KR20110106977A - Credit card transactions security method - Google Patents

Credit card transactions security method Download PDF

Info

Publication number
KR20110106977A
KR20110106977A KR1020100026080A KR20100026080A KR20110106977A KR 20110106977 A KR20110106977 A KR 20110106977A KR 1020100026080 A KR1020100026080 A KR 1020100026080A KR 20100026080 A KR20100026080 A KR 20100026080A KR 20110106977 A KR20110106977 A KR 20110106977A
Authority
KR
South Korea
Prior art keywords
card
information
service provider
credit
payment
Prior art date
Application number
KR1020100026080A
Other languages
Korean (ko)
Inventor
김동희
Original Assignee
김동희
김성수
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 김동희, 김성수 filed Critical 김동희
Priority to KR1020100026080A priority Critical patent/KR20110106977A/en
Publication of KR20110106977A publication Critical patent/KR20110106977A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/24Credit schemes, i.e. "pay after"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The present invention relates to a card payment security method that enhances the level of security to prevent and block unjust use of a lost or stolen card user who is not a legitimate customer. The method includes a card terminal, a service provider DB, and a credit information DB. In the card payment security method based on the established credit card payment system; Reading information stored in a credit card for use of a credit card in the card terminal, requesting a user to input a card password, receiving an additional card password from a user, and then transmitting the information to the service provider DB to request payment; The service provider DB receives the identification information card payment information transmitted from the card terminal after comparing the card password with a pre-stored card password internally to confirm whether the party user, and based on the card identification information received from the card terminal And comparing the payment information such as the account and the limit of the owned card.

Description

Credit card transactions security method}

The present invention relates to a card payment security method, and more particularly, to a card payment security method of strengthening the security level to prevent and block unfair use by a lost or stolen card user who is not a legitimate customer.

In more detail, the counterfeit, forgery, and imitation of signatures (signs), which are vulnerabilities of the current signature method, are used to prevent the users of lost stolen cards from being unjustly used when issuing sales slips. Refrain from using signatures that can easily mimic third parties other than you, and cannot identify you as legitimate users, and can never be used by fraudsters, so that you can authenticate legitimate customers while protecting against fraud. The present invention relates to a method of changing and replacing a password without a password, and a method of preventing a card payment from being made without an accurate password.

In the conventional card payment method, a credit card (including a check card, a debit card, an identity card) is drawn on the card terminal according to the magnetic line, and the card payment is started. Anyone can easily make the card as long as the credit card is not suspended. Payment could be made and there was a problem that the amount and the number of damages to fraudulent users increased.

However, while the conventional card payment method is very convenient, even if the credit card is lost or stolen, the use of the credit card is made easy, so that the payment cost of the fraudulent user who acquired the card is taken from the card holder or the card company. The problem that occurs is very frequent.

SUMMARY OF THE INVENTION The present invention has been made to improve such a problem, and to provide a card payment security method for supplementing various problems caused by loss or theft by adding a procedure for proving that the user is a legitimate user when paying for a credit card.

The present invention for achieving the above object is a card payment security method based on a credit card payment system constructed with a card terminal, service provider DB, credit information DB; Reading information stored in a credit card for use of a credit card in the card terminal, requesting a user to input a card password, receiving an additional card password from a user, and then transmitting a request to the service provider DB for a payment; The service provider DB receives the identification information card payment information transmitted from the card terminal after comparing the card password with the card password stored therein in advance and confirms whether the party user, and based on the card identification information received from the card terminal Comparing with the payment information such as the account and limit of the owned card; The service provider DB requesting credit information of a card received from the card terminal to a credit information DB; Querying credit information of a card received from the service provider DB; The credit information database transmitting credit information of the inquired card to the service provider DB; The service provider DB compares the card password, card payment request amount, card credit information with an internal approval standard, and determines whether to approve, and transmits the notification information or disallowed information to the card terminal; And the card terminal proceeding with a subsequent card payment.

In a preferred embodiment, the card password is a text message transmitted from the service provider DB to the mobile phone of the card in real time, and is a temporary password that is changed at every payment.

In a preferred embodiment, the card password is generated in the program downloaded from the service provider DB to the mobile phone of the card, the password is a temporary password that is changed at least every minute.

According to a preferred embodiment of the present embodiment, even if the credit card is lost or stolen, it is difficult to use it unless it is a legitimate user, and thus has the advantage that the illegal use of the credit card due to the loss or theft of the credit card is blocked. Not only can the trust relationship between a user and a credit card company be firmly established, but the external image of the credit card company can be further enhanced.

