KR20120010756A - Micropay settlement system based on ID using OTP signature and method thereof - Google Patents
Micropay settlement system based on ID using OTP signature and method thereof Download PDFInfo
- Publication number
- KR20120010756A KR20120010756A KR1020100072301A KR20100072301A KR20120010756A KR 20120010756 A KR20120010756 A KR 20120010756A KR 1020100072301 A KR1020100072301 A KR 1020100072301A KR 20100072301 A KR20100072301 A KR 20100072301A KR 20120010756 A KR20120010756 A KR 20120010756A
- Authority
- KR
- South Korea
- Prior art keywords
- payment
- credential
- otp
- password
- user
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/29—Payment schemes or models characterised by micropayments
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4012—Verifying personal identification numbers [PIN]
Abstract
The present invention relates to an ID-based micropayment system using OTP (One-Time Password) signature and a method thereof, and to provide an ID-based micropayment service using OTP (One-Time Password) signature in a general browser environment. To provide a system and a method thereof.
To this end, the present invention, a payment method for processing a billing request of an external pay service system, comprising: a subscription step of subscribing a user to a payment service based on an identifier (ID); A payment credential setting step of generating a one-time password (OTP) using an ID and a password from a payment service subscriber, generating a payment credential, issuing the generated OTP to the payment service subscriber, and setting a cookie; And a payment processing step of performing payment processing by verifying the OTP signature as a payment request using an OTP signature is received from the payment service subscriber who has confirmed the payment history according to the payment credential set. Include.
Description
The present invention relates to an ID-based micropayment system and method using one-time password (OTP) signature, and more particularly, to a content provider / service provider (CP / SP) and broker using an OTP hash. It solves the security and reliability problem between users and contents users, and provides a mechanism to simply consume contents. Also, a micro payment service is provided so that various payment methods such as total carriers, credit cards, or points can be linked to virtual IDs. It relates to a system and method for providing the same.
Looking at the terms used in one embodiment of the present invention.
First, credentials are cryptographic personal information used in a specific application of an information system, and are public / private key pairs for a public key cryptographic algorithm used by an individual, issued by a public certification authority. A total of cryptographic information including public key certificates, information about trusted root certification authorities (eg, KISA top level certification authorities), passwords, authorization information, and so on.
And signature refers to a specific string indicating that it is in data communication.
The one-time password (OTP) is a one-time password generated to be used only in the session every time the user logs in, and can prevent a password theft problem caused by the same password being used repeatedly. Unlike regular passwords, one-way password-based hashes are used. They are discarded at the end of the session and are safe to reuse.
As the use of wired / wireless internet and the variety of terminals are released, the demand for distributing paid contents online has greatly increased. Recently, terminals such as Kindle, an e-book terminal of "Amazon Corporation" and iPad, a tablet terminal of "Apple", have been released, and these terminals are wireless networks such as Wi-Fi or third generation (3G) mobile communication systems. By mounting the interface, expectations for the online content distribution market are increasing.
In order to distribute paid online content, a payment and payment method is required to exchange a fee between a content provider / service provider (CP / SP) and a user who is a content consumer. In the case of e-book content, Amazon's Kindle registers the Kindle device serial number in an Amazon account and pays through the Amazon Card credit card at the time of purchase. In the case of Apple, iPod, iPhone, etc., payment is made through a credit card mapped to an Apple ID (Identifier) registered on the terminal. In the "Google company" Android terminal, the payment is made through a credit card registered in a Google account when using the Google App Store.
Payment for online purchases on a personal computer (PC) -based browser generates a payment provider's ID, such as PayPal Checkout, Google Checkout or ClickandBuy. When the credit card is mapped and settled, payment is made by verifying the mapped credit card and verifying the authentication on the web page of the payment service provider using the ID and password of the payment service provider.
Online contents are mostly made up of a small amount of 10,000 won or less, and in Korea, payments are often processed using a collection agency service and book vouchers, which are billed in addition to carrier fees.
