KR20140139167A - Method for providing server type one time code for medium separation by using user's handheld type medium - Google Patents

Abstract

The present invention relates to a method for providing a server type of a disposal code based on medium separation using the portable medium of users. More specifically, according to the present invention, a method for providing a server type of a disposal code based on medium separation using the portable medium of users uses; wireless terminals having a program which interfaces with the portable medium of users; and the portable medium of users which is performed by servers performing communication. In the present invention, the method for providing a server type of a disposal code based on medium separation comprises a step of storing authentication information in a designated storage medium to receive the disposal code of designated digits generated in a non-stationary state on a network and to output the same via the program of wireless terminals recognizing the portable medium of users.

Description

Technical Field [0001] The present invention relates to a method of providing a server-type disposable code based on a media separation using a portable medium of a user,

The present invention authenticates a wireless terminal of a user having a program that interfaces with a portable medium owned by a user in a noncontact manner with a disposable code-based authentication medium that receives and outputs a specified number of one-time codes dynamically generated on the network, A predetermined number of one-time codes dynamically generated on the network by a program of the wireless terminal and outputs the disposable code.

In order for the disposable code called so-called OTP (One Time Password) to be used for payment settlement or financial transaction, it is necessary to establish the condition of "separation of media" in Article 34.2. Currently, the Financial Supervisory Service (FSS) determines which method meets the conditions for media separation. Currently, the method that can be recognized as media separation is OTP, which is dynamically generated through a sealed OTP generator and OTP card, Only the method of inputting to the medium is recognized as the medium separation.

However, it is inconvenient because a user must possess an OTP-based authentication medium such as an OTP generator and an OTP card. In addition, in order to produce such an OTP-based authentication medium, And an error occurs frequently due to an erroneous input in the process of inputting a dynamically generated OTP to the terminal through the OTP card.

An object of the present invention to solve the above problems is to provide an apparatus and a method for receiving authentication information for processing to receive and output a specified number of one-time codes dynamically generated on a network through a program of a wireless terminal that has recognized a portable medium owned by a user (M > = 2) parameter information transmitted through a program of a wireless terminal that recognizes the portable medium and stored in a designated storage medium, There is provided a media separation based server type disposable code providing method using a portable medium of a user providing a predetermined number of one-off codes dynamically generated on a network in a case where the validity of parameter information is authenticated, .

A method of providing a server-type disposable code using a portable medium according to the present invention is a method of providing a server-type disposable code using a portable medium of a user, which is executed by a server capable of communicating with a wireless terminal having a program A method of providing a server-type disposable code according to the present invention is a method of providing a server-type disposable code for a media separation, the method comprising the steps of: determining authentication information for processing to receive and output a specified number of one- (M > = 2) pieces of parameter information transmitted through a program configured through a program of a wireless terminal that recognizes the portable medium, according to a specified procedure; The validity of m (1? M? M) pieces of parameter information through the storage medium And a fourth step of processing the specified number of one-time codes dynamically generated on the network to be provided to the program of the wireless terminal when the validity of the parameter information is authenticated. Meanwhile, the portable medium includes at least one code image medium, such as a card, an apparatus, and a tag, which can print or electronically output a recognizable code image through a camera unit provided in the wireless terminal, and a proximity wireless communication unit And a medium in which at least one or more of at least one of a wireless IC card, an RF card, an RF device, and a RFID, which can be recognized by transmitting and receiving a radio frequency signal, is coupled.

According to the present invention, the authentication information includes information for identifying the communication means of the wireless terminal, information for authenticating whether the wireless terminal having the program has a valid physical configuration unit, Information for verifying whether or not a program included in the wireless terminal is falsified or altered, information for authenticating a user using the program provided in the wireless terminal, and information for authenticating the portable medium. have.

According to the present invention, when the portable medium includes a proximity wireless communication medium, the program is activated or activated by interfacing the proximity wireless communication medium through a proximity wireless communication unit provided in the wireless terminal through proximity wireless communication .

According to another aspect of the present invention, there is provided a method of providing a server-type disposable code using a portable medium of a user, comprising the steps of: registering media identification information for identifying a portable medium owned by the user and processing the stored media identification information to be stored in a designated storage medium .

According to another aspect of the present invention, there is provided a method for providing a server-type disposable code for a media separation based on a portable medium of a user, the method comprising: if the portable medium includes a proximity wireless communication medium, And a step of processing the information set to be stored in the specified security medium. Meanwhile, the security medium may include a key management server provided on the network so as to correspond to the proximity wireless communication medium, a universal subscriber identity module (USIM) mounted or detached from the wireless terminal, an integrated circuit (IC) chip, At least one of a Secure Element (SE), a storage medium for storing the authentication information, and a Trusted Service Management (TSM) on a network capable of communicating with the wireless terminal.

According to another aspect of the present invention, there is provided a method of providing a server-type disposable code for a media separation based on a portable medium of a user, wherein when the portable medium includes a proximity wireless communication medium, And providing a set of information to the program of the wireless terminal.

According to the present invention, the specified number of one-time codes may include dynamically generated N (N? 2) -digit codes or n (1? N <N) codes among the N-digit codes. (Nn) codes may be generated through the processor of the portable medium, generated through the program, loaded on the wireless terminal, or transmitted to the wireless terminal, Or through a processor of at least one Secure Element (SE) among a Universal Subscriber Identify Module (USIM), an Integrated Circuit (IC) chip, and an external memory chip.

According to another aspect of the present invention, there is provided a method of providing a server-type disposable code for a media separation using a portable medium of a user, the method comprising the steps of: And the step of confirming whether or not it is possible.

According to another aspect of the present invention, there is provided a method for providing a server-type disposable code for a media separation based on a portable medium of a user, the method further comprising performing a procedure for authenticating a user using the program through a program installed in the user's wireless terminal can do.

According to the present invention, in the third step, when the m pieces of parameter information are authenticated, the wireless terminal in a state in which the program for recognizing the portable medium is activated may be authenticated as a one-time medium for outputting the one-time code.

According to the present invention, the parameter information is information that is recognized from the portable medium and which drives the program, information on the program in which the portable medium is recognized and driven, information generated in accordance with a designated procedure of the program, Information that is recognized from the portable medium, information that the program recognizes information recognized from the portable medium, and information that the program recognizes and acquires from the portable medium. Meanwhile, the parameter information may include unique information stored in the memory unit or SE of the wireless terminal. Alternatively, the parameter information may include hash information hashed hash corresponding to the program. The parameter information may further include PIN information registered by a user using the program of the wireless terminal. Alternatively, the parameter information may further include at least one of information inputting information displayed on the user terminal used by the user, and information generated by the program using the information displayed on the user terminal.

According to the present invention, there is provided a method of providing a server-type disposable code for a media separation based on a user's portable medium, the method comprising the steps of: Inputting the seed value into the designated code generation algorithm to process the specified number of one-time codes to be dynamically generated.

According to the present invention, there is provided a method of providing a server-type disposable code for a media separation based on a user's portable medium, the method comprising the steps of: generating at least one piece of disposable code from the M parameter information when validity of the m pieces of parameter information is authenticated; (K &gt; = 2) seed values for generating the one-time use code so as to generate a specified number of one-time codes dynamically can do.

According to the present invention, the specified number of one-off codes can be generated in the server or generated through a code server associated with the server.

According to the present invention, there is provided a method of providing a server-type disposable code for a media separation based on a portable medium of a user, comprising: a fifth step of confirming a disposable code transmitted through a user terminal used by the user after being provided as a program of the wireless terminal; A sixth step of validating the validity of the disposable code, and a seventh step of providing a result of authenticating the validity of the disposable code to the program or the user terminal of the wireless terminal.

According to the present invention, in the sixth step, the server authenticates the validity of the one-time code or authenticates the validity of the one-time code through a code server associated with the server, and receives a result of authenticating the one- can do.

According to the present invention, there is provided a method of providing a server-type disposable code for a media separation based on a portable medium of a user, comprising the steps of: performing a payment transaction or a financial transaction procedure requested from the user terminal when the validity of the one- And the seventh step may provide a result of performing the payment settlement or financial transaction procedure.

According to the present invention, by recognizing a user-owned portable medium physically separated from a user's wireless terminal as a medium recognition unit of a wireless terminal, a wireless terminal in a state in which a program for interfacing with the portable medium is activated is authenticated as a disposable code- Generates a disposable code on a server physically separated from the wireless terminal, and outputs the generated disposable code as if it was generated through a program of the wireless terminal, thereby enabling not only the user terminal physically separated from the wireless terminal but also the wireless terminal It is advantageous to provide a disposable code-based authentication medium at low cost without inconvenience in use compared to the conventional OTP-based authentication medium while establishing the conditions for medium separation.

FIG. 1 is a diagram illustrating a configuration of a server-type disposable code system based on a media separation according to an embodiment of the present invention.
2 is a functional block diagram of a wireless terminal and a program according to an embodiment of the present invention.
3 is a diagram illustrating an information registration process for authenticating a wireless terminal in a state in which a program interfacing with a portable medium is activated according to an embodiment of the present invention, using a disposable code-based authentication medium.
4 is a diagram illustrating a process of recognizing a proximity wireless communication medium according to an embodiment of the present invention.
5 is a diagram illustrating a process of recognizing a code image medium according to another embodiment of the present invention.
6 is a flowchart illustrating a method of authenticating a wireless terminal in a state in which a program for interfacing with a portable medium is operated using a disposable code-based authentication medium according to an embodiment of the present invention to provide a predetermined number of one- FIG.
FIG. 7 is a diagram illustrating an authentication process of a disposable code according to an embodiment of the present invention.

The operation principle of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention. For example, it is possible that a configuration provided on the server side is implemented on the terminal side, or conversely, a configuration portion provided on the terminal side is implemented on the server side.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

FIG. 1 is a diagram showing a configuration of a server-type disposable code system based on a media separation according to an embodiment of the present invention.

In more detail, FIG. 1 illustrates a one-time code (hereinafter, referred to as &quot; one-time code &quot;) that receives a specified number of one-time codes dynamically generated on a network and outputs the disposable code of a user, the user's wireless terminal 200 having a program 235 that interfaces with a portable medium owned by a user in a non- Based authentication medium and provides a specified number of one-time codes dynamically generated on the network by the program 235 of the authenticated wireless terminal 200, and outputs the disposable codes. FIG. Those skilled in the art will be able to refer to and / or modify the FIG. 1 to understand various implementations of the configuration of the media separation based server type disposable code system (e.g., some configuration portions may be omitted, or fragmented, However, it should be understood that the present invention is not limited to the embodiments described above, To be made, the technical features are not limited only with the exemplary method shown in the figure 1. For example, the notation such as &quot; designated server &quot; or &quot; separate server &quot; shown in FIG. 1 may be implemented by performing a part of the functions of the configuration unit shown in FIG. 1, In this case, the configuration unit shown in FIG. 1 may be implemented in a form that requests the server to perform or perform a part of the function in response to the specified path or receives the result.

The media separation based server type disposable code system of the present invention includes a program 235 capable of communicating with a user's wireless terminal 200 having a program 235 for interfacing with a portable medium owned by the user, ) Of the wireless terminal (200) in the activated or activated state as a disposable code-based authentication medium for outputting a disposable code; And an operation server 100 that performs a process of processing the program to be provided to the program 235. Meanwhile, the operation server 100 shown in FIG. 1 is an example of a system configuration for explaining an embodiment in which a media separation based server type disposable code system is implemented. In the media separation based server type disposable code system of the present invention, But is limited to being implemented in one server corresponding to the operation server 100 or is not limited by the physical / logical name of the server corresponding to the operation server 100. [ According to an embodiment of the present invention, a media separation based server type disposable code system is implemented through a single server implemented by a specific business entity as shown in FIG. 1, The present invention can be implemented in the form of a functional module added to a server or in a server provided, or a combination of the above-described respective methods. Lt; RTI ID = 0.0 &gt; embodiment, &lt; / RTI &gt; Therefore, each component of the operational server 100 shown in FIG. 1 can be modified in various forms in accordance with the number and type of servers implementing the media separation based server type disposable code system, The invention includes all such modifications as are possible.

The user's wireless terminal 200 is a collective term for a portable wireless communication device owned or used by a user possessing at least one portable medium, and may preferably include a user's cellular phone, a smart phone, a tablet PC, and the like. The user's wireless terminal 200 includes a medium recognition unit 220 capable of recognizing the portable medium owned by the user and the program 235 is transmitted to the portable medium of the user through the medium recognition unit 220, Interface. A preferred embodiment of the wireless terminal 200 will be described with reference to FIG.

According to the present invention, the portable medium recognized through the medium recognition unit 220 of the wireless terminal 200 may be a program that is dynamically generated on the network and stored in the disposable code displayed on the program 235 of the wireless terminal 200, A condition for establishing a condition for establishing a condition for establishing a condition for establishing a media separation and simultaneously authenticating a wireless terminal (200) in a state in which a program (235) And is realized in a form that can be recognized without being in contact with the wireless terminal 200 in a separated state.

According to an embodiment of the present invention, the portable medium may include at least one of a card, a device, and a tag capable of being printed or an electronically outputable code image through a camera unit 215 provided in the wireless terminal 200 An image medium, and at least one of a proximity wireless IC card, an RF card, an RF device, and an RFID that can recognize and transmit a radio frequency signal through a proximity wireless communication unit 210 provided in the wireless terminal 200 And may include media in which one or more are combined. In the case where the portable medium is a code image medium, the medium recognition unit 220 of the wireless terminal 200 includes a camera unit 215 provided in the wireless terminal 200, The medium recognition unit 220 of the wireless terminal 200 may include a proximity wireless communication unit 210 implemented by an NFC (Near Field Communication) chip included in the wireless terminal 200. [ For example, the portable medium may be manufactured in the form of a card on which a code image (for example, a two-dimensional barcode or the like) is printed, a form of a contactless IC card on which a code image is printed, and the like.

The operating server 100 is a collective term of a server that can communicate directly with a program 235 provided in the user's wireless terminal 200 according to a designated communication protocol or relay communication via a designated relay server, (E.g., a card company, a bank, a brokerage company, etc.) that uses a disposable code-based authentication procedure, a server provided in an institution that relays a disposable code based authentication procedure , An insurance company, a portal, a content provider, a game company, and the like), or a combination of two or more of them.

Referring to FIG. 1, the operation server 100 includes a membership subscription / authentication unit 105 for subscribing or authenticating a user of a program 235 provided in the wireless terminal 200 as a member. If the wireless terminal 200 in which the program 235 is interfaced with the portable medium is authenticated as a disposable code-based authentication medium (for example, the program 235 included in the wireless terminal 200) (I.e., validation of validity of a portable medium) or authentication of a disposable code-based authentication medium is possible only by authentication that a user has a portable medium), the membership subscription / authentication unit 105 may be omitted and the present invention is not limited thereto .

The member subscription / authentication unit 105 communicates with the program 235 included in the wireless terminal 200 and receives user information (e.g., name, resident registration number, IPIN, etc.) input through the program 235 , A unique ID identifying the user as a member account input by the user or an internally allocated eigenvalue is registered and registered in the designated member D / B (not shown) The user information may be registered in the member D / B, partially registered, or omitted.

According to the embodiment of the present invention, the membership subscription / authentication unit 105 may be connected to a server of a media issuing organization (for example, a card company, a bank, etc.) issuing portable media owned by the user, It is possible to authenticate a user using the program 235 through a program 235 provided in the terminal 200 and to verify whether the user is a valid owner or user of the portable medium. Some of the information may be shared with the medium issuing authority. When verifying that the user is a valid owner or user of the portable media, the unique identifier may be registered in the member D / B if the user is verified as a valid owner or user of the portable media. According to the method of the present invention, the unique identifier is received from the user whenever the user processes the one-time code-based authentication using the program 235, 230 or an embedded chip such as a Universal Element Identifier Module (USIM), an Integrated Circuit (IC) chip or an external memory (eg, SD memory) mounted on or detached from the wireless terminal 200 ), The user can perform a procedure of receiving and authenticating in the course of processing the disposable code based authentication using the program 235. [

Referring to FIG. 1, the operation server 100 includes a program authentication unit 110 that performs a procedure for authenticating the validity of a program 235 included in the wireless terminal 200. If the operation server 100 is provided to an organization other than the organization that manufactures or operates the program 235, the validity authentication of the program 235 may be performed by a designated program May be processed by a picture management server (not shown), in which case the program authentication unit 110 may be omitted.

The program authentication unit 110 performs a procedure for authenticating the validity of the program 235 using one or more of the first through sixth program authentication methods described in the description of FIG. The validity authentication can be performed in combination with the membership procedure, and thus the present invention is not limited thereto. A preferred embodiment of the program authentication procedure will be described with reference to FIG.

In the present invention, the validity authentication of the program 235 included in the wireless terminal 200 can be performed at least once after the program 235 is downloaded and mounted in the wireless terminal 200, One or more of the first to sixth program authentication methods described in the description of the first to sixth program authentication methods may be used. Meanwhile, the validity authentication for the program 235 included in the wireless terminal 200 can be repeatedly performed each time a predetermined number of one-time codes generated on the network through the program 235 are received and output, , Preferably at least one of the first to sixth program authentication schemes described in the description of FIG. 2 (for example, a scheme that can be performed without user input) can be used. In the present invention, the validity authentication for the program 235 is a necessary condition for authenticating the wireless terminal 200 in a state in which the program 235 that interfaces with the portable medium is activated, as the disposable code-based authentication medium.

According to an embodiment of the present invention, the program authentication unit 110 may be configured to perform one or more of the programs 235 of the wireless terminal 200 and the first to sixth program authentication methods described in the description of FIG. 2, It is possible to confirm whether the program 235 recognizing the portable medium is loaded on the user's wireless terminal 200 by performing a communication procedure according to the combined method.

According to an embodiment of the present invention, the program authentication unit 110 may be configured to perform the authentication of the membership authentication / authentication unit 105 and / or the one or more of the first to sixth program authentication methods described in the description of FIG. 2 And performs a procedure of authenticating a user using the program 235 through a program 235 provided in the user's wireless terminal 200 through a modification or combination thereof. For example, the program authentication unit 110 provides the user information registered through the membership subscription / authentication unit 105 and the communication number (e.g., telephone number, etc.) of the wireless terminal 200 as a communication company, The user can perform authentication of the user.

According to the embodiment of the present invention, when the validity of the program 235 is authenticated, the program authenticating unit 110 determines an app authentication value (= unique information) for uniquely identifying and authenticating the program 235 And the determined application authentication value may be provided to the user's wireless terminal 200 through the program 235 and stored in the memory unit 230 or the SE.

Referring to FIG. 1, the operation server 100 receives a specified number of one-time codes dynamically generated on a network through a program 235 of a wireless terminal 200 that has recognized a portable medium owned by the user, And stores the authentication information in the designated storage medium 180 in order to process the authentication information. The storage medium 180 may be provided in the operation server 100 or may be provided in a separate server that can be interlocked with the operation server 100 and may be a part of the storage medium 180 , A medium for storing a part of the authentication information) may be provided in the operation server 100 and a part of the authentication server may be provided in a separate server.

The information storage unit 115 stores at least one unique information (e.g., a unique identifier of a user) identified in the process of membership registration by the member registration / authentication unit 105, the program authentication unit 110 The unique information received from the program 235 in the course of authenticating the validity of the program 235 included in the wireless terminal 200 and the unique information allocated to the program 235 during the authentication of the program 235 A program 235 for interfacing one or more unique information of the unique information stored in the memory unit 230 or SE of the wireless terminal 200 with the portable medium through the program 235 in the authentication process of the program 235, The wireless terminal 200 in the activated state is stored in the storage medium 180 specified as the authentication information for authenticating the disposable code-based authentication medium. The information storage unit 115 may store the authentication information in the storage medium 180 when the operation server 100 is provided in the storage medium 180. The information storage unit 115 may store the authentication information in the storage medium 180, When the storage server 180 (or a part of the storage medium 180) is provided in the storage server, the information storage unit 115 may request the storage server to store the unique information as the authentication information .

The information storage unit 115 may request at least one piece of authentication information from the program 235 included in the wireless terminal 200 and may transmit the program 235 of the wireless terminal 200, The wireless terminal 200 in the state in which the program 235 for interfacing with the portable medium is activated may be stored in the storage medium 180 designated to authenticate the disposable code based authentication medium.

According to an embodiment of the present invention, the authentication information may include information (for example, a telephone number assigned to the wireless terminal 200) identifying the communication means of the wireless terminal 200, (I. E., The program 235 is not operating in the emulator but is in a state of being operated by a user with physical components such as a mobile phone, smartphone, tablet PC, etc.) The information stored in the memory unit 230 or the SE of the wireless terminal 200 and the chip mounted on the wireless terminal 200 such as various communication chips, (For example, the version of the program 235), the information about the version of the authenticated program 235, and the information for identifying and authenticating the program 235 included in the wireless terminal 200 (E.g., an application authentication value assigned to the RAM 235, an application identification value assigned to the program 235, etc.), information for verifying whether the program 235 provided in the wireless terminal 200 is falsified or altered The hash information for hashing the file corresponding to the program 235 by version of the program 235, the hash algorithm for generating the hash information and the key value to be substituted into the hash algorithm in addition to the file) (For example, a unique identifier registered in a membership registration process, PIN information registered by a user, etc.) using the program 235 provided in the portable media 200, information on one or more pieces of information . &Lt; / RTI &gt;

Meanwhile, when the authentication information includes information for authenticating the portable medium, the program 235 of the wireless terminal 200 performs a procedure for recognizing the portable medium owned by the user through the medium recognition unit 220 The information storage unit 115 may provide recognition information recognized from the portable medium, and the information storage unit 115 may store the recognition information recognized by the portable medium in a state in which the program 235, which interfaces with the portable medium, 200) to be stored in the storage medium 180 designated as authentication information for authenticating with the disposable code-based authentication medium.

Referring to FIG. 1, the operation server 100 includes a medium registration unit 120 for registering medium identification information for identifying a portable medium owned by the user and storing the medium identification information in a designated storage medium 180, And a key information registration unit (125) for processing the key information set for obtaining the designated identification information from the proximity wireless communication medium to be stored in the specified security medium when the portable medium includes the proximity wireless communication medium.

The program authentication step may be performed before, during, after, or after the program authentication procedure is performed by the program authentication unit 110, before or after the membership subscription procedure is performed through the subscription / authentication unit 105 When a plurality of portable media issued by a plurality of media issuing organizations to the user can be recognized at a specified time point or when the program 235 is requested to register a portable medium issued by a specific media issuing organization, Receives the medium identification information identifying the portable medium owned by the user from the program 235 of the wireless terminal 200, stores the received medium identification information in the designated storage medium 180, And stores it in the storage medium 180. The medium identification information may be stored in the same storage medium 180 in the storage medium 180 storing the authentication information or may be stored in a separate storage medium 180. [

According to an embodiment of the present invention, the medium identification information may include a serial number printed on a surface of a portable medium owned by the user, a medium identifier recognized by the medium recognition unit 220 included in the wireless terminal 200 And at least one of the recognition information acquired by the acquisition unit.

If the portable medium corresponding to the medium identification information includes a proximity wireless communication medium, the key information registration unit 125 registers the key information, which is designated from the proximity wireless communication medium, through the proximity wireless communication unit 210 of the wireless terminal 200 Confirms the key information set for acquiring the recognition information, and performs processing to process the confirmed key information set to be stored in the designated security medium. Here, the key information set is a set of key values corresponding to the key set stored in the PSAM of the payment terminal. The set of key information may include identification information from the proximity wireless communication medium through the proximity wireless communication unit 210 of the wireless terminal 200 Is the generic name of key values to acquire.

According to an embodiment of the present invention, the secure medium includes a key management server 182 provided on the network so as to correspond to the proximity wireless communication medium, a Universal Subscriber Identify Module (USIM) A storage medium 180 for storing the authentication information, at least one SE (Secure Element) among an integrated circuit (IC) chip and a chip having an external memory, a TSM Management).

According to the embodiment of the present invention, when the wireless terminal 200 in a state in which the program 235 for interfacing with a plurality of portable media is activated is authenticated using the one-time code-based authentication medium, the key information registration unit 125 registers The key information set corresponding to the portable medium may be stored in the specified security medium, or the one integrated key information set for the plurality of portable media may be stored in the specified security medium. In this case, the key information registering unit 125 requests registration of the key information set through the key management server 182. The registration of the key information set may be performed by a separate key management server 182, Or to receive the results.

Referring to FIG. 1, the operation server 100 receives M (M? 2) pieces of parameter information transmitted through a program 235 of a mobile terminal 200 that has recognized the portable medium and transmitted according to a specified procedure (M &gt; = 2) parameter information transmitted through the program 235 of the wireless terminal 200 recognizing the portable medium and transmitted according to a designated procedure, Wherein the program of the wireless terminal (200) includes a key information set for recognizing the portable medium, the program information being associated with the portable terminal And a key information providing unit 135 for performing a process of processing the program to be provided to the program 235.

The program 235 of the wireless terminal 200 may be transmitted to the wireless terminal 200 through the proximity wireless communication unit 210 provided in the wireless terminal 200. In the case where the portable medium possessed by the user includes a proximity wireless communication medium, (E.g., displayed on the screen in a standby state in the background) by the medium being interfaced via proximity wireless communication. Or the portable medium is a proximity wireless communication medium or a code image medium, the program 235 may be activated or activated by a user's operation. The program 235 driven or activated by the wireless terminal 200 performs a procedure for authenticating the wireless terminal 200 in a state in which the program 235 interfacing with the portable medium is activated using the disposable code based authentication medium do.

Meanwhile, if the portable medium owned by the user includes a proximity wireless communication medium and a secure medium for storing a key information set of the proximity wireless communication medium is provided on the network, (235) of the wireless terminal (200) from a secure medium on the network to the portable medium (200), wherein the key information provider And performs processing to process the confirmed key information set so as to be provided to the program 235 of the wireless terminal 200. In this case, The provision of the key information set may be performed through a separate key management server 182 or TSM. For this, the key information providing unit 135 may request the key management server 182 or the TSM to provide the key information set or to receive the result of the key information set.

The program 235 of the wireless terminal 200 may transmit a program 235 that recognizes the portable medium of the user to the mobile terminal 200 in accordance with a designated procedure for authenticating the wireless terminal 200 with the program 235, The parameter information is constructed and transmitted. The program 235 of the wireless terminal 200 can transmit M parameter information at a time and can transmit the M number of times according to a designated path. The procedure for constructing and transmitting the M parameter information as described above is implemented by the functions provided in the program 235, and how many times to transmit the parameter information according to a certain procedure according to the procedure will depend on the disposable code- The institutions involved in the treatment can be arranged in consultation with each other.

The information receiving unit 130 receives the M parameter information transmitted through the program 235 of the wireless terminal 200 that has recognized the portable medium and transmitted according to the designated procedure. The information verifying unit 140 verifies M parameter information received through the information receiving unit 130 or confirms parameter information received by a separate server linked to the M parameter information transmitting procedure .

According to the method of the present invention, the M parameter information is recognized from the portable medium and information that drives the program 235 (for example, the portable medium owned by the user is a proximity wireless communication medium, Information recognized from the proximity wireless communication medium for the program 235 to be driven when the program 235 is automatically driven by being interfaced to the medium recognition unit 220 of the wireless terminal 200) (E.g., a version of the program 235, an application identification value, an application authentication value, and the like) related to the program 235 recognized and driven, information (e.g., program 235 and the operating server 100, the hash information for the program 235, the code generated by the program 235 of the mobile terminal 200, (E.g., a code value dynamically generated through a random number algorithm, etc.), information recognized by the program 235 from the portable medium (e.g., when the portable medium is a code image medium, A code value, an address value, etc., recognized from a coded bit stream, a code value read from the proximity wireless communication medium from the proximity wireless communication medium when the portable medium is a proximity wireless communication medium, (For example, information obtained by decoding the information recognized from the portable medium, information recognized from the portable medium) and a specified operation (E.g., a result obtained by performing the program 235), information obtained by the program 235 recognized from the portable medium Information provided from the designated server to the program 235 using an address value or a code value recognized from the portable medium).

According to an embodiment of the present invention, the parameter information further includes PIN information registered by a user using the program 235 of the wireless terminal 200, or inputs information displayed on the user terminal 190 used by the user And information generated by the program 235 using the information displayed on the user terminal 190. The program 235 may further include at least one piece of information.

Referring to FIG. 1, the operation server 100 includes an authentication processing unit 145 for performing a process of authenticating the validity of m (1? M? M) parameter information through the storage medium 180, A code generating unit 150 for performing a procedure of dynamically generating a specified number of one-time codes when the validity of the m parameter information is authenticated, To be provided to the program 235 of the mobile terminal 200 according to an embodiment of the present invention.

According to the embodiment of the present invention, some parameter information (for example, m (1? M <M)) of M parameter information received by the information receiving unit 130 or confirmed through the information checking unit 140 Information for authenticating the wireless terminal 200 in a state in which the program 235 recognizing the portable medium of the user is driven is authenticated using the disposable code-based authentication medium (for example, parameter information) or the entire parameter information (For example, m '(1? M'<M) number of parameter information) or the entire parameter information (for example, M number of parameter information) according to the method of operation, Lt; / RTI &gt; as seed value.

The authentication processing unit 145 may determine whether the program 235 in which the portable media of the user has been recognized among the M parameter information received by the information receiving unit 130 or confirmed through the information checking unit 140 The m (1? M? M) parameter information designated by the information for authenticating the wireless terminal 200 with the one-time code-based authentication medium is compared with the authentication information stored in the storage medium 180 or the specified verification operation is performed A procedure for authenticating the wireless terminal 200 in a state in which the program 235 recognizing the portable medium of the user is activated is authenticated as a disposable code based authentication medium by authenticating whether the predicted result is derived.

According to a variant embodiment of the present invention, a part or all of the m pieces of parameter information is compared with authentication information stored in part or all of the storage medium 180 or a specified verification operation is performed, The authentication processing unit 145 may send the authentication request to the authentication server 184 for authentication by the authentication server 184 having the storage medium 180. In this case, And perform a procedure of providing parameter information and receiving an authentication result for the provided parameter information from the authentication server 184. [ If the parameter information necessary for the authentication is directly provided from the program 235 of the wireless terminal 200 to the authentication server 184, the authentication processing unit 145 receives the parameter information from the authentication server 184 A procedure for receiving the authentication result of the user can be performed. For example, the authentication server 184 may include a server of a communication company to which the mobile terminal 200 is subscribed, a server of a media issuing organization that has issued a portable medium to the user, And a server.

According to a preferred embodiment of the present invention, the procedure for authenticating the wireless terminal 200 in a state in which the program 235 interfacing with the portable medium is activated as the disposable code-based authentication medium includes the steps of: . That is, the conventional normal authentication procedure is performed with a single authentication type including only user authentication. Even though the single authentication can only authenticate the validity of the user, the state in which the program 235 that interfaces with the portable medium is driven It is difficult to authenticate the wireless terminal 200 of the mobile terminal 200 with the disposable code-based authentication medium. The authentication of the present invention uses a program 235 provided in a wireless terminal 200 of a physical configuration used by a user who owns the portable medium. When the program 235 is valid, It is possible to authenticate the wireless terminal 200 in a state in which the program 235 is activated as a disposable code-based authentication medium. For such authentication, the present invention preferably provides multiple authentications for a plurality of different parameters. Herein, what parameter is used as the authentication value means that the user who owns the portable medium uses the program 235 provided in the wireless terminal 200 of the physical configuration used by the user, and the program 235 Quot; authenticate that the portable medium is interfaced with the portable medium in the valid state &quot;.

When the validity of the m parameter information is authenticated, the code generation unit 150 performs a process of processing the specified number of one-time codes to be dynamically generated. Here, the specified number of one-off codes is a generic name of a one-time code generated dynamically on the network and provided to the program 235 of the wireless terminal 200, preferably a dynamically generated N (N? 2) Or n (1? N <N) codes among the N-digit codes. If the specified number of one-time codes are n (1? N <N) codes, (Nn) codes may be generated through the processor of the portable medium, generated by the program 235, (235) of the wireless terminal (200) is generated through at least one of a USIM, an IC chip, and an external memory built-in chip, Lt; RTI ID = 0.0 &gt; n &lt; / RTI &gt;

According to the method of the present invention, the specified number of one-time codes may be generated through the code generation unit 150. [ Alternatively, the specified number of one-off codes can be dynamically generated through a separate code server 186 linked to the operating server 100. To this end, the code generating unit 150 generates a one- A procedure for requesting generation of code or receiving a dynamically generated one-time code can be performed.

According to an embodiment of the present invention, a K (2) number of seed values is required to generate the specified number of one-off codes dynamically, and preferably, the K seed values are generated by at least one dynamic seed Values (e.g., time values, random values, etc.) and one or more fixed seed values. Some of the fixed seed values may be authentication information stored in the storage medium 180.

According to the first disposable code generation method of the present invention, the code generation unit 150 or the code server 186 includes the code generation algorithm (for example, MD4, MD5, SHA, etc.) ) Stored in the storage medium (180), and when the validity of the m parameter information is authenticated, at least one dynamic seed value among the K seed values is stored in the storage medium Determine the stored fixed seed value, and apply the determined / identified K seed values to the designated code generation algorithm to dynamically generate the specified number of one-time codes.

According to the second disposable code generation method of the present invention, the code generation unit 150 or the code server 186 includes the code generation algorithm, and one or more of the K seed values is fixed M ', which is used as a seed value for generating the one-time code from the M parameter information when the validity of the m parameter information is authenticated after storing the seed value in the designated storage medium 180, 'M) number of parameter information, and applying the identified m' number of parameter information to K seed values to apply to the designated code generation algorithm, the specified number of one-off codes can be dynamically generated.

According to the second disposable code generation method of the present invention, the code generation unit 150 or the code server 186 includes the code generation algorithm, and when the validity of the m parameter information is authenticated, the M (1? M '? M) number of parameter information to be used as a seed value for generating the disposable code from among the m number of seed values, By applying it to the code generation algorithm, you can dynamically generate the specified number of single-use codes.

When the validity of the m parameter information is authenticated through the authentication processing unit 145 and a specified number of one-time codes are dynamically generated through the code generating unit 150 or the code server 186, Performs a process of processing the generated one-off code of the specified number of digits to be provided to the program 235 of the wireless terminal 200. [

According to the embodiment of the present invention, the specified number of one-time codes are transmitted in a form decryptable through the program 235 of the wireless terminal 200, and the program of the wireless terminal 200 235, and can be transformed into a recoverable form and transmitted. For example, the code providing unit 155 may change the position of the disposable code in a form that can be recovered through the program 235 of the wireless terminal 200, or may change the position of the disposable code to the wireless terminal 200 It can be transformed into a restorable function through the program 235 and transformed to provide the modified disposable code to the program 235 of the wireless terminal 200. [ Even if the modified one-time code is exposed in the transmission / reception process, it can not be restored unless it is the program 235. Even if the disposable code is restored at the end of the effort, the life time of the disposable code has already elapsed .

Referring to FIG. 1, the operation server 100 includes a code receiving unit 160 for receiving a disposable code transmitted through a user terminal 190, and a code receiving unit 160 provided for the program 235 of the wireless terminal 200, A code verification unit 165 for verifying the one-time code transmitted through the user terminal 190, a code authentication unit 170 for verifying the validity of the verified disposable code, (175) for providing a result of authenticating the validity of the disposable code to the user terminal (235) or the user terminal (190).

The disposable code provided in the program 235 of the wireless terminal 200 may be displayed on the screen of the wireless terminal 200 in which the program 235 is displayed as if generated through the program 235 of the wireless terminal 200 , The disposable code displayed through the program 235 of the wireless terminal 200 may be transmitted through the user terminal 190 used by the user or transmitted by a user operation derived therefrom. For example, if the user terminal 190 is a separate terminal separate from the wireless terminal 200, the one-time code may be input through the user terminal 190 and transmitted. If the user terminal 190 is the wireless terminal 200, the disposable code may be transmitted by a user operation (e.g., clicking an OK button, etc.) derived by the interface displayed on the screen of the wireless terminal 200 have.

The code receiving unit 160 receives the disposable code transmitted through the user terminal 190 through the above procedure. The one-off code transmitted through the user terminal 190 may be received directly from the user terminal 190 or relayed through the designated relay server.

The code verification unit 165 identifies the program 235 of the wireless terminal 200 using the M parameter information received from the program 235 of the wireless terminal 200 and the authentication information stored in the storage medium 180. [ And then receives the transmitted disposable code through the user terminal 190 used by the user.

The code authenticating unit 170 generates a comparison code by applying the same seed value to the same code generation algorithm as the code generation unit 150 generates the disposable code and outputs the comparison code and the received one- The validity of the disposable code can be verified. It is also possible to store the disposable code provided in the program 235 of the wireless terminal 200 according to the method and compare the received disposable code with the received disposable code to authenticate the validity of the disposable code. Meanwhile, the validity authentication of the disposable code can be performed through the designated code server 186. To this end, the code authentication unit 170 requests the code server 186 to perform validity authentication of the disposable code, And the like.

According to an embodiment of the present invention, in order to establish a condition for medium separation, the one-off code can be dynamically generated through the code generation unit 150 and the validity of the one- Or vice versa, the one-off code can be dynamically generated through the code server 186, and the validity of the one-time code can be authenticated through the code authenticating unit 170.

The service providing unit 175 provides a result of authenticating the validity of the one-time use code to the program 235 of the wireless terminal 200 or the user terminal 190 as a result of the authentication service request using the one-time use code . Meanwhile, when payment settlement or financial transaction is requested using the disposable code, the service provider 175 processes the requested payment settlement or financial transaction as a result of the authentication service request using the disposable code And then provide the results of performing the payment settlement or financial transaction procedure. The service providing unit 175 may be implemented in a server provided in a separate service providing organization providing the service. In this case, the service providing unit 175 may transmit the disposable code The process of providing the result of verifying the validity of the validity of the validity can be performed.

FIG. 2 is a diagram showing a functional configuration of a wireless terminal 200 and a program 235 according to an embodiment of the present invention.

In more detail, FIG. 2 shows a wireless terminal 200 interfacing with a portable medium owned by a user as a disposable code-based authentication medium for receiving and outputting a specified number of one-time codes dynamically generated on a network, And a program 235 corresponding to the configuration of the program 235 for receiving and outputting a dynamically generated specified number of one-off codes. The program 235 and the configuration of the wireless terminal 200 are shown in FIG. 2, and various modifications may be made to the functionality of the wireless terminal 200, but the present invention is not limited to the embodiments described above, And the technical features thereof are not limited only by the illustrated method. Preferably, the wireless terminal 200 of FIG. 2 may include at least one of various smart phones, various tablet PCs, various PDAs, and various mobile phones capable of wireless communication.

2, the wireless terminal 200 includes a control unit 201, a memory unit 230, a screen output unit 202, a key input unit 203, a sound output unit 204, a sound input unit 205, A camera unit 215, a wireless network communication unit 208, a short range wireless communication unit 207, a proximity wireless communication unit 210, a USIM reader unit 225 and a USIM, and includes a battery 206 for power supply do. Depending on the method, a separate SE may be mounted or detached in addition to the USIM.

The control unit 201 is a general term for controlling the operation of the wireless terminal 200. The control unit 201 includes at least one processor and an execution memory, BUS). According to the present invention, the control unit 201 loads at least one program code included in the wireless terminal 200 into the execution memory through the processor, and outputs the result through at least one configuration And controls the operation of the wireless terminal 200. Hereinafter, the configuration of the program 235 of the present invention, which is implemented in the form of program code for convenience, will be described in the control unit 201. FIG.

The memory unit 230 is a general term of a nonvolatile memory corresponding to a storage resource of the wireless terminal 200 and includes at least one program code executed through the control unit 201 and at least one Save and maintain the dataset. The memory unit 230 basically comprises a system program code and a system data set corresponding to the operating system of the wireless terminal 200, a communication program code and a communication data set for processing a wireless communication connection of the wireless terminal 200, The program code and the data set corresponding to the program 235 of the present invention are also stored in the memory unit 230. [

The screen output unit 202 is composed of a screen output device (e.g., an LCD (Liquid Crystal Display) corresponding to the output resource of the wireless terminal 200 and a driving module for driving the screen output device. And outputs the calculation result corresponding to the screen output among the various calculation results of the control unit 201 to the screen output device.

The key input unit 203 may include at least one user input device corresponding to the input resource of the wireless terminal 200 (e.g., a button, a keypad, a touch pad, a touch screen interlocked with the screen output unit 202) And inputs a command for instructing various operations of the control unit 201 in cooperation with the control unit 201 or inputs data necessary for the operation of the control unit 201. [

The sound output unit 204 is composed of a speaker corresponding to the output resource of the wireless terminal 200 and a driving module for driving the speaker. The sound output unit 204 is connected to the control unit 201, And outputs an operation result corresponding to the output through the speaker. The driving module decodes sound data to be outputted through the speaker and converts the sound data into a sound signal.

The sound input unit 205 includes a microphone corresponding to the input resource of the wireless terminal 200 and a driving module for driving the microphone, and transmits the sound data input through the microphone to the controller 201. The driving module encodes and encodes a sound signal input through the microphone.

The camera unit 215 includes an optical unit corresponding to the camera resource of the wireless terminal 200, a CCD (Charge Coupled Device) and a drive module for driving the CCD unit. And acquires image data or image data. The data obtained through the camera unit 215 may include still image data or moving image data.

According to an embodiment of the present invention, the proximity wireless communication unit 210 may include a function of the medium recognition unit 220 that recognizes at least one code image medium, such as a card image, a device, and a tag, .

The wireless network communication unit 208 and the short-range wireless communication unit 207 are collectively referred to as communication resources for connecting the wireless terminal 200 to a designated communication network. Preferably, the wireless terminal 200 may include a wireless network communication unit 208 as a basic communication resource, and may include one or more short-range wireless communication units 207.

The wireless network communication unit 208 is a collective term for communication resources for connecting the wireless terminal 200 to a wireless communication network via a base station and includes an antenna for transmitting and receiving a radio frequency signal of a specific frequency band, And at least one processing module connected to the control unit 201. The control unit 201 transmits the calculation result corresponding to the wireless communication among the various calculation results of the control unit 201 through the wireless communication network or receives data through the wireless communication network To the control unit 201, and performs the connection, registration, communication, and handoff procedures of the wireless communication. According to the present invention, the wireless network communication unit 208 can connect the wireless terminal 200 to a telephone communication network including a communication channel and a data channel via the exchange, and in some cases, May be connected to a data network providing communication-based wireless network data communication (e.g., the Internet).

According to an embodiment of the present invention, the wireless network communication unit 208 is a mobile communication unit that performs at least one of connection to a mobile communication network, location registration, call processing, call connection, data communication, and handoff according to the CDMA / WCDMA / &Lt; / RTI &gt; Meanwhile, according to the intention of a person skilled in the art, the wireless network communication unit 208 may further include a portable internet communication configuration for performing at least one of connection to the portable Internet, location registration, data communication and handoff according to the IEEE 802.16 standard, It is evident that the present invention is not limited by the wireless communication configuration provided by the wireless network communication unit 208. [ That is, the wireless network communication unit 208 is a collective term for a constituent unit connected to a wireless communication network through a cell-based base station irrespective of a frequency band of a wireless section, a type of a communication network, or a protocol.

The short-range wireless communication unit 207 is a collective term for communication resources connecting a communication session using a radio frequency signal within a predetermined distance (for example, 10 m) as a communication medium and connecting the wireless terminal 200 to the communication network based on the communication session , The wireless terminal 200 may be connected to the communication network through at least one of Wi-Fi communication, Bluetooth communication, public wireless communication, and UWB. According to an embodiment of the present invention, the short range wireless communication unit 207 may be integrated with or separated from the wireless network communication unit 208. According to the present invention, the short-distance wireless communication unit 207 connects the wireless terminal 200 to a data network providing packet-based short-range wireless data communication through a wireless AP.

The proximity wireless communication unit 210 is a communication unit that processes at least one of proximity wireless communication, bidirectional proximity wireless communication, full-duplex proximity wireless communication, and half-duplex proximity wireless communication using a radio frequency signal as a communication medium at a close distance (e.g., As a collective term of resources, it is possible to process the proximity wireless communication according to the NFC (Near Field Communication) standard of the 13.56 Mz frequency band. Alternatively, the proximity wireless communication unit 210 may process proximity wireless communication of the ISO 18000 series standard, in which case it may process proximity wireless communication for a frequency band other than the 13.56 Mz frequency band. For example, the proximity wireless communication unit 210 can operate in a reader mode, a tag mode, or a bidirectional communication mode. Meanwhile, the proximity wireless communication unit 210 may be included in a communication resource for connecting the wireless terminal 200 to a communication network according to an object to be communicated nearby.

According to an embodiment of the present invention, the proximity wireless communication unit 210 may include a function of the medium recognition unit 220 that recognizes at least one proximity wireless communication medium among the noncontact IC card, RF card, RF device, and RFID owned by the user .

The USIM reader unit 225 is a generic term of a configuration for exchanging at least one data set with a universal subscriber identity module that is mounted or detached from the mobile station 200 based on the ISO / IEC 7816 standard , And the data set is exchanged in a half duplex communication manner through an APDU (Application Protocol Data Unit).

The USIM is a SIM type card having an IC chip according to the ISO / IEC 7816 standard, and includes an input / output interface including at least one contact connected to the USIM reader unit 225, (Or processing) the program code for the IC chip or extracting (or processing) the data set in accordance with at least one command transmitted from the wireless terminal 200 in connection with the input / output interface To the input / output interface.

According to a modified embodiment of the present invention, a program code for dynamically generating (Nn) codes of N-number of one-time codes is stored in a memory area of an SE mounted or detached from the wireless terminal 200 including the USIM And the program code can dynamically generate the (Nn) codes through the processor of the SE.

The program 235 of the present invention is downloaded from a program providing server (for example, an Apple App Store or the like) through a data network to which the communication resource can be connected and is stored in the memory unit 230. The downloaded program 235 operates in conjunction with the operating server 100, and may be manually operated by a user, or may be activated (or activated) automatically after user confirmation or automatically by receiving a message. Meanwhile, a separate program 235 may be in operation for activating the program 235 after user confirmation or automatically, and thus the present invention is not limited thereto.

Referring to FIG. 2, the program 235 of the wireless terminal 200 accesses the operation server 100 through a data network to which the communication resource is connectable, thereby joining the user as a member, And a program authenticating unit 245 for authenticating the validity of the program 235 through at least one communication network connectable through the communication resource.

The program 235 includes communication connection macro information to access the operation server 100 through a data network to which the communication resource is connectable. The membership subscription / authentication unit 240 includes a screen output unit 202, (E.g., name, resident registration number, etc.) for joining the user as a member via the data network and transmits the user information input through the interface to the operation server 100 via the data network And transmits the member account to join the user as a member.

Meanwhile, the subscription of the user can be subscribed through a separate user terminal 190 in addition to the mobile terminal 200. Accordingly, when the user is already a member or is registered as a member through the user terminal 190, the member registration / authentication unit 240 outputs an interface for inputting the user account of the user, Transmits the member account inputted through the interface to the operation server 100 through the data network to authenticate the user as a member.

The program authentication unit 245 authenticates the validity of the program 235 to the operation server 100 via at least one communication network among the data network and the telephone communication network to which the communication resource is connectable. According to the embodiment of the present invention, the process of authenticating the program 235 is performed through an encryption / decryption communication process previously agreed upon between the program 235 and the operation server 100. For convenience, the encryption / A detailed description of the process will be omitted.

According to the first program authentication method of the present invention, the program 235 is provided with the program providing server 235 with a unique key value (= unique information) capable of identifying that the program is operated by the operating server 100 In this case, the program authentication unit 245 transmits the unique key value to the operation server 100, or transmits the unique key value to the operation server 100 based on the unique key value, The program 235 can authenticate that the program is operated by the operation server 100. [0159] Meanwhile, the program authentication unit 245 may transmit the unique key value to the operation server 100 via the memory unit 230 of the wireless terminal 200 or at least one unique The program 235 is a program operated by the operating server 100 and simultaneously authenticates that the program 235 is running in the mobile terminal 200 by transmitting information together with the unique key value .

According to the second program authentication method of the present invention, the program 235 is downloaded through the program providing server, and then, in accordance with a designated procedure, an application identification value (for example, The program authentication unit 245 may transmit the application identification value (= unique information) to the operation server 100, so that the program 235 may be a program operated by the operating server 100. Meanwhile, the program authentication unit 245 may transmit the at least one unique identifier (ID) to the memory 230 or the SE of the wireless terminal 200, The program 235 is a program operated by the operating server 100 and simultaneously authenticates that the program 235 is running in the wireless terminal 200 .

According to the third program authentication method of the present invention, the program 235 constructs hash information by hashing at least one file corresponding to the program 235 according to a specified hash algorithm, (100), the program (235) can be authenticated as a valid program operated by the operating server (100). Meanwhile, the program authentication unit 245 can construct the hash information by determining the hash information internally or using the key value exchanged with the operation server 100 in the process of constructing the hash information. The program authentication unit 245 may transmit the hash information to the operation server 100 through the memory unit 230 of the wireless terminal 200 or at least one unique information Together with the hash information, the program 235 may be a program operated by the operation server 100, and at the same time, the program 235 may be activated in the wireless terminal 200 .

According to the fourth program authentication method of the present invention, the program 235 is configured such that at least one key value, a key exchange protocol and encryption / decryption rule are set and an authentication procedure for authenticating the program 235 using the key exchange protocol and encryption / The program authentication unit 245 may transmit the at least one key value set in the certificate and the key exchange protocol set in the certificate according to the authentication procedure defined in the certificate, And the encryption / decryption rule may be selectively used to authenticate that the program 235 is a program operated by the operating server 100. Meanwhile, the program authentication unit 245 may further use at least one unique information stored in the memory unit 230 or SE of the wireless terminal 200 or the communication network in the authentication procedure in the course of using the certificate, The program 235 may be a program operated by the operating server 100 and may simultaneously authenticate that the program 235 is running in the wireless terminal 200. [

According to the fifth program authentication method of the present invention, when the authentication number transmitted from the operation server 100 is received through the message exchange protocol of the telephone network, the wireless terminal 200 transmits the received authentication number And transmits the program 235 to the operating server 100 through the data network, thereby authenticating that the program 235 is a program operated by the operating server 100. Meanwhile, the program authentication unit 245 transmits at least one unique information, which is stored in the memory unit 230 or SE of the wireless terminal 200 or allocated to the communication network in the course of transmitting the authentication number to the operation server 100, The program 235 may be a program operated by the operation server 100 and may simultaneously authenticate that the program 235 is running in the wireless terminal 200 by transmitting the program 235 together with the authentication number .

According to the sixth program authentication method of the present invention, the program authentication unit 245 receives the program (the program) from the operation server 100 through an authentication method selectively combining at least one of the first through fourth program authentication methods 235) can be authenticated, and thus the present invention is not limited thereto.

During the execution of the first to sixth program authentication schemes, the operation server 100 receives a program 235 dynamically generated on the network through the program 235 of the mobile terminal 200 recognizing the portable medium owned by the user And the authentication information for processing to receive and output the number of digits of the one-time code is stored in the designated storage medium 180. [

Referring to FIG. 2, the program 235 of the wireless terminal 200 includes a program 235 for interfacing with the portable medium, an authentication for authenticating the wireless terminal 200 in a state in which the program 235 is activated, And an information registration unit 250 for performing a procedure of registering the information in the designated storage medium 180. [

On the other hand, in the course of performing the first to sixth program authentication methods, all of the authentication information necessary for authenticating the wireless terminal 200 in a state in which the program 235 that interfaces with the portable medium is activated, When the portable medium owned by the user is recognized through the medium recognition unit 220 included in the wireless terminal 200, the information registration unit 250 registers the portable medium 200, And the authentication information for authenticating the wireless terminal 200 in the state in which the program 235 is interfaced with the disposable code based authentication medium to the designated storage medium 180. [

According to the embodiment of the present invention, the authentication information may include information for identifying the communication means of the wireless terminal 200, information about the wireless terminal 200 having the program 235, Information for verifying and authenticating the program 235 provided in the wireless terminal 200, information for verifying whether the program 235 provided in the wireless terminal 200 is falsified or altered, Information for authenticating a user using the program 235 provided in the portable terminal 200, and information for authenticating the portable medium. The information registration unit 250 may configure the authentication information, And transmits the authentication information constructed or input according to the interface to the operation server 100 according to a designated procedure.

Referring to FIG. 2, the program 235 of the wireless terminal 200 includes a medium registration unit 120 for performing a procedure of registering medium identification information identifying a portable medium owned by the user in a designated storage medium 180 Wherein when the portable medium includes a proximity wireless communication medium and a security medium storing a set of key information of the proximity wireless communication medium is an SE mounted or detached from the wireless terminal 200, And a key information storage unit (260) for performing a procedure of storing a key information set for acquiring designated identification information from a wireless communication medium in an SE mounted or detached from the wireless terminal (200).

The media registration unit 120 displays an interface for receiving media identification information identifying a portable medium owned by a user and transmits the medium identification information input through the interface to the operation server 100 according to a designated procedure do. On the other hand, if the medium identification information includes identification information to be recognized from the portable medium owned by the user, the medium registration unit 120 recognizes the portable medium owned by the user through the medium recognition unit 220 and recognizes And transmits the obtained recognition information to the operation server 100 according to a designated procedure.

Meanwhile, when the portable medium includes a proximity wireless communication medium and the security medium storing the set of key information of the proximity wireless communication medium is the SE loaded or unloaded to the wireless terminal 200, 260 receives the key information set for obtaining the designated identification information from the proximity wireless communication medium from the operation server 100 and transmits the received key information set to the SE And the like. The procedure for storing the key information set in the SE may be performed according to the OTA procedure.

Referring to FIG. 2, a program 235 of the wireless terminal 200 recognizes a portable medium owned by a user through a medium recognition unit 220 included in the wireless terminal 200 and acquires designated recognition information And an information acquiring unit 265 for acquiring information.

When the wireless terminal 200 in which the program 235 for interfacing with the portable medium is driven is used as the disposable code-based authentication medium, the user recognizes the portable medium owned by the user to the medium recognition unit 220. If the portable medium includes a proximity wireless communication medium, the program 235 may be activated or activated by the user approximating the proximity wireless communication medium to the communication range of the proximity wireless communication unit 210. [ Meanwhile, the program 235 may be activated or activated by the operation of the user.

When the portable medium is interfaced with the wireless terminal 200, the information obtaining unit 265 recognizes the portable medium owned by the user through the medium recognition unit 220 included in the wireless terminal 200, And acquires recognition information.

If the portable medium is a code image medium, the information obtaining unit 265 captures and reads out a code image printed or electronically outputted to the code image medium through the camera unit 215, Extracting a bit string, interpreting the extracted bit string according to a specified encoding rule, and obtaining recognition information composed of a code value of a specified code system or an address value of a designated server or a combination of the two.

On the other hand, if the portable medium is a proximity wireless communication medium, the information obtaining unit 265 obtains a key for recognizing identification information designated from the proximate wireless communication medium through a security medium storing a key information set for the proximity wireless communication medium Confirms the information set, and reads the specified identification information from the proximity wireless communication medium via the identified key information set. If the read identification information is encrypted, the information obtaining unit 265 may decrypt the encrypted identification information through a key value included in the key information set. Preferably, the recognition information recognized from the proximity wireless communication medium may include at least one of a serial number, a unique code, and card information.

Referring to FIG. 2, the program 235 of the wireless terminal 200 may include a program 235 when the portable medium is recognized through the medium recognition unit 220 included in the wireless terminal 200 An information configuration unit 270 for configuring M parameter information for authenticating the wireless terminal 200 with an authentication medium that receives and outputs a specified number of one-time codes generated dynamically on the network; And an information transmitting unit 275 for transmitting the information to the server.

When the portable medium is recognized through the medium recognition unit 220 included in the wireless terminal 200, the information configuration unit 270 determines whether the program 235 is generated on the network And configures M parameter information for authenticating with an authentication medium that receives and outputs the specified number of one-time codes. The M pieces of parameter information are recognized from the portable medium and are information generated by driving the program 235, information on the program 235 in which the portable medium is recognized and driven, Information that the program 235 recognizes from the portable medium, information that the program 235 authenticates information recognized from the portable medium, information that the program 235 recognizes from the portable medium, And may include one or more pieces of information. Preferably, the M parameter information further includes unique information inherently stored in the memory unit 230 of the wireless terminal 200 or the SE, or includes hash information hashed hash of the file corresponding to the program 235 . The M parameter information may further include PIN information registered by a user using the program 235 of the wireless terminal 200. The M parameter information includes at least one of the information input by the user terminal 190 used by the user and the information generated by the program 235 using the information displayed on the user terminal 190 .

The information transmission unit 275 transmits the M parameter information configured through the information configuration unit 270 to the operation server 100 according to a designated number of times through one or more designated paths according to a designated procedure. The operation server 100 performs a procedure for authenticating the wireless terminal 200 in a state in which the program 235 interfacing with the portable medium is activated through the M parameter information to the disposable code based authentication medium.

Referring to FIG. 2, the program 235 of the wireless terminal 200 includes a code receiving unit 280 that receives a specified number of one-time codes dynamically generated on the network based on a result of authenticating the validity of the parameter information, , And a code output unit (285) for outputting the received one-off code of the specified number of digits. The procedure for dynamically generating (Nn) codes when the received one-off code is n codes out of N-digit codes And a code transmitting unit 295 for transmitting the disposable code to the designated server according to an embodiment of the present invention.

When the mobile terminal 200 in the state in which the program 235 that interfaces with the portable medium is activated is authenticated as the one-time code-based authentication medium, the operation server 100 dynamically generates and transmits a specified number of one- The code receiving unit 280 receives the specified number of one-time codes dynamically generated on the network based on the result of authenticating the validity of the parameter information. If the one-time code is encrypted, the code receiving unit 280 may perform a process of decrypting the encrypted one-time code. Alternatively, when the disposable code is transformed into a recoverable structure, the code receiving unit 280 may perform the procedure for restoring the modified disposable code.

The code output unit 285 outputs the disposable code received through the code receiving unit 280 through the screen output unit 202. Preferably, the output disposable code is input through the user terminal 190 used by the user and transmitted to the operation server 100. On the other hand, if the received one-off code is n codes out of N-number of one-off codes, the code generator 290 can perform a procedure of generating (Nn) codes, ) Can output N-number of one-time codes by combining n codes received through the code receiving unit 280 and (Nn) codes generated through the code generating unit 290.

For example, when the portable medium is equipped with a processor as a short-range wireless communication medium, the code generation unit 290 requests (Nn) codes as a short-range wireless communication medium, And the generated (Nn) codes can be received. The code generating unit 290 determines (for example, time value verification) one or more seed values necessary for generating the (Nn) codes in the process of requesting (Nn) codes from the short-range wireless communication medium, (E.g., checking the information to be used as a seed value among the values stored in the memory unit 230 or the SE, checking the received seed value to generate (Nn) codes from the operating server 100, Seed) and provide it as the short-range wireless communication medium. Alternatively, the code generator 290 may generate (Nn) codes by applying one or more seed values designated in the designated code generation algorithm. Alternatively, when a SE is mounted on or detached from the wireless terminal 200, the code generation unit 290 requests the SE to (Nn) codes, and the SE generated by the processor of the SE Nn) codes. The code generator 290 may determine or check one or more seed values necessary for generating the (Nn) codes in the process of requesting the (Nn) codes by the SE, and provide the SE to the SE.

If the user terminal 190 using the disposable code based service is the wireless terminal 200 provided with the program 235, the code transmitting unit 295 transmits the output disposable code to the operation server 100 Lt; / RTI &gt; The operation server 100 performs a procedure for authenticating the received disposable code.

3 is a diagram illustrating an information registration process for authenticating a wireless terminal 200 in a state in which a program 235 for interfacing with a portable medium according to an embodiment of the present invention is activated using a disposable code-based authentication medium.

3 illustrates a process of joining a user as a member in order to authenticate a wireless terminal 200 in a state in which a program 235 that interfaces with a portable medium of a user is activated as a disposable code- A process of authenticating the validity of the program 235 mounted on the portable terminal 200, a process of registering one or more pieces of authentication information, and a process of registering a portable medium owned by a user. It will be appreciated that those skilled in the art will be able to conceive of various embodiments of the information registration process (e.g., omitting some steps or changing the order) by referring to and / or modifying FIG. 3, The present invention is not limited to the above-described embodiments.

Referring to FIG. 3, when the program 235 is downloaded to the user's wireless terminal 200 and installed (300), the program 235 of the wireless terminal 200 transmits the program (305) a process of joining the user of the user terminal (235) as a member.

The operation server 100 performs a procedure of authenticating the validity of the program 235 of the wireless terminal 200 in conjunction with the program 235 of the wireless terminal 200 in operation 310. If the validity of the program 235 is not authenticated, the operation server 100 outputs the program 235 validation authentication error to the program 235 of the wireless terminal 200 (315).

Meanwhile, when the validity of the program 235 of the wireless terminal 200 is authenticated, the operating server 100 transmits the wireless terminal 200 with the program 235, which interfaces with the portable medium of the user, Based authentication medium and stores the authentication information in the designated storage medium 180. The program 235 of the wireless terminal 200 performs a procedure of registering the authentication information (320). Meanwhile, some of the authentication information may be provided from a separate server (for example, a server of a media issuing organization) in addition to the program 235 of the wireless terminal 200, and thus the present invention is not limited thereto.

When the registration procedure of the authentication information is performed, the operation server 100 transmits a portable medium 200 for use as a disposable code-based authentication medium to the wireless terminal 200 in a state in which a program 235 for interfacing with the portable medium of the user is activated. The program 235 of the wireless terminal 200 performs a procedure of registering the portable medium with the medium identification information of the portable terminal 200 in the designated storage medium 180 (325).

If the registered portable media is a proximity wireless communication medium, the operation server 100 confirms a key information set for recognizing recognition information from the proximity wireless communication medium, ), And the secure medium receives and stores the key information set corresponding to the proximity wireless communication medium (335).

FIG. 4 illustrates a process of recognizing a proximate wireless communication medium according to an embodiment of the present invention.

In more detail, FIG. 4 illustrates an example of a program 235 of the wireless terminal 200 in order to authenticate the wireless terminal 200 in a state in which the program 235 that interfaces with the proximity wireless communication medium is activated, The present invention is not limited to the steps of recognizing the proximity wireless communication medium by referring to and / or modifying FIG. 4 by those skilled in the art. It is to be understood that the invention may be practiced otherwise than as specifically described herein, but it is to be understood and appreciated that the invention may be practiced otherwise than as specifically described herein, Its technical characteristics are not limited.

Referring to FIG. 4, a program 235 included in a user's wireless terminal 200 is driven or activated (400) according to the recognition of a proximity wireless communication medium, and is connected to the wireless terminal 200 (Step S405). In step S405, it is determined whether the program 235 is validated. If the validity of the program 235 is not authenticated, the operation server 100 outputs a program 235 validation authentication error to the program 235 of the wireless terminal 200 (410).

Meanwhile, if the validity of the program 235 of the wireless terminal 200 is authenticated, the program 235 of the wireless terminal 200 confirms the key information set from the specified secure medium 415, (420) the identification information to authenticate the wireless terminal (200) in the state in which the program (235) is driven from the proximity wireless communication medium to the one-use code based authentication medium.

5 is a diagram illustrating a process of recognizing a code image medium according to another embodiment of the present invention.

5 is a flowchart illustrating a method of authenticating a wireless terminal 200 in a state in which a program 235 interfacing with a code image medium is activated by using a disposable code based authentication medium in the program 235 of the wireless terminal 200 The present invention is not limited to the above embodiments and various changes and modifications may be made without departing from the scope of the present invention. (For example, an operation method in which some steps are omitted or the order is changed). However, the present invention includes all of the above-mentioned embodiments, and the technical features Is not limited.

5, the program 235 of the wireless terminal 200 is operated or activated (500), and the program 235 of the wireless terminal 200 is operated in cooperation with the operation server 100 A procedure for authenticating the validity of the program 235 of the wireless terminal 200 is performed (505). If the validity of the program 235 is not authenticated, the operation server 100 outputs a program 235 validation authentication error to the program 235 of the wireless terminal 200 (510).

Meanwhile, when the validity of the program 235 of the wireless terminal 200 is authenticated, the program 235 of the wireless terminal 200 acquires a usage right for the camera unit 215 of the wireless terminal 200 (Step 515), and checks whether a code image of a code image medium owned by the user is photographed through the camera unit 215 based on the acquired usage right (step 520). If the user's code image medium is photographed, the program 235 of the wireless terminal 200 analyzes the code image and obtains the encoded recognition information in the code image (525).

6 is a flowchart illustrating a method for authenticating a wireless terminal 200 in a state in which a program 235 for interfacing with a portable medium is activated according to an embodiment of the present invention as a disposable code-based authentication medium to transmit a predetermined number of one- And provides it to the program 235 of the terminal 200 and outputs the program 235. FIG.

In more detail, FIG. 6 illustrates a case where when the designated recognition information is recognized from the user's portable medium through the process shown in FIG. 4 or 5, M parameter information including the recognition information is transmitted according to a designated procedure, When the wireless terminal 200 in a state in which the program 235 for interfacing with the portable medium through the m parameter information specified among the M parameter information is authenticated as the one-use-code-based authentication medium, To the program 235 of the wireless terminal 200 and outputs the disposable code of the wireless terminal 200 to the wireless terminal 200. Those skilled in the art will be able to refer to and / The wireless terminal 200 in which the program 235 is activated is authenticated as a disposable code-based authentication medium, It will be appreciated that various implementations of the process of outputting the generated disposable code (e.g., omitting some steps or changing the order) may be inferred, but the present invention includes all of the above- , The technical characteristics thereof are not limited only by the method shown in FIG.

Referring to FIG. 6, when recognition information designated from a user's portable medium is recognized through the process shown in FIG. 4 or 5, the program 235 of the wireless terminal 200 recognizes (600), and transmits the M parameter information to the operation server 100 according to a designated procedure (605).

The operation server 100 receives or confirms M parameter information transmitted from the program 235 of the wireless terminal 200 according to the designated procedure 610 and transmits the M parameters through the designated storage medium 180 (615) a process of authenticating the validity of the m parameter information specified to authenticate the wireless terminal (200) in a state in which the program (235) interfacing with the portable medium is activated.

If the specified m parameter information is not authenticated, the operation server 100 outputs a parameter information authentication error to the program 235 of the wireless terminal 200 (620). If the specified m parameter information is authenticated, the operation server 100 performs a procedure for dynamically generating a specified number of one-time codes based on the authentication result for the m parameter information (625). The specified number of one-off codes can be dynamically generated by including in the seed value at least one parameter designated among the M parameters.

If the specified number of one-off codes are generated, the operation server 100 provides the dynamically generated designated number of one-time codes to the program 235 of the wireless terminal 200 (630) 200 program (235) receives the designated number of one-time codes dynamically generated on the network as described above (635), and outputs 640 one-off codes of N-digits for disposable code authentication. If the received specified number of one-off codes is an N-digit number of one-off codes, the program 235 of the wireless terminal 200 can directly output the received one-time code. On the other hand, if the received one-off code of the number of digits is an n-digit number of one-time codes, the program 235 of the wireless terminal 200 performs a procedure of generating (Nn) codes, It is possible to output an N-digit number of one-time codes obtained by combining the generated (Nn) codes.

FIG. 7 is a diagram illustrating an authentication process of a disposable code according to an embodiment of the present invention.

7 illustrates a process of authenticating the disposable code provided and output to the program 235 of the wireless terminal 200 through the process shown in FIG. 6, and FIG. It is possible to refer to and / or modify this FIG. 7 to infer various implementations of the authentication process of the disposable code (e.g., omitting some steps or changing the order) The present invention includes all of the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

Referring to FIG. 7, after the disposable code dynamically generated on the network is provided to the program 235 of the wireless terminal 200 through the process shown in FIG. 6, the user terminal 190 used by the user The mobile terminal 200 receives and confirms the disposable code output through the program 235 of the wireless terminal 200 authenticated as the disposable code based authentication medium 700 and then transmits the disposable code inputted or verified to the operation server 100 according to the designated procedure (705).

The operation server 100 receives or confirms the disposable code transmitted from the user terminal 190 according to a designated procedure 710 and transmits the disposable code to the user terminal 190 after being provided to the program 235 of the wireless terminal 200 (715) an authentication process for the disposable code received / confirmed from the authentication server (190). If the validity of the disposable code is not authenticated, the operation server 100 outputs 720 a validation authentication error of the disposable code to the program 235 of the wireless terminal 200. If the validity of the disposable code is authenticated, the operation server 100 transmits (725) a result of authenticating the validity of the disposable code to the program 235 of the mobile terminal 200, (725), the program 235 of the wireless terminal 200 transmits a result corresponding to the result of authenticating the validity of the disposable code or the result of enhancing the service (730).

100: Operation server 105: Membership / authentication unit
110: program authentication unit 115: information storage unit
120: Media registration unit 125: Key information registration unit
130: information receiving unit 135: key information providing unit
140: Information verification unit 145: Authentication processing unit
150: code generation unit 155:
160: Code receiving unit 165: Code checking unit
170: code authentication unit 175: service provider
180: storage medium 200: wireless terminal
210: proximity wireless communication unit 215:
220: medium recognition unit 235:

Claims (24)

A method of providing a server-type disposable code for a media separation using a portable medium of a user executed by a server capable of communicating with a wireless terminal having a program for interfacing with a portable medium owned by a user,
A first step of processing authentication information for processing to receive and output a specified number of one-time codes dynamically generated on a network through a program of a wireless terminal that recognizes the portable medium owned by the user and output the disposable code on a specified storage medium;
A second step of confirming M (M? 2) pieces of parameter information transmitted through a program of a wireless terminal recognizing the portable medium according to a designated procedure;
A third step of causing the storage medium to verify the validity of m (1? M? M) parameter information; And
And processing the disposable code of a predetermined number of dynamically generated on the network to be provided to the program of the wireless terminal when the validity of the parameter information is authenticated. Code delivery method.
2. The portable terminal according to claim 1,
At least one code image medium among a card, an apparatus, and a tag that can be printed or an electronically outputable code image through a camera unit provided in the wireless terminal,
At least one of a non-contact type IC card, an RF card, an RF device, and an RFID, which can receive and recognize a radio frequency signal through a proximity wireless communication unit provided in the wireless terminal, The method comprising the steps of: (a) providing a server-type disposable code for a media separation based on a user's portable medium;
The information processing apparatus according to claim 1,
Information for identifying the communication means of the wireless terminal,
Information for authenticating whether the wireless terminal equipped with the program is a device having a valid physical component,
Information for confirming and authenticating a program provided in the wireless terminal,
Information for verifying whether a program included in the wireless terminal is falsified or altered,
Information for authenticating a user using a program provided in the wireless terminal,
The method comprising: receiving at least one piece of information for authenticating the portable medium, the at least one piece of information including information for authenticating the portable medium;
The program according to claim 1,
If the portable medium comprises a proximity wireless communication medium,
Wherein the proximity wireless communication medium is driven or activated by interfacing with the proximity wireless communication medium through a proximity wireless communication unit provided in the wireless terminal.
The method according to claim 1,
Further comprising the step of storing the medium identification information identifying the portable medium owned by the user and storing the medium identification information in a storage medium designated by the user.
The method according to claim 1,
If the portable medium comprises a proximity wireless communication medium,
Further comprising the step of performing a process of storing a key information set for acquiring designated identification information from the proximity wireless communication medium so that the key information set is stored in a designated security medium. How to provide one-off codes.
7. The method of claim 6,
A key management server provided on the network so as to correspond to the proximity wireless communication medium,
(SE) of at least one of a Universal Subscriber Identify Module (USIM), an Integrated Circuit (IC) chip and a chip having an external memory mounted on or detached from the wireless terminal,
A storage medium for storing the authentication information,
And a Trusted Service Management (TSM) on a network capable of communicating with the wireless terminal. The method of claim 1, wherein the disposable code is provided by a user.
The method according to claim 1,
If the portable medium comprises a proximity wireless communication medium,
The method comprising the steps of: providing a program of the wireless terminal to provide a key information set for recognizing the portable medium to a program of the wireless terminal; How to provide one-off codes.
The method according to claim 1, wherein the specified number of one-
(N &gt; = 2 &lt; N) codes of dynamically generated codes or n (1 &lt; n &lt; N) codes of the N-digit codes. Code delivery method.
10. The method of claim 9,
If the specified number of one-time codes are n (1? N <N) codes,
(Nn) codes may be a universal subscriber identification module (USIM), an integrated circuit (IC) chip, an external memory, or the like, which is generated through a processor of the portable medium, generated through the program, Wherein the server is generated through at least one of a processor of the at least one secure element (SE) among the embedded chips, and the method of providing the server-based disposable code using the portable medium.
The method according to claim 1,
Further comprising the step of confirming whether a program for recognizing the portable medium is loaded on the user's wireless terminal by performing a designated communication procedure with the program of the wireless terminal, Server-type disposable code delivery method.
The method according to claim 1,
Further comprising the step of performing a procedure for authenticating a user using the program through a program provided in the wireless terminal of the user.
2. The method according to claim 1,
When the m parameter information is authenticated, authenticates the wireless terminal in a state in which the program for recognizing the portable medium is activated, as a disposable code medium for outputting the disposable code. Server-type disposable code delivery method.
2. The method according to claim 1,
Information that is recognized from the portable medium and is driven by the program, information about the program in which the portable medium is recognized and driven, information generated according to a specified procedure of the program, information recognized by the program from the portable medium, Wherein the program comprises at least one piece of information among information obtained by recognizing information recognized from the portable medium and information obtained by recognizing the program from the portable medium. Delivery method.
15. The method of claim 14,
Wherein the unique information stored in the memory unit or the SE of the wireless terminal is included.
15. The method of claim 14,
Wherein the hash information includes hash information of a file corresponding to the program.
15. The method of claim 14,
And the PIN information registered by the user using the program of the wireless terminal. The method of claim 1,
15. The method of claim 14,
Wherein the information processing apparatus further comprises at least one of information inputted by the user terminal used by the user and information generated by the program using the information displayed on the user terminal. Type disposable code.
The method according to claim 1,
And inputting K (K? 2) seed values for generating the one-time code into the designated code generation algorithm when the validity of the m parameter information is authenticated, so that a predetermined number of one-time codes are dynamically generated The method of claim 1, wherein the method further comprises the steps of:
The method according to claim 1,
Identifying at least one seed value for generating the disposable code from the M parameter information when the validity of the m parameter information is authenticated; And
Further comprising the step of processing the identified seed value into K (K? 2) seed values for generating the disposable code so that a predetermined number of one-off codes are generated dynamically. A method of providing a server - type disposable code based on media separation using media.
The method according to claim 1, wherein the specified number of one-
Generating a server-type disposable code based on a media separation using a portable medium of a user, wherein the server-generated code is generated by the server or through a code server associated with the server.
The method according to claim 1,
A fifth step of confirming a disposable code transmitted through a user terminal used by the user after being provided as a program of the wireless terminal;
A sixth step of processing the verified validity of the disposable code to be authenticated; And
And providing a result of authenticating the validity of the one-time use code to the program of the wireless terminal or the user terminal. [7] The method of claim 1, .
23. The method of claim 22,
Characterized in that the server authenticates the validity of the disposable code or requests the authenticity of the disposable code through a code server associated with the server and receives a result of authenticating the disposable code, A method of providing a server - type disposable code based on media separation.
23. The method of claim 22,
Further comprising the step of, when the validity of the one-time code is authenticated, processing the payment settlement or financial transaction requested from the user terminal to be performed,
The method of claim 1, wherein the seventh step provides a result of the payment settlement or financial transaction procedure.

Images