KR20170117899A - Method for Certificating One Time Password based on Application Program - Google Patents

Abstract

According to the app-based authentication method of the present invention, in a method executed by a server capable of communicating with a user's cellular phone, when a program for implementing an OTP (One Time Password) is installed in a user's cellular phone, Storing information of a mobile phone number of a user's mobile phone or a program installed in the user's mobile phone for authenticating that the mobile phone is installed in a designated storage medium, storing information for driving a program installed in the user's mobile phone in a designated storage medium, Storing verification information for verifying the execution of an authentication procedure for authenticating an OTP to be implemented through a program of the mobile phone in a specified storage medium and transmitting the verification information to the user's mobile phone through a first communication session When the OTP authentication request is confirmed, A wireless message including information for operating a program installed in a user's mobile phone is transmitted to the user's mobile phone at the time of authenticating installation of the program in the user's mobile phone When the program is activated in a user's cellular phone that has received the wireless message, receives an OTP implemented through a program driven in the user's cellular phone through a first communication session from a terminal located near the user's cellular phone And receiving verification information verified through a program of the user's cellular phone via a second communication session separate from the first communication session, and based on the verification information stored in the storage medium, The validity of the verification information received through the OTP Determining whether to perform the authentication process, and performs a specified process to authenticate the validity of the received OTP via the communication session of the first si validity authentication of the verification information.

Description

[0001] The present invention relates to a method for authenticating an application,

The present invention provides a method executed by a server capable of communicating with a user's cellular phone, the method comprising the steps of: when a program for implementing an OTP (One Time Password) is installed in a user's cellular phone, The information on the mobile phone number of the mobile phone or the program installed on the user's mobile phone is stored in the designated storage medium, the information for driving the program installed in the user's mobile phone is stored in the designated storage medium, Storing the verification information for verifying the execution of the authentication procedure for verifying the execution of the authentication procedure in the specified storage medium and verifying the OTP authentication request using the user's mobile phone through the first communication session via the designated path from the terminal located near the user's mobile phone, Referring to the storage medium, The mobile communication terminal authenticates whether or not the program is installed in the mobile phone and processes a wireless message including information for driving a program installed in a user's mobile phone to be transmitted to the user's mobile phone when authenticating installation of the program on the user's mobile phone, Receives an OTP implemented through a program driven by the user's cellular phone through a first communication session from a terminal located in the vicinity of the user's cellular phone when the program is activated in the user's cellular phone that has received the first communication, Receiving verification information verified through a program of the user's mobile phone through a second communication session different from the session and verifying the verification information received through the second communication session based on the verification information stored in the storage medium Determines whether to perform the OTP authentication procedure by authenticating the validity, It relates to five-based app typhimurium authentication method for performing a specified process to authenticate the validity of the received OTP via the communication session of the first si validity authentication of the verification information.

When a user inputs a mobile phone number and subscriber information through a user terminal and then provides the mobile phone number and subscriber information through a user terminal, the mobile phone user authenticates that the subscriber is a valid subscriber of the communication company through the mobile phone number and subscriber information, If the authentication number received through the user terminal is matched with the authentication number transmitted to the user's mobile phone, the approval number is accepted and the payment amount is charged to the next month's communication fee of the user's mobile phone (Application No. 10-2000-0020757).

However, the leakage of personal information occurs in an irregular manner, and the personal information leaked is publicly traded (or disclosed) through the Internet, and the number of lost cell phones is more than 200,000 per month on average In this situation, anyone who acquires or replicates a mobile phone of another person can have his / her mobile phone settlement approved using the leaked personal information.

Particularly, although the mobile phone settlement approval is performed in real time, the settlement of the settlement amount is performed on the average within 45 days after the approval of the payment, in case of damage using the acquired / copied mobile phone and the leaked personal information, The damage is expected to reach astronomical figures.

An object of the present invention is to provide a method that is executed by a server capable of communicating with a user's cellular phone, comprising the steps of: authenticating that the program is installed in the user's cellular phone when a program implementing OTP (One Time Password) And a program installed in the user's cellular phone to store information on a designated storage medium and store information for driving a program installed in the user's cellular phone in a designated storage medium, Storing verification information for verifying the performance of the authentication procedure for authenticating the OTP to be authenticated in the designated storage medium and confirming the OTP authentication request using the user's mobile phone through the first communication session via the specified path from the terminal located near the user's mobile phone , Referring to the storage medium, Wherein the control unit authenticates whether the program is installed in the user's cellular phone and processes a wireless message including information for driving a program installed in the user's cellular phone to be transmitted to the user's cellular phone when the installation of the program is authenticated to the user's cellular phone, Receiving an OTP implemented through a program driven in the user's cellular phone through a first communication session from a terminal located in the vicinity of the user's cellular phone when the program is activated in a user's cellular phone that has received the message, Receiving verification information verified through a program of the user's cellular phone through a second communication session separate from the communication session and verifying verification information received via the second communication session based on verification information stored in the storage medium To determine whether to perform the OTP authentication procedure And an authenticating step of authenticating the validity of the OTP received through the first communication session upon validation of the verification information.

A method of authenticating an application based on authenticity of a user is provided by a server capable of communicating with a user's mobile phone. When a program for implementing an OTP (One Time Password) is installed in a user's mobile phone, Storing information of a mobile phone number of a user's mobile phone or a program installed in the user's mobile phone for authenticating that the mobile phone is installed in a designated storage medium, storing information for driving a program installed in the user's mobile phone in a designated storage medium, A first step of storing verification information for verifying the execution of an authentication procedure for authenticating an OTP to be implemented through a program of a mobile phone in a designated storage medium; When confirming the OTP authentication request using the user's mobile phone, A second step of authenticating whether the program is installed in the user's mobile phone by referring to the storage medium, and a second step of authenticating whether the program is installed in the user's mobile phone and a wireless message including information for driving a program installed in the user's mobile phone, A third step of receiving the wireless message from the user's mobile phone and processing the received message to be transmitted to the user's mobile phone; and if the user's mobile phone has received the wireless message, A fourth step of receiving the OTP implemented through the program and receiving the verification information confirmed through the program of the user's cellular phone through a second communication session separate from the first communication session; Based on the verification information, A fifth step of determining whether to perform the OTP authentication procedure by authenticating the validity of the authentication information, and performing a designated procedure for authenticating the validity of the OTP received through the first communication session upon validation of the verification information And a control unit.

In the app-based authentication method according to the present invention, the verification information includes an identification number registered for verifying that a procedure for authenticating an OTP to be implemented through a program of a user's mobile phone is performed .

In the app-based off-chip authentication method according to the present invention, the wireless message includes a designated code number that is distinguished through a predetermined identifier to identify that the program is run in a data area on a message structure do.

In the app-based authentication method according to the present invention, when the program is activated in a user's mobile phone that has received the wireless message, a second communication session, which is different from the first communication session, Further comprising the step of connecting a communication session.

In the app-based authentication method according to the present invention, when the payment using the OTP is requested from the terminal through the first communication session, the fifth step is based on the result of authenticating the validity of the OTP And a step of processing the settlement using the settlement means designated as " settlement ".

A method of processing an application-based payment using an OTFT according to the present invention is a method executed by a server, comprising the steps of: when a program implementing OTP (One Time Password) is installed in a user's mobile phone, Storing the verification information in a designated storage medium and storing verification information to be verified in a designated storage medium to perform a procedure of authenticating an OTP to be implemented through a program of the user's mobile phone, A second step of authenticating whether the program is installed in the user's mobile phone through the storage medium and a second step of authenticating whether the program is installed in the user's mobile phone, A third step of processing the data to be transmitted to the mobile phone, Receiving an OTP implemented through a program executed in the user's cellular phone via a designated path from a terminal located in the vicinity of the user's cellular phone when the program is activated after receiving the wireless message from the user's cellular phone, A fourth step of receiving the verification information through a communication session connected with the OTP, and a step of comparing and verifying the received verification information through the verification information stored in the storage medium before performing the procedure for authenticating the validity of the OTP, And a fifth step of determining whether to perform a procedure for authenticating the validity of the OTP and performing a designated procedure for authenticating the validity of the received OTP if validity of the verification information is authentic, , And is processed using the specified payment means based on the result of authenticating the validity of the OTP .

In the app-based payment processing method using an OTF according to the present invention, the verification information includes an identification number registered for verifying that a procedure for authenticating an OTP to be implemented through a program of a user's cellular phone is performed .

In an app-based payment processing method using an orthopedic device according to the present invention, the wireless message includes a designated code number that is distinguished through a predetermined identifier to identify that the program is run in a data area on a message structure .

A method for processing an application-based payment using an orthopedic device according to the present invention is a method executed by a server when a program for implementing an OTP (One Time Password) is installed in a user's mobile phone, And a program for implementing an OTP for authenticating payment validity to a user's mobile phone through the storage medium at the time of payment using the user's mobile phone, A third step of confirming whether or not the user's mobile phone is installed, and a third step of causing a wireless message corresponding to a drive command of a program installed in the user's cellular phone to be transmitted to the user's cellular phone when confirming installation of the program on the user's cellular phone, After receiving the wireless message in step A step of receiving an OTP implemented through the activated program by a terminal located near the user's mobile phone and receiving the OTP through a designated path when the program is activated; Wherein the wireless message is transmitted to the user's cellular phone including a designated code number identifying a driving of the program in a data area on the message structure, And is processed using the specified payment means based on the result of authenticating the validity of the OTP.

In the first step, the verification information including the identification number stored in the designated storage area of the user's mobile phone is stored in the storage medium after the program is installed in the user's mobile phone, Wherein the fourth step further comprises: receiving an identification number stored in a designated storage area of the user's cellular phone, wherein the fifth step includes: And authenticating the validity of the identification number through the information.

The method may further include the step of performing a procedure for installing the program in the user's mobile phone when the program is not installed in the user's mobile phone, do.

In the app-based payment processing method using an OTF according to the present invention, the identification number may be provided to a terminal located in the vicinity of the user's mobile phone and received via a designated path or received through a program of the user's mobile phone .

A payment processing method using an orthopedic according to the present invention is a method executed by a server to authenticate the validity of an OTP implemented through a program executed in a user's mobile phone installed with a program implementing an OTP (One Time Password) And an OTP for confirming the payment validity of the payment means specified in the user's mobile phone at the time of confirming the payment request using the user's mobile phone through the designated payment request terminal, A second step of checking whether a program to be implemented is installed and a third step of causing a program driving command for a program installed in the user's cellular phone to be transmitted to the user's cellular phone when the program is installed in the cellular phone of the user The mobile phone of claim 1, A fourth step of receiving the OTP implemented through the program by the short distance communication means provided in the mobile phone and receiving the OTP through the designated route; and a fourth step of, when validating the OTP through the storage medium, And a fifth step of processing the payment request terminal to process the requested payment using the payment request terminal.

The payment processing method using orthopedic according to the present invention may further include receiving mobile phone information of a user to be used for payment from the payment request terminal when confirming a payment request using the mobile phone of the user through the payment request terminal, The second step includes checking whether a program for implementing the OTP is installed in a user's mobile phone based on the mobile phone information.

The payment processing method using orthopedic according to the present invention may further comprise performing a procedure of providing the program to the mobile phone of the user when the program is not installed in the mobile phone of the user .

In the payment processing method using orthopedic according to the present invention, the first step is to confirm the identification number to be extracted from the designated storage area of the mobile phone through the program of the mobile phone at the OTP implementation through the program executed in the user's mobile phone And storing the identification number extracted from the designated storage area of the mobile phone through the program of the mobile phone when the program is executed in the user mobile phone by the program drive command And authenticating the received identification number using the identification number stored in the storage medium, wherein the identification number is used to verify the validity of the OTP authentication procedure received from the payment request terminal Or from the payment request terminal It is characterized in that which is used to determine the parameters for determining a seed value or a seed value for generating the OTP 'to be compared with the authentication OTP.

In the payment processing method using orthopedic according to the present invention, the first step is to confirm the identification number to be extracted from the designated storage area of the mobile phone through the program of the mobile phone at the OTP implementation through the program executed in the user's mobile phone And storing the identification number extracted from the designated storage area of the mobile phone through the program of the mobile phone when implementing the OTP through a program executed in the user's mobile phone, The method of claim 1, further comprising the step of receiving the identification information through a designated path provided to the payment request terminal through a short-range communication means provided in the mobile phone, and when receiving the identification number, Further comprising matching and authenticating the identification number, A parameter for determining the seed value or the seed value for generating the OTP 'to be compared with the OTP received from the payment request terminal or used for verifying the validity of the OTP received from the payment requesting terminal And the like.

In the payment processing method using orthopedic according to the present invention, the OTP is dynamically generated through the program as a result of user authentication through a program executed in the mobile phone of the user.

A method for processing a mobile phone payment using an OTP according to the present invention is a method for storing a user mobile phone number and an OTP agent driving command for driving an OTP agent provided in a mobile phone corresponding to the user mobile phone number in a storage medium Reading out the received mobile phone number and confirming whether the OTP agent is provided in the user's mobile phone when the mobile phone number of the user is received from the user terminal; The method comprising the steps of: checking an OTP agent driving command associated with the user's mobile phone number from the storage medium; processing the OTP agent driving command to be provided to the user's mobile phone through a wireless communication network; The OTP agent generated by the OTP agent Wherein the OTP agent interface is configured to transmit the OTP generated by the OTP agent provided in the user's cellular phone through the OTP input interface and transmit the OTP input interface, Receiving the OTP from the user's wired terminal and determining a fixed seed value and a dynamic seed value for generating OTP 'from the OTP generation information for OTP' generation to be compared with the OTP, and comparing the determined fixed seed value and the dynamic seed value And generating OTP 'using the received OTP and comparing the received OTP with the generated OTP' to confirm the payment validity of the mobile phone number.

The mobile payment processing method using the OTP according to the present invention may further include connecting a communication session for receiving the OTP from the user terminal.

The mobile payment processing method using OTP according to the present invention may further include processing a user interface for inputting OTP verification information for verifying creation of OTP 'to be compared with the OTP to be included in the OTP input interface .

In the mobile payment processing method using the OTP according to the present invention, the step of receiving the OTP from the user terminal may include inputting OTP verification information for verifying that the OTP 'to be compared with the OTP is generated in the OTP input interface And further includes the OTP verification information in the OTP when the user interface is further included.

A method for processing a mobile phone payment using an OTP according to the present invention comprises the steps of: providing an information input interface for inputting OTP verification information for verifying generation of an OTP 'to be compared with the OTP to a user's mobile phone corresponding to the mobile phone number And connecting a communication session for receiving the OTP verification information from the user's cellular phone, and receiving the OTP verification information from the user's cellular phone through the communication session.

The mobile payment processing method using the OTP according to the present invention is characterized in that when the OTP verification information for verifying the generation of the OTP 'to be compared with the OTP is received, the OTP verification information is read and an OTP' to be compared with the OTP is generated And verifying OTP generation information for generating OTP 'to be compared with the OTP, when the generation of the OTP' is authenticated.

A method for processing a mobile phone payment using an OTP according to the present invention includes the steps of inquiring a payment limit for the user's mobile phone number, checking a payment amount using the communication fee charged to the user's mobile phone, And accepting payment using the communication charge imposed on the user's mobile phone.

On the other hand, a program for executing a mobile payment processing method using the above-mentioned OTP is recorded.

Meanwhile, the mobile phone settlement processing system using the OTP according to the present invention associates and stores an OTP agent driving command for driving a user's mobile phone number and an OTP (One Time Password) agent provided in a mobile phone corresponding to the mobile phone number of the user When the user mobile phone number is received through the storage medium and the communication network, an OTP agent driving command for driving an OTP agent provided in the mobile phone corresponding to the received mobile phone number is transmitted through the storage medium or the storage medium management means Processing is performed so that the confirmed OTP driving command is transmitted to the user's mobile phone through the communication network and an OTP input interface for inputting the OTP generated by the OTP agent driven by the OTP agent driving command is provided to the user terminal And a server to which the server is connected.

Meanwhile, in the mobile phone settlement processing system using the OTP according to the present invention, the server may further include an OTP input interface, wherein the OTP generated by the OTP agent provided in the user's mobile phone, And determines a fixed seed value and a dynamic seed value for generating OTP 'from the OTP generation information for generating OTP' to be compared with the transmitted OTP, and determines a fixed seed value and a dynamic seed value using OTP ' And compares the received OTP with the generated OTP 'to confirm the payment validity of the mobile phone number.

Meanwhile, when the mobile phone number of the user is received through the communication network, the mobile phone payment processing server using the OTP according to the present invention activates an OTP (One Time Password) agent provided in the mobile phone corresponding to the user's mobile phone number and the mobile phone number of the user Means for confirming an OTP agent driving command for driving an OTP agent provided in a mobile phone corresponding to the received mobile phone number through a storage medium or storage medium management means for storing and storing an OTP agent driving command; Means for processing the confirmed OTP drive command to be transmitted to a user's mobile phone through a communication network; and means for receiving, from the wired terminal of the user, an OTP generated by the OTP agent provided in the user's mobile phone, Through the validation of the transmitted OTP And means for processing the payment daepon characterized in that formed.

According to the present invention, when a user's mobile phone number is received from a user's wired terminal requesting mobile phone settlement, the user's mobile phone number is read and the OTP (One Time Password) agent is loaded on the user's mobile phone, An OTP agent driving command recognizable by the user's cellular phone is transmitted to the user's cellular phone only to drive the OTP agent and to generate an OTP only when the agent is mounted, OTP ', generates OTP' through OTP generation information associated with the user cell phone number, compares the generated OTP with the OTP received from the user terminal, and approves the mobile phone settlement. Thus, Even if you know your personal information, If over an arc (or personal identification number) can not drive the OTP agent provided in the mobile phone has the advantage that blocks in advance that the mobile payment to negative acknowledgment by the mobile payment so as not to be provided.

According to the present invention, when the OTP agent is installed in the user's mobile phone in the mobile phone settlement process, the OTP agent is automatically provided to the user's mobile phone by operating the OTP agent, thereby conveniently providing the mobile phone settlement using the OTP There is an advantage.

FIG. 1 is a view showing a configuration of a mobile phone payment system through OTP according to an embodiment of the present invention.
2 is a diagram illustrating a process of receiving an OTP from a user's wired terminal for authenticating a mobile phone settlement through OTP according to an embodiment of the present invention.
3 is a diagram illustrating an information delivery process for mobile phone settlement through OTP according to an embodiment of the present invention.
FIG. 4 is a flowchart illustrating a verification process for mobile phone settlement through OTP according to an embodiment of the present invention. Referring to FIG.
5 is a diagram illustrating an OTP generation process for mobile phone settlement according to an embodiment of the present invention.
FIG. 6 is a flowchart illustrating a verification procedure for mobile phone settlement through OTP according to another embodiment of the present invention.
7 is a diagram illustrating an OTP settlement validity authentication process for mobile phone settlement according to an embodiment of the present invention.

The operation principle of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention. In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

1 is a diagram illustrating a configuration of a mobile phone settlement system using OTP according to an embodiment of the present invention.

In more detail, FIG. 1 shows a connection between a number of a user's cell phone 170 and an OTP agent driving command for driving an OTP agent provided in the user's cell phone 170, When the user cell phone 170 number for mobile phone settlement is received from the mobile phone 100, the mobile phone 170 reads the received mobile phone number, checks whether the user cell phone 170 has a disposable password agent, When the one-time password agent is confirmed to be equipped with the one-time password agent, an OTP agent driving command associated with the number of the user's cellular phone 170 is confirmed from the storage medium, and the OTP agent driving command is provided to the user's cellular phone 170 via the wireless communication network , An OTP agent driven by the OTP agent driving command to the user terminal 100 (OTP) input interface for inputting an OTP generated by the OTP agent, and provides the OTP agent generated by the OTP agent provided in the user's cellular phone 170 to the OTP input interface And determines a fixed seed value and a dynamic seed value for generating OTP 'from the OTP generation information for receiving the OTP from the user terminal 100 and generating the OTP' to be compared with the OTP, The system generates OTP 'using the determined fixed seed value and the dynamic seed value, and compares the received OTP with the generated OTP' to confirm the payment validity of the mobile phone number. Those skilled in the art will be able to refer to and / or modify the FIG. It is to be understood that the invention may be embodied in many different implementations (e.g., some of the components may be omitted, or subdivided, or combined), but the present invention encompasses all such contemplated embodiments, The technical features thereof are not limited by the implementation method alone.

Referring to FIG. 1, the mobile phone payment system includes a user terminal 100 and a user mobile phone 170, and sells type / intangible goods to the user through the user terminal 100, One or more web servers 105 for making payment through the mobile payment means for charging the sales amount of the goods to the user phone 170 communication fee, (OTP agent) command for driving an OTP agent (OTP agent) provided in the user terminal 100, stores the command in a storage medium, and then directly transmits the command to the user terminal 100 through a communication network connected to the user terminal 100, Or the web server 105 to display a payment amount to be charged to the user's communication fee to the user terminal 100 and provide the number of the user's phone 170 to the user terminal 100 And if the mobile phone number input through the mobile phone settlement interface is received from the user terminal 100, the mobile phone 170 reads the received mobile phone number to check whether the user phone 170 has a disposable password agent, When it is confirmed that the user's cell phone 170 is equipped with the disposable password agent, the OTP agent 170 confirms the OTP agent driving command associated with the user's cell phone 170 number from the storage medium, The OTP agent 100 is provided with an OTP input interface for inputting an OTP generated by the OTP agent driven by the OTP agent driving command, The user mobile phone 170 is activated by the OTP agent drive command, When OTP generated by the provided OTP agent is inputted through the OTP input interface and is transmitted, OTP is generated from OTP generation information for receiving OTP from the user terminal 100 and generating OTP 'to be compared with the OTP The method includes: determining a fixed seed value and a dynamic seed value to be generated; generating an OTP 'using the determined fixed seed value and the dynamic seed value; comparing the received OTP with the generated OTP' And a communication company server 165 on a wireless communication network to which the user's mobile phone 170 is connected. The payment authentication system 110 is connected to the web server 170 105 or an authentication server (or relay server) connected to the communication company server 165, or in the form of an internal component of the web server 105, It is obvious that the present invention is not limited thereto and that the present invention can be implemented in the form of an internal component of the telecommunications company server 165. [

The wired terminal 100 includes one or more personal computers or laptops having a browser capable of accessing the web server 105. The wired terminal 100 is connected to the web server 105 and the payment authentication system 110, And displays the payment amount to be charged to the charge and provides the mobile phone payment interface for inputting the number 170 of the user's mobile phone 170 for payment of the mobile phone and outputs it to the screen output means, 170) number to the web server 105 or the payment authentication system 110 or input the OTP generated by the user mobile phone 170 from the web server 105 or the payment authentication system 110 And outputs the OTP input interface to the screen output means. The OTP input interface is connected to the user phone 170 through the key input means, And transmits the OTP to the web server 105 or the payment authentication system 110. The number of the user's mobile phone 170 may be relayed to the web server 105, And is received by the payment authentication system 110 directly from the terminal.

The web server 105 has a function of selling a type / intangible goods to the user through the wired terminal 100 and paying a payment amount for the sold goods to the mobile phone 170 communication charge And provides the mobile phone settlement interface to the wired terminal 100 when the user terminal 100 selects the mobile phone payment means as the payment means for the payment amount, And the mobile payment terminal provides the mobile payment interface to the user terminal 100 through the payment authentication system 110.

The user mobile phone 170 is a mobile phone possessed by a user who has purchased type / intangible goods sold by the web server 105, and is used to authenticate the payment validity using the communication charge imposed on the user mobile phone 170 And a function of receiving the OTP agent driving command to drive the OTP agent, and generating and outputting an OTP through the OTP agent.

*

The communication company server 165 is a general term of a server that is provided on a wireless communication network to which the user mobile phone 170 is connected and interfaces with the mobile phone and is provided to the user mobile phone 170 in the payment authentication system 110 Information (or data), and a message server, a data exchange server, and a WAP (WAP) server according to a communication protocol.

According to the present invention, in order to authenticate the payment validity using the communication charge imposed on the user's cellular phone 170, the payment authentication system 110 transmits a mobile phone number having the OTP agent, And stores the OTP agent information in association with the OTP agent driving command for driving the OTP agent included in the user phone 170 and generates an OTP 'to be compared with the OTP generated through the OTP agent provided in the mobile phone And a storage medium for storing the OTP generation information in association with the OTP generation information. The storage medium may be connected to the user's mobile phone 170 through the wired terminal 100, When the OTP agent and the OTP generated through the OTP generation information are received, the OTP verification information for authenticating generation of the OTP ' It is desirable to further store the association.

According to another embodiment of the present invention, the payment authentication system 110 stores the mobile phone number, the OTP agent information, and the OTP agent driving command in the first storage medium, and transmits the OTP generation information and the OTP verification information to the second Or stores the mobile phone number in the first storage medium, stores the OTP agent information and the OTP agent driving command, the OTP generation information and the OTP verification information in the second storage medium, or Storing the OTP agent information, the OTP agent driving command and the OTP generation information in a second storage medium, and storing the OTP verification information in a third storage medium And the location of each storage medium may also be provided within the payment authentication system 110, or via a communication network Group can all be provided in the external billing authentication system 110, and to which the present invention is not limited.

The mobile phone number is a general term of information that can identify the user mobile phone 170 and includes at least one of a phone number, an ESN, and a subscriber identification number assigned to the user mobile phone 170, (Or unique code) encrypted in the memory of the cellular phone 170, a USIM serial number assigned to the USIM provided in the user cell phone 170, and a unique number (or unique code) recorded in the USIM .

The OTP agent information may include at least one of version information of an OTP agent, an OTP generation algorithm, and an OTP generation method provided in a user's mobile phone 170 corresponding to the mobile phone number.

Here, the OTP generation algorithm and the OTP generation method can use different algorithms and generation methods for respective OTP agents, and thus the present invention is not limited thereto.

*

The OTP agent driving command includes an instruction set for remotely driving an OTP agent provided in the user's cellular phone 170 in the payment authentication system 110 on the communication network, And the agent activation authentication information for authenticating activation of the agent activation authentication information.

Here, the instruction set of the OTP agent driving command may include instructions for remotely activating the OTP agent in the user mobile phone 170 through the agent driving authentication information, and instructions for remotely driving the OTP agent The OTP agent may include a command for driving the OTP agent in the user's cell phone 170.

Here, the agent activation authentication information of the OTP agent driving command includes the user's password or the user's personal identification number input to generate the OTP by driving the OTP agent through a key input from the user's cellular phone 170 (Or authentication code) information to be compared with a password (or an authentication code) for agent activation authentication stored (or encrypted) in a memory (or USIM) provided in the mobile phone.

The OTP generation information includes at least one fixed seed value used for generating an OTP according to the OTP generation algorithm and the OTP generation method in an OTP agent provided in the cellular phone, and a parameter for determining a dynamic seed value .

For example, if the OTP is generated in a time-synchronized manner, the fixed seed value of the OTP generation information includes a seed fixed to be substituted into the time-synchronized OTP generation algorithm, And synchronization time setting information for determining a synchronization time corresponding to the dynamic seed value of the time-synchronized OTP.

Alternatively, if the OTP is generated in a challenge-response manner, the fixed seed value of the OTP generation information includes a seed fixed to be substituted into the challenge-response OTP generation algorithm, and the parameters of the OTP generation information include the challenge- And a random number generation seed for generating a random number corresponding to the dynamic seed value of the response type OTP.

According to the embodiment of the present invention, the OTP generation information is encrypted in the memory of the user phone 170 in association with the OTP agent downloaded to the user phone 170, or stored in the memory of the user phone 170 It is desirable to store it in the USIM (capable of storing encrypted data).

The OTP verification information may be transmitted to the user terminal 170 through the OTP agent provided in the user's mobile phone 170 and the OTP generation information stored in the storage medium, It is preferable that the authentication information includes at least one of a user password or a user's personal identification number for verifying that an OTP to be compared with the OTP is generated.

According to an embodiment of the present invention, the OTP verification information may include a user password or a user personal identification number input to generate the OTP by driving the OTP agent in the user's mobile phone 170, Or a second user password or a user's personal identification number extracted from a memory (or a USIM) provided in the mobile phone through a user's personal identification number (or decrypted when decrypted and stored), or an OTP generation information And a separate user password or a user personal identification number registered to verify that the OTP to be compared with the OTP is generated using the OTP.

*

Referring to FIG. 1, the payment authentication system 110 includes interface providing means 115 for providing a mobile phone settlement interface for inputting a number of a user's mobile phone 170 to the user's wired terminal 100, A mobile phone number receiving means for connecting a communication session for receiving the mobile phone number from the wired terminal 100 and receiving the mobile phone number input through the mobile phone settlement interface from the user wired terminal 100 through the communication session 120).

According to the present invention, each means constituting the settlement authentication system 110 may be implemented as a separate server for each means, or in the form of a predetermined authentication server (or relay server) including the means, Two or more means may be combined to form a separate server, or the means may be implemented in the form of a component in the web server 105, or the means may be implemented in the form of a component in the carrier server 165, Some of the means may be implemented as components in the web server 105 and some of the means may be implemented as components in the carrier server 165 or some of the means may be implemented as components in the web server 105, It may be implemented as a component in the communication company server 165, and the other part may be implemented as a separate server, and the payment authentication system 110 may be implemented Bayida is placed clearly reveal SHALL the present invention is not limited by the exemplary method.

The user accesses the Web server 105 to purchase a type / intangible goods, and a payment amount corresponding to the purchase price for the goods is paid through a communication fee charged to the user phone 170 The interface providing means 115 may relay the web server 105 directly to the user terminal 100 through the communication network to which the user terminal 100 is connected, The terminal 100 displays a settlement amount to be charged to the communication fee of the user and provides a mobile phone settlement interface including a user interface for inputting the number of the user's cell phone 170 to the wired terminal 100 .

According to the method of the present invention, the mobile phone payment interface displays a payment amount to be charged to a communication fee of a user, and displays, in addition to a user interface for inputting the number of the user's mobile phone 170 to the wired terminal 100, And a user interface for inputting OTP verification information for verifying generation of an OTP 'to be compared with the OTP using the stored OTP generation information. Accordingly, the present invention is not limited thereto.

When the interface providing means 115 processes the mobile phone terminal 100 to provide the mobile phone settlement interface, the mobile phone number receiving means 120 receives the mobile phone number from the user terminal 100 And connecting the communication session.

According to an embodiment of the present invention, the interface providing unit 115 connects a communication channel with the user terminal 100 and provides the mobile phone payment interface to the user terminal 100 through the communication channel The mobile phone number receiving means 120 confirms the user terminal 100 information (for example, an IP address) from the communication channel provided to the user terminal 100, (For example, a memory area and a communication thread allocated to receive the mobile number from the wired terminal 100) for receiving the mobile number from the wired terminal 100, .

According to another embodiment of the present invention, when the interface providing means 115 provides the mobile phone settlement interface to the user terminal 100 through the web server 105, the mobile phone number receiving means 120 A communication session for receiving the user's wired terminal 100 information (e.g., IP address) from the web server 105 and receiving the mobile number from the wired terminal 100 based on the received information, It is preferable to connect the memory area and the communication thread (Thread) code allocated to receive the mobile phone number from the wired terminal 100).

Here, the communication session preferably includes a secure communication session for encrypting and receiving the mobile phone number, and decrypting the encrypted mobile phone number.

When the user's mobile phone 170 receives the number of the user's cell phone 170 through the mobile phone settlement interface and then transmits the number to the user terminal 170 through the communication session, And receives the mobile phone number input through the mobile phone settlement interface.

And a user interface for inputting OTP verification information for verifying generation of an OTP 'to be compared with the OTP using the OTP generation information stored in the storage medium, to a mobile phone settlement interface provided to the user's wired terminal 100 The mobile phone number receiving means 120 may further receive the OTP verification information in the mobile phone number through the communication session.

According to another embodiment of the present invention, after the mobile phone number is received from the wired terminal 100, the interface providing means 115 inputs information for inputting the OTP verification information to the wired terminal 100 It is preferable that the mobile phone number receiving means 120 receives the OTP verification information from the wired terminal 100 through the communication session.

1, when the mobile phone number is received, the payment authentication system 110 reads out the mobile phone number and confirms whether the OTP agent is installed in the user mobile phone 170 An information checking means 130 for confirming an OTP agent driving command associated with the number of the user's cellular phone 170 from the storage medium when it is confirmed that the user's cellular phone 170 is equipped with an OTP agent, And an information providing unit 155 for processing the OTP agent driving command to provide the OTP agent driving command to the user mobile phone 170 through the interface providing unit 115. The interface providing unit 115 provides the OTP agent driving command to the user wired terminal 100, An OTP input interface for inputting an OTP generated by an OTP agent driven by an OTP agent driving command is provided And the interface providing means 115 inputs OTP verification information for verifying that the OTP input interface is to be compared with the OTP using the OTP generation information stored in the storage medium according to the intention of a person skilled in the art The mobile terminal 100 may further include a user interface for receiving the mobile phone number and the OTP from the user terminal 100 to provide the mobile terminal 100 with the OTP verification It is preferable to process such that an information input interface for inputting information is provided or an information input interface for inputting the OTP verification information to the user mobile phone 170 corresponding to the mobile phone number is provided.

According to the present invention, each means constituting the settlement authentication system 110 may be implemented as a separate server for each means, or in the form of a predetermined authentication server (or relay server) including the means, Two or more means may be combined to form a separate server, or the means may be implemented in the form of a component in the web server 105, or the means may be implemented in the form of a component in the carrier server 165, Some of the means may be implemented as components in the web server 105 and some of the means may be implemented as components in the carrier server 165 or some of the means may be implemented as components in the web server 105, It may be implemented as a component in the communication company server 165, and the other part may be implemented as a separate server, and the payment authentication system 110 may be implemented Bayida is placed clearly reveal SHALL the present invention is not limited by the exemplary method.

When the mobile phone number is received through the mobile phone number receiving means 120, the agent checking means 125 compares the mobile phone number received from the user terminal 100 with the mobile phone number stored in the storage medium, And checks whether the OTP agent is included in the user's mobile phone 170 by referring to the OTP agent information associated with the mobile phone number.

If it is confirmed that the OTP agent is provided to the user's mobile phone 170, the information checking means 130 confirms an OTP agent driving command associated with the user's cellular phone number 170 from the storage medium , The information providing means 155 processes the OTP agent driving command to be provided to the user's mobile phone 170 through a wireless communication network.

According to an embodiment of the present invention, when the OTP agent is provided in the user's mobile phone 170, the OTP agent driving command may include a service code number that identifies that the OTP agent driving command is included, Message type and is provided to the user's cellular phone 170 through the wireless communication network. The service code number may be assigned a code number other than the service code number assigned to the existing wireless message, And a code number which is distinguished in the user data area through an identifier set in advance.

According to another embodiment of the present invention, the OTP agent driving command is configured in the form of a wireless message including a callback URL for transmitting the OTP agent driving command to the user mobile phone 170, And is provided to the user's cellular phone 170.

Before or after the OTP agent driving command is transmitted to the user's mobile phone 170, the interface providing means 115 generates an OTP agent driven by the OTP agent driving command to the user terminal 100 And an OTP input interface for inputting an OTP to be provided.

According to an embodiment of the present invention, the OTP input interface may include OTP verification information for verifying generation of an OTP 'to be compared with the OTP using OTP generation information stored in the storage medium, in addition to a user interface for inputting the OTP The present invention is not limited to this.

According to another embodiment of the present invention, the interface providing means 115 performs processing such that an information input interface for inputting the OTP verification information is provided to the user mobile phone 170 corresponding to the mobile phone number (for example, 170 for providing the information input interface to the user's mobile phone 170 corresponding to the mobile phone number through the wireless communication network to which the mobile phone 170 is connected and transmits the message including the call- And provides an information input interface), and thus the present invention is not limited thereto.

Referring to FIG. 1, the payment authentication system 110 connects a communication session for receiving the mobile phone number from the user terminal 100, receives the mobile terminal number from the user terminal 100 through the communication session, OTP receiving means 135 for receiving an OTP input through an OTP input interface, and a fixed seed value generating unit for generating OTP 'from the OTP generation information by checking OTP generation information for generating OTP' to be compared with the OTP, Determining a dynamic seed value, generating an OTP 'using the determined fixed seed value and dynamic seed value, comparing the received OTP with the generated OTP' to determine a payment validity for the mobile phone number, Wherein the OTP receiving means 135 receives the OTP verification from the user terminal 100 through the communication session, Or receives the OTP verification information from the user cellular phone 170. When the OTP verification information is received, the OTP verification information is read to generate OTP 'for verifying the OTP And a verification validity authentication means (140) for authenticating the verification validity.

*

According to the present invention, each means constituting the settlement authentication system 110 may be implemented as a separate server for each means, or in the form of a predetermined authentication server (or relay server) including the means, Two or more means may be combined to form a separate server, or the means may be implemented in the form of a component in the web server 105, or the means may be implemented in the form of a component in the carrier server 165, Some of the means may be implemented as components in the web server 105 and some of the means may be implemented as components in the carrier server 165 or some of the means may be implemented as components in the web server 105, It may be implemented as a component in the communication company server 165, and the other part may be implemented as a separate server, and the payment authentication system 110 may be implemented Bayida is placed clearly reveal SHALL the present invention is not limited by the exemplary method.

The user's mobile phone 170 receiving the OTP agent driving command authenticates that the OTP agent is remotely operated by the user's mobile phone 170 through the command set and the agent driving authentication information included in the OTP agent driving command And the OTP agent is activated in the user's cell phone 170 when the OTP agent is authenticated to remotely operate the OTP agent. According to the intention of the person skilled in the art, And a function of authenticating generation of an OTP through the activated OTP agent through a set user password or a user personal identification number.

When the user terminal 170 displays the OTP generated by the OTP agent driven by the OTP agent driving command and transmits the OTP through the OTP input interface at the user terminal 100, The receiving means 135 connects the communication session for receiving the OTP from the user terminal 100, confirms the communication session information corresponding to the communication session, and associates the communication session information with the mobile phone number OTP generation information corresponding to the OTP when the OTP generated through the user's cellular phone 170 is received from the user's wired terminal 100 by connecting the OTP generation information to the OTP generation information, OTP input interface from the user wired terminal 100 through the communication session before a predetermined timeout for the OTP occurs. It is characterized in that for receiving the input OTP.

And a user interface for inputting OTP verification information for verifying that the OTP input interface provided to the user's wired terminal 100 generates OTP 'to be compared with the OTP using the OTP generation information stored in the storage medium The OTP receiving unit 135 may further include the OTP verification information in the OTP through the communication session.

According to another embodiment of the present invention, after the mobile phone number is received from the wired terminal 100, the interface providing means 115 inputs information for inputting the OTP verification information to the wired terminal 100 It is preferable that the OTP receiving means 135 receives the OTP verification information from the wired terminal 100 through the communication session.

According to another embodiment of the present invention, the interface providing means 115 can process the information input interface for inputting the OTP verification information to the user's mobile phone 170 corresponding to the mobile phone number, The OTP receiving unit 135 connects a communication session for receiving the OTP verification information input through the information input interface from the user's cellular phone 170 via the wireless communication network connected to the user's cellular phone 170, And receive the OTP verification information from the user cell phone 170 through the communication session.

If the OTP verification information is received, the verification validity authentication unit 140 compares the received OTP verification information with the OTP verification information stored in the storage medium, and transmits the received OTP verification information through the OTP generation information stored in the storage medium And authenticating to generate an OTP 'that verifies the OTP.

Further, the verification validity authentication unit 140 may further include authenticating whether the OTP 'generated through the OTP generation information after the validity of the OTP verification information is authenticated satisfies a condition to be compared with the OTP .

For example, when the OTP is authenticated in a time-synchronized manner, and the OTP and OTP verification information are received on a separate channel, the verification validity authentication unit 140 determines the time at which the OTP was received It is preferable to check the time difference between the time of receiving the OTP verification information and to confirm whether the time difference satisfies the time-synchronization condition of the OTP.

If the OTP is received from the wired terminal 100 and further authenticated by the verification validity authentication means 140 to generate the OTP 'that verifies the OTP, the payment validity authentication means 145 can determine, And confirms OTP generation information for generating OTP 'to be compared with the OTP from the storage medium.

If the OTP generation information is associated with the mobile phone number, the payment validity authentication unit 145 checks the OTP generation information associated with the authenticated mobile phone number from the storage medium, The payment validity authentication unit 145 checks the OTP generation information associated with the OTP agent information associated with the mobile phone number, and when the OTP generation information is associated with the OTP verification information, The validity authentication means 145 preferably confirms the OTP generation information associated with the OTP verification information.

When the OTP generation information is confirmed, the payment validity authentication unit 145 determines a fixed seed value and a dynamic seed value for generating OTP 'from the OTP generation information, and uses the determined fixed seed value and dynamic seed value And generates OTP 'to be compared with the received OTP.

If the OTP 'is generated, the payment validity authentication unit 145 compares the received OTP with the generated OTP' to confirm the payment validity of the mobile phone number.

Referring to FIG. 1, when the payment validity of the mobile phone number is authenticated by the payment validity authentication means 145, the payment authentication system 110 causes the payment amount to be paid through the communication fee charged to the mobile phone And a settlement processing means 150 for processing the settlement processing.

According to the embodiment of the present invention, the payment processing unit 150 confirms the payment amount to be charged to the communication fee of the user's mobile phone 170 from the web server 105, and in connection with the communication company server 165 Inquires the payment limit for the number of the user's cell phone 170 and compares the payment amount with the payment limit to approve payment through the communication fee charged to the mobile phone.

According to another embodiment of the present invention, the payment processing unit 150 can store and manage the number of the user's cell phone 170 and the corresponding payment limit information through a separate database. In this case, The processing means 150 can check the payment limit for the number of the user's cell phone 170 through the database and compare the payment amount with the payment limit to approve payment through the communication fee charged to the mobile phone Do.

If payment using the communication fee charged to the mobile phone is approved, the payment processing unit 150 processes the payment amount to be charged to the communication fee for the user mobile phone 170 through the communication company server 165 , And transmits payment approval information for the payment amount to the web server 105.

2 is a diagram illustrating a process of receiving an OTP from a user terminal 100 for authenticating a mobile phone settlement through OTP according to an embodiment of the present invention.

2, when the number of the user's cell phone 170 and the OTP agent driving command for driving the OTP agent included in the user's cell phone 170 are stored in a storage medium in association with the user's mobile phone 170, When the number of the user's cell phone 170 for the user's cell phone 170 is received, the received cell phone number is read to check whether the user's cell phone 170 has a disposable password agent. If the user's cell phone 170 has a disposable password agent The OTP agent driving command related to the number of the user's cell phone 170 is confirmed from the storage medium and the OTP agent driving command is provided to the user's cell phone 170 through the wireless communication network, An OTP agent generated by the OTP agent driven by the OTP agent drive command to the terminal 100, (OTP) input interface for inputting an OTP input interface for inputting an OTP message, and the OTP agent generated in the OTP agent operating command in the user terminal 100 inputs an OTP generated by the OTP agent through the OTP input interface 2 is a flowchart illustrating a process of receiving an OTP from the user terminal 100 when the user terminal 100 transmits the OTP to the user terminal 100. Referring to FIG. 2 and / or modified by the person skilled in the art, (For example, omitting some steps or changing the order) for the process of receiving the OTP from the user terminal 100 for authentication of the mobile phone settlement through the mobile terminal 100. However, It is to be understood that the present invention is not limited to the specific embodiments, .

For example, according to an embodiment extended from the present invention, it is possible to further provide a user interface for inputting the OTP verification information to the mobile phone settlement interface or the OTP input interface, and the present invention can be implemented by various implementations And the method of the present invention.

Hereinafter, in FIG. 2, the payment authentication system 110 shown in FIG. 1 is referred to as a "server" for the sake of convenience.

Referring to FIG. 2, a user connects to the web server 105 to purchase a tangible / intangible product, and transmits a payment amount corresponding to the purchase price for the goods to a communication charge imposed on the user cellular phone 170 (200), the server relays the web server (105) directly to the user terminal (100) through the communication network connected to the user terminal (100) The mobile terminal 100 displays a settlement amount to be charged to the communication fee of the user and processes the mobile terminal 100 to provide a mobile phone payment interface including a user interface for inputting the number of the user mobile phone 170 (205), a communication session for receiving the mobile phone number from the user terminal (100) is connected, and the user terminal It is checked whether the mobile phone number input through the mobile phone payment interface is received (210).

If the mobile phone number is received from the user terminal 100, the server compares the mobile phone number received from the user terminal 100 with the mobile phone number stored in the storage medium, And checks whether the OTP agent is provided to the user's mobile phone 170 by referring to the associated OTP agent information (220).

If the OTP agent is not included in the user's mobile phone 170 (that is, if the OTP agent is not provided in the user's mobile phone 170) (225) Generates payment error information, and transmits the payment error information to the user mobile phone 170 and the web server 105 (230), temporarily suspends provision of the mobile phone settlement error information to the web server 105 according to the intention of a person skilled in the art, And providing the OTP agent for mobile phone settlement to the user mobile phone 170. [

On the other hand, when it is confirmed that the OTP agent is provided to the user's mobile phone 170, the server confirms (235) an OTP agent drive command associated with the mobile phone number from the storage medium, Transmits the OTP agent driving command to the user's cellular phone 170 through the wireless communication network connected thereto (240).

According to an embodiment of the present invention, when the OTP agent is provided in the user's mobile phone 170, the OTP agent driving command may include a service code number that identifies that the OTP agent driving command is included, Message type and is provided to the user's cellular phone 170 through the wireless communication network. The service code number may be assigned a code number other than the service code number assigned to the existing wireless message, And a code number which is distinguished in the user data area through an identifier set in advance.

According to another embodiment of the present invention, the OTP agent driving command is configured in the form of a wireless message including a callback URL for transmitting the OTP agent driving command to the user mobile phone 170, And is provided to the user's cellular phone 170.

Before or after the OTP agent driving command is transmitted to the user's cell phone 170, the server inputs OTP generated by the OTP agent driven by the OTP agent driving command to the user terminal 100 OTP input interface is provided (245).

According to an embodiment of the present invention, the OTP input interface may include OTP verification information for verifying generation of an OTP 'to be compared with the OTP using OTP generation information stored in the storage medium, in addition to a user interface for inputting the OTP The present invention is not limited to this.

After the OTP input interface is provided to the wired terminal 100, the server connects a communication session for receiving the OTP from the wired terminal 100 and confirms the communication session information corresponding to the communication session When the OTP generated through the user mobile phone 170 is received from the user terminal 100 by connecting the communication session information and the OTP generation information associated with the mobile phone number, And confirms whether the OTP input through the OTP input interface is received from the user terminal 100 through the communication session before a preset timeout for the OTP occurs (250) .

If the OTP is received (255) from the user terminal 100 through the communication session before the timeout occurs, the server performs the payment validity authentication process shown in FIG.

FIG. 3 is a diagram illustrating an information delivery process for mobile phone settlement via OTP according to an embodiment of the present invention.

3 is a flowchart illustrating a method of providing a mobile phone settlement interface to the user terminal 100 through the mobile phone settlement interface in the user terminal 100, 1 to the billing authentication system 110 shown in FIG. 1, and those skilled in the art will be able to refer to and / or modify the FIG. 3 It should be understood that various implementations of the information delivery process for mobile phone settlement through the OTP (e.g., omitting some steps or changing the order) may be inferred from the present invention. And the technical features thereof are not limited only by the method shown in FIG.

Hereinafter, in FIG. 3, the settlement authentication system 110 shown in FIG. 1 is referred to as a "server" for the sake of convenience.

Referring to FIG. 3, when a mobile phone settlement interface is provided to the user terminal 100 through the process shown in FIG. 2, the user terminal 100 receives and outputs a mobile phone settlement interface through a communication network The mobile phone 170 is connected to the user's mobile phone 170 through the mobile phone settlement interface 310. If the user's mobile phone 170 number is input 310, 170) number (315), and transmits (320) the number of the user's cell phone (170) to the server via the communication session.

FIG. 4 is a flowchart illustrating a verification procedure for mobile phone settlement through OTP according to an embodiment of the present invention.

4 is a flowchart illustrating an operation of receiving a mobile phone number from the wired terminal 100 through the process shown in FIG. 2, authenticating that the mobile phone 170 corresponding to the mobile phone number has an OTP agent, The OTP authentication information is transmitted from the wired terminal 100 before / during / after the OTP agent driving command is transmitted to the user mobile phone 170 or when the OTP input interface is provided to the user wired terminal 100 And further generates OTP 'to be compared with the OTP if it is authenticated to generate the OTP' through the OTP verification information, as shown in FIG. Those skilled in the art will appreciate that the present invention can be implemented by referring to and / It is to be understood that the invention may be practiced otherwise than as specifically described herein, but it will be appreciated that the invention may be practiced otherwise than as specifically described herein, The technical features thereof are not limited only by the method of implementation.

Hereinafter, in FIG. 4, the payment authentication system 110 shown in FIG. 1 is referred to as a "server" for the sake of convenience.

Referring to FIG. 4, it is authenticated that the mobile phone number is received from the user terminal 100 through the process shown in FIG. 2 and that the user mobile phone 170 corresponding to the mobile phone number has an OTP agent, When the OTP agent driving command is transmitted to the user mobile phone 170, the server processes the OTP agent input command to provide the OTP verification information to the user terminal 100 (400).

The information input interface is provided to the wired terminal 100 or an OTP input interface provided to the wired terminal 100 through the procedure shown in FIG. The server confirms whether the OTP verification information is received from the wired terminal 100 (405).

If the OTP verification information is received from the user terminal 100, the server compares the OTP verification information received from the user terminal 100 with the OTP verification information stored in the storage medium, (415) verification validity to authenticate generating OTP 'that verifies the received OTP through OTP generation information stored in the medium.

If the verification validity is not confirmed 420, the server generates mobile phone settlement error information and transmits it to the user mobile phone 170 and the user terminal 100 (425). According to the intention of a person skilled in the art, It is preferable to repeat the mobile phone settlement process shown in Fig.

On the other hand, if the verification validity is confirmed (415), the server checks whether the OTP 'generated through the OTP generation information satisfies a condition to be compared with the OTP (430).

For example, when the OTP is authenticated in a time-synchronized manner, and the OTP and OTP verification information are received on a separate channel, the verification validity authentication unit 140 determines the time at which the OTP was received It is preferable to check the time difference between the time of receiving the OTP verification information and to confirm whether the time difference satisfies the time-synchronization condition of the OTP.

If the comparison condition between OTP 'and OTP is not satisfied at step 435, the server generates mobile phone settlement error information and transmits it to the user mobile phone 170 and the wired terminal 100 (425) It is preferable to repeat the mobile phone settlement process shown in FIG.

On the other hand, if the comparison condition between OTP 'and OTP is satisfied (435), the server checks OTP generation information to generate OTP' to be compared with the OTP (440) And approves the handset settlement by comparing with the OTP.

5 is a diagram illustrating an OTP generation process for mobile phone settlement according to an embodiment of the present invention.

5, when an OTP agent drive command is transmitted to the user's mobile phone 170 through the process shown in FIG. 2, the user's mobile phone 170 transmits an OTP agent to the mobile phone through an OTP agent drive command 5 is a flowchart illustrating a process of generating an OTP for mobile phone settlement by driving the mobile terminal according to an embodiment of the present invention. It is to be understood that the invention may be practiced otherwise than as specifically described herein, but it will be appreciated that the invention may be practiced otherwise than as specifically described herein, The technical features are not limited by the method alone.

Hereinafter, in FIG. 5, the payment authentication system 110 shown in FIG. 1 is referred to as a "server" for the sake of convenience.

2, when the OTP agent driving command is transmitted to the user's mobile phone 170, the user's mobile phone 170 receives the OTP agent driving command from the server through the wireless communication network 500, (505) that the user mobile phone 170 remotely drives the OTP agent through the instruction set included in the OTP agent driving command and the agent driving authentication information.

According to the embodiment of the present invention, the user's mobile phone 170 can receive the agent-driven authentication information included in the OTP agent drive command and the agent stored in the mobile phone memory (or USIM) through the command set included in the OTP agent drive command, It is preferable to compare the driving authentication information to authenticate that the user mobile phone 170 drives the OTP agent remotely.

Alternatively, when the agent-initiated authentication information includes a data structure in which a pre-set code value is generated through a specific hash function, the user's mobile phone 170 transmits the agent-driven authentication information through the instruction set included in the OTP agent- It is possible to authenticate that the OTP agent is remotely activated by the user's mobile phone 170 by checking whether a predetermined code value is generated by substituting the information into the hash function, and thus the present invention is not limited thereto.

If it is not authorized to remotely operate the OTP agent (510), the user phone (170) outputs OTP agent driving error information to the screen output means (515).

On the other hand, if the OTP agent is authorized to operate remotely (510), the user's mobile phone 170 drives the OTP agent through a command set included in the OTP agent drive command (520).

If the OTP agent has a function of inputting a user's password or a user's personal identification number to generate the OTP, the user's mobile phone 170 transmits an OTP generation user password or a user's personal identification number through the OTP agent And authenticates the generation of the OTP through the OTP agent (525).

If it is not authorized to generate the OTP through the OTP agent 530, the user mobile phone 170 outputs OTP agent creation error information to the screen output means 535.

On the other hand, if it is authenticated to generate the OTP through the OTP agent (530), the user's mobile phone 170 may generate an OTP through OTP generation information stored in the memory (or USIM) The fixed seed value and the dynamic seed value are determined 540, the OTP is generated through the fixed seed value and the dynamic seed value, and the generated OTP is output to the screen output means 545. According to the intention of the person skilled in the art, It is possible to provide (or provide ciphering) to the user's wired terminal 100 in the vicinity of the user's cellular phone 170 via the means.

6 is a flowchart illustrating a verification procedure for a mobile phone settlement through OTP according to another embodiment of the present invention.

6 is a flowchart illustrating an operation of receiving a mobile phone number from the wired terminal 100 through the process shown in FIG. 2, authenticating that the mobile phone 170 corresponding to the mobile phone number has an OTP agent, When the OTP agent driving command is transmitted to the user mobile phone 170, the mobile phone 170 further receives the OTP verification information from the user mobile phone 170 corresponding to the mobile phone number to authenticate generation of the OTP ' If it is authenticated to generate the OTP 'through the OTP, it is checked that the OTP generation information for generating the OTP' to be compared with the OTP is confirmed. If a person skilled in the art is familiar with the present invention, Referring to and / or modifying FIG. 6, various implementations of the verification process for mobile phone settlement over the OTP (e.g., Would be able to infer the exemplary method, or the order has changed), the present invention is made, including any exemplary way in which the inference, to which the technical feature that is not limited to the exemplary method shown in the figure 6.

Hereinafter, in FIG. 6, the payment authentication system 110 shown in FIG. 1 is referred to as a "server" for the sake of convenience.

Referring to FIG. 6, it is authenticated that the mobile phone number is received from the user terminal 100 through the process shown in FIG. 2 and that the OTP agent is provided in the user mobile phone 170 corresponding to the mobile phone number, When the OTP agent driving command is transmitted to the user mobile phone 170, the server processes the OTP agent input command to input the OTP verification information to the user mobile phone 170 corresponding to the mobile phone number, The OTP verification information is received from the user's mobile phone 170 through a communication session (600).

If the OTP verification information is received from the user's mobile phone 170 in operation 605, the server compares the OTP verification information received from the user's cellular phone 170 with the OTP verification information stored in the storage medium, (610) verification validity to authenticate generating OTP 'that verifies the received OTP through stored OTP generation information.

If the verification validity is not confirmed (615), the server generates mobile phone settlement error information and transmits it to the user mobile phone (170) and the user terminal (620) (620). According to the intention of a person skilled in the art, It is preferable to repeat the mobile phone settlement process shown in Fig.

On the other hand, if the verification validity is confirmed (615), the server checks whether the OTP 'generated through the OTP generation information satisfies a condition to be compared with the OTP (625).

For example, when the OTP is authenticated in a time-synchronized manner, and the OTP and OTP verification information are received on a separate channel, the verification validity authentication unit 140 determines the time at which the OTP was received It is preferable to check the time difference between the time of receiving the OTP verification information and to confirm whether the time difference satisfies the time-synchronization condition of the OTP.

If the comparison condition between the OTP 'and the OTP is not satisfied (630), the server generates mobile phone settlement error information and transmits it to the user mobile phone 170 and the wired terminal 100 (620) It is preferable to repeat the mobile phone settlement process shown in FIG.

On the other hand, if the comparison condition between the OTP 'and the OTP is satisfied (630), the server confirms (635) OTP generation information for generating an OTP' to be compared with the OTP, And approves the handset settlement by comparing with the OTP.

7 is a diagram illustrating an OTP payment validity authentication process for mobile phone settlement according to an embodiment of the present invention.

7 is a flow chart illustrating an operation of the OTP generated by the user's mobile phone 170 from the wired terminal 100 through the process shown in FIG. Determines a fixed seed value and a dynamic seed value for generating OTP 'from the generation information, generates OTP' using the determined fixed seed value and dynamic seed value, compares the received OTP with the generated OTP ' If the person skilled in the art is aware of the validity of payment for the mobile phone number, referring to and / or modifying FIG. 7, the OTP payment validity authentication It will be appreciated that various implementations of the process (e.g., some steps may be omitted or alternate procedures) may be inferred, And the technical features thereof are not limited only by the method shown in FIG.

Hereinafter, in FIG. 7, the payment authentication system 110 shown in FIG. 1 is referred to as a "server" for the sake of convenience.

Referring to FIG. 7, when an OTP generated by the user's mobile phone 170 is received from the user's wired terminal 100 through the process shown in FIG. 2, the server transmits an OTP ' (700), and determines a fixed seed value and a dynamic seed value for generating OTP 'from the OTP generation information (705). Then, using the determined fixed seed value and the dynamic seed value, Generates OTP 'to be compared with the received OTP, compares the received OTP with the generated OTP', and confirms the payment validity of the mobile phone number (710).

If the settlement validity of the mobile phone number is not confirmed through the OTP 715, the server generates mobile phone settlement error information and transmits it to the user mobile phone 170 and the web server 105 in operation 720.

On the other hand, if the payment validity of the mobile phone number is confirmed through the OTP (715), the server processes the settlement approval for payment of the payment amount confirmed from the web server 105 through the mobile communication fee, And transmits payment approval information to the user mobile phone 170 and the web server 105 (725).

100: User wired terminal 105: Web server
110: payment authentication system 115: interface providing means
120: mobile phone number receiving means 125: agent checking means
130: Information checking means 135: OTP receiving means
140: verification validity authentication means 145: payment validity authentication means
150: Payment processing means 155: Information providing means
160: Information D / B 165:
170: User's cell phone

Claims (5)

A method executed by a server capable of communicating with a user's cellular phone,
When a program for implementing an OTP (One Time Password) is installed in a user's mobile phone, the mobile phone number of the user's mobile phone or the program installed in the user's mobile phone for authenticating that the user's mobile phone has the program installed, Storing verification information for verifying the execution of an authentication procedure for authenticating an OTP to be implemented through a program of the user's mobile phone on a designated storage medium, storing the information for driving the program installed in the user's mobile phone in a designated storage medium, ;
When confirming an OTP authentication request using a user's mobile phone through a first communication session via a specified path from a terminal located in the vicinity of the user's mobile phone, authenticating whether the program is installed in the user's mobile phone by itself referring to the storage medium A second step;
A third step of causing a wireless message including information for driving a program installed in a user's cellular phone to be transmitted to the user's cellular phone when the program is installed and authenticated on the user's cellular phone;
Receiving an OTP implemented through a program driven by the user's cellular phone through a first communication session from a terminal located in the vicinity of the user's cellular phone when the program is activated in a user's cellular phone receiving the wireless message, A fourth step of receiving verification information verified through a program of the user's cellular phone through a second communication session separate from the communication session of the first user; And
Determining whether to perform the OTP authentication procedure by authenticating the validity of the verification information received through the second communication session based on the verification information stored in the storage medium, And a fifth step of performing a specified procedure to authenticate the validity of the OTP received through the session.
The information processing apparatus according to claim 1,
And an identification number registered to verify that a procedure of authenticating an OTP to be implemented through a program of a user's mobile phone is performed.
2. The method of claim 1,
And a designated code number that is distinguished through a predetermined identifier to identify that the program is run in a data area on the message structure.
The method according to claim 1,
When the program is activated in a user's cellular phone that has received the wireless message,
Further comprising the step of connecting a second communication session separate from the first communication session in cooperation with the program of the user's cellular phone,
The method according to claim 1,
When a settlement using the OTP is requested from the terminal through the first communication session,
Wherein the fifth step further comprises a step of performing a process of processing the settlement using a specified payment means based on a result of authenticating the validity of the OTP.

Images