Recently, expectations for the online content market have increased due to the emergence of portable terminals and the payment of newspapers and e-books. In addition, in order to distribute the small contents of long-tails (Long-Tail), a small payment method that can provide a small payment quickly and securely is required. And these small contents should be able to consume a large amount of small contents, for example, articles of paid online newspaper service.
Payment methods as described above have disadvantages that are not suitable for payment of very small amount (1,000 won or less) of online content. Checkout service provided by "Google" or "PayPal" will go to the company's authentication page every time a payment occurs and enter your ID / Password. Transactions such as credit card or bank transfer occur at the time of payment, which increases the cost. In addition, in the case of the collection agency service, which is charged in addition to the carrier's fee, the ARS (Automatic Response Service) authentication or the SMS (Short Message Service) authentication must be performed for authentication. There is a disadvantage that is not suitable.
In addition, the ID (Identifier) based payment service mapped to the hardware used in the Kindle or iPod can be used only in a closed environment that can control the terminal, and in particular, can be used only on specific hardware and a specific client. Not available in. In addition, use is inconvenient because a credit card must be used.
As described above, the prior art as described above has a problem that is not suitable for a small amount of payment or is restricted to a specific environment, and it is an object of the present invention to solve such a problem.
Accordingly, an object of the present invention is to provide a system and method for providing an ID-based micropayment service using a one-time password (OTP) signature in a general browser environment.
In other words, the present invention solves security and reliability problems between CPs / Contents Provider / Service Provider (CP / SP), Broker and Content User using one-time password (OTP) hash, thereby simplifying content consumption. It is an object of the present invention to provide a system and a method for providing a micro payment service by providing a mechanism and allowing a plurality of payment methods such as telcos, credit cards, or points to be linked to a virtual ID.
The objects of the present invention are not limited to the above-mentioned objects, and other objects and advantages of the present invention which are not mentioned can be understood by the following description, and will be more clearly understood by the embodiments of the present invention. Also, it will be readily appreciated that the objects and advantages of the present invention may be realized by the means and combinations thereof indicated in the claims.
A system of the present invention for achieving the above object, the payment system for processing a billing request of an external pay service system, comprising: an ID manager for managing an identifier (ID) of a payment service subscriber; A storage unit which stores mapping information between the payment service subscriber and at least one external payment system; And generating a credential and a one-time password (OTP) using the ID and payment password received from the subscriber terminal and issuing it to the subscriber terminal, and the payment service according to the charge request of the external pay service system. And a payment processing unit for verifying a subscriber's OTP signature and requesting billing to a corresponding payment system of the one or more external payment systems according to the mapping information of the storage unit.
On the other hand, the method of the present invention for achieving the above object, the subscription step of subscribing the user to the payment service based on the ID (Identifier); A payment credential setting step of generating a one-time password (OTP) using an ID and a password from a payment service subscriber, generating a payment credential, issuing the generated OTP to the payment service subscriber, and setting a cookie; And a payment processing step of performing payment processing by verifying the OTP signature as a payment request using an OTP signature is received from the payment service subscriber who has confirmed the payment history according to the payment credential set. Include.
As described above, the present invention has the effect of providing a safe and convenient micropayment service in a general-purpose browser environment (PC, mobile terminal, set-top box, etc.) in which JavaScript works.
That is, the present invention can generate payment by simply entering the OTP after the subscriber once authenticated, which provides convenience to the subscriber in generating a large amount of payment in a very small unit, and in particular, generates payment in the browser of the mobile terminal. In this case, the subscriber can enter a single ID / Password and after that, simply enter a 4-digit OTP to receive payment service. In other words, in the present invention, the subscriber's own information and information for using the payment means are processed only once in the subscription site in advance and thereafter, the payment is performed using an ID / password and one-time password. Therefore, it is unlikely that sensitive information of the customer is exposed.
In addition, in the present invention, since the payment credential is changed every time a payment occurs because the one-time password (OTP) is hashed as much as CNT, the credential value is obtained through packet capture. Even if the next payment is a meaningless value, it is impossible to steal by hacking.
