KR20180109033A - Method and System for Providing Certification by using Disposable Reverse Direction Message, and Record Medium - Google Patents

Abstract

The present invention relates to an authentication method using a one-time reverse message, capable of safely and inexpensively authenticating validity of a service provided to a user. The authentication method using a reverse reply message comprises: a step of performing a procedure for checking a user′s mobile number and an authentication code, and performing a procedure for checking a one-time phone number; a step of mapping the user′s mobile number with the generated authentication code and a one-time phone number to store the same in a predetermined medium for a predetermined effective time; a step of displaying a security code including the authentication code and the one-time phone number on a web/application screen of a user terminal through a data network separated from a telephone network; a step of performing a message authentication procedure; a step of performing a message authentication procedure for authenticating that the reverse message is validly received through the telephone network; a step of performing a transmission authentication procedure and a code authentication procedure; and a step of generating an authentication result for providing a service of a service server based on transmission and code authentication results to provide the authentication result to the service server or the user terminal.

Description

TECHNICAL FIELD The present invention relates to an authentication method and system using a disposable reverse message, and a recording medium for the authentication method and system using the disposable reverse message.

The present invention can be applied to a web / application screen of a user terminal, a disposable telephone number dynamically determined at the time of authentication of a service provided through a web / application screen of a user terminal via a data network and a dynamically generated authentication code for providing the service, And then transmits the disposable telephone number and the message body area input in the reception number area of the disposable reverse message, which is once transmitted backward via the separate telephone network separated from the data network, by selecting the message transmission from the user's cellular phone And authenticates the validity of the service provided to the user through the web / application screen of the user terminal via the data network separated from the telephone network using the authentication code.

There is provided an SMS authentication for generating an authentication number from a server on the Internet, sending an SMS including the authentication number to a user's cellular phone, and receiving and authenticating the authentication number through a terminal of a user connected to the Internet. However, since the conventional SMS authentication includes the authentication number in the SMS and is sent to the user's mobile phone (= forward transmission), not only can it be captured easily through character interception, but also can easily be taken by phishing, And includes a variety of problems that can be authenticated by inputting a key through a terminal of a third party rather than a terminal used by an actual user because the terminal is authenticated by inputting a key. Accordingly, the Financial Supervisory Service (FSS) recommends the use of the conventional SMS authentication for the additional authentication such as financial transactions, and some banks (for example, NH bank, etc.) have already stopped the conventional SMS authentication service.

Meanwhile, in addition to the SMS authentication for authenticating and forwarding the SMS including the authentication number, the ARS authentication is provided to input and receive the authentication number by dialing the ARS-based phone with the user's telephone. However, such conventional ARS authentication also poses problems such as incoming call control, voice interception, inaccessibility of hearing-impaired persons, restriction of overseas use, and generation of two to three times higher costs than SMS authentication, but there are other alternatives It is a temporary use until now.

Meanwhile, in addition to the conventional SMS authentication and ARS authentication, an app authentication method is provided in which an app is installed in a user's smartphone and additional authentication is provided using the app. However, such a conventional application authentication method has a problem that it is abused by a memory hacking or the like for a smart phone, and has a problem that it can not be used in a feature phone in which an app can not be installed other than a smart phone.

As a result, an additional low-cost and safe authentication method is needed while eliminating the problems of conventional SMS authentication, ARS authentication, and application authentication, and the presently proposed method has technically difficult problems to solve the above problems .

An object of the present invention to solve the above problem is to generate a predetermined authentication code at the time of an authentication request for providing a service from a service server providing a service designated by a user terminal used by a user, A disposable telephone number to be used as a destination number of a reverse message to be received in a reverse direction once is determined, a mapping is made between the mobile phone number of the user, the generated authentication code and the disposable telephone number, and a separate data network separated from the telephone network The security code including the authentication code and the disposable telephone number are output through the Web / App screen of the user terminal via the web server, and the user transmits the security code including the authentication code and the disposable telephone number to the web / After recognizing the screen and inputting the authentication code, And receiving the disposable reverse message including the disposable telephone number in the called party number field, authenticating that the received reverse message is a reverse message sent backward in a valid user's cell phone, Authenticating that the authentication code included in the message body area of the user terminal is a code corresponding to the security code output through the Web / App screen of the user terminal, and processing the authentication code for providing the service of the service server using the disposable reverse message And a system and a recording medium therefor.

The authentication method using the disposable reverse message according to the present invention is a method for interoperating with a service server providing a designated service to a user and exchanging messages via a user's mobile phone and a telephone network, The method comprising the steps of: confirming a mobile phone number of a user at the time of authentication for providing a service of the service server, checking a dynamically generated authentication code for providing the service, A first step of performing a procedure for identifying a dynamically determined disposable telephone number to be used as a called number of a disposable reverse message to be received in a reverse direction once through the telephone network including the mobile telephone number of the user as a calling number, The mobile phone number of the user, A second step of mapping the one-time use phone number and the one-time use phone number to the mobile phone and maintaining the mobile phone number for a designated validity time, and a security code including the authentication code via the web / And disposing the disposable telephone number, and a third step of transmitting the disposable telephone number of the user terminal to the user terminal through the web / app screen of the user terminal, A reverse message including an authentication code input by a user and included in a call number area and included in a message body area of a security code output from a web / application screen of the user terminal by a user, A fourth step of performing a message authentication procedure for authenticating whether the reverse message is valid An originating authentication procedure for confirming a calling number of the uplink message and authenticating whether the one-time telephone number corresponding to the called number of the uplink message matches a mapped mobile number, and an authentication code included in the message body area of the uplink message, A fifth step of performing a code authentication procedure to authenticate whether the mobile phone number matches the authentication code mapped to the mobile phone number, and a fifth step of generating an authentication result for providing a service of the service server based on a result of the outgoing authentication and the code authentication, To a service server or a user terminal.

The method of claim 1, wherein the first step comprises a step of receiving, from a number management module for managing N (N > = 2) telephone numbers, (1 ≤ n ≤ N) telephone number, which is not used, as a disposable telephone number to be used as a destination number of the reverse message.

The authentication method using the disposable reverse message according to the present invention is characterized in that the first step includes the steps of generating N (N > / = 2), which can be generated by combining a dynamic number of digits designated by a designated station number managed by the number management module, (1 ≤ n ≤ N) telephone numbers, which are generated by combining non-overlapping numbers of digits designated by the designated station number among the telephone numbers of the reverse telephone number, as one-time telephone numbers to be used as destination numbers of the reverse message The method comprising the steps of:

In the authentication method using the disposable reverse message according to the present invention, in the first step, when the mobile phone number of the user is confirmed, the number of the N phone numbers from the number management module managing N (N? 2) (1 ≤ n ≤ N) telephone number that is not duplicated and has no history mapped with the mobile number is identified as a one-time telephone number to be used as a destination number of an uplink message including the mobile number And a control unit.

In the authentication method using the disposable reverse message according to the present invention, in the first step, when the mobile phone number of the user is identified, a dynamic number having a number of digits specified in the designated station number managed by the number management module is combined (1? N? N), which is generated so as not to overlap with a number of digits specified by a designated station number among N (N? 2) And confirming the telephone number as a disposable telephone number to be used as a destination number of an uplink message including the mobile phone number as a calling number.

The authentication method using the disposable reverse message according to the present invention is characterized in that the n-th telephone number is a telephone number that is not used as a disposable telephone number for a predetermined period of time out of N telephone numbers, A telephone number that has not been reused for a certain period of time after being used as a one-time telephone number among N telephone numbers, a telephone number that has not been reused for the longest period after being used as a one-time telephone number among N telephone numbers And at least one telephone number.

In the authentication method using the disposable reverse message according to the present invention, the second step may further include storing mapping history information on a mapping relationship between the mobile phone number and the disposable telephone number in a designated DB and managing the mapping history information .

In the authentication method using the disposable reverse message according to the present invention, the second step may further include starting counting an effective time for maintaining a mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number, Determining whether an effective time for maintaining the relationship has elapsed; and deactivating the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number when the valid time has elapsed.

In the authentication method using the disposable reverse message according to the present invention, the security code may include an authentication code to be input in a message body area of the reverse message, or may be input into the message body area of the reverse message And a combination of arbitrary dummy codes.

In the authentication method using the disposable reverse message according to the present invention, the third step is to guide the user to input the authentication code output through the web / application screen of the user terminal into the message body area of the reverse message and to reply And outputting the information through the web / application screen of the user terminal.

The authentication method using the disposable reverse message according to the present invention is characterized in that the reverse message is a message sent through a telephone network to which a mobile phone of the user is subscribed, Verifying whether or not the assigned mobile number matches the calling number included in the message, and when the mobile number of the mobile phone matches the calling number of the message, the disposable telephone corresponding to the called number included in the message through the communication company system Number of times.

In the authentication method using the disposable reverse message according to the present invention, the fourth step may include: checking a reverse message received at the designated disposable telephone number, reading the number system of the origination number of the reverse message, And verifