KR20160125163A - simple order method via network - Google Patents
simple order method via network Download PDFInfo
- Publication number
- KR20160125163A KR20160125163A KR1020150055993A KR20150055993A KR20160125163A KR 20160125163 A KR20160125163 A KR 20160125163A KR 1020150055993 A KR1020150055993 A KR 1020150055993A KR 20150055993 A KR20150055993 A KR 20150055993A KR 20160125163 A KR20160125163 A KR 20160125163A
- Authority
- KR
- South Korea
- Prior art keywords
- user
- mobile phone
- shopping mall
- server
- mall server
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
- G06Q30/0601—Electronic shopping [e-shopping]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Economics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Strategic Management (AREA)
- Marketing (AREA)
- Development Economics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention encrypts and delivers sensitive personal information such as a delivery address when a product or service is ordered through a network without storing it in a database of an external server but in a security area of a user's mobile phone, The present invention relates to a simple ordering method through a network for allowing a user to securely perform an order, and a simple ordering method through a network includes a mediation server; A user mobile phone with a simple ordering app associated with a mediation server; (A) receiving personal information including a delivery address from a user through a simple order application and storing the received personal information in a security area of a user's mobile phone, while the user PC and the shopping mall server are connected through a wired / wireless communication network; (B) providing a mobile phone number to a shopping mall server when accessing a shopping mall server through a user PC and performing an order; (C) receiving the mobile phone number from the shopping mall server and issuing a simple order app operating command to the mobile phone number to execute the simple order app; (D) transmitting the simple order application of the user's mobile phone to the intermediary server while encrypting the personal information including the delivery address, and (d) transmitting the personal information received while encrypted in the step (d) To the shopping mall server (step (e)).
Description
The present invention relates to a method and system for conveniently ordering information through a network, and more particularly, to a method and system for easily ordering information through a network, in which sensitive personal information such as a shipping address is stored in a security area of a user's mobile phone And more particularly, to a simple ordering method through a network that enables easy and safe ordering without risk of hacking by encrypting and transmitting only when necessary.
Generally, a universal subscriber identity module (USIM) is an application for WCDMA network connection and subscriber authentication, and is mounted and operated on a UICC (Universal Integrated Circuit Card), which is a smart card for communication. The USIM application stores important information such as subscriber information (IMSI, ICCID), network information, and authentication information, and personal supplementary service information such as a text message, e-mail, and phone book. Herein, the subscriber information, which is unique identification information, is composed of an International Mobile Subscriber Identification (IMSI) and an Integrated Circuit Card Identifier (ICC-ID) of 19 or 20 digits. The USIM application shares the secret key K with an authentication center (AuC) for subscriber authentication and performs a predetermined authentication procedure to provide the confidentiality and integrity of the wireless network service.
On the other hand, a method of accessing an electronic shopping mall (hereinafter, simply referred to as a shopping mall) on a network and ordering goods / services (collectively referred to as goods) In the case of the member order method, the user accesses the corresponding shopping mall server and provides various personal information including one or more shipping addresses, such as home or work address, for example, name, age, sex, resident registration number, With your registration in the database, your order will be placed in the order of login -> item selection -> shipping address selection -> payment.
The non-member ordering method is proposed for users who are reluctant to complicate the process of registering. It is not necessary to store sensitive personal information such as shipping address in the database of the shopping mall server through the membership process, Address and other personal information, and set a password to order the goods.
Here, users generally use a member order method when using a large shopping mall and use a non-member ordering method when ordering one time through a specialty shopping mall such as a small shopping mall. In this case, personal information is leaked Which can cause a great deal of damage to the user, thereby maximizing anxiety of the users of the shopping mall.
In particular, small-sized shopping mall users are often reluctant to join due to anxiety about hacking when registering. In order to avoid this, when ordering by non-member order method, it is inconvenient to enter the shipping address one by one, There is a problem that it is still exposed.
