KR20140137223A - System and Method for Payment using Encrypted Card Information - Google Patents
System and Method for Payment using Encrypted Card Information Download PDFInfo
- Publication number
- KR20140137223A KR20140137223A KR1020130057881A KR20130057881A KR20140137223A KR 20140137223 A KR20140137223 A KR 20140137223A KR 1020130057881 A KR1020130057881 A KR 1020130057881A KR 20130057881 A KR20130057881 A KR 20130057881A KR 20140137223 A KR20140137223 A KR 20140137223A
- Authority
- KR
- South Korea
- Prior art keywords
- key
- card information
- pos terminal
- server
- module
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Cash Registers Or Receiving Machines (AREA)
Abstract
A system for encrypting card information according to the present invention reads card information, encrypts the read card information using a public key provided from a key distribution server to generate encrypted card information, To a POS terminal; And a POS terminal for transmitting the public key provided from the key distribution server to the card reader module and transmitting the encrypted card information to the VAN server.
Description
The present invention relates to a point-of-sale (POS) system and a card information encryption and payment method using the POS system. More specifically, the present invention relates to a POS system for encrypting card information and providing the card information to a Value Added Network Server (VAN Server) The present invention relates to an encryption settlement method.
As card settlement becomes generalized, it is practically difficult to provide each terminal connected to each credit card in the position of a card merchant, so the settlement proxy server is used. The VAN server performs various roles, but typically receives the payment request from the merchant, transmits the request to the credit card company, receives the result of approval / inquiry, and transmits the result to the merchant.
Figure 1 shows a typical payment system. 1, a general payment system includes a point of sale (POS)
Referring again to FIG. 1, the
However, as described above, the
It is an object of the present invention to provide a method for securely encrypting card information from both hardware and software levels and using the information for payment.
At the same time, it avoids the use of security solutions through security vendors and provides a security system that can be controlled by VAN servers, which causes problems in authorization transactions due to software-software, software-hardware or software- The other purpose is to build a system that can solve problems on its own without going through a security company.
Another object of the present invention is to provide a method for supporting a plurality of VAN servers in one POS terminal and simultaneously managing autonomous / independent encryption keys by each VAN company.
A system for encrypting card information according to the present invention reads card information, encrypts the read card information using a public key provided from a key distribution server to generate encrypted card information, To a POS terminal; And a POS terminal for transmitting the public key provided from the key distribution server to the card reader module and transmitting the encrypted card information to the VAN server.
In addition, the card reader module may process the at least a portion of the read card information to generate scratched card information, and transmit the scratched card information to the POS terminal.
Also, the POS terminal may generate an approval request telegram based on the received scratch card information, and may transmit the approval request telegram to the VAN server.
The system may further include a VAN server having a private key corresponding to the public key and decrypting the received encrypted card information with the private key.
The VAN server may generate a public key and a corresponding private key to transmit the public key to the key distribution server.
The system may further include a key distribution server for receiving each public key from at least one VAN server and transmitting the public key to the POS terminal.
The key distribution server may encrypt the public key with an encryption key matched with the unique information of the card reader module and transmit the encryption key to the POS terminal.
The card reader module may be provided with at least one public keys corresponding to each of the at least one VAN servers from the key distribution server, encrypting the read card information with the at least one public keys, And generate encrypted card information.
A card information encryption settlement method according to the present invention comprises: reading a card information from a card reader module; The card reader module encrypts the read card information using a public key provided from a key distribution server to generate encrypted card information; The card reader module transmitting the encrypted card information to the POS terminal; And the POS terminal transmitting the encrypted card information to the VAN server.
Also, the public key provided from the key distribution server may be transmitted to the card reader module by the POS terminal.
In addition, the VAN server may have a private key corresponding to the public key, and the method may further include the step of the VAN server decrypting the received encrypted card information with the private key.
The method may further include the step of the key distribution server receiving each public key from at least one VAN server and transmitting the public key to the POS terminal.
According to the present invention, the card information read by the card reader module is securely encrypted and provided to the POS terminal, thereby improving the security of the card payment system.
Further, by using a software module serving as a simple gateway, there is an effect of significantly lowering the possibility of occurrence of a failure in the settlement system due to a conflict with the environment of the POS terminal, that is, the version of the operating system, installed modules, drivers, software,
Further, since the key management entity becomes each VAN provider, it is possible to independently manage the encryption without depending on the security company, and it is possible to instantly cope with the failure situation, thereby minimizing the failure time or the damage scale.
In addition, it is possible to apply the solution without modifying the existing POS module installed in the POS terminal, and furthermore, realize a multi-VAN function that enables a plurality of VAN servers to be securely encrypted in one POS terminal.
Figure 1 shows a typical payment system.
Figure 2 shows a software-based encrypted payment system.
Figure 3 shows an encrypted payment system in a combination of hardware and software.
Fig. 4 conceptually shows the structure of the card reader module shown in Fig.
5 shows a method of encrypting and providing a public key to a card reader module.
6 specifically shows a method of providing an encryption key in the key distribution server.
FIG. 7 specifically shows a method of providing a public key in the key distribution server.
Figure 2 shows a software-based encrypted payment system. The software billing system shown in FIG. 2 includes a
Card information read from the
The
The
The
The software-based payment system has the following advantages. The
However, such a software-based payment system has some disadvantages. In particular, even if the
Another problem is that the
Figure 3 shows an encrypted payment system in a combination of hardware and software. 3 includes a
Referring to FIG. 3, the
The removal of the
Fig. 4 conceptually shows the structure of the card reader module shown in Fig.
4, the
One example of the specifications of the components of the
Referring again to FIG. 3, the
The public key is provided by the
Hereinafter, a method of implementing a multi-VAN in the payment system of FIG. 3 will be described. The
The
This method is particularly useful in that the
The payment system shown in FIG. 3 may also function in other ways. It is assumed that the first
The above-described payment system described with reference to FIG. 3 has the following advantages. First, since the card information is encrypted in the
Hereinafter, a method of encrypting and providing a public key in the
5 shows a method of encrypting and providing a public key to a card reader module. Although not shown in some of the constituent elements described with reference to Figs. 1 to 4 for convenience of explanation, it is understood that the constituent elements still implement the aforementioned functions properly on the settlement system.
Referring to the POS system, the
Now, the
When the VAN code indicating the VAN server to be used by the
The
According to the method described with reference to FIG. 5, since both the symmetric encryption algorithm and the asymmetric encryption algorithm are used, it is practically impossible to attempt hacking from the outside without understanding the entire encryption process. That is, even if the hacking program provides the self-generated public key by the
6 specifically shows a method of providing an encryption key in the key distribution server. The
The
The advantages of the method described with reference to FIG. 6 are as follows. Finally, the encryption key used to encrypt the public key is encrypted and transmitted with the authentication key. The authentication key is managed only on the
In the drawings used in this specification, it is described that the
FIG. 7 specifically shows a method of providing a public key in the key distribution server. FIG. 7 assumes that the encryption key is encrypted with the authentication key and transmitted to the
Referring again to FIG. 5, the
It will be appreciated by those skilled in the art that the block diagrams disclosed herein are conceptual representations of the circuitry for implementing the principles of the invention. Likewise, any flow chart, flow diagram, state transitions, pseudo code, etc., may be substantially represented in a computer-readable medium to provide a variety of different ways in which a computer or processor, whether explicitly shown or not, It will be appreciated by those skilled in the art. Therefore, the above-described embodiments of the present invention can be realized in a general-purpose digital computer that can be created as a program that can be executed by a computer and operates the program using a computer-readable recording medium. The computer-readable recording medium includes a storage medium such as a magnetic storage medium (e.g., ROM, floppy disk, hard disk, etc.), optical reading medium (e.g., CD ROM,
The functions of the various elements shown in the figures may be provided through use of dedicated hardware as well as hardware capable of executing the software in association with the appropriate software. When provided by a processor, such functionality may be provided by a single dedicated processor, a single shared processor, or a plurality of individual processors, some of which may be shared. Also, the explicit use of the term " processor "or" control unit "should not be construed to refer exclusively to hardware capable of executing software and includes, without limitation, digital signal processor May implicitly include memory (ROM), random access memory (RAM), and non-volatile storage.
In the claims hereof, the elements depicted as means for performing a particular function encompass any way of performing a particular function, such elements being intended to encompass a combination of circuit elements that perform a particular function, Or any form of software, including firmware, microcode, etc., in combination with circuitry suitable for carrying out the software for the processor.
Reference throughout this specification to " one embodiment " of the principles of the invention and various modifications of such expression in connection with this embodiment means that a particular feature, structure, characteristic or the like is included in at least one embodiment of the principles of the invention it means. Thus, the appearances of the phrase " in one embodiment " and any other variation disclosed throughout this specification are not necessarily all referring to the same embodiment.
In this specification, the expression 'at least one of' in the case of 'at least one of A and B' means that only the selection of the first option (A) or only the selection of the second listed option (B) It is used to encompass the selection of options (A and B). As an additional example, in the case of 'at least one of A, B and C', only the selection of the first enumerated option (A) or only the selection of the second enumerated option (B) Only the selection of the first and second listed options A and B or only the selection of the second and third listed options B and C or the selection of all three options A, B, and C). Even if more items are listed, they can be clearly extended to those skilled in the art.
The present invention has been described with reference to the preferred embodiments. It is to be understood that all embodiments and conditional statements disclosed herein are intended to assist the reader in understanding the principles and concepts of the present invention to those skilled in the art, It will be understood that the invention may be embodied in various other forms without departing from the spirit or essential characteristics thereof. Therefore, the disclosed embodiments should be considered in an illustrative rather than a restrictive sense. The scope of the present invention is defined by the appended claims rather than by the foregoing description, and all differences within the scope of equivalents thereof should be construed as being included in the present invention.
100: POS terminal
120: Security module
130: Registries
140: POS module
150: Communication module
160: Gateway module (GW module)
110: card reader module
111: MSR HEAD
112: CPU (Propeller)
113: Memory
114: decoder
115: Connection Interface
200: Key distribution server (system)
210: Gateway server (GW server)
220: Key management server
221: AP System (Access Point System)
222: Host Security Module (HSM)
223: MSR DB
224: Software module
300: VAN server
400: Security Server
Claims (19)
A POS terminal for transmitting the public key provided from the key distribution server to the card reader module and transmitting the encrypted card information to the VAN server;
Wherein the card information is encrypted.
Wherein the card reader module generates scratch card information by performing at least a part of the read card information in a non-disclosure process, and transmits the scratched card information to the POS terminal.
Wherein the POS terminal generates an approval request telegram based on the received scratch card information, and transmits the approval request telegram to the VAN server.
A VAN server having a private key corresponding to the public key and decrypting the received encrypted card information with the private key;
Further comprising the step of:
Wherein the VAN server generates a public key and a corresponding private key to transmit the public key to the key distribution server.
A key distribution server receiving each public key from at least one VAN server and transmitting the public key to the POS terminal;
Further comprising: a card information encrypting system for encrypting the card information.
Wherein the key distribution server encrypts the public key with an encryption key that matches the unique information of the card reader module and transmits the encryption key to the POS terminal.
Wherein the card reader module is provided with at least one public keys corresponding to each of the at least one VAN servers from the key distribution server.
Wherein the card reader module encrypts the read card information with the at least one public keys to generate at least one encrypted card information.
The card reader module encrypts the read card information using a public key provided from a key distribution server to generate encrypted card information;
The card reader module transmitting the encrypted card information to the POS terminal; And
The POS terminal transmitting the encrypted card information to the VAN server;
The method comprising the steps of:
And the public key provided from the key distribution server is transmitted to the card reader module by the POS terminal.
Wherein the card reader module generates scratch card information by performing at least a part of the read card information in a non-disclosure process, and transmits the scratched card information to the POS terminal.
Wherein the POS terminal generates an approval request telegram based on the received scratch card information, and transmits the approval request telegram to the VAN server.
Wherein the VAN server has a private key corresponding to the public key,
And the VAN server decrypts the received encrypted card information with the private key.
Wherein the VAN server generates a public key and a corresponding private key to transmit the public key to the key distribution server.
Further comprising the step of the key distribution server receiving each public key from at least one VAN server and transmitting the public key to the POS terminal.
Wherein the key distribution server encrypts the public key with an encryption key that matches the unique information of the card reader module and transmits the encryption key to the POS terminal.
Wherein the card reader module is provided with at least one public keys corresponding to each of the at least one VAN servers from the key distribution server.
Wherein the card reader module encrypts the read card information with the at least one public keys to generate at least one encrypted card information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020130057881A KR20140137223A (en) | 2013-05-22 | 2013-05-22 | System and Method for Payment using Encrypted Card Information |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020130057881A KR20140137223A (en) | 2013-05-22 | 2013-05-22 | System and Method for Payment using Encrypted Card Information |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20140137223A true KR20140137223A (en) | 2014-12-02 |
Family
ID=52457160
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020130057881A KR20140137223A (en) | 2013-05-22 | 2013-05-22 | System and Method for Payment using Encrypted Card Information |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20140137223A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20160137051A (en) * | 2015-05-22 | 2016-11-30 | 한국정보통신주식회사 | Method for distributing encrypt key, terminal, card reader and system for distributing encrypt key thereof |
WO2016195198A1 (en) * | 2015-06-01 | 2016-12-08 | 주식회사 나우앤페이 | Credit card affiliated store terminal, payment system including same, and method for operating payment system using same |
KR20170105152A (en) * | 2016-03-08 | 2017-09-19 | 주식회사 빅솔론 | Method for controlling payment application for improving security and apparatus having the payment application |
KR20180006123A (en) * | 2016-07-08 | 2018-01-17 | 주식회사 한국스마트카드 | Method for encrypting card information and system for the same |
KR20190081192A (en) * | 2017-12-29 | 2019-07-09 | 한국정보통신주식회사 | A server for precessing approvals of payments, a payment terminal apparatus and a method of operating it |
US11727403B2 (en) | 2019-05-20 | 2023-08-15 | Samsung Electronics Co., Ltd. | System and method for payment authentication |
-
2013
- 2013-05-22 KR KR1020130057881A patent/KR20140137223A/en not_active Application Discontinuation
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20160137051A (en) * | 2015-05-22 | 2016-11-30 | 한국정보통신주식회사 | Method for distributing encrypt key, terminal, card reader and system for distributing encrypt key thereof |
WO2016195198A1 (en) * | 2015-06-01 | 2016-12-08 | 주식회사 나우앤페이 | Credit card affiliated store terminal, payment system including same, and method for operating payment system using same |
KR20170105152A (en) * | 2016-03-08 | 2017-09-19 | 주식회사 빅솔론 | Method for controlling payment application for improving security and apparatus having the payment application |
KR20180006123A (en) * | 2016-07-08 | 2018-01-17 | 주식회사 한국스마트카드 | Method for encrypting card information and system for the same |
KR20190081192A (en) * | 2017-12-29 | 2019-07-09 | 한국정보통신주식회사 | A server for precessing approvals of payments, a payment terminal apparatus and a method of operating it |
US11727403B2 (en) | 2019-05-20 | 2023-08-15 | Samsung Electronics Co., Ltd. | System and method for payment authentication |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101449644B1 (en) | POS System and Method for Payment using Encrypted Card Information | |
US11876905B2 (en) | System and method for generating trust tokens | |
US11531985B2 (en) | Multi-approval system using M of N keys to generate a sweeping transaction at a customer device | |
US10904002B2 (en) | Token security on a communication device | |
CN108027926B (en) | Authentication system and method for service-based payment | |
JP6438989B2 (en) | Apparatus and method for secure element transaction and asset management | |
JP2022177233A (en) | Authentication systems and methods using location matching | |
RU2631983C2 (en) | Data protection with translation | |
US10135614B2 (en) | Integrated contactless MPOS implementation | |
US8214298B2 (en) | Systems and methods for performing wireless financial transactions | |
KR101401675B1 (en) | System and method for providing public key for encrypting card information | |
US10673622B2 (en) | Cryptographic shader in display hardware | |
US10366250B1 (en) | Systems and methods for protecting personally identifiable information during electronic data exchanges | |
US10733598B2 (en) | Systems for storing cardholder data and processing transactions | |
KR20140137223A (en) | System and Method for Payment using Encrypted Card Information | |
US10430789B1 (en) | System, method and computer program product for secure retail transactions (SRT) | |
US20150248668A1 (en) | Secure mobile device transactions | |
US10410210B1 (en) | Secure generation and inversion of tokens | |
US20150206117A1 (en) | Usb-hid wireless beacons connected to point of sale devices for communication with communication devices | |
JP2013529804A (en) | Method and system for data encryption, decryption and segmentation of a secure order management system | |
KR101517914B1 (en) | Pos system and managing method for public key of the same | |
KR101803786B1 (en) | Pos terminal, card reader, system and method for distributing encrypt key thereof | |
US20220138760A1 (en) | Dynamic Ledger Address Masking | |
KR101849209B1 (en) | Pos terminal, card reader, system and method for distributing encrypt key thereof | |
JP6757988B2 (en) | Information security method and information security system using key synchronization |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |