KR20120076591A - Method for providing electronic payment by using subscriber information and security token, system, terminal and communication management apparatus therefor - Google Patents

Method for providing electronic payment by using subscriber information and security token, system, terminal and communication management apparatus therefor Download PDF

Info

Publication number
KR20120076591A
KR20120076591A KR1020100123168A KR20100123168A KR20120076591A KR 20120076591 A KR20120076591 A KR 20120076591A KR 1020100123168 A KR1020100123168 A KR 1020100123168A KR 20100123168 A KR20100123168 A KR 20100123168A KR 20120076591 A KR20120076591 A KR 20120076591A
Authority
KR
South Korea
Prior art keywords
information
payment
security token
unique
terminal
Prior art date
Application number
KR1020100123168A
Other languages
Korean (ko)
Other versions
KR101683664B1 (en
Inventor
신지훈
이운덕
Original Assignee
에스케이플래닛 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 에스케이플래닛 주식회사 filed Critical 에스케이플래닛 주식회사
Priority to KR1020100123168A priority Critical patent/KR101683664B1/en
Publication of KR20120076591A publication Critical patent/KR20120076591A/en
Application granted granted Critical
Publication of KR101683664B1 publication Critical patent/KR101683664B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Abstract

PURPOSE: An electronic payment providing method, system, terminal, and communication management apparatus are provided to prevent the confirmation of identification in payment information and subscriber module by using a financial payment providing apparatus. CONSTITUTION: A communication management apparatus stores a first identification number and first payment information(S414). In case inputted PIN(Personal Identification Number) is authenticated, a terminal creates a second security token by using second payment information and second identification number(S422,S424). The communication management apparatus creates the first security token by using the first payment information and the first identification number(S428). In case the first payment information, the first identification number, or the first security token is matched with the second payment information the first identification number, or the second security token, the terminal transmits a payment approval signal to the communication management apparatus(S436,S438).

Description

Method for Providing Electronic Payment by Using Subscriber Information And Security Token, System, Terminal And Communication Management Apparatus Therefor}

One embodiment of the present invention relates to a method for providing electronic payment using subscriber information and security token, and a system, a terminal, and a communication management device therefor. More specifically, the electronic payment is made using at least one or more of the subscriber information input by the user for the communication service, the unique number of the subscriber identification module, and the security token generated based on the subscriber information and the unique number. The present invention relates to a method for providing an electronic payment using subscriber information and a security token and a system, a terminal, and a communication management device therefor that can be performed so that security for user authentication and security for terminal hacking can be enhanced.

The contents described in this section merely provide background information on the embodiments of the present invention and do not constitute a prior art.

As a payment method for general commerce or e-commerce, a deposit method through a credit card, a debit card or a bank account is commonly used. However, the conventional payment method has a problem such as inconvenience to carry cash when using cash, the risk of losing cash, the hassle of returning the balance. On the other hand, the use of credit cards as a way to increase the transparency of the taxation of commerce is recommended and many other payment methods are being developed. In particular, as the e-commerce using the Internet has grown steadily, the payment settlement market is rapidly expanding. Until now, most of the payment methods on the Internet are credit card and bankbook online payment, but recently, payment using mobile phones or wired / wireless ARS. New payment methods are emerging and their frequency of use is increasing rapidly.

However, in spite of the change of the payment method, there is a problem in that the loss of the credit card may cause damage due to fraud and personal information leakage. In other words, even if personal information is leaked due to hacking of the Tongsing network at the time of payment, there is a need for an electronic payment method that can maintain security.

In order to solve the above problems, an embodiment of the present invention, by using at least one or more information of the subscriber information, the unique number of the subscriber identification module, the security token, security for user authentication and security for terminal hacking during electronic payment Its main purpose is to provide a method for providing electronic payment using subscriber information and security token and a system, a terminal, and a communication management device therefor.

In order to achieve the above object, an embodiment of the present invention extracts first payment information based on subscriber information and a first unique number assigned to a subscriber identification module, and extracts the first payment information and the first unique number. A communication management device for generating and transmitting a used first security token; A second security token is generated and stored by using the second payment information input by the user and the second unique number assigned to the subscriber identification module, and is received from the communication management device when an electronic payment request signal is generated. The at least one or more information of the first payment information, the first unique number, and the first security token, which have been previously stored, to at least one or more of the previously stored second payment information, the second unique number, and the second security token. A terminal processing a payment approval for the electronic payment request signal based on a result; And a financial settlement providing device configured to perform an electronic payment for a corresponding cost when an approval signal for the electronic payment approval request signal is received from the communication management device. Provide a system.

In addition, according to another object of the present invention, extracting the second unique number assigned to the signed subscriber identification module, and based on the second payment information and the second unique number entered through the key input unit a second security token ( A second security token generator for generating and storing a security token; A terminal communication processor configured to receive at least one or more information of the first payment information, the first unique number, and the first security token from the communication management device when the payment request signal is received; And comparing at least one or more of the second payment information, the second unique number, and the second security token with previously stored information of at least one of the first payment information, the first unique number, and the first security token. Thus, when the information is mutually matched, it provides a terminal comprising a payment approval unit for processing the payment approval for the electronic payment request signal.

In addition, according to another object of the present invention, the subscriber information database for storing subscriber information; An information extraction unit for extracting first payment information and a first unique number assigned to the subscriber identification module based on the subscriber information; A first security token generator configured to generate a first security token using the first payment information and the first unique number; And when there is a request from the terminal for at least one or more of the first payment information, the first unique number, and the first security token, among the first payment information, the first unique number, and the first security token. It provides a communication management device comprising a communication processing unit for transmitting at least one or more information to the terminal.

In addition, according to another object of the present invention, extracting the second unique number assigned to the signed subscriber identification module, and based on the second payment information and the second unique number entered through the key input unit a second security token ( Creating and storing a security token; When the payment request signal is received, receiving at least one or more information of the first payment information, the first unique number, and the first security token from the communication management device; And comparing at least one or more of the second payment information, the second unique number, and the second security token with previously stored information of at least one of the first payment information, the first unique number, and the first security token. Thus, when the information between each other, the payment method for providing the electronic payment using the subscriber information and security token comprising the step of processing the payment approval for the electronic payment request signal.

In addition, according to another object of the present invention, the method comprising: extracting the first payment information, the first unique number assigned to the subscriber identification module based on previously stored subscriber information; Generating a first security token using the first payment information and the first unique number; And when there is a request from the terminal for at least one or more of the first payment information, the first unique number, and the first security token, among the first payment information, the first unique number, and the first security token. It provides a method for providing electronic payment using subscriber information and a security token comprising the step of transmitting at least one or more information to the terminal.

As described above, according to an embodiment of the present invention, at least one of a subscriber information input by a user for a communication service, a unique number of a subscriber identification module, and a security token generated based on the subscriber information and the unique number. Electronic payment is performed using one or more pieces of information, thereby enhancing the security of user authentication and the security of terminal hacking. In addition, according to an embodiment of the present invention, not only a comparison of the security token between the terminal and the communication management device, but also additionally compare the payment information or unique number to perform the authentication necessary for payment, the effect of the security is further enhanced have.

In addition, according to an embodiment of the present invention, when the financial settlement from the user's point of view, it is possible to pay the corresponding cost by using electronic security enhanced security only by PIN (Personal Identification Number) authentication for the terminal owned by the user It works. In addition, according to one embodiment of the present invention, even if the security token generated by the terminal and the communication management device is leaked to the outside, the user's personal information can not be confirmed through the respective security token and the unique number of the subscriber identification module Information is protected.

1 is a block diagram schematically showing a system for providing an electronic payment using subscriber information and a security token according to an embodiment of the present invention;
2 is a block diagram schematically illustrating a terminal according to an embodiment of the present invention;
3 is a block diagram schematically illustrating a communication management device according to an embodiment of the present invention;
4 is a flowchart illustrating a method for providing electronic payment using subscriber information and a security token according to an embodiment of the present invention.

The first payment information described in one embodiment according to the present invention refers to credit card number information or bank account information entered by a subscriber for payment of a communication fee upon subscription of a communication service, and the second payment information refers to a user terminal 110. It refers to credit card number information or bank account information entered for payment of a communication fee when the entered communication service subscription. The first unique number refers to the unique number of the subscriber identification module assigned to the subscriber when the communication service subscription, the second unique number refers to the unique number of the subscriber identification module concluded in the terminal 110. The first security token refers to encrypted information generated by the communication management device 130 for authentication, and the second security token refers to encrypted information generated by the terminal 110 for authentication.

1 is a block diagram schematically showing a system for providing an electronic payment using subscriber information and a security token according to an embodiment of the present invention.

Electronic payment providing system according to an embodiment of the present invention includes a terminal 110, subscriber identification module 112, communication network 120, communication management device 130 and financial payment providing device 140. Meanwhile, in an embodiment of the present invention, the electronic payment providing system includes only the terminal 110, the subscriber identification module 112, the communication network 120, the communication management device 130, and the financial payment providing device 140. However, this is merely illustrative of the technical idea of one embodiment of the present invention, and those skilled in the art to which an embodiment of the present invention belongs will not depart from the essential characteristics of the embodiment of the present invention. In the will be applicable to various modifications and variations to the components included in the electronic payment providing system.

The terminal 110 refers to a terminal capable of transmitting and receiving various data via the communication network 120 according to a user's key manipulation, and may be a tablet PC, a laptop, or a personal computer. , A smart phone, a personal digital assistant (PDA), a mobile communication terminal, or the like. That is, the terminal 110 refers to a device having a memory for storing a program for accessing the communication management device 130 through the communication network 120, a microprocessor for executing and controlling the program by executing the program, and the like. do. That is, the terminal 110 may be any terminal as long as it is connected to the communication network 120 and the server-client communication with the communication management device 130 is possible, and any communication computing device such as a notebook computer, a mobile communication terminal, a PDA, It is a broad concept that includes everything. Meanwhile, the terminal 110 is preferably manufactured in a form having a touch screen, but is not necessarily limited thereto.

Meanwhile, the application downloaded from the terminal 110 refers to an application installed after being downloaded through an application store when the terminal 110 is a smart phone, and downloaded through a communication company server when the terminal 110 is a feature phone. Virtual machine and application.

The terminal 110 according to an embodiment of the present invention extracts the second unique number assigned to the signed subscriber identification module 112 and based on the second unique number and the second payment information input by the user's command. After generating a second security token (Security Token) to store in the subscriber identification module (112). Here, the second payment information is the same information as the credit card number information or bank account information previously registered in the communication management device 130, the second security token is encrypted information, the second payment information and the second unique number Based on the encrypted value. Here, the second security token is preferably a hash value based on the second payment information and the second unique number, but is not necessarily limited thereto. When the payment request signal is received by the user's command, the terminal 110 receives at least one or more information of the first payment information, the first unique number, and the first security token from the communication management device 130, and is stored in advance. Compared with at least one or more information of the second payment information, the second unique number, and the second security token, if the information between each other matches, the payment approval for the electronic payment request signal is processed. When the first security token and the second security token coincide with each other, the terminal 110 first compares the first security token and the second security token, and additionally stores at least one or more information of the first payment information and the first unique number. Compared to at least one or more information of the second payment information and the second unique number stored in advance, if the information between each other matches, the payment approval for the electronic payment request signal is processed.

On the other hand, a preferred case that is considered to have a lot of demands to apply an embodiment of the present invention, the terminal 110 receives the first security token from the communication management device 130, compared to the previously stored second security token, information between each other Is matched, the payment authorization for the electronic payment request signal is processed, or the first unique number and the first security token are received, the previously stored second unique number and the second security token are compared, and the information between each other matches. In this case, the payment approval for the electronic payment request signal may be processed. However, since the second payment information may be stored in the subscriber identification module 112 concluded in the terminal 110, the first payment information, the first unique number, and the first security from the communication management device 130 in the terminal 110. Receiving at least one or more information of the token, and compared to at least one or more of the previously stored second payment information, the second unique number and the second security token, if the information between each other matches, payment for the electronic payment request signal The approval may be processed.

The terminal 110 checks whether the personal identification number (PIN) information input by the user's operation to generate the second security token is authenticated, and if the PIN information is authenticated as a result of the verification, the second security token is Allow to be created. Here, the PIN is a kind of personal identification number, and is generally set to four digits, and eight digits of a personal unblocking key (PUK) are assigned. On the other hand, the PIN can be changed according to the user's needs, and if the user incorrectly inputs the PIN more than a predetermined number consecutively, since the corresponding subscriber identification module is locked, the PIN can be reset by inputting the PUK. However, if the PUK is also input more than a predetermined number of times, the PUK must be discarded and re-granted. The terminal 110 confirms whether the PIN information re-input by the user's operation is authenticated to process the payment approval, and if the PIN information is authenticated as a result of the confirmation, the second security token is the subscriber identification module 112. Allow to be loaded from. When the payment approval for the payment request signal is processed, the terminal 110 transmits a payment approval signal to the communication management device 130.

The terminal 110 includes a hash function, a hash algorithm, a hash algorithm, a data encryption standard (DES), and a message-digest algorithm (MD5) in the second payment information and the second unique number. ), An encrypted second security token is generated using any one of an encryption method such as BitLocker Drive Encryption and Feistel Cipher. Meanwhile, the terminal 110 preferably applies a hash function or a hash algorithm to the second payment information and the second unique number, but is not necessarily limited thereto. Here, the hash function or hash algorithm is a method of generating a kind of short 'electronic fingerprint' from arbitrary data. The hash function produces a result by truncating, replacing, or repositioning the data. This result is generally called a hash value. Because hash functions must work deterministically, if two hash values are different, the original data for that hash value must be different, and vice versa. In other words, the quality of the hash function is determined by how few hash collisions occur in the input area (when two different data have the same hash value) .The more collisions, the more difficult it is to distinguish different data and retrieve data. The cost increases. In other words, the most basic property of every hash function is that if the two hash values are different, the original data is also different. This is because the hash function is deterministic, on the contrary, the hash function is not a singular function. If they have the same hash value, this implies that the original input value is the same, but it does not guarantee that the hash value changes significantly due to the nature of the hash function even if only one bit of the original input is changed.

On the other hand, the terminal 110 stores the second security token generated using the second payment information entered by the user and the second unique number assigned to the subscriber identification module 112 concluded, the electronic payment request signal When there occurs, at least one of the first payment information, the first unique number and the first security token received from the communication management device 130 is stored among the second payment information, the second unique number and the second security token. The function of processing the payment approval for the electronic payment request signal based on a result of comparing with at least one or more information may be performed through an application mounted in the terminal 110. That is, the terminal 110 may download and install an electronic payment application and install the same, and perform the above-described functions through the electronic payment application, but is not limited thereto.

The subscriber identification module 112 stores basic information such as subscriber identification information and phone number information, and is connected to the terminal 110 to provide subscriber identification information. Here, the subscriber identification module is a type of smart card, also called a Universal Integrated Circuit Card (UICC), and includes a microprocessor, a memory, a card operation system (COS), a security algorithm, and an electronically erasable programmable read only memory (EEPROM). ) Can be built. The subscriber identification module 112 is used for subscriber authentication, billing, global roaming, e-commerce, and the like. In addition, the subscriber identification module 112 may be manufactured in the form of a card and inserted into the terminal 110, and may include at least one of a subscriber identification module (SIM), a universal subscriber identity module (USIM), and a micro USIM. It may include.

Various types of information of the user stored in the subscriber identification module 112 include personal authentication information such as a PIN, which is a personal identification number for user authentication of the terminal 110, and a PUK, which is a personal unblocking key. The personal authentication information stored in the memory chip of the subscriber identification module 112 determines whether the card user is a registered user in the network when the subscriber identification module 112 is inserted into the terminal 110. ) To enable use, and thereby the call charge is charged to the user of the subscriber identification module 112. It is determined whether the user of the subscriber identification module 112 is a registered user in the network. If a wrong PIN is input three or more times, the use of the terminal 110 is blocked and a PUK must be input to release it. . If you enter the wrong PUK more than the preset number, you will not be able to make a call except for an emergency call. The PUK is a unique number stored in the subscriber identification module 112 as given at the time of purchase (or providing) of the subscriber identification module 112. Meanwhile, the subscriber identification module 112 according to an embodiment of the present invention stores the second security token in a security area divided into a separate area.

The communication network 120 refers to a network capable of transmitting and receiving data through an internet protocol using various wired and wireless communication technologies such as an internet network, an intranet network, a mobile communication network, and a satellite communication network. Here, since the technology for the communication network 120 is already known technology, a detailed description thereof will be omitted.

The communication management device 130 performs basic and additional service processing for providing a communication service, incoming and outgoing call processing of a subscriber, location registration procedure and handoff procedure, and interworking with other networks. In addition, the communication management device 130 includes a database that stores a service profile of the subscriber information, the terminal identification number (MIN: Mobile Identification Number) of the terminal 110, the terminal unique number (ESN: Electronic Serial Number) And subscriber information by storing information about the type of service.

The communication management apparatus 130 according to an embodiment of the present invention stores subscriber information and extracts first payment information and a first unique number assigned to the subscriber identification module 112 based on the subscriber information. The communication management device 130 generates a first security token using the first payment information and the first unique number and stores the first security token in the subscriber identification module 112, and receives the first payment information and the first unique number from the terminal 110. And when there is a request for at least one information of the first security token, at least one or more information of the first payment information, the first unique number, and the first security token is transmitted to the terminal 110. When the communication management device 130 receives the approval signal for the electronic payment request from the terminal 110, transmits a payment approval signal for the corresponding cost to the financial payment providing device 140, and the financial payment providing device 140. Receives the approval result signal for the corresponding cost from the terminal 110 and transmits it. On the other hand, the communication management device 130 is encrypted by applying the encryption method of any one of a hash function, a hash algorithm, RSA, DES, MD5, bit locker drive encryption and Fistel password to the first payment information and the first unique number. Generate a first security token. Here, the communication management device 130 preferably uses a hash function or a hash algorithm to generate the first security token, but is not necessarily limited thereto.

The financial settlement providing apparatus 140 is a concept of a device including at least one server of a card company server, a financial institution server, a communication billing server, a transportation agency server, and a mobile payment server that performs electronic payment. Of course, the financial settlement providing apparatus 140 may be implemented as any one of a card company server, a financial institution server, a communication billing server, a transportation institution server, and a mobile payment server. The financial settlement providing apparatus 140 receives a payment approval signal and performs a function of processing the amount corresponding to the payment approval signal as a payment means. That is, when the financial settlement providing apparatus 140 receives the approval signal for the electronic payment approval request signal from the communication management device 130, the financial settlement providing apparatus 140 performs the electronic payment for the corresponding cost.

2 is a block diagram schematically illustrating a terminal according to an embodiment of the present invention.

Terminal 110 according to an embodiment of the present invention is a subscriber identification module fastening unit 210, the second security token generation unit 220, PIN authentication unit 230, payment approval unit 240, key input unit 250 And the terminal communication processing unit 260. Meanwhile, in an embodiment of the present invention, the terminal 110 includes a subscriber identity module fastening unit 210, a second security token generating unit 220, a PIN authentication unit 230, a payment approval unit 240, and a key input unit ( 250) and the terminal communication processing unit 260, but this is merely to describe the technical idea of an embodiment of the present invention by way of example, one of ordinary skill in the art to which one embodiment of the present invention belongs Growing up will be applicable to various modifications and variations to the components included in the terminal 110 without departing from the essential characteristics of one embodiment of the present invention. That is, the terminal 110 according to an embodiment of the present invention preferably includes a memory unit, a display unit, a terminal controller, a microphone, a speaker, and the like, but for convenience of description in the present invention, the terminal 110 is a subscriber identity module. It is described that only the fastening unit 210, the second security token generating unit 220, the PIN authentication unit 230, the payment approval unit 240, the key input unit 250, and the terminal communication processing unit 260 are included.

Subscriber identification module fastening unit 210 is fastened with the subscriber identification module 112, and transmits and receives information stored in the subscriber identification module (112). The second security token generator 220 extracts the second unique number assigned to the signed subscriber identification module 112 and based on the second payment information and the second unique number input through the key input unit 250. The second security token is generated and stored in the subscriber identification module 112. The second security token generation unit 220 encrypts the second payment information and the second unique number by applying an encryption method of any one of a hash function, a hash algorithm, RSA, DES, MD5, bit locker drive encryption, and Feistel password. The generated second security token. Here, the second security token is encrypted information, which is an encrypted value based on the second payment information and the second unique number, and the second payment information is credit card number information or bank previously registered in the communication management device 130. The same information as the account information.

The PIN authenticator 230 checks whether the PIN information input through the key input unit 250 is authenticated to generate the second security token, and if the PIN information is authenticated, the second security token generator Allow 220 to generate a second security token. The PIN authenticator 230 checks whether the PIN information re-entered to process the payment authorization is authenticated, and if the PIN information is authenticated, the second security token is loaded into the payment approval unit 240. Allow. The payment approval unit 240 stores at least one or more information of the first payment information, the first unique number, and the first security token received from the communication management device 130, the second payment information, the second unique number, and the second. When the information between the security tokens is matched with each other, the payment approval for the electronic payment request signal is processed. The payment approval unit 240 compares the first security token and the second security token first, and when the first security token and the second security token match each other, additionally, at least one or more of the first payment information and the first unique number The information is compared with at least one or more pieces of previously stored second payment information and second unique number, and when the information is identical with each other, the payment approval for the electronic payment request signal is processed.

On the other hand, the preferred case that is considered to have a lot of demands to apply an embodiment of the present invention is compared with the second security token previously stored in the payment approval unit 240 compared with the first security token received from the communication management device 130, If the information matches, the payment approval for the electronic payment request signal is processed, or the first unique number and the first security token received from the communication management device 130 are received, and the previously stored second unique number and the second security are stored. Tokens may be compared to process payment approval for an electronic payment request signal when information between each other matches. However, since the second payment information may be stored in the subscriber identification module 112 fastened to the subscriber identification module fastening unit 210, the first payment information received from the communication management device 130 in the payment approval unit 240, At least one or more information of the first unique number and the first security token is compared with at least one or more of the previously stored second payment information, the second unique number, and the second security token, and when the information between each other matches, Payment authorization for the payment request signal may be processed.

The key input unit 250 includes a button for inputting numbers, letters, and symbols to receive a key or a command from a user who uses the terminal 110. Here, the key input unit 250 may be implemented as a touch screen together with the display unit, but is not limited thereto. When the payment request signal is received from the key input unit 250, the terminal communication processor 260 receives the first security token from the communication management device 130. When the payment approval for the payment request signal is processed through the payment approval unit 240, the terminal communication processor 260 transmits a payment approval signal to the communication management device 130. That is, the terminal communication processor 260 is a digital signal processing function for coding or decoding a voice signal, performing an equalizer function to remove multipath noise, and performing an acoustic data processing function, and a baseband signal for a transmitted / received signal. A baseband conversion function that performs digital-to-analog conversion and analog-to-digital conversion processing, receives an RF (Radio Frequency) signal, converts it into an IF (Intermediate Frequency) signal, and converts an IF signal into an RF signal, The wireless signal may be processed by performing an RF signal processing function for demodulating and amplifying an RF signal and an antenna function for transmitting and receiving a wireless signal in the air. In addition, the terminal communication processor 260 may perform voice or data communication through an access point (AP). That is, the terminal communication processor 260 may be implemented to process data packets using wireless communication technologies such as WLAN, Wi-Fi, WiMAX, and WiBro. However, the present invention is not limited thereto.

3 is a block diagram schematically illustrating a communication management device according to an embodiment of the present invention.

Communication management apparatus 130 according to an embodiment of the present invention is a subscriber information database 310, information extraction unit 320, the first security token generation unit 330, communication processing unit 340 and electronic payment processing unit 350 ). Meanwhile, in an embodiment of the present invention, the communication management device 130 may include a subscriber information database 310, an information extracting unit 320, a first security token generating unit 330, a communication processing unit 340, and an electronic payment processing unit ( It is described as including only 350, which is merely illustrative of the technical spirit of one embodiment of the present invention, those skilled in the art to which one embodiment of the present invention belongs to one embodiment of the present invention Various modifications and variations to the components included in the communication management apparatus 130 may be applied without departing from the essential characteristics of the examples.

The subscriber information database 310 stores subscriber information. Here, the subscriber information database 310 classifies the first payment information included in the subscriber information, the unique number of the subscriber identification module 112, and the telephone number information, and stores and manages them in a database. It may be implemented inside or outside the device 130. Such a database refers to a general data structure implemented in a storage system (hard disk or memory) of a computer system using a database management program (DBMS), and can freely search (extract) data, delete data, edit data, and add data. It is a data storage type that can be used, such as relational database management systems (RDBMS) such as Oracle, Infomix, Sybase, DB2, Gemston, Orion, An object-oriented database management system (OODBMS) such as O2, etc., and an XML Native Database such as Excelon, Tamino, Sekaiju, etc. are used to meet the purpose of an embodiment of the present invention. It can be implemented and has the appropriate fields or elements to achieve its function.

The information extracting unit 320 extracts the first payment information and the first unique number assigned to the subscriber identification module 112 based on the subscriber information stored in the subscriber information database 310. The first security token generator 330 generates a first security token using the first payment information and the first unique number. The first security token generator 330 encrypts the first payment information and the first unique number by applying an encryption method of any one of a hash function, a hash algorithm, an RSA, DES, MD5, a bit locker drive encryption, and a Fiestel password. The generated first security token. When there is a request for at least one or more information among the first payment information, the first unique number, and the first security token from the terminal 110, the communication processor 340 may request the first payment information, the first unique number, and the first security. At least one information of the token is transmitted to the terminal 110. When the electronic payment processing unit 350 receives the approval signal for the electronic payment request from the terminal 110, the electronic payment processing unit 350 transmits a payment approval signal for the corresponding cost to the financial settlement providing apparatus 140. The electronic payment processing unit 350 receives the approval result signal for the corresponding cost from the financial settlement providing apparatus 140 and transmits it to the terminal 110.

4 is a flowchart illustrating a method for providing electronic payment using subscriber information and a security token according to an embodiment of the present invention.

The communication management device 130 extracts first payment information input from an agency, a merchant, or an Internet server when the user first subscribes to a communication service (S410). That is, the subscriber essentially enters a bank account number or credit card number in order to automatically transfer the communication costs after subscribing to the first communication service, and the communication management device 130 acquires the corresponding information. In addition, the communication management device 130 obtains the first unique number of the subscriber identification module 112 assigned to the user when the user uses the communication service (S412). That is, the subscriber identification module 112 is fastened to the terminal 110 to use a communication service, but when the communication service is opened, the communication management device 130 transmits the unique number and first number of the subscriber identification module 112 granted to the corresponding user. Match and store payment information, phone number information, and the like.

The communication management apparatus 130 stores the first payment information and the first unique number (S414), and transmits a payment initialization request signal to the corresponding terminal 110 (S416). The terminal 110 may receive a payment initialization request signal from the communication management device 130 and initialize payment information. Meanwhile, an electronic payment application capable of performing electronic payment to the terminal 110 may be provided to the communication management device 130.

The terminal 110 receives the second payment information input by the user's operation (S418). In this case, the terminal 110 may use the downloaded electronic payment application. The terminal 110 extracts the second unique number assigned to the signed subscriber identification module 112 (S420). Here, the second payment information is the same information as credit card number information or bank account information previously registered in the communication management device 130, and the second security token is encrypted information based on the second payment information and the second unique number. Is a hash value.

The terminal 110 receives the PIN information input by the user's operation to generate the second security token, and authenticates the input PIN by comparing with the PIN of the subscriber identification module 112 (S422). When the input PIN information is authenticated, the terminal 110 generates a second security token using the second payment information and the second unique number (S424). Here, the terminal 110 may generate an encrypted second security token by applying a hash function or a hash algorithm to the second payment information and the second unique number. The terminal 110 stores the generated second security token in the subscriber identification module 112 (S426). On the other hand, the communication management device 130 generates and stores the first security token using the first payment information and the first unique number (S428). Meanwhile, the communication management device 130 generates an encrypted first security token by applying a hash function or a hash algorithm to the first payment information and the first unique number.

The terminal 110 receives a payment request signal according to a user's command (S430). The terminal 110 receives the PIN information re-entered by the user's operation to retrieve the first security token stored in the subscriber identification module 112, and compares the PIN with the PIN of the subscriber identification module 112 again. The information is authenticated (S432). If the re-entered PIN information is authenticated, the terminal 110 loads the second security token from the subscriber identification module 112 (S434). The terminal 110 stores at least one or more pieces of first payment information, a first unique number, and a first security token received from the communication management device 130 in advance of the second payment information, the second unique number, and the second security token. At least one of the information is compared (S436).

The terminal 110 when the at least one or more information of the first payment information, the first unique number and the first security token and the at least one or more information of the second payment information, the second unique number and the second security token coincide with each other. In operation S438, the payment approval signal is processed to the communication management device 130 by processing the payment approval for the electronic payment request signal. When the first security token and the second security token coincide with each other, the terminal 110 first compares the first security token and the second security token, and additionally stores at least one or more information of the first payment information and the first unique number. Compared with at least one or more pieces of information stored in the second payment information and the second unique number, the payment approval for the electronic payment request signal may be processed when the information between each other matches. When the communication management device 130 receives the approval signal for the electronic payment request from the terminal 110, transmits a payment approval signal for the corresponding cost to the financial payment providing device 140 (S440). Receive the approval result signal for the corresponding cost from the 140 (S442) and transmits to the terminal 110 (S444). After receiving the approval result signal from the communication management device 130, the terminal 110 processes the purchase completion for the corresponding cost (S446).

In FIG. 4, steps S410 to S446 are described as being sequentially executed. However, this is merely illustrative of the technical idea of an embodiment of the present invention, and the general knowledge in the technical field to which an embodiment of the present invention belongs. Those having a variety of modifications and variations may be applicable by changing the order described in FIG. 4 or executing one or more steps of steps S410 to S446 in parallel without departing from the essential characteristics of an embodiment of the present invention. 4 is not limited to the time series order. As described above, the electronic payment providing method using the subscriber information and the subscriber identification module according to an embodiment of the present invention described in FIG. 4 may be implemented in a program and recorded in a computer readable recording medium.

The foregoing description is merely illustrative of the technical idea of the present invention, and various changes and modifications may be made by those skilled in the art without departing from the essential characteristics of the present invention. Therefore, the embodiments disclosed in the present invention are not intended to limit the technical idea of the present invention but to describe the present invention, and the scope of the technical idea of the present invention is not limited by these embodiments. The protection scope of the present invention should be interpreted by the following claims, and all technical ideas within the equivalent scope should be interpreted as being included in the scope of the present invention.

As described above, the present invention is applied to various fields that can enhance security for user authentication and security for terminal hacking when making electronic payments, as well as comparing security tokens between the terminal and the communication management device, as well as payment information or uniqueness. By further comparing the numbers to perform the authentication required for payment, it is a useful invention that generates the effect of further enhanced security.

110: terminal 112: subscriber identification module
120: communication network 130: communication management device
140: financial payment providing device 210: subscriber identification module fastening unit
220: second security token generation unit 230: PIN authentication unit
240: payment approval unit 250: key input unit
260: terminal communication processing unit 310: subscriber information database
320: information extracting unit 330: first security token generating unit
340: communication processing unit 350: electronic payment processing unit

Claims (14)

  1. Communication for extracting first payment information based on subscriber information and a first unique number assigned to a subscriber identification module, and generating and transmitting a first security token using the first payment information and the first unique number. Management device;
    A second security token is generated and stored by using the second payment information input by the user and the second unique number assigned to the subscriber identification module, and is received from the communication management device when an electronic payment request signal is generated. The at least one or more information of the first payment information, the first unique number, and the first security token, which have been previously stored, with at least one or more information of the second payment information, the second unique number, and the second security token. A terminal processing a payment approval for the electronic payment request signal based on a result; And
    When the approval signal for the electronic payment approval request signal is received from the communication management device, the financial settlement providing device for performing the electronic payment for the corresponding cost
    Electronic payment providing system using a subscriber information and security token comprising a.
  2. Extracting a second unique number assigned to the signed subscriber identification module, and generating and storing a second security token based on the second payment information input through the key input unit and the second unique number Security token generator;
    A terminal communication processor configured to receive at least one or more information of the first payment information, the first unique number, and the first security token from the communication management device when the payment request signal is received; And
    Comparing at least one or more of the first payment information, the first unique number and the first security token with at least one or more of the second payment information, the second unique number and the second security token If the information is mutually matched, the payment approval unit for processing the payment approval for the electronic payment request signal
    And a second terminal.
  3. The method of claim 2,
    The payment approval unit,
    When the first security token and the second security token coincide with each other by first comparing the first security token and the second security token, additionally, at least one or more of the first payment information and the first unique number And comparing the stored information with at least one of the second payment information and the second unique number, and processing the payment approval for the electronic payment request signal when the information is identical with each other.
  4. The method of claim 2,
    In order to generate the second security token, it is determined whether the personal identification number (PIN) information input through the key input unit is authenticated, and if the PIN information is authenticated as a result of the verification, the second security token generator The terminal further comprises a PIN authentication unit for allowing the second security token to be generated.
  5. The method of claim 4, wherein
    The PIN authentication unit,
    Check whether the PIN information re-input to process the payment approval is authenticated, and if the PIN information is authenticated, allowing the second security token to be loaded into the payment approval unit. Terminal, characterized in that.
  6. The method of claim 2,
    The second payment information,
    And the same information as credit card number information or bank account information previously registered in the communication management device.
  7. The method of claim 2,
    The terminal communication processing unit,
    And a payment approval signal is transmitted to the communication management device when the payment approval for the payment request signal is processed through the payment approval unit.
  8. The method of claim 2,
    The subscriber identification module,
    And storing the second security token in a security area divided into a separate area.
  9. A subscriber information database storing subscriber information;
    An information extraction unit for extracting first payment information and a first unique number assigned to the subscriber identification module based on the subscriber information;
    A first security token generator configured to generate a first security token using the first payment information and the first unique number; And
    When there is a request for at least one or more of the first payment information, the first unique number and the first security token from the terminal, at least one of the first payment information, the first unique number, and the first security token. Communication processor for transmitting one or more information to the terminal
    Communication management device comprising a.
  10. The method of claim 9,
    When receiving the approval signal for the electronic payment request from the terminal, transmits a payment approval signal for the corresponding cost to the financial payment providing device, receives the approval result signal for the corresponding cost from the financial payment providing device to the terminal. Electronic payment processing unit to send
    Communication management device further comprises.
  11. Extracting a second unique number assigned to the signed subscriber identification module, and generating and storing a second security token based on the second payment information input through the key input unit and the second unique number;
    Receiving at least one or more information of the first payment information, the first unique number, and the first security token from the communication management device when the payment request signal is received; And
    Comparing at least one or more of the first payment information, the first unique number and the first security token with at least one or more of the second payment information, the second unique number and the second security token If the information of each other matches, processing the payment approval for the electronic payment request signal
    Electronic payment providing method using a subscriber information and a security token comprising a.
  12. The method of claim 11,
    Generating and storing the second security token,
    Generate an encrypted second security token by applying one of a cryptographic method of a hash function, a hash algorithm, RSA, DES, MD5, bit locker drive encryption, and Feistel password to the second payment information and the second unique number. Electronic payment providing method using the subscriber information and security token comprising the step of.
  13. Extracting first payment information and a first unique number assigned to the subscriber identification module based on previously stored subscriber information;
    Generating a first security token using the first payment information and the first unique number; And
    When there is a request for at least one or more of the first payment information, the first unique number and the first security token from the terminal, at least one of the first payment information, the first unique number, and the first security token. Transmitting one or more information to the terminal
    Electronic payment providing method using a subscriber information and a security token comprising a.
  14. The method of claim 13,
    Generating the first security token,
    Generate an encrypted first security token by applying one of a cryptographic method of a hash function, a hash algorithm, RSA, DES, MD5, bit locker drive encryption, and a Feistel password to the first payment information and the first unique number. Electronic payment providing method using the subscriber information and security token comprising the step of.
KR1020100123168A 2010-12-06 2010-12-06 Method for Providing Electronic Payment by Using Subscriber Information And Security Token, System, Terminal And Communication Management Apparatus Therefor KR101683664B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020100123168A KR101683664B1 (en) 2010-12-06 2010-12-06 Method for Providing Electronic Payment by Using Subscriber Information And Security Token, System, Terminal And Communication Management Apparatus Therefor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020100123168A KR101683664B1 (en) 2010-12-06 2010-12-06 Method for Providing Electronic Payment by Using Subscriber Information And Security Token, System, Terminal And Communication Management Apparatus Therefor

Publications (2)

Publication Number Publication Date
KR20120076591A true KR20120076591A (en) 2012-07-09
KR101683664B1 KR101683664B1 (en) 2016-12-07

Family

ID=46710198

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020100123168A KR101683664B1 (en) 2010-12-06 2010-12-06 Method for Providing Electronic Payment by Using Subscriber Information And Security Token, System, Terminal And Communication Management Apparatus Therefor

Country Status (1)

Country Link
KR (1) KR101683664B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101505847B1 (en) * 2013-01-07 2015-04-07 주식회사 케이지이니시스 Method for Validating Alliance Application for Payment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060108155A (en) * 2005-04-12 2006-10-17 주식회사 비즈모델라인 System and method for operating payment means data, server and recording medium
KR20070020772A (en) * 2005-08-16 2007-02-22 주식회사 비즈모델라인 System and Method for Processing Financial Transaction by Using Mobile Number, Devices for Processing Financial Transaction, Terminals for Financial Transaction, Devices and Recording Medium
KR100837828B1 (en) * 2006-12-08 2008-06-13 와이즈와이어즈(주) Method and System for Providing Payment by Using Mobile Communication Terminal
KR20090114585A (en) * 2008-04-30 2009-11-04 주식회사 신한은행 Method and System for Processing Cash Payment by Using USIM and Recording Medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060108155A (en) * 2005-04-12 2006-10-17 주식회사 비즈모델라인 System and method for operating payment means data, server and recording medium
KR20070020772A (en) * 2005-08-16 2007-02-22 주식회사 비즈모델라인 System and Method for Processing Financial Transaction by Using Mobile Number, Devices for Processing Financial Transaction, Terminals for Financial Transaction, Devices and Recording Medium
KR100837828B1 (en) * 2006-12-08 2008-06-13 와이즈와이어즈(주) Method and System for Providing Payment by Using Mobile Communication Terminal
KR20090114585A (en) * 2008-04-30 2009-11-04 주식회사 신한은행 Method and System for Processing Cash Payment by Using USIM and Recording Medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101505847B1 (en) * 2013-01-07 2015-04-07 주식회사 케이지이니시스 Method for Validating Alliance Application for Payment

Also Published As

Publication number Publication date
KR101683664B1 (en) 2016-12-07

Similar Documents

Publication Publication Date Title
JP2018088292A (en) System and method for secure transaction process by mobile equipment
US10762483B2 (en) ATM token cash withdrawal
US9312923B2 (en) Personal point of sale
JP6531092B2 (en) How to secure wireless communication between a mobile application and a gateway
US20180114210A1 (en) Secure payments with untrusted devices
US10496832B2 (en) System and method for initially establishing and periodically confirming trust in a software application
US20190122212A1 (en) Methods and systems for provisioning payment credentials
US20170308894A1 (en) Systems and methods for performing file distribution and purchase
US20180218358A1 (en) Trusted service manager (tsm) architectures and methods
US20160155114A1 (en) Smart communication device secured electronic payment system
US9123041B2 (en) System and method for presentation of multiple NFC credentials during a single NFC transaction
AU2012303620B2 (en) System and method for secure transaction process via mobile device
CN104145297B (en) Radial personal identification number verification
US9098844B2 (en) Mobile electronic wallet
KR101150241B1 (en) Method and system for authorizing a transaction using a dynamic authorization code
AU2019226230A1 (en) Method and apparatus for providing secure services using a mobile device
US8527427B2 (en) Method and system for performing a transaction using a dynamic authorization code
US9607298B2 (en) System and method for providing secure data communication functionality to a variety of applications on a portable communication device
US8046261B2 (en) EMV transaction in mobile terminals
US9740847B2 (en) Method and system for authenticating a user by means of an application
US20150073953A1 (en) In-card access control and monotonic counters for offline payment processing system
KR101621254B1 (en) Payment method, computer readable recording medium and system using virtual number based on otp
US9208634B2 (en) Enhanced smart card usage
US20140129450A1 (en) Secure payment method and system
US9020858B2 (en) Presence-of-card code for offline payment processing system

Legal Events

Date Code Title Description
N231 Notification of change of applicant
A201 Request for examination
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20191203

Year of fee payment: 4