KR20160119296A - Method and system for providing payment service using one time card number - Google Patents

Method and system for providing payment service using one time card number Download PDF

Info

Publication number
KR20160119296A
KR20160119296A KR1020150046657A KR20150046657A KR20160119296A KR 20160119296 A KR20160119296 A KR 20160119296A KR 1020150046657 A KR1020150046657 A KR 1020150046657A KR 20150046657 A KR20150046657 A KR 20150046657A KR 20160119296 A KR20160119296 A KR 20160119296A
Authority
KR
South Korea
Prior art keywords
card
settlement request
card settlement
code
payment
Prior art date
Application number
KR1020150046657A
Other languages
Korean (ko)
Other versions
KR101667193B1 (en
Inventor
박수현
이경수
Original Assignee
현대오토에버 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 현대오토에버 주식회사 filed Critical 현대오토에버 주식회사
Priority to KR1020150046657A priority Critical patent/KR101667193B1/en
Publication of KR20160119296A publication Critical patent/KR20160119296A/en
Application granted granted Critical
Publication of KR101667193B1 publication Critical patent/KR101667193B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/348Single-use cards, i.e. without possibility of recharging
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists

Abstract

The present embodiments relate to a method and a payment system for providing a settlement service using a disposable card number so that a secure card settlement is possible.

Description

METHOD AND SYSTEM FOR PROVIDING PAYMENT SERVICE USING ONE TIME CARD NUMBER < RTI ID = 0.0 >

The embodiments are directed to a method and system for providing a payment service.

Conventionally, a user makes payment by using a credit card, a check card or the like when paying a commodity purchase price or paying for a service use fee.

In this way, at the time of settlement, a card number assigned by a credit card company is given to a card such as a credit card or a check card to be used.

If the card number of the card is leaked by a hacking to a system or a device (for example, a card terminal, a VAN server, a payment server, a network device, etc.) on a normal route in a card settlement process, And there is a problem that can receive mental damage.

In the conventional payment system, only the prevention of card number leakage is focused, and once the card number is leaked through hacking or the like, the card number can not be prevented from being stolen or abused at all.

It is an object of the embodiments of the present invention to provide a method and a payment system for providing a settlement service using a disposable card number so that a secure card settlement is possible.

Another object of the present invention is to provide a method and a payment system for providing a settlement service by using a one-time card number that can prevent the abuse and abuse of card information even if card information is leaked from any position.

Another object of the present invention is to provide a method and system for providing a settlement service using a one-time card number, which can not lead to a card security accident even if card information transmitted from a card terminal to a payment server is leaked, System.

In one aspect, the present embodiments provide an IC card including an IC chip for generating a one-time card number for requesting a current card settlement based on a card settlement request count code for a current card settlement request, A payment server for extracting a card settlement request count code for a request, determining whether the extracted card settlement request count code is a valid value, and performing approval processing for payment information for a current card settlement request according to a determination result It is possible to provide a payment system using a disposable card number.

According to another aspect of the present invention, there is provided a method of controlling an IC card, comprising the steps of: recognizing a current card settlement request by an IC card; generating a card settlement request count code for a current card settlement request; Generating and outputting a one-time card number based on the card settlement request count code of the payment server, extracting a card settlement request count code for a current card settlement request from the one-time card number, Determining whether the request count code is a valid value, and performing a process of approving payment information for a current card settlement request according to a determination result, when the payment server provides the settlement service using the disposable card number Can be provided.

According to the embodiments, a method and a payment system for providing a settlement service using a disposable card number can be provided so that a secure card settlement is possible.

According to the embodiments, it is possible to provide a method and a payment system for providing a settlement service using a single-use card number that can prevent the card information from being stolen and abused even if the card information flows out from any position.

In addition, according to the embodiments, a method of providing a payment service using a one-time card number, which makes it impossible to lead to a card security accident even if card information transmitted between a card terminal and a payment server is leaked for a card settlement, System can be provided.

1 is a view showing a payment system using a disposable card number according to the present embodiments.
2 is a diagram illustrating a procedure for providing a settlement service using the disposable card number according to the present embodiments.
FIGS. 3 to 5 are diagrams for explaining a method of providing a settlement service using an IC card according to the present embodiment using a single-use card number.
6 to 8 are views for explaining a method of providing a settlement service using a disposable card number by a payment server according to the present embodiments.
9 is a flowchart illustrating a method of providing a settlement service using a disposable card number according to the present embodiments.

