KR20140114511A - Method and apparatus for banking service and method thereof - Google Patents

Method and apparatus for banking service and method thereof Download PDF

Info

Publication number
KR20140114511A
KR20140114511A KR1020130027936A KR20130027936A KR20140114511A KR 20140114511 A KR20140114511 A KR 20140114511A KR 1020130027936 A KR1020130027936 A KR 1020130027936A KR 20130027936 A KR20130027936 A KR 20130027936A KR 20140114511 A KR20140114511 A KR 20140114511A
Authority
KR
South Korea
Prior art keywords
financial
user
otp
financial transaction
information
Prior art date
Application number
KR1020130027936A
Other languages
Korean (ko)
Inventor
조남욱
채종학
Original Assignee
주식회사 한국외환은행
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 한국외환은행 filed Critical 주식회사 한국외환은행
Priority to KR1020130027936A priority Critical patent/KR20140114511A/en
Publication of KR20140114511A publication Critical patent/KR20140114511A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q2220/00Business processing using cryptography

Abstract

Disclosed are a method and an apparatus for a financial transaction. According to the present invention, user authentication for a financial transaction is carried out by receiving, from an OTP server, financial IC card information that stores information required for generating an OTP in a memory area during an online financial transaction and user information which is the telephone number of a mobile terminal, and an OTP generated according to a result of the user authentication for the financial transaction service is transmitted to the mobile terminal. Thus, security of the financial IC card for generating the OTP can be improved.

Description

[0001] METHOD AND APPARATUS FOR BANKING SERVICE AND METHOD THEREOF [0002]

More particularly, the present invention relates to a method and apparatus for generating an OTP (One Time Password) based on financial IC card information stored in a financial IC card and user information of a mobile terminal, The present invention relates to a method and an apparatus that can be implemented with enhanced security.

Internet banking has become a part of everyday life for the general public as the development of internet communication technology and the activation of online electronic financial transaction according to information age. As the online banking transactions such as Internet banking are activated, financial transaction hacking accidents are causing anxiety about online banking transactions. Recently, OTP, which generates a new one-time password at the time of online banking transactions, keyboard security that encrypts keyboard input information, web encryption that encrypts transmission information between a customer's web browser and a financial institution's web server, And DB security to protect itself.

Recently, the government has set up comprehensive measures to strengthen the security of electronic financial transactions in four areas of anti-hacking, electronic finance, e-commerce and public certificate. In this regard, the Financial Supervisory Service has introduced the introduction of OTP terminals as recommendations Respectively.

OTP is a security system that generates and uses a new password every time a user wishes to be authenticated. Such a one-time password is referred to as OTP, and a terminal that generates such a password in an expanded sense is also called OTP. In an accurate sense, the terminal that generates such a password is called an OTP generator. Such OTP generator or OTP terminal can protect the online electronic financial transaction from hacking by eliminating the possibility of the password used in the user authentication process.

However, it is a reality that the OTP or the authorized certificate method which is commonly used in the existing online financial transaction still has a great risk of hacking, theft and theft. In other words, in the case of a public certificate, there is a need to strengthen the security due to a hacking or the like, and in the case of the OTP, there is a vulnerability such as a loss due to the loss of an individual or a hacking at an intermediate stage. to be.

SUMMARY OF THE INVENTION The present invention has been made to solve the above problems, and it is an object of the present invention to provide an OTP server which can provide financial IC card information for storing information necessary for OTP generation in a memory area, A financial transaction method capable of further enhancing the security of the financial IC card information for OTP generation by executing the authentication for the financial transaction user and transmitting the generated OTP to the mobile terminal according to the result of authentication of the financial transaction service user, The purpose is to provide a device.

It is another object of the present invention to provide a financial transaction method capable of protecting the financial IC card information from illegal hacking of communication data by decrypting the financial IC card information encrypted by the OTP server based on a predefined public key, Device.

It is still another object of the present invention to provide a financial transaction method and apparatus capable of fundamentally preventing financial transaction in the event of loss of one of a mobile terminal and a financial IC card according to respective recording boxes by binarizing financial IC card information and user information .

It is still another object of the present invention to provide an OTP authentication method capable of maintaining a stronger security by further adding an authentication procedure for verifying validity of a financial transaction service subscriber of a mobile terminal and validity of financial IC card information in an existing OTP authentication procedure And to provide a financial transaction method and apparatus.

According to a first aspect of the present invention,

A financial IC card for encrypting financial IC card information, which is information necessary for OTP generation issued from a financial institution,

In order to receive the financial transaction service, the user confirms whether the user is a subscriber of a financial transaction service supplied from a mobile communication company or a financial company. If the subscriber is a financial transaction service member, he / she reads the financial IC card information of the financial IC card through a local communication network, A mobile terminal for transmitting the IC card information and the user information of the mobile terminal through a first communication network,

If the subscriber is a financial transaction service subscriber, authentication is performed on the financial transaction user through the validity of the mobile terminal and the validity of the financial IC card based on the received user information of the mobile terminal and the financial IC card information, And an OTP server for generating an OTP according to a predetermined algorithm and transmitting the generated OTP to the mobile terminal through the first communication network.

Preferably, the financial IC card

The financial IC card information including the ID of the user and the OTP serial number (token serial number) assigned by the financial institution is encrypted using the private key of the symmetric key algorithm and recorded.

Preferably, the mobile terminal further comprises:

In order to receive the financial transaction service, a password designated by the user is registered in the OTP server in an initial menu for confirming whether the user is a financial transaction service subscriber supplied from a mobile communication company or a financial company, and the registered password and the inputted password A user interface module for confirming that the user is a financial transaction service subscriber,

A short distance communication module for reading the financial IC card information stored in the financial IC card in the case of the financial transaction service subscriber,

       And a financial transaction control module for transmitting the financial IC card information including the leading user ID and the OTP serial number and the user information of the mobile terminal to the OTP server through the first communication network through the short distance communication module .

Preferably, the user information comprises:

And a telephone number of the mobile terminal.

Preferably, the user interface module comprises:

After downloading the financial transaction service providing application provided through the browser, an initial menu for confirming whether or not the financial transaction service is to be added is created,

The password of the financial transaction service is registered in accordance with the generated initial menu OPT  And registers it in the server and confirms whether it is a financial service subscriber based on the registered password and the inputted password when requesting the financial transaction service.

Preferably, the OTP server comprises:

A decryption module for receiving the financial IC card information provided from the mobile terminal and decrypting the received financial IC card information using a predefined public key when it is confirmed as a financial distance service subscriber based on the registered password ;

A financial information storage module in which financial information provided from a financial company is stored,

A financial transaction user authentication module for authenticating a financial transaction user based on user information of the mobile terminal and financial IC card information decrypted by the decryption module;

And an OTP generation module for generating an OTP according to a predetermined algorithm when the financial transaction user is valid and transmitting the encrypted OTP to the mobile terminal.

Preferably, the financial transaction service authentication

The first authentication for the financial transaction user is performed based on the user information of the mobile terminal and the user information of the financial information of the financial information storage module,

The second authentication for the financial transaction user is executed based on the user ID and the OTP serial number of the financial IC information decrypted by the decryption module and the user ID and OTP serial number of the financial information stored corresponding to the user information according to the first authentication result .

Preferably,

And a financial service server connected to the mobile terminal through a second communication network and executing a financial transaction using a mobile terminal or a personal computer as an input of an OTP provided from the OTP server.

According to a second aspect of the present invention, there is provided a financial IC card comprising:

A security communication unit for reading the financial IC card information in response to a financial IC card information request from a mobile terminal, which is a financial transaction service subscriber, and transmitting the read information to the mobile terminal;

And a memory for encrypting and recording financial IC card information supplied from a financial institution.

Preferably, the financial IC card information includes:

And the financial IC card information including the user ID and the OTP serial number assigned by the financial institution is encrypted and stored using the private key of the symmetric key algorithm.

According to a third aspect of the present invention,

In order to receive a financial transaction service, a user creates an initial menu for confirming whether the user is a financial transaction service subscriber using an application supplied from a mobile communication company or a financial company, A user interface module for confirming whether the user is a transaction service subscriber,

A short distance communication module for reading the financial IC card information stored in the financial IC card when the user interface module is confirmed as a financial transaction service subscriber,

And a financial transaction control module that transmits the read financial IC card information and the user information of the mobile terminal to the OTP server through the first communication network through the short-range communication module.

Preferably, the user interface module comprises:

After downloading the financial transaction service providing application provided through the browser, an initial menu for confirming whether or not the financial transaction service is to be added is created,

A password is input in accordance with the initial menu, OTP  Server,

And to confirm whether the subscriber is a financial transaction service subscriber based on the registered password and the password entered through the keypad.

Preferably, the user information comprises:

And is a telephone number of the mobile terminal.

According to a fourth aspect of the present invention, there is provided an OTP server comprising:

A decryption module for decrypting the encrypted financial IC card information by receiving the encrypted financial IC card information read through the mobile terminal when it is determined that the user is a financial distance service subscriber based on the registered password ;

A financial information storage module for receiving financial information from the financial institution, the financial information including a user ID and an OTP serial number, and user information being a phone number of the mobile terminal,

A financial transaction user authentication module for authenticating a financial transaction user based on the financial IC card information decrypted by the decryption module and the user information of the mobile terminal;

And an OTP generation module for generating an OTP according to a predetermined algorithm when the financial transaction user is valid and transmitting the encrypted OTP to the mobile terminal through the first communication network.

According to a fifth aspect of the present invention,

A financial transaction method for authenticating a subscriber of a financial transaction service and executing an authentication procedure for a financial transaction user, the subscriber being connected to the encrypted financial IC card, the mobile terminal, and the OTP server via a communication network,

A service subscription confirming step of confirming whether the subscriber is a financial transaction service subscriber based on the password registered when the financial transaction application is executed through the communication network of the mobile communication company or the financial company in the mobile terminal;

A financial transaction user information transmission step of reading the financial IC card information stored in the financial IC card through the local communication network in the mobile terminal and transmitting the read financial IC card information and the user information of the mobile terminal to the OTP server Wow,

A financial transaction user authentication step of performing financial transaction user authentication based on the received financial IC card information and user information and financial information previously stored in the OTP server,

And generating an OTP when the financial transaction user is valid through the financial transaction user authentication and transmitting the generated OTP to the mobile terminal.

Preferably, the financial IC card information includes:

And a user ID and an OTP serial number provided as financial companies.

Preferably, the user information comprises:

And the telephone number of the mobile terminal is included in the OTP server.

Preferably, the financial information includes:

And a user ID and an OTP serial number stored corresponding to user information including a phone number of a mobile terminal provided from a financial company.

 Preferably, the financial transaction user authentication step includes:

The first authentication for the financial transaction user is executed based on the user information of the mobile terminal and the financial information of the financial information storage module,

The financial IC card information encrypted according to the first authentication result for the financial transaction user is decrypted using the predefined public key,

 And the second authentication for the financial transaction user is performed based on the user ID and the OTP serial number included in the decrypted financial IC information, the user ID included in the financial information, and the OTP serial number.

Preferably, the OTP generation step comprises:

If the financial transaction user is valid as a result of the financial transaction user authentication at the OTP server, the OTP server generates an OTP according to a predefined algorithm and transmits the encrypted OTP to the mobile terminal via the first communication network.

Preferably,

And performing a financial transaction using a mobile terminal or a user terminal as an input of an OTP provided from the OTP server at a financial service server connected through the second communication network with the mobile terminal.

As described above, according to the financial transaction apparatus and method according to the embodiment of the present invention, the financial IC card information for storing information necessary for OTP generation in the memory area in the online financial transaction in the OTP server, It is possible to further enhance the security of the financial IC card information for generating the OTP by transmitting the OTP generated according to the financial transaction service user authentication result to the mobile terminal by receiving the user information and performing the authentication for the financial transaction user .

Also, according to the present invention, the financial IC card information encrypted by the OTP server and the user information are decrypted based on the predefined public key, thereby protecting the financial IC card information from illegal hacking of communication data.

According to the present invention, the financial IC card information and the user information can be duplicated, and the exposure of the financial IC card information at the time of loss of the mobile terminal can be fundamentally prevented according to the respective recording boxes.

According to the present invention, in an existing OTP authentication procedure, an authentication procedure for a financial transaction service subscriber of a mobile terminal, which is executed based on a registered password at the time of executing a financial transaction service application, It is possible to further enhance the security by adding a certificate confirming validity.

BRIEF DESCRIPTION OF THE DRAWINGS The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate preferred embodiments of the invention and, together with the description of the invention given below, serve to further understand the technical idea of the invention. And should not be construed as limiting.
1 is a diagram illustrating a configuration of a financial transaction apparatus according to an embodiment of the present invention.
2 is a diagram illustrating a configuration of a mobile terminal used in financial transactions according to an embodiment of the present invention.
3 is a diagram illustrating a configuration of an OTP server used in financial transactions according to an embodiment of the present invention.
4 is a flowchart illustrating a procedure of a financial transaction process according to another embodiment of the present invention.

In order to fully understand the present invention, operational advantages of the present invention, and objects achieved by the practice of the present invention, reference should be made to the accompanying drawings and the accompanying drawings which illustrate preferred embodiments of the present invention.

BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, the present invention will be described in detail with reference to the preferred embodiments of the present invention with reference to the accompanying drawings. Like reference symbols in the drawings denote like elements.

1 is a diagram illustrating a configuration of a financial transaction apparatus according to an embodiment of the present invention.

Another financial transaction apparatus according to an embodiment of the present invention includes a mobile terminal 100, a financial IC card 200 connected to the mobile terminal 100 through a local area network, and a financial IC card 200 connected to the mobile terminal 100 through a first communication network An OTP server 300, and a financial service server 400 connected to the mobile terminal 100 through a second communication network.

Here, the mobile terminal 100 downloads an application for providing a financial transaction service from a web site of a financial institution connected through a web browser or a side of an affiliated communication carrier, and then executes a financial transaction application based on the registered password And the mobile terminal 100 may be a mobile phone, a smart phone, a notebook computer, or the like, but may be any type of device as long as it is a device capable of short-range communication and connection with the first and second communication networks.

Here, the first and second communication networks include a CDMA (Code Division Multiple Access) network, a WCDMA (Wideband Code Division Multiple Access) network, and the like, which provide mobile communication services such as basic voice call service and data communication service .

In addition, the local area network includes a Wi-Fi network capable of providing high-speed Internet within a certain distance of a place where a wireless access point (AP) is installed, but the present invention is not limited thereto.

Also, when the mobile terminal 100 is confirmed as a financial transaction service subscriber based on the registered password registered in the OTP server and the entered password, the mobile terminal 100 accesses the financial IC card via the local area network, To read the card information.

The financial IC card is given from a financial institution, and the financial IC card information including the user ID and the OTP serial number for the financial registrant is encrypted and stored in the memory area.

The financial IC card information is information obtained by encrypting the user ID and the OTP serial number using the private key of the symmetric key algorithm, and is recorded in the memory area of the financial IC card 200 by the financial institution. Here, a series of processes for encrypting data using the private key is a publicly known technique, and a detailed description thereof will be omitted.

The mobile terminal 100 is connected to the OTP server 300 through the first communication network and supplies the read financial IC card information and user information, which is a phone number of the mobile terminal, to the OTP server 300 .

When the mobile terminal 100 is identified as a financial transaction service subscriber in the OTP server 300, the financial IC card 200 is provided at the financial service provider side and is a financial transaction service subscriber of the mobile terminal 100 Reads the financial IC card information recorded in the memory area via the local area network, and transmits the information to the mobile terminal 100.

Here, the financial IC card 200 may include a bidirectional communication unit for connecting with the mobile terminal 100 through a local area network and a memory for recording financial IC card information supplied from a financial institution. That is, the communication unit of the financial IC card 200 reads the financial IC card information stored in the memory in response to the request for the financial IC card information supplied from the mobile terminal 100, and transmits the information to the mobile terminal 100 through the communication unit .

The OTP server 300 having received the confirmation result of the financial transaction service subscriber of the mobile terminal 100 when the mobile terminal 100 has been confirmed as a financial transaction service subscriber based on the password input by the mobile terminal 100 and the registered password, After receiving the user information of the mobile terminal 100 and the financial IC card information of the financial IC card, decrypts the encrypted financial IC card information, identifies the user ID and the OTP serial number of the decrypted financial IC card information, And the financial information supplied from the financial company. If the financial transaction user is valid, the OTP is generated according to a predefined algorithm and transmitted to the mobile terminal 100.

That is, the OTP server 300 decrypts the financial IC card information and the user information supplied from the mobile terminal 100 using a predefined public key, and then decrypts the user ID and the OTP serial number of the decrypted financial IC card information, A user ID and an OTP serial number of the financial IC card information in the created matching list, and a user ID and an OTP serial number of the created IC card information, And performs authentication for the financial transaction user based on the information.

The OTP server 300 determines whether the financial transaction user is valid by comparing the user information provided from the mobile terminal with the user information of the financial information to perform first authentication for the financial transaction user, The validity of the financial IC card is judged through the quantitative comparison of the decrypted user ID and the OTP serial number according to the authentication result, and the second authentication for the financial transaction user is executed to execute the authentication for the financial transaction user.

If the OTP server 300 determines that the financial transaction user is valid, the OTP server 300 generates an OTP random number, encrypts the OTP random number, and provides the encrypted OTP to the mobile terminal 100 through the first communication network .

The mobile terminal 100 decrypts and displays the encrypted OTP, connects with the financial company server 400 through the second communication network, inputs the displayed OTP, and executes a financial transaction. Although the mobile terminal 100 directly connects to the financial service server 400 through the second communication network, it is possible to connect the financial service server 400 directly to the financial service server 400 using a separate user terminal (not shown) such as a personal computer Or may be connected to the server 400.

In addition, since the financial company server 400 is configured to generate an OTP in cooperation with the OTP server 300 and process financial transactions through OTP authentication, the financial company server 400 may be formed integrally with a separate OTP server , And may also be installed separately according to the manufacturer ' s intention.

2 shows a configuration of a mobile terminal according to the present invention.

2, the mobile terminal 100 includes a user interface module 110 including a browser 111, a download unit 113 and an authentication unit 115, a short range communication module 130, And a transaction control module 170.

That is, the browser 111 of the mobile terminal 100 according to the embodiment of the present invention plays a role of providing a WAP browsing solution for connection with a financial service provider or a wireless Internet server (not shown) of a mobile communication company .

In accordance with the WAP browsing solution, the download unit 113 of the mobile terminal 100 accesses a wireless Internet server (not shown) provided at a mobile communication service provider or a financial service provider to download a financial transaction service related application.

The authentication unit 115 of the user interface module 110 generates and displays an initial menu for confirming whether the user is a financial transaction service subscriber based on an application supplied from a mobile communication company or a financial company and displays an OTP server 3000 And confirms that the user is a financial transaction service subscriber based on the registered password and the inputted password.

If the authentication unit 115 is not a financial transaction service subscriber through a password, the financial transaction is suspended.

Also, the short-range communication module 130 receives the financial IC card information stored in the adjacent financial IC card 200 when it is a financial transaction service subscriber as a result of the authentication of the user interface module 110. [

If the authentication result of the user interface module 110 indicates that the user is a financial transaction service subscriber, the financial transaction control module 170 transmits the user information, the financial IC card information supplied from the short distance communication module 130, And provides the user information to the OTP server 300 through the first communication network.

3 shows a configuration of an OTP server according to an embodiment of the present invention.

3, the OTP server 300 includes a decryption module 310 connected to the financial transaction control module 170 of the mobile terminal 100 through a first communication network, a financial information registration module 330, A transaction user authentication module 350, and an OTP generation module 370.

The decryption module 310 decrypts the financial IC card information and the user information supplied from the mobile terminal 100 through the first communication unit 311 received through the first communication network and the financial IC card 311 received through the first communication unit 311. [ And a decryption unit 313 for decrypting the card information, and performs authentication based on the decrypted financial IC card information and the user information.

Meanwhile, the financial information registration module 330 registers and records financial information provided by a financial institution. Here, the financial information includes all of the financial IC card information and user information provided by the financial service provider and supplied to the financial transaction service subscribers.

The financial IC card information includes a user ID and an OTP serial number provided from a financial institution, and the user information includes a telephone number of the mobile terminal.

The financial transaction user authentication module 350 performs financial transaction user authentication based on the financial information of the financial information registration module 330, the financial IC card information of the decryption unit 313, and the usage information of the mobile terminal, And provides the OTP generation module 370 with the authentication result for the transaction user. That is, whether the financial transaction user is valid or not is determined according to whether the financial information, the financial IC card information, and the user information provided by the mobile communication terminal coincide with each other.

That is, the financial transaction user authentication module 350 performs a primary authentication for the financial transaction user, which determines whether the financial transaction user is valid based on the user information of the mobile terminal and the user information of the financial information of the financial information storage module The validity of the financial IC card based on the user ID and the OTP serial number of the financial IC information decrypted by the decryption module and the user ID and the OTP serial number stored in the financial information corresponding to the user information, The second authentication for the financial transaction user is performed.

If the financial transaction user is valid, the OTP generation module 370 generates an OTP random number according to a predefined algorithm, encrypts the generated OTP and transmits the encrypted OTP to the mobile terminal 100 through the first communication network .

If the financial transaction user is not valid, the financial transaction user authentication module 350 provides the authentication result for the financial transaction user to the mobile terminal 100 through the first communication network, Displays the authentication result for the user.

Hereinafter, the financial transaction processing operation according to the present invention will be described.

4 is a flowchart illustrating a financial transaction processing operation according to an embodiment of the present invention.

Referring to the drawings, a user interface module (110) of a mobile terminal according to the present invention installs a browser to receive financial related services, and then, through a financial transaction related website provided from a financial company or a mobile communication company, (S11), and then a financial transaction service subscription is executed (S11).

That is, the mobile terminal includes a PC, a notebook PC, a PDA, a smart phone, and the like. The mobile terminal includes a web browser, and is connected to the financial company server 400 through a network, Provide access to transaction services.

In the embodiment of the present invention, a series of processes of downloading a financial transaction application from a web site connected through a browser and subscribing to a financial transaction service are well known and widely known, and therefore, a detailed description thereof will be omitted.

Next, the user interface module 110 of the mobile terminal performs a financial transaction subscriber authentication procedure to confirm that the subscriber is a financial transaction service subscriber (S13). That is, it is confirmed that the subscriber is the financial transaction service subscriber. If the subscriber is a financial transaction service subscriber, the financial transaction service subscriber authentication result is transmitted to the financial transaction control module 170. At this time, if the subscriber is a financial transaction service, the system controls the normal financial transaction to proceed .

When the subscriber is a financial transaction service subscriber, the mobile terminal 100 accesses the financial IC card 200 received via the local area network, receives the financial IC card information stored in the financial IC card, and provides the information to the financial transaction control module 170 (S15).

Also, the financial transaction control module 170 carries out a process of transmitting the financial IC card information stored in the financial IC card to the OTP server 300 by encrypting the user information provided from the mobile communication system. That is, the financial IC card information provided from the short-range communication module 130 and the user information of the mobile terminal are transmitted to the OPT server 300 connected to the mobile terminal through the first communication network (S17).

Here, the financial IC card 200 is stored by encrypting the financial IC card information including the user ID and the OTP serial information with a predetermined private key, and is directly issued from the financial company.

Next, the decryption module 310 of the OTP server 300 proceeds to decrypt the financial IC card information and the user information received through the first communication network. That is, the information stored in the encrypted financial IC card and the user information stored in the mobile communication system are received and decrypted with a predetermined public key, and the decrypted financial IC card information and user information of the mobile terminal are transmitted to the financial transaction user authentication module 350, (S19).

Also, the financial transaction user authentication module 350 performs an authentication procedure for the user based on the financial information of the registered financial information registration module, the financial IC card information, and the user information provided by the financial company.

In this case, the authentication for the financial transaction user may include whether the financial information matches with the financial IC card information, whether the financial information matches the user information, whether the financial information matches the user information and the financial IC information (S21).

The financial transaction user authentication result is provided to the OTP generation module 370.

If the received financial transaction user authentication result is valid, the OTP generation module 370 performs a normal OTP generation process. If the financial transaction user is not valid, the OTP generation module 370 is limited to OTP generation (S23).

The OTP generation is generated as an OTP random number through a predefined algorithm, and is simultaneously issued by the OTP server 300 and the financial company server 400. Here, a series of processes for generating OTP through the pre-defined alicyclic points are well-known and well-known techniques, and a detailed description thereof will be omitted.

The generated OTP is provided to the financial transaction control module 170 of the mobile terminal 100 through the first communication network.

The OTP provided to the mobile terminal is displayed on the screen, and the displayed OTP is input through the user terminal including the mobile terminal or the personal PC (S25). The input OTP is input to the financial institution And is provided to the server 400.

The financial company server 400 proceeds to provide OTP authentication and financial transaction services based on the received OTP. That is, the financial company server 400 authenticates the OTP through the matching of the OTP generated from the OTP server formed separately or integrally with the OTP provided through the second communication network from the mobile terminal or the user terminal (S27) If the result is a normal OTP, the financial transaction requested from the mobile terminal or the user terminal is processed (S29).

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.

In the OTP server, the financial IC card information storing the information necessary for OTP generation in the memory area during the online financial transactions and the user information of the mobile terminal generated by the OTP server are received to execute the financial transaction user authentication, The OTP generated by the OTP is transmitted to the mobile terminal, thereby improving the security of the financial IC card information for OTP generation. In addition, It is an invention that is industrially applicable because it can bring about progress and it is enough to be able to carry out the commercialization or operation of the applied financial product as well as realistically and clearly.

Claims (22)

A financial IC card for encrypting financial IC card information, which is information necessary for OTP generation issued from a financial institution,
In order to receive the financial transaction service, the user confirms whether the user is a subscriber of a financial transaction service supplied from a mobile communication company or a financial company. If the subscriber is a financial transaction service member, he / she reads the financial IC card information of the financial IC card through a local communication network, A mobile terminal for transmitting the IC card information and the user information of the mobile terminal through a first communication network,
If the subscriber is a financial transaction service subscriber, authentication is performed on the financial transaction user through the validity of the mobile terminal and the validity of the financial IC card based on the user information of the mobile terminal and the encrypted financial IC card information, And an OTP server for generating an OTP according to a predetermined algorithm and transmitting the generated OTP to the mobile terminal through the first communication network. The system according to claim 1, wherein the financial IC card
The financial transaction device encrypts the financial IC card information including the user's ID and OTP serial number (token serial number) assigned by the financial institution using the private key of the symmetric key algorithm, and records the encrypted information. The mobile terminal of claim 1,
A user interface module for confirming that the subscriber is a financial transaction service subscriber based on a password registered by a user in an initial menu for confirming whether the subscriber is a financial transaction service subscriber supplied from a mobile communication company or a financial company,
A short distance communication module for reading the financial IC card information stored in the financial IC card in the case of the financial transaction service subscriber,
And a financial transaction control module for transmitting the financial IC card information including the leading user ID and the OTP serial number and the user information of the mobile terminal to the OTP server through the first communication network through the short distance communication module Wherein said financial transaction device is a financial transaction device. The method according to claim 1,
And a telephone number of the mobile terminal. 5. The apparatus of claim 4, wherein the user interface module comprises:
After downloading the financial transaction service providing application provided through the browser, an initial menu for confirming whether or not the financial transaction service is to be added is created,
And registers the password of the financial transaction service in the OPT server according to the generated initial menu, and confirms whether it is a financial service subscriber based on the password registered at the time of requesting the financial transaction service and the password input through the keypad Financial transaction device. The method according to claim 1 or 4, wherein the OTP server comprises:
A decryption module for receiving the financial IC card information provided from the mobile terminal and decrypting the encrypted financial IC card information using a predefined public key when it is determined that the user is a financial distance service subscriber based on the registered password ;
A financial information storage module in which financial information provided from a financial company is stored,
A financial transaction user authentication module for authenticating a financial transaction user based on the financial IC card information and the user information decrypted by the decryption module and the financial information provided from a financial company;
And an OTP generation module for generating an OTP according to a predefined algorithm when the financial transaction user is valid and transmitting the encrypted OTP to the mobile terminal after encrypting the generated OTP. 7. The method of claim 6,
Performing first authentication for a financial transaction user to determine whether a financial transaction user is valid based on user information of the mobile terminal and financial information of a financial information storage module,
A financial transaction user who determines the validity of the financial IC card based on the user ID and the OTP serial number included in the decrypted financial IC information and the user ID and the OTP serial number included in the financial information, And executes authentication for the financial transaction user by executing the second authentication for the financial transaction user. 2. The apparatus of claim 1,
Further comprising a financial transaction server connected to the mobile terminal through a second communication network and executing a financial transaction using a mobile terminal or a personal computer as an input of an OTP provided from the OTP server. A security communication unit for reading the financial IC card information in response to a financial IC card information request from a mobile terminal, which is a financial transaction service subscriber, and transmitting the read information to the mobile terminal;
And a memory for encrypting and recording financial IC card information supplied from a financial institution. The system according to claim 9,
And the financial IC card information including the user ID and the OTP serial number assigned by the financial institution is encrypted and stored using the private key of the symmetric key algorithm. In order to receive a financial transaction service, a user creates an initial menu for confirming whether the user is a financial transaction service subscriber using an application supplied from a mobile communication company or a financial company, A user interface module for identifying a transaction service subscriber,
A short distance communication module for reading the financial IC card information stored in the financial IC card when the user interface module is confirmed as a financial transaction service subscriber,
And a financial transaction control module for transmitting the financial IC card information and user information read through the short-range communication module to the OTP server through a first communication network. 12. The apparatus of claim 11, wherein the user interface module comprises:
After downloading the financial transaction service providing application provided through the browser, an initial menu for confirming whether or not the financial transaction service is to be added is created,
Registers a password according to the initial menu,
And to confirm whether the subscriber is a financial transaction service subscriber based on the registered password and the password input through the cash pad . 13. The method of claim 12,
And the OTP server includes a phone number of the mobile terminal. A decryption module for decrypting the encrypted financial IC card information by receiving the encrypted financial IC card information read through the mobile terminal when it is determined that the user is a financial distance service subscriber based on the registered password ,
A financial information storage module for receiving and storing financial information including a user ID and an OTP serial number corresponding to a telephone number of the mobile terminal,
A financial transaction user authentication module for authenticating a financial transaction user based on the financial IC card information decrypted by the decryption module, the user information of the mobile terminal and the financial information of the financial information storage module provided from a financial company,
And an OTP generation module for generating an OTP according to a predefined algorithm when the financial transaction user is valid and transmitting the encrypted OTP to the mobile terminal through a first communication network, OTP server. The system of claim 14, wherein the financial transaction user authentication module comprises:
Authentication of the financial transaction user is executed based on whether the financial information matches with the financial IC card information, whether the financial information matches with the user information, and whether the financial information matches the user information and the financial IC card information The OTP server of the financial transaction device. A financial transaction method for authenticating a subscriber of a financial transaction service and executing an authentication procedure for a financial transaction user, the subscriber being connected to the encrypted financial IC card, the mobile terminal, and the OTP server via a communication network,
A service subscription confirming step of confirming whether the subscriber is a financial transaction service subscriber based on the password registered when the financial transaction application is executed through the communication network of the mobile communication company or the financial company in the mobile terminal;
A financial transaction user information transmission step of reading the financial IC card information stored in the financial IC card through the local communication network in the mobile terminal and transmitting the read financial IC card information and the user information of the mobile terminal to the OTP server Wow,
A financial transaction user authentication step of performing financial transaction user authentication on the OTP server based on the received financial IC card information and user information and pre-stored financial information;
And generating an OTP when the financial transaction user is valid through the financial transaction user authentication and transmitting the generated OTP to the mobile terminal. 17. The method according to claim 16,
And a user ID and an OTP serial number provided as financial companies. 17. The method of claim 16,
And a telephone number of the mobile terminal generated by the OTP server. 17. The method according to claim 16,
A financial IC card information including a user ID and an OTP serial number provided from a financial company, and user information including a telephone number of a mobile terminal of a financial trader. 16. The method as claimed in claim 15,
The first authentication for the financial transaction user is executed based on the user information of the mobile terminal and the financial information of the financial information storage module,
The financial IC card information encrypted according to the first authentication result for the financial transaction user is decrypted using the predefined public key,
And the second authentication for the financial transaction user is performed based on the user ID and the OTP serial number included in the decrypted financial IC information, the user ID included in the financial information, and the OTP serial number. 17. The method of claim 16,
When the financial transaction user is valid as a result of the financial transaction user authentication in the OTP server, the OTP server generates an OTP according to a predefined algorithm and transmits the encrypted OTP to the mobile terminal via the first communication network . 17. The method of claim 16,
Further comprising executing a financial transaction using a mobile terminal or a user terminal as an input of an OTP provided from the OTP server at a financial service server connected to the mobile terminal via a second communication network, .


KR1020130027936A 2013-03-15 2013-03-15 Method and apparatus for banking service and method thereof KR20140114511A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020130027936A KR20140114511A (en) 2013-03-15 2013-03-15 Method and apparatus for banking service and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020130027936A KR20140114511A (en) 2013-03-15 2013-03-15 Method and apparatus for banking service and method thereof

Publications (1)

Publication Number Publication Date
KR20140114511A true KR20140114511A (en) 2014-09-29

Family

ID=51758176

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020130027936A KR20140114511A (en) 2013-03-15 2013-03-15 Method and apparatus for banking service and method thereof

Country Status (1)

Country Link
KR (1) KR20140114511A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101512001B1 (en) * 2014-10-08 2015-04-14 주식회사 한국엔에프씨 System and method for user authentication by using a physical financial card and mobile communication terminal
KR20200022194A (en) * 2018-08-22 2020-03-03 엔에이치엔한국사이버결제 주식회사 System and Method for Identification Based on Finanace Card Possessed by User

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101512001B1 (en) * 2014-10-08 2015-04-14 주식회사 한국엔에프씨 System and method for user authentication by using a physical financial card and mobile communication terminal
WO2016056853A1 (en) * 2014-10-08 2016-04-14 주식회사 한국엔에프씨 System for convenient person authentication using mobile communication terminal and actual financial card and method therefor
KR20200022194A (en) * 2018-08-22 2020-03-03 엔에이치엔한국사이버결제 주식회사 System and Method for Identification Based on Finanace Card Possessed by User

Similar Documents

Publication Publication Date Title
US10586229B2 (en) Anytime validation tokens
US20150310427A1 (en) Method, apparatus, and system for generating transaction-signing one-time password
EP2690840B1 (en) Internet based security information interaction apparatus and method
US20140172741A1 (en) Method and system for security information interaction based on internet
KR20120080283A (en) Otp certification device
KR20130061165A (en) Method for providing network type one time password by using a medium for near field communication
KR20140114511A (en) Method and apparatus for banking service and method thereof
KR20170042137A (en) A authentication server and method thereof
KR101710950B1 (en) Method for distributing encrypt key, card reader and system for distributing encrypt key thereof
AU2015200701B2 (en) Anytime validation for verification tokens
KR20130061163A (en) Method for controlling a program by using a medium for near field communication
KR20130080029A (en) Method for displaying network type one time password by using authentication of near field communication medium
KR20130075761A (en) Method for operating network type one time password by using authentication of near field communication medium
KR20100136379A (en) System and method for settling mobile phone by multiple code creation mode network otp authentication and recording medium
KR20100136371A (en) System and method for settling mobile phone by seed combination mode's otp authentication and recording medium
KR20100136318A (en) System and method for creating otp by code combination mode with index exchange and recording medium
KR20130075762A (en) System for operating network type one time password
KR20100136370A (en) System and method for settling mobile phone by otp authentication and recording medium
KR20130061166A (en) Method for displaying network type one time password by using a medium for near field communication
KR20130061164A (en) Method for acting a program by using a medium for near field communication
KR20100136373A (en) System and method for settling mobile phone by multiple code creation mode's otp authentication and recording medium
KR20100136377A (en) System and method for settling mobile phone by multiple code creation mode network otp authentication and recording medium
KR20100136380A (en) System and method for settling mobile phone by multiple authentication mode network otp authentication and recording medium
KR20100136324A (en) System and method for settling mobile phone by multiple code creation mode's otp authentication with index exchange and recording medium
KR20100136334A (en) System and method for mobile payment by using otp authentication with customer's media and recording medium

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E601 Decision to refuse application