit 1855.

Customer authentication information stored in the DBMS 1820 includes ID / PW information and personal information (eg, name, social security number, address, contact information, etc.) of a customer accessing the Internet banking server 1800 through the customer terminal 475. And at least one member information including at least one member. In this case, the customer authentication unit 1830 interoperates with the UI processing unit 1810 to transmit the ID / PW information of the customer to the customer terminal 475. Request, receive the ID / PW information from the customer terminal 475, and compare the received ID / PW information with ID / PW information included in the member information to authenticate the customer. .

According to an embodiment of the present invention, the ID / PW information may be provided to the Internet banking server 1800 according to a conventional ID / PW transmission / reception procedure, but the ID / PW information may be provided to provide a more advanced security function. The customer terminal 475 is encrypted through at least one or more of the symmetric key (or secret key) encryption method, and / or public key encryption method, and / or electronic envelope encryption method, and / or key exchange encryption method Preferably, the customer authentication unit 1830 further includes a function configuration for decrypting the ID / PW information.

In addition, the customer authentication information stored in the DBMS 1820 may include certification authority information (eg, KFTC) and authentication server information, and / or issue a predetermined official certificate to a customer connected through the customer terminal 475. The accredited certificate registrar information (eg, the accredited information when the accredited certificate is registered through the process, the complained information when the accredited certificate is registered through the other), and / or a certificate issued to the customer by the certification authority It is preferable that the information further comprises, wherein the customer authentication unit 1830 requests the authentication certificate-based customer authentication through the authentication certificate registered by the registrar to the authentication server of the certification authority, and from the authentication server By receiving the customer authentication result, characterized in that for authenticating the customer.

According to the embodiment of the present invention, the customer authentication unit 1830 provides the communication session information and the certificate information connected to the customer terminal 475 to the authentication server of the certification authority, the authentication server is the communication session information After performing a customer authentication procedure corresponding to the certificate information to the customer terminal 475 based on the, it is preferable to provide the result to the customer authentication unit 1830.

In addition, the customer authentication information stored in the DBMS 1820 may include a copy of an authorized certificate of a customer accessing the Internet banking server 1800 through the customer terminal 475, and / or a predetermined request to the customer. It is preferable to include the directory connection information of the certification authority that issued the certificate, the customer authentication unit 1830 is the customer terminal in conjunction with the authentication server of the certification authority that issued a predetermined certificate to the customer Requesting certificate-based customer information at 475, receiving the certificate-based customer information from the customer terminal 475, and authenticating the certificate-based customer information via a copy of the accredited certificate and / or through a directory of a certification authority. Characterized in that for authenticating the customer.

According to an exemplary embodiment of the present invention, the certificate-based customer information may be a predetermined random number generated by the customer authentication unit 1830 or a predetermined random number generated by the customer terminal 475, in which case the The client terminal 475 may be configured to at least one of the symmetric key (or secret key) encryption method, and / or public key encryption method, and / or electronic envelope encryption method, and / or key exchange encryption method for the random number through the certificate. Encrypted through the above encryption method and provided to the customer authentication unit 1830 (for example, if the random number is generated by the customer terminal 475 further includes a random number in the form of a plain text), the customer authentication unit 1830 Decrypts the encrypted random number based on the copy of the customer's accredited certificate and / or the certificate information of the customer extracted from the directory, compares each other, and / or the By encrypting a random number munhyeongtae (e.g., a random number, and / or a random number generated in the customer terminal (475) generated by the client authentication unit 1830) compared mutually, it is desirable to authenticate the customer.

According to another exemplary embodiment of the present invention, the certificate-based customer information is stored in the storage information of the customer terminal 475 previously stored in the customer terminal 475 (for example, the Internet banking server 1800 in the storage device of the customer terminal 475). Information, and / or information stored in the customer terminal 475 or the like (or system information), and / or an IC card (and / or IC chip) interworking with the customer terminal 475. Stored information (e.g., IC card (and / or IC chip) serial number, and / or information stored in the IC card (and / or IC chip) memory by the IC card (and / or IC chip) issuer) In this case, the customer terminal 475 is a symmetric key (or secret key) encryption method, and / or public key encryption method, and / or electronic envelope encryption method, and / or key to the stored information through the certificate Passwords through at least one of the exchange encryption methods The customer authentication unit 1830 and decrypts the encrypted stored information based on the copy of the customer's official certificate and / or the certificate information of the customer extracted from the directory. By comparison, it is desirable to authenticate the customer.

According to another exemplary embodiment of the present invention, the certificate-based customer information may include input information (eg, a key input device provided in the customer terminal 475) input through an input means provided in the customer terminal 475. Information input through an input device (eg, a short-range communication device) other than a key input device provided in the customer terminal 475, and in this case, the customer terminal 475. The at least one encryption method of symmetric key (or secret key) encryption method, and / or public key encryption method, and / or electronic envelope encryption method, and / or key exchange encryption method is used for the input information. Encrypted through the customer authentication unit 1830, and provided by the customer authentication unit 1830 of the customer certificate copy and / or the certificate information of the customer extracted from the directory Decrypts the encrypted information based on the input by mutual comparison, it is desirable to authenticate the customer.

In addition, the customer authentication information stored in the DBMS 1820 may be OTP generation information for generating an OTP authentication code matching the OTP code generated through the OTP (One Time Password) authenticator provided to the customer, this At this time, the customer authentication unit 1830 interoperates with the UI processing unit 1810 to request a predetermined OTP code from the customer terminal 475, receives the OTP code from the customer terminal 475, and generates the OTP. Generate a predetermined OTP authentication code based on the information, and by comparing the received OTP code and the generated OTP authentication code, characterized in that for authenticating the customer.

According to the method of the present invention, the OTP code is a symmetric key (or secret key) encryption method, and / or public key encryption method, and / or electronic in the customer terminal 475 to provide a higher security function It is preferable that the data is encrypted and received through at least one or more of an envelope encryption method and / or a key exchange encryption method. For this purpose, the customer authentication unit 1830 further includes a function configuration for decrypting the OTP code. It is preferable to make.

When the banking processor 1835 requests at least one financial transaction from the customer terminal 475, the banking processor 1835 interoperates with the UI processor 1810 to perform a financial transaction corresponding to the requested financial transaction to the customer terminal 475. Providing the request information input interface screen and receiving (or selecting) predetermined financial transaction request information from the client terminal 475 through the financial transaction request information input interface screen, referring to the banking element information. It is characterized in that the predetermined financial transaction information corresponding to the financial transaction request information is generated (or extracted) and provided to the ledger processing unit 1840.

For example, when the financial transaction requested from the customer terminal 475 is a bank transfer transaction, the banking processor 1835 is linked with the UI processor 1810 to the customer terminal 475 for information required for the account transfer (for example, And a predetermined interface screen for inputting (or selecting) withdrawal account number, withdrawal account password, deposit bank information, deposit account number, transfer amount information, security code number, etc., and transfer the account through the interface screen. When information (e.g., withdrawal account number, withdrawal account password, deposit bank information, deposit account number, transfer amount information, security code number, etc.) is inputted (or selected) and received, the withdrawal is referred to with reference to the banking element information. The predetermined amount of financial transaction information for withdrawing the transfer amount from the account and depositing it into the deposit account is generated and provided to the ledger processor 1840.

According to an embodiment of the present invention, the banking processor 1835 receives at least one financial transaction request information from the customer terminal 475, at least one or more customer authentication methods in conjunction with the customer authentication unit 1830. It is preferable to authenticate the customer requesting the financial transaction through, so that the confidentiality of the customer who requested the financial transaction through the customer terminal (475) (or a customer who inputs (or selects) the financial transaction request information and transmits it). (Confidentiality, Authentication, Integrity and Nonrepudiation) are secured.

According to the exemplary embodiment of the present invention, the banking processor 1835 may secure the confidentiality, authentication, integrity, and non-repudiation of at least one or more financial transaction request information transmitted from the customer terminal 475. In step 475, the electronic signature of the customer is attached to the financial transaction request information, and the financial transaction request information to which the electronic signature is attached is encrypted and transmitted using a public key encryption method according to a public key infrastructure. In this case, the banking processor 1835 receives the financial transaction request information from the customer terminal 475, decrypts the public key decryption method according to the public key infrastructure, and confirms the electronic signature. Confidentiality, authentication, integrity and non-repudiation of financial transaction request information are secured.

Alternatively, the banking processor 1835 may secure the confidentiality, authentication, integrity, and nonrepudiation of the financial transaction request information transmitted from the client terminal 475 for at least one financial transaction. In this case, the financial transaction request information may be encrypted and transmitted in an electronic envelope method. In this case, the banking processor 1835 may receive the financial transaction request information from the customer terminal 475 and decrypt the electronic transaction method. Preferably, this ensures confidentiality, authentication, integrity and nonrepudiation of the financial transaction request information.

The ledger processing unit 1840 may be linked to the financial system 125 through a predetermined interface unit 1855, and predetermined financial transaction information may be generated (or extracted) by the banking processing unit 1835. In this case, at least one ledger information to be extracted from the ledger on the financial system 125 in response to the financial transaction information is identified, and the identified from the ledger on the financial system 125 through the interface means 1855. Extracting ledger information, and / or generating (or extracting) ledger record information recorded in the ledger on the financial system 125 in response to the financial transaction information, and through the interface means 1855 the financial system ( 125) the ledger record information generated (or extracted) is recorded on the ledger on the screen.

For example, the financial transaction requested from the customer terminal 475 is an account inquiry transaction for the last one month, and the financial transaction information (eg, account inquiry section information, account number, etc.) for the account inquiry is performed by the banking processor 1835. When generated (or extracted), the ledger processing unit 1840 is linked to the account ledger associated with the customer ledger on the financial system 125 through the interface means 1855 based on the financial transaction information for the account inquiry. And / or transaction history information associated with the account ledger), and provides the banking processing unit 1835 with the transaction history of the last month of the transaction history of the account.

Referring to FIG. 18, the Internet banking server includes an information checking unit 455 for checking whether the Internet banking customer is requested to convert a paper document into an electronic document based on the customer authentication result of the customer authentication unit 1830; In response to the check result, when the information providing target customer is requested to convert the paper document into an electronic document, the information transmitting unit 465 transmitting the message information to the customer terminal 475 through a predetermined web page operation unit 1815. It characterized by comprising a.

The information checking unit 455 is connected to the financial system 125 through the interface means when the customer accessing the internet banking server is authenticated through the customer authentication unit 1830 (eg, a financial system ( 125) by checking the document management information stored on the DBMS (130) on) to determine whether to request the information target customer to convert a predetermined paper document into an electronic document.

According to the exemplary embodiment of the present invention, when the electronic document generation date of the document management information stored on the DBMS 130 on the financial system 125 includes a valid date (for example, when the paper document is previously converted to the electronic document) The information checking unit 455 confirms not to request the information providing customer to convert a predetermined paper document into an electronic document.

On the other hand, if the effective date of the electronic document generation date of the document management information stored on the DBMS 130 on the financial system 125 does not include a valid date (for example, if the paper document is not converted to an electronic document), the information check The unit 455 confirms to request the information target customer to convert a predetermined paper document into an electronic document.

When the information confirming unit 455 confirms that the information providing target customer is requested to convert the paper document into an electronic document, the information transmitting unit 465 may be configured to correspond to the result of confirming the information confirming unit 455. After generating the electronic document conversion request information, and transmits the electronic document conversion request information to the customer terminal 475 through a predetermined web page operation unit 1815.

When the customer who has received the electronic document conversion request information from the Internet banking server wants to convert the paper document into the electronic document, the customer has a predetermined terminal (eg, an Internet banking certificate). Via 475, the electronic document registration server 400 is accessed using a predetermined network means.

According to an embodiment of the present invention, the electronic document registration server 400 is provided with the customer terminal 475 through the network means to provide a web interface corresponding to the customer terminal 475 and the network means. And an interface unit 405 for connecting and managing a communication channel, whereby the electronic document registration server 400 communicates with the customer terminal 475 through a wired network and / or a wireless network. It has the function of a web server.

According to an embodiment of the present invention, when the customer terminal 475 is a wired terminal to which a communication channel is connected through a wired network based on TCP / IP, the interface unit 405 may connect the customer terminal 475 and HTTP ( Connect a predetermined communication channel based on the Hyper-Text Transfer Protocol protocol, and convert the electronic document to an interface screen in the form of a Hyper-Text Markup Language (HTML) compatible document to the customer terminal 475 through the communication channel. It is preferable to perform a function of including and providing a predetermined digital document, and receiving and processing the electronic document generated by attaching the digital signature of the customer to the digital document through the interface screen in the customer terminal 475.

According to another exemplary embodiment of the present invention, when the customer terminal 475 is a wireless terminal to which a communication channel is connected through a CDMA based wireless network, the interface unit 405 connects to the customer terminal 475 and a WAP (Wireless). Connect a predetermined communication channel based on the Application Protocol and / or Mobile Explorer (ME) protocol, and the interface in the form of a WML (Wireless Markup Language) and / or HTML compatible document to the customer terminal 475 through the communication channel. Provide a predetermined digital document to be converted into an electronic document on the screen, and receives and processes the electronic document generated by attaching the digital signature of the customer to the digital document through the interface screen in the customer terminal 475 It is preferable to carry out.

According to another exemplary embodiment of the present invention, when the customer terminal 475 is a wireless terminal to which a communication channel is connected through an IEEE 802.16 based wireless network, the interface unit 405 is connected to the customer terminal 475. A predetermined communication channel is connected based on a wireless protocol corresponding to the IEEE 802.16 standard, and an interface screen including a predetermined digital document is transmitted to the customer terminal 475 via the communication channel and outputted. It is preferable to perform a function of receiving and processing a predetermined electronic document generated through the interface screen 475, and / or the communication terminal is connected to the customer terminal 475 through a DataTAC / Mobitex based wireless network. In the case of a wireless terminal, the interface unit 405 is predetermined based on a wireless protocol corresponding to the customer terminal 475 and the DataTAC / Mobitex standard. Connects a communication channel, transmits and outputs an interface screen including a predetermined digital document to the customer terminal 475 via the communication channel, and generates a predetermined electronic image generated through the interface screen from the customer terminal 475. It is preferable to perform a function of receiving and processing a document.

Referring to FIG. 18, the electronic document registration server 400 may access the document D / B 115 when a predetermined customer terminal 475 accesses the electronic document registration server 400 through the interface unit 405. Attach the electronic signature of the customer to a document extracting unit 415 for extracting at least one digital document to be provided to the customer terminal 475 and a predetermined digital document extracted by the document extracting unit 415. An interface generation unit 410 for generating (or extracting) a predetermined interface screen for generating a predetermined electronic document, and the digital terminal to the customer terminal 475 in association with the interface unit 405. Document receiving unit 420 for providing an interface screen, and a document receiving for receiving the electronic document generated by attaching the digital signature of the customer to the digital document through the interface screen in the customer terminal 475 105, a validity authentication unit 430 for authenticating the validity of the received electronic document, and a document registration unit 435 for registering and providing the electronic document of which validity is authenticated to a predetermined electronic document management server 100. It is characterized by comprising a).

The document extracting unit 415 is connected to the electronic document registration server 400 through a predetermined customer terminal 475 through the interface unit 405. And extracting at least one digital document to be provided.

According to an exemplary embodiment of the present invention, when a predetermined customer registers (or logs in) through the customer terminal 475, the document extractor 415 may be configured based on the membership (or log in) information. It is preferable to extract at least one digital document to be provided to the customer terminal 475 by referring to document information (eg, customer information corresponding to the digital document) of the digital document stored in the document D / B 115.

The interface generator 410 extracts the digital document from the document D / B 115 at least one digital document to be provided to the customer terminal 475. Providing and outputting to the terminal 475, a predetermined electronic signature attached to the digital document, and / or encrypted by the customer terminal 475 through a predetermined certificate to transmit to the electronic document registration server 400 Interface screen to be generated, and / or extracted from a predetermined database (not shown).

The document transmission unit 420 works in conjunction with the interface unit 405 to display an interface screen (for example, a screen for providing a digital document) generated by the interface generation unit 410 through the network means. 475), at least one digital document to be converted into the electronic document is output to the customer terminal 475.

If the customer corresponding to the digital document approves (or agrees) to convert the digital document (or paper document) into a predetermined electronic document, the customer attaches the digital signature to the digital document through a predetermined certificate. Generate a predetermined electronic document, wherein the electronic document includes at least one of a symmetric key (or secret key) encryption method, a public key encryption method, and / or an electronic envelope encryption method, and / or a key exchange encryption method. The data is encrypted by an encryption method and transmitted to the electronic document registration server 400.

The information receiving unit receives the electronic document in cooperation with the interface unit 405 when the electronic document (eg, a digital document to which the electronic signature of the customer is attached) is transmitted from the customer terminal 475 through the network means. Characterized in that, the received electronic document is provided to the validity authentication unit 430.

The validity authentication unit 430 decrypts the electronic document using at least one decryption method corresponding to the encryption method when the electronic document is received encrypted by the at least one encryption method in the customer terminal 475. This ensures confidentiality, authentication and integrity that the customer has approved (or agreed to) converting the digital document (or paper document) to the electronic document.

Also, the validity authentication unit 430 confirms (or agrees) that the customer converts the digital document (or paper document) from the electronic document by confirming the electronic signature attached to the decrypted electronic document. Authentication, Integrity and Nonrepudiation are secured.

If the validity of the electronic document is authenticated, the document registration unit 435 provides the electronic document (eg, a digital document to which the electronic signature of the customer is attached) to a predetermined electronic document management server 100, thereby providing the electronic document. The electronic document is managed in a predetermined storage medium managed by the document management server 100.

According to another embodiment of the present invention, the document registration unit 435 is a paper document before the electronic document (or digital document) is generated from the branch (or branch) of the financial institution of the electronic document (or digital document) By transmitting to the teller terminal of the branch (or branch) of the financial institution that manages the, the validity of the electronic document (or digital document) from the teller terminal is authenticated, the electronic document validated at the teller terminal said By providing the electronic document management server 100, it is possible to manage the electronic document by storing it in a predetermined storage medium managed by the electronic document management server 100, whereby the present invention is not limited.

According to one embodiment of the invention, the electronic document management server 100 preferably comprises an electronic document management server 100 of the electronic document storage provided in the financial institution, in this case the electronic document registration server The 400 and the electronic document management server 100 may be connected through the financial network and / or implemented on one server according to the intention of the person skilled in the art, and the present invention is not limited thereto.

According to another embodiment of the present invention, the electronic document management server 100 preferably comprises an electronic document management server 100 of the authorized electronic document storage provided outside the financial institution, in this case the electronic Preferably, the document registration server 400 and the electronic document management server 100 are connected through a predetermined communication network, and the electronic document transmission and reception procedure between the electronic document registration server 400 and the electronic document management server 100 may be performed. Follow the communication standard defined in the electronic document repository.

Referring to FIG. 18, the electronic document management server 100 stores an electronic document receiving unit 105 that receives at least one electronic document from the electronic document registration server, and stores the received electronic document in a predetermined storage medium. It is characterized by comprising an electronic document storage unit 110.

According to the present invention, when the electronic document management server 100 is provided in the authorized electronic document storage outside the financial institution, the electronic document management server 100 is based on the registration result of the electronic document the financial institution and / or customer Characterized in that it further comprises a registration result notification unit for notifying the terminal 475.

According to another embodiment of the present invention, before the electronic document storage unit 110 stores the electronic document in the storage medium, the electronic document (or digital document) is generated from a branch (or branch) of the financial institution. By providing the electronic document (or digital document) to the teller terminal of a branch (or branch) of a financial institution that manages a paper document before it is received, the validity of the electronic document (or digital document) is authenticated from the teller terminal. In addition, it is possible to store the electronic document validated in the window terminal on the storage medium, and the present invention is not limited thereto.

According to the implementation method of the present invention, the electronic document is normally registered in the electronic document repository from the registration result notification unit of the electronic document management server 100 to the financial institution (for example, the electronic document registration server 400). If notified, it is preferable that the financial institution dispose of the paper document, thereby reducing the paper document management cost.

19 is a diagram illustrating a process of connecting an internet banking-based financial transaction channel according to an embodiment of the present invention.

In more detail, in FIG. 19, in the Internet banking-based electronic document switching system shown in FIG. 18, the customer terminal 475 accesses the Internet banking server through a TCP / IP-based network (for example, the Internet). As an embodiment of the present invention, a method of connecting an Internet banking-based financial transaction channel between the customer terminal 475 and an internet banking server by performing a predetermined customer authentication procedure is provided. Growing up, it is possible to infer various implementation methods of connecting the Internet banking-based financial transaction channel for financial transactions according to the present invention between the customer terminal 475 and the Internet banking server by referring to and / or modifying the drawing 19. However, the present invention includes all implementation methods inferred from the above, and is not limited to the implementation method shown in FIG.

That is, FIG. 19 shows the browser program when connecting to the Internet banking server through a predetermined browser program (for example, Microsoft Internet Explorer, and / or Netscape's Netscape Navigator, etc.) included in the customer terminal 475. Although the implementation method for connecting the Internet banking-based financial transaction channel for the financial transaction according to the present invention between the customer terminal 475 and the Internet banking server based on the present invention, having a general knowledge in the art Growing up, the customer terminal 475 based on a predetermined internet banking program mounted on the customer terminal 475 by referring to and / or modifying an internet banking-based financial transaction channel connection method using the browser program shown in FIG. Internet banking machine for financial transactions according to the present invention between the Would be able to infer the exemplary method for connecting the financial transaction channel, the present invention includes an Internet banking based financial transaction provided based on the Internet banking program, to which the present invention is not limited.

In addition, those skilled in the art to which the present invention pertains, in addition to the Internet banking-based electronic document conversion system by referring to and / or modified the Internet banking-based financial transaction channel connection method shown in Figure 19, telebanking Other banking systems, such as systems and / or wireless banking systems and / or TV banking systems, may infer an implementation method of connecting non-face-to-face channel-based financial transactions channels for financial transactions in accordance with the present invention. It includes all types of non-face-to-face channel based financial transactions, including telebanking systems and / or wireless banking systems and / or TV banking systems and / or non-face-to-face channel banking systems proposed in the future. It is by no means limited to the case of Internet banking shown in 19.

In the following figure 19, the customer terminal 475 is referred to as " terminal " for convenience, and the Internet banking server is referred to as " server " for convenience.

Referring to FIG. 19, when the terminal executes a predetermined browser program and accesses the server through the TCP / IP based network (1900), the server connects a communication channel between the terminal and the server through the browser. (1905) Here, the communication channel is generated (or extracted) a predetermined web page by the request of the browser program provided in the customer terminal 475 in the server and transmitted to the customer terminal 475, Assigns a predetermined communication session so that the browser program included in the customer terminal 475 can receive at least one or more information (or data) input (or selected) based on a predetermined user interface included in the web page. Means.

According to another exemplary embodiment of the present invention, when a predetermined internet banking program is provided in the customer terminal 475, the server may be configured with at least one of the internet banking program based on a predetermined communication protocol defined in the internet banking program. A communication channel for transmitting and receiving the above information (or data) can be allocated.

Thereafter, the server is equipped with a predetermined security module for internet banking on the terminal in a predetermined web page (eg, an internet banking main page) generated (or extracted) for providing to the terminal, and / or the By providing a predetermined script for checking whether to update the security module to the terminal, whether the terminal is equipped with a predetermined security module for Internet banking, and / or update the security module Check (1910).

According to another exemplary embodiment of the present invention, if a predetermined internet banking program is provided in the customer terminal 475, the server requests the Internet banking program for version information and / or last update date information, and the like. You can check whether you want to update the program (and / or the security module associated with the Internet banking program).

If a predetermined security module is to be mounted and / or updated in the terminal (1915), the server transmits the latest version of the security module for internet banking to the terminal according to a remote program installation procedure defined in the browser program. And mount and / or update (1920).

If the terminal does not need to install and / or update the latest version of the Internet banking security module (1925), or if the terminal does not need to mount and / or update the Internet banking security module (1915), the server may By activating the security module for internet banking mounted on the terminal, the Internet banking security channel is connected between the terminal and the server (or the communication channel between the terminal and the server is switched to a secure channel) (1930), where the security for the Internet banking A channel is attached to a predetermined digital signature and / or at least one encryption method (or data) of information (or data) required for security among information (or data) included in a web page to be provided from the server to the terminal. And / or provide encryption by an encryption algorithm, confirming the digital signature in the terminal and / or knowing the encryption scheme (and / or encryption). Means a communication channel for decoding the information (or data) by a predetermined decryption method (and / or a decryption algorithm) corresponding to the rhythm), and also provided by the terminal to the server for financial transactions according to the present invention. By attaching a predetermined digital signature to information (or data) and / or encrypting and transmitting at least one or more encryption methods (and / or encryption algorithms), the server verifies the electronic signature and / or the encryption method ( And / or a communication channel for decrypting the information (or data) with a predetermined decryption method (and / or decryption algorithm) corresponding to an encryption algorithm).

According to another exemplary embodiment of the present invention, when a predetermined internet banking program is provided in the customer terminal 475, the internet banking-based secure channel is provided from the server to the terminal according to a communication protocol defined in the internet banking program. When the electronic signature is attached to the information (or data) to be performed and / or is encrypted and provided by at least one or more encryption methods (and / or encryption algorithms), the terminal confirms the electronic signature and / or the encryption method. Means a communication channel for decrypting the information (or data) by a predetermined decryption method (and / or decryption algorithm) corresponding to (and / or an encryption algorithm), and also for the financial transaction according to the present invention in the terminal. Attach a predetermined electronic signature to information (or data) to be provided to the server and / or at least When encrypted and transmitted using one or more encryption methods (and / or encryption algorithms), the server verifies the digital signature and / or a predetermined decryption method (and / or corresponding to the encryption method (and / or encryption algorithm)). Decoding algorithm) means a communication channel for decoding the information (or data).

According to the present invention, the security module is to perform an electronic signature attachment, and / or encryption, and / or protection function for the information (or data) by using the customer's authorized certificate mounted on the terminal It features.

When the secure channel for internet banking is connected, the server requests the terminal to perform an internet banking customer authentication procedure through the browser program (1935).

According to an exemplary embodiment of the present invention, the Internet banking customer authentication procedure may include predetermined Internet banking-based customer authentication data (eg, ID / PW, customer number, etc., registered by the customer during the internet banking application process) through the terminal. ) Is input (or generated) and transmitted to the server, wherein the server comprises authenticating a customer connected through the terminal as an internet banking customer based on the customer authentication data, wherein the customer authentication data It is preferable that the digital signature and / or encrypted is transmitted through the secure channel.

According to another exemplary embodiment of the present invention, the Internet banking customer authentication procedure may include predetermined Internet banking-based customer authentication data (for example, an ID / PW or customer number registered by the customer during the internet banking application process) through the terminal. Etc.) and input (or generate) the data to the authentication server, and authenticate the customer connected through the terminal as the Internet banking customer based on the customer authentication data in the authentication server, and provide the result to the server. In this case, it is preferable that the customer authentication data includes public certificate-based authentication data, and the authentication server is a server for authenticating the public certificate-based authentication data.

Thereafter, the terminal inputs (or generates) predetermined customer authentication data according to the request, transmits the electronic signature and / or encryption to the server (and / or authentication server) through the security module, and performs internet banking customer authentication. Request (1940), the server (and / or authentication server) authenticates the customer connected through the terminal as an Internet banking customer for non-face-to-face financial transactions based on the customer authentication data received from the terminal. (1945).

If the Internet banking customer authentication fails (1950), the server blocks the Internet banking security channel for the terminal (1955), thereby preventing the Internet banking-based financial transaction through the terminal.

On the other hand, if the Internet banking customer authentication is successful (1950), the server converts the Internet banking security channel into an internet banking-based financial transaction channel in connection with a security module provided in the terminal (1960), where the Internet banking-based The financial transaction channel refers to the financial transaction (eg, account inquiry, account transfer, utility bill) by accessing the ledger on the financial system 125 in response to at least one financial transaction request requested from the terminal. Means a communication channel that can handle payment, ...

20 is a diagram illustrating a process of requesting a financial institution to convert a paper document into an electronic document by a financial institution according to another exemplary embodiment of the present invention.

In more detail, in FIG. 20, after a predetermined financial transaction channel is connected between the customer terminal 475 and the Internet banking server through the process illustrated in FIG. 19, the Internet banking server based on the result of the customer authentication is performed. A process for requesting the paper document to be converted into a predetermined electronic document by referring to document management information of a financial transaction customer, and a person having ordinary knowledge in the technical field to which the present invention pertains may refer to FIG. 20 and / or Alternatively, it may be inferred that various implementation methods for requesting to convert the paper document into a predetermined electronic document may be inferred, but the present invention includes all of the inferred implementation methods, and the present invention is not limited to the drawing 20. .

In the following figure 20, the Internet banking server shown in FIG. 18 is referred to as " server " for convenience.

Referring to FIG. 20, when a predetermined financial transaction channel is connected between the customer terminal 475 and the internet banking server through the process illustrated in FIG. 19, the server is obtained in the process of connecting the financial transaction channel. By extracting and reading predetermined document management information of the financial transaction customer from the DBMS 130 on the financial system 125 based on the customer authentication result (2000), at least one digital transaction corresponding to the existing financial transaction customer Check whether the document (or paper document) is requested to be converted into a predetermined electronic document (2005).

If the verification does not request to convert the digital document (or paper document) of the financial transaction customer into a predetermined electronic document (2010), the server provides at least one internet banking service to the financial transaction customer through the financial transaction channel. Provided (2025).

Those skilled in the art to which the present invention pertains know how to provide at least one internet banking based financial transaction service from the internet banking server to the customer terminal 475 through the financial transaction channel. Since there will be, a detailed description thereof will be omitted for convenience.

On the other hand, if the verification results request that the financial transaction customer's digital document (or paper document) is converted to a predetermined electronic document (2010), the server may request the financial transaction customer to provide at least one digital document (or paper document) Generate an Internet banking interface screen including electronic document switching request information requesting to switch to an electronic document (2015), and transmits and outputs the Internet banking interface screen including the electronic document switching request information to the customer terminal (475). After that (2020), at least one Internet banking service is provided to a financial transaction customer through the financial transaction channel (2025).

According to the exemplary embodiment of the present invention, the Internet banking interface screen including the electronic document switching request information includes predetermined link information for the customer terminal 475 to access the electronic document registration server 400. desirable.

FIG. 21 illustrates a process of generating an electronic document from a digital document (or paper document) according to another embodiment of the present invention.

More specifically, FIG. 21 approves (or agrees) that a financial transaction customer who has received message information including predetermined electronic document conversion request information through the process illustrated in FIG. 20 converts the paper document into an electronic document. In this case, the financial institution provides the digital document to the customer terminal 475, and the process of generating a predetermined electronic document by adding the digital signature of the customer to the digital document, One of ordinary skill in the art may be able to infer various implementation methods for generating a predetermined electronic document from the digital document (or paper document) by referring to and / or modifying the drawing 21. All inferred implementation methods are included, and the present invention is not limited by the drawing 21.

In the following figure 21, the customer terminal 475 shown in FIG. 18 is referred to as "terminal" for convenience, and the electronic document registration server 400 shown in FIG. 18 is referred to as "server" for convenience.

Referring to FIG. 21, a financial transaction customer who receives message information including predetermined electronic document conversion request information through the process illustrated in FIG. 20 approves (or agrees) to convert the paper document into an electronic document. In this case, the financial transaction customer accesses the server through a predetermined network means using a predetermined terminal and performs a membership (or login) procedure for predetermined customer authentication (2100). It is checked whether the at least one digital document (or paper document) is converted into a predetermined electronic document by referring to the document D / B 115 shown in FIG. 18 through the membership (or login) information (2105). .

According to an embodiment of the present invention, at least one digital document (for example, a digital document to be converted into a predetermined electronic document) matching the registration (or login) information in the document D / B 115 shown in FIG. Document), the server confirms that the digital document (or paper document) should be converted into a predetermined electronic document.

If it is determined that the digital document (or paper document) does not need to be converted into a predetermined electronic document (for example, matching the registration (or login) information to the document D / B 115 shown in FIG. If at least one digital document does not exist (2110), the server terminates the process of converting at least one digital document (or paper document) into an electronic document.

On the other hand, if the digital document (or paper document) needs to be converted into a predetermined electronic document as a result of the verification (e.g., at least the document D / B 115 shown in FIG. 18 matches the membership (or login) information. If there is more than one digital document) (2110), the server extracts (2115) at least one or more digital documents to be converted into a predetermined electronic document from document D / B 115 shown in FIG. Generate (or extract) a predetermined electronic document switching interface screen including a document (2120), and provide and output an electronic document switching interface screen including the extracted digital document to the terminal through a predetermined network means ( 2125).

Thereafter, the terminal checks the digital document through the electronic document switching interface screen, and confirms whether the user approves the conversion of the digital document (or paper document) into a predetermined electronic document (2130).

According to an embodiment of the present invention, when a procedure of attaching a predetermined electronic signature to the digital document is initiated through the public certificate of the customer, the customer converts the digital document (or paper document) into a predetermined electronic document. It is considered to be approved.

If the terminal is approved to convert the digital document (or paper document) into a predetermined electronic document (2135), the terminal attaches the electronic signature of the customer to the digital document through a predetermined certificate (2140) ), A predetermined electronic document corresponding to the digital document (or paper document) is generated.

Thereafter, the terminal performs an encryption procedure for the electronic document (eg, a digital document with a customer electronic signature attached) (2145), and transmits the encrypted electronic signature to the server through a predetermined network means (2150). ).

22 is a diagram illustrating a process of registering an electronic document in an electronic document repository according to another embodiment of the present invention.

In more detail, in FIG. 22, when a predetermined electronic document is generated through the digital document (or paper document) through the process illustrated in FIG. 21, the drawing 22 registers the generated electronic document in a predetermined electronic document repository. For example, those skilled in the art to which the present invention pertains may refer to and / or modify this drawing 22 to transfer a predetermined electronic document generated from the digital document (or paper document) to a predetermined electronic document repository. Various implementation methods for registering may be inferred, but the present invention encompasses all of the inferred implementation methods, and the present invention is not limited to this figure.

In the following figure, the digital signature registration server shown in FIG. 18 is referred to as " server " for convenience.

Referring to FIG. 22, when a predetermined electronic document is generated, encrypted and transmitted from the customer terminal 475 through the process illustrated in FIG. 21, the server receives the encrypted electronic document and the customer terminal 475. In step 2200, a decryption procedure for decrypting the electronic document is performed by using a predetermined decryption method corresponding to the encryption method performed in step 2).

Thereafter, the server verifies the validity of the electronic document by checking the electronic signature included in the electronic document (2205). If the validity of the electronic document is not authenticated (2210), the server checks the electronic signature. Generating validity error information for the document is generated and transmitted to the customer terminal 475 (2215), and the process of registering the electronic document in a predetermined electronic document storage is terminated.

On the other hand, if the validity of the electronic document is authenticated (2210), the server transmits the electronic document of the validity is authenticated to the electronic document management server 100 to request to register in the electronic document storage (2220), In response, the electronic document management server 100 receives the electronic document and stores the electronic document in a predetermined storage medium (2225).

Thereafter, the electronic document management server 100 generates an electronic document registration result for the electronic document and transmits it to the server (for example, a financial institution) (2230). Disposal procedures for paper documents converted to electronic documents can be performed.

FIG. 23 is a diagram illustrating a method for generating an electronic signature by attaching an electronic signature to a digital document in the client terminal 475 according to an embodiment of the present invention.

More specifically, FIG. 23 illustrates an implementation method of generating a predetermined electronic document by attaching an electronic signature to a digital document provided from the electronic document registration server 400 in the customer terminal 475. In the art, various embodiments of the present invention can be inferred by referring to and / or modifying the present invention 23 and digitally processing the digital document in the client terminal 475. It includes all implementation methods and is not limited to the implementation method shown in FIG.

In this figure 23 according to the embodiment of the present invention, the customer private key is preferably read from the public certificate provided in the customer terminal 475, and the public certificate is provided in the customer terminal 475. Stored in a memory unit and / or stored in an ID-000 type IC chip (or IC card) mounted on or detached from the customer terminal 475, and / or a predetermined IC in the customer terminal 475 When a card reader is provided, it is possible to store all of the IC card inserted into the IC card reader, and the present invention is not limited thereto.

Referring to FIG. 23, if it is approved to convert the digital document (or paper document) into a predetermined electronic document (2300), the customer terminal 475 is a predetermined one-way hash function (e.g., the length of the digital document). A one-way hash function that generates a Message Digest that contains a hash code of any length, and cannot identify (or infer) the original message via the hash code (or message digest). Hash Function) The sender and the receiver generate a predetermined message digest from the digital document through the same hash function (2305).

Here, the one-way hash function is defined as a one-way hash function that is the same as the hash function defined in the electronic document registration server 400 for confirming the electronic signature shown in FIG. 23.

Thereafter, the customer terminal 475 extracts a predetermined customer private key for encrypting the message digest from the authorized certificate (2310), and encrypts the message digest using the extracted customer private key (2315).

Here, the encryption function of the customer terminal 475 is called E (Encryption), the customer private key is k1 (key), the message digest is M (Messge digest), and the message digest encrypted with the customer private key is C. In the case of (Ciphertext), the encryption function of the customer terminal 475 can be expressed by a formula such as "Ek1 (M) = C".

According to an embodiment of the present invention, the algorithm for encrypting the message digest by the customer terminal 475 via the customer private key includes RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), and DH. (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, at least one of the ECDH is preferably included. In addition to the various encryption algorithms may be used, the present invention by a specific encryption algorithm It is not limited.

For example, in the case of encrypting the message digest through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a- 1) (b-1) ", wherein the encryption function of the customer terminal 475 may be expressed as" C = Ek1 (M) = Me mod n ".

Thereafter, the customer terminal 475 connects the digital document and the message digest encrypted with the customer private key to generate a predetermined electronic document (2320), and the generated electronic document is then encrypted using at least one encryption method. Can be.

24 is a diagram illustrating a method for confirming an electronic signature attached to an electronic document in the electronic document registration server 400 according to an embodiment of the present invention.

In more detail, FIG. 24 shows an operation of checking the customer electronic signature attached to an electronic document generated by attaching a customer electronic signature to a predetermined digital document from the customer terminal 475 at the electronic document registration server 400. As to a method, if one of ordinary skill in the art to which the present invention pertains, the electronic signature for the electronic document attached to the electronic signature in the customer terminal 475 by referring to and / or modifying the drawing 24. Various implementation methods for identifying may be inferred, but the present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 24 according to an embodiment of the present invention, the customer public key for confirming the electronic signature is preferably extracted from a predetermined directory operated and managed by a certification authority that issues the certificate to the client terminal 475. And / or a copy of the certificate including the customer public key may be further received from the customer terminal 475 and received by the electronic document registration server 400 (not shown), thereby limiting the present invention. No.

Referring to FIG. 24, when a predetermined electronic document is provided to the validity authenticator 430 (2400), the validity authenticator 430 is a predetermined directory and / or the authorized certificate operated and managed by the certification authority. A customer public key for decrypting the message digest encrypted with the customer private key is extracted (2405), and the encrypted message digest is decrypted using the extracted customer public key (2410).

Here, the decryption function of the digital signature verification unit is called D (Decryption), the message digest encrypted with the customer public key k2 (key), the message digest encrypted with the customer private key C (Ciphertext), and the customer public key. When M is a message digest, the digital signature verification unit may decrypt the encrypted message digest by using a formula such as "Dk2 = M, or Dk2 (Ek (M)) = M".

According to the embodiment of the present invention, the algorithm for decrypting the message digest encrypted by the customer private key in the customer terminal 475 through the customer public key, RSA (Ron Rivest, Adi Shamir, Len Adleman) (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, ECDH, or at least one of the following. However, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

For example, in the case of decoding the message digest through the RSA decryption algorithm, among the decryption algorithms, n is a published method used in the decryption process, n is a non-disclosed prime number with different prime factors of n and a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). ) (b-1) ", wherein the decryption function of the digital signature verification unit may be expressed as" M = Dk2 = Cd mod n ".

Thereafter, the validity authentication unit 430 generates a predetermined message digest by applying a one-way hash function that is the same as the one-way hash function generated by the client terminal 475 to the digital document included in the electronic document. In operation 2420, the validity of the electronic document is verified by comparing the generated message digest with the decrypted message digest.

If the generated message digest coincides with the decrypted message digest (2425), the validity authentication unit 430 determines the confidentiality, authentication, integrity, and nonrepudiation of the electronic document. Non-repudiation) and the like are secured to confirm the digital signature (2430).

On the other hand, if the generated message digest and the decrypted message digest do not match (2425), the validity authentication unit 430 processes the electronic document as invalid.

FIG. 25 is a diagram illustrating a method for encrypting and transmitting an electronic document in a symmetric key (or secret key) method in a client terminal 475 according to an embodiment of the present invention.

More specifically, FIG. 25 is a method for encrypting and transmitting an electronic document in a symmetric key (or secret key) method in a customer terminal 475 equipped with an encryption function as shown in FIG. 4. Those skilled in the art may refer to and / or modify this drawing 25 to implement various methods of encrypting the electronic document in a symmetric key (or secret key) manner at the client terminal 475 on the network means. It may be inferred, but the present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 25 according to the embodiment of the present invention, the symmetric key (or secret key) is preferably read from the official certificate provided in the customer terminal 475, the public certificate is the customer terminal 475 Stored in a predetermined memory unit and / or stored in an ID-000 type IC chip (or IC card) mounted on or detached from the customer terminal 475, and / or the customer terminal 475 In the case where a predetermined IC card reader is provided, all of them can be stored in an IC card inserted into the IC card reader, and the present invention is not limited thereto.

According to another embodiment of the present invention, the symmetric key (or secret key) is stored in the memory unit provided in the customer terminal 475 in addition to the public certificate, and / or from the electronic document registration server 400 to the customer terminal. It can be included in the interface screen provided in 475, and / or embedded in a communication program communicating with the electronic document registration server 400 on the customer terminal 475, thereby limiting the anti-invention. Not.

Referring to FIG. 25, when a predetermined electronic document is generated by attaching a predetermined electronic document to the digital document in the customer terminal 475 (2500), the customer terminal 475 is provided in the customer terminal 475. A predetermined symmetric key (or secret key) for encrypting the electronic document is read from the authorized certificate (2505), and the electronic document is encrypted through the read symmetric key (or secret key) (2510).

Here, the encryption function of the customer terminal 475 is called E (Encryption), the symmetric key (or secret key) is k (key), the electronic document is P (Plaintext), and the symmetric key (or secret key). If the electronic document encrypted with C) is C (Ciphertext), the encryption function of the customer terminal 475 can be expressed by a formula such as "Ek (P) = C".

According to an embodiment of the present invention, the algorithm for encrypting the electronic document through the symmetric key (or secret key) by the customer terminal 475 may include SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA. It is preferable to include at least one or more of the International Data Encryption Algorithm, and in addition, various types of encryption algorithms may be used, but the present invention is not limited to a specific encryption algorithm.

The electronic document encrypted through the symmetric key (or secret key) as described above is transmitted (2515) to the electronic document registration server 400 through a predetermined network means.

FIG. 26 illustrates a method of decrypting an electronic document encrypted and received by the electronic document registration server 400 using a symmetric key (or secret key) method according to an embodiment of the present invention.

In more detail, FIG. 26 shows a symmetric key (or a secret key) in the electronic document registration server 400 as shown in FIG. 4 for receiving the electronic document encrypted from the customer terminal 475 having an encryption function as shown in FIG. The present invention relates to an embodiment of a method for decrypting by using a method of decrypting the electronic device, and the method of decrypting the encrypted electronic device in the client terminal 475 on the network means by referring to and / or modifying the present invention. Various implementation methods for decrypting a document in a symmetric key (or secret key) manner may be inferred, but the present invention includes all the inferred implementation methods and is not limited to the implementation method shown in FIG.

In this figure 26 according to the embodiment of the present invention, the symmetric key (or secret key) is preferably read from the public certificate provided in the electronic document registration server 400, the public certificate is the electronic document registration server It is preferably stored in a predetermined database (not shown) that cooperates with 400, whereby the present invention is not limited.

Referring to FIG. 26, the document receiving unit 105 of the electronic document registration server 400 receives the encrypted electronic document through the network means and provides the encrypted electronic document to the validity authentication unit 430 (2600). The document is preferably received via a communication protocol stack defined in said network means.

Thereafter, the validity authentication unit 430 extracts a predetermined symmetric key (or secret key) for decrypting the encrypted electronic document from the public certificate provided in the electronic document registration server 400 (2605). The encrypted electronic document is decrypted using the extracted symmetric key (or secret key) (2610).

Here, the decryption function of the validity authentication unit 430 is called D (Decryption), the symmetric key (or secret key) is k (key), and the electronic document encrypted with the symmetric key (or secret key) is C ( Ciphertext) and the electronic document to be decrypted are P (Plaintext), the function of the validity authentication unit 430 decrypting the encrypted electronic document is "Dk = P, or Dk (Ek (P)) = P". Can be expressed as an expression such as "

According to the embodiment of the present invention, the algorithm for decrypting the encrypted electronic document by the validity authentication unit 430 using the symmetric key (or secret key) may include SEED, DES (Data Encryption Standard), Triple-DES, It is preferable to include at least one or more of Skipjack, International Data Encryption Algorithm (IDEA), and various types of decryption algorithms may be used, but the decryption algorithm matches the encryption algorithm used in the customer terminal 475. The present invention is not limited to the specific decoding algorithm.

When the electronic document encrypted through the symmetric key (or secret key) is decrypted as described above, the validity authentication unit 430 checks the electronic signature attached to the electronic document.

FIG. 27 is a diagram illustrating a method for encrypting and transmitting an electronic document in a public key infrastructure in a client terminal 475 according to an embodiment of the present invention.

More specifically, Figure 27 is an embodiment of the method for encrypting and transmitting the electronic document in a public key infrastructure structure in the customer terminal 475 equipped with an encryption function as shown in Figure 4, in the technical field to which the present invention belongs Persons of ordinary skill in the art may refer to and / or modify this drawing 27 to infer various implementation methods for encrypting the electronic document in a public key manner at the client terminal 475 on the network means. Includes all the inferred implementation methods and is not limited to the implementation method illustrated in FIG.

In this figure 27 according to the embodiment of the present invention, the financial company public key is preferably read from the public certificate provided in the customer terminal 475, and the public certificate is provided in the customer terminal 475. Stored in a memory unit and / or stored in an ID-000 type IC chip (or IC card) mounted on or detached from the customer terminal 475, and / or a predetermined IC in the customer terminal 475 When a card reader is provided, it is possible to store all of the IC card inserted into the IC card reader, and thus the present invention is not limited thereto.

Alternatively, the public company public key may be extracted from a predetermined directory (not shown) which is operated and managed by a certification authority that issues the public certificate to the customer terminal 475, and the present invention is not limited thereto.

Referring to FIG. 27, when a predetermined electronic document is generated by attaching a predetermined electronic document to the digital document in the customer terminal 475 (2700), the customer terminal 475 receives the electronic document from the authorized certificate. A predetermined financial company public key for encryption is extracted (2705), and the electronic document is encrypted using the extracted financial company public key (2710).

Herein, the encryption function of the customer terminal 475 is called E (Encryption), the financial company public key is k1 (key), the electronic document is P (Plaintext), and the electronic document encrypted with the financial company public key is C ( Ciphertext), the encryption function of the customer terminal 475 can be expressed by an expression such as "Ek1 (P) = C".

According to an embodiment of the present invention, the algorithm for encrypting the electronic document by the customer terminal 475 through the public company public key includes RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), and DH. (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, at least one of the ECDH is preferably included. In addition to the various encryption algorithms may be used, the present invention by a specific encryption algorithm It is not limited.

For example, in the case of encrypting the electronic document through the RSA encryption algorithm among the encryption algorithms, the published method (Modulus) used in the encryption process is n, and the undisclosed prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the customer terminal 475 may be expressed as" C = Ek1 (P) = Pe mod n ".

The electronic document encrypted through the financial company public key as described above is transmitted to the electronic document registration server 400 through a predetermined network means (2715).

28 is a diagram illustrating a method of decrypting an electronic document encrypted and received by the electronic document registration server 400 in a public key infrastructure according to an embodiment of the present invention.

More specifically, FIG. 28 is a public key infrastructure structure of the electronic document registered in the electronic document registration server 400 as shown in FIG. 4 and received from the customer terminal 475 having the encryption function as shown in FIG. The present invention relates to an embodiment of the present invention, which, if known to those skilled in the art, is encrypted with the financial company public key in the client terminal 475 on the network means by referring to and / or modifying the present invention. Various implementation methods for decrypting an electronic document in a public key infrastructure structure may be inferred, but the present invention includes all the inferred implementation methods and is not limited to the implementation method shown in FIG.

In FIG. 28 according to an embodiment of the present invention, the financial company private key for decrypting the electronic document encrypted with the public company public key in a public key infrastructure is read from the public certificate provided in the electronic document registration server 400. Preferably, the public certificate is preferably stored in a predetermined database (not shown) interworking with the electronic document registration server 400, whereby the present invention is not limited.

Referring to FIG. 28, the document receiving unit 105 of the electronic document registration server 400 receives an encrypted electronic document through the network means and provides it to the validity authentication unit 430 (2800). Is preferably received via a communication protocol stack defined in said network means.

Thereafter, the validity authentication unit 430 extracts a financial company private key for decrypting the encrypted electronic document from the public certificate provided in the electronic document registration server 400 (2805), and extracts the extracted financial company private key. In operation 2810, the encrypted electronic document is decrypted.

Here, the decryption function of the validity authentication unit 430 is called D (Decryption), and the financial document private key is k2 (key), and the electronic document encrypted with the financial company public key is decrypted with C (Ciphertext) and the financial company private key. When the electronic document is called P (Plaintext), the function of decrypting the encrypted electronic document by the validity authentication unit 430 may be expressed by a formula such as "Dk2 = P, or Dk2 (Ek (P)) = P". Can be.

According to an embodiment of the present invention, an algorithm for the validity authentication unit 430 to decrypt the electronic document encrypted with the financial company public key in the customer terminal 475 through the private financial company private key is RSA (Ron Rivest, Adi Shamir, Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. However, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

For example, when the electronic document is decrypted through an RSA decryption algorithm among the public key based decryption algorithms, n is a public method (Modulus) used in the decryption process and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decryption function of the validity authentication unit 430 may be expressed as" P = Dk2 = Cd mod n ".

When the electronic document encrypted with the financial company public key is decrypted by the financial terminal private key as described above, the validity authentication unit 430 checks the electronic signature attached to the electronic document.

FIG. 29 is a diagram illustrating a method of encrypting and transmitting an electronic document in an electronic envelope method in a customer terminal 475 according to an embodiment of the present invention.

More specifically, Figure 29 is an embodiment of the method for encrypting and transmitting the electronic document in an electronic envelope method in the customer terminal 475 equipped with an encryption function as shown in Figure 4, which is common in the art With knowledge, it would be possible to infer various implementation methods of encrypting the electronic document in an electronic envelope manner at the client terminal 475 on the network means by referring to and / or modifying this figure 29, It includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 29 according to the embodiment of the present invention, the financial company public key is preferably read from the public certificate provided in the customer terminal 475, and the public certificate is provided in the customer terminal 475. Stored in a memory unit and / or stored in an ID-000 type IC chip (or IC card) mounted on or detached from the customer terminal 475, and / or a predetermined IC in the customer terminal 475 When a card reader is provided, it is possible to store all of the IC card inserted into the IC card reader, and the present invention is not limited thereto.

Alternatively, the public company public key may be extracted from a predetermined directory (not shown) which is operated and managed by a certification authority that issues the public certificate to the customer terminal 475, and the present invention is not limited thereto.

Referring to FIG. 29, when a predetermined electronic document is generated by attaching a predetermined electronic document to the digital document in the customer terminal 475 (2900), the customer terminal 475 secrets the electronic document. A predetermined random secret key for encrypting using a key, symmetric key) is generated (2905), and the electronic document is encrypted using the generated secret key (2910).

Here, the encryption function of the customer terminal 475 is called E (Encryption), the secret key is r (random secret key), the electronic document is P (Plaintext), and the electronic document encrypted with the secret key is C ( Ciphertext), the encryption function of the customer terminal 475 can be expressed by a formula such as "Er (P) = C".

According to an embodiment of the present invention, the algorithm for encrypting the electronic document by the customer terminal 475 using the secret key includes SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, and International Data Encryption Algorithm (IDEA). It is preferable to include at least one of), and in addition to the encryption algorithm of various forms may be used, but the present invention is not limited by a specific encryption algorithm.

Thereafter, the client terminal 475 encrypts the secret key (random secret key) used to encrypt the electronic document. For this purpose, the client terminal 475 extracts a predetermined financial company public key from the public certificate ( 2915), the private key is encrypted using the financial company public key (2920).

Here, the encryption function of the customer terminal 475 is referred to as E (Encryption), the financial company public key is k1 (key), the secret key is r (random Secret key), and the private key encrypted with the financial company public key. Speaking of C (Ciphertext), the encryption function of the customer terminal 475 can be expressed by an expression such as "Ek1 (r) = C".

According to an embodiment of the present invention, the algorithm for the customer terminal 475 to encrypt the secret key through the financial company public key is RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), DH. (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, at least one of the ECDH is preferably included. In addition to the various encryption algorithms may be used, the present invention by a specific encryption algorithm It is not limited.

For example, in the case of encrypting the secret key through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the customer terminal 475 may be expressed as" C = Ek1 (r) = re mod n ".

If the electronic document is encrypted with the secret key, and the secret key is encrypted with the financial company public key, the customer terminal 475 associates the electronic document encrypted with the secret key with the private key encrypted with the financial company public key. Data is transmitted to the electronic document registration server 400 through a predetermined network means (2925).

30 is a diagram illustrating a method of decrypting an electronic document encrypted and received by the electronic document registration server 400 in an electronic envelope method according to an embodiment of the present invention.

In more detail, FIG. 30 shows the transaction data in the electronic document registration server 400 as shown in FIG. 4, which receives transaction data including an encrypted electronic document from the customer terminal 475 having an encryption function as shown in FIG. The present invention relates to a method of decrypting by an electronic envelope method, and if the present invention belongs to one of ordinary skill in the art, referring to and / or modifying this drawing 30, the electronic terminal at the customer terminal 475 on the network means Various implementation methods for decrypting the envelope-encrypted transaction data in the same electronic envelope method may be inferred, but the present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG. .

In this figure 30 according to the embodiment of the present invention, the financial company private key for decrypting the transaction data in an electronic envelope method is preferably read from the public certificate provided in the electronic document registration server 400, the public certificate Is preferably stored in a predetermined database (not shown) in conjunction with the electronic document registration server 400, thereby the present invention is not limited.

Referring to FIG. 30, the document receiving unit 105 of the electronic document registration server 400 receives predetermined transaction data including an encrypted electronic document through the network means and provides it to the validity authentication unit 430. Preferably, the transaction data is received via a communication protocol stack defined in the network means.

Thereafter, the validity authentication unit 430 extracts a financial company private key for decrypting the encrypted secret key included in the transaction data from the public certificate provided in the electronic document registration server 400 (3005), and the extraction Decrypting the secret key encrypted with the financial company public key in the customer terminal 475 through the financial company private key (3010), extracts a predetermined secret key for decrypting the electronic document (3015), the extracted secret The electronic document is decrypted using a key (3020), and the electronic device (475) extracts the electronic document encrypted with the secret key (3025).

Here, the decryption function of the validity authentication unit 430 is referred to as D (Decryption), and the financial company private key is k2 (key), and the private key encrypted with the financial company public key is decrypted with C (Ciphertext) and the financial company private key. If the secret key is r (random secret key), the function of decrypting the encrypted secret key by the validity authentication unit 430 is expressed as "Dk2 = r, or Dk2 (Ek1 (r)) = r". It can be expressed as

According to an embodiment of the present invention, an algorithm for the validity authentication unit 430 to decrypt the private key encrypted with the financial company public key in the client terminal 475 through the private financial key, RSA (Ron Rivest, Adi Shamir, Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. However, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the secret key through the RSA decryption algorithm among the public key-based decryption algorithms, n is a public method (Modulus) used in the decryption process, and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decryption function of the validity authentication unit 430 may be expressed as" P = Dk2 = Cd mod n ".

Here, the decryption function of the validity authentication unit 430 is called D (Decryption), the secret key is r (random secret key), the electronic document encrypted with the secret key (C (Ciphertext)), and the decrypted When the electronic document is called P (Plaintext), the function of decrypting the encrypted electronic document by the validity authentication unit 430 may be expressed by a formula such as "Dr = P or Dr (Er (P)) = P". have.

According to the exemplary embodiment of the present invention, the algorithm for decrypting the encrypted electronic document by the validity authentication unit 430 may include SEED, Data Encryption Standard (DES), Triple-DES, Skipjack, and IDEA (International). It is preferable to include at least one or more of the Data Encryption Algorithm, and various types of decryption algorithms may be used, but the decryption algorithm is matched with the encryption algorithm used in the customer terminal 475. However, the present invention is not limited to the specific decoding algorithm.

When the electronic document is decrypted as described above, the validity authentication unit 430 performs a process of confirming the electronic signature attached to the electronic document.

31 is a diagram illustrating a method for encrypting and transmitting an electronic document in a key exchange method in a customer terminal 475 according to an embodiment of the present invention.

More specifically, FIG. 31 is an embodiment of a method of encrypting and transmitting the electronic document by a key exchange method in a customer terminal 475 equipped with an encryption function as shown in FIG. 4, and is commonly known in the art. With reference to FIG. 31 and / or modifications, it is possible to infer various implementation methods for encrypting the entire consultation by key exchange in the client terminal 475 on the network means. It includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 31 according to the embodiment of the present invention, the customer private key and the financial company public key are preferably read from the public certificate provided in the customer terminal 475, and the public certificate is provided to the customer terminal 475. Stored in a predetermined memory unit and / or stored in an ID-000 type IC chip (or IC card) mounted on or detached from the customer terminal 475, and / or the customer terminal 475 In the case where a predetermined IC card reader is provided, all of them can be stored in an IC card inserted into the IC card reader, and the present invention is not limited thereto.

Alternatively, the customer private key and financial company public key may be extracted from a predetermined directory (not shown) operated and managed by a certification authority issuing the certificate to the customer terminal 475, whereby the present invention is provided. It is not limited.

Referring to FIG. 31, when a predetermined electronic document is generated by attaching a predetermined electronic document to the digital document in the customer terminal 475 (3100), the customer terminal 475 hashes the electronic document by a predetermined one-way hash. Create a message digest including a hash code of a predetermined length regardless of the length of the electronic document, and check the original message through the hash code (or message digest). Or a one-way hash function that cannot be inferred.The client terminal 475 and the electronic document registration server 400 use the same hash function to generate a predetermined message digest (3105). Digitally signing 3110 by encrypting the digest with the customer private key.

Here, the encryption function of the customer terminal 475 is called E (Encryption), the customer private key is t1 (32erminal side key), the message digest is m (message digest), and the message digest encrypted with the customer private key. If C (Ciphertext), the digital signature function of the customer terminal 475 can be expressed by a formula such as "Et1 (m) = C".

According to an embodiment of the present invention, the algorithm for encrypting the message digest by the customer terminal 475 via the customer private key includes RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), and DH. (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, at least one of the ECDH is preferably included. In addition to the various encryption algorithms may be used, the present invention by a specific encryption algorithm It is not limited.

For example, in the case of encrypting the message digest through the RSA encryption algorithm, among the encryption algorithms, a public method (Modulus) used in the encryption process is n, and a decimal number that is not disclosed by the different prime factors of n is a. b, if the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a- 1) (b-1) ", wherein the digital signature function of the customer terminal 475 may be expressed as" C = Et1 (m) = me mod n ".

In addition, the client terminal 475 generates a predetermined random secret key for encrypting the electronic document using a secret key (symmetric key) method (3115), and the electronic document and the customer. The message digest encrypted with the private key and a copy of a certificate (for example, a certificate including a customer public key) included in the public certificate are linked to each other and encrypted through the generated private key (3120).

Here, the encryption function of the client terminal 475 is called E (Encryption), the secret key is r (random secret key), the electronic document and the copy of the certificate P (Plaintext), and the electronic document encrypted with the secret key And a copy of the certificate C (Ciphertext), the encryption function of the customer terminal 475 can be expressed by a formula such as "Er (P) = C".

According to the method of the present invention, the algorithm for encrypting the electronic document and the copy of the certificate through the secret key, the customer terminal 475, SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA (International) It is preferable to include at least one or more of Data Encryption Algorithm, and in addition, various types of encryption algorithms may be used, but the present invention is not limited to a specific encryption algorithm.

In addition, the client terminal 475 extracts a predetermined financial company public key from the authorized certificate to encrypt the private key that encrypts the electronic document (3125), and encrypts the electronic document using the financial company public key. One private key is encrypted (3130).

Here, the encryption function of the customer terminal 475 is called E (Encryption), the financial company public key is s1 (server side key), the secret key is r (random Secret key), and the secret encrypted with the financial company public key. If the key is C (Ciphertext), the encryption function of the customer terminal 475 can be expressed by an expression such as "Es1 (r) = C".