Hereinafter, some embodiments of the present invention will be described in detail with reference to exemplary drawings. It should be noted that, in adding reference numerals to the constituent elements of the drawings, the same constituent elements are denoted by the same reference symbols as possible even if they are shown in different drawings. In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear.

In describing the components of the embodiments, terms such as first, second, A, B, (a), and (b) may be used. These terms are intended to distinguish the constituent elements from other constituent elements, and the terms do not limit the nature, order or order of the constituent elements. When a component is described as being "connected", "coupled", or "connected" to another component, the component may be directly connected to or connected to the other component, It should be understood that an element may be "connected," "coupled," or "connected."

1 is a view showing a payment system 100 using a one time card number (OTC) according to the present embodiments.

1, a payment system 100 using a disposable card number (OTC) according to the present embodiment includes an IC card 110 including an IC chip 111, an IC card terminal 120, (140), and the like.

The user is required to pay the card payment to the IC card 110 via the IC card terminal 120 provided at the merchant's point of the IC card 110 in order to pay a fee for purchasing goods or using the service at the merchant's point of the IC card 110. [ .

At this time, the IC card 110 recognizes that the card settlement request has occurred.

To this end, the IC card 110 may detect that information in the IC card 110 is read or accessed by the IC card terminal 120, thereby recognizing that the card settlement request is made.

As another example, the IC card 110 may receive a signal indicating that a card settlement request has occurred from the IC card terminal 120, and may recognize that a card settlement request has occurred.

Here, the IC card 110 may be a magnetic IC card, a contact type IC card, a contactless type IC card or the like as a card such as a credit card or a check card including the IC chip 111 and may include only the IC chip 110 The card may be any type of card.

In the IC card 110, a unique card number (hereinafter also referred to as "unique code") assigned by an institution such as a bank or a credit card company is defined when a card is issued.

Generally, a card is settled by using the card number assigned to the card. In such a case, however, if the card number is leaked, the cardholder may suffer tremendous financial damage.

However, in the present embodiments, in order to enhance the card security, a unique card number which does not change during the existence of the IC card 110 is used at the time of card settlement, and a one-time card number (OTC) Create and use.

In the present embodiments, when generating the disposable card number (OTC), the existing information generation method such as random number generation and encryption is not used, but instead of using the information counted according to the use history of the IC card 110, Create a card number.

In the case of the conventional information generation method, when the random number generation rule and the encryption rule are known, the new information generated by the existing information generation method such as random number generation and encryption can be easily grasped and the card can be used without restriction.

However, in the present embodiments, since the one-time-use card number (OTC) is generated by using the information that is never known even by a malicious user, the risk that the one-time card number (OTC) It can be originally prevented or its risk can be significantly reduced.

Here, the information that is never known even if it is a malicious user may be information indicating how much the user has used the IC card 110. For example, the card payment request count code RTC ).

When the IC chip 111 of the IC card 110 recognizes that the current card settlement request has occurred, the IC chip 111 of the IC card 110 determines whether the current card settlement request has been issued based on the counted card settlement request count code (RTC) A disposable card number (OTC) can be generated.

The payment server 140 extracts the card settlement request count code (RTC) for the current card settlement request from the one-time card number (OTC) generated by the IC card 110 with reference to the synthesized code generation rule, It is determined whether the card settlement request count code (RTC) is a valid value, and the approval processing for the payment information for the current card settlement request can be performed according to the determination result.

The payment server 140 counts each time the IC chip 111 requests the card payment to determine the validity of the extracted card settlement request count code RTC so as to store the card settlement request count code RTC , Counts and stores the card settlement approval count code (ATC) corresponding to the card settlement request count code (RTC) at each card settlement approval, compares the counted number with the extracted card settlement request count code (RTC) And determines the validity of the settlement request count code (RTC).

That is, the information on the history of the use of the IC card 110 by the user may be information that is known only to the IC card 110 and the payment server 140, and which can not be detected by a malicious user.

In this specification, the "card settlement request count code (RTC) " for the current card settlement request is information indicating the card usage history of the IC card 110 until the current card settlement request, The total number of times the card has been processed.

Here, the total card settlement request processing count may be the number of times that the card settlement approval processing succeeds, or the number of card settlement request processing in which the card settlement approval is successful and the number of card settlement request processing May be added.

As another example, the "card settlement request count code (RTC)" for the current card settlement request may be a value indicating the one-time card settlement request.

The IC card terminal 120 described above reads or receives the one-time card number (OTC) from the IC card 110 and transmits it together with the payment information for the current card payment request, And can receive the approval processing result from the payment server 140. [

Here, the payment information for the current card settlement request basically includes the settlement amount information, for example, and may further include merchant information, date information, and the like.

The card settlement request count code (RTC) for the current card settlement request may be included in the settlement information for the current card settlement request, or the card settlement request count code (RTC) for the current card settlement request and the current card settlement request May be transmitted separately.

The IC card terminal 120 described above may be a dedicated terminal of the IC card 110 according to the present embodiments, but may be an IC card terminal that can also use a general credit card or the like.

1, the payment system 100 using the disposable card number (OTC) according to the present embodiment is provided with a card settlement request between the IC card terminal 120 and the payment server 140, And a Value Added Network (VAN) server 130 for relaying information and data related to card payment approval.

The value added network server 130 recognizes the general card number of the card company as the disposable card number OTC generated by the IC card 110 but does not recognize the card number as a newly created card number from the general card number.

Therefore, the risk that an actual card number (unique code) of the IC card 110 is leaked on the value-added network server 130 or the transmission / reception line thereof can be prevented originally.

On the other hand, the payment system 100 using the disposable card number (OTC) according to the present embodiment has a database server including an encryption key management system for decrypting the one-time card number OTC . The database server may be built into the billing server 140.

In this specification, the IC card terminal 120 may be a general card terminal that reads the IC card 120 in a contact or non-contact manner to request a card settlement, or may be a computer such as a smart phone, a notebook, and a PC.

Hereinafter, a method of providing a settlement service using the disposable card number (OTC) according to the above-described embodiments will be described in more detail with reference to FIG. 2 to FIG.

2 is a diagram illustrating a procedure for providing a settlement service using the disposable card number (OTC) according to the present embodiments. FIGS. 3 to 5 are views for explaining a method of providing a settlement service using the disposable card number (OTC) by the IC card 110 according to the present embodiments. 6 to 8 are diagrams for explaining a method in which the payment server 140 according to the present embodiment provides a settlement service using a one-time card number (OTC).

3, the IC chip 111 of the IC card 110 includes a controller 310, a memory 320, and the like.

3 and 4, the memory 320 stores a card settlement request count code (RTC) for a previous card settlement request of a current card settlement request before a current card settlement request is made.

4, the card settlement request count code (RTC) stored in the memory 320 is counted every time a card settlement request is made in an initial value (e.g., 000000), and is updated (For example, 000004).

3, the memory 320 includes a unique code (UC) uniquely assigned to the IC card 110, a cipher key (EK) used in the encryption procedure proceeded when the disposable card number (OTC) Are also stored.

6 and 7, the payment server 140 stores a unique code (UC) assigned to the IC card 110, and further stores a credit card approval count code (ATC) is stored.

7, the card settlement approval count code (ATC) counted up to the previous card settlement approval is information indicating the approval history of the card settlement request for the IC card 110 until the previous card settlement approval, (For example, 000004) corresponding to the stored card settlement request count code (RTC) counted from the initial value (e.g., 000000) in the IC card 110 until the previous card settlement request is counted every time the card payment is approved .

6, the payment server 140 further stores a decryption key (DK) for use in decrypting the disposable card number (OTC) generated in the IC chip 111 of the IC card 110 .

When the IC card 110 and the payment server 140 are in the information storage state before the current card settlement request is generated and the user makes a card settlement to the IC card 110, The settlement service is carried out.

Referring to FIG. 3, the IC chip 111 of the IC card 110 recognizes the occurrence of the current card settlement request (S210).

The IC chip 111 of the IC card 110 counts a card settlement request count code (RTC, for example, 000004) for a previous card settlement request in response to a current card settlement request and transmits a card settlement request Generates a count code (RTC, for example, 000005), and generates a one-time card number OTC using a card settlement request count code (RTC, for example, 000005) for the generated current card settlement request (S220).

The IC chip 111 of the IC card 110 sends the generated one-time card number OTC to the IC card terminal 120 (S230).

The process of generating and transmitting the one-time card number OTC (S220 and S230) is a process in which when the IC card 110 is a non-contact type card, the IC card 110 is connected to the IC card terminal 120 When the IC card 110 is a contact type card, the contact portion of the IC card 110 is simultaneously read while being read to the card reader portion of the IC card terminal 120 .

Referring to FIG. 5, the process of generating the disposable card number (OTC) (S220) will be described.

5, the IC chip 111 of the IC card 110 generates a card for a current card settlement request according to a synthesized code generation rule shared with the settlement server 140, (AC) based on the settlement request count code (RTC) and the pre-stored unique code (UC).

5, the IC chip 111 of the IC card 110 encrypts the composite code AC using a predefined encryption key EK to generate a one-time card number OTC.

The IC chip 111 of the IC card 110 encrypts the composite code AC by using a symmetric encryption method (also referred to as a secret key encryption method) or an asymmetric encryption method (also referred to as a public key encryption method) OTC).

That is, the encryption key EK may be a public key provided by the payment server 140 or a secret key known to the payment server 140 at the same time.

On the other hand, the above-mentioned unique code UC can be, for example, a unique and permanent card number for the IC card 110. [ This may be a general card number given by the card issuer.

The IC chip 111 may generate a composite code AC by adding a card settlement request count code (RTC) for the current card settlement request before or after the unique code UC.

For example, the unique code (UC) may be N (a natural number greater than or equal to 2, e.g., 6) digits. The card payment request count code (RTC) may be M (a natural number greater than or equal to 2, e.g., 3). The composite code (AC) may be a number of N + M digits.

The IC chip 111 may also generate a composite code (AC) by dividing the card settlement request count code (RTC) for the current card settlement request by one or more places determined by the unique code (UC).

For example, when the unique code UC is a six-digit number and the card settlement request count code RTC is a three-digit number, the first digit of the unique code UC and the second digit of the second A card settlement request count code (RTC) is inserted between the number and the fourth digit of the unique code (UC) and the fifth digit of the card settlement request count code (RTC) And the third digit of the card settlement request count code (RTC) is inserted between the fifth digit of the unique code (UC) and the sixth digit of the unique code (UC) A positional synthesis code (AC) can be generated.

On the other hand, the IC chip 111 generates a composite code (ICC) by using a specific value (for example, a one-digit odd number or an even value) to the unique code UC and then using a card settlement request count code (AC).

2, the IC card terminal 120 receives the disposable card number (OTC) from the IC card 110 and transmits the disposable card number (OTC) to the value-added network server 130 together with payment information To the payment server 140 (S240, 250).

At this time, the value added network server 130 may change the format of the disposable card number (OTC) according to the card number format of the card company.

The payment server 140 determines whether or not to approve the card payment for the payment information using the received one-time card number (OTC) (S260), and transmits the card payment approval result (approval or disapproval rejection) to the value- To the IC card terminal 120 (S270, 280).

In the card payment approval procedure (S260), the payment server 140 stores a card payment approval count code (ATC, for example, 000004) for previous card payment approval corresponding to the previous card payment request, OTC), a card settlement request count code (RTC, for example, 000005) for the current card settlement request is extracted from the disposable card number (OTC), and the card settlement approval count code (ATC) , It is determined whether the extracted card settlement request count code (RTC, e.g., 000005) is a valid value.

Here, the card settlement approval count code (ATC) for previous card settlement approval may be the total number of card settlement approval processes accumulated up to the previous card settlement approval.

Here, the total number of card payment approval processing times may be the number of times of only the card payment request processing in which the card payment approval has succeeded, or the number of card payment request processing in which the card payment approval has succeeded and the number of card payment request processing May be added.

As another example, the "card payment approval count code (RTC) " for previous card payment approval may be a value indicating the time of previous card payment request or previous card payment approval.

The card payment approval procedure (S260) will be described in more detail with reference to FIG.

In the payment server 140, the payment server 140 counts the card settlement approval count code (ATC) for the previous card settlement approval stored in advance and transmits the card settlement approval count code (ATC, : 000005).

The payment server 140 decrypts the disposable card number OTC using the predefined decryption key DK to obtain data corresponding to the composite code AC.

The payment server 140 extracts a unique code UC from the decrypted data (i.e., the composite code AC) and a card settlement request count code (RTC) for the current card settlement request.

The payment server 140 compares the card settlement approval count code (ATC) for the current card settlement approval with the card settlement request count code (RTC) for the current card settlement request to determine the validity.

The payment server 140 determines that the card settlement request count code (RTC) for the current card settlement request is a valid value, and performs an approval process for approving the settlement information for the current card settlement request do.

At this time, when the card settlement request count code (RTC) for the current card settlement request obtained as a result of the extraction is determined to be a valid value, the payment server 140 transmits a unique code UC ) To approve the payment information for the current card settlement request.

If the result of the comparison is no match, the payment server 140 determines that the card settlement request count code (RTC) for the current card settlement request is invalid, and refuses approval of the settlement information for the current card settlement request And performs approval processing.

Here, the approval processing may mean that the payment server 140 stores the approval processing information, the card usage history information and the like in the database and provides the approval processing result to the IC card terminal 120. [

Hereinafter, a method of providing a settlement service using the disposable card number (OTC) according to the embodiments described above will be briefly described again.

FIG. 9 is a flowchart illustrating a method of providing a settlement service using the disposable card number (OTC) according to the present embodiments.

9, a method of providing a settlement service using a disposable card number (OTC) according to the present invention includes a step S910 of recognizing a current card settlement request by the IC card 110, (S920) of generating a card settlement request count code (RTC) for a current card settlement request by the IC card 110 and a disposable A step S930 of generating and outputting a card number OTC and a step S940 of the payment server 140 extracting a card settlement request count code RTC for a current card settlement request from the disposable card number OTC, (S950) of determining whether the card settlement request count code (RTC) extracted by the settlement server 140 is a valid value, and a step S950 of causing the settlement server 140 to transmit settlement information (S960), and the like.

According to the embodiments, a method and a payment system for providing a settlement service using a disposable card number (OTC) can be provided so that a secure card settlement is possible.

In addition, according to the embodiments, a method of providing a settlement service using a one-time card number (OTC) that can prevent the stealing and abuse of card information even if card information (i.e., OTC) The payment system 100 can be provided.

In addition, according to the present embodiments, it is possible to prevent a card security accident from occurring even if card information (i.e., OTC) transmitted from the IC card terminal 120 to the payment server 140 is leaked, A method of providing a payment service using the number (OTC) and a payment system 100 can be provided.

As described above, all the constituent elements constituting the embodiments are described as being combined or combined into one, so that the embodiments are not necessarily limited to these embodiments. That is, within the scope of the embodiments of the present invention, all of the elements may be selectively coupled to one or more of them. In addition, although all of the components may be implemented as one independent hardware, some or all of the components may be selectively combined to perform a part or all of the functions in one or a plurality of hardware. As shown in FIG. The codes and code segments constituting the computer program may be easily deduced by those skilled in the art. Such a computer program can be stored in a computer-readable storage medium, readable and executed by a computer, thereby realizing an embodiment of the present invention. As a storage medium of the computer program, a magnetic recording medium, an optical recording medium, or the like can be included.

It is also to be understood that the terms such as " comprises, "" comprising," or "having ", as used herein, mean that a component can be implanted unless specifically stated to the contrary. But should be construed as including other elements. All terms, including technical and scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs, unless otherwise defined. Commonly used terms, such as predefined terms, should be interpreted to be consistent with the contextual meanings of the related art, and are not to be construed as ideal or overly formal, unless explicitly defined in the embodiments.

It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit and scope of the invention as defined by the appended claims. will be. Therefore, the embodiments are intended to illustrate and not limit the technical spirit of the present invention, and the scope of the technical idea of the present invention is not limited by these embodiments. The scope of protection of the present invention should be construed according to the following claims, and all technical ideas within the scope of equivalents should be construed as falling within the scope of the present invention.

Claims (13)

An IC card including an IC chip for generating a one-time card number for a current card settlement request based on a card settlement request count code for a current card settlement request; And
Extracts a card settlement request count code for a current card settlement request from the disposable card number, determines whether the extracted card settlement request count code is a valid value, and determines whether the current card settlement request count code is valid And a billing server for performing the processing of the billing information. The method according to claim 1,
The card payment request count code for the current card payment request,
A payment system using a one-time card number, which is the total number of processing times for processing a payment request for a card accumulated until the current payment request. The method according to claim 1,
The IC chip includes:
A card settlement request count code for the previous card settlement request of the current card settlement request is stored,
Wherein the counting unit counts a card settlement request count code for the previous card settlement request according to a current card settlement request and generates a card settlement request count code for a current card settlement request. The method of claim 3,
The payment server,
And stores a card settlement approval count code for previous card settlement approval corresponding to the previous card settlement request,
Based on the card settlement approval count code for the previous card settlement approval, determines whether the card settlement request count code for the current card settlement request extracted from the one-time card number is a valid value. 5. The method of claim 4,
The payment server,
Counting a card settlement approval count code for the previous card settlement approval, generating a card settlement approval count code for the current card settlement approval,
Comparing the card settlement approval count code for the current card settlement approval with the current card settlement request count code for the current card settlement request,
If it is determined that the current card settlement request count code is a valid value, performing an approval process for approving payment information for a current card settlement request,
If it is determined that the card settlement request count code for the current card settlement request is an invalid value, the disposable card number for performing the approval process for rejecting the approval of the payment information for the current card settlement request Used payment system. The method according to claim 1,
The IC chip includes:
Depending on the occurrence of the current card payment request,
Generates a composite code based on a card settlement request count code for a current card settlement request and a previously stored unique code according to a composite code generation rule shared with the payment server,
Wherein the one-time card number is generated by encrypting the composite code using a predefined encryption key. The method according to claim 6,
The payment server,
Decrypting the one-time card number using a predefined decryption key, extracting a card settlement request count code for the current card settlement request from the decrypted data with reference to the synthesized code generation rule,
It is determined whether the card settlement request count code for the current card settlement request obtained as a result of the extraction is a valid value. If the count value is a valid value,
Wherein the credit card acceptance unit accepts the payment information for the current card payment request with respect to the unique code. The method according to claim 6,
The IC chip includes:
And a credit card payment request code code for a current card payment request before or after the unique code to generate a composite code. The method according to claim 6,
The IC chip includes:
And generating a composite code by dividing the card settlement request count code for the current card settlement request every one or more digits determined in the unique code. 10. The method according to claim 8 or 9,
The IC chip includes:
Wherein the credit card number is generated by multiplying the unique code by a specific value and then generating a composite code using a card settlement request count code for a current card settlement request. The method according to claim 1,
The IC card terminal reads or receives the disposable card number from the IC card, transmits the disposable card number together with the payment information for the current card settlement request, and receives the approval processing result of the payment information for the current card settlement request from the payment server A payment system using a one-time card number that further includes. 12. The method of claim 11,
Further comprising a Value Added Network (VAN) server for relaying information and data related to the card payment request and the card payment approval between the IC card terminal and the payment server. The IC card recognizing the current card settlement request;
The IC card generating a card settlement request count code for a current card settlement request;
Generating and outputting a one-time card number based on a card settlement request count code for a current card settlement request;
Extracting a card settlement request count code for a current card settlement request from the one-time card number;
Determining whether the card settlement request count code extracted by the payment server is a valid value; And
And the payment server performs an approval process for the payment information for the current card payment request according to the determination result, using the one-time card number.
KR1020150046657A 2015-04-02 2015-04-02 Method and system for providing payment service using one time card number KR101667193B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150046657A KR101667193B1 (en) 2015-04-02 2015-04-02 Method and system for providing payment service using one time card number

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150046657A KR101667193B1 (en) 2015-04-02 2015-04-02 Method and system for providing payment service using one time card number

Publications (2)

Publication Number Publication Date
KR20160119296A true KR20160119296A (en) 2016-10-13
KR101667193B1 KR101667193B1 (en) 2016-10-19

Family

ID=57174113

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150046657A KR101667193B1 (en) 2015-04-02 2015-04-02 Method and system for providing payment service using one time card number

Country Status (1)

Country Link
KR (1) KR101667193B1 (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019031666A1 (en) * 2017-08-09 2019-02-14 주식회사 센스톤 Smart card for generating virtual card number and smart card-based virtual card number providing method and program
WO2019031715A1 (en) * 2017-08-09 2019-02-14 주식회사 센스톤 Virtual code-based control system, method and program, control device and control signal generating means
KR20190016890A (en) * 2017-08-09 2019-02-19 주식회사 센스톤 Payment system by intranet, the mobile device with intranet payment function, method and program for providing payment service by intranet
KR20190018463A (en) * 2019-02-15 2019-02-22 주식회사 센스톤 System, method and program for providing virtual code, vritual code generator and vritual code verification device
WO2019031716A3 (en) * 2017-08-09 2019-04-04 주식회사 센스톤 Virtual token-based settlement providing system, virtual token generation apparatus, virtual token verification server, virtual token-based settlement providing method, and virtual token-based settlement providing program
KR102005549B1 (en) * 2018-08-09 2019-07-30 주식회사 센스톤 System, method and program for providing financial transaction by virtual code, vritual code generator and vritual code verification device
WO2020032344A1 (en) * 2018-08-09 2020-02-13 주식회사 센스톤 Concreteness-based virtual code verification method, apparatus, and system
KR20200038451A (en) * 2020-04-06 2020-04-13 주식회사 센스톤 System, method and program for providing virtual code, vritual code generator and vritual code verification device
KR20200130207A (en) * 2020-04-06 2020-11-18 주식회사 센스톤 System, method and program for providing virtual code, vritual code generator and vritual code verification device
US10887097B1 (en) 2019-07-05 2021-01-05 Ballet Global Inc. Multi-address population based on single address
US11935044B2 (en) 2018-08-09 2024-03-19 SSenStone Inc. System, method and program for providing financial transaction by virtual code, virtual code generator and virtual code verification device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100598573B1 (en) * 2005-11-19 2006-07-07 주식회사 하이스마텍 Creating and authenticating one time card data using smartcard and the system therefor
KR20090115346A (en) * 2008-05-02 2009-11-05 주식회사 한국사이버결제 Method for electronic payment using credit card number identifying cord
JP2012103881A (en) * 2010-11-10 2012-05-31 Dainippon Printing Co Ltd Renewal card issuing system and method
KR20120088033A (en) * 2010-10-18 2012-08-08 주식회사 비즈모델라인 Method and System for Operating Dynamic Card Information, Device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100598573B1 (en) * 2005-11-19 2006-07-07 주식회사 하이스마텍 Creating and authenticating one time card data using smartcard and the system therefor
KR20090115346A (en) * 2008-05-02 2009-11-05 주식회사 한국사이버결제 Method for electronic payment using credit card number identifying cord
KR20120088033A (en) * 2010-10-18 2012-08-08 주식회사 비즈모델라인 Method and System for Operating Dynamic Card Information, Device
JP2012103881A (en) * 2010-11-10 2012-05-31 Dainippon Printing Co Ltd Renewal card issuing system and method

Cited By (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019031666A1 (en) * 2017-08-09 2019-02-14 주식회사 센스톤 Smart card for generating virtual card number and smart card-based virtual card number providing method and program
WO2019031715A1 (en) * 2017-08-09 2019-02-14 주식회사 센스톤 Virtual code-based control system, method and program, control device and control signal generating means
KR20190016890A (en) * 2017-08-09 2019-02-19 주식회사 센스톤 Payment system by intranet, the mobile device with intranet payment function, method and program for providing payment service by intranet
KR20190016893A (en) * 2017-08-09 2019-02-19 주식회사 센스톤 Payment card for generating virtual code, method and program for displaying the virtual card generated by payment card
KR20190016879A (en) * 2017-08-09 2019-02-19 주식회사 센스톤 Smart card for providing virtual card number, method and program for providing virtual card number by smart card
KR20190016880A (en) * 2017-08-09 2019-02-19 주식회사 센스톤 Smart card for providing virtual card number, method and program for providing virtual card number by smart card
US11842334B2 (en) 2017-08-09 2023-12-12 SSenStone Inc. Smart card for generating virtual card number, and method and program for providing smart card-based virtual card number
KR20190019980A (en) * 2017-08-09 2019-02-27 주식회사 센스톤 Smart card for providing virtual card number, method and program for providing virtual card number by smart card
WO2019031716A3 (en) * 2017-08-09 2019-04-04 주식회사 센스톤 Virtual token-based settlement providing system, virtual token generation apparatus, virtual token verification server, virtual token-based settlement providing method, and virtual token-based settlement providing program
US11775963B2 (en) 2017-08-09 2023-10-03 SSenStone Inc. Virtual code-based control system, method, and program, control device, and control signal generating means
KR20190089820A (en) * 2017-08-09 2019-07-31 주식회사 센스톤 Payment system by intranet, the mobile device with intranet payment function, method and program for providing payment service by intranet
KR20190139805A (en) * 2017-08-09 2019-12-18 주식회사 센스톤 Payment card for generating virtual code, method and program for displaying the virtual card generated by payment card
US11250417B2 (en) 2017-08-09 2022-02-15 SSenStone Inc. Virtual code-based control system, method, and program, control device, and control signal generating means
US11188895B2 (en) 2017-08-09 2021-11-30 SSenStone Inc. Virtual token-based settlement providing system, virtual token generation apparatus, virtual token verification server, virtual token-based settlement providing method, and virtual token-based settlement providing program
US20210157931A1 (en) * 2018-08-09 2021-05-27 SSenStone Inc. Method, device and system for verifying virtual code based on sphere
KR20200018254A (en) * 2018-08-09 2020-02-19 주식회사 센스톤 System, method and program for providing financial transaction by virtual code, vritual code generator and vritual code verification device
US11935044B2 (en) 2018-08-09 2024-03-19 SSenStone Inc. System, method and program for providing financial transaction by virtual code, virtual code generator and virtual code verification device
KR102005549B1 (en) * 2018-08-09 2019-07-30 주식회사 센스톤 System, method and program for providing financial transaction by virtual code, vritual code generator and vritual code verification device
WO2020032344A1 (en) * 2018-08-09 2020-02-13 주식회사 센스톤 Concreteness-based virtual code verification method, apparatus, and system
WO2020032321A1 (en) * 2018-08-09 2020-02-13 주식회사 센스톤 Virtual code-based financial transaction provision system, virtual code generation device, virtual code verification device, virtual code-based financial transaction provision method, and virtual code-based financial transaction provision program
CN112567413A (en) * 2018-08-09 2021-03-26 森斯通株式会社 Smart card for generating and providing virtual code, method and program thereof
CN112567411A (en) * 2018-08-09 2021-03-26 森斯通株式会社 Virtual code-based financial transaction providing system, virtual code generating device, virtual code verifying device, virtual code-based financial transaction providing method, and virtual code-based financial transaction providing program
KR20200018200A (en) * 2018-08-09 2020-02-19 주식회사 센스톤 Method and system for verifying virtual code based on sphere
KR20190018463A (en) * 2019-02-15 2019-02-22 주식회사 센스톤 System, method and program for providing virtual code, vritual code generator and vritual code verification device
US11128458B2 (en) 2019-07-05 2021-09-21 Ballet Global Inc. Tamper-evident verification of an article of manufacture
US10985917B2 (en) 2019-07-05 2021-04-20 Ballet Global Inc. Physical, tamper-evident cryptocurrency card
US10917238B2 (en) 2019-07-05 2021-02-09 Ballet Global Inc. Multi-address population based on single address
US11240021B2 (en) 2019-07-05 2022-02-01 Ballet Global Inc. Multi-address population based on single address
WO2021007128A1 (en) * 2019-07-05 2021-01-14 Ballet Global Inc. Multi-address population based on single address
US10887097B1 (en) 2019-07-05 2021-01-05 Ballet Global Inc. Multi-address population based on single address
US11799647B2 (en) 2019-07-05 2023-10-24 Ballet Global Inc. Multi-address population based on single address
KR20200130207A (en) * 2020-04-06 2020-11-18 주식회사 센스톤 System, method and program for providing virtual code, vritual code generator and vritual code verification device
KR20200038451A (en) * 2020-04-06 2020-04-13 주식회사 센스톤 System, method and program for providing virtual code, vritual code generator and vritual code verification device
KR20210143145A (en) * 2020-11-05 2021-11-26 주식회사 센스톤 Method and program for searching actual code based on virtual code
KR20220083642A (en) * 2020-11-05 2022-06-20 주식회사 센스톤 Method and program for searching actual code based on virtual code

Also Published As

Publication number Publication date
KR101667193B1 (en) 2016-10-19

Similar Documents

Publication Publication Date Title
KR101667193B1 (en) Method and system for providing payment service using one time card number
US11734679B2 (en) Transaction risk based token
van den Breekel et al. EMV in a nutshell
RU2547621C2 (en) Encryption switching processing
US10270587B1 (en) Methods and systems for electronic transactions using multifactor authentication
EP3571824B1 (en) Binding cryptogram with protocol characteristics
WO2014081073A1 (en) Mobile payment system and mobile payment method using dynamic track 2 information
CA2945601C (en) Transaction identification and recognition
Roland et al. Cloning Credit Cards: A Combined Pre-play and Downgrade Attack on {EMV} Contactless
US20160027017A1 (en) Method and system for using dynamic cvv in qr code payments
US20180039968A1 (en) Mobile payment method and system
CN104937626A (en) Authentication device and related methods
KR20170004339A (en) Payment system. card reader, terminal for payment and method for processing card information thereof
KR20160150419A (en) System and method for payment using barcode
KR20140011975A (en) Digital system for card settlement by tagging, settlment side system and providing method thereof
KR101616842B1 (en) Pos payment processing system enforced security and method for processing payment thereof
KR101583726B1 (en) Apparatus and method for proccesing card transaction in a payment system
KR102630287B1 (en) Smart card for creating virtual card number and virtual card number decryption apparatus
CN105580039A (en) System for providing card payment service by using smart device and method therefor
KR101639045B1 (en) Method and system for issuing electronic receipts
KR101583718B1 (en) Apparatus and method for proccesing card transaction in a payment system
KR102036739B1 (en) A server for precessing approvals of payments, a payment terminal apparatus and a method of operating it
KR101513144B1 (en) Card Payment System Available self-payment And Card Payment Method Using The Same
US10387884B2 (en) System for preventing mobile payment
KR102176013B1 (en) card information providing method using OTP

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20191002

Year of fee payment: 4