In addition, it is designed to prevent criminal acts such as illegal use and reproduction of another person due to loss or theft of credit card, cash card, electronic identity card, etc. It is possible to implement a security function that can help the right user to use the card safely and completely prevent unauthorized use without changing the card terminal or various operating systems.

1 is a flow diagram illustrating an embodiment of the invention.

Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.

1 is a flow chart illustrating an embodiment of the present invention, in the present invention, the user is in contact with the card terminal 10 provided for each merchant to proceed with the card payment, the service provider for processing the payment approval request from the card terminal It is based on the credit card payment system in which the DB 20, the credit information DB 30 for processing the card credit information inquiry request from the service provider DB is established.

The card payment security method based on this is as follows.

In step S1, the card terminal reads the information stored in the credit card for use of the credit card, requests the user to input the card password, receives the card password from the user, and then transmits the information to the service provider DB to request payment (S1). S2) proceeds.

The service provider DB receives the identification information card payment information transmitted from the card terminal after comparing the card password with the card password stored therein in advance and confirms whether the party user , and based on the card identification information received from the card terminal Comparing with the payment information, such as the account and the limit of the card in its possession (S3) is performed.

The service provider DB proceeds to requesting the credit information of the card received from the card terminal to the credit information DB (S4), and then the credit information DB retrieves the credit information of the card received from the service provider DB. Step S5 is performed.

After the credit information DB transmits the credit information of the inquired card to the service provider DB (S6), the service provider DB compares the card password, card payment request amount, and credit card information with an internal approval standard. Then, it is determined whether or not to approve, and the notification (S7) is transmitted to the card terminal by sending approval information or non-approval information.

Thereafter, the card terminal makes a card payment by performing a subsequent card payment process such as printing a card receipt to be provided to an affiliated store, a card company, or a user (S8).

Meanwhile, the card password may be a password set by the user when issuing a credit card with the user, or may be a temporary number that is changed every time.

That is, if the user does not have to bother and prefers the safety of the credit card use more, the following method may be additionally provided.

1) First option

The card password is the service provider DB Is a text message sent from your card to your phone or the phone you requested. Every payment  Temporary changed It is a password .

For example, whenever a card password is required, that is, each time a user makes a credit card payment, the service provider DB sends the password to the user's mobile phone as a text message and the user inputs the received password when the card password is input. will be.

Therefore, the card password cannot be leaked, so it is impossible to use the card unless it is a normal user.

2) second option

The card password is the service provider DB From your cell phone or the cell phone you requested Downloaded  In the program Generated  This password is a temporary password that changes at least every minute. It is a password .

For example, a program is installed in a mobile phone of a credit card user, and a user inputs a password generated from the program when the user inputs a card password. Sort them into groups and download each one, so that you don't know how many soldiers you have.

Therefore, if the service provider DB stores only a few groups of the customer, the service provider DB can know whether the user is a party user through the card password entered by the customer at every payment, and thus the fraud itself is essentially blocked.

10: card terminal 20: service provider DB
30: Credit Information DB

Claims (3)

In the card payment security method based on the credit card payment system with the card terminal, service provider DB, credit information DB,
The card terminal reads the information stored in the credit card for the use of the credit card, and asks the user to additionally enter the card password to receive the card password from the user and then sent to the service provider DB to request payment (S1) ) (S2);
The service provider DB receives the identification information card payment information transmitted from the card terminal after comparing the card password with the card password stored therein in advance and confirms whether the party user , and based on the card identification information received from the card terminal Comparing the payment information such as the account and the limit of the owned card (S3);
The service provider DB requesting credit information of a card received from the card terminal to a credit information DB (S4);
The credit information DB querying the credit information of the card received from the service provider DB (S5);
The credit information DB transmits the credit information of the inquired card to the service provider DB (S6);
The service provider DB compares the card password, card payment request amount, card credit information with an internal approval standard, and determines whether to approve, and transmits and notifies the card terminal by sending authorization information or non-authorization information (S7); And
The card terminal security card payment method comprising the step of performing a subsequent card payment (S8).
In the card payment security method based on the credit card payment system with the card terminal, service provider DB, credit information DB,
The card terminal reads the information stored in the credit card for the use of the credit card, and asks the user to additionally enter the card password to receive the card password from the user and then sent to the service provider DB to request payment (S1) ) (S2);
The service provider DB receives the identification information card payment information transmitted from the card terminal after comparing the card password with the card password stored therein in advance and confirms whether the party user , and based on the card identification information received from the card terminal Comparing the payment information such as the account and the limit of the owned card (S3);
The service provider DB requesting credit information of a card received from the card terminal to a credit information DB (S4);
The credit information DB querying the credit information of the card received from the service provider DB (S5);
The credit information DB transmits the credit information of the inquired card to the service provider DB (S6);
The service provider DB compares the card password, card payment request amount, card credit information with an internal approval standard, and determines whether to approve, and transmits and notifies the card terminal by sending authorization information or non-authorization information (S7); And
And the card terminal proceeds to the subsequent card payment (S8);
Here, the card password is a text message transmitted in real time from the service provider DB to the mobile phone of the card or the mobile phone requested by the user, the card payment security method, characterized in that the temporary password that is changed at each payment .
In the card payment security method based on the credit card payment system with the card terminal, service provider DB, credit information DB,
The card terminal reads the information stored in the credit card to use the credit card, asks the user to enter an additional card password, receives the card password from the user , and then sends the service provider DB to request payment. Step S1 and S2;
The service provider DB receives the identification information card payment information transmitted from the card terminal after comparing the card password with the card password stored therein in advance and confirms whether the party user , and based on the card identification information received from the card terminal Comparing the payment information such as the account and the limit of the owned card (S3);
The service provider DB requesting credit information of a card received from the card terminal to a credit information DB (S4);
The credit information DB querying the credit information of the card received from the service provider DB (S5);
The credit information DB transmits the credit information of the inquired card to the service provider DB (S6);
The service provider DB compares the card password, card payment request amount, card credit information with an internal approval standard, and determines whether to approve, and transmits and notifies the card terminal by sending authorization information or non-authorization information (S7); And
And the card terminal proceeds to the subsequent card payment (S8);
Here, the card password is generated from a program downloaded from the service provider DB to the mobile phone or the mobile phone requested by Boin of the card , the password is a card characterized in that the password is changed at least every minute Payment security method.


KR1020100026080A 2010-03-24 2010-03-24 Credit card transactions security method KR20110106977A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020100026080A KR20110106977A (en) 2010-03-24 2010-03-24 Credit card transactions security method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020100026080A KR20110106977A (en) 2010-03-24 2010-03-24 Credit card transactions security method

Publications (1)

Publication Number Publication Date
KR20110106977A true KR20110106977A (en) 2011-09-30

Family

ID=44956534

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020100026080A KR20110106977A (en) 2010-03-24 2010-03-24 Credit card transactions security method

Country Status (1)

Country Link
KR (1) KR20110106977A (en)

Similar Documents

Publication Publication Date Title
US11706212B2 (en) Method for securing electronic transactions
US8930273B2 (en) System and method for generating a dynamic card value
US9208634B2 (en) Enhanced smart card usage
US20160155114A1 (en) Smart communication device secured electronic payment system
US20110142234A1 (en) Multi-Factor Authentication Using a Mobile Phone
JP2009048627A (en) Method and apparatus for performing delegated transaction
US20090164373A1 (en) System and Method of Preventing Password Theft
US20130024377A1 (en) Methods And Systems For Securing Transactions And Authenticating The Granting Of Permission To Perform Various Functions Over A Network
CN103745353A (en) Electronic payment terminal verification method and system
GB2499360A (en) Secure ID authentication over a cellular radio network
US7069584B1 (en) Process and apparatus for improving the security of authentication procedures using a new “Super PIN”
CA3154449C (en) A digital, personal and secure electronic access permission
Ogundele et al. The implementation of a full EMV smartcard for a point-of-sale transaction and its impact on the PCI DSS
KR100408890B1 (en) Method for certificating an credit dealing using a multi-certificated path and system thereof
KR101162194B1 (en) Card for preventing unlawful use and financial activities system using that
WO2005024743A1 (en) Granting access to a system based on the use of a card having stored user data thereon
Ogundele et al. Fraud reduction on emv payment cards by the implementation of stringent security features
US20040015688A1 (en) Interactive authentication process
US20140337224A1 (en) Cardholder Changeable CVV2
KR20110106977A (en) Credit card transactions security method
US20230245125A1 (en) Identity verification using a virtual credential
US20230004990A1 (en) Method of securing a payment card transaction
EP1172776A2 (en) Interactive authentication process
JP2001243391A (en) Credit card settlement system
CA3170260A1 (en) A method of securing a payment card transaction

Legal Events

Date Code Title Description
A201 Request for examination
N231 Notification of change of applicant
E902 Notification of reason for refusal
E601 Decision to refuse application