In addition, the present invention can reduce the transaction cost between the billing system (Billing System) and the micropayment processing unit by collecting the charge log when it is accumulated to a certain level and delivers it to the billing system at a time. .
Figure 1a is a configuration diagram of an embodiment of an ID-based micropayment system using an OTP signature according to the present invention,
Figure 1b is a detailed configuration diagram of an embodiment of the micropayment processor of Figure 1 according to the present invention,
Figure 1c is a flow diagram of an embodiment of the ID-based micropayment method using the OTP signature in accordance with the present invention,
2 is a flow chart of an embodiment of a subscription process at the time of a carrier billing sum according to the present invention;
3 is a diagram illustrating an embodiment of a subscription process when a credit card is added in accordance with the present invention;
4 is a flowchart illustrating an embodiment of a payment credential setting process according to the present invention;
FIG. 5 is a flow chart of an embodiment of a payment process when a payment credential is set in a cookie according to the present invention; FIG.
FIG. 6 is a flowchart illustrating an embodiment of a payment processing process when a payment credential is set in a cookie but is not valid according to the present invention.
BRIEF DESCRIPTION OF THE DRAWINGS The above and other objects, features and advantages of the present invention will become more apparent from the following detailed description of the present invention when taken in conjunction with the accompanying drawings, It can be easily carried out. In the following description, well-known functions or constructions are not described in detail since they would obscure the invention in unnecessary detail. Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.
And throughout the specification, when a part is referred to as being "connected" to another part, it includes not only "directly connected" but also "electrically connected" with another part in between. Also, when a component is referred to as " comprising "or" comprising ", it does not exclude other components unless specifically stated to the contrary .
1A is a diagram illustrating an embodiment of an ID-based micropayment system using an OTP signature according to the present invention.
As shown in FIG. 1A, the ID-based micropayment system using the OTP signature according to the present invention includes an
In addition, the ID-based micropayment system using the OTP signature according to the present invention uses a billing-related information such as a credit card or a contract with a telecommunications company or a prepaid card (including points) to provide a micropayment to the subscriber. It further includes a billing system (Billing System, payment means, 14) for billing, CP /
Here, the
As described above, in the present invention, when a small payment occurs, payment authentication is performed, and at this time, the small
Figure 1b is a detailed configuration of an embodiment of the micropayment processor of Figure 1 according to the present invention.
As shown in FIG. 1B, the
Figure 1c is a flow diagram of an embodiment of a small payment method based on ID using the OTP signature in accordance with the present invention.
First, a user is subscribed to a micro payment service based on an identifier (see 151, FIGS. 2 and 3).
An OTP (One-Time Password) is generated using an ID and a password from the subscriber, a payment credential is generated, the generated OTP is issued to the subscriber, and a cookie is set (see FIG. 4).
As the payment credential is set, the payment is performed by verifying the OTP signature as a payment request using the OTP signature is received from the subscriber who checks the payment details (153, 5 and 6).
Figure 2 is a flow diagram of an embodiment of the subscription process when the carrier charges sum in accordance with the present invention.
In the present invention, the user must first subscribe to the micropayment service. The sign-up process can be divided into carrier billing and credit card billing. In this case, since the point settlement is possible similarly to the credit card billing, it will not be described separately. At this time, the subscription process when the carrier charges are added as shown in FIG. 2. The subscription process in the case of credit card billing is as shown in FIG.
On the other hand, as an ID of the registration process, for example, the user's e-mail address is used. Of course, an ID (Identifier) managed by the
First, the user enters an address into a link of a CP / SP or a direct URL (Uniform Resource Locator) or through a link of an ID / password input window at the time of the settlement of the micro
Accordingly, when the user agrees to the terms in the expression of subscription (203), the
Accordingly, when the user inputs the e-mail ID (205), the
Accordingly, when the user checks the e-mail of the ID management unit 11 (207) and clicks the confirm-URL linked to the e-mail, the related content is transmitted to the micro payment processing unit 13 (208). .
Then, the micro
Accordingly, when the user selects the payment method type (210), the micro
Accordingly, the user selects a user authentication method suitable for his environment (212). At this time, a possible identity verification method may be, for example, mobile phone authentication, authorized authentication, credit card authentication.
Then, the
Accordingly, when the user inputs the user authentication information according to the user authentication method (means) (214), the
Subsequently, the
Then, the carrier billing system inquires the customer's sumable contract and maps and stores the summable contract list and the settlement key that can generate the actual settlement (217). Related information such as a payment key) is transferred to the micro payment processing unit 13 (218).
Then, the micro
Accordingly, when the user (customer) selects the contract to be summed up (220), the
Accordingly, when the user enters the payment password (222), the database of the
Figure 3 is an embodiment configuration for a subscription process at the time of credit card total billing in accordance with the present invention.
First, the user enters an address into a link of a CP / SP or a direct URL (Uniform Resource Locator) or through a link of an ID / password input window at the time of the settlement of the micro
Accordingly, when the user agrees to the terms in the expression of subscription (303), the
Accordingly, when the user inputs the e-mail ID (305), the
Accordingly, when the user checks the e-mail of the
Thereafter, the micro
Accordingly, when the user selects a credit card from the payment method type (310), the
Accordingly, when the user inputs credit card authentication information such as a credit card number and an expiration date (312), the
Then, the credit card company billing system checks the corresponding credit card authentication information (314) to generate a payment key value that the customer can pay with the credit card and map the generated payment key value and the corresponding credit card number ( 315) The small
Then, the micro
A method of using the micropayment service of the present invention when a subscriber subscribed through the subscription process (process) of FIG. 2 or FIG. 3 described above uses the service of CP / SP. 1) Payment credential setting process (see FIG. 4). 2) Payment processing when payment credential is set in the cookie (see FIG. 5), 3) Payment processing process when payment credential is set in the cookie but is invalid (Fig. 6).
4 is a flowchart illustrating a payment credential setting process according to the present invention, which illustrates a process of setting a payment credential using an ID / password.
First, the subscriber accesses the paid web page among the services of the CP / SP system 15 (401). At this time, the
The micro
Subsequently, the
Thereafter, when the subscriber (browser) accesses the paid content of the CP / SP system 15 (406), the JavaScript provided by the CP /
As a result of the
Then, the
Accordingly, when the subscriber inputs the ID / Password set at the time of subscribing to the micropayment service in the ID / Password input window (412), the
Then, the charging
Then, the micro
Accordingly, when the
5 is a flowchart illustrating an embodiment of a payment processing process when a payment credential is set in a cookie according to the present invention.
First, when the CP /
As a result of the check 502, if a payment credential exists in a cookie, a JavaScript API pops up a payment UI (User Interface) and shows the payment information (503). Here, the payment UI (User Interface) shows the payment information (CP / service name, amount) and the like to the subscriber, and provides an input window for receiving a one-time password (OTP) from the subscriber.
Accordingly, the subscriber inputs the OTP (O0) received from the micro
Then, the JavaScript API on the
Here, the
Accordingly, when the micro
When the information of the process “506” is received, the micro
As a result of the
Looking at the paytoken (M) calculation process in more detail, the
The micro
In addition, the micro
Subsequently, the
Afterwards, the JavaScript API transfers the transaction ID Trid to the CP /
Accordingly, if there is a normal charging log, the micro
In addition, the micro
Meanwhile, in the present invention, as described above with reference to FIG. 4, the ID / password may be authenticated once, and as described above with reference to FIG. 5, payment may be repeatedly generated using OTP. Here, OTP can reduce the entry of the customer by issuing a four-digit number as well as to prevent theft because the customer confirms the payment history and generates a signature with OTP, a temporary value only known to the customer. In addition, information leakage can be greatly reduced by minimizing ID / password input during recurring payments. In addition, the paytoken value cannot be generated by CP / SP, the payment credential value changes every time, and the payment credential value cannot be generated without knowing the OTP, and the initial credential value is generated. Theft is impossible because it cannot be inferred.
Therefore, according to the present invention, the subscriber can generate payment by simply inputting only OTP after authentication. This approach may provide a convenience to the subscriber in generating a large amount of payment in a very small unit. In particular, when a payment is generated in the browser of the mobile terminal, the subscriber can receive a micro payment service by inputting one ID / password and then simply entering a 4-digit OTP.
In the present invention, since the payment credential is hashed by including the one-time password (OTP) as much as the usage count (CNT), each time the payment credential is changed. That is, in the present invention, the payment credential is changed at every use by using the one-time password (OTP), the usage count (CNT), and the payment credential of the previous usage count. Therefore, even if the payment credential value is obtained through packet capture, it is not possible at the next payment, so that theft by hacking is impossible.
In addition, in the present invention, the payment credential may be set to be valid only for a specific condition. When the validity condition is checked for a specific time, the
FIG. 6 is a flowchart illustrating an embodiment of a payment processing process when a payment credential is set in a cookie but is not valid according to the present invention.
First, when the CP /
As a result of the check 602, if a payment credential exists in a cookie, a JavaScript API pops up a payment UI (User Interface) and shows the payment information (603). Here, the payment UI (User Interface) shows the payment information (CP / service name, amount) and the like to the subscriber, and provides an input window for receiving a one-time password (OTP) from the subscriber.
Accordingly, the subscriber inputs the OTP (O0) received from the
Then, the JavaScript API on the
Here, the
Accordingly, when the micro
When the information of the “606” process is received, the micro
If the
Then, the JavaScript payment API on the
Then, the micro
Accordingly, when the subscriber inputs the password set at the time of subscribing to the micro payment service in the password input window (613), the micro
Then, the charging
Then, the micro
Accordingly, when the
As described above, the billing request to the actual billing system is a billing request with a payment key. At this time, if a billing log is accumulated over a predetermined level, the billing log is collected and delivered at once. Therefore, the transaction cost between the billing system and the micro payment processing unit is reduced.
In addition, the subscriber's personal information and information for using the payment method is processed only once in the subscription site, and afterwards, payment is made using an ID / password and one-time password. It is unlikely that sensitive information will be disclosed.
On the other hand, the micropayment method according to the present invention as described above is implemented in the form of program instructions that can be executed by various computer means may be recorded on a computer readable medium. The computer readable medium may include program instructions, data files, data structures, etc. alone or in combination. Program instructions recorded on the media may be those specially designed and constructed for the purposes of the present invention, or they may be of the kind well-known and available to those having skill in the computer software arts. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tape, optical media such as CD-ROMs, DVDs, and magnetic disks, such as floppy disks. Magneto-optical media, and hardware devices specifically configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. The medium may be a transmission medium such as an optical or metal line, a wave guide, or the like, including a carrier wave for transmitting a signal designating a program command, a data structure, or the like. Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like. The hardware device may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, Various permutations, modifications and variations are possible without departing from the spirit of the invention.
Therefore, the scope of the present invention should not be construed as being limited to the embodiments described, but should be determined by the scope of the appended claims, as well as the appended claims.
The present invention can be used for a micro payment service in a general browser environment in which JavaScript is operated in a terminal such as a personal computer (PC), a set-top box, and a portable terminal.
11: ID management unit 12: mapping database (DB)
13: micropayment processing unit 14: billing system (Billing System)
15: CP / SP system 16: browser
Claims (13)
An ID manager for managing an identifier (ID) of a payment service subscriber;
A storage unit which stores mapping information between the payment service subscriber and at least one external payment system; And
Using the ID received from the subscriber terminal and the payment password, a credential and a one-time password are generated and issued to the subscriber terminal, and the payment service subscriber is requested according to the charge request of the external paid service system. The payment processing unit for verifying the OTP signature of the payment request for the charge to the corresponding payment system of the one or more external payment system according to the mapping information of the storage unit
Payment system comprising a.
The payment processing unit,
An external API providing module for generating an external JavaScript code and providing it to a browser of the subscriber terminal and providing an external API for interworking with an external system;
A payment authentication module for providing a payment authentication UI (User Interface) to the browser to check input ID / password, issue, process and verify payment credentials, and generate and issue an OTP;
An ID management module for providing a subscription UI (User Interface) to the browser to perform subscription processing, interworking with the ID management unit, and performing email transmission and callback processing;
An identity verification module for performing identity verification in association with an external identity verification system;
A signature processing module for calculating and authenticating a paytoken and authenticating a signature;
A billing processing module for querying payment information and checking the validity of a payment key to generate a billing log and to process a billing transaction;
A paid service system authentication module for authenticating the paid service system, generating and managing credentials for the paid service system, and performing access control;
A paid service system management module for issuing a code for the paid service system and registering and managing information on the paid service system; And
Settlement processing module for performing the settlement processing for the pay service system
Payment system comprising a.
A subscription step of subscribing a user to a payment service based on an ID;
A payment credential setting step of generating a one-time password (OTP) using an ID and a password from a payment service subscriber, generating a payment credential, issuing the generated OTP to the payment service subscriber, and setting a cookie; And
A payment processing step of performing a payment process by verifying the OTP signature as a payment request using an OTP signature is received from the payment service subscriber who checks the payment history according to the payment credential set.
Payment method comprising a.
The payment method characterized in that the payment processing is repeatedly performed using the issued OTP repeatedly.
The payment method of claim 1, wherein the payment credential is changed at every use by using the issued one-time password (OTP), the usage count (CNT), and the payment credential of the previous usage count.
The joining step,
And a payment method, a payment password, a payment method type, and a payment key.
The joining step,
Verifying by receiving the user's consent and receiving an e-mail ID according to access of the user's subscriber page;
Receiving a selection of a payment method type from the user;
Performing identity verification for the user;
Querying for a summable contract using the social security number of the user and selecting a contract to sum up from the user;
Receiving a payment password from the user; And
A process for storing an email ID address, whether the user agrees, an encrypted payment password, a payment key, and a payment key that can be combined
Payment method comprising a.
The joining step,
Verifying by receiving the user's consent and receiving an e-mail ID according to access of the user's subscriber page;
Receiving a credit card from the user to a payment system;
Receiving a credit card authentication information from the user to obtain a payable credit card payment key;
Receiving a payment password from the user; And
A process of storing an email ID address, whether the user agrees, an encrypted payment password, a payment method type, and a payment key that can be paid by credit card.
Payment method comprising a.
The payment credential setting step,
Authenticate the pay service system according to the loading of external JavaScript code for the pay service system, generate a credential C0 for the pay service system, and map and store it with a browser IP address (IPO). First process;
A second step of generating a hash function H0 for the generated paid service system credential C0 and setting the generated paid service system credential C0 as a cookie;
A third step of forwarding to a payment authentication page when there is no payment credential as a result of confirming the existence of a payment credential according to a call to a payment function for paying a payment;
A fourth step of receiving and verifying an ID and a password set at the time of subscribing a payment service from the payment service subscriber and requesting verification of a payment key mapped to the ID to verify validity;
A fifth step of generating an OTP using the verified ID and password, generating and storing a payment credential (U), mapping and storing the generated OTP, and issuing the generated OTP to the payment service subscriber; And
As the issued OTP is confirmed, the service is forwarded to the paid service page, and the generated paid service system credential C0, the generated payment credential U, and the usage count "0" are set as cookies. 6th course
Payment method comprising a.
Comparing the browser IP address and the paid service system credential (C0) received during the forwarding in the third process with the browser IP address and the paid service system credential (C0) stored in the first process to eliminate the possibility of pitting 7th course
Payment method that includes more.
The payment processing step,
An eighth step of receiving a payment request using a pay token M calculated using an OTP received from the payment service subscriber who checks the payment details according to a payment credential set;
A ninth step of checking a valid condition of the set payment credential to calculate a pay token M using previously stored values;
A tenth step of generating a charging log and generating a transaction ID (Trid) according to the coincidence of the pay token (M) value of the eighth step and the pay token (M) value of the ninth step;
An eleventh step of confirming payment for the pay service system using the generated transaction ID Trid and changing the generated charge log to a charge confirmation state; And
Step 12 of requesting billing to an external payment system according to the billing transmission condition
Payment method comprising a.
A thirteenth step of confirming valid conditions of the set payment credential and forwarding to a payment verification page according to the invalidity; And
Extract the ID by the payment credential, receive and verify the password set at the time of subscription of the payment service from the payment service subscriber, and request validation of the payment key mapped to the ID. After the 14th process proceeds to the fifth process
Payment method that includes more.
Valid conditions of the payment credential,
The payment method comprising any one of a specific time, a usage count (cnt) limit, or a specific amount limit after the initial payment credential issuance time.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020100072301A KR20120010756A (en) | 2010-07-27 | 2010-07-27 | Micropay settlement system based on ID using OTP signature and method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020100072301A KR20120010756A (en) | 2010-07-27 | 2010-07-27 | Micropay settlement system based on ID using OTP signature and method thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20120010756A true KR20120010756A (en) | 2012-02-06 |
Family
ID=45835190
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020100072301A KR20120010756A (en) | 2010-07-27 | 2010-07-27 | Micropay settlement system based on ID using OTP signature and method thereof |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20120010756A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2013141456A1 (en) * | 2012-03-20 | 2013-09-26 | 에스케이플래닛 주식회사 | System, apparatus, terminal and method for enrolling member for electronic payment system |
KR102130321B1 (en) * | 2019-04-03 | 2020-08-05 | 주식회사 인포바인 | Method and apparatus for authentication without installation |
-
2010
- 2010-07-27 KR KR1020100072301A patent/KR20120010756A/en not_active Application Discontinuation
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2013141456A1 (en) * | 2012-03-20 | 2013-09-26 | 에스케이플래닛 주식회사 | System, apparatus, terminal and method for enrolling member for electronic payment system |
KR102130321B1 (en) * | 2019-04-03 | 2020-08-05 | 주식회사 인포바인 | Method and apparatus for authentication without installation |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10885138B2 (en) | Methods and computer-readable media for enabling secure online transactions with simplified user experience | |
US9684891B2 (en) | System and a method for access management and billing | |
US20150026062A1 (en) | Payment collection, aggregation and realization apparatuses, methods and systems | |
US20150135279A1 (en) | Personal identity control | |
US8595815B2 (en) | System and method for selectively granting access to digital content | |
EP2495695A1 (en) | Method and system for conducting a monetary transaction using a mobile communication device | |
US20110173105A1 (en) | Utilizing AAA/HLR infrastructure for Web-SSO service charging | |
US9485258B2 (en) | Mediation system and method for restricted access item distribution | |
JP2009534739A5 (en) | ||
KR102116587B1 (en) | Method and system using a cyber id to provide secure transactions | |
JP4747273B2 (en) | How to execute e-commerce | |
KR20110114872A (en) | System and method for unified authorization | |
US20040143521A1 (en) | Method and device for paying for services in networks with a single sign-on | |
US20150127546A1 (en) | Methods for providing internet services through a toll free connection to a user and devices thereof | |
KR20160147015A (en) | System and method for provisioning credit | |
WO2023124107A1 (en) | Information query method and apparatus, device, and computer readable storage medium | |
RU2321060C1 (en) | Method for conduction of payments by users of mobile communications | |
KR20120010756A (en) | Micropay settlement system based on ID using OTP signature and method thereof | |
KR101346705B1 (en) | System for processing small payment | |
US20080028207A1 (en) | Method & system for selectively granting access to digital content | |
CN110365646B (en) | Method and device for associating entity to first server | |
KR101383160B1 (en) | Payment system using mobile phone number and method thereof | |
KR20120013666A (en) | System and Method for Processing Relay using Financial Institution OTP Device and Recording Medium | |
KR20100136041A (en) | System and method for processing mobile phone's settlement using question/answer interface | |
Lin et al. | Automatic Form Filling with Secure Payment Credentials and Biometric Authentication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |