KR20150101018A - Method for Controlling Transaction Means by using Chip Module Authentication based on Near Field Communication - Google Patents

Abstract

The present invention relates to a control method of a transaction means by using chip module authentication. The control method of the transaction means by using chip module authentication according to the present invention is to control a transaction means by using chip module authentication which is executed by a server. The control method of the transaction means comprises: a first step of controlling a deactivation state for a transaction means of a customer to be maintained; a second step of receiving identification data including a disposable code which is dynamically produced through a chip module to be attached to or detached from a pre-registered client-owned wireless terminal, and is transmitted through a program of the wireless terminal, which is authenticated in advance or in real time, to convert the transaction means in the deactivation state into an activation state; a third step of confirming an activation converting request of the customer for the transaction means of the deactivation state based on an authentication result of the disposable code which is dynamically produced by the chip module; a fourth step of controlling the transaction means of the customer to the activation state based on the confirmed activation converting request; and a fifth step of restoring the transaction means of the customer which is converted into the activation state according to a designated condition from the deactivation state.

Description

[0001] The present invention relates to a method for controlling a transaction means using a chip module authentication method,

The present invention controls the inactivity state of the customer's transaction means and confirms the customer's transaction activation change request based on the one-time use code dynamically generated through the chip module mounted or detached from the customer-owned wireless terminal Wherein the control means controls the customer's financial transaction using the activated transaction means to be performed according to a designated procedure when the transaction means of the customer is pre-transferred from the inactive state to the active state, And restores it to an inactive state.

It is no exaggeration to say that personal information about most people is exposed through various hacking or personal information transactions. Therefore, anyone can easily access the personal information of another person, and cases of illegal transaction such as stealing the personal information of the other person are frequently occurred. In particular, recent credit card companies' exposure to customer information is more fatal because it involves not only personal information but also financial information (http://m-economynews.com/detail.php?number=7488&thread=31 )

Furthermore, according to the "Information Communication Network Use Promotion and Information Protection Act" and "Personal Information Protection Act" currently being applied, if the victim of personal information leakage causes the burden of proof to be proved by the victim himself or herself, Even if monetary damages occur due to the leakage of personal information, it is almost impossible to receive compensation for it.

An object of the present invention to overcome the above problems is to perform a control for maintaining the inactive status of a customer's transaction means and performing a dynamically generated disposable code through a chip module mounted or detached from a customer- , The control unit confirms the request to change the activation means of the customer based on the authentication result of the disposable code and controls to switch the transaction means of the customer from the inactive state to the active state in advance based on the request for the activation of the transaction means And controlling the customer's financial transaction using the activated transaction means to be performed according to a designated procedure when the transaction means of the customer is prechanged from the inactive state to the active state, And restoring to an inactive state using the chip module authentication. And a method of controlling a transaction means.

A method of controlling a transaction means using a chip module authentication according to the present invention is a transaction method control method using a chip module authentication performed by a server, comprising: a first step of controlling the inactive state of a transaction means of a customer, The mobile terminal is dynamically generated through a chip module mounted or detached from the pre-registered wireless terminal owned by the customer to switch the inactive transaction means to an active state, and then transmitted through a pre- or real- A second step of receiving identification data including a disposable code and a third step of confirming the activation change request of the customer to the inactive transaction means based on the authentication result of the one- And switching the transaction means of the customer to an active state based on the confirmed activation change request According to a fourth stage and a given condition to control a fifth step to restore the transaction unit of the customer switches to the active state to the inactive state.

According to the present invention, the transaction means control method using the chip module authentication further includes registering customer information of a customer corresponding to transaction means for maintaining the inactive state and storing the customer information in a designated storage medium, Can maintain the inactive state of the transaction means of the customer corresponding to the customer information.

According to another aspect of the present invention, there is provided a method for controlling transaction means using chip module authentication, the method comprising the steps of: registering customer identification information for a customer corresponding to transaction means for maintaining the inactive state, The first step may maintain the inactive state of the transaction means of the customer corresponding to the customer identification information.

According to another aspect of the present invention, there is provided a method for controlling a transaction means using the chip module authentication, the method further comprising the step of confirming or registering the customer's wireless terminal information corresponding to the transaction means to maintain the inactive state, , The first step may maintain the inactive state of the transaction means of the customer corresponding to the wireless terminal information.

According to the present invention, the transaction means control method using the chip module authentication further includes a step of authenticating the validity of the program that is provided or running on the customer-owned wireless terminal, or confirming the result of verifying the validity of the program can do.

According to the present invention, a method of controlling transaction means using the chip module authentication includes authenticating the validity of a customer-owned wireless terminal equipped with or running the program, or confirming the result of verifying the validity of the customer-owned wireless terminal As shown in FIG.

According to the present invention, the transaction means control method using the chip module authentication includes authenticating the validity of the customer-owned wireless medium including the program being provided or running in the customer-owned wireless terminal and the wireless terminal having the program or running the program , Or confirming the result of authenticating the validity of the customer-owned wireless medium.

According to the present invention, in the second step, the one-time code dynamically generated through the chip module mounted or detached from the pre-registered wireless terminal owned by the customer is switched to the wireless And can receive via the terminal's program.

According to the present invention, the identification data may further include at least one of partial selection information selected from customer identification information input by the customer and pre-registered customer information of the customer.

According to the present invention, the transaction means control method using the chip module authentication further comprises authentication information for authenticating the validity of a program that is provided or running on the customer-owned wireless terminal, The method may further include verifying the validity of a program being provided or running on the customer-owned wireless terminal using the authentication information, or verifying the result of verifying the validity of the program.

According to the present invention, the transaction means control method using the chip module authentication further comprises authentication information for authenticating the validity of the customer-owned wireless terminal having the program or running the identification data, The method may further include authenticating the validity of the customer-owned wireless terminal having the program or running the program using the authentication information, or confirming the result of verifying the validity of the customer-owned wireless terminal.

According to another aspect of the present invention, there is provided a method of controlling a transaction means using the chip module authentication, wherein the identification data includes at least one of a program included in or being driven by the customer- And the second step further includes authentication information for authenticating the validity of the customer, wherein the second step includes the steps of: using the authentication information, Authenticating the validity of the medium, or confirming the result of verifying the validity of the customer-owned wireless medium.

According to the present invention, the transaction means control method using the chip module authentication may further include authenticating the validity of the one-time use code dynamically generated through the chip module, or confirming the authentication result of the one-time use code .

According to the present invention, the transaction means control method using the chip module authentication further includes authenticating the validity of the chip module mounted or detached from the wireless terminal based on the authentication result of the one-time code, In step 3, when the validity of the chip module mounted or detached from the wireless terminal is authenticated through the disposable code, the client can confirm the activation change request for the inactive transaction means.

According to the present invention, the transaction means control method using the chip module authentication includes receiving pre-approval information for the transaction means to be switched from the pre-registered or real-time authenticated program of the pre-registered wireless terminal owned by the customer to the activated state And storing the confirmed prior approval information in a designated storage medium. Meanwhile, the transaction means control method using the chip module authentication may include the steps of: confirming the financial transaction using the transaction means of the customer who has been switched to the activated state when the pre-approval information is stored; A step of controlling the validity of the pre-approved information inputted through the customer during a financial transaction using the transaction means; a step of, when the pre-approved information is authenticated, performing a procedure of a financial transaction using the transaction means of the customer The method comprising the steps of:

According to the present invention, the fourth step may further include setting at least one control condition among the activation period, the activation period, and the transaction use period for the transaction means that is switched to the activation state.

According to another aspect of the present invention, there is provided a method for controlling a transaction means using the chip module authentication, the method comprising the steps of: Checking the at least one control condition among the number of times of transaction use, and the fourth step may further include setting the confirmed control condition to the transaction means that is switched to the active state. Meanwhile, the method of controlling a transaction means using the chip module authentication includes the steps of: confirming a financial transaction using a transaction means of a customer switched to the activated state when the control condition is set; Controlling the transaction means of the customer to be restored to an inactive state when the confirmed financial transaction does not match the control condition, while maintaining the activated state of the transaction means of the customer. Or the transaction module control method using the chip module authentication, when the control condition is set, compares the activation condition of the customer's transaction means with the control condition, and when the activation condition matches the control condition, And controlling the transaction means of the customer to be restored to the inactive state when the activation state is not in accordance with the control condition, while maintaining the activation state of the transaction means.

According to the present invention, the transaction means control method using the chip module authentication further includes a step of confirming the financial transaction being performed before the transaction means is switched to the active state when the transaction means of the customer is activated , The fourth step may switch the transaction means of the customer to the active state after initializing the confirmed financial transaction of the customer.

According to the present invention, the transaction means includes at least one or a combination of at least one of a financial account of a customer opened in a financial institution, a financial card issued to a customer in a financial institution, and an authentication means used in a non-face- .

According to the present invention, the chip module may include at least one of a USIM mounted on or removed from the wireless terminal, an SD memory mounted or detached from the wireless terminal, and mounted with an IC chip.

According to the present invention, the validity of a chip module mounted or removed from the wireless terminal is authenticated through a one-time use code dynamically generated through a chip module mounted or detached from the customer-owned wireless terminal, The transaction means of the customer remains in the inactive state unless the transaction means of the customer is activated so that the third party (or the hacker) can prevent the illegal transaction from being attempted by stealing the customer information.

According to the present invention, the validity of a chip module mounted or removed from the wireless terminal is authenticated through a one-time use code dynamically generated through a chip module mounted or detached from the customer-owned wireless terminal, The mobile terminal can be provided with a designated program and at the same time can be provided with a wireless terminal on which a chip module capable of being authenticated through a disposable code of a designated code system is mounted or detached, The third party (or hacker) who does not intend to steal the customer information is prevented from attempting to illegally deal with the customer information.

According to the present invention, the validity of a chip module mounted or detached from a wireless terminal is authenticated using a one-time use code dynamically generated through a chip module mounted or detached from the wireless terminal, Even if a hacker tries to illegally deal with a program hacked or copied by a customer's own wireless terminal, it can not access the chip module that dynamically generates a disposable code.

FIG. 1 is a schematic diagram of a system configuration for implementing a transaction means control system using chip module authentication according to an embodiment of the present invention.
2 is a diagram illustrating a transaction means control system using chip module authentication according to an embodiment of the present invention.
3 is a diagram showing a functional configuration of a wireless terminal and a program according to an embodiment of the present invention.
4 is a diagram showing a configuration of a chip module for generating a disposable code according to an embodiment of the present invention.
5 is a diagram illustrating a customer-owned wireless medium authentication process according to an embodiment of the present invention.
6 is a diagram illustrating a process of keeping a customer's transaction means in an inactive state according to an embodiment of the present invention.
FIG. 7 illustrates a process of authenticating a dynamically generated one-time code through a chip module to convert an inactive transaction means into an active state according to an embodiment of the present invention and confirming an activation change request for a transaction means of a customer will be.
FIG. 8 is a diagram illustrating a process of switching an inactive transaction means to an active state according to an embodiment of the present invention.
FIG. 9 is a flowchart illustrating a process for controlling financial transactions using the transaction means that has been activated by using the pre-approval information according to an embodiment of the present invention.
FIG. 10 is a flowchart illustrating a process of controlling a financial transaction using a transaction means that is switched to an active state using control conditions according to an embodiment of the present invention.
FIG. 11 is a diagram illustrating a process of forcibly restoring the active transaction means to the inactive state according to the method of the present invention.

The operation principle of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention.

In other words, the following embodiments correspond to the preferred embodiment of the preferred embodiment of the present invention. In the following embodiments, a specific configuration (or step) is omitted, or a specific configuration (or step) (Or steps), or an embodiment that incorporates functions implemented in more than one configuration (or step) into any one configuration (or step), a particular configuration (or step) It will be apparent that the present invention is not limited to the embodiments described below. In the following embodiments, a specific configuration unit implemented on the server side is implemented on the terminal side and reference is made on the server side, or conversely, in the following embodiments, a specific configuration unit implemented on the terminal side is implemented on the server side, And all of the embodiments utilizing the same are also included in the scope of the present invention. Therefore, it should be clearly stated that various embodiments corresponding to subsets or combinations based on the following embodiments can be subdivided based on the filing date of the present invention.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

1 is a schematic diagram of a system configuration for implementing a transaction means control system 200 using a chip module 400 authentication according to an embodiment of the present invention.

In more detail, FIG. 1 illustrates a method of controlling the inactivity state of a customer's transaction means and controlling the in-use state of the transaction means based on the one-time use code dynamically generated through the chip module 400, Wherein the control means controls the customer's financial transaction using the activated transaction means to be performed according to a designated procedure when the transaction means of the customer is switched from the inactive state to the active state by confirming the transaction request to activate the customer, FIG. 2 is a schematic diagram of a system configuration for implementing a transaction means control system 200 for restoring a transaction means to an original inactive state according to a specified condition. As shown in FIG. 2, Referring to and / or altering Figure 1, a variety of system configurations for implementing the transaction means control system 200 It is to be understood that the invention may be practiced with other modes of practicing the invention (for example, omitting some of the components, or subdividing, or combining the practice) The technical characteristics thereof are not limited.

The transaction means control system (200) of the present invention includes a customer-owned wireless terminal (300) having a program (315) having a function of performing a designated operation for switching an inactive transaction means to an active state, The mobile terminal 300 authenticates the one-time use code that is dynamically generated through the chip module 400 mounted or detached from the customer-owned wireless terminal 300, and confirms the customer's transaction activation change request based on the authentication result of the one- (Or implementing) a transaction means control system 200 for switching the transaction means of the customer from the inactive state to the active state or restoring the transaction means to the inactive state. The transaction means control system 200 may be implemented on a financial server 105 that manages the transaction means of the customer and processes financial transaction of the customer or may be implemented on the operation server 100, Or may be implemented on an authentication server that authenticates the disposable code or may be distributed to at least two or more servers among the operation server 100 and the financial server 105 authentication server, The present invention is not limited by the name or physical configuration of the server in which the control system 200 is implemented. In addition to the operation server 100 and the financial server 105, the transaction means control system 200 may be a server that can intervene in the inactivation / activation of the transaction means such as an authentication institution server of various specified certification bodies, It will be evident that whatever is implemented in a server, all belong to the scope of the present invention. Therefore, the transaction means control system 200 belongs to the scope of the present invention even if any server name is used as long as it is a server (or a combination of servers) provided in an agency that can intervene in the inactivity / activity of the transaction means.

The customer's own wireless terminal 300 has a program 315 having a function of performing a designated operation for putting the chip module 400 on or off and switching the inactive transaction means to the active state A generic name of a wireless communication device that can identify the occupation use of a customer by subscribing to a communication company in the name of the customer, or at least not identifying the customer (even if not subscribed to the customer name), preferably including a customer's own mobile phone, smartphone, tablet PC, It will be evident that the present invention encompasses any device that is proprietary or portable and is capable of mounting the program 315 and is connectable to at least one communication network.

The chip module 400 is a module that mounts or leaves the customer's wireless terminal 300 and mounts a chip 405 having a function of generating a disposable code. And an SD memory 400 on which a USIM 400 or an IC chip 405 mounted thereon is mounted. However, the chip module 400 of the present invention is not limited to the USIM 400 or the SD memory 400, and may be mounted on or detached from the wireless terminal 300, and a chip 405 having a disposable code generation function (For example, a module provided with an NFC chip 405), it is made clear that any of them corresponds to the chip module 400 of the present invention.

The operation server 100 is a collective term for a server that can communicate with the program 315 of the wireless terminal 300 and can operate in conjunction with the financial server 105 that manages the transaction means. The features of the present invention will be described focusing on that the system 200 is implemented in the operation server 100. FIG. Thus, in describing the embodiments below, "processing" or "control" may be performed by communicating with a financial server 105 that manages the customer's trading means and processes financial transactions (eg, banking, payment, Quot ;, < / RTI > and < RTI ID = 0.0 > a < / RTI > However, the present invention is not limited to the transaction means control system 200 implemented in the operation server 100, and the transaction means control system 200 may include the financial server 105, (Or a combination of servers) provided in an organization capable of intervening in an activity can be implemented in any server. For example, if the transaction means control system 200 is implemented in the financial server 105, the "processing" or "control" used in the following embodiments may be implemented within the financial server 105 ).

The financial server 105 is a collective term for a server provided in a financial institution that manages the customer's transaction means and processes the financial transaction of the customer and is preferably used for a financial transaction using the transaction means of the customer And is a server provided in a financial institution for performing a transaction procedure. The transaction means control system 200 may be implemented through the financial server 105 according to an embodiment of the present invention.

The transaction means is a collective term of the means used for the financial transaction of the customer and preferably includes a financial account or a financial account of a customer's name opened in a financial institution, (E.g., an OTP medium, a secure card, an authorized certificate, etc.) for a non-face financial transaction, or may include a card (e.g., a credit card, a check card, a debit card, .

The transaction means control system 200 maintains the inactive status of the transaction means of the customer and controls the customer's owned wireless terminal 300 in cooperation with the program 315 provided in the customer- (Or controls to perform) the authentication procedure for the one-time use code that is dynamically generated through the chip module 400 mounted or detached from the chip module 400, And controls the customer's transaction means to be pre-switched from the inactive state to the active state based on the customer's request to change the transaction means activation state, and when the transaction means of the customer is in an inactive state Controlling the customer's financial transaction using the activated transaction means to be performed in accordance with a designated procedure when the system is pre- A transaction means to the, characterized in that the procedure of one or more read or authenticated or control comprising control to Back to the inactive state, depending on the specified conditions.

Hereinafter, it will be apparent that the present invention is not limited to the embodiments in which the transaction means control system 200 is implemented in the operation server 100, but the present invention is not limited thereto. Thus, in describing the embodiments below, "processing" or "control" may be performed by communicating with a financial server 105 that manages the customer's trading means and processes financial transactions (eg, banking, payment, Quot ;, < / RTI > and < RTI ID = 0.0 > a < / RTI > However, the transaction means control system 200 is not limited to the embodiment of the present invention in that the transaction means control system 200 is implemented in the operation server 100, and the transaction means control system 200 is not limited to the financial server 105, Any combination of servers (or combinations of servers) provided to an organization that is capable of intervening inactivity / activity can be implemented in any server. If the transaction means control system 200 is implemented in the financial server 105, the "processing" or "control" used in the following embodiments is performed in the financial server 105 In the same way.

FIG. 2 is a diagram illustrating a transaction means control system 200 using a chip module 400 authentication according to an embodiment of the present invention.

In more detail, FIG. 2 illustrates a method of controlling the inactive state of a customer's transaction means and performing a dynamically generated disposable code through a chip module 400 mounted or detached from a customer-owned wireless terminal 300, Checking the activation request of the customer for the activation of the transaction means based on the authentication result of the disposable code and controlling the transaction means of the customer to be pre-switched from the inactive state to the active state based on the request for the activation of the transaction means, And controlling the customer's financial transaction using the activated transaction means to be performed according to a designated procedure when the transaction means of the customer is pre-transferred from the inactive state to the active state, State of one or more read or authentication or control, The present invention is not limited to the above-described embodiments, and various modifications and changes may be made without departing from the spirit and scope of the present invention. It is to be understood that the invention may be practiced otherwise than as specifically described herein, but it is to be understood and appreciated that the invention includes all such contemplated embodiments, It is not limited. In other words, the embodiment of FIG. 2 corresponds to an example of a preferred embodiment of the present invention. In the embodiment of FIG. 2, a specific component may be omitted, or a function implemented in a specific component may be omitted. It is to be clearly understood that the present invention is not limited to the above-described embodiments, but may be divided into other constituent parts, or functions implemented in two or more constituent parts may be integrated into any one constituent part. In addition, it is evident that all embodiments in which the specific configuration unit implemented on the server side is implemented on the terminal side and the server side refers to the specific configuration unit in the embodiment of FIG. 2 are all within the scope of the present invention. Accordingly, it is clear that various embodiments corresponding to subsets or combinations based on the embodiment of FIG. 2 can be variously divided according to the filing date of the present invention.

Referring to FIG. 2, the transaction means control system 200 includes a transaction means control unit 215 for controlling an inactive state of the transaction means of the customer, and maintains the inactive state of the transaction means of the customer (Or running) program 315 provided in the wireless terminal 300 owned by the customer, and stores the program 315 in a storage medium A medium authentication processing unit 210 for authenticating the validity of the wireless terminal 300 in the provided (or running) state or for authenticating the validity of the customer-owned wireless medium corresponding to the combination of the program 315 and the wireless terminal 300 And a processing unit (not shown). If the transaction means control system 200 does not have the proper authority to authenticate the validity of the program 315 included in the mobile terminal 300 according to the embodiment of the present invention The authentication function of the media authentication processing unit 210 may be omitted in the case where the program 315 of the medium means 200 is provided to the wireless terminal 300 by a separate agency other than the institution that operates the transaction means control system 200, The result of authenticating the validity of the customer's own wireless medium through a separate authentication server that can authenticate the validity of the owned wireless medium can be referred to.

The information registration processing unit 205 can identify the customer who has issued (or opened) the transaction means for maintaining the inactive state, and store the customer information for the customer in the designated storage medium. The customer information may include at least one of the customer's personal information (e.g., a name, a resident number (or a unique number substituting a resident number), a contact, a mobile phone number, etc.) And may include a telephone number for the wireless terminal 300 owned by the customer. The information registration processing unit 205 registers or stores the customer information from the customer terminal (not shown) used by the customer or the program 315 of the customer-owned wireless terminal 300 or issues the transaction means The customer information of a financial institution can be referred to.

The information registration processing unit 205 may determine or store the customer identification information for identifying or authenticating the customer who has issued (or opened) the transaction means to maintain the inactive state, and store the information in the designated storage medium. The customer identification information may include a personal identification number (PIN) registered or assigned to uniquely identify the customer, a personal identification number (e.g., password, etc.) registered for customer authentication or service authentication, And may include at least one or a combination of two or more of the unique numbers unique to the customer. The information registration processing unit 205 registers the customer information from the customer terminal used by the customer or the program 315 of the customer-owned wireless terminal 300 or stores the customer information in the program 315, And then store it.

The information registration processing unit 205 confirms the wireless terminal information about the wireless terminal 300 owned by the customer who has issued (or opened) the transaction means for maintaining the inactive state, and stores the wireless terminal information in the designated storage medium have. The wireless terminal information may include a wireless terminal telephone number assigned to the wireless terminal 300 owned by the customer. The information registration processing unit 205 performs at least one authentication procedure of subscriber name authentication, customer authentication, and occupancy authentication of the wireless terminal 300 using the customer information and the wireless terminal telephone number, As a result, it is possible to identify and store the telephone number of the wireless terminal whose customer own (or use) has been confirmed in the storage medium. The wireless terminal phone number may not be stored separately if the wireless terminal phone number is included in the customer information or the phone number is not allocated to the wireless terminal 300 separately.

The media authentication processing unit 210 may include a program 315 corresponding to the embodiment shown in FIG. 3 mounted on the customer-owned wireless terminal 300 or may be mounted on the customer-owned wireless terminal 300, When the program 315 corresponding to the combination of the program 315 and the wireless terminal 300 is in operation, the validity of the customer-owned wireless medium corresponding to the combination of the program 315 and the wireless terminal 300 do. The customer-owned wireless medium of the present invention does not refer to the wireless terminal 300 owned only by the customer but to the customer-owned wireless terminal 300 that the program 315 corresponding to the embodiment shown in FIG. Refers to a customer-owned wireless terminal 300 that is driven and driven. Therefore, even if the wireless terminal 300 owned by the customer is a customer-owned wireless medium, the program 315 corresponding to the embodiment shown in FIG. 3 is not mounted or driven. In the following description, the wireless terminal 300 whose wireless medium validity is verified at least once through the media authentication processing unit 210 is referred to as a customer-owned wireless terminal 300. The media authentication processing unit 210 can authenticate the validity of the customer-owned wireless medium at the initial driving time of the program 315 provided in the wireless terminal 300, 315 and the transaction means control system 200 in the course of interlocking (or periodically) validating the validity of the customer owned wireless medium.

According to an embodiment of the present invention, the media authentication processing unit 210 performs a server-side procedure of the media authentication operation unit 325 of the program 315 shown in FIG. 3, (Or running) program 315 or to verify the validity of the wireless terminal 300 with the program 315 (or running), or to verify the validity of the program 315, And the validity of the customer-owned wireless medium corresponding to the combination of the wireless terminal 300 and the wireless terminal 300. Meanwhile, according to the embodiment, the authentication function of the medium authentication processing unit 210 may be provided in a separate authentication server (not shown) associated with a server having the transaction means control system 200. In this case, The authentication processing unit 210 may refer to the authentication result of the authentication procedure performed through the authentication server.

According to an embodiment of the present invention, the medium authentication processing unit 210 may be configured to perform a program authentication procedure according to the first to sixth program authentication methods after the program 315 is driven through the customer-owned wireless terminal 300, And / or a wireless terminal authentication procedure according to the first to fourth wireless terminal authentication methods, and / or a wireless medium authentication procedure according to the first to fourth wireless medium authentication methods, The terminal 300 can confirm the wireless medium authentication information for real-time authentication with the customer-owned wireless medium that switches the inactive transaction means to the active state, and store the wireless medium authentication information in the designated storage medium. Wherein the wireless medium authentication information includes a program authentication procedure according to the first to sixth program authentication methods and / or a wireless terminal authentication procedure according to the first to fourth wireless terminal authentication methods, and / (Or an information set for authenticating authentication information) used in at least one authentication procedure among the wireless media authentication procedures according to the authentication method, And / or a wireless terminal authentication procedure according to the first to fourth wireless terminal authentication methods, and / or a wireless medium authentication procedure according to the first to fourth wireless medium authentication methods. Includes a set of information.

The information registration processing unit 205 interlocks with a management terminal provided in the personalization engine of the chip module 400 mounted or detached from the wireless terminal 300 or a management terminal managing the transaction means control system 200 Or a code generation rule (e.g., a code generation algorithm) for dynamically generating a one-time code in the chip module 400 via the program 315 of the customer-owned wireless terminal 300, Etc.), and may store information corresponding to the code generation rule (e.g., a code generation algorithm identification value and / or a seed value provided in the chip module 400) in a designated storage medium. Preferably, the information registration processing unit 205 may map and store information corresponding to the code generation rule with at least one of the customer information, the customer identification information, the customer-owned wireless terminal information, and the wireless medium authentication information.

The transaction means control unit 215 controls the transaction means of the customer to keep the inactive state so that the procedure of the financial transaction using the transaction means of the customer is performed (or normal process). When the transaction means control system 200 is provided in the financial server 105, the transaction means control unit 215 can control the financial transaction means of the customer to remain inactive through the ledger of the financial system, When the transaction means control system 200 is provided in the operation server 100 connected to the financial server 105, the transaction means control unit 215 exchanges designated signals (or data) with the financial server 105 So as to maintain the inactive state in the transaction means of the customer name.

According to the embodiment of the present invention, the transaction means control unit 215 can control to keep the inactive state for all the transaction means issued (or opened) to the customer at a specific financial institution based on the customer information. Alternatively, the transaction means control unit 215 may register the transaction means selection information that remains inactive through the customer terminal, and may control the transaction means corresponding to the registered transaction means selection information to remain inactive. Alternatively, the transaction means control unit 215 may control the transaction means (for example, a financial account capable of free deposit and withdrawal, or a financial account capable of non-face-to-face financial transaction) among transaction means issued (or opened) Etc.) can be kept in the inactive state.

According to the first transaction means control method of the present invention, the transaction means control unit 215 can control to always keep the transaction means of the customer in an inactive state.

According to the second transaction means control method of the present invention, the transaction means control unit 215 controls the transaction means such that the transaction means of the customer is maintained in an inactive state by time period, day, day, week, Can be controlled.

According to the third transaction means control method of the present invention, the transaction means control unit 215 confirms a request for inactivity setting for a predetermined period using the customer's own wireless terminal 300, And control the customer's transaction means to remain inactive for the predetermined period of time according to the control method.

According to the embodiment of the present invention, the transaction unit control unit 215 may include an inactive flag in the information related to the transaction unit stored in the financial server 105 (or a ledger, etc.) The control means can control the transmission of a result indicating that the transaction means can not be used at the time of requesting the financial transaction using the inactive transaction means to the financial transaction request side.

The transaction means control unit 215 requests the financial transaction using the transaction means of the customer kept in the inactive state and confirms whether at least part of the transaction procedure for the financial transaction using the transaction means is performed. If the financial transaction using the inactive transaction means is confirmed, the transaction means control unit 215 may process the transaction restriction corresponding to the inactive state of the transaction means of the customer. Here, the transaction restriction includes a process of notifying the customer that the transaction means of the customer to be used in the financial transaction is inactive, or includes at least one of a restriction not to complete the financial transaction, or a restriction to terminate the financial transaction .

Referring to FIG. 2, the transaction means control system 200 includes a chip module (not shown) mounted or detached from the pre-registered wireless terminal 300 owned by the customer to switch the inactive transaction means into an active state 400) and then receives the identification data including the disposable code transmitted through the pre-authentication or real-time authenticated program (315) of the wireless terminal (300), and acquires the identification data The validity of the program 315 that transmitted the identification data is verified by performing the specified operation at any specified time before, during, or after the reception, or the validity of the program 315 transmitted with the program 315 (or running) A media authentication processing unit 210 for authenticating the validity of the terminal 300 or authenticating the validity of the customer-owned wireless medium corresponding to the combination of the program 315 and the wireless terminal 300 .

The program 315 of the wireless terminal 300 instructs the customer to generate a one-off code through the chip module 400 having the configuration of FIG. 4 to switch the customer's transaction means, which remains inactive, And checks whether the chip module 400 shown in FIG. 4 is mounted or detached from the wireless terminal 300 based on the interface screen. If the chip module 400 is mounted or detached from the wireless terminal 300, the program 315 of the wireless terminal 300 confirms and / or extracts and / or generates a designated input value, And the chip module 400 dynamically generates a disposable code of a designated code system by using an input value as one of the seeds, and then transmits the generated code to the wireless terminal 300 To the program 315 of FIG. The program 315 of the wireless terminal 300 receives the dynamically generated one-time code through the chip module 400 and transmits the identification data including the one-time code to the transaction means control system 200.

The data receiving unit 220 receives the customer's transaction request before the financial transaction request in which the program 315 specified in the customer's registered wireless terminal 300 Confirms the program 315 to be pre-authenticated or real-time authenticated through the media authentication processing unit 210 in a state in which the transaction procedure related information is notified to the program 135 of the wireless terminal 300 by confirming the transaction procedure, Receives identification data including a dynamically generated one-time code from the authenticated program 315 via the chip module 400 via a communication channel connected to the authenticated program 315 of the wireless terminal 300, And receives the identification data via a relay path via a relay server (not shown). Meanwhile, according to the method, information for at least one of the program authentication, the wireless terminal authentication, and the wireless medium authentication may be received and authenticated by being included in the identification data. The identification data may be encrypted and received according to a security protocol between the program 315 of the wireless terminal 300 and the transaction means control system 200. In this case, It is possible to decrypt the encrypted identification data and restore the dynamically generated disposable code through the chip module 400. [

According to an embodiment of the present invention, the medium authentication processing unit 210 may be configured to perform the medium authentication operation of the program 315 shown in FIG. 3 at any specified point in time before, Side procedure to authenticate the validity of the program 315 on the side of the wireless terminal 300 that has transmitted the identification data by performing the specified operation or to check the validity of the program 315 with the program 315 The validity of the wireless terminal 300 can be authenticated or the validity of the customer-owned wireless medium corresponding to the combination of the program 315 and the wireless terminal 300 can be authenticated. Meanwhile, according to the embodiment, the authentication function of the medium authentication processing unit 210 may be provided in a separate authentication server (not shown) associated with a server having the transaction means control system 200. In this case, The authentication processing unit 210 may refer to the authentication result of the authentication procedure performed through the authentication server.

According to the extended data receiving embodiment of the present invention, the program 315 performs an operation of inducing a customer to input designated customer identification information (e.g., a PIN, etc.) And to guide the user to input some selection information selected from the registered (or referable) customer information. When the customer inputs the designated customer identification information in response to the operation, the identification data including the customer identification information input by the customer may be generated and transmitted. Or when the customer inputs partial selection information selected from the customer information designated in response to the operation, the terminal may generate and transmit identification data including some selection information inputted by the customer. For example, the program 315 may guide the user to input a partial number of the resident number in the customer information, or to input a partial number of a specific telephone number registered as a contact. On the other hand, some selection information selected from the customer information may be fixed, periodically changed, or arbitrarily selected according to the method of implementation, and thus the present invention is not limited thereto. In this case, the data receiving unit 220 may receive the identification data including the disposable code and further including partial selection information selected from the customer identification information and / or customer information.

Referring to FIG. 2, the transaction means control system 200 includes a code authentication control unit 255 for controlling an authentication procedure for the disposable code to be performed, And a data reading unit (230) for confirming the activation change request of the customer with respect to the means, and when the identification data includes identification authentication information for performing at least one identification or authentication procedure, validity of the identification authentication information (Not shown) for performing an authentication process on the received data.

If the identification data received through the data receiving unit 220 includes identification authentication information for performing the identification or authentication procedure designated, the identification authentication processing unit verifies the validity of the identification authentication information included in the identification data. Preferably, the identification authentication information may include some selection information selected from the customer identification information or the customer information. For example, when the identification data includes some selection information selected from the customer identification information or the customer information, the identification authentication processing unit may authenticate whether the customer identification information or some selection information matches the previously registered information.

The identification data including the dynamically generated disposable code is received in the chip module 400 mounted or detached from the customer-owned wireless terminal 300 through the data receiving unit 220, and before the identification data is received, , If the customer-owned wireless medium that has transmitted the identification data at a later designated time point is authenticated in real time and / or some selection information selected from the customer identification information or the customer information is identified or authenticated through the identification authentication processing unit, The control unit 255 identifies a code generation rule mapped to the customer-owned wireless medium or mapped with the customer identification information or the customer information, dynamically generates a verification code matching the disposable code based on the code generation rule, Control to validate the validity of the code.

According to an embodiment of the present invention, the code authentication control unit 255 may dynamically generate a verification code for the code generation rule, and compare the one-time code with the verification code to authenticate the validity of the received one- .

According to another embodiment of the present invention, the disposable code can be authenticated through a separate code authentication server. In this case, the code authentication control unit 255 provides the disposable code to the code authentication server, (Or information for identifying the code generation rule for the chip module 400 provided in the code authentication server) corresponding to the code generation rule according to the validity of the one-time code through the code authentication server And can be controlled to be authenticated. In this case, the code authentication control unit 255 can refer to the authentication result of the disposable code processed through the code authentication server.

The data reading unit 230 reads the data from the customer using the wireless terminal 300 (or the program 315) when the validity of the one-time code is authenticated through the code authentication control unit 255 Lt; / RTI > request is received.

Referring to FIG. 2, the transaction means control system 200 includes a state change control unit 235 for controlling the transaction means of the customer to be in an active state based on the customer's activation change request, The switching control unit 235 controls to restore the transaction means of the customer switched to the activated state to the inactive state according to the specified condition.

If the request for activation change of the customer with respect to the inactive transaction means is confirmed through the data reading unit 230, the status change control unit 235 transmits the transaction means of the customer on the basis of the confirmed activation change request And controls to switch to the activated state. For example, the status change control unit 235 may temporarily delete the inactive flag included in the information related to the transaction means stored in the financial server 105 (or the ledger, etc.) Or permitting access to use the transaction means, the transaction procedure using the transaction means at the time of requesting the financial transaction using the activated transaction means is performed without being restricted by the use of the transaction means .

According to the present invention, the transaction means, which is switched to the active state by the state change control unit 235, is restored to the inactive state according to the specified condition without continuously maintaining the active state, Sets and maintains the control condition of the activated state, and restores the transaction means of the customer switched to the activated state to the inactive state by using the control condition. The transaction means restored to the inactive state maintains the inactive state under the control of the transaction means control unit 215.

Referring to FIG. 2 according to an expanded embodiment of the present invention, the transaction means control system 200 may be a dictionary of the pre-registered wireless terminal 300 owned by the customer when converting the transaction means of the customer into the active state, A pre-admission receiving unit 240 for receiving pre-admission information for the transaction means to be switched from the real-time authenticated program 315 to the active state, and an approval information storage unit 245), a financial transaction confirmation unit (250) for confirming a financial transaction using the transaction means of the customer switched to the activated state when the pre-authorization information is stored, A pre-approval authentication unit (255) for controlling the validity of the pre-approved information inputted through the customer during financial transactions using the means, A transaction procedure, the control unit 260 for controlling to be carried out a procedure in financial transactions using a transaction means for the customer when the authenticated can be further provided.

The program 315 of the wireless terminal 300 may display an interface screen for registering pre-approval information for the transaction means to be switched to the active state, and when the pre-approval information is inputted through the interface screen And may transmit the inputted pre-approval information to the transaction means control system 200.

The pre-approval receiving unit 240 may transmit the pre-registered wireless signal to the pre-approval receiving unit 240 at any time before, during, or after the request for switching the inactive state of the in- And can receive the preauthorization information transmitted from the pre-authentication or real-time authenticated program 315 of the terminal 300. [ The pre-approval information is information for authenticating that the valid transaction of the transaction means in the inactive state has been approved in advance in advance before the financial transaction is requested by the valid customer of the transaction means, A disposable approval number that can be input via the transaction unit 300, and transaction information (or partial information of transaction information) of a financial transaction to be requested after the transaction unit is switched to the active state.

The approval information storage unit 245 confirms the storage medium to be referred to at the time of financial transaction using the transaction means to be switched to the active state and stores the pre- And performs the pre-approval authentication procedure using the pre-approval information at the time of financial transaction using the transaction means.

When the pre-approval information registered through the customer-owned wireless terminal 300 is stored through the approval information storage unit 245, the financial transaction confirmation unit 250 uses the transaction means of the customer who has been switched to the activated state Control to check financial transactions. If the financial transaction using the transaction means of the customer switched to the activated state is confirmed, the preauthorization authentication unit 255 confirms the preauthorization information inputted through the customer during the financial transaction using the transaction means, The validity of the pre-approval information input during the financial transaction is authenticated through the pre-approval information stored through the information storage unit 245. [ The transaction procedure control unit 260 controls the procedure of the financial transaction using the transaction means of the customer to be performed by the transaction means without limitation when the pre-approval information is authenticated. On the other hand, if the pre-authorization information is not authenticated, the transaction procedure control unit 260 controls the procedure of the financial transaction using the transaction means of the customer to be restricted by the transaction means. Here, the transaction restriction includes a process of notifying the customer that the transaction means of the customer to be used in the financial transaction is inactive, or includes at least one of a restriction not to complete the financial transaction, or a restriction to terminate the financial transaction . That is, if the pre-authorization information is not authenticated, it is preferable that the financial transaction procedure using the transaction means of the customer is not completed or at least some procedures are limited. On the other hand, if the pre-authorization information is not authenticated according to the method, the transaction means turned into the active state can be restored to the inactive state through the state transition control unit 235. [

Referring to FIG. 2 according to an expanded embodiment of the present invention, the transaction means control system 200 may be a dictionary of the pre-registered wireless terminal 300 owned by the customer when converting the transaction means of the customer into the active state, At least one control condition among an activation period, an activation time, and a transaction use count for the transaction means to be switched from the real-time authenticated program 315 to the activation state is received and set, or the control condition is automatically set A financial transaction confirmation unit 250 for confirming a financial transaction using the transaction means of the customer who has been switched to the activated state when the control condition is set; Maintaining the activated state of the transaction means of the customer when the control condition is met, wherein the confirmed financial transaction does not meet the control condition (235) for controlling the transaction means of the customer to be restored to an inactive state when the activation state of the customer is in the active state or the activation state of the transaction means of the customer is compared with the control condition, The state transition control unit 235 for maintaining the active state of the customer's transaction means and controlling the transaction means of the customer to be restored to the inactive state when the activated state does not match the control condition .

The transaction condition setting unit 265 may set the transaction condition setting unit 265 to be in the active state at any time before, during, or after the request for switching the inactive transaction means to the active state is confirmed through the data reading unit 230 The control condition for restoring the means to the inactive state is set.

According to the first condition setting method of the present invention, the program 315 of the wireless terminal 300 can display an interface screen for setting control conditions for the transaction means to be switched to the active state, And transmits the set control condition to the transaction means control system 200 when the control condition is set. At any time before, during, or after the request for switching the inactive transaction means to the active state is confirmed through the data reading unit (230), the transaction condition setting unit (265) And may receive control conditions transmitted from a prior or real time authenticated program 315 of the wireless terminal 300. [ The control condition may include at least one of an activation period, an activation time, and a transaction usage count for the transaction means that has been activated.

According to the second condition setting method of the present invention, the transaction condition setting unit 265 has a function of automatically setting at least one of an activation period, an activation time, and a transaction use count for the transaction means that has been switched to the activated state , And can automatically set at least one of an activation period, an activation time, and a transaction use count for restoring the transaction means to be switched to the active state to an inactive state by using the activation period.

According to the third condition setting method of the present invention, the transaction condition setting unit 265 registers (or selects) a certain condition through the customer-owned wireless terminal 300 by combining the first and second condition setting methods And some other conditions can be set automatically.

When the control condition for the transaction means that is switched to the active state is set through the transaction condition setting unit 265, the financial transaction confirmation unit 250 determines whether the financial transaction using the transaction means of the customer, . If the financial transaction using the transaction means of the customer switched to the activated state is confirmed, the state change control unit 235 determines whether the confirmed financial transaction meets the control condition. For example, the status change control unit 235 can determine whether the confirmed financial transaction is requested and executed at the activation period or the activation time, and / or check whether the confirmed financial transaction is below or exceeded the transaction usage count . The state change control unit 235 controls the state phone controller 301 to maintain the activated state of the transaction means of the customer when the confirmed financial transaction meets the control condition, It is possible to control the transaction means of the customer to be restored to the inactive state through the state phone controller 301 when the control condition is not satisfied.

Alternatively, when a control condition is set for the transaction means that is switched to the active state through the transaction condition setting unit 265, the state change control unit 235 compares the activation state of the customer's transaction means with the control condition And determines whether the activation state matches the control condition. The state change control unit 235 controls the state phone controller 301 to maintain the activation state of the transaction means of the customer when the activation state of the transaction means conforms to the control condition, The state control unit 301 can control the transaction means of the customer to be restored to the inactive state when the activation state does not match the control condition.

Referring to FIG. 2 according to an embodiment of the present invention, the transaction means control system 200 may be configured to transmit a financial transaction, which is performed before the transaction means is switched to the active state, A transaction procedure initialization unit 270 for initializing a financial transaction being performed before the transition to the active state, and a transaction processing unit 270 for switching the transaction means of the customer to the active state after the financial transaction is initialized And a state change control unit 235. [

When the request for switching the customer's transaction means to the active state is confirmed through the data reading unit 230, the financial transaction confirmation unit 250 checks the activation state of the customer, To identify the financial transaction for which some procedure is being performed. However, the financial transaction requested before the transaction means is switched to the active state may be a financial transaction requested by the normal customer without requesting the activation of the transaction means in advance, or a third party (such as a hacker) The financial transaction may be requested. Therefore, the transaction procedure initialization unit 270 initializes the financial transaction being performed before the transaction means is switched to the active state, so that the financial transaction that is being performed and the financial transaction after the transaction means is switched to the active state , And at the same time, illegal access by a third party (a hacker, etc.) can be fundamentally blocked. If the financial transaction that was being performed by the transaction procedure initialization unit 270 before the transition to the active state is initialized, the state transition control unit 235 switches the transaction means of the customer to the active state do.

Referring to FIG. 2, the trading means control system 200 may include a dictionary or a real-time (not shown) of the pre-registered wireless terminal 300 owned by the customer in order to forcibly restore the transaction means of the customer, A data receiving unit 220 for receiving the identification data transmitted through the authenticated program 315, a data reading unit 230 for reading the identification data and confirming the inactivation restoration request of the customer to the activated transaction means 230 And a state change control unit 235 for controlling the transaction means of the customer to be restored to an inactive state based on the inactivity restoration request of the customer, A procedure initialization unit 270 may be further included.

According to the method of the present invention, the transaction means of the customer switched to the active state is automatically restored to the inactive state according to the control condition set (or automatically set) by the customer without separately restoring the inactive state. However, in order to forcibly deactivate the customer's remorse or suspected transaction means who have activated their transaction means, the transaction means of the customer who has been turned into the state of being tormented must be forcibly restored to the inactive state. To this end, the program 315 of the wireless terminal 300 generates and transmits identification data for forcibly restoring the transaction means of the customer switched to the active state to the inactive state, and the data receiving unit 220 transmits The data reading unit 230 reads the identification data, and the data reading unit 230 reads out the identification data to make the customer forcibly disable the transaction means of the customer switched to the activated state Ensure that you are asked to restore.

When the customer requests to restore the activated transaction mode to the inactive state, the state change control unit 235 controls the transaction mode of the customer to be restored to the inactive state based on the inactive restore request of the customer do.

On the other hand, the transaction procedure initialization unit 270 determines whether or not the transaction is initiated at the time when the customer requests to restore the transaction means for which the customer has been activated to the inactive state (or a predetermined time before the inactive restoration request time point) Confirm that the transaction procedure of the transaction is being performed (or has been performed).

If there is a financial transaction for which a transaction procedure using the customer's transaction means exists at the time of requesting the customer's inactive restoration, the transaction procedure initialization unit 270 may restrict the financial transaction (for example, Or notifying the contents of the financial transaction), or by initializing the financial transaction, the invalidity restoration request of the customer is immediately reflected and the fraudulent transaction by a third party (a hacker, etc.) can be fundamentally blocked. The transaction procedure initialization unit 270 transmits the transaction information of the financial transaction corresponding to the performed transaction procedure to the wireless terminal 200. In this case, (Hacker, etc.) by causing the financial transaction to be initiated after approval by the customer after transferring the program to the program (315) of the financial institution (300), before the actual damage caused by the fraudulent transaction by the third party (hacker, etc.) occurs.

Referring to FIG. 2 according to an expanded embodiment of the present invention, the trading means control system 200 limits a transaction procedure of a financial transaction using a transaction means of a customer maintaining an inactive state, A transaction procedure control unit 260 for transmitting information on a transaction procedure performed using the inactive transaction unit to the program 315 of the customer-owned wireless terminal 300, A data receiving unit (220) for receiving identification data transmitted from a pre-registered or real-time authenticated program (315) of the pre-registered wireless terminal (300) owned by the customer, A data read unit 230 for confirming the request for activation change of the customer or the inactivity maintenance request of the customer or the transaction procedure initialization request of the customer The rain. Meanwhile, the transaction means control system 200 includes a state change control unit 235 for controlling the transaction means of the customer to be activated when the request for activation change of the customer is confirmed in response to the transaction procedure notification, And a transaction procedure initialization unit (270) for initializing a financial transaction being performed before switching to the active state. Or the transaction means control system (200) is configured to execute a transaction that initializes a financial transaction corresponding to the transaction procedure notification when the inactivity maintenance request of the customer or the request for initializing the transaction procedure of the customer is confirmed in response to the transaction procedure notification And may further include a procedure initialization unit 270 to maintain the transaction means of the customer in an inactive state.

FIG. 3 is a diagram showing a functional configuration of a wireless terminal 300 and a program 315 according to an embodiment of the present invention.

More specifically, FIG. 3 shows a program that operates with a customer-owned wireless medium for requesting the customer's transaction means to remain in the inactive state to switch to the active state, or forcibly restoring the transaction means of the customer who has been switched into the inactive state 315 and the wireless terminal 300. Those skilled in the art will be able to refer to and / or modify the FIG. 3 to understand various functions of the wireless terminal 300 It should be understood that the present invention includes all of the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG. 3 may include at least one of various smart phones capable of wireless communication, various tablet PCs, various PDAs, and various mobile phones.

3, the wireless terminal 300 includes a control unit 301, a memory unit 312, a screen output unit 302, a user input unit 303, a sound processing unit 304, a camera unit 306, A NFC module 305, a short range wireless communication unit 308, a wireless network communication unit 309, a USIM reader unit 310 and a USIM 400, and a battery 307 for power supply.

The control unit 301 is a general term for controlling the operation of the wireless terminal 300. The control unit 301 includes at least one processor and an execution memory, BUS). According to the present invention, the control unit 301 loads at least one program code included in the wireless terminal 300 into the execution memory through the processor, and outputs the result through at least one configuration And controls the operation of the wireless terminal 300. FIG. Hereinafter, the configuration of the program 315 of the present invention, which is implemented in the form of program code for the sake of convenience, will be described in the control unit 301. FIG. Hereinafter, the program 315 of the present invention is reduced to be referred to as 'application' for convenience.

The memory unit 312 is a general term of a nonvolatile memory corresponding to a storage resource of the wireless terminal 300 and includes at least one program code executed through the control unit 301 and at least one Save and maintain the dataset. The memory unit 312 basically includes a system program code and a system data set corresponding to the operating system of the wireless terminal 300, a communication program code and a communication data set for processing a wireless communication connection of the wireless terminal 300, The program code and data set corresponding to the program 315 of the present invention are also stored in the memory unit 312. In addition,

The screen output unit 302 includes a screen output unit such as a liquid crystal display (LCD) and a driving module for driving the screen output unit 302. The screen output unit 302 is connected to the control unit 301, And outputs an operation result corresponding to the output to the screen output device.

The user input unit 303 is composed of one or more user input devices (e.g., a button, a keypad, a touch pad, a touch screen interlocked with the screen output unit 302) and a drive module for driving the same. A command for interrupting various operations of the control unit 301 or data necessary for the operation of the control unit 301 is input.

The sound processing unit 304 includes a speaker, a microphone, and a driving module for driving the speaker. The sound processing unit 304 decodes sound data corresponding to the sound output from the various calculation results of the control unit 301 and outputs the sound data through the speaker Or a sound signal input through the microphone, and transmits the encoded sound signal to the controller 301. [

The camera unit 306 includes an optical unit corresponding to a camera, a CCD (Charge Coupled Device) and a drive module for driving the CCD unit, and obtains bitmap image data or image data input to the CCD through the optical unit . The data obtained through the camera unit 306 may include still image data or moving image data.

The NFC module 305 may be a communication resource that processes one or more proximity wireless communications among two-way close proximity wireless communication, full-duplex proximity wireless communication, and half-duplex proximity wireless communication using a radio frequency signal as a communication medium at a close distance (e.g., , And is capable of processing proximity wireless communication according to the NFC (Near Field Communication) standard of the 13.56-MHz frequency band. Alternatively, the NFC module 305 may process the proximity wireless communication of the ISO 18000 series standard, in which case it may process the proximity wireless communication for the frequency band other than the 13.56 Mz frequency band. For example, the NFC module 305 may operate in a reader mode, a tag mode, or a bidirectional communication mode. Meanwhile, the NFC module 305 may be included in a communication resource for connecting the wireless terminal 300 to a communication network according to an object to be communicated in close proximity.

The wireless network communication unit 309 and the short-range wireless communication unit 308 are collectively referred to as communication resources for connecting the wireless terminal 300 to a designated communication network. Preferably, the wireless terminal 300 may include a wireless network communication unit 309 as a basic communication resource, and may include one or more short-range wireless communication units 308.

The wireless network communication unit 309 collectively refers to a communication resource for connecting the wireless terminal 300 to a wireless communication network via a base station. The wireless network communication unit 309 includes an antenna, an RF module, a baseband module, And transmits the calculation result corresponding to the wireless communication among the various calculation results of the controller 301 to the controller 301 through the wireless communication network or receives data through the wireless communication network To the control unit 301, and performs connection, registration, communication, and hand-off procedures of the wireless communication. According to the present invention, the wireless network communication unit 309 can connect the wireless terminal 300 to a communication network including a communication channel and a data channel via the exchange, and in some cases, Based wireless network data communication (e.g., the Internet).

According to an embodiment of the present invention, the wireless network communication unit 309 is a mobile communication unit that performs at least one connection, a location registration, a call processing, a call connection, a data communication, and a handoff to a mobile communication network according to the CDMA / WCDMA / ≪ / RTI > Meanwhile, the wireless network communication unit 309 according to the intention of the person skilled in the art may further include a portable internet communication structure for performing at least one of connection to the portable Internet, location registration, data communication and handoff according to the IEEE 802.16 standard, It is evident that the present invention is not limited by the wireless communication configuration provided by the wireless network communication unit 309. [ That is, the wireless network communication unit 309 is a general term for a configuration unit that accesses a wireless communication network through a cell-based base station irrespective of a frequency band of a wireless section, a type of a communication network, or a protocol.

The short-range wireless communication unit 308 is a generic name of communication resources connecting a communication session using a radio frequency signal within a predetermined distance (for example, 10 m) as a communication medium and connecting the wireless terminal 300 to the communication network based on the communication session , The wireless terminal 300 may be connected to the communication network through at least one of Wi-Fi communication, Bluetooth communication, public wireless communication, and UWB. According to the embodiment of the present invention, the short-range wireless communication unit 308 may be integrated with or separated from the wireless network communication unit 309. According to the present invention, the short-distance wireless communication unit 308 connects the wireless terminal 300 to a data network providing packet-based short-range wireless data communication through a wireless AP.

The USIM reader 310 includes a universal subscriber identity module (Universal Subscriber Identity Module) that is mounted or detached from the wireless terminal 300 based on the ISO / IEC 7816 standard, and a generic name of a configuration for exchanging at least one data set , And the data set is exchanged in a half duplex communication manner through an APDU (Application Protocol Data Unit).

The USIM 400 is an SIM type card having an IC chip 405 according to the ISO / IEC 7816 standard, and includes an input / output interface including at least one contact connected to the USIM reader 310, An IC chip 405 memory for storing a program code and a data set for one IC chip, and a memory for storing the program code for the IC chip in accordance with at least one command transmitted from the wireless terminal 300, And a processor for extracting (or processing) the data set and transferring the data set to the input / output interface.

The program 315 of the present invention is downloaded from a program providing server (for example, an Apple AppStore or the like) through a data network to which the communication resource can be connected and is stored in the memory unit 312. The downloaded program 315 operates in conjunction with the transaction means control system 200 and can be manually driven by a user or activated (or activated) after user confirmation or automatically by receiving a message. Meanwhile, a separate program 315 may be in operation for activating the program 315 after user confirmation or automatically, and thus the present invention is not limited thereto.

Referring to FIG. 3, the program 315 of the wireless terminal 300 may include at least one of customer information, customer identification information, and wireless terminal information to the transaction means control system 200 through a data network to which the communication resource is connectable (300) that is operating the program (315) through at least one communication network connectable through a communication resource, and a step of performing a process of authenticating a medium corresponding to the wireless terminal And a medium authentication operation unit 325. [

The program 315 includes communication connection macro information to be connected to the transaction means control system 200 via a data network connectable through the communication resource, And outputs the interface for inputting at least one of the customer information, the customer identification information, and the wireless terminal information, which is designated as a registration target, through the interface 302 to the transaction means control system 200 through the interface And transmits the information.

The medium authentication operation unit 325 is connected to the transaction means control system 200 via at least one communication network among the data network and the communication network to which the communication resource is connectable, ) Program 315 and a combination of the wireless terminal 300 having the program 315 (or being in a running state). According to the embodiment of the present invention, the process of authenticating the validity of the program 315 is carried out by an arm / decryption communication process previously agreed between the program 315 and the transaction means control system 200, A detailed description of the decoding process will be omitted.

According to an embodiment of the present invention, the customer-owned wireless medium authentication includes a program authentication procedure for identifying and / or authenticating a program 315 provided to (or running in) the wireless terminal 300, And a wireless terminal authentication process for identifying and / or authenticating the wireless terminal 300 having the wireless terminal 300 and the wireless terminal 300. The wireless terminal 300 and the program Lt; RTI ID = 0.0 > 315) < / RTI > The program authentication procedure, the wireless terminal authentication procedure, and the wireless medium authentication procedure may be performed according to a specified order, or may be collectively performed as one authentication procedure, and some authentication procedures may be omitted according to the method of operation. The present invention is not limited thereto.

According to the first program authentication method of the present invention, the program 315 may be downloaded through a designated program providing server in a state where a unique app identification value is set. In this case, the media authentication operation unit 325 By transmitting the authentication information including the app identification value set in the program 315 to the transaction means control system 200 for identification and / or authentication of the program 315, So that the validity of the program 315 provided in the wireless terminal 300 (or being driven) can be authenticated. The transaction means control system 200 has the app identification value (or the information for authenticating the app identification value), and authenticates the validity of the app identification value using the app identification value, (Or running) program 315. In this way, The validity authentication of the app identification value may be a customer owned wireless media authentication procedure or a program authentication procedure for customer owned wireless media authentication.

According to the second program authentication method of the present invention, the program 315 is downloaded through a designated program providing server, and then, according to a designated procedure, an app identification value (e.g., (E.g., a device token assigned by APNS of Apple Inc.), in which case the media authentication operating portion 325 may be assigned to the program 315 for identification and / or authentication of the program 315 And transmits the authentication information including the app identification value to the transaction means control system 200 so that the transaction means control system 200 allows the transaction means control system 200 to execute the program 315 The validity can be processed to be authenticated. The transaction means control system 200 includes an app identification value (or information for authenticating an app identification value) allocated to the program 315 according to a designated procedure, It is possible to authenticate the validity of the program (315) provided in (or running) the wireless terminal (300). The validity authentication of the app identification value may be a customer owned wireless media authentication procedure or a program authentication procedure for customer owned wireless media authentication.

According to the third program authentication method of the present invention, the program 315 includes at least one of a key value and at least one of a key exchange protocol and / or an encryption / decryption rule, May be downloaded through a designated program providing server in a state in which the authentication module including the authentication module is installed. Alternatively, the program 315 may include an authentication module including program code for performing a specified authentication procedure, and at least one key value and a key exchange protocol and / or encryption / decryption rule necessary for the authentication procedure are set and / The procedure can be downloaded through the designated program providing server with the defined certificate mounted. According to the method, the certificate can be downloaded through the data network according to a specified procedure. In this case, the media authentication operation unit 325 transmits authentication information for exchanging at least one key value with the transaction means control system 200 according to a specified authentication procedure using the authentication module and / or the certificate The transaction means control system 200 can process the program 315 so that the validity of the program 315 provided in the wireless terminal 300 (or running) is authenticated. The transaction means control system 200 includes a server side authentication module and / or a certificate corresponding to the program 315 side authentication module and / or the certificate, and uses the program 315 and the specified authentication procedure The validity of the program 315 provided to (or running on) the wireless terminal 300 can be authenticated by exchanging at least one key value. The key exchange may be a customer-owned wireless media authentication procedure or a program authentication procedure for customer-owned wireless media authentication.

According to the fourth program authentication method of the present invention, when the authentication number transmitted from the transaction means control system 200 is received through the message exchange protocol of the communication network, the wireless terminal 300 is connected to the communication network, And transmits the authentication information including the received authentication number to the transaction means control system 200 through the data network to transmit the authentication information including the received authentication number to the transaction means control system 200, (Or running) program 315 to be authenticated. The transaction means control system 200 has a function of generating or authenticating the authentication number or referring to an authentication result of an authentication number processed at least through a specified authentication server, thereby confirming the authentication result of the authentication number Thereby validating the validity of the program 315 provided to (or being driven to) the wireless terminal 300. The key exchange may be a customer-owned wireless media authentication procedure or a program authentication procedure for customer-owned wireless media authentication.

According to the fifth program authentication method of the present invention, the program 315 may include a code generation rule (for example, a code generation algorithm and a seed). In this case, the medium authentication operation unit 325 may generate the code And transmits the authentication information including the dynamically generated one-time code to the transaction means control system 200 so that the transaction means control system 200 allows the transaction means control system 200 to transmit the one- It is possible to process the validity of the program 315 provided in the terminal 300 (or being driven) to be authenticated. The transaction means control system 200 has a code generation rule matching with the code generation rule of the program 315 and authenticates the validity of the disposable code using the code generation rule, Or running) program 315. In this way, The validation of the disposable code may be a customer-owned wireless media authentication procedure or a program authentication procedure for customer-owned wireless media authentication.

According to the sixth program authentication method of the present invention, the medium authentication operation unit 325 can access the transaction means control system 200 through an authentication method that selectively combines at least one of the first to fifth program authentication methods So that the validity of the program 315 provided in the wireless terminal 300 (or running) can be authenticated, and the present invention encompasses all such program authentication procedures as a scope of right.

According to the method of the present invention, the media authentication operation unit 325 may be stored in the memory unit 312 while performing a program authentication procedure according to at least one of the first to sixth program authentication methods At least one terminal identification value among the terminal identification values provided in the USIM 400 and the terminal identification values uniquely provided in at least one of the device configuration units of the wireless terminal 300, (Or assigned) through a communication network connected through the short-range wireless communication unit 308 and / or the wireless network communication unit 309 and transmits the terminal identification value and / or the network allocation value To the transaction means control system 200, thereby performing an information registration procedure for the wireless terminal authentication.

According to the first wireless terminal authentication method of the present invention, the medium authentication operation unit 325 may be configured to perform, at any time point before, during, or after performing at least one of the first to fifth program authentication methods, A terminal identification value uniquely provided in at least one of the device configuration units of the wireless terminal 300 and at least one of terminal identification values provided in the USIM 400, By identifying one terminal identification value and transmitting authentication information including the identified terminal identification value to the transaction means control system 200 for identification and / or authentication of the wireless terminal 300, The control system 200 can process the validity of the wireless terminal 300 in which the program 315 is provided (or being driven) to be authenticated. The transaction means control system 200 may include the terminal identification value (or the information for authenticating the terminal identification value) or may interwork with an authentication server (e.g., a communication company server) that authenticates the terminal identification value, The validity of the wireless terminal 300 having the program 315 (or running) by authenticating the validity of the terminal identification value or verifying the authentication result of the terminal identification value performed through the authentication server is authenticated . The validity authentication of the terminal identification value may be a customer-owned wireless medium authentication procedure or a wireless terminal authentication procedure for customer-owned wireless medium authentication.

According to the second wireless terminal authentication method of the present invention, the medium authentication operation unit 325 may be configured to perform, at any time point before, during, or after performing at least one of the first to fifth program authentication methods, (Or assigned) through the communication network connected through the short-range wireless communication unit 308 and / or the wireless network communication unit 309 and transmits the identification information to the wireless terminal 300 for identification and / And transmits the authentication information including the identified network allocation value to the transaction means control system 200 so that the transaction means control system 200 allows the transaction device control system 200 to transmit the authentication information including the program 315 to the wireless terminal 300 ) Can be processed so as to be authenticated. The transaction means control system 200 may include the network allocation value (or the information for authenticating the network allocation value) or may interwork with an authentication server (e.g., a communication company server) that authenticates the network allocation value, The validity of the wireless terminal 300 in which the program 315 is provided (or running) by authenticating the validity of the network allocation value or the authentication result of the network allocation value performed through the authentication server . The validity authentication of the network allocation value may be a customer-owned wireless media authentication procedure or a wireless terminal authentication procedure for customer-owned wireless media authentication.

According to the third wireless terminal authentication method of the present invention, the program 315 may include a code generation algorithm, and the medium authentication operation unit 325 may generate the terminal identification value and / Algorithm to the transaction means control system 200 by dynamically generating the one-time code using at least one of the seeds to be applied to the algorithm and sending the authentication information including the dynamically generated one-time code to the transaction means control system 200 So that the validity of the wireless terminal 300 in which the program 315 is provided (or running) is authenticated. The transaction means control system 200 includes a code generation algorithm and a terminal identification value and / or a network allocation value to be used as a seed. By authenticating the validity of the disposable code using the terminal identification value and / or the network allocation value, The mobile terminal 300 can authenticate the validity of the wireless terminal 300 that is connected (or running). The validity authentication of the disposable code may be a customer owned wireless media authentication procedure or a wireless terminal authentication procedure for customer owned wireless media authentication.

According to the fourth wireless terminal authentication method of the present invention, the media authentication operation unit 325 may be configured to perform the authentication of the transaction means control system 200 (200) through an authentication method that selectively combines at least one of the first through third wireless terminal authentication methods To process the program 315 so that the validity of the wireless terminal 300 having the program 315 (or running) is authenticated, and the present invention encompasses all such wireless terminal authentication procedures as a scope of right.

According to the first wireless medium authentication method of the present invention, the medium authentication operation unit 325 can perform at least one of the first to fifth program authentication methods, and / or the first to fourth wireless terminal authentication methods May be used as a wireless medium authentication method for authenticating the customer-owned wireless medium.

According to the second wireless medium authentication method of the present invention, the medium authentication operation unit 325 may be configured to perform at least one of the first to fifth program authentication methods, and / or the first to fourth wireless terminal authentication methods (Or code) used in at least one of the authentication methods according to the specified processing rule agreed with the transaction means control system 200 to generate a medium identification value, (Or operating) program 315 provided to the mobile terminal 300 by transmitting the authentication information including the identified medium identification value to the transaction means control system 200, And the validity of the customer-owned wireless medium corresponding to the combination of the wireless terminal 300 with the program 315 (or in the running state) can be authenticated. The processing rule may include various rules such as an encryption / decryption rule and / or a hash rule. The program 315 and the transaction means control system 200 have previously agreed upon the program 315, Any rule may be acceptable. The transaction means control system 200 has a processing rule matching with the processing rule on the program 315, and by validating the validity of the medium identification value using the processing rule, the validity of the customer-owned wireless medium is authenticated .

According to the third wireless medium authentication method of the present invention, the program 315 may include a code generation algorithm, and the medium authentication operation unit 325 may include at least one of the first to fifth program authentication methods (Or code) used in at least one of the authentication methods of the first to fourth wireless terminal authentication methods is used as one of the seeds of the code generation algorithm to dynamically generate the one- And transmits the authentication information including the generated one-time code to the transaction means control system 200 for wireless medium authentication so that the transaction means control system 200 allows the transaction means control system 200 to transmit And the validity of the customer-owned wireless medium corresponding to the combination of the program 315 and the wireless terminal 300 having the program 315 It can be processed to be authenticated. The transaction means control system 200 includes a code generation algorithm, and includes at least one of the first to fifth program authentication methods, and / or at least one of the first to fourth wireless terminal authentication methods (Or code) used in the wireless medium, and the validity of the customer-owned wireless medium can be authenticated by authenticating the validity of the disposable code.

According to the fourth wireless medium authentication method of the present invention, the medium authentication operation unit 325 may be configured to transmit the authentication information to the transaction means control system 200 (200) through an authentication method that selectively combines at least one of the first, ) To allow the validity of the customer-owned wireless medium to be authenticated, and the present invention encompasses all such wireless media authentication procedures as a scope of right.

Referring to FIG. 3, the program 315 of the wireless terminal 300 allows a user to switch the inactive transaction means to an active state via the screen output unit 302, And an interface display unit 330 for displaying an interface screen requesting to perform a procedure for dynamically generating a disposable code through the PIN authentication processing unit 335. The PIN authentication processing unit 335 processes PIN authentication for the chip module 400, . In FIG. 3, it is preferable that the user is a customer corresponding to the inactive transaction means.

The interface display unit 330 requests the user to perform a procedure of dynamically generating the one-time use code through the chip module 400 shown in FIG. 4 to the wireless terminal 300 through the screen output unit 302 Display the interface screen. The PIN authentication processing unit 335 has a function of authenticating a PIN corresponding to a password to be input from a user and transmits the PIN to the PIN authentication processing unit 335 at a specified time point before, The PIN authentication processing unit 335 displays an interface screen for requesting a user to input a PIN, and performs a procedure for authenticating the validity of the PIN input through the interface screen. The PIN authentication may be authenticated in the program 315 through the PIN authentication processing unit 335. [ Meanwhile, it can be authenticated through a chip module 400 mounted or detached from the wireless terminal 300 according to an embodiment of the present invention, or transmitted to and authenticated by the transaction means control system 200, The present invention is not limited thereto.

Referring to FIG. 3, a program 315 of the wireless terminal 300 includes a chip module confirmation unit 340 (FIG. 3) for confirming whether the chip module 400 of FIG. 4 is mounted or detached and interfaced to the wireless terminal 300 And a chip module interlocking part (400) for providing one or more input values designated by the chip module (400) mounted or detached from the wireless terminal (300) and receiving a dynamically generated disposable code from the chip module And a data transmission unit 350 for performing a procedure for transmitting identification data including the one-time use code dynamically generated through the chip module 400 to the transaction means control system 200.

The chip module identifying unit 340 determines whether the chip module 400 of FIG. 4 is interfaced to be available in the wireless terminal 300 according to a specified standard. The chip module verifying unit 340 communicates with the chip module 400 through the USIM reader 310 or the SD interface 311 to detect whether the chip module 400 mounted on the wireless terminal 300 It can be confirmed whether or not it has the configuration of the chip module 400 shown in FIG. For example, the chip module identifying unit 340 reads the ATR (Answer To Reset) received from the chip module 400 through the USIM reader 310 or the SD interface 311, It is possible to confirm whether the chip module 400 mounted on the semiconductor chip 300 has the configuration of the chip module 400 shown in FIG.

When it is confirmed that the chip module 400 of FIG. 4 is interfaced with the wireless terminal 300, the chip module interlocking unit 345 obtains at least one input value designated to be injected into the chip module 400 . Preferably, the input value includes a time value obtained through a timer of the wireless terminal 300, and includes authentication information provided or assigned to the wireless terminal 300. Preferably, the input value includes both the time value and the authentication information, and it is possible to selectively include any one (e.g., a time value) according to an implementation method. According to the extended method of the present invention, the input value may include a terminal side random number value generated by the chip module interlocking unit 345, or a challenge value received from the transaction means control system 200.

The chip module interlocking unit 345 confirms the interfaced state of the chip module 400 and provides the obtained input value to the chip module 400. The chip module 400 has a code generation rule (for example, a code generation algorithm and a seed value) for dynamically generating a disposable code. The chip module 400 uses the input value as one of seeds to be applied to the code generation algorithm Dynamically generate one-off code of the code system. Preferably, the seed value provided in the chip module 400 is a fixed seed for dynamically generating the disposable code, and the input value provided by the chip module interlocking unit 345 is a fixed value for dynamically generating the disposable code. Seeds (e.g., time values, etc.).

The chip module 400 dynamically generates the disposable code of the designated code system by using the input value and the seed value provided in the chip 405 as a seed of the designated code generation algorithm, And the chip module interlocking unit 345 receives the dynamically generated disposable code through the chip module 400.

According to an embodiment of the present invention, the chip module interlocking unit 345 can perform the authentication procedure specified for the chip module 400. [ Preferably, the authentication procedure includes a PIN authentication procedure. To this end, the chip module interlocking unit 345 receives a PIN value from a user and provides the input PIN value to the chip module 400. The chip module (400) authenticates the PIN value. When the PIN authentication procedure is performed, the one-time use code may be received from the chip module 400 as a result of the PIN authentication. Meanwhile, the PIN authentication procedure may be omitted according to an embodiment of the present invention.

The data transferring unit 350 performs a procedure for transferring the identification data including the identified one-time code to the transaction means control system 200. Preferably, the data transferring unit 350 may transmit the identification data including the one-time code to the transaction means control system 200, thereby requesting the transaction means of the customer maintaining the inactive state to be activated. Preferably, the identification data is securely transmitted according to the encryption / decryption procedure between the program 315 and the transaction means control system 200. [

According to the embodiment of the present invention, at any specified time before, during, or after transmission of the identification data, the media authentication operation unit 325 performs real-time authentication of the program 315, real-time authentication of the wireless terminal 300 Authentication, and real-time authentication of the wireless medium. Preferably, the authentication information may be included in the identification data and transmitted to the transaction means control system 200 to be authenticated in real time. Alternatively, the authentication information may be transmitted to the transaction means control system 200 through the medium authentication operation unit 325 before or after the identification data is transmitted, and may be authenticated in real time. At least one of the program authentication, the wireless terminal authentication, and the wireless medium authentication is performed through the media authentication operation unit 325 before the identification data is transmitted, and at the time of transmitting the identification data, If the authentication result is valid, authentication information may not be transmitted at the time when the identification data is transmitted.

Referring to FIG. 3, the program 315 of the wireless terminal 300 includes an interface display unit 330 for displaying an interface screen for inputting pre-approval information for the transaction means to be switched from an inactive state to an active state, An input processing unit 355 for inputting the pre-approval information using an interface screen, and a pre-approval transfer unit 360 for transferring the inputted pre-approval information to the transaction means control system 200. [

According to the embodiment of the present invention, in order to maintain the safety of the financial transaction using the transaction means changed to the active state by the identification data, the interface display unit 330 is switched from the inactive state to the active state An interface screen for inputting the pre-approval information for the transaction means can be displayed. The interface screen for inputting the pre-approval information may be displayed together with (or linked to) the interface screen for generating the identification data, or may be displayed as a separate optional interface screen.

When the interface screen for inputting the pre-approval information is displayed, the input processing unit 355 inputs the pre-approval information using the interface screen. The pre-approval information is information for authenticating that the valid transaction of the transaction means in the inactive state has been approved in advance in advance before the financial transaction is requested by the valid customer of the transaction means, A disposable approval number that can be input via the transaction unit 300, and transaction information (or partial information of transaction information) of a financial transaction to be requested after the transaction unit is switched to the active state.

When the pre-approval information is inputted through the input processing unit 355, the pre-approval transfer unit 360 transmits the inputted pre-approval information to the transaction means control system 200, and the transaction means control system 200 (For example, customer information, customer identification information, or transaction means-related information) specified in a storage medium designated to use the pre-approved information in a financial transaction using the transaction means changed to the activated state by the identification data, And stores it.

Referring to FIG. 3, the program 315 of the wireless terminal 300 includes an interface (not shown) for setting at least one control condition of an activation period, an activation time, An input processing unit (355) for inputting at least one control condition of an activation period, an activation time and a transaction use count for a transaction means which is switched to an active state by using the interface screen, And a control condition transmission unit 365 for transmitting the input control condition to the transaction means control system 200.

According to the method of the present invention, the control condition for the transaction means that is switched from the state to the active state can be set automatically by the transaction means control system 200, or can be set by the customer. When the customer sets up the control condition (or a part of the control conditions), the interface display unit 330 displays at least one of the activation period, the activation period, and the transaction usage count for the transaction means, An interface screen for setting one control condition is displayed. The interface screen for setting the control condition may be displayed together with (or linked to) the interface screen for generating the identification data, or may be displayed as a separate optional interface screen.

If the interface screen for setting the control condition is displayed, the input processing unit 355 may select at least one of the activation period, the activation time, and the transaction use count for the transaction means, One control condition is input.

When the control condition is inputted through the input processing unit 355, the control condition transmitting unit 365 transmits the input control condition to the transaction means control system 200, and the transaction means control system 200 (For example, customer information, customer identification information, or transaction means-related information) specified in a storage medium designated to apply the control condition to a financial transaction using the transaction means changed to the activated state by the identification data .

Referring to FIG. 3, the program 315 of the wireless terminal 300 displays an interface screen for prompting a user to perform a designated action in order to forcefully restore the transaction means of the customer who has been switched to the active state An interface display unit 330, an input processing unit 355 for processing an input corresponding to the derived action using the interface screen, an identification unit 355 for restoring the activated transaction unit to an inactive state corresponding to the input process, And a data transfer unit 350 for generating data and transmitting the generated data to the transaction means control system 200.

According to the method of the present invention, the transaction means of the customer switched to the active state is automatically restored to the inactive state according to the control condition set (or automatically set) by the customer without separately restoring the inactive state. However, in order to forcibly deactivate the customer's remorse or suspected transaction means who have activated their transaction means, the transaction means of the customer who has been turned into the state of being tormented must be forcibly restored to the inactive state. To this end, the interface display unit 330 displays an interface screen for guiding the user to perform a designated action to forcefully restore the transaction means of the customer who has been activated to the inactive state. Preferably, the interface display unit 330 may display an interface screen for forcibly restoring the transaction means of the customer who has been switched to the active state by using one of the first to fourth operational embodiments.

The input processing unit 355 processes an input corresponding to an operation for forcibly restoring the transaction means of the customer switched to the active state using the displayed interface screen, and the data transfer unit 350 Generates identification data for forcibly restoring the activated transaction means to the inactive state in response to the input processing, and transmits the generated identification data to the transaction means control system (200).

4 is a diagram showing a configuration of a chip module 400 for generating a disposable code according to an embodiment of the present invention.

4 is a functional block diagram of a chip module 400 having a disposable code generation function mounted on or detached from a wireless terminal 300. The chip module 400 has a general knowledge in the technical field of the present invention It is possible to refer to and / or modify this FIG. 4 to infer various implementations of the configuration of the chip module 400 (e.g., some of the components may be omitted, or fragmented, or combined) The present invention includes all of the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

The chip module 400 of the present invention is a general term of a chip 405 mounted module mounted or detached from the wireless terminal 300 and having a disposable code generation function and is preferably mounted on or detached from the wireless terminal 300 A USIM 400 or an SD memory 400. However, the chip module 400 of the present invention is not limited to the USIM 400 or the SD memory 400, and may be mounted on or detached from the wireless terminal 300, and a chip 405 having a disposable code generation function (For example, a module provided with an NFC chip 405), it is made clear that any of them corresponds to the chip module 400 of the present invention.

4, the chip module 400 receives an input value for generating a disposable code from the wireless terminal 300, dynamically generates a disposable code using the input value as one of the seed values, A control unit 410 for controlling a process for processing to be output through the wireless terminal 300 and a memory unit 445 for storing at least one program code or data set necessary for the control of the control unit 410 And an interface unit 450 having an integrated chip 405 and forming a contact interface with the wireless terminal 300. The chip module 400 is provided with a contact point 455 (for example, COB (Chip On Board)) electrically connected to the interface unit 450 at a designated position on the surface, And is electrically connected to a contact point of the wireless terminal 300 to interface the chip module 400 with the wireless terminal 300.

The memory unit 445 is a generic term of a nonvolatile memory corresponding to a storage resource of the chip 405. The memory unit 445 preferably includes a read only memory (ROM), an electrically erasable and programmable read only memory (EEPROM) And the like. Preferably, the memory unit 445 includes both a NAND-type memory and a NOR-type memory. And may be included in the category of the memory unit 445 as a RAM (Random Access Memory) provided in the chip 405 according to an implementation method. According to the embodiment of the present invention, the memory unit 445 stores program codes corresponding to COS (Chip Operating System), and stores program codes corresponding to the applets corresponding to the services to be provided through the chip module 400 Is recorded. According to an embodiment of the present invention, the memory unit 445 stores a unique code for the chip module 400, and may store at least one of a module-side random number value and a key value according to an implementation method. According to an embodiment of the present invention, at least one of the unique code, the module-side random number, and the key value may be used as a seed value for dynamically generating the disposable code. Meanwhile, the memory unit 445 may previously store a separate seed value for dynamically generating the disposable code in addition to the unique code, the module-side random number value, and the key value.

The controller 410 is a collective term for controlling the operation of the chip 405. The controller 410 preferably controls the operation of one or more of a central processing unit (CPU), a micro processing unit (MPU), and a coprocessor Lt; / RTI > According to the embodiment of the present invention, the control unit 410 may define a state in which the program code corresponding to the COS recorded in the memory unit 445 is loaded into the execution memory and operated by the processor, FIG. 4 is a block diagram illustrating a configuration of a program code corresponding to an applet operating on the application program according to an exemplary embodiment of the present invention.

4, the chip module 400 includes a receiving unit 415 for receiving a designated input value from the wireless terminal 300, a generating unit 420 for dynamically generating a disposable code using the input value, (425) for providing data corresponding to the generated disposable code to the wireless terminal (300), and an authentication unit (435) for processing the designated authentication for generating the disposable code, The chip module 400 may further include an encryption unit 430 for encrypting the generated one-time code according to a method, wherein the providing unit 425 encrypts the one- To the wireless terminal (300).

When the chip module 400 is interfaced with the wireless terminal 300, the receiving unit 415 receives a designated input value from the wireless terminal 300. The input value includes a value designated as a value to be input from the wireless terminal 300 and preferably includes a time value matched with the international time obtained through the timer of the wireless terminal 300, And an identification value assigned to or assigned to the user. Preferably, the input value includes both the time value and the identification value, and it is possible to selectively include any one (e.g., time value) according to an implementation method. According to the extended method of the present invention, the input value includes the terminal side random number value generated by the program 315 of the wireless terminal 300 or the challenge value received from the transaction means control system 200 .

The generation unit 420 includes the code generation algorithm and includes a seed of the code generation algorithm included in the input value (or a part of the input value) received through the reception unit 415 to generate a one- Dynamically generated. Preferably, the generator 420 dynamically generates the one-time code using the input value as one of the seeds. If the time value and the identification value are included in the input value, the generator 420 dynamically generates the one-time code of the designated code system by including the time value and the identification value in the seed of the code generation algorithm, or The time value included in the input value may be included in the seed of the code generation algorithm to dynamically generate the disposable code of the designated code system. Meanwhile, when the seed value designated in the memory unit 445 is stored, the generator 420 outputs the input value (or a part of the input value) received via the receiver 415 and the stored seed value to the code generation algorithm To generate the one-off code of the specified code system dynamically.

Meanwhile, the authentication unit 435 may process the designated authentication for dynamically generating the disposable code at a designated point in the process of receiving the input value from the wireless terminal 300 and generating the disposable code. Preferably, the designated authentication may include PIN (Personal Identification Number) authentication. The authentication unit 435 stores a PIN authentication value for PIN authentication, receives the PIN value from the wireless terminal 300, and can authenticate the received PIN value using the PIN authentication value. For example, the PIN value may be received and authenticated before the input value is received, or received and authenticated with the input value. According to an embodiment of the present invention, the time when the authentication is processed may be performed before the disposable code is provided from the chip module 400 to the wireless terminal 300, and thus the present invention is not limited thereto. The authentication process may be omitted according to the intention of those skilled in the art.

The providing unit 425 provides the generated disposable code to the wireless terminal 300. The wireless terminal 300 receives the disposable code and the program 315 of the wireless terminal 300 processes the disposable code to be transmitted to the transaction means control system 200. [

Meanwhile, the memory unit 445 stores the disposable code according to an embodiment of the present invention by storing (not shown) an encryption key matching the decryption key on the received transaction means control system 200, The encryption unit 430 receives an encryption key matching the decryption key on the transaction means control system 200 from the program 315 of the wireless terminal 300 and the encryption unit 430 encrypts the generated one- . In this case, the providing unit 425 may provide the encrypted disposable code to the wireless terminal 300. The wireless terminal 300 may receive the encrypted one-off code and the program 315 of the wireless terminal 300 may process the encrypted one-time code to be transmitted to the transaction means control system 200. [

FIG. 5 is a diagram illustrating a customer-owned wireless medium authentication process according to an embodiment of the present invention.

5 shows the program 315 in cooperation with the transaction means control system 200 when the program 315 of FIG. 3 is loaded into and driven by the customer-owned wireless terminal 300, A wireless medium authentication method, and a wireless medium authentication procedure to request the wireless terminal (300), on which the program (315) is mounted, to request the customer's transaction means It will be appreciated by those skilled in the art that various changes and modifications may be made to the method of the present invention without departing from the spirit and scope of the present invention. It is to be understood that the invention may be practiced otherwise than as specifically described herein, Only an exemplary method illustrated in figure 5 is not limited that technical feature.

5, when the program 315 of FIG. 3 is loaded and operated on the customer-owned wireless terminal 300, the program 315 of the wireless terminal 300 transmits a communication channel to the transaction- (500). The program 315 of the wireless terminal 300 may be configured to perform a program authentication procedure according to the first to sixth program authentication methods and / or a program authentication procedure according to the first to sixth program authentication methods in cooperation with the transaction means control system 200, The wireless terminal authentication method according to the fourth to fourth wireless terminal authentication methods, and / or the wireless media authentication methods according to the first to fourth wireless medium authentication methods, (505) with the customer-owned wireless medium which can request the customer's transaction means to switch to the active state. If the wireless terminal 300 equipped with the program 315 is authenticated by the wireless medium owned by the customer, the transaction means control system 200 performs the program authentication procedure according to the first to sixth program authentication methods and / Or the wireless terminal authentication procedure according to the first to fourth wireless terminal authentication methods, and / or the wireless medium authentication information for performing one or more authentication procedures in real time among other wireless medium authentication procedures for the first to fourth wireless medium authentication methods To a designated storage medium (510).

Thereafter, in the various processes in which the transaction means of the customer is switched to the active state through the program 315 of the customer-owned wireless terminal 300 or the customer's transaction means is forcibly restored to the inactive state, Using real-time customer owned wireless media authentication can be performed. In the flowcharts shown below, the process of real-time processing of the customer-owned wireless media authentication will be described for the sake of simplicity, but it is clear that the real-time authentication of the wireless medium owned by the customer is included according to the implementation method.

FIG. 6 is a diagram illustrating a process of keeping a customer's transaction means in an inactive state according to an embodiment of the present invention.

FIG. 6 is a flowchart illustrating a method of controlling the transaction means 200 in a case where the transaction means control system 200 keeps the customer's transaction means in an inactive state and the financial transaction using the inactive transaction means is confirmed, The present invention is not limited thereto. Those skilled in the art will be able to refer and / or modify FIG. 6 to illustrate various methods of maintaining the inactive state of the transaction means It is to be understood that the invention may be practiced otherwise than as specifically described herein, but it is to be understood that the invention is not to be limited to the specific embodiments thereof, Or more.

Referring to FIG. 6, the transaction means control system 200 registers and stores information for keeping the customer's transaction means inactive. Preferably, the transaction means control system 200 is adapted to control the customer's customer information corresponding to the transaction means for maintaining the inactive state, the customer identification information for the customer corresponding to the transaction means for maintaining the inactive state, At least one of customer-owned wireless terminal information may be registered and stored in a designated storage medium. Also, the transaction means control system 200 may be configured to transmit the wireless terminal 300 having the program 315 of FIG. 3 to the wireless terminal 300, The wireless medium authentication information for authentication can be confirmed and stored in the designated storage medium.

The transaction means control system 200 confirms the transaction means of the customer who has maintained the inactive state using the registered information, and keeps the transaction means of the confirmed customer in an inactive state (605). The transaction means control system 200 controls to keep the inactive state for all the transaction means issued (or opened) to the customer at the specific financial institution based on the customer information, or to maintain the inactive state through the customer terminal The transaction means selection information is registered and the transaction means corresponding to the transaction means selection information is kept in the inactive state or a transaction means of some of the transaction means issued (or opened) to the customer by the specific financial institution according to the specified policy A possible financial account, or a financial account capable of non-face-to-face financial transactions) may remain inactive.

The transaction means control system 200 requests the financial transaction using the transaction means of the customer kept in the inactive state and confirms that at least part of the transaction procedure for the financial transaction using the transaction means is performed 610. If the financial transaction using the inactive transaction means is confirmed, the transaction means control system 200 processes the transaction restriction corresponding to the inactive state of the transaction means of the customer (615). Here, the transaction restriction includes a process of notifying the customer that the transaction means of the customer to be used in the financial transaction is inactive, or includes at least one of a restriction not to complete the financial transaction, or a restriction to terminate the financial transaction .

Meanwhile, according to one embodiment of the transaction restriction, the transaction means control system 200 notifies the program 315 of the customer-owned wireless terminal 300 of the transaction procedure of the financial transaction using the inactive transaction means The program 315 of the wireless terminal 300 receives and displays the transaction procedure related information of the financial transaction using the inactive transaction means in response to the transaction procedure notification (625).

The program 315 of the wireless terminal 300 displays an interface for instructing the customer to request the activation change request or deactivation maintenance request or financial transaction initialization request of the customer for the transaction means of the customer (630), generates identification data based on information input through the interface (635), and transmits the identification data to the transaction means control system (200) (640).

The transaction means control system 200 receives (645) the identification data from the pre-or real-time authenticated program 315 of the wireless terminal 300, reads the received identification data, The customer's inactive maintenance or financial transaction initiation request is confirmed (650), and the financial transaction that the customer's transaction means is inactive is initialized (655) according to the confirmed request. Meanwhile, the program 315 of the wireless terminal 300 may transmit identification data corresponding to the customer's activation change request to the customer's transaction means in response to the transaction procedure notification. A flow chart will be described.

7 is a flowchart illustrating a process of authenticating a dynamically generated one-time code through the chip module 400 to convert an inactive transaction means into an active state according to an embodiment of the present invention, FIG.

In more detail, FIG. 7 shows that when the chip module 400 dynamically generates a disposable code and transmits it to the transaction means control system 200 through the wireless terminal 300, the transaction means control system 200 transmits the disposable code The process of confirming the validity of the chip module 400 and confirming the activation change request of the customer with respect to the inactive transaction means. If it is known to those skilled in the art, (For example, omitting some steps or changing the order) for the end-to-end authentication and activation change request confirmation process by referencing and / And the technical features thereof are not limited only by the method shown in FIG.

Referring to FIG. 7, the program 315 of the wireless terminal 300 allows the customer 315 of the customer-owned wireless terminal 300 to request the customer to request the change of the transaction means of the customer, 4, an interface screen is displayed (700) for instructing to perform a procedure for dynamically generating a disposable code through a chip module 400 having the configuration of FIG. 4, and a chip module 400 (705). If the chip module 400 is confirmed, the program 315 of the wireless terminal 300 acquires 710 an input value to be provided to the chip module 400, (715). PIN authentication can be performed in the process of providing the input values according to the method.

The chip module 400 receives the input value (720), and dynamically generates a disposable code of a designated code system through a designated code generation algorithm using the input value as a seed (725).

If the disposable code is dynamically generated, the chip module 400 provides the disposable code to the wireless terminal 300 (730). The chip module 400 may encrypt and provide the disposable code according to an embodiment of the present invention. The program 315 of the wireless terminal 300 receives the disposable code (735).

The program 315 of the wireless terminal 300 transmits identification data including the one-time code to the transaction means control system 200 (740). The program 315 of the wireless terminal 300 may transmit authentication information for performing at least one authentication procedure of program authentication, wireless terminal authentication, and wireless medium authentication to the identification data, At least one of the wireless terminal authentication and the wireless medium authentication can be performed in real time. Alternatively, the program 315 of the wireless terminal 300 may perform at least one of authentication of the program, wireless terminal authentication, and wireless medium authentication in cooperation with the transaction means control system 200 before or after the identification data is transmitted Can be performed in real time.

The transaction means control system 200 receives (745) identification data including the disposable code from a pre-or real-time authenticated program 315 of the wireless terminal 300. If the one-time code is encrypted through the chip module 400, the transaction means control system 200 can decrypt and recover the encrypted one-time code.

The transaction means control system 200 performs a procedure for authenticating the validity of the disposable code (750). If the result of the verification of the validity of the disposable code is confirmed, the transaction means control system 200 determines whether the disposable code is valid or not based on the authentication result of the disposable code, It is determined whether the validity is authenticated (755).

If the validity of the chip module 400 is not authenticated via the one-off code, the transaction means control system 200 provides an authentication error to the program 315 of the wireless terminal 300 (760) An authentication error is stored (760) and the program (315) of the wireless terminal (300) receives and outputs the authentication error from the transaction means control system (200).

Meanwhile, when the validity of the chip module 400 is authenticated through the disposable code, the transaction means control system 200 determines whether the validity of the chip module 400 is validated based on the validity of the chip module 400, (770) that the telephone is requested to be activated for the customer's financial transaction.

FIG. 8 is a diagram illustrating a process of switching an inactive transaction means to an active state according to an embodiment of the present invention.

8 is a flowchart illustrating a process for switching an activation of a customer transaction means using a program 315 provided in a customer-owned wireless terminal 300 and a chip module 400 loaded or unloaded from the wireless terminal 300 And the customer's trading means in an inactive state is switched to the active state. If the customer is a person skilled in the art, referring to and / or modified in FIG. 8, It is to be understood that the invention may be practiced otherwise than as specifically described herein, but it will be appreciated that the invention may be practiced otherwise than as specifically described herein, The technical characteristics thereof are not limited.

Referring to FIG. 8, when a request for activation change of a customer for an inactive transaction means is confirmed through the process of FIG. 7, the transaction means control system 200 transmits a transaction means of a customer, (830). ≪ / RTI > At this time, the control condition for the transaction means to be switched to the active state can be automatically set through the transaction means control system 200.

In the case where the pre-authorization information for the transaction means to be switched to the active state is registered and / or the control condition is set by the customer according to the execution method, the program 315 of the wireless terminal 300 is a program (800) an interface for pre-approved information registration and / or control condition setting of the transaction means to be switched to the active state during or after performing the pre-approved information registration and / or control condition Information for setting is inputted (805).

If the information for the pre-approval information registration and / or control condition setting is input, the program 315 of the wireless terminal 300 transmits the pre-approval information and / or control condition corresponding to the input information to the transaction To the means control system 200 (810). Or the program 315 of the wireless terminal 300 may include the pre-admission information and / or control conditions in the identification data transmitted to the transaction means control system 200 in FIG. 7, A condition may be transmitted to the transaction means control system 200 together with the identification data (810).

The transaction means control system 200 may read the identification data to confirm the pre-authorization information and / or the control condition for the transaction means to be activated, or to confirm the pre-approval or real time authenticated program 315 of the wireless terminal 300, (815), and registers the pre-approval information for the transaction means of the customer to be switched to the activated state using the pre-approval information and / or the control condition transmitted from the customer (820). If the pre-authorization information for the transaction means to be activated is registered and / or the control condition for the transaction means to be activated is set, the transaction means control system 200 determines the transaction means of the customer (825) to an active state available for the customer's financial transaction.

After the transaction means of the customer is switched to the active state, the transaction means control system 200 restores the transaction means of the customer switched to the active state to the inactive state using the automatic (or by the customer) (830). If the customer's transaction means is restored to the inactive state as a result of the determination, the transaction means control system 200 automatically deactivates the transaction means of the customer restored to the active state by the pre-request of the customer before the financial transaction (835). For example, if the condition is set to restore the inactive state after one transaction to the control condition, the transaction means control system 200 disables the transaction means of the customer after one financial transaction using the activated transaction means Can be restored automatically. Alternatively, if the condition is set to restore the inactive state after one hour to the control condition, the transaction means control system 200 determines whether the transaction means is activated regardless of whether the transaction is made using the activated transaction means It is possible to automatically restore the transaction means of the customer to the inactive state at the time when one hour has elapsed. Alternatively, if the condition is set so as to restore the inactive state after 18:00 in the control condition, the transaction means control system 200 can notify the customer of the customer after 18:00 pm regardless of whether or not the transaction is made using the activated transaction means The transaction means can be automatically restored to the inactive state.

FIG. 9 is a diagram illustrating a process of controlling financial transactions using transaction means that have been switched to the active state using the pre-approval information according to an embodiment of the present invention.

More specifically, FIG. 9 illustrates a process of controlling a financial transaction using the activated transaction means using the pre-approved information when pre-approved information is registered when the customer's transaction means is activated , Those skilled in the art will be able to refer to and / or modify the FIG. 9 to understand the various ways of implementing the financial transaction control process (e.g., some steps may be omitted, However, the present invention is not limited to the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

Referring to FIG. 9, when the pre-approval information is registered when the customer's transaction means is activated, the transaction means control system 200 performs at least some transaction procedures using the customer transaction means turned into the activated state (900). According to the method of the present invention, in the case where the pre-approval information is registered, while the transaction procedure using the customer transaction means switched to the activated state is being performed, in order to authenticate the pre-approved information, May be performed.

If the financial transaction using the customer transaction means switched to the activated state is confirmed, the transaction means control system 200 checks the pre-approval information inputted through the customer during the transaction procedure for the financial transaction (905). When the transaction means of the customer is activated, the validity of the pre-approval information inputted through the customer during the transaction procedure is authenticated (910) using the pre-approval information registered.

If the validity of the pre-authorization information is not authenticated, the transaction means control system 200 processes 915 to limit the financial transaction using the transaction means of the customer in response to the pre-approved information authentication error (915) (920) a process of restoring the transaction means of the customer who has been switched to the activated state to the inactive state and / or initializing the financial transaction being executed in the state where the transaction means of the customer is switched to the active state, .

Meanwhile, when the validity of the pre-authorization information is authenticated, the transaction means control system 200 controls the procedure of the financial transaction to be performed using the transaction means of the customer who has been switched to the activated state without restriction (925).

FIG. 10 is a diagram illustrating a process of controlling a financial transaction using a transaction means that is switched to an active state using control conditions according to an embodiment of the present invention.

More specifically, FIG. 10 illustrates a process of controlling a financial transaction using the active transaction means using the control condition when a control condition is set when a customer's transaction means is activated. Those skilled in the art will be able to refer to and / or modify the FIG. 10 to implement various methods of implementing the financial transaction control process (e.g., some steps may be omitted or the order may be changed) It should be understood that the present invention includes all of the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

Referring to FIG. 10, when the control condition is set when the transaction means of the customer is switched to the active state, the transaction means control system 200 controls the transaction means 200, Confirm the transaction (1000).

If the financial transaction using the customer transaction means turned to the active state is confirmed, the transaction means control system 200 checks whether the financial transaction using the transaction means of the customer switched to the activated state meets the set control condition 1005). According to another embodiment of the present invention, the transaction means control system 200 can confirm whether the activation state of the customer's transaction means matches the set control condition regardless of the financial transaction confirmation.

If it is determined that the financial transaction using the customer's transaction means does not comply with the control condition, the transaction means control system 200 processes the transaction to limit the financial transaction using the transaction means of the customer in response to the control condition authentication error (1010), a step of restoring the transaction means of the customer who has been switched to the activated state to an inactive state according to the method, and / or a procedure of initializing the financial transaction which is being executed in a state where the transaction means of the customer is switched to the active state (1015).

On the other hand, if it is determined that the financial transaction using the transaction means of the customer meets the control condition, the transaction means control system 200 uses the transaction means of the customer who has been switched to the activated state, (1020).

FIG. 11 is a diagram illustrating a process of forcibly restoring an active state trading unit to an inactive state according to an embodiment of the present invention.

More specifically, FIG. 11 illustrates a process of forcibly restoring a transaction means of a customer in an active state to an inactive state according to an inactive restoration request using a program 315 provided in a customer-owned wireless terminal 300, Those skilled in the art will be able to refer to and / or modify the FIGURE 11 to illustrate various implementations of the inactive state forcible recovery process (e.g., However, the present invention includes all of the above-mentioned embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

Referring to FIG. 11, the program 315 of the customer-possessed wireless terminal 300 displays an interface for instructing a customer to request a forced return of the transaction means of the customer who has been switched to the active state to the inactive state 1100). Preferably, the program 315 of the wireless terminal 300 may display the interface according to the first to fourth operational embodiments.

The program 315 of the wireless terminal 300 inputs information corresponding to the customer-induced action to forcefully restore the customer's transaction means to the inactive state through the interface (1105). If the information for requesting for forcible restoration of the transaction means of the customer is input, the program 315 of the wireless terminal 300 transmits the transaction means of the customer maintaining the activated state based on the input information (1110), and transmits the generated identification data to the transaction means control system (200) (1115).

The transaction means control system 200 receives (1120) the identification data transmitted from the prior or real-time authenticated program 315 of the wireless terminal 300, reads the received identification data, (1125) the inactivity restoration request of the customer. If the inactivity restoration request of the customer is confirmed, the transaction means control system 200 can forcibly restore the transaction means of the customer maintaining the activated state to the inactive state (1130).

On the other hand, if the transaction procedure of the financial transaction using the transaction means forcibly restored to the inactive state at the time of forcible restoration of the transaction means to the inactive state is being performed according to the embodiment, The restored transaction means may be used to initialize the financial transaction being performed (1135).

100: operating server 105: financial server
200: Transaction means control system 205: Information registration processor
210: medium authentication processing unit 215:
220: Data receiving unit 255: Code authentication control unit
230: Data reading unit 235: State change control unit
240: Pre-approval reception unit 245: Approval information storage unit
250: financial transaction confirmation unit 255: pre-approval authentication unit
260: Transaction procedure control unit 265: Transaction condition setting unit
270: transaction procedure initialization unit 300: wireless terminal
315: Program 400: Chip module

Claims (23)

A transaction means control method using chip module authentication executed by a server,
A first step of controlling the customer to maintain an inactive state for a transaction means;
The mobile terminal is dynamically generated through a chip module mounted or detached from the pre-registered wireless terminal owned by the customer to switch the inactive transaction means to an active state, and then transmitted through a pre- or real- A second step of receiving identification data including a disposable code;
A third step of confirming the activation change request of the customer to the inactive transaction means based on the authentication result of the one-time use code dynamically generated through the chip module;
A fourth step of controlling the transaction means of the customer to be in an activated state based on the confirmed activation change request; And
And restoring the transaction means of the customer switched to the activated state according to the specified condition to the inactive state.
The method according to claim 1,
Further comprising the steps of: registering customer information of a customer corresponding to the transaction means for maintaining the inactive state and storing the customer information in a designated storage medium,
Wherein the first step is to maintain the inactive state of the transaction means of the customer corresponding to the customer information.
The method according to claim 1,
And registering customer identification information on a customer corresponding to the transaction means to maintain the inactive state and storing the customer identification information in a designated storage medium,
Wherein the first step maintains an inactive state of a customer's transaction means corresponding to the customer identification information.
The method according to claim 1,
Further comprising the step of confirming or registering the customer's own wireless terminal information corresponding to the transaction means to maintain the inactive state and storing the information in a designated storage medium,
Wherein the first step maintains the inactive state of the transaction means of the customer corresponding to the wireless terminal information.
The method according to claim 1,
Further comprising the step of verifying the validity of a program being provided or running on the customer-owned wireless terminal, or confirming the result of verifying the validity of the program.
The method according to claim 1,
Further comprising the step of authenticating the validity of the customer-owned wireless terminal having the program or running the program or confirming the result of validating the validity of the customer-owned wireless terminal. Way.
The method according to claim 1,
A step of authenticating the validity of the customer-owned wireless medium including the program being provided or being driven by the customer-owned wireless terminal and the wireless terminal including or running the program, or confirming the result of verifying the validity of the customer-owned wireless medium The method according to claim 1, further comprising:
2. The method according to claim 1,
Characterized in that a disposable code dynamically generated through a chip module mounted or detached from the pre-registered wireless terminal owned by the customer is received via the program of the wireless terminal to switch the inactive transaction means to the active state A method of controlling a transaction means using chip module authentication.
2. The method according to claim 1,
The customer identification information input by the customer,
And at least one of partial selection information selected from the pre-registered customer information of the customer.
The method according to claim 1,
Wherein the identification data further includes authentication information for authenticating the validity of a program that is provided or running on the customer-owned wireless terminal,
Wherein the second step further comprises the step of authenticating the validity of the program being provided or running on the customer-owned wireless terminal using the authentication information, or confirming the result of verifying the validity of the program Control method of transaction means using chip module authentication.
The method according to claim 1,
Wherein the identification data further includes authentication information for authenticating the validity of a customer-owned wireless terminal equipped with or running the program,
The second step may further include the step of authenticating the validity of the customer-owned wireless terminal having the program or running the program using the authentication information, or confirming the result of verifying the validity of the customer-owned wireless terminal And controlling the transaction means using the chip module authentication.
The method according to claim 1,
Wherein the identification data further includes authentication information for authenticating the validity of a customer-owned wireless medium including a program that is provided or operated by the customer-owned wireless terminal and a wireless terminal that is equipped with or running the program,
The second step may include authenticating the validity of the customer-owned wireless medium including the program being provided or running on the customer-owned wireless terminal and the wireless terminal having the program or running the program using the authentication information, Further comprising the step of confirming a result of the authentication of the validity of the wireless medium.
The method according to claim 1,
Further comprising the step of authenticating the validity of the one-time use code dynamically generated through the chip module or confirming the authentication result of the one-time use code.
The method according to claim 1,
Authenticating the validity of the chip module mounted or detached from the wireless terminal based on the authentication result of the disposable code,
Wherein the third step is to confirm the activation change request of the customer to the inactive transaction means when the validity of the chip module mounted or detached from the wireless terminal is authenticated through the disposable code Control method of transaction means using chip module authentication.
The method according to claim 1,
Receiving preauthorization information for the transaction means to be switched from the pre-registered or real-time authenticated program of the pre-registered wireless terminal owned by the customer to the activated state; And
And storing the confirmed pre-approval information in a designated storage medium.
16. The method of claim 15,
If the pre-admission information is stored,
Confirming a financial transaction using the transaction means of the customer switched to the activated state;
Controlling the validity of the pre-approved information input through the customer during financial transactions using the transaction means using the stored pre-approval information; And
And controlling the transaction of the financial transaction using the transaction means of the customer to be performed when the pre-approval information is authenticated.
The method as claimed in claim 1,
Further comprising the step of setting at least one control condition of an activation period, an activation time, and a transaction use count for the transaction means to be switched to the activation state.
The method according to claim 1,
Further comprising the step of confirming at least one of an activation period, an activation time, and a transaction usage count for the transaction means that is switched from the pre-registered or real-time authenticated program of the pre-registered wireless terminal owned by the customer to the activated state ,
Wherein the fourth step further comprises setting the confirmed control condition to the transaction means that is switched to the activated state.
The method according to claim 17 or 18,
When the control condition is set,
Confirming a financial transaction using the transaction means of the customer switched to the activated state;
If the confirmed financial transaction meets the control condition, maintains the activated state of the transaction means of the customer so that the transaction means of the customer is restored to the inactive state when the checked financial transaction does not match the control condition The method of claim 1 or 2, further comprising:
The method according to claim 17 or 18,
When the control condition is set,
Comparing the activation state of the transaction means of the customer with the control condition to maintain the activation state of the transaction means of the customer when the activation state meets the control condition and if the activation state does not match the control condition And controlling the transaction means of the customer to be restored to an inactive state when the transaction unit is in the inactive state.
The method according to claim 1,
Further comprising the step of confirming the financial transaction being performed before the transaction means is switched to the active state when the transaction means of the customer is activated,
Wherein the fourth step is to activate the transaction means of the customer after initializing the confirmed financial transaction of the customer.
The information processing apparatus according to claim 1,
Financial accounts of customers opened at financial institutions,
Financial cards issued by financial institutions to customers,
And authentication means used for non-face-to-face financial transaction of the customer.
The chip module according to claim 1,
A USIM mounted or detached from the wireless terminal,
And an SD memory mounted on or detached from the wireless terminal and having an IC chip mounted thereon.

Images