Disclosure of the Invention The present invention has been proposed in order to solve the above problems. It is an object of the present invention to provide a method and system for storing personal information, such as a shipping address, The present invention aims at providing a simple ordering method through a network so that the order can be easily and safely performed without risk of hacking.
According to an aspect of the present invention, A user mobile phone with a simple ordering app associated with a mediation server; (A) receiving personal information including a delivery address from a user through a simple order application and storing the received personal information in a security area of a user's mobile phone, while the user PC and the shopping mall server are connected through a wired / wireless communication network; (B) providing a mobile phone number to a shopping mall server when accessing a shopping mall server through a user PC and performing an order; (C) receiving the mobile phone number from the shopping mall server and issuing a simple order app operating command to the mobile phone number to execute the simple order app; (D) transmitting the simple order application of the user's mobile phone to the intermediary server while encrypting the personal information including the delivery address, and (d) transmitting the personal information received while encrypted in the step (d) To the shopping mall server (step (e)).
In the above-described configuration, the simple order app is provided with a function of setting a password for authenticating an access right to the secure area, so that a password set by the user is stored in the secure area, and step (d) ) Step is performed only when the password input from the user matches the password stored in the security area.
The simple order app is provided with an encryption function for encrypting the personal information, and the decryption key for the encryption function is previously stored in the mediation server together with the corresponding user's mobile phone number.
And the decryption key transmitted to the shopping mall server is automatically discarded when a predetermined condition is expired.
Wherein the discard condition for the decryption key is determined by a period or a number of times of use and a combination thereof.
The simple order app provides a shopping mall server with a mobile phone number provided to a shopping mall server through a user PC when accessing a shopping mall server through a user PC, To the mobile phone number.
According to the simple ordering method through the network of the present invention, sensitive personal information, such as home or work address, is provided when a member of the electronic shopping mall is registered by a method in which the user directly manages sensitive personal information, And provides a way to shop without joining an electronic shopping mall.
Accordingly, it is possible to solve the anxiety of the user by providing the personal information to the electronic shopping mall, not to input the personal information, and to prevent the possibility of damage by keyboard hacking and server hacking in advance.
Furthermore, since the ordering method using two channels of the user's mobile phone and the user's PC is adopted, the safety from hacking and the like is doubled.
As a result, it is possible to prevent the fraud damage because the customer can authenticate the mobile phone in the electronic shopping mall, and in particular, in the case of the small electronic shopping mall, the customer who is concerned about leakage of personal information can be prevented from departing or a new customer can be attracted .
BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a whole network configuration diagram in which a simple ordering method via a network according to the present invention is implemented;
FIG. 2 is a sequence chart illustrating a membership process in the simple ordering method according to the first embodiment of the present invention. FIG.
3 is a sequence chart for explaining a process of using the simple ordering method according to the first embodiment of the present invention.
FIG. 4 is a sequence chart for explaining a simple ordering application process according to a second embodiment of the present invention; FIG.
5 is a sequence chart for explaining a process of using the simple order method according to the second embodiment of the present invention.
FIG. 6 is a sequence chart for explaining another utilization process of the simple ordering method according to the second embodiment of the present invention; FIG.
BRIEF DESCRIPTION OF THE DRAWINGS The above and other objects, features, and advantages of the present invention will become more apparent from the following detailed description of the present invention when taken in conjunction with the accompanying drawings. The following examples are merely illustrative of the present invention and are not intended to limit the scope of the present invention.
FIG. 1 is a whole network configuration diagram in which a simple ordering method through a network according to the present invention is implemented. As shown in FIG. 1, the entire network in which the simple ordering method of the present invention is implemented is largely provided with a simple order application (hereinafter, simply referred to as a simple order application) and also includes personal information of the user, A user's
In the above-described configuration, the user
Next, the
Finally, the mediating
[First Embodiment]
FIG. 2 is a sequence chart illustrating a membership process in the simple ordering method according to the first embodiment of the present invention, and shows a process of joining a mediating server rather than a shopping mall server. In this process, Information is not stored, but only a minimum amount of personal information that is not a problem is stored.
As shown in FIG. 2, according to the member registration process in the simple ordering method according to the first embodiment of the present invention, the user accesses the
Next, the
Next, the user touches the URL portion of the SMS received in his or her
As described above, after installing the simple order app, the user selects the password setting function and inputs a password desired by the user (step S50). The password thus inputted is stored in a predetermined security area of the user's
Next, in step S60, one or more delivery addresses, such as home address or work address, are input from the user and stored in the security area. Similarly, at step S70, at least one of various payment methods provided in the simple order application is selected, for example, one or more of the following methods are selected from among methods such as mobile phone settlement, credit card settlement, After inputting various information according to the method, for example, a credit card number, an issue date, or a withdrawal account number, this information is also stored in the security area.
If all necessary personal information is stored in the security area, the simple order app transmits the stored result of the required personal information, i.e., whether or not the personal information is normally stored, to the mediating server 300 (step S70) (300) transmits the fact to the shopping mall server (200) (step S80) so that the user can confirm that the simple order registration is completed through the user PC (100).
On the other hand, the
3 is a sequence chart for explaining a process of using the simple ordering method according to the first embodiment of the present invention. 3, the user accesses the
The
Next, the simple order application reads the payment method set by the user from the security area and displays the payment method so that the user can easily settle the payment (step S170).
When the delivery address selection and payment are completed in this manner, the simple order app transmits the result, that is, the payment result and the delivery address, to the
Next, the
[Second Embodiment]
FIG. 4 is a sequence chart for explaining a simple ordering application process according to a second embodiment of the present invention. In FIG. 4, a process of registering with a mediating server other than a shopping mall server, It stores only a minimum amount of personal information that is not a problem even if it is exposed without storing it. Particularly, the difference from the method of FIG. 2 is that payment information is not stored in the security area of the mobile phone, and will be described in detail below.
As shown in FIG. 4, according to the membership registration process in the simple ordering method according to the second embodiment of the present invention, the user accesses the
Next, the
Next, the user touches the URL portion of the SMS received in his / her
After installing the simple order app as described above, the user selects the password setting function and inputs a password desired by the user (step S350). The password thus inputted is stored in a predetermined security area of the user's
Next, in step S360, one or more delivery addresses, such as home address or work address, are input from the user and stored in the security area.
If all the necessary personal information is stored in the security area, the simple order app transmits the stored result of the required personal information, i.e., whether it is stored normally, to the mediating server 300 (step S370) (300) transmits the fact to the shopping mall server (200) (step S380), thereby allowing the user to confirm that the simple order registration is completed through the user PC (100).
On the other hand, the mediating
5 is a sequence chart for explaining a process of using the simple ordering method according to the second embodiment of the present invention. 5, according to the method of using the simple ordering method according to the second embodiment of the present invention, the user accesses the
The
When the selection of the delivery address is completed in this way, the simple order app transmits the result, that is, the delivery address, to the
Next, the
When the settlement is completed as described above, the mediation server reads the decryption key of the corresponding customer from the member DB, and transmits the decryption key to the
Next, the
FIG. 6 is a sequence chart for explaining another use process of the simple ordering method according to the second embodiment of the present invention. 6, according to another use process of the simple ordering method according to the second embodiment of the present invention, the user accesses the
After the payment is completed, the user must first enter his or her mobile phone number into the input window provided by the shopping mall server 200 (step S620) in order to proceed with the process of delivering the delivery address to the
The
When the selection of the delivery address is completed in this way, the simple order app transmits the result, that is, the delivery address, to the
Next, the
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.
For example, in the above-described embodiment, membership in the
Of course, there may be a risk of hacking, but when you deliver a shipping address from a simple order app to a mediating server, you may pass it off without encrypting, so the risk of hacking can be significantly reduced will be.
100: user PC, 110: user mobile phone,
200: shopping mall server, 300: mediation server
Claims (6)
(A) receiving personal information including a delivery address from a user through a simple order application and storing the received personal information in a security area of a user's mobile phone;
(B) providing a mobile phone number to a shopping mall server when accessing a shopping mall server through a user PC and performing an order;
(C) receiving the mobile phone number from the shopping mall server and issuing a simple order app operating command to the mobile phone number to execute the simple order app;
(D) transmitting the simple order app of the user's mobile phone to the intermediary server while encrypting the personal information including the delivery address, and
And (e) the intermediary server transmits the personal information received encrypted in the step (d) to the shopping mall server together with the decryption key.
The simple order app is provided with a function of setting a password for authenticating the access right to the security area so that the password set by the user is stored in the security area,
Wherein the step (d) is performed only when the password received from the user after the step (c) matches the password stored in the security area.
The simple order app is provided with an encryption function for encrypting the personal information,
Wherein the decryption key for the encryption function is stored in advance in the mediation server together with the corresponding user's mobile phone number.
Wherein the decryption key transmitted to the shopping mall server is automatically discarded when a predetermined condition is expired.
Wherein the discard condition for the decryption key is determined by a period or a number of times of use and a combination thereof.
The simple order app provides a shopping mall server with a mobile phone number provided to a shopping mall server through a user PC when accessing a shopping mall server through a user PC, Is transmitted to the mobile phone number.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150055993A KR20160125163A (en) | 2015-04-21 | 2015-04-21 | simple order method via network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150055993A KR20160125163A (en) | 2015-04-21 | 2015-04-21 | simple order method via network |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20160125163A true KR20160125163A (en) | 2016-10-31 |
Family
ID=57446040
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150055993A KR20160125163A (en) | 2015-04-21 | 2015-04-21 | simple order method via network |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20160125163A (en) |
-
2015
- 2015-04-21 KR KR1020150055993A patent/KR20160125163A/en not_active Application Discontinuation
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20210297257A1 (en) | Security authentification system for membership login of online website and method thereof | |
US9741033B2 (en) | System and method for point of sale payment data credentials management using out-of-band authentication | |
US10230727B2 (en) | Method and system for authenticating a user | |
JP6128565B2 (en) | Transaction processing system and method | |
US20200210988A1 (en) | System and method for authentication of a mobile device | |
US10212154B2 (en) | Method and system for authenticating a user | |
KR101210260B1 (en) | OTP certification device | |
KR20150124933A (en) | Secure user two factor authentication method from Personal infomation leaking and smishing | |
US9485131B2 (en) | Multilayer network connection communication system, smart terminal device, and communication method thereto | |
CN108092764B (en) | Password management method and equipment and device with storage function | |
US20140052992A1 (en) | Response to Queries by Means of the Communication Terminal of a User | |
US20090015374A1 (en) | User authentication system and method | |
EP3955617A1 (en) | Mobile device authentication using different channels | |
KR20200054552A (en) | Method of providing electronic prescription service | |
KR101753535B1 (en) | Security authentification system for membership login of online website and method thereof | |
KR101398021B1 (en) | Method of managing payment channel | |
US8140527B2 (en) | Retrieving personal user information for storage in a device | |
JP5919497B2 (en) | User authentication system | |
KR20160125163A (en) | simple order method via network | |
WO2017048177A1 (en) | Method and system for authenticating a user | |
EP2592589A1 (en) | Method and sytem for providing temporary banking card data | |
KR101543302B1 (en) | Smart security authenticatiion service method and system | |
KR102468789B1 (en) | Payment service providing apparatus and method using authentication based on web, system and computer readable medium having computer program recorded thereon | |
KR20190020380A (en) | System for providing electronic payment by authenticating patient and using card information, method thereof and non-transitory computer readable medium having computer program recorded thereon | |
KR20170109396A (en) | Payment method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |