KR20080096639A - Method for distributed payment by using transaction point devices - Google Patents

Abstract

A distributed payment method using a transaction point terminal is provided to build a lot of payment terminals necessary for a big supermarket or a department store with a small amount of costs through a card reader, a key input device, and a screen output device performing a man-machine interface function in a payment process and an unexpensive POT terminal including a man-machine interface integrated chip. A POT(Point Of Transaction) terminal(100) with an MMI(Man Machine Interface) for a payment process includes a controller(105), at least one card reader(110), an input device, an output device, a local area wireless communication device(135) and a battery. The controller has an MMI function for inputting at least one information for generating a predetermined payment authentication request telegram in a payment terminal connected through predetermined local area communication. At least one card reader reads customer payment means information from at least one customer card by associating with the controller. The input device inputs at least one information by associating with the controller. The output device outputs at least one information by associating with the controller. The local area wireless communication device connects a communication channel with the payment terminal through local area wireless communication. The battery supplies power to the POT terminal.

Description

Distributed payment method using transaction point terminal {Method for Distributed Payment by Using Transaction Point Devices}

1 is a diagram illustrating a functional configuration of a POT terminal having an MMI function for payment processing according to an embodiment of the present invention.

2 is a diagram illustrating a device configuration of a POT terminal having an MMI function for payment processing according to an embodiment of the present invention.

3 is a diagram illustrating a functional configuration of a POT terminal having a MMI function for payment processing and a payment terminal (or payment module) connected with short-range wireless communication according to an embodiment of the present invention.

4 is a diagram illustrating an operation process of a POT terminal performing an MMI function for payment processing according to an embodiment of the present invention.

5A and 5B illustrate an operation process of a POT terminal performing an MMI function for payment processing according to another exemplary embodiment of the present invention.

6 is a diagram illustrating an operation process of a POT terminal performing an MMI function for payment processing according to another exemplary embodiment of the present invention.

7 is a diagram illustrating a payment processing process corresponding to an MMI function for payment processing according to an embodiment of the present invention.

8 is a diagram illustrating a method for encrypting and transmitting payment information by a symmetric key (or secret key) method in a POT terminal according to an embodiment of the present invention.

9 is a diagram illustrating a method of decrypting payment information encrypted and received at a payment terminal by a symmetric key (or secret key) method according to an embodiment of the present invention.

10 is a diagram illustrating a method for encrypting and transmitting payment information in a public key infrastructure structure in a POT terminal according to an embodiment of the present invention.

11 is a diagram illustrating a method of decrypting payment information encrypted and received at a payment terminal in a public key based structure according to an embodiment of the present invention.

12 is a diagram illustrating a method for encrypting and transmitting payment information in an electronic envelope method in a POT terminal according to an embodiment of the present invention.

13 is a diagram illustrating a method of decrypting payment information encrypted and received by a payment terminal in an electronic envelope method according to an embodiment of the present invention.

14A and 14B illustrate a method of encrypting and transmitting payment information in a key exchange method in a POT terminal according to an embodiment of the present invention.

15A and 15B illustrate a method of decrypting encrypted payment information received at a payment terminal by a key exchange method according to an embodiment of the present invention.

FIG. 16 is a diagram illustrating a payment approval request process of a payment terminal (or payment module) to which a POT terminal having a MMI function for payment processing and short-range wireless communication is connected according to an embodiment of the present invention.

17 is a diagram illustrating a payment approval process according to an embodiment of the present invention.

18 is a diagram illustrating a payment processing procedure of a payment terminal (or payment module) connected to a POT terminal having a MMI function for payment processing and short-range wireless communication according to an embodiment of the present invention.

19 is a diagram illustrating a method of encrypting and transmitting payment processing details in a symmetric key (or secret key) method in a payment terminal according to an embodiment of the present invention.

20 is a diagram illustrating a method of decrypting a payment processing history encrypted and received at a POT terminal by a symmetric key (or secret key) method according to an embodiment of the present invention.

FIG. 21 is a diagram illustrating a method of encrypting and transmitting payment processing details in a public key infrastructure structure in a payment terminal according to an embodiment of the present invention.

22 is a diagram illustrating a method of decrypting a payment processing history encrypted and received by a POT terminal according to an embodiment of the present invention using a public key based structure.

FIG. 23 is a diagram illustrating a method of encrypting and transmitting payment processing details in an electronic envelope method in a payment terminal according to an embodiment of the present invention.

24 is a diagram illustrating a method of decrypting a payment processing history encrypted and received by a POT terminal according to an embodiment of the present invention by an electronic envelope method.

25A and 25B illustrate a method of encrypting and transmitting payment processing details in a key exchange method at a payment terminal according to an embodiment of the present invention.

26A and 26B illustrate a method of decrypting a payment processing history received encrypted by a POT terminal by a key exchange method according to an embodiment of the present invention.

<Description of main parts of drawing>

100: POT terminal 105: control unit

* 110: card reader 115: key input device

120: screen output device 125: print output device

130: digital signature device 135: wireless communication device

* 140: input / output interface 145: card information input unit

150: key input unit 155: screen output unit

160: print output unit 165: processor unit

170: execution memory 175: storage memory

180: encryption unit 185: decryption unit

190: communication interface

The present invention is a payment terminal (or payment module) and RF (Radio Frequency) communication, Bluetooth (BlueTooth) communication, Wireless LAN (Wireless LAN) communication, Wi-Fi (Wi-Fi) communication, UWB (Ultra Wide Band) provided in the merchant system) A short range wireless communication device for connecting a short range wireless communication channel through any one of the short range wireless communication means, a card reader providing a man-machine interface contact point to a customer card without processing a card reading function, and a key input function. A transaction point terminal device having a key input device for providing a man-machine interface contact for inputting a payment amount without processing, and a screen output device for providing a man-machine interface contact for outputting payment processing details without processing the screen output function. In the decentralized payment method used, control the man-machine interface function of the card reader to set the customer payment means from the customer card Reading (or card information) and controlling a man-machine interface function of the key input device to input payment amount information; and the read customer payment means information (or card information) and the input payment amount. Generating payment information including information and transaction point terminal information, controlling the operation of the short-range wireless communication device, and transmitting the generated payment information to the payment terminal (or payment module); Controlling the operation of the communication device to receive the payment processing details corresponding to the payment information; and controlling the man-machine interface function of the screen output device to output the payment processing details using the transaction point terminal. It relates to a distributed payment method.

The rapid development of information and communication technology is equipped with a customer payment means on a predetermined card medium (for example, MS (Magnetic Stripe) card, contact IC (Integrated Circuit card, contactless IC card, etc.), electronic through a predetermined payment terminal An electronic payment system that processes payments has become commercially available.

Herein, the payment terminal outputs a card reader reading customer payment means information (or card information) from the card medium, a key input device for inputting a predetermined payment amount, a screen output device for outputting a payment processing screen, and a payment receipt. A printing output device, a memory device for storing the affiliate store information (or terminal information), and an information processing device for generating a full text including the customer payment means information (or card information) and a payment amount and affiliate store information (or terminal information) And a communication device for transmitting the telegram to a bansa via a predetermined communication network, wherein each device configuration is connected through a predetermined interface device in the payment terminal.

Among the device components configuring the payment terminal, a card reader, a key input device, a screen output device, etc., which perform a man-machine interface function, should be provided in one terminal, but the components are compared with other device configurations. The unit price is low.

On the other hand, the information processing device, the print output device, and the communication device of the device constituting the payment terminal have a higher component cost than other device configurations.

Therefore, when the payment terminal is supplied to a large mart or department store that requires a large payment terminal, the initial investment cost is excessively input due to the increase in the parts cost.

An object of the present invention for solving the above problems, the payment terminal (or payment module) and RF (Radio Frequency) communication, Bluetooth (BlueTooth) communication, Wireless LAN (Wireless LAN) communication, Wi-Fi (Wi-Fi) provided in the merchant Short-range wireless communication device that connects short-range wireless communication channel through short-range wireless communication means of any one of communication and ultra wide band system (UWB) communication, and a man-machine interface contact point to a customer card without processing card reading function. A card reader, a key input device for providing a man-machine interface contact for input of a payment amount without processing a key input function, and a screen output device for providing a man-machine interface contact for outputting payment details without processing a screen output function. In the distributed payment method using a transaction point terminal having a device, the man-machine interface function of the card reader to control the image Reading customer payment means information (or card information) from a customer card, controlling the man-machine interface function of the key input device to input payment amount information, and reading the read customer payment means information (or card information); Generating payment information including the input payment amount information and transaction point terminal information, and controlling the operation of the short-range wireless communication device to transmit the generated payment information to the payment terminal (or payment module). Controlling the operation of the short-range wireless communication device to receive a payment processing history corresponding to the payment information; and controlling a man-machine interface function of the screen output device to output the payment processing history. It is to provide a distributed payment method using a transaction point terminal including.

The distributed payment method using a transaction point terminal according to the present invention, a payment terminal (or payment module) and RF (Radio Frequency) communication, Bluetooth (BlueTooth) communication, Wireless LAN (Wireless LAN) communication, Wi-Fi Short-range wireless communication device that connects a short-range wireless communication channel through short-range wireless communication means of any one of Wi-Fi (UWB) communication and ultra wide band system (UWB) communication, and a man-machine interface to a customer card without processing a card reading function. It provides a card reader that provides a contact point, a key input device that provides a man-machine interface contact point for payment amount input without processing key input function, and a man-machine interface contact point that outputs payment processing history without screen output function processing. In the distributed payment method using a transaction point terminal device having a screen output device, a man-machine interface of the card reader Controlling a function to read customer payment means information (or card information) from the customer card, controlling a man-machine interface function of the key input device to input payment amount information, and processing the read customer payment means; Generating payment information including information (or card information), the input payment amount information, and transaction point terminal information; controlling the operation of the short-range wireless communication device to control the generated payment information to the payment terminal (or Payment module), controlling the operation of the short-range wireless communication device to receive payment processing history corresponding to the payment information, and controlling the man-machine interface function of the screen output device to control the payment processing history. It characterized in that it comprises a step of outputting.

Hereinafter, with reference to the accompanying drawings and description will be described in detail the operating principle of the preferred embodiment of the present invention. However, the drawings and the following description shown below are for the preferred method among various methods for effectively explaining the features of the present invention, the present invention is not limited only to the drawings and description below. In addition, in the following description of the present invention, if it is determined that a detailed description of a related known function or configuration may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted. Terms to be described later are terms defined in consideration of functions in the present invention, which may vary according to intentions or customs of users or operators. Therefore, the definition should be made based on the contents throughout the present invention.

In addition, preferred embodiments of the present invention to be carried out below are provided in each system functional configuration to efficiently describe the technical components constituting the present invention, or system functions that are commonly provided in the technical field to which the present invention belongs. The configuration will be omitted, and described mainly on the functional configuration to be additionally provided for the present invention. If those skilled in the art to which the present invention pertains, it will be able to easily understand the function of the components that are conventionally used among the omitted functional configuration not shown below, and also the configuration omitted as described above The relationship between the elements and the components added for the present invention will also be clearly understood.

In addition, the following examples will be used to appropriately modify, integrate, or separate the terminology so that those skilled in the art to which the present invention pertains may clearly understand the present invention. The present invention is by no means limited thereto. For example, in the embodiment shown below, the transaction point terminal constituting the present invention is referred to as a "point of transaction (POT) terminal" for convenience.

As a result, the technical spirit of the present invention is determined by the claims, and the following examples are one means for efficiently explaining the technical spirit of the present invention to those skilled in the art to which the present invention pertains. It is only.

1 is a diagram illustrating a functional configuration of a POT terminal 100 having an MMI function for payment processing according to an embodiment of the present invention.

In more detail, Figure 1 is connected to the payment terminal (or payment module provided in the payment processing server provided in the affiliated store) provided in the affiliated store by short-range wireless communication, the predetermined payment in the payment terminal (or payment module) An embodiment of the present invention relates to a method of configuring a function of a point of transaction (POT) terminal 100 having a man-machine interface (MMI) function for inputting (or reading) at least one information for generating a full approval request. In more detail, an MMI for inputting (or reading) at least one or more pieces of information for generating a predetermined payment approval request message from a payment terminal (or payment module) connected through a predetermined short-range wireless communication through an MMI integration circuit chip. It is shown to provide a function.

Those skilled in the art to which the present invention pertains may refer to and / or modify this drawing 1 to infer the functional configuration of various POT terminals 100 equipped with the MMI function for payment processing. It is to be understood that the technical features of the present invention are not limited by the drawings, but include all the inferred implementation methods.

Referring to FIG. 1, the POT terminal 100 having the MMI function for payment processing is basically configured to generate at least a predetermined payment approval request message in a payment terminal (or payment module) connected through a predetermined short range wireless communication. A control unit 105 having an MMI function for inputting (or reading) one or more pieces of information, and at least one of reading customer payment means information (or card information) from at least one customer card in association with the control unit 105. The card reader 110, various input devices (or modules) for inputting (or digitally signing) at least one information in association with the controller 105, and at least one or more information in association with the controller 105. Short-range wireless communication device 135 for connecting a communication channel through a variety of output devices (or modules) for outputting the payment terminal (or payment module) and short-range wireless communication ( A module), and is characterized in that obtained by a battery for supplying a predetermined power to the POT terminal 100.

According to an embodiment of the present invention, the input device (or module) inputs a predetermined digital signature and a key input device 115 (or module) for inputting a predetermined payment amount and / or a personal identification number (PIN). It is preferable to include at least one or more digital signature device 130 (or module), the output device (or module) is at least one or more information (or data) input through the input device (or module) and various At least one screen output device 120 (or module) for outputting a payment processing screen and a print output device 125 (or module) for printing a predetermined payment processing history is preferably included.

Here, the key input device 115 (or module) of the input device (or module) touches the screen output device 120 (or module) of the output device (or module) provided in the POT terminal 100. It is possible to provide for use as a screen, whereby the present invention is not limited.

In addition, the digital signature device 130 (or module) of the input device (or module) touches the screen output device 120 (or module) of the output device (or module) included in the POT terminal 100. It may be used as a screen, or detachably provided in the POT terminal 100, or may be omitted for the intention of a person skilled in the art (or miniaturization of the POT terminal 100), whereby the present invention is not limited thereto. No.

In addition, the print output device 125 (or module) of the output device (or module) is provided detachably to the POT terminal 100, or according to the intention of those skilled in the art (or miniaturization of the POT terminal 100) May be omitted, and the present invention is not limited thereto.

Those skilled in the art to which the present invention pertains, in addition to the above-described input device (or module) and / or output device (or module), more various kinds of input device (or module) added according to the intention of those skilled in the art And / or infer an output device (or module), but the present invention includes all of the inferred input devices (or modules) and / or output devices (or modules), whereby the invention is not limited thereto. .

The control unit 105 controls the overall operation of the POT terminal 100 in terms of function configuration, manages the flow of information or data between components provided in the POT terminal 100, and connects the components with the components. An integrated chip that performs an MMI function, the processor unit 165 including at least one of a predetermined central processing unit (CPU) / microprocessor unit (MPU), and various registers and / or random access memory (RAM) at least. A storage memory 175 including at least one execution memory 170, a nonvolatile memory for storing / recording data (or program code) required to perform the MMI function, and the POT terminal 100; Input / output interface 140 for inputting / outputting various input / output related components and data (or information) and the data (or information) between the input / output interface 140 and the processor unit 165. Communication interface for inputting and outputting various inputs and outputs for performing electronic circuitry or software information processing function, and short-range wireless communication device 135 (or module) and data (or information) included in the POT terminal 100. 190, an encryption unit 180 that performs an encryption function on the data (or information) between the communication interface 190 and the processor unit 165, and a decryption unit 185 that decrypts the encrypted data. And at least one or more thereof.

Herein, various input units for performing an electronic circuit or software information processing function on the data (or information) between the input / output interface 140 and the processor unit 165 may include at least one of the plurality of input units provided in the POT terminal 100. At least one from the card information input unit 145 for inputting at least one or more payment means information (or card information) from one or more card reader 110, and a predetermined key input device 115 provided in the POT terminal 100; At least one key input unit 150 for inputting the above key data and a digital signature input unit (not shown) for inputting predetermined digital signature data from a predetermined digital signature device 130 provided in the POT terminal 100. It is preferable to comprise.

In addition, various output units for performing an electronic circuit or software information processing function on the data (or information) between the input / output interface 140 and the processor unit 165 are provided in the POT terminal 100. A screen output unit 155 for outputting a payment amount and / or PIN input state and / or a payment processing screen input from the key input device 115 to a screen input device of the POT terminal 100; Preferably, the print input device includes at least one print output unit 160 for printing and outputting a predetermined payment processing history.

The processor unit 165 included in the controller 105 of the integrated chip type for performing the MMI function may include a processor including at least one CPU / MPU, and the execution memory 170. At least one or more information (or data) to be loaded into the program code.

Execution memory 170 provided in the control unit 105 of the integrated chip type to perform the MMI function comprises a volatile high-speed memory including at least one or more various registers and / or RAM, the input and output interface Various information (or data) input to various input units through 140, and / or various information (or data) stored in the storage memory 175, and / or various program codes recorded in the storage memory. And / or load information (or data) to be output through various output units through the input / output interface 140 and / or various information (or data) in operation by the processor unit 165. .

The storage memory 175 included in the controller 105 of the integrated chip type that performs the MMI function may include a nonvolatile memory (eg, an EEPROM (eg, an EEPROM) configured to store / write data (or program code) required to perform the MMI function. And at least one of an electrically erasable and programmable read only memory and / or a flash memory (FM) and / or a hard disk drive (HDD). The data (or program code) is the execution memory. After being loaded at 170, the processor 165 may be operated.

According to an exemplary embodiment of the present invention, the storage memory 175 stores predetermined POT terminal 100 information for identifying the POT terminal 100 at a payment terminal to which a communication channel via the short range wireless communication is connected. Preferably, the POT terminal 100 information is included in payment information transmitted to the payment terminal through the short range wireless communication device 135.

According to another exemplary embodiment of the present invention, if the POT terminal 100 identifies the POT terminal 100 or checks the POT terminal 100 information according to the short range wireless communication standard (for example, the POT terminal 100). In the case where a unique address is assigned), the POT terminal 100 information may be omitted from the storage memory 175, and the POT terminal 100 information may be omitted. The present invention is not limited thereby.

The input / output interface 140 provided in the integrated chip type controller 105 performing the MMI function may include a card reader 110, a key input device 115, and a screen output device 120 provided in the POT terminal 100. Data between the various input devices and / or output devices including at least one print output device 125 and the digital signature device 130 and the various input parts and / or output parts provided in the controller 105. Information), and the input / output interface 140 includes various input devices and / or output devices provided in the POT terminal 100 and various input parts and / or output parts provided in the controller 105. It characterized in that it comprises a contact (or connector) for electrically connecting.

The card information input unit 145 of the integrated chip type control unit 105 performing the MMI function is connected to the card reader 110 provided in the POT terminal 100 through the input / output interface 140. And at least one customer payment means information (or card information) read from a predetermined customer card through the card reader 110 through the input / output interface 140, and the card reader 110. It is preferable to further comprise a function for converting the customer payment means information (or card information) read through the) into a data structure that can be processed by the processor unit 165.

The key input unit 150 provided in the integrated chip type control unit 105 performing the MMI function is at least one or more from the key input device 115 provided in the POT terminal 100 through the input / output interface 140. Key data is input.

According to the exemplary embodiment of the present invention, the key input unit 150 detects the information (or signal) input from the key input device 115 through the input / output interface 140, and the input information (or signal). To generate a key event (or key data) corresponding to and convert the generated key event (or key data) into a code that can be provided to the processor unit 165 and provide the generated key event (or key data) to the processor unit 165. desirable.

For example, when the input key data includes a payment amount, the key input unit 150 may provide the payment amount to the processor unit 165.

Alternatively, when the input key data includes wireless terminal information (eg, a mobile phone number) of the customer, the key input unit 150 may provide the wireless terminal information to the processor unit 165.

According to another exemplary embodiment of the present invention, the key input unit 150 detects the information (or signal) input from the key input device 115 through the input / output interface 140, and the input information (or signal). Generate a key event (or key data) corresponding to the key, convert the generated key event (or key data) into a code that can be provided to the processor unit 165, and provide the generated key event (or key data) to the processor unit 165. Alternatively, the card information input unit 145 is converted into a code that can be processed and provided to the card information input unit 145, or converted into a code that can be processed by the card reader through the input and output interface 140 It is preferable to provide directly to the card reader.

For example, when the input key data includes PIN information, the key input unit 150 transmits the PIN information to the input / output interface 140 in association with the card information input unit 145 and / or the processor unit 165. It is preferable to provide to the card reader 110 through.

The screen output unit 155 of the integrated chip type control unit 105 that performs the MMI function may transmit the key data input through the key input unit 150 through the input / output interface 140 to the screen output device ( 120 and / or include at least one payment processing screen and at least one information (or data) to be output on the payment processing screen through the input / output interface 140. Characterized in that the output to the screen output device 120.

The print output unit 160 included in the integrated chip type control unit 105 that performs the MMI function receives a predetermined payment processing history from the payment terminal (or payment module) through the short range wireless communication device 135. If so, characterized in that for outputting the payment processing history to the print output device 125 through the input and output interface 140.

The encryption unit 180 included in the integrated chip type control unit 105 that performs the MMI function may be configured through the short range wireless communication device 135 of information (or data) calculated by the processor unit 165. And encrypting predetermined payment information to be transmitted to a payment terminal (or payment module), and the storage memory 175 preferably stores at least one encryption key for the encryption processing.

According to the exemplary embodiment of the present invention, when the specific information of the POT terminal 100 is stored in the storage memory 175, it is preferable to further include the POT terminal 100 information in the payment information.

The decryption unit 185 included in the controller 105 of the integrated chip type that performs the MMI function decrypts the encrypted information (or data) among the information (or data) received through the short range wireless communication device 135. Preferably, the storage memory 175 stores at least one decryption key for the decryption process.

According to an embodiment of the present invention, when the short range wireless communication device 135 is provided with a security function including a predetermined encryption / decryption function corresponding to the short range wireless communication, the encryption unit 180 and the decryption unit 185 ) May be omitted, and the present invention is not limited thereto.

The communication interface 190 of the integrated chip type control unit 105 that performs the MMI function is transmitted through the short range wireless communication device 135 of information (or data) calculated by the processor unit 165. Providing at least one or more information (or data) to the short range wireless communication device 135 or providing the information (or data) received through the short range wireless communication device 135 to the processor unit 165. When the information (or data) calculated by the processor unit 165 is encrypted by the encryption unit 180, the encrypted information (or data) is transferred to the short range wireless communication device 135. Alternatively, the encrypted information (or data) among the information (or data) received through the short range wireless communication device 135 may be provided to the decryption unit 185.

According to the exemplary embodiment of the present invention, the controller 105 may further include a power interface (not shown) that receives a predetermined power for the operation of the controller 105 from the battery.

The customer who is provided with the MMI function for the distributed payment processing through the POT terminal 100 may use a contact IC based on an MS (Magnetic Stripe) card and / or an ISO / IEC 7816 standard based on the ISO / IEC 7810 standard. A card (or wireless IC chip) and / or a card including (or owning) at least one contactless IC card (or wireless IC chip) based on ISO / IEC 14443 standard, and the card reader 110 Is characterized in that to provide an interface for reading at least one or more information or data provided in the card.

According to an embodiment of the present invention, the card reader 110 may include an MS reader unit that provides an interface between the MS card and the POT terminal 100, and / or between the contact IC card and the POT terminal 100. And a contact IC reader unit providing an interface, and / or a contactless IC reader unit providing an interface between the contactless IC card and the POT terminal 100.

The MS reader unit is a card reader 110 based on ISO / IEC 7810, and includes at least one magnetic head including a predetermined coil, and includes predetermined information (eg, magnetized binary). When the MS card on which (Binary) data is recorded moves in a predetermined direction in close contact with the magnetic head (or the magnetic head moves in close contact with an MS card in which predetermined information is recorded), a predetermined electrical signal is transmitted to the magnetic head. The card information input unit 145 provided in the controller 105 through the input / output interface 140 to transmit predetermined information or data from at least one or more tracks included in the MS of the MS card by using the loaded information. It is characterized in that to provide.

According to an embodiment of the present invention, the MS reader unit may insert and / or slide the MS along one surface (eg, the longest surface) of the body of the POT terminal 100 in order to reduce the size of the POT terminal 100. It is preferable that a groove is provided and a portion of the groove is provided with the magnetic head.

The contact IC reader unit is a card reader 110 based on ISO / IEC 7816, and includes at least one contact point that makes electrical contact with a chip on board (COB) provided in a contact IC card. And supplying power to the IC chip of the IC card through the contact point, and receiving predetermined information or data from the IC chip through the half duplex transaction using an APDU (Application Protocol Data Unit). The card information input unit 145 provided in the controller 105 is provided through the input / output interface 140.

According to an embodiment of the present invention, the contact IC reader unit may have a COB (Chip) of the IC card on the other side of the body of the POT terminal 100 not provided with the MS reader unit for miniaturization of the POT terminal 100. On-board) is preferably provided with a groove into which the IC card is inserted, and a contact portion in electrical contact with the COB is provided in a portion of the groove.

The contactless IC reader unit is a card reader 110 based on ISO / IEC 14443, and at least one of which makes contactless contact with the contactless IC card by using capacitive coupling and / or inductive coupling. The antenna includes the above antenna, and supplies power to the IC chip of the IC card through the antenna, and inputs and outputs predetermined information or data from the IC chip through the half duplex transaction using an APDU. The card 140 may be provided to the card information input unit 145 provided in the controller 105 through the interface 140.

According to the exemplary embodiment of the present invention, the contactless IC reader may be provided with an antenna coil along an outer boundary of the body of the POT terminal 100 in order to reduce the size of the POT terminal 100.

According to an embodiment of the present invention, the card reader 110 may provide predetermined customer payment means information and / or a card from at least one or more card readers 110 for the MMI function for payment processing defined in the POT terminal 100. It is preferable to read information (e.g., payment means information corresponding to a payment means including at least one credit card, debit card, debit card, cash card, financial account provided on the card).

According to the method of the present invention, the customer payment means information and / or card information is a card number (for example, credit card number, check card number, debit card number, cash card number) or account number provided on the customer card It is preferable to include at least one, it is preferable to further include the expiration date information, card issuing agency information, etc. according to the payment means provided on the customer card.

The key input device 115 includes at least one key button including at least one numeric key and / or a character key and / or a function key. The key input signal generated through the key button is provided to the key input unit 150 provided in the controller 105 through the input / output interface 140.

The screen output device 120 may include information (or data) and / or at least one or more payment processing input through the key input device 115 while the POT terminal 100 performs an MMI function for payment processing. And a liquid crystal display (LCD) for outputting a screen.

After the POT terminal 100 performs the MMI function for payment processing, the print output device 125 outputs a predetermined payment processing history received through the short range wireless communication device 135 in a payment receipt form. It characterized in that it comprises a predetermined printing device (for example, a receipt printer), the print output device 125 is provided detachably to the POT terminal 100 for miniaturization of the POT terminal 100 or Or communication connection via a predetermined cable.

The short-range wireless communication device 135 is characterized in that the POT terminal 100 connects the communication terminal (or payment module) and the communication channel through short-range wireless communication in the process of performing the MMI function for payment processing, At least one of various RF (Radio Frequency) communication, Bluetooth (BlueTooth), wireless LAN (Wireless LAN), Wi-Fi (Wi-Fi), UWB (Ultra Wide Band system) is preferably included.

Those skilled in the art to which the present invention belongs, the short-range wireless communication device 135 by referring to at least one or more of various RF communication standards, Bluetooth communication standards, WLAN communication standards, WiFi communication standards, UWB communication standards, etc. As you will be familiar with the detailed technical features of), the detailed description thereof will be omitted for convenience.

2 is a diagram illustrating a device configuration of a POT terminal 100 having an MMI function for payment processing according to an embodiment of the present invention.

In more detail, FIG. 2 illustrates a screen output device 120 (or digital signature device 130) and a key input device based on the functional configuration of the POT terminal 100 having the MMI function shown in FIG. 115), at least one card reader 110, and the device configuration of the POT terminal 100 having an MMI integrated chip and a short-range wireless communication device 135, specifically, Figure 2a is the POT terminal 100 The front of the body has a display device 120 (or digital signing device 130) and a key input device 115 is shown, Figure 2b is an MS reader on one side of the body of the POT terminal 100 It is provided with a contact IC reader on the other side, and has an antenna for a non-contact IC reader along the outer boundary of the body of the POT terminal 100, Figure 2c shows the POT terminal 100 The MMI integrated chip and a short-range wireless communication device 135 therein To date.

Those skilled in the art to which the present invention pertains may refer to and / or modify this drawing to infer various implementation methods for the device configuration of the POT terminal 100 having the MMI function for payment processing. It should be understood that the present invention includes all implementation methods inferred, and the technical features are not limited only to the implementation method shown in FIG.

Referring to FIG. 2A, the screen output device 120 provided in the front portion of the body of the POT terminal 100 outputs at least one key data input through the key input device 115, and / or It comprises a LCD device for outputting the payment processing screen, characterized in that to further perform the function of the digital signature device 130 by having a transparent touch pad on the LCD device.

In addition, the key input device 115 provided in the front portion of the body of the POT terminal 100 includes a number key between '0' and '9' and a key including function keys corresponding to "input" and "cancel". And a payment amount and / or PIN information based on the key button.

Referring to FIG. 2B, an MS reader groove capable of inserting and / or sliding an MS card owned by a customer is provided on the longest surface of the body of the POT terminal 100 and provided in the MS card in the MS reader groove. And a magnetic head capable of reading predetermined payment means information (or card information) from the established MS.

In addition, one side of the body of the POT terminal 100 is provided with a contact type IC reader groove for inserting a contact type IC card owned by the customer on the other surface except the one surface provided with the MS reader, the contact type An IC contact groove is provided with a COM contact in electrical contact with the COB at a COB location.

In addition, an antenna for a contactless IC reader is provided along the outer boundary of the body of the POT terminal 100, and the predetermined payment means information (or card information) is contacted from the contactless IC card owned by the customer through the antenna. Lead.

Referring to FIG. 2C, an MMI integrated chip providing a short range wireless communication device 135 and an MMI function for payment processing is provided at a portion of the POT terminal 100 that does not overlap the area of the card reader 110. The screen output device 120, the key input device 115, the digital signature device 130, the MS reader, the contact IC reader, and the contactless IC are connected to the input / output interface 140 of the MMI integrated chip. The reader connects the reader, and connects the short range wireless communication device 135 to the communication interface 190 of the MMI integrated chip.

3 is a diagram illustrating a functional configuration of a payment terminal 300 (or a payment module) connected to a POT terminal having a MMI function for payment processing and short-range wireless communication according to an embodiment of the present invention.

In more detail, FIG. 3 illustrates a payment terminal 300 having a distributed payment mode for a distributed electronic payment service in connection with the POT terminal 100 having the MMI function for payment processing shown in FIG. , CAT (Credit Authorization Terminal), or a method of implementing a point of sales terminal (POS) having a payment function, and a person of ordinary skill in the art to which the present invention pertains, refer to FIG. And / or modified to infer the configuration of the various payment terminal 300 for the distributed electronic payment service in connection with the POT terminal 100 having the MMI function for payment processing, but the technical features of the present invention It is to be understood that the present invention is not intended to be limited to FIG. 3 but encompasses all inferred implementation methods.

Referring to FIG. 3, a payment terminal 300 having a distributed payment mode for a distributed electronic payment service in connection with a POT terminal 100 having an MMI function for payment processing is basically a control unit 105 and a memory. A short-range wireless communication unit 310 and a communication processing unit 340 for connecting the unit 350 and the POT terminal 100 shown in FIG. 1 to a communication channel via short-range wireless communication are provided. In accordance with the intention of the security application module 345 is preferably made, it is preferable to comprise a power supply unit 335 for supplying a predetermined operating power to the payment terminal 300.

According to another exemplary embodiment of the present invention, the POT terminal 100 may include at least one card reader for an electronic payment service using the payment terminal 300 in addition to the distributed electronic payment service associated with the POT terminal 100. It is possible to further include a section (not shown), a screen output section 155 (not shown), a key input section 150 (not shown), and a print output section 160 (not shown). The invention is not limited.

The control unit 105 controls the overall operation of the payment terminal 300 in terms of function configuration, manages the flow of information or data between each component, and uses a POT terminal 100 having an MMI function for payment processing. Characterized in that interlocking and controlling at least one or more components provided in the payment terminal 300 for electronic payment processing, at least including hardware (Central Processing Unit) / MPU (Micro Processing Unit) And at least one processor, execution memory 170 (e.g., a register and / or random access memory (RAM)) and a bus (BUS) for inputting and outputting predetermined data. 300) A predetermined program that is loaded from the predetermined recording medium into the execution memory 170 to perform a specific function and is processed by the processor. RAM routines (Routine) and / or program data (hence, recorded on the recording medium provided in the payment terminal 300 for distributed electronic payment processing using the POT terminal 100 having the MMI function for payment processing) A predetermined program, and / or a component that can be processed by software among the functional components provided in the payment terminal 300, is shown in the controller 105).

According to an embodiment of the present invention, the control unit 105 is a component provided in the payment terminal 300 (for example, the memory unit 350, the short-range wireless communication unit 310, the communication processing unit 340 and security applications) A module 345 and the print output unit 160 and / or at least one terminal function unit (not shown) according to the intention of those skilled in the art) to provide an electronic payment service defined in the payment terminal 300 Control and manage, as well as interworking to control the components provided in the payment terminal 300 for a distributed electronic payment service in connection with the POT terminal 100 having the MMI function for payment processing, And / or in connection with the POT terminal 100 having the MMI function for payment processing, executing a program recorded in a recording medium provided in the payment terminal 300 for a distributed electronic payment service.

The memory unit 350 is input and output when an operation by a predetermined program routine (or code) and / or program data (eg, a program routine (or code)) for controlling the overall operation of the payment terminal 300 is performed. General term of non-volatile memory for storing information or data), at least one of which includes EEPROM (Electrically Erasable and Programmable Read Only Memory) and / or Flash Memory (FM) and / or Hard Disk Drive (HDD) in hardware. It includes the above storage means, the predetermined program routine and program data required for the control unit 105 to perform a predetermined control function (e.g., data input or output for the program routine to perform a predetermined function) ) Is stored.

According to the exemplary embodiment of the present invention, the memory unit 350 includes a predetermined payment approval request including payment information received from the POT terminal 100 through the short range wireless communication unit 310 in the payment terminal 300. It is preferable to store affiliate store information (or terminal information) for generating a full text.

The short range wireless communication unit 310 connects the communication channel through the short range wireless communication with the POT terminal 100 shown in FIG. 1 for the distributed electronic payment processing. And receiving payment information including customer payment means information (or card information) and payment amount information read from a predetermined customer card from the POT terminal 100 through a communication channel. When a predetermined payment approval message is received, the payment processing details included in the payment approval message may be transmitted to the POT terminal 100 through a communication channel through the short range wireless communication.

Referring to FIG. 3, the short range wireless communication unit 310 includes various RF (Radio Frequency) communication standards, Bluetooth (BlueTooth) communication standards, Wireless LAN communication standards, Wi-Fi communication standards, UWB ( Ultra wide band system) The antenna unit 315 for transmitting and receiving a radio frequency signal corresponding to the communication standard and the radio frequency signal received through the antenna unit 315 is encoded (Encoding) according to the short-range wireless communication standard (Or data), or a signal processor for decoding at least one or more information (or data) in accordance with the short-range wireless communication standard to convert the radio frequency signal to be transmitted through the antenna unit 315 Characterized in that it comprises a (320).

Those skilled in the art to which the present invention belongs, the short-range wireless communication unit 310 by referring to at least one or more of various RF communication standards, Bluetooth communication standards, WLAN communication standards, Wi-Fi communication standards, UWB communication standards, etc. Since the technical features of the antenna unit 315 and the signal processor 320 will be familiar, detailed description thereof will be omitted for convenience.

In addition, when the information (or data) received from the POT terminal 100 through the antenna unit 315 and the signal processor 320 is encrypted, the short range wireless communication unit 310 may encrypt the encrypted information (or data). ) And an encryption unit 325 for encrypting at least one or more information (or data) to be transmitted to the POT terminal 100 through the signal processing unit 320 and the antenna unit 315. Characterized in that further comprises, the encryption unit 325 and the decryption unit 330 can be provided in the control unit 105 in accordance with the intention of those skilled in the art, by which the present invention is not limited.

The communication processing unit 340 is a predetermined bansa through a predetermined communication network in the process of performing the distributed electronic payment processing function in connection with the POT terminal 100 having the payment terminal MMI function for the payment processing (300) And a communication channel (or communication session) for at least one payment related professional transmission / reception with the server 390, and a communication protocol and / or driver for connecting the communication channel (or communication session) by software. It is made, including.

According to an embodiment of the present invention, the communication processing unit 340 may include at least one public switched telephone network (PSTN) for wired voice call or an intelligent network for wired voice call data communication. At least one including a wired communication network, an xDSL-based communication network (eg, ADSL / VDSL-based communication network) or a cable high-speed Internet network including at least one or a TCP / IP-based communication network based on fixed IP. It is preferable to connect a communication channel (or a communication session) for at least one or more payment related professional transmission / reception with the bansa server 390 through a wired communication network, and for this purpose, the communication processing unit 340 is connected to the wired communication network. It includes a modem or a network interface card (NIC), and the payment in software The end (300) comprises a communication protocol and / or a driver to be connected to the wired communication network.

According to another exemplary embodiment of the present invention, the communication processing unit 340 may include a code division multiple access (CDMA) / wide CDMA (WCDMA) based wireless communication network, a high-speed downlink packet access (HSDPA) based wireless communication network, and IEEE 802.16x. It is preferable to connect a communication channel (or a communication session) for transmitting and receiving at least one payment-related professional text with the bansa server 390 through a wireless communication network including at least one based wireless communication network, and for this purpose, the communication processor 340 ) Includes a wireless communication device for connecting to the wireless communication network and a communication protocol and / or a driver for connecting the payment terminal 300 to the wireless communication network in software.

The secure application module (345) is a confidentiality and / or authentication required by the payment terminal 300 in the process of performing the electronic payment and / or electronic payment using the card. Security requirements, including integrity and / or nonrepudiation, etc., in a secure and reliable structure within the payment terminal 300 without using an authentication server on a payment network. As a safety device, the payment terminal 300 encrypts or decrypts a predetermined message (information or data) processed in the process of performing a predetermined security request function (for example, an electronic payment and / or an electronic payment function). Adds an authenticator to prevent forgery (or tampering) of the message, or stores critical information in the process of performing the security request function. And it characterized in that.

In general, the security application module 345 is preferably composed of a predetermined security application module 345 inserter and security application module 345 chip, the security application module 345 chip is a chip containing at least 8-bit CPU Application Specific Integrated Circuit (ASIC) chips (eg, PLCC 44-pin chips) and / or IC chips (eg, IC cards in the form of subscriber identity modules (SIMs)) with performance of 2 MIPS (Million Instructions Per Second) or more. It is preferable to comprise a.

In addition, the security application module 345 is at least one or more security application data (eg, at least one identifier, version, expiration date, issue date, code value, etc.) required for the payment terminal 300 to perform a predetermined security request function. ) And / or keys (e.g., one master key and at least one application key) and / or protocols (e.g., trading protocols, re-transaction protocols, previous transaction cancellation protocols, collection protocols, SAM issuance protocols, (e-money company / card company) Registration protocol, authorization protocol, mode switching protocol, key download protocol, SAM revocation protocol) and / or commands (e.g., at least one read / authentication / transmission / registration / setting / mode switching / collection / deletion / disposal / initialization) / Reprocessing / cancellation command).

Referring to FIG. 3, the payment terminal 300 provides a distributed electronic payment service in connection with the POT terminal 100 having the MMI function for payment processing, at least through the short range wireless communication unit 310. An information receiving unit 355 for receiving payment information including customer payment information and payment amount information from at least one POT terminal 100, and the payment information and the affiliated store information received through the information receiving unit 355; Or a terminal generating unit 360 for generating a payment approval request message including at least one terminal information) and the generated payment approval request message, through the communication processing unit 340, to a predetermined bansa server 390. It is characterized by comprising a specialized transmission unit 365 to.

In addition, the payment terminal 300 is the bansa server 390 through the communication processing unit 340 to provide a distributed electronic payment service in connection with the POT terminal 100 having the MMI function for payment processing. A professional receiving unit 370 for receiving a payment approval message including a payment processing history corresponding to the payment approval request message from the user, and extracting the payment processing history from the received payment approval message and reading the payment processing history; The payment confirmation unit 375 confirms whether the payment is approved for the payment approval request, and the POT terminal 100 and the customer payment means information (or card information) that transmits the full payment approval request message when the payment is approved. ) Through the information storage unit 380 and the payment amount information and payment approval information (for example, payment approval number) to store in the memory unit 350 and the short-range wireless communication unit 310 And an information transmitter 385 for transmitting the payment processing details extracted from the payment approval message to the POT terminal 100.

When the short range wireless communication unit 310 connects at least one POT terminal 100 with a communication channel through short range wireless communication, the information receiver 355 is connected to the short range wireless communication unit 310 to establish a communication channel. Check whether at least one or more information (or data) is received from the connected at least one or more POT terminals 100, and if at least one or more information (or data) is received through the short range wireless communication unit 310, the received And receiving payment information including the customer payment means information (or card information) and payment amount information among the information (or data), and provides the received payment information to the full text generation unit 360.

According to another embodiment of the present invention, when the encryption unit 325 and the decryption unit 330 are provided in the control unit 105 and the received payment information is encrypted, the information receiving unit 355 receives the reception. It is possible to provide the payment information to the decryption unit 330, whereby the present invention is not limited.

According to another exemplary embodiment of the present invention, the information receiving unit 355 may further receive the customer wireless terminal information. In this case, the information storing unit 380 may perform the payment processing corresponding to the payment information. Temporarily stores the customer wireless terminal information in the memory unit 350 provided in the payment terminal until completion, and then the wireless terminal information is transmitted from the payment terminal 300 to the customer wireless terminal. It can be used to

The full text generation unit 360 generates a full text of the payment approval request including at least one of the payment information received through the information receiving unit 355 and merchant information (or terminal information) stored in the memory 350. It characterized in that, and provides the generated payment approval request full text to the professional transmission unit (365).

The professional transmitter 365 transmits the payment approval request message generated by the professional generator 360 to the bansa server 390 through at least one communication network in association with the communication processor 340. In response, the bansa server 390 may correspond to the payment approval request message in association with the card company server 395 corresponding to the customer payment means information (or card information) included in the payment approval request message. After performing the payment processing procedure, the payment approval message generated by the card company server 395 is transmitted to the payment terminal 300 through the communication network in the payment processing result.

Here, the card company server 395 is based on the customer payment means information (or card information), payment amount information and the merchant information (or terminal information) included in the full payment approval request provided from the bansa server 390 Check whether the payment is approved for processing the payment amount through the customer payment means (or card), and the payment processing details including any one of payment approval details or payment error details corresponding to the payment approval result. After the generation, it is preferable to generate a payment approval message including the generated payment processing details and provide it to the bansa server 390. The payment approval procedure of the card company server 395 is performed by the customer payment means (or card). A variety of modifications may be made depending on the type and business cooperation between the bansa and the card company, and the present invention is not limited thereto. The.

After the payment approval request message is transmitted to the bansa server 390 through the professional transmitter 365, the professional receiver 370 receives the payment from the bansa server 390 through the communication processor 340. Periodically (or in response to a full text reception event of the communication processing unit 340) a payment approval text including a payment processing history corresponding to the full text of the request for approval is received, and the payment processing details are responded to according to the verification result. Characterized in that it receives the full payment approval.

If the payment approval message including the payment processing history corresponding to the payment approval request message is received through the text receiving unit 370, the payment confirmation unit 375 receives the payment processing details (eg, from the payment approval message). Payment approval details, or payment error details), and reads the extracted payment processing details to determine whether payment for the payment approval request is approved.

According to the exemplary embodiment of the present invention, the payment confirmation unit 375 confirms whether the payment approval request is approved by checking whether the payment approval details are included in the payment processing details or the payment error details. It is desirable to.

If the payment result is approved for the payment approval request, the payment confirmation unit 375 provides the payment processing details to the information storage unit 380, and, on the contrary, the payment for the payment approval request is approved. If not, the payment confirmation unit 375 directly provides the payment processing details to the information transmission unit 385.

The information storage unit 380 is a POT terminal that transmits the full text of the payment approval request in association with the information receiving unit 355 when the payment is approved for the payment approval request as a result of the check by the payment confirmation unit 375 ( 100) information and customer payment means information (or card information) received from the POT terminal 100 (or included in the payment processing history) and payment amount information are checked, and payment approval information included in the payment processing history ( For example, after confirming the payment approval number, the POT terminal 100, the customer payment means information (or card information), payment amount information, and payment approval information are interlinked and stored in the memory unit 350. It is done.

When the POT terminal 100 information, customer payment means information (or card information), payment amount information, and payment approval information are stored in association with the memory 350, the information storage unit 380 confirms the payment. The payment processing history provided from the unit 375 is provided to the information transmitting unit 385.

The information transmitter 385 converts the payment processing history extracted from the payment approval message into a data code (or format) that can be transmitted through the short range wireless communication unit 310, and through the short range wireless communication unit 310. The converted payment processing history is characterized in that for transmitting to the POT terminal 100 corresponding to the received payment information.

According to another embodiment of the present invention, when the encryption unit 325 and the decryption unit 330 are provided in the control unit 105, the payment processing details are encrypted and transmitted to the POT terminal 100. The information transmission unit 385 provides the payment processing details to the encryption unit 325, and correspondingly, the encryption unit 325 encrypts the payment processing details and transmits the POT through the short range wireless communication unit 310. It is possible to transmit to the terminal 100, whereby the present invention is not limited.

4 is a diagram illustrating an operation process of the POT terminal 100 performing an MMI function for payment processing according to an embodiment of the present invention.

In more detail, FIG. 4 reads predetermined customer payment means information (or card information) for payment processing from a predetermined customer-owned MS card in the POT terminal 100 shown in FIG. 1, and the customer payment means information. (Or card information) of the operation process of the POT terminal 100 performing the MMI function for payment processing for inputting the payment amount to be processed, if one of ordinary skill in the art to which the present invention belongs, Although various implementation methods for the operation process of the POT terminal 100 performing the MMI function for payment processing by referring to and / or modifying the drawing 4 may be inferred, the present invention includes all the implementation methods inferred. It is made by, and the technical features are not limited only to the implementation method shown in FIG.

That is, FIG. 4 illustrates that after the POT terminal 100 is booted, the payment terminal 300 shown in FIG. 3 is connected to a communication channel through short-range wireless communication, and the payment process is performed from the customer-owned MS card. It is shown that the MMI function for payment processing is performed to check whether predetermined customer payment method information (or card information) is read and input, and input a predetermined payment amount when the customer payment method information (or card information) is input. However, the present invention is not limited thereto, and the operation process of the POT terminal 100 may be modified in various ways.

For example, after the POT terminal 100 is booted, a process of confirming whether predetermined customer payment means information (or card information) for reading processing is read and inputted from the customer-owned MS card is first performed or predetermined payment is made. It is possible to first perform the process of checking whether the amount is input, and the customer payment means information (or card information) input process and the payment amount input process may also be performed in a reverse order, and thus the present invention is not limited thereto. .

Referring to FIG. 4, various input devices, output devices, and short-range wireless communication devices provided in the POT terminal 100 by inputting predetermined power (for example, battery power) to the POT terminal 100 illustrated in FIG. 1. When power is supplied to the 135 and the MMI integrated chip 400, a booting procedure for the MMI integrated chip of the POT terminal 100 is performed (405).

If the booting procedure for the MMI integrated chip is completed (410), the MMI integrated chip searches for a payment terminal 300 in a short range wireless communication range in connection with the short range wireless communication device 135, thereby making the payment. The communication channel is connected to the terminal 300 through short-range wireless communication (415).

According to another embodiment of the present invention, when searching for the POT terminal 100 existing in the short range wireless communication range from the payment terminal 300 according to the short range wireless communication standard, the POT terminal 100 is the payment terminal 300. It is possible to wait for the communication channel to be connected through the short-range wireless communication, thereby the present invention is not limited.

If the communication terminal is connected to the payment terminal 300 through the short-range wireless communication (420), the MMI integrated chip provided in the POT terminal 100 from the predetermined MS card owned by the customer through the MS reader It is checked whether predetermined customer payment means information (or card information) is read and input (425).

If it is confirmed that the customer payment means information (or card information) is read and input (430), the MMI integrated chip outputs a predetermined payment amount input screen through the screen output device 120 and inputs the key. The device 115 checks whether a predetermined payment amount is input (435).

If the payment amount is input (440), the MMI integrated chip generates payment information including the customer payment means information (or card information) and payment amount information (445).

According to the exemplary embodiment of the present invention, when the short-term wireless communication standard cannot identify / confirm the unique information about the POT terminal 100 in the payment terminal 300, the MMI integrated chip may display the POT in the payment information. Preferably, the terminal 100 further includes information.

According to another exemplary embodiment of the present invention, the POT terminal 100 outputs the customer wireless terminal information input screen through the screen output device 120 and the customer wireless terminal information through the key input device 115. It is possible to receive the input, in this case, the wireless terminal information is preferably included in the payment information.

Thereafter, the MMI integrated chip encrypts the payment information according to at least one of the encryption procedures shown in FIGS. 8 and / or 10 and / or 12 and / or 14 (450).

If the payment information is encrypted (455), the MMI integrated chip transmits the payment information to the payment terminal 300 through a communication channel through the short range wireless communication in connection with the short range wireless communication device 135. (460).

5A and 5B illustrate an operation process of the POT terminal 100 performing an MMI function for payment processing according to another exemplary embodiment of the present invention.

In more detail, FIGS. 5A and 5B read predetermined customer payment means information (or card information) for payment processing from a predetermined customer-owned contact type IC card in the POT terminal 100 shown in FIG. Regarding the operation process of the POT terminal 100 performing the MMI function for payment processing for inputting the payment amount to be processed through the customer payment means information (or card information), the general knowledge in the technical field to which the present invention belongs If the person having the present invention will be able to infer various implementation methods for the operation process of the POT terminal 100 performing the MMI function for payment processing by referring to and / or modifying the drawings 5a and 5b. It is made to include all the inferred implementation method, and the technical features are not limited only to the implementation method shown in FIGS. 5A and 5B.

That is, FIGS. 5A and 5B illustrate that after the POT terminal 100 is booted, the payment terminal 300 shown in FIG. 3 is connected to a communication channel through short-range wireless communication, and the customer-owned contact IC card MMI function for checking whether the predetermined customer payment method information (or card information) for payment processing is read and inputted, and inputting a predetermined payment amount when the customer payment method information (or card information) is inputted Although illustrated as performing the present invention, the present invention is not limited thereto, and an operation process of the POT terminal 100 may be variously modified.

For example, after the POT terminal 100 is booted, a process of confirming whether predetermined customer payment means information (or card information) for reading processing is read and inputted from the customer-owned contact type IC card is first performed or predetermined. It is possible to first perform a process of checking whether the payment amount is input, and the customer payment means information (or card information) input process and the payment amount input process may also be performed in a reverse order, thereby limiting the present invention. Not.

Referring to FIGS. 5A and 5B, various input devices, output devices, and short ranges provided in the POT terminal 100 by inputting predetermined power (for example, battery power) to the POT terminal 100 illustrated in FIG. 1. When power is supplied to the wireless communication device 135 and the MMI integrated chip (500), a booting procedure for the MMI integrated chip of the POT terminal 100 is performed (505).

If the booting procedure for the MMI integrated chip is completed 510, the MMI integrated chip searches for a payment terminal 300 in a short range wireless communication range in connection with the short range wireless communication device 135, thereby making the payment. The communication channel is connected to the terminal 300 through short-range wireless communication (515).

According to another embodiment of the present invention, when searching for the POT terminal 100 existing in the short range wireless communication range from the payment terminal 300 according to the short range wireless communication standard, the POT terminal 100 is the payment terminal 300. It is possible to wait for the communication channel to be connected through the short-range wireless communication, thereby the present invention is not limited.

If the communication terminal is connected to the payment terminal 300 through the short-range wireless communication (520), the MMI integrated chip provided in the POT terminal 100 is a predetermined contact owned by the customer through the contact IC reader It is checked whether an IC card is inserted into the contact IC reader (525).

If the contact IC card is inserted into the contact IC reader (530), the MMI integrated chip outputs a predetermined PIN information input screen through the screen output device 120, and the predetermined key input device 115. In step 535, it is checked whether the predetermined PIN information is inputted.

If predetermined PIN information is input through the key input device 115 (540), the MMI integrated chip provides the PIN information to the contact IC card through the contact IC reader, and the contact IC It is checked whether the PIN authentication for the PIN information from the card (545).

If the PIN authentication is not confirmed (550), the MMI integrated chip outputs predetermined PIN error information through the screen output device 120 (555), MMI for payment processing for the POT terminal 100 Terminate the function.

On the other hand, if the PIN authentication is confirmed (550), the MMI integrated chip reads and inputs predetermined customer payment means information (or card information) from the contact IC card through the contact IC reader (560), A predetermined payment amount input screen is output through the screen output device 120, and it is checked whether a predetermined payment amount is input through the key input device 115 (565).

If the payment amount is input (570), the MMI integrated chip generates payment information including the customer payment means information (or card information) and payment amount information (575).

According to the exemplary embodiment of the present invention, when the short-term wireless communication standard cannot identify / confirm the unique information about the POT terminal 100 in the payment terminal 300, the MMI integrated chip may display the POT in the payment information. Preferably, the terminal 100 further includes information.

According to another exemplary embodiment of the present invention, the POT terminal 100 outputs the customer wireless terminal information input screen through the screen output device 120 and the customer wireless terminal information through the key input device 115. It is possible to receive the input, in this case, the wireless terminal information is preferably included in the payment information.

Thereafter, the MMI integrated chip encrypts the payment information according to at least one of the encryption procedures shown in FIGS. 8 and / or 10 and / or 12 and / or 14 (580).

If the payment information is encrypted (585), the MMI integrated chip transmits the payment information to the payment terminal 300 through the communication channel through the short-range wireless communication in connection with the short-range wireless communication device 135. (590).

6 is a diagram illustrating an operation process of the POT terminal 100 performing an MMI function for payment processing according to another exemplary embodiment of the present invention.

In detail, FIG. 6 reads predetermined customer payment means information (or card information) for payment processing from a predetermined customer-owned contactless IC card in the POT terminal 100 shown in FIG. Regarding the operation process of the POT terminal 100 performing the MMI function for payment processing for inputting the payment amount to be processed through the information (or card information), if the person having ordinary knowledge in the technical field to which the present invention belongs However, various implementation methods for the operation process of the POT terminal 100 performing the MMI function for payment processing by referring to and / or modifying the present invention may be inferred. It is made, including, and the technical features are not limited only to the implementation method shown in FIG.

In other words, in FIG. 6, after the POT terminal 100 is booted, the payment terminal 300 shown in FIG. 3 is connected to a communication channel through short-range wireless communication, and payment processing is performed from the customer-owned contactless IC card. To check whether predetermined customer payment means information (or card information) is read and input, and perform a MMI function for payment processing for inputting a predetermined payment amount when the customer payment means information (or card information) is inputted. Although illustrated in the drawings, the present invention is not limited thereto, and the operation process of the POT terminal 100 may be variously modified.

For example, after the POT terminal 100 is booted, a process of confirming whether predetermined customer payment means information (or card information) for reading processing is read and inputted from the customer-owned contactless IC card is first performed, or It is possible to first perform a process of checking whether a payment amount is input, and the customer payment means information (or card information) input process and payment amount input process may also be performed in a reverse order, thereby limiting the present invention. Not.

Referring to FIG. 6, various input devices, output devices, and short-range wireless communication devices provided in the POT terminal 100 by inputting predetermined power (eg, battery power) to the POT terminal 100 illustrated in FIG. 1. If power is supplied to the 135 and the MMI integrated chip (600), a booting procedure for the MMI integrated chip of the POT terminal 100 is performed (605).

If the booting procedure for the MMI integrated chip is completed 610, the MMI integrated chip searches for a payment terminal 300 in a short range wireless communication range in connection with the short range wireless communication device 135, thereby making the payment. The communication channel is connected to the terminal 300 through short-range wireless communication (615).

According to another embodiment of the present invention, when searching for the POT terminal 100 existing in the short range wireless communication range from the payment terminal 300 according to the short range wireless communication standard, the POT terminal 100 is the payment terminal 300. It is possible to wait for the communication channel to be connected through the short-range wireless communication, thereby the present invention is not limited.

If the communication terminal is connected to the payment terminal 300 through the short range wireless communication (620), the MMI integrated chip provided in the POT terminal 100 is a predetermined contactless IC owned by the customer through the contactless IC reader. It is checked whether predetermined customer payment means information (or card information) is read and input from the card (625).

If it is confirmed that the customer payment means information (or card information) is read and input (630), the MMI integrated chip outputs a predetermined payment amount input screen through the screen output device 120 and inputs the key. The device 115 confirms whether a predetermined payment amount is input (635).

If the payment amount is input (640), the MMI integrated chip generates payment information including the customer payment means information (or card information) and payment amount information (645).

According to the exemplary embodiment of the present invention, when the short-term wireless communication standard cannot identify / confirm the unique information about the POT terminal 100 in the payment terminal 300, the MMI integrated chip may display the POT in the payment information. Preferably, the terminal 100 further includes information.

According to another exemplary embodiment of the present invention, the POT terminal 100 outputs the customer wireless terminal information input screen through the screen output device 120 and the customer wireless terminal information through the key input device 115. It is possible to receive the input, in this case, the wireless terminal information is preferably included in the payment information.

Thereafter, the MMI integrated chip encrypts the payment information according to at least one of the encryption procedures shown in FIGS. 8 and / or 10 and / or 12 and / or 14 (650).

If the payment information is encrypted (655), the MMI integrated chip transmits the payment information to the payment terminal 300 through the communication channel through the short range wireless communication in connection with the short range wireless communication device 135. (660).

7 is a diagram illustrating a payment processing process corresponding to an MMI function for payment processing according to an embodiment of the present invention.

In more detail, FIG. 7 illustrates the short-range wireless communication after performing the MMI operation for payment processing shown in FIGS. 4 and / or 5 and / or 6 in the POT terminal 100 shown in FIG. 1. Checking whether a payment processing history corresponding to the payment information is received from the payment terminal 300 connected to the communication channel through the communication channel, and outputting (or printing) the payment processing history when the payment processing history is received. As those of ordinary skill in the art to which the present invention pertains, various implementation methods for the payment processing process corresponding to the MMI function for payment processing may be inferred by referring to and / or modifying the drawing 7. As will be appreciated, the present invention includes all implementation methods inferred, and the technical features are not limited only to the implementation method illustrated in FIG.

Referring to FIG. 7, the POT terminal 100 shown in FIG. 1 performs an MMI operation for payment processing shown in FIGS. 4 and / or 5 and / or 6, and then the POT terminal 100. MMI integrated chip provided at the) checks whether the payment processing details corresponding to the payment information are received from the payment terminal 300 through a communication channel through short-range wireless communication connected to the payment terminal 300 (700).

If the payment processing details corresponding to the payment information are received from the payment terminal 300 through a communication channel through short-range wireless communication (705), the MMI integrated chip checks whether the received payment processing details are decoded. 710.

If decryption of the payment processing details is required (e.g., if the payment processing details are encrypted) (715), the MMI integrated chip is shown in FIGS. 20 and / or 22 and / or 24 and / or 26. At least one decoding procedure of the illustrated decoding procedure is performed (720).

On the other hand, if decryption of the payment processing history is not necessary (e.g., the payment processing history is not encrypted) (715), or when the protection process for the payment processing history is completed (725), the MMI integration The chip reads the payment processing history and checks whether payment is approved (730).

According to an embodiment of the present invention, it is preferable that the MMI integrated chip confirms payment approval for the payment processing details by checking whether the payment approval details are included in the payment processing details or the payment error details. .

If payment approval for the payment processing history is not confirmed (735), the MMI integrated chip outputs the payment error information corresponding to the payment processing history through the screen output device 120 (740), the print The payment receipt corresponding to the payment processing history is printed and output through the output device 125 (750).

On the other hand, if the payment approval of the payment processing history is confirmed (735), the MMI integrated chip outputs the payment approval information corresponding to the payment processing history through the screen output device 120 (745), the print output The device 125 prints and outputs a payment receipt corresponding to the payment processing details (750).

8 is a diagram illustrating a method for encrypting and transmitting payment information by a symmetric key (or secret key) method in the POT terminal 100 according to an embodiment of the present invention.

In more detail, FIG. 8 illustrates an embodiment of the present invention in which the POT terminal 100 having the encryption function as shown in FIG. 1 encrypts and transmits the payment information by a symmetric key (or secret key) method. If the skilled in the art, various embodiments of the present invention to encrypt the payment information in a symmetric key (or secret key) method in the POT terminal 100 through the short-range wireless communication by referring to and / or modified in this figure 8 The method may be inferred, but the present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 8 according to an embodiment of the present invention, the symmetric key (or secret key) is preferably read from the public certificate provided in the POT terminal 100, the public certificate is the POT terminal 100 It is preferably stored in the storage memory 175 in the MMI integrated chip provided in the.

According to another exemplary embodiment of the present invention, the symmetric key (or secret key) may be stored in a specific storage area on the storage memory 175 in the MMI integrated chip provided in the POT terminal 100, thereby. The present invention is not limited.

Referring to FIG. 8, when predetermined payment information including predetermined customer payment means information (or card information) and payment amount information is generated in the POT terminal 100, the POT terminal 100 provides the encrypted payment information to the encryption unit 180. If the payment information is provided, the encryption unit 180 reads out a predetermined symmetric key (or secret key) for encrypting payment information from an authorized certificate provided in the POT terminal 100 (805). In step 810, the payment information is encrypted using the read symmetric key (or secret key).

Herein, the encryption function of the encryption unit 180 is called E (Encryption), the symmetric key (or secret key) is k (key), the payment information is P (Plaintext), and the symmetric key (or secret key). When the payment information encrypted with) is C (Ciphertext), the encryption function of the encryption unit 180 may be expressed by an equation such as "Ek (P) = C".

According to an embodiment of the present invention, the encryption unit 180 encrypts the payment information through the symmetric key (or secret key), SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA It is preferable to include at least one or more of the International Data Encryption Algorithm, and in addition, various types of encryption algorithms may be used, but the present invention is not limited to a specific encryption algorithm.

When the payment information is encrypted using the symmetric key (or the secret key) as described above, the short range wireless communication device 135 transmits the encrypted payment information to the payment terminal 300 through a communication protocol defined in the short range wireless communication standard. (815).

9 is a diagram illustrating a method of decrypting payment information encrypted and received at a payment terminal 300 by a symmetric key (or secret key) method according to an embodiment of the present invention.

In more detail, FIG. 9 illustrates a symmetric key (or secret key) method of the payment information received from the POT terminal 100 having the encryption function as shown in FIG. As an embodiment of the present invention, the present invention has a general knowledge in the technical field to which the present invention pertains. Referring to FIG. 9 and / or modified, the encrypted payment is performed by the POT terminal 100 through the short range wireless communication. Various implementation methods for decrypting information in a symmetric key (or secret key) manner may be inferred, but the present invention includes all the inferred implementation methods and is not limited to the implementation method shown in FIG.

In this figure 9 according to an embodiment of the present invention, the symmetric key (or secret key) is preferably read from a predetermined official certificate provided in the payment terminal 300, the public certificate is the payment terminal 300 It is preferably stored in the memory unit 350 provided in).

According to another exemplary embodiment of the present invention, the symmetric key (or secret key) may be stored in a specific storage area on the memory unit 350 provided in the payment terminal 300, thereby limiting the present invention. Not.

Referring to FIG. 9, the short range wireless communication unit 310 (or the information receiving unit 355) of the payment terminal 300 receives the encrypted payment information through the short range wireless communication and provides the encrypted payment information to the decryption unit 330. In operation 900, the payment information may be received through a communication protocol stack defined in the short range wireless communication.

Thereafter, the decryption unit 330 extracts a predetermined symmetric key (or secret key) for decrypting the encrypted payment information from the authorized certificate provided in the payment terminal 300 (905), and the extracted symmetry. The encrypted payment information is decrypted using a key (or secret key) (910).

Here, the decryption function of the decryption unit 330 is called D (Decryption), and the payment information encrypted with the symmetric key (or secret key) k (key) and the symmetric key (or secret key) is C (Ciphertext). ) And the decrypted payment information is P (Plaintext), the function of decrypting the encrypted payment information by the decryption unit 330 is "Dk = P, or Dk (Ek (P)) = P" and The same formula can be used.

According to an embodiment of the present invention, the algorithm for decrypting the encrypted payment information by the decryption unit 330 through the symmetric key (or secret key), SEED, DES (Data Encryption Standard), Triple-DES, Skipjack It is preferable to include at least one or more of the International Data Encryption Algorithm (IDEA), and various forms of decryption algorithms may be used, but the decryption algorithm is matched with the encryption algorithm used in the POT terminal 100. The present invention is not limited by the specific decoding algorithm.

When the payment information encrypted through the symmetric key (or the secret key) is decrypted as described above, the decryption unit 330 provides the decrypted payment information to the full text generation unit 360 (915). The unit 360 includes a payment method including at least one customer payment method information (or card information) included in the payment information and affiliated store information (or terminal information) included in the memory unit 350 of the payment terminal 300. Create a full approval request.

FIG. 10 is a diagram illustrating a method for encrypting and transmitting payment information in a public key infrastructure structure in a POT terminal 100 according to an embodiment of the present invention.

More specifically, FIG. 10 illustrates an embodiment of the present invention in which the POT terminal 100 having the encryption function as shown in FIG. 1 encrypts and transmits the payment information in a public key infrastructure structure. With ordinary knowledge, various implementation methods for encrypting the payment information by the public key method in the POT terminal 100 may be inferred by referring to and / or modifying the drawing 10, The present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 10 according to an embodiment of the present invention, the terminal-side public key is preferably read from the public certificate provided in the POT terminal 100, the public certificate is provided in the POT terminal 100 It is preferably stored in the storage memory 175 in the MMI integrated chip.

According to another exemplary embodiment of the present invention, the terminal-side public key may be stored in a specific storage area on the storage memory 175 in the MMI integrated chip provided in the POT terminal 100, whereby the present invention It is not limited.

Referring to FIG. 10, when predetermined payment information including predetermined customer payment means information (or card information) and payment amount information is generated in the POT terminal 100, the POT terminal 100 provides the predetermined payment information to the encryption unit 180 ( 1000), if the payment information is provided, the encryption unit 180 extracts a predetermined terminal side public key for encrypting the payment information from the authorized certificate (1005), and through the extracted terminal side public key. The payment information is encrypted (1010).

Here, the encryption function of the encryption unit 180 is called E (Encryption), the terminal-side public key is k1 (key), the payment information is P (Plaintext), and the payment information encrypted with the terminal-side public key Speaking of C (Ciphertext), the encryption function of the encryption unit 180 can be expressed by a formula such as "Ek1 (P) = C".

According to the embodiment of the present invention, the encryption unit 180 encrypts the payment information through the terminal-side public key, RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), It is preferable to include at least one or more of DH (Diffie, Hellman), ECC (Elliptic Curve Cryptosystem), KCDSA, ECDSA, ECDH, in addition to various encryption algorithms may be used, the present invention by a specific encryption algorithm This is not limited.

For example, in the case of encrypting the payment information through the RSA encryption algorithm among the encryption algorithms, the published method (Modulus) used in the encryption process is n, and the prime numbers not disclosed by different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the encryption unit 180 may be expressed as" C = Ek1 (P) = Pe mod n ".

When the payment information is encrypted using the terminal-side public key as described above, the short range wireless communication device 135 transmits the encrypted payment information to the payment terminal 300 through a network component through the short range wireless communication. (1015).

FIG. 11 is a diagram illustrating a method for decrypting payment information encrypted and received by a payment terminal 300 according to an embodiment of the present invention using a public key infrastructure.

In more detail, FIG. 11 illustrates that the payment information encrypted and received from the POT terminal 100 having the encryption function as shown in FIG. 1 is decrypted by the public key infrastructure in the payment terminal 300 as shown in FIG. As a method of implementation, those of ordinary skill in the art to which the present invention pertains may refer to and / or modify this drawing 11 and encrypt the POT terminal 100 with the terminal side public key through the short range wireless communication. Various implementation methods for decrypting payment information in a public key infrastructure structure may be inferred, but the present invention includes all the inferred implementation methods and is not limited to the implementation method shown in FIG.

In this figure 11 according to an embodiment of the present invention, the terminal-side private key is preferably read from a predetermined official certificate provided in the payment terminal 300, the public certificate is provided in the payment terminal 300 It is preferably stored in the memory unit 350.

According to another exemplary embodiment of the present invention, the terminal-side private key may be stored in a specific storage area on the memory unit 350 provided in the payment terminal 300, whereby the present invention is not limited thereto. .

Referring to FIG. 11, the short range wireless communication unit 310 (or the information receiving unit 355) of the payment terminal 300 receives encrypted payment information through the short range wireless communication and provides the encrypted payment information to the decryption unit 330. The payment information is preferably received through a communication protocol stack defined in the short range wireless communication standard.

Thereafter, the decryption unit 330 extracts a terminal-side private key for decrypting the encrypted payment information from the authorized certificate provided in the payment terminal 300 (1105), and extracts the extracted terminal-side private key. The encrypted payment information is decrypted through 1110.

Here, the decryption function of the decryption unit 330 is called D (Decryption), the terminal-side private key is k2 (key), the payment information encrypted with the terminal-side public key is C (Ciphertext), and the terminal-side individual. When the payment information decrypted with a key is called P (Plaintext), the function of decrypting the encrypted payment information by the decryption unit 330 may be expressed by a formula such as "Dk2 = P, or Dk2 (Ek (P)) = P". I can express it.

According to an embodiment of the present invention, the algorithm for decrypting the payment information encrypted by the POT terminal 100 with the terminal-side public key through the terminal-side private key is RSA (Ron Rivest, Adi Shamir). , Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. Although it can be used, the decryption algorithm is characterized in that it matches the encryption algorithm used in the POT terminal 100, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the payment information through the RSA decryption algorithm of the public key-based decryption algorithm, n is a public method (Modulus) used in the decryption process, n, a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", where the decoding function of the decoder 330 may be expressed as" P = Dk2 = Cd mod n ".

As described above, when the payment information encrypted with the terminal-side public key is decrypted by the POT terminal 100 through the terminal-side private key, the decryption unit 330 provides the decrypted payment information to the full text generation unit 360. In operation 1115, the full text generation unit 360 includes customer payment means information (or card information) included in the payment information and affiliated store information (or terminal information) provided in the memory unit 350 of the payment terminal 300. Generate a full payment approval request message including at least one).

12 is a diagram illustrating a method for encrypting and transmitting payment information in an electronic envelope method in the POT terminal 100 according to an embodiment of the present invention.

More specifically, FIG. 12 is an embodiment of the present invention for encrypting and transmitting the payment information by an electronic envelope method in the POT terminal 100 having the encryption function as shown in FIG. With knowledge, it will be possible to infer various implementation methods for encrypting the payment information in an electronic envelope method in the POT terminal 100 through the short-range wireless communication by referring to and / or modifying this drawing 12. Includes all of the inferred implementation methods and is not limited to the implementation method illustrated in FIG.

In this figure 12 according to an embodiment of the present invention, the terminal-side public key is preferably read from the public certificate provided in the POT terminal 100, the public certificate is provided in the POT terminal 100 It is preferably stored in the storage memory 175 in the MMI integrated chip.

According to another exemplary embodiment of the present invention, the terminal-side public key may be stored in a specific storage area on the storage memory 175 in the MMI integrated chip provided in the POT terminal 100, whereby the present invention It is not limited.

Referring to FIG. 12, when predetermined payment information including predetermined customer payment means information (or card information) and payment amount information is generated in the POT terminal 100, the POT terminal 100 provides the predetermined payment information to the encryption unit 180 ( 1200, when the payment information is provided, the encryption unit 180 generates a predetermined random secret key for encrypting the payment information by a secret key (symmetric key) method (1205). In step 1210, the payment information is encrypted using the generated secret key.

Herein, the encryption function of the encryption unit 180 is called E (Encryption), the secret key is r (random secret key), the payment information is P (Plaintext), and the payment information encrypted with the secret key is C ( Ciphertext), the encryption function of the encryption unit 180 can be expressed by a formula such as "Er (P) = C".

According to an embodiment of the present invention, the encryption unit 180 encrypts the payment information through the secret key, SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA (International Data Encryption Algorithm) It is preferable to include at least one of), and in addition to the encryption algorithm of various forms may be used, but the present invention is not limited by a specific encryption algorithm.

Thereafter, the encryption unit 180 encrypts the secret key (random secret key) used to encrypt the payment information. For this purpose, the encryption unit 180 extracts a predetermined terminal-side public key from the public certificate. In operation 1220, the private key is encrypted using the terminal-side public key.

Here, the encryption function of the encryption unit 180 is called E (Encryption), the terminal-side public key is k1 (key), the secret key is r (random Secret key), and the secret encrypted with the terminal-side public key If the key is C (Ciphertext), the encryption function of the encryption unit 180 may be expressed by an expression such as "Ek1 (r) = C".

According to the embodiment of the present invention, the encryption unit 180 encrypts the secret key through the terminal-side public key, RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), It is preferable to include at least one or more of DH (Diffie, Hellman), ECC (Elliptic Curve Cryptosystem), KCDSA, ECDSA, ECDH, in addition to various encryption algorithms may be used, the present invention by a specific encryption algorithm This is not limited.

For example, in the case of encrypting the secret key through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the encryption unit 180 may be expressed as" C = Ek1 (r) = re mod n ".

If the payment information is encrypted with the secret key, and the secret key is encrypted with the terminal-side public key, the encryption unit 180 encrypts the payment information encrypted with the secret key and the secret key encrypted with the terminal-side public key. Generate and provide the associated transaction data to the short range wireless communication device 135 (1225), and the short range wireless communication device 135 transmits the transaction data to the payment terminal 300 through a network component through short range wireless communication. In operation 1230.

FIG. 13 is a diagram illustrating a method of decrypting payment information encrypted and received by a payment terminal 300 according to an embodiment of the present invention by an electronic envelope method.

In more detail, FIG. 13 shows the transaction data in the payment terminal 300 as shown in FIG. 3 that receives transaction data including encrypted payment information from the POT terminal 100 having the encryption function as shown in FIG. As an embodiment of the present invention, the present invention relates to an envelope method. If the present invention belongs to one of ordinary skill in the art, referring to FIG. 13 and / or modified, the POT terminal 100 performs the above-mentioned short range wireless communication. Various implementation methods for decrypting the transaction data encrypted by the electronic envelope method by the same electronic envelope method may be inferred, but the present invention includes all the inferred implementation methods and is not limited to the implementation method shown in FIG. No.

In this figure 13 according to an embodiment of the present invention, the terminal-side private key is preferably read from a predetermined official certificate provided in the payment terminal 300, the public certificate is provided in the payment terminal 300 It is preferably stored in the memory unit 350.

According to another exemplary embodiment of the present invention, the terminal-side private key may be stored in a specific storage area on the memory unit 350 provided in the payment terminal 300, whereby the present invention is not limited thereto.

Referring to FIG. 13, the short range wireless communication unit 310 (or the information receiving unit 355) of the payment terminal 300 receives predetermined transaction data including encrypted payment information through the short range wireless communication. Provided to the decoder 330 (1300), the transaction data is preferably received through a communication protocol stack defined in the short-range wireless communication standard.

Thereafter, the decryption unit 330 extracts the terminal-side private key for decrypting the encrypted secret key included in the transaction data from the authorized certificate provided in the payment terminal 300 (1305), and the extracted terminal. The POT terminal 100 decrypts the secret key encrypted with the terminal-side public key (1310) through the side private key, extracts a predetermined secret key for decrypting the payment information (1315), and extracts the extracted secret. By decrypting the payment information using a key (1320), the POT terminal 100 extracts the payment information encrypted with the secret key (1325).

Here, the decryption function of the decryption unit 330 is referred to as D (Decryption), the terminal-side private key is k2 (key), and the secret key encrypted with the terminal-side public key is C (Ciphertext) and the terminal-side individual. When the secret key decrypted with the key is r (random secret key), the function of decrypting the encrypted secret key by the decryption unit 330 is "Dk2 = r, or Dk2 (Ek1 (r)) = r". It can be expressed as an expression.

According to an embodiment of the present invention, the algorithm for decrypting the secret key encrypted by the POT terminal 100 with the terminal-side public key through the terminal-side private key is RSA (Ron Rivest, Adi Shamir). , Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. Although it can be used, the decryption algorithm is characterized in that it matches the encryption algorithm used in the POT terminal 100, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the secret key through the RSA decryption algorithm among the public key-based decryption algorithms, n is a public method (Modulus) used in the decryption process, and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", where the decoding function of the decoder 330 may be expressed as" P = Dk2 = Cd mod n ".

Here, the decryption function of the decryption unit 330 is called D (Decryption), the secret key is r (random secret key), the secret information encrypted with the secret key (C (Ciphertext)), and the decrypted payment When the information is referred to as P (Plaintext), the function of decrypting the encrypted payment information by the decryption unit 330 may be expressed by a formula such as "Dr = P or Dr (Er (P)) = P".

According to the embodiment of the present invention, the algorithm for decrypting the encrypted payment information by the decryption unit 330 using the secret key, SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA (International Data) It is preferable to include at least one or more of the Encryption Algorithm, and in addition to the decryption algorithm of various forms may be used, the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the POT terminal 100 However, the present invention is not limited to the specific decoding algorithm.

When the payment information is decrypted as described above, the decryption unit 330 provides the decrypted payment information to the full text generation unit 360 (1330), and the full text generation unit 360 is included in the billing information. A payment approval request message including at least one customer payment means information (or card information) and affiliated store information (or terminal information) included in the memory unit 350 of the payment terminal 300 is generated.

14A and 14B illustrate a method of encrypting and transmitting payment information in a key exchange method in the POT terminal 100 according to an embodiment of the present invention.

More specifically, FIGS. 14A and 14B illustrate an implementation method of encrypting and transmitting the payment information by a key exchange method in the POT terminal 100 having the encryption function as shown in FIG. With ordinary knowledge, various implementation methods for encrypting the payment information in the key exchange method in the POT terminal 100 may be inferred by referring to and / or modifying the drawing 14, The present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 14 according to an embodiment of the present invention, the POT side private key and the terminal side public key are preferably read from the public certificate provided in the POT terminal 100, and the public certificate is the POT terminal ( It is preferably stored in the storage memory 175 in the MMI integrated chip provided in (100).

According to another exemplary embodiment of the present invention, the POT side private key and the terminal side public key may be stored in a specific storage area on the storage memory 175 in the MMI integrated chip provided in the POT terminal 100. Thereby, this invention is not limited.

Referring to FIGS. 14A and 14B, when predetermined payment information including predetermined customer payment means information (or card information) and payment amount information is generated in the POT terminal 100, the POT terminal 100 converts the predetermined payment information to the encryption unit 180. When the payment information is provided, the encryption unit 180 provides the payment information with a predetermined one-way hash function (eg, a hash code of a predetermined length regardless of the length of the payment information). A one-way hash function that generates a message digest including the message digest and cannot identify (or infer) the original message through the hash code (or message digest). The terminal 300 generates a predetermined message digest through the same hash function (1405), and digitally signs the message digest by encrypting the message digest through the POT side private key (1410).

Here, the encryption function of the encryption unit 180 is called E (Encryption), the POT side private key is t1 (15erminal side key), the message digest is m (message digest), and the POT side private key is encrypted. If the message digest is C (Ciphertext), the digital signature function of the encryption unit 180 may be expressed by an expression such as "Et1 (m) = C".

According to an embodiment of the present invention, the encryption unit 180 encrypts the message digest through the POT side private key, RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), It is preferable to include at least one or more of DH (Diffie, Hellman), ECC (Elliptic Curve Cryptosystem), KCDSA, ECDSA, ECDH, in addition to various encryption algorithms may be used, the present invention by a specific encryption algorithm This is not limited.

For example, in the case of encrypting the message digest through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the digital signature function of the encryption unit 180 may be expressed as" C = Et1 (m) = me mod n ".

In addition, the encryption unit 180 generates a random secret key for encrypting the payment information using a secret key (symmetric key) method (1415), and the payment information and the POT The message digest encrypted with the side private key and a copy of a certificate (for example, a certificate including a POT side public key) included in the public certificate are linked to each other and encrypted through the generated private key (1420).

Here, the encryption function of the encryption unit 180 is called E (Encryption), the secret key is r (random secret key), the payment information and the copy of the certificate P (Plaintext), and the payment information encrypted with the secret key If the certificate copy is called C (Ciphertext), the encryption function of the encryption unit 180 can be expressed by a formula such as "Er (P) = C".

According to an embodiment of the present invention, the encryption unit 180 encrypts the payment information and the certificate copy through the secret key, SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA (International) It is preferable to include at least one or more of Data Encryption Algorithm, and in addition, various types of encryption algorithms may be used, but the present invention is not limited to a specific encryption algorithm.

In addition, the encryption unit 180 extracts a predetermined terminal side public key from the authorized certificate in order to encrypt the secret key that encrypts the payment information (1425), and uses the terminal side public key to make the payment. The private key encrypts the information (1430).

Herein, the encryption function of the encryption unit 180 is referred to as E (Encryption), the terminal side public key is encrypted with s1 (server side key), the secret key is r (random secret key), and the terminal side public key. When the secret key is referred to as C (Ciphertext), the encryption function of the encryption unit 180 may be expressed by an expression such as "Es1 (r) = C".

According to the embodiment of the present invention, the encryption unit 180 encrypts the secret key through the terminal-side public key, RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), It is preferable to include at least one or more of DH (Diffie, Hellman), ECC (Elliptic Curve Cryptosystem), KCDSA, ECDSA, ECDH, in addition to various encryption algorithms may be used, the present invention by a specific encryption algorithm This is not limited.

For example, in the case of encrypting the secret key through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the encryption unit 180 may be expressed as" C = Es1 (r) = re mod n ".

A copy of a certificate including the message digest encrypted with the payment information and the POT-side private key and the POT-side public key is linked and encrypted using the generated secret key, and the secret key is encrypted with the terminal-side public key. If the encryption unit 180 encrypts the certificate copy including the message digest encrypted with the secret key and the POT-side private key and the POT-side public key, the secret is encrypted with the terminal-side public key. Generate predetermined transaction data in association with a key, and provide the generated transaction data to the short range wireless communication device 135 (1435), and the short range wireless communication device 135 performs short range wireless communication based on the transaction data. Through the network component is transmitted to the payment terminal 300 (1440).

15A and 15B illustrate a method of decrypting payment information encrypted and received by a payment terminal 300 according to an embodiment of the present invention by a key exchange method.

In more detail, FIGS. 15A and 15B illustrate the transaction in the payment terminal 300 as shown in FIG. 3, which receives transaction data including encrypted payment information from the POT terminal 100 having the encryption function as shown in FIG. The present invention relates to a method of decrypting data by a key exchange method, and if the present invention belongs to one of ordinary skill in the art, the POT terminal 100 through the short-range wireless communication with reference to and / or modification of FIG. 15. In the present invention, various implementation methods for decrypting the transaction data encrypted by the key exchange scheme may be inferred by the same key exchange scheme. However, the present invention includes all the inferred implementation methods, and as shown in FIG. It is not limited.

In this figure 15 according to an embodiment of the present invention, the POT side public key and the terminal side private key is preferably read from a predetermined official certificate provided in the payment terminal 300, the public certificate is the payment terminal It is preferably stored in the memory unit 350 provided in the (300).

According to another exemplary embodiment of the present invention, the POT-side public key and the terminal-side private key may be stored in a specific storage area on the memory unit 350 provided in the payment terminal 300. This is not limited.

15A and 15B, the short range wireless communication unit 310 (or the information receiving unit 355) of the payment terminal 300 receives transaction data including encrypted payment information through the short range wireless communication. In operation 1500, the transaction data is provided to the decryption unit 330. The transaction data is preferably received through a communication protocol defined in the short range wireless communication standard, and / or encrypted by the secret key. And a copy of the certificate including the payment information, the message digest encrypted with the POT side private key, and the POT side public key, and the secret key encrypted with the terminal side public key.

Thereafter, the decryption unit 330 extracts the terminal-side private key from the authorized certificate provided in the payment terminal 300 to decrypt the secret key encrypted with the terminal-side public key (1510), and the terminal-side individual. By decrypting the secret key through a key (1515), the secret key for decrypting a copy of the certificate including the message digest encrypted with the payment information and the POT side private key and the POT side public key is extracted (1520). ).

Here, the decryption function of the decryption unit 330 is called D (Decryption), the terminal side private key is s2 (server side key), the secret key encrypted with the terminal side public key is C (Ciphertext), and the terminal. When the secret key decrypted with the side private key is r (random secret key), the function of decrypting the encrypted secret key by the decryption unit 330 is "Ds2 = r, or Ds2 (Es1 (r)) = r". It can be expressed as

According to an embodiment of the present invention, the algorithm for decrypting the secret key encrypted by the POT terminal 100 with the terminal-side public key through the terminal-side private key is RSA (Ron Rivest, Adi Shamir). , Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. Although it can be used, the decryption algorithm is characterized in that it matches the encryption algorithm used in the POT terminal 100, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the secret key through the RSA decryption algorithm among the public key-based decryption algorithms, n is a public method (Modulus) used in the decryption process, and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decoding function of the decoder 330 may be expressed as" P = Ds2 = Cd mod n ".

When the secret key is extracted as described above, the decryption unit 330 copies the certificate including the message digest encrypted with the payment information and the POT side private key and the POT side public key using the extracted secret key. By decrypting (1525), a copy of the certificate including the payment information encrypted with the secret key and the message digest encrypted with the POT side private key and the POT side public key is extracted.

Here, the decryption function of the decryption unit 330 is called D (Decryption), the secret key is r (random secret key), the message digest encrypted with the secret key and the POT side private key and the message digest and the A copy of a certificate including a POT side public key is C (Ciphertext), and a copy of a certificate including the message digest encrypted with the decrypted payment information and the POT side private key and the POT side public key is P (Plaintext). The decryption unit 330 decrypts a copy of the certificate including the encrypted payment information and the message digest encrypted with the POT-side private key and the POT-side public key as "Dr = P, or Dr (Er ( It can be expressed by an expression such as P)) = P ".

According to an embodiment of the present invention, the decryption unit 330 decrypts a copy of a certificate including the message digest encrypted with the encrypted payment information and the POT side private key and the POT side public key through the secret key. The algorithm may include at least one or more of SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, and International Data Encryption Algorithm (IDEA), and various types of decryption algorithms may be used. The decryption algorithm is characterized in that it matches the encryption algorithm used in the POT terminal 100, the present invention is not limited by a specific decryption algorithm.

In addition, the decryption unit 330 decrypts the message digest encrypted with the POT-side private key through the POT-side public key (1530), thereby generating and transmitting the message digest generated from the payment information by the POT terminal 100. It is extracted (1535).

Here, the decryption function of the decryption unit 330 is called D (Decryption), the POT side public key is t2 (terminal side key), the message digest encrypted with the POT side private key is C (Ciphertext), and the POT. If the message digest decrypted with the side public key is m (Message Digest), the function of decrypting the encrypted message digest by the decryption unit 330 is " Dt2 = m, or Dt2 (Es1 (r)) = m " The same formula can be used.

According to an embodiment of the present invention, an algorithm for decrypting the message digest encrypted by the POT terminal private key by the decryption unit 330 by the POT terminal public key is RSA (Ron Rivest, Adi Shamir). , Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. Although it can be used, the decryption algorithm is characterized in that it matches the encryption algorithm used in the POT terminal 100, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the message digest through the RSA decryption algorithm of the public key-based decryption algorithm, n is a public method (Modulus) used in the decryption process and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decoding function of the decoding unit 330 may be expressed as" P = Dt2 = Cd mod n ".

Subsequently, the decoder 330 generates a predetermined message digest through the same one-way hash function with the received payment information (1540), and then generates the generated message digest and the decrypted message. By comparing the digest (1545), the validity of the received payment information is verified.

If the generated message digest coincides with the decrypted message digest (1550), the decryption unit 330 provides the payment information to the full text generation unit 360 (1555), and the full text generation unit 360 ) Is a full payment approval request message including at least one customer payment means information (or card information) included in the payment information and affiliated store information (or terminal information) included in the memory unit 350 of the payment terminal 300. Create

FIG. 16 is a diagram illustrating a payment approval request process of a payment terminal 300 (or a payment module) to which a POT terminal 100 having a MMI function for payment processing and short-range wireless communication is connected according to an embodiment of the present invention.

In more detail, as shown in FIG. 3, FIG. 16 illustrates a payment terminal 300 (or a payment module) connected to at least one POT terminal 100 shown in FIG. 1 and a communication channel via short-range wireless communication. As a process for generating a predetermined payment approval request full text through the payment information provided from the POT terminal 100 and transmitting to the bansa server 390 through a predetermined communication network, the general knowledge in the technical field to which the present invention belongs If the person having, the payment approval request process of the payment terminal 300 to provide a distributed electronic payment service in connection with the POT terminal 100 having the MMI function for payment processing by referring to and / or modified in this figure 16 Although various embodiments of the present invention may be inferred, the technical features of the present invention are not limited by the drawing 16, but include all the inferred embodiments. It is to be revealed.

Referring to FIG. 16, when a predetermined power is supplied to the payment terminal 300 illustrated in FIG. 3, a booting procedure for the payment terminal 300 is performed (1600), and if the payment terminal 300 is provided to the payment terminal 300. When the booting is completed (1605), the payment terminal 300 connects the communication channel through the short range wireless communication with at least one POT terminal 100 existing in the short range wireless communication range through a predetermined short range wireless communication. (1610).

If at least one POT terminal 100 and a communication channel via short-range wireless communication are connected (1615), the payment terminal 300 receives payment information from the at least one POT terminal 100 through the short-range wireless communication. Check whether it is (1620).

If predetermined payment information is received from the at least one or more POT terminals 100 through the short range wireless communication (1625), the payment terminal 300 may be configured as shown in FIGS. 9 and / or 11 and / or about the payment information. 13 and / or at least one decryption procedure shown in FIG. 15 is performed (1630).

If the decoding of the payment information is completed (1635), the payment terminal 300 is the customer payment method information and payment amount information included in the payment information and the merchant information (or terminal information stored in the memory unit 350) In step 1640, the payment approval request message including the full text is generated.

Subsequently, the payment terminal 300 connects a communication channel for transceiving professional transmission and reception with the bansa server 390 through a predetermined communication network (1645), and approves the payment to the bansa server 390 through the communication channel. Send the full text of the request (1650).

17 is a diagram illustrating a payment approval process according to an embodiment of the present invention.

In more detail, FIG. 17 shows the customer payment means information (or card information), payment amount information, and merchant information (through the payment approval request process shown in FIG. 16) in the payment terminal 300 shown in FIG. Or a payment approval request message including terminal information) to the bansa server 390, the bansa server 390 in association with the card company server 395 corresponding to the customer payment means information (or card information); Regarding a process of performing a payment approval process for a payment approval request, those skilled in the art to which the present invention pertains, various implementation methods for the payment approval process by referring to and / or modified in the present drawing 17 Although it can be inferred that the technical features of the present invention are not limited by this figure 17, it is understood that the present invention includes all the inferred implementation methods. .

Referring to FIG. 17, the payment terminal 300 shown in FIG. 3 performs the payment approval request process shown in FIG. 16 and the customer payment means information (or card information), payment amount information, and merchant information (or terminal). When the payment approval request message including the information) is transmitted to the bansa server 390, the bansa server 390 receives the payment approval request message transmitted from the payment terminal 300 through a predetermined communication network (1700). The card company server 395 corresponding to the customer payment means information (or card information) included in the payment approval request text, payment information and merchant information (or terminal information) extracted from the payment approval request text (or payment approval request text) ), And in response thereto, the card company server 395 responds to the payment approval request through payment information and merchant information (or terminal information) included in the full payment approval request. It performs the approval process (1710).

Those skilled in the art to which the present invention belongs, various payment approval procedures (for example, the customer payment means information (or card information) corresponding to the customer payment means information (or card information) included in the payment information. Familiarize yourself with credit card payment authorization procedures based on credit limit lookups corresponding to, or check card / debit card payment authorization procedures based on account balance inquiry associated with the customer payment method information (or card information). Since it will be, a detailed description thereof will be omitted for convenience.

If the payment approval process for the payment approval request is completed (1715), the card company server 395 generates a payment processing history including any of the payment approval details or payment error details corresponding to the payment approval request; In operation 1720, the payment processing details (or payment approval text including the payment processing details) are transmitted to the bansa server 390, and in response, the bansa server 390 transmits the payment through the communication network. The payment terminal 300 transmits the payment approval message including the payment processing details (1730).

Here, the payment processing details (or payment approval) may further include the wireless terminal information of the customer provided in the card company server.

FIG. 18 is a diagram illustrating a payment processing process of a payment terminal 300 (or a payment module) to which a POT terminal 100 having a MMI function for payment processing and short-range wireless communication is connected according to an embodiment of the present invention.

In more detail, Figure 18 is performed by the payment terminal 300 shown in Figure 3 performs the payment approval request process shown in Figure 16, the Bansa server 390 through the payment approval process shown in Figure 17 ) Is a process of confirming whether a payment approval message including a predetermined payment processing history is received and performing a payment processing process corresponding to the verification result, and a person having ordinary knowledge in the technical field to which the present invention belongs. Various implementations of the payment processing process of the payment terminal 300 providing a distributed electronic payment service in connection with the POT terminal 100 having the MMI function for payment processing by referring to and / or modifying the drawing 18 The method may be inferred, but it is to be understood that the technical features of the present invention are not limited by this drawing 18 but include all the inferred implementation methods. A.

Referring to FIG. 18, the payment terminal 300 illustrated in FIG. 3 performs a payment approval request process shown in FIG. 16 and then performs a payment approval process corresponding to the payment approval request process. In operation 1800, it is determined whether a payment approval text including a predetermined payment processing history corresponding to the payment approval request is received through the communication network.

If a predetermined payment approval message is received from the bansa server 390 (1805), the payment terminal 300 extracts the payment processing details from the payment approval message, reads the payment processing details, and requests the payment approval. It is checked whether payment for is approved (1810).

According to the exemplary embodiment of the present invention, the payment terminal 300 checks whether the payment approval details are included in the payment processing details or whether the payment error details are included. desirable.

If payment approval for the payment processing details is not confirmed (1815), the payment terminal 300 is shown in the drawings 19 and / or 21 and / or 23 and / or 25 with respect to the payment processing details. When at least one of the encrypted procedures is performed (1825), and the encryption of the payment processing history is completed (1830), the payment terminal 300 is the POT shown in FIG. The payment processing history is transmitted to the terminal 100 (1835), and in response, the POT terminal 100 performs the payment processing shown in FIG.

On the other hand, if the payment approval of the payment processing history is confirmed (1815), the payment terminal 300 is the information on the POT terminal 100 that transmitted the full payment approval request corresponding to the payment approval message and the payment approval request text (Or the payment unit information (or card information) included in the payment processing history) and payment amount information and payment approval information (eg, payment approval number) included in the payment processing history in association with the memory unit 350. (1820).

Thereafter, the payment terminal 300 performs at least one or more encryption procedures among the encryption procedures illustrated in FIGS. 19 and / or 21 and / or 23 and / or 25 with respect to the payment processing details (1825). When the encryption of the payment processing details is completed (1830), the payment terminal 300 transmits the payment processing details to the POT terminal 100 shown in FIG. 1 through the short range wireless communication (1835). In response, the POT terminal 100 performs the payment processing shown in FIG.

According to the exemplary embodiment of the present invention, the wireless terminal information is included in the payment information received from the POT terminal 100 or the payment processing history (or payment approval) is received from the bansa server 390. When the wireless terminal information is included, the payment terminal 300 preferably transmits the payment processing details to the customer wireless terminal.

For example, the payment terminal 300 is a predetermined wireless message including a payment processing history including at least one or more of the payment amount, merchant information, payment approval number, customer card number, etc. based on the customer wireless terminal information (eg , A short message, a multimedia message), or a wireless message including a callback address corresponding to the payment processing history, and generated to the customer wireless terminal through a wireless communication network corresponding to the customer wireless terminal information. It is desirable to send a wireless message.

19 is a diagram illustrating a method of encrypting and transmitting payment processing details in a symmetric key (or secret key) method in the payment terminal 300 according to an embodiment of the present invention.

More specifically, FIG. 19 illustrates an embodiment of the present invention for encrypting and transmitting the payment processing details in a symmetric key (or secret key) method in the payment terminal 300 having the encryption function as shown in FIG. If there is a general knowledge in the technical field to belong to this reference 19 and / or modified to encrypt the payment processing details in the payment terminal 300 through the short-range wireless communication in a symmetric key (or secret key) method Various implementation methods may be inferred, but the present invention includes all of the inferred implementation methods and is not limited to the implementation method shown in FIG.

In this figure 19 according to an embodiment of the present invention, the symmetric key (or secret key) is preferably read from a predetermined official certificate provided in the payment terminal 300, the public certificate is the payment terminal 300 It is preferably stored in the memory unit 350 provided in).

According to another exemplary embodiment of the present invention, the symmetric key (or secret key) may be stored in a specific storage area on the memory unit 350 provided in the payment terminal 300, thereby limiting the present invention. Not.

Referring to FIG. 19, when a payment approval message including a predetermined payment processing history is received by the specialized receiving unit 370 of the payment terminal 300, the encryption approval unit 325 is provided to the encryption unit 325 (1900). When the processing details are provided, the encryption unit 325 reads a predetermined symmetric key (or secret key) for encrypting the payment processing details from the authorized certificate provided in the payment terminal 300 (1905), and reads the readings. The payment processing history is encrypted using the symmetric key (or secret key) (1910).

Here, the encryption function of the encryption unit 325 is called E (Encryption), the symmetric key (or secret key) is k (key), the payment processing history is P (Plaintext), and the symmetric key (or secret). If the payment processing history encrypted with the key) is C (Ciphertext), the encryption function of the encryption unit 325 may be expressed by an expression such as "Ek (P) = C".

According to the embodiment of the present invention, the encryption unit 325 encrypts the payment processing details through the symmetric key (or secret key), SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, It is preferable to include at least one or more of the International Data Encryption Algorithm (IDEA), and various forms of encryption algorithms may be used, but the present invention is not limited to a specific encryption algorithm.

When the payment processing details are encrypted through the symmetric key (or the secret key) as described above, the information transmitter 385 (or the short range wireless communication unit 310) defines the encrypted payment processing details in the short range wireless communication standard. In operation 1915, the POT terminal 100 transmits the information to the POT terminal 100 through the established communication protocol.

20 is a diagram illustrating a method of decrypting a payment processing history encrypted and received by the POT terminal 100 using a symmetric key (or secret key) method according to an embodiment of the present invention.

In more detail, FIG. 20 illustrates a symmetric key (or secret key) in the POT terminal 100 as shown in FIG. 1 in which the payment processing details received from the payment terminal 300 having the encryption function as shown in FIG. 3 are encrypted. Method for decrypting in a manner that, if there is a general knowledge in the technical field to which the present invention belongs, with reference to and / or modified in this figure 20 is encrypted in the payment terminal 300 through the short-range wireless communication Various implementation methods for decrypting payment processing details by a symmetric key (or secret key) method may be inferred, but the present invention includes all the inferred implementation methods and is not limited to the implementation method shown in FIG. .

In this figure 19 according to an embodiment of the present invention, the symmetric key (or secret key) is preferably read from the public certificate provided in the POT terminal 100, the public certificate is the POT terminal 100 It is preferably stored in the storage memory 175 in the MMI integrated chip provided in the.

According to another exemplary embodiment of the present invention, the symmetric key (or secret key) may be stored in a specific storage area on the storage memory 175 in the MMI integrated chip provided in the POT terminal 100, thereby. The present invention is not limited.

Referring to FIG. 20, the short range wireless communication device 135 of the POT terminal 100 receives the encrypted payment processing details through the short range wireless communication and provides the encrypted payment processing details to the decryption unit 185 (2000). The payment processing details are preferably received through a communication protocol stack defined in the short range wireless communication.

Thereafter, the decryption unit 185 extracts a predetermined symmetric key (or secret key) for decrypting the encrypted payment processing details from the authorized certificate provided in the POT terminal 100 (2005), and the extracted The encrypted payment processing history is decrypted through a symmetric key (or secret key) (2010).

Here, the decryption function of the decryption unit 185 is referred to as D (Decryption), and the payment processing contents encrypted with the symmetric key (or secret key) with k (key) and the symmetric key (or secret key) are C. (Ciphertext) and the decrypted payment processing details are P (Plaintext), the function of decrypting the encrypted payment processing details by the decryption unit 185 is "Dk = P, or Dk (Ek (P)) It can be expressed as an expression such as = P ".

According to the exemplary embodiment of the present invention, the decryption unit 185 decrypts the encrypted payment processing details through the symmetric key (or secret key) such as SEED, DES (Data Encryption Standard), Triple-DES, It is preferable to include at least one or more of Skipjack, International Data Encryption Algorithm (IDEA), and various types of decryption algorithms may be used, but the decryption algorithm matches the encryption algorithm used in the payment terminal 300. The present invention is not limited to the specific decoding algorithm.

When the payment processing details encrypted through the symmetric key (or the secret key) are decrypted as described above, the decryption unit 185 displays the decrypted payment processing details on the screen output unit 155 (or the print output unit 160). (2015), the screen output unit 155 (or print output unit 160) outputs the payment processing details to a predetermined screen output device 120 (or print output device 125). .

FIG. 21 is a diagram illustrating a method of encrypting and transmitting payment processing details in a public key based structure method in a payment terminal 300 according to an embodiment of the present invention.

More specifically, FIG. 21 is an embodiment of the present invention for encrypting and transmitting the payment processing details in a public key infrastructure structure in a payment terminal 300 having an encryption function as shown in FIG. 3. In the art, various embodiments of the present invention can be inferred by referring to and / or modifying the drawing 21 and encrypting the payment processing details in a public key method through the short-range wireless communication. However, the present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 21 according to an embodiment of the present invention, the POT side public key is preferably read from a predetermined official certificate provided in the payment terminal 300, the public certificate is provided in the payment terminal 300 It is preferably stored in the memory unit 350.

According to another exemplary embodiment of the present invention, the POT side public key may be stored in a specific storage area on the memory unit 350 provided in the payment terminal 300, and thus the present invention is not limited thereto.

Referring to FIG. 21, when a payment approval message including a predetermined payment processing history is received by the specialized receiving unit 370 of the payment terminal 300, it is provided to the encryption unit 325 (2100). When the processing history is provided, the encryption unit 325 extracts a predetermined POT side public key for encrypting the payment processing history from the authorized certificate (2105), and the payment processing through the extracted POT side public key. The details are encrypted (2110).

Here, the encryption function of the encryption unit 325 is called E (Encryption), the POT side public key is k1 (key), the payment processing history is P (Plaintext), and the POT side public key is encrypted. When the details are referred to as C (Ciphertext), the encryption function of the encryption unit 325 may be expressed by an expression such as "Ek1 (P) = C".

According to an embodiment of the present invention, the encryption unit 325 encrypts the payment processing history through the POT side public key, RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm) , DH (Diffie, Hellman), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, ECDH, or at least one of the above. Preferably, various types of encryption algorithms may be used. The invention is not limited.

For example, in the case of encrypting the payment processing details through the RSA encryption algorithm, among the encryption algorithms, a public method (Modulus) used in the encryption process is n, and a prime number that is not disclosed by different prime factors of n is a and a. b, if the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a- 1) (b-1) ", wherein the encryption function of the encryption unit 325 may be expressed as" C = Ek1 (P) = Pe mod n ".

When the payment processing details are encrypted using the POT side public key as described above, the information transmission unit 385 (or the short range wireless communication unit 310) stores the encrypted payment processing details through the short range wireless communication. The transmission is transmitted to the POT terminal 100 through 2115.

FIG. 22 is a diagram illustrating a method of decrypting a payment processing history encrypted and received by a POT terminal 100 using a public key based structure according to an embodiment of the present invention.

More specifically, FIG. 22 decrypts the payment processing details received from the payment terminal 300 having the encryption function as shown in FIG. 3 in the POT terminal 100 as shown in FIG. As an embodiment of the present invention, if the present invention has a general knowledge, it is encrypted with the POT side public key in the payment terminal 300 through the short-range wireless communication by referring to and / or modifying the present invention 22. Various implementation methods for decrypting the processed payment details in a public key infrastructure structure may be inferred, but the present invention includes all the inferred implementation methods and is not limited to the implementation method shown in FIG.

In this figure 22 according to an embodiment of the present invention, the POT side private key is preferably read from the public certificate provided in the POT terminal 100, the public certificate is provided in the POT terminal 100 It is preferably stored in the storage memory 175 in the MMI integrated chip.

According to another exemplary embodiment of the present invention, the POT side private key may be stored in a specific storage area on the storage memory 175 in the MMI integrated chip provided in the POT terminal 100, whereby the present invention It is not limited.

Referring to FIG. 22, the short-range wireless communication apparatus 135 of the POT terminal 100 receives the encrypted payment processing details through the short-range wireless communication and provides them to the decryption unit 185 (2200). The processing details are preferably received through a communication protocol stack defined in the short range wireless communication standard.

Thereafter, the decryption unit 185 extracts the POT side private key for decrypting the encrypted payment processing details from the authorized certificate provided in the POT terminal 100 (2205), and extracts the extracted POT side private key. The encrypted payment processing history is decrypted (2210).

Here, the decryption function of the decryption unit 185 is called D (Decryption), the POT side private key is k2 (key), and the payment processing details encrypted with the POT side public key are C (Ciphertext) and the POT. When the payment processing details decrypted with the side private key are P (Plaintext), the function of decrypting the encrypted payment processing details by the decryption unit 185 is "Dk2 = P, or Dk2 (Ek (P)) = P". It can be expressed as

According to an embodiment of the present invention, an algorithm for decrypting the payment processing details encrypted by the POT side public key in the payment terminal 300 through the POT side private key may be RSA (Ron Rivest, Adi). Shamir, Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, ECDH, at least one or more of the various forms of decoding algorithms Although it may be used, the decryption algorithm is characterized in that it matches the encryption algorithm used in the payment terminal 300, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the payment processing details through the RSA decryption algorithm among the public key-based decryption algorithms, the disclosed method (Modulus) used in the decryption process is n, a prime number that is not disclosed with different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e, the undisclosed index is d, the n satisfies "n = a * b", d is "de = 1 mod (a-1) (b-1) ", wherein the decoding function of the decoding unit 185 may be expressed as" P = Dk2 = Cd mod n ".

When the payment processing details encrypted with the POT side public key are decrypted by the payment terminal 300 through the POT side private key as described above, the decryption unit 185 displays the decrypted payment processing details on the screen output unit 155. (Or the print output unit 160) (2215), the screen output unit 155 (or print output unit 160) is to display the payment processing details predetermined screen output device 120 (or print output) Output to device 125).

23 is a diagram illustrating a method of encrypting and transmitting payment processing details in an electronic envelope method in a payment terminal 300 according to an embodiment of the present invention.

More specifically, FIG. 23 is an embodiment of the present invention for encrypting and transmitting the payment processing details by an electronic envelope method in a payment terminal 300 having an encryption function as shown in FIG. If the knowledge of the present invention, it will be able to infer various implementation methods for encrypting the payment processing details in an electronic envelope method in the payment terminal 300 through the short-range wireless communication by referring to and / or modified in this figure 23, The present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 23 according to an embodiment of the present invention, the POT side public key is preferably read from a predetermined official certificate provided in the payment terminal 300, and the public certificate is provided in the payment terminal 300. It is preferably stored in the memory unit 350.

According to another exemplary embodiment of the present invention, the POT side public key may be stored in a specific storage area on the memory unit 350 provided in the payment terminal 300, and thus the present invention is not limited thereto.

Referring to FIG. 23, when a payment approval text including a predetermined payment processing history is received by the specialized receiving unit 370 of the payment terminal 300, it is provided to the encryption unit 325 (2300). When the processing history is provided, the encryption unit 325 generates a predetermined random secret key for encrypting the payment processing history in a secret key (symmetric key) manner (2305), and The payment processing details are encrypted using the generated secret key (2310).

Herein, the encryption function of the encryption unit 325 is called E (Encryption), the secret key is r (random secret key), the payment processing history is P (Plaintext), and the payment processing history encrypted with the secret key. Suppose C (Ciphertext), the encryption function of the encryption unit 325 can be expressed by the formula, such as "Er (P) = C".

According to the embodiment of the present invention, the encryption unit 325 encrypts the payment processing history through the secret key, SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA (International Data Encryption) It is preferable to include at least one of the algorithm (Algorithm), and various forms of encryption algorithm may be used, but the present invention is not limited by a specific encryption algorithm.

Thereafter, the encryption unit 325 encrypts the secret key (random secret key) used to encrypt the payment processing details, and for this purpose, the encryption unit 325 extracts a predetermined POT side public key from the public certificate. In operation 2315, the private key is encrypted using the POT side public key (2320).

Here, the encryption function of the encryption unit 325 is called E (Encryption), the POT side public key is k1 (key), the secret key is r (random Secret key), and the secret encrypted with the POT side public key. If the key is C (Ciphertext), the encryption function of the encryption unit 325 can be expressed by an expression such as "Ek1 (r) = C".

According to an embodiment of the present invention, the encryption unit 325 encrypts the secret key through the POT side public key, RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), It is preferable to include at least one or more of DH (Diffie, Hellman), ECC (Elliptic Curve Cryptosystem), KCDSA, ECDSA, ECDH, in addition to various encryption algorithms may be used, the present invention by a specific encryption algorithm This is not limited.

For example, in the case of encrypting the secret key through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the encryption unit 325 may be expressed as" C = Ek1 (r) = re mod n ".

If the payment processing details are encrypted with the secret key, and the secret key is encrypted with the POT side public key, the encryption unit 325 encrypts the payment processing details encrypted with the secret key and the POT side public key. Generate and transmit transaction data associated with a key to the information transmitter 385 (or near field communication unit 310) (2325), the information transmitter 385 (or near field communication unit 310) is the transaction Data is transmitted to the POT terminal 100 through a network component through short-range wireless communication (2330).

24 is a diagram illustrating a method of decrypting a payment processing history encrypted and received by the POT terminal 100 according to an embodiment of the present invention by an electronic envelope method.

More specifically, FIG. 24 shows the transaction data in the POT terminal 100 as shown in FIG. 1, which receives transaction data including the encrypted payment processing details from the payment terminal 300 having the encryption function as shown in FIG. As an embodiment of the present invention, the present invention relates to a method of decoding by an electronic envelope. If the present invention belongs to those skilled in the art, the payment terminal 300 may perform the above-described wireless communication with reference to FIG. Various implementation methods of decrypting transaction data encrypted by an electronic envelope method by the same electronic envelope method may be inferred, but the present invention includes all the inferred implementation methods and is not limited to the implementation method shown in FIG. No.

In this figure 24 according to an embodiment of the present invention, the POT side private key is preferably read from the public certificate provided in the POT terminal 100, the public certificate is provided in the POT terminal 100 It is preferably stored in the storage memory 175 in the MMI integrated chip.

According to another exemplary embodiment of the present invention, the POT side private key may be stored in a specific storage area on the storage memory 175 in the MMI integrated chip provided in the POT terminal 100, whereby the present invention It is not limited.

Referring to FIG. 24, the short range wireless communication device 135 of the POT terminal 100 receives predetermined transaction data including the payment processing details encrypted through the short range wireless communication to the decryption unit 185. In operation 2400, the transaction data is preferably received through a communication protocol stack defined in the short range wireless communication standard.

Thereafter, the decryption unit 185 extracts the POT side private key for decrypting the encrypted secret key included in the transaction data from the public certificate provided in the POT terminal 100 (2405), and the extracted POT. By decrypting the secret key encrypted with the POT side public key in the payment terminal 300 through the side private key (2410), a predetermined secret key for decrypting the payment processing details is extracted (2415), and the extracted By decrypting the payment processing details using a secret key (2420), the payment terminal 300 extracts the payment processing details encrypted with the secret key (2425).

Here, the decryption function of the decryption unit 185 is called D (Decryption), the POT side private key is k2 (key), the POT side public key is encrypted with C (Ciphertext), and the POT side private. When a secret key decrypted with a key is r (random secret key), the function of decrypting the encrypted secret key by the decryption unit 185 is "Dk2 = r, or Dk2 (Ek1 (r)) = r". It can be expressed as an expression.

According to an embodiment of the present invention, an algorithm for decrypting the secret key encrypted by the POT side public key in the payment terminal 300 by the decryption unit 185 via the POT side private key is RSA (Ron Rivest, Adi Shamir). , Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. Although it may be used, the decryption algorithm is characterized in that it matches the encryption algorithm used in the payment terminal 300, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the secret key through the RSA decryption algorithm among the public key-based decryption algorithms, n is a public method (Modulus) used in the decryption process, and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decoding function of the decoding unit 185 may be expressed as" P = Dk2 = Cd mod n ".

Here, the decryption function of the decryption unit 185 is referred to as D (Decryption), the secret key is r (random secret key), the payment processing details encrypted with the secret key (C (Ciphertext)), and the decrypted When the payment processing details are called P (Plaintext), the function of decrypting the encrypted payment processing details by the decryption unit 185 may be expressed by an expression such as "Dr = P, or Dr (Er (P)) = P". Can be.

According to an embodiment of the present invention, the algorithm for decrypting the encrypted payment processing history by the decryption unit 185 using the secret key, SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA (International) It is preferable to include at least one or more of Data Encryption Algorithm, and in addition to this, various types of decryption algorithms can be used, but the decryption algorithm is characterized in that it is matched with the encryption algorithm used in the payment terminal 300 However, the present invention is not limited to the specific decoding algorithm.

When the payment processing details are decrypted as described above, the decryption unit 185 provides the decrypted payment processing details to the screen output unit 155 (or the print output unit 160) (2430), and outputs the screen. The unit 155 (or the print output unit 160) outputs the payment processing details to a predetermined screen output device 120 (or the print output device 125).

25A and 25B illustrate a method of encrypting and transmitting payment processing details by a key exchange method in a payment terminal 300 according to an exemplary embodiment of the present invention.

25A and 25B illustrate a method of encrypting and transmitting the payment processing details by a key exchange method in a payment terminal 300 having an encryption function as shown in FIG. In the art, various embodiments of the present invention can be inferred by referring to and / or modifying the drawing of FIG. 25 to encrypt the payment processing details in a key exchange method through the short-range wireless communication. However, the present invention includes all the inferred implementation methods, and is not limited to the implementation method shown in FIG.

In this figure 25 according to an embodiment of the present invention, the terminal-side private key and the POT-side public key are preferably read from a predetermined official certificate provided in the payment terminal 300, and the public certificate is the payment terminal. It is preferably stored in the memory unit 350 provided in the (300).

According to another exemplary embodiment of the present invention, the terminal-side private key and the POT-side public key may be stored in a specific storage area on the memory unit 350 provided in the payment terminal 300, whereby the present invention This is not limited.

Referring to FIGS. 25A and 25B, when a payment approval message including a predetermined payment processing history is received by the specialized receiving unit 370 of the payment terminal 300, it is provided to the encryption unit 325 (2500). When the payment processing history is provided, the encryption unit 325 includes a predetermined one-way hash function (eg, a hash code of a predetermined length regardless of the length of the payment processing history). A one-way hash function that generates a message digest and cannot identify (or infer) the original message through the hash code (or message digest) The payment terminal 300 and the POT terminal ( 100 generates a predetermined message digest (using the same hash function) (2505), and digitally signs the message digest by encrypting the message digest with the terminal-side private key (2510).

Here, the encryption function of the encryption unit 325 is called E (Encryption), the terminal side private key is t1 (26erminal side key), the message digest is m (message digest), and the terminal side private key is encrypted. If the message digest is C (Ciphertext), the digital signature function of the encryption unit 325 may be expressed by an expression such as "Et1 (m) = C".

According to the embodiment of the present invention, the encryption unit 325 encrypts the message digest through the terminal-side private key, RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), It is preferable to include at least one or more of DH (Diffie, Hellman), ECC (Elliptic Curve Cryptosystem), KCDSA, ECDSA, ECDH, in addition to various encryption algorithms may be used, the present invention by a specific encryption algorithm This is not limited.

For example, in the case of encrypting the message digest through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the digital signature function of the encryption unit 325 may be expressed as" C = Et1 (m) = me mod n ".

In addition, the encryption unit 325 generates a predetermined random secret key for encrypting the payment processing history in a secret key (symmetric key) method (2515), and the payment processing history and The message digest encrypted with the terminal-side private key and a copy of a certificate (for example, a certificate including a terminal-side public key) included in the public certificate are linked to each other and encrypted through the generated secret key (2520).

Here, the encryption function of the encryption unit 325 is called E (Encryption), the secret key is r (random secret key), the payment processing history and the copy of the certificate P (Plaintext), and the payment encrypted with the secret key When the processing history and the copy of the certificate are referred to as C (Ciphertext), the encryption function of the encryption unit 325 may be expressed by an expression such as "Er (P) = C".

According to the embodiment of the present invention, the encryption unit 325 encrypts the payment processing history and the certificate copy through the secret key, SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, IDEA ( It is preferable to include at least one or more of the International Data Encryption Algorithm, and various types of encryption algorithms may be used, but the present invention is not limited to a specific encryption algorithm.

In addition, the encryption unit 325 extracts a predetermined POT side public key from the authorized certificate in order to encrypt the secret key that encrypts the payment processing details (2525), and uses the POT side public key to make the payment. The secret key encrypting the processing details is encrypted (2530).

Here, the encryption function of the encryption unit 325 is called E (Encryption), the POT side public key is encrypted with s1 (server side key), the secret key is r (random secret key), and the POT side public key. When the secret key is referred to as C (Ciphertext), the encryption function of the encryption unit 325 may be expressed by an expression such as "Es1 (r) = C".

According to an embodiment of the present invention, the encryption unit 325 encrypts the secret key through the POT side public key, RSA (Ron Rivest, Adi Shamir, Len Adleman), DSA (Digital Signature Algorithm), It is preferable to include at least one or more of DH (Diffie, Hellman), ECC (Elliptic Curve Cryptosystem), KCDSA, ECDSA, ECDH, in addition to various encryption algorithms may be used, the present invention by a specific encryption algorithm This is not limited.

For example, in the case of encrypting the secret key through the RSA encryption algorithm among the encryption algorithms, the public method (Modulus) used in the encryption process is n, and the non-public prime numbers with different prime factors of n are a and b. , If the published index (e.g., 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1). (b-1) ", wherein the encryption function of the encryption unit 325 may be expressed as" C = Es1 (r) = re mod n ".

The payment processing history, the message digest encrypted with the terminal-side private key, and a copy of the certificate including the terminal-side public key are linked to each other and encrypted through the generated secret key, and the secret key is passed through the POT side public key. When encrypted, the encryption unit 325 encrypts a copy of a certificate including the message digest encrypted with the secret key, the message digest encrypted with the terminal-side private key, and the terminal-side public key with the POT-side public key. Generate predetermined transaction data in association with the secret key, provide the generated transaction data to the information transmitter 385 (or near field communication unit 310) (2535), and the information transmitter 385 (Or short-range wireless communication unit 310) transmits the transaction data to the POT terminal 100 through a network component through a short-range wireless communication (2540).

26A and 26B illustrate a method of decrypting a payment processing history encrypted and received by the POT terminal 100 using a key exchange method according to an exemplary embodiment of the present invention.

In more detail, FIGS. 26A and 26B illustrate the POT terminal 100 as shown in FIG. 1, which receives transaction data including an encrypted payment processing history from a payment terminal 300 having an encryption function as shown in FIG. 3. The present invention relates to a method for decrypting a transaction data by a key exchange method. If the present invention has a general knowledge, the payment terminal 300 is provided through the short-range wireless communication with reference to and / or modification of the present invention. However, various implementation methods for decrypting the transaction data encrypted by the key exchange scheme in the same key exchange scheme may be inferred, but the present invention includes all the inferred implementation methods, and the implementation method illustrated in FIG. It is not limited to this.

In this figure 26 according to an embodiment of the present invention, the POT side private key and the terminal side public key are preferably read from the public certificate provided in the POT terminal 100, and the public certificate is the POT terminal ( It is preferably stored in the storage memory 175 in the MMI integrated chip provided in (100).

According to another exemplary embodiment of the present invention, the POT side private key and the terminal side public key may be stored in a specific storage area on the storage memory 175 in the MMI integrated chip provided in the POT terminal 100. Thereby, this invention is not limited.

Referring to FIGS. 26A and 26B, the short range wireless communication device 135 of the POT terminal 100 receives transaction data including the payment processing details encrypted through the short range wireless communication (2600), and the transaction is performed. The data is provided to the decryption unit 185 (2605), and the transaction data is preferably received through a communication protocol defined in the short range wireless communication standard, and / or the payment processing history encrypted with the secret key. And a copy of the certificate including the message digest encrypted with the terminal-side private key and the terminal-side public key, and the secret key encrypted with the POT-side public key.

Thereafter, the decryption unit 185 extracts the POT side private key from the public certificate provided in the POT terminal 100 to decrypt the private key encrypted with the POT side public key (2610), and the POT side individual. By decrypting the secret key through a key (2615), the secret key for decrypting a copy of the certificate including the message digest encrypted with the payment processing history and the terminal-side private key and the terminal-side public key is extracted ( 2620).

Herein, the decryption function of the decryption unit 185 is called D (Decryption), the POT side private key is s2 (server side key), the POT side public key is encrypted with C (Ciphertext), and When the secret key decrypted with the POT side private key is r (random secret key), the function of decrypting the encrypted secret key by the decryption unit 185 is "Ds2 = r, or Ds2 (Es1 (r)) = r". Can be expressed as an expression such as "

According to an embodiment of the present invention, an algorithm for decrypting the secret key encrypted by the POT side public key in the payment terminal 300 by the decryption unit 185 via the POT side private key is RSA (Ron Rivest, Adi Shamir). , Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. Although it may be used, the decryption algorithm is characterized in that it matches the encryption algorithm used in the payment terminal 300, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the secret key through the RSA decryption algorithm among the public key-based decryption algorithms, n is a public method (Modulus) used in the decryption process, and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod (a-1) (b-1) ", wherein the decoding function of the decoding unit 185 may be expressed as" P = Ds2 = Cd mod n ".

When the secret key is extracted as described above, the decryption unit 185 copies the certificate including the message digest and the terminal side public key encrypted with the payment processing history and the terminal side private key using the extracted secret key. By decrypting (2625), a copy of the certificate including the payment processing history encrypted with the secret key and the message digest encrypted with the terminal-side private key and the terminal-side public key is extracted.

Here, the decryption function of the decryption unit 185 is referred to as D (Decryption), the secret key is r (random secret key), the payment processing history encrypted with the secret key and the message digest encrypted with the terminal-side private key; C (Ciphertext) a copy of the certificate containing the terminal-side public key, and P (Plaintext) a copy of the certificate including the message digest encrypted with the decrypted payment processing history and the terminal-side private key and the terminal-side public key. In this case, the decryption unit 185 decrypts a copy of the certificate including the encrypted payment processing history, the message digest encrypted with the terminal side private key, and the terminal side public key is "Dr = P, or Dr." It can be expressed by an expression such as (Er (P)) = P ".

According to an embodiment of the present invention, the decryption unit 185 decrypts a copy of a certificate including the encrypted payment processing history and the message digest encrypted with the terminal-side private key and the terminal-side public key through the secret key. Preferably, the algorithm includes at least one or more of SEED, DES (Data Encryption Standard), Triple-DES, Skipjack, and International Data Encryption Algorithm (IDEA). In addition, various types of decryption algorithms may be used. The decryption algorithm is characterized in that it is matched with the encryption algorithm used in the payment terminal 300, the invention is not limited by a specific decryption algorithm.

In addition, the decryption unit 185 decrypts the message digest encrypted with the terminal-side private key through the terminal-side public key (2630), thereby generating and transmitting a message generated from the payment processing history by the payment terminal 300. The digest is extracted (2635).

Here, the decryption function of the decryption unit 185 is called D (Decryption), the terminal side public key is t2 (terminal side key), the message digest encrypted with the terminal side private key is C (Ciphertext), and the terminal. If the message digest decrypted with the side public key is m (Message Digest), the function of decrypting the encrypted message digest by the decryption unit 185 is " Dt2 = m, or Dt2 (Es1 (r)) = m " The same formula can be used.

According to an embodiment of the present invention, an algorithm for decrypting the message digest encrypted by the payment terminal 300 with the terminal-side private key through the terminal-side public key is RSA (Ron Rivest, Adi Shamir). , Len Adleman (DSA), Digital Signature Algorithm (DSA), Diffie, Hellman (DH), Elliptic Curve Cryptosystem (ECC), KCDSA, ECDSA, and ECDH. Although it may be used, the decryption algorithm is characterized in that it matches the encryption algorithm used in the payment terminal 300, the invention is not limited by a specific decryption algorithm.

For example, when decrypting the message digest through the RSA decryption algorithm of the public key-based decryption algorithm, n is a public method (Modulus) used in the decryption process and n is a prime number that is not disclosed by different prime factors of n. If a and b, the published index (e.g. 3 or 216+) is e and the undisclosed index is d, then n satisfies "n = a * b" and d is "de = 1 mod ( a-1) (b-1) ", wherein the decoding function of the decoding unit 185 may be expressed as" P = Dt2 = Cd mod n ".

Thereafter, the decoder 185 generates a predetermined message digest through the same one-way hash function as the payment terminal 300 (2640), and then generates the generated message digest and the decoded message. By comparing the message digest (2645), the validity of the received payment processing details is verified.

If the generated message digest coincides with the decrypted message digest (2650), the decryption unit 185 provides the payment processing details to the screen output unit 155 (or print output unit 160). 2655, the screen output unit 155 (or print output unit 160) outputs the payment processing details to a predetermined screen output device 120 (or print output device 125).

According to the present invention, a card reader, a key input device, a screen output device, and a man-machine interface integrated chip which perform a man-machine interface function in a payment processing process are provided in large quantities through an inexpensive POT terminal. There is an advantage of establishing an electronic payment system at a low cost in a large mart or department store that requires a payment terminal.

According to the present invention, a back end system of a payment terminal connected to a POT terminal performing a Man-Machine Interface function, by using a conventional electronic payment system as it is, adds necessary for constructing a payment system. There is an advantage of preventing expenses.

Claims (1)

During payment terminal (or payment module) and RF (Radio Frequency) communication, Bluetooth communication, Wireless LAN communication, Wi-Fi communication, UWB (Ultra Wide Band system) communication A short range wireless communication device for connecting a short range wireless communication channel through any one short range wireless communication means, a card reader providing a man-machine interface contact point to a customer card without processing a card reading function, and a payment amount without processing a key input function Distributed payment using a transaction point terminal device having a key input device providing a man-machine interface contact for input and a screen output device providing a man-machine interface contact for outputting payment processing details without processing the screen output function In the method, Controlling the man-machine interface function of the card reader to read customer payment means information (or card information) from the customer card, and controlling the man-machine interface function of the key input device to input payment amount information; ; Generating payment information including the read customer payment means information (or card information), the input payment amount information, and transaction point terminal information; Controlling the operation of the short range wireless communication device to transmit the generated payment information to the payment terminal (or payment module); Controlling the operation of the short-range wireless communication device to receive a payment processing history corresponding to the payment information; And And outputting the payment processing details by controlling a man-machine interface function of the screen output device.

Images