According to an embodiment of the present invention, the algorithm for the customer terminal 475 to encrypt the secret key through the financial company public key is RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), DH. (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, at least one of the ECDH is preferably included. In addition to the various encryption algorithms may be used, the present invention by a specific encryption algorithm It is not limited.

For example, in the case of encrypting the secret key through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the customer terminal 475 may be expressed as" C = Es1 (r) = re mod n ".

When the electronic document, the message digest encrypted with the customer private key, and a copy of the certificate including the customer public key are linked to each other and encrypted through the generated private key, and the secret key is encrypted through the financial company public key, The client terminal 475 associates a copy of a certificate including the electronic document encrypted with the private key, the message digest encrypted with the customer private key, and the customer public key with a private key encrypted with the financial company public key. The transaction data is generated, and the generated transaction data is transmitted to the electronic document registration server 400 through a predetermined network means (3135).

32A and 32B illustrate a method of decrypting an electronic document encrypted and received by the electronic document registration server 400 in a key exchange method according to an embodiment of the present invention.

In more detail, FIGS. 32A and 32B illustrate an electronic document registration server 400 as shown in FIG. 4, which receives transaction data including an encrypted electronic document from a customer terminal 475 having an encryption function as shown in FIG. 4. The present invention relates to a method of decrypting the transaction data in a key exchange method, and if the present invention belongs to a general knowledge, the user terminal 475 on the network means by referring to and / or modifying the drawing 32. However, various implementation methods for decrypting the transaction data encrypted by the key exchange scheme in the same key exchange scheme may be inferred, but the present invention includes all the inferred implementation methods, and the implementation method illustrated in FIG. It is not limited to this.

In the figure 32 according to the embodiment of the present invention, the financial company private key and the customer public key for decrypting the transaction data in a key exchange method are preferably read from the public certificate provided in the electronic document registration server 400. In addition, the public certificate is preferably stored in a predetermined database (not shown) interworking with the electronic document registration server 400, and thus the present invention is not limited thereto.

Referring to FIGS. 32A and 32B, the document receiving unit 105 of the electronic document registration server 400 receives the transaction data including the encrypted electronic document through the network means (3200) and stores the transaction data. It is provided to the validity authentication unit 430 (3205), the transaction data is preferably received via a communication protocol defined in the network means, and / or with the electronic document and the customer private key encrypted with the secret key And a copy of the certificate including the encrypted message digest and the customer public key, and the private key encrypted with the financial institution public key.

Thereafter, the validity authentication unit 430 extracts the financial company private key from the authorized certificate provided in the electronic document registration server 400 to decrypt the private key encrypted with the financial company public key (3210), and the financial company individual. By decrypting the secret key through a key (3215), the secret key for decrypting a copy of the certificate including the message digest encrypted with the electronic document and the customer private key and the customer public key is extracted (3220).

Here, the decryption function of the validity authentication unit 430 is referred to as D (Decryption), the private bank key is s2 (server side key), the private key encrypted with the bank public key is C (Ciphertext), and the bank private When a secret key decrypted with a key is r (random secret key), the function of the validity authentication unit 430 to decrypt the encrypted secret key is "Ds2 = r, or Ds2 (Es1 (r)) = r" and The same formula can be used.

According to an embodiment of the present invention, the algorithm that the validity authentication unit 430 decrypts the secret key encrypted with the financial company public key in the customer terminal 475 through the financial company private key, RSA (Ron Rivest, Adi Shamir, Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. However, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the secret key through the RSA decryption algorithm among the public key-based decryption algorithms, n is a public method (Modulus) used in the decryption process, and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decryption function of the validity authentication unit 430 may be expressed as" P = Ds2 = Cd mod n ".

When the secret key is extracted as described above, the validity authentication unit 430 decrypts a copy of the certificate including the message digest and the customer public key encrypted with the electronic document and the customer private key using the extracted secret key. Thereby extracting a copy of the certificate including the electronic document encrypted with the private key, the message digest encrypted with the customer private key, and the customer public key.

Here, the decryption function of the validity authentication unit 430 is called D (Decryption), the secret key is r (random secret key), the electronic document encrypted with the secret key and the message digest encrypted with the customer private key and the If the copy of the certificate containing the customer public key is C (Ciphertext), and the copy of the certificate containing the decrypted electronic document and the customer private key and the copy of the certificate containing the customer public key is P (Plaintext), the validity The function of the authentication unit 430 decrypting the copy of the certificate including the encrypted message and the message digest encrypted with the customer private key is "Dr = P, or Dr (Er (P)) =". It can be expressed by an expression such as "P".

According to an embodiment of the present invention, the validity authentication unit 430 decrypts a copy of a certificate including the message digest encrypted with the encrypted electronic document and the customer private key and the customer public key through the secret key. Is preferably made of at least one of SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, and International Data Encryption Algorithm (IDEA), and various types of decryption algorithms may be used. The algorithm is characterized in that it matches the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

In addition, the validity authentication unit 430 decrypts the message digest encrypted with the customer private key through the customer public key (3230), thereby generating a message digest generated and transmitted from the electronic document by the customer terminal (475). Extract (3235).

Here, the decryption function of the validity authentication unit 430 is called D (Decryption), the customer public key is t2 (terminal side key), the message digest encrypted with the customer private key is C (Ciphertext), and the customer is disclosed. If the message digest to be decrypted with a key is m (Message Digest), the function of the validity authentication unit 430 to decrypt the encrypted message digest is "Dt2 = m, or Dt2 (Es1 (r)) = m". It can be expressed as an expression.

According to an embodiment of the present invention, an algorithm for the validity authentication unit 430 to decrypt a message digest encrypted with the customer private key in the customer terminal 475 through the customer public key may be RSA (Ron Rivest, Adi Shamir, Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. However, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the customer terminal 475, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the message digest through the RSA decryption algorithm of the public key-based decryption algorithm, n is a public method (Modulus) used in the decryption process and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decryption function of the validity authentication unit 430 may be expressed as" P = Dt2 = Cd mod n ".

Thereafter, the validity authentication unit 430 generates a predetermined message digest through the same one-way hash function of the received electronic document (3240), and then generates the generated message digest and the decrypted message. By comparing the message digest (3245), the validity of the received electronic document is verified.

If the generated message digest and the decrypted message digest match (3250), the validity authentication unit 430 performs a process of confirming the electronic signature attached to the electronic document.

According to the present invention, by converting a paper document to be managed by a financial institution for a period of time to an electronic document and stored in a predetermined electronic document storage, there is an advantage that can significantly reduce the cost of managing a large amount of paper documents.

According to the present invention, at least one paper document created between a financial institution and a financial transaction customer is converted into an electronic document and stored in a predetermined electronic document repository, whereby predetermined information processing technology is applied to the electronic document and / or computerized. There is an advantage that can be automated.

Claims (7)

Information confirmation means for confirming whether there is an electronic preliminary document (or paper document) which is already stored and managed in association with the customer when sending financial transaction related information (or data) to the customer; As a result of the confirmation, when the electronic document (or paper document) related to the customer exists, when the financial transaction related information (or data) is sent to the customer, the electronic document of the electronic document (or paper document) is converted to the customer. Information transmitting means for sending consent request information; An electronic document generating means for converting the digitalized preliminary document (or paper document) into an electronic document using the customer authentication means of the customer when the customer agrees to convert the electronic document; And And information storage means for storing and managing the converted electronic document in a predetermined storage medium. The method of claim 1, And information transmitting means for notifying the electronic document conversion agreement information of the customer and / or the electronic document conversion information of the digitalization preliminary document (or paper document) to a financial company server or a financial company branch terminal performing a financial transaction with the customer. Electronic document processing system, characterized in that made. The electronic document conversion processing means according to claim 1, Electronic document processing system characterized in that by using the customer's official certificate, to indicate the content identification and / or confirmation of the customer and / or self-created information on the generated electronic document. The method according to any one of claims 1 to 3, wherein each of the means, On a single server, or Electronic document processing system, characterized in that provided in a plurality of servers and / or terminal separately. Checking whether there is an electronic preliminary document (or a paper document) that is stored and managed by the customer in the predetermined information checking means; Sending the electronic document conversion consent request information of the electronic preliminary document (or paper document) to the customer by a predetermined information transmission means when the customer-prepared electronic document (or paper document) exists; If the customer agrees to convert the electronic document, converting the digitalized preliminary document (or paper document) into an electronic document using a customer authentication means of the customer in a predetermined electronic document generating means; And And storing and managing the converted electronic document in a predetermined storage medium by predetermined information storage means. The method of claim 5, Notifying, by a predetermined information transmission means, the electronic document conversion agreement information of the customer and / or the electronic document conversion information of the electronic document preliminary document (or paper document) to the financial company server or the financial company branch terminal performing the financial transaction with the customer. Electronic document processing method characterized in that it further comprises. A computer-readable recording medium having recorded thereon a program for executing the method of claim 5 or 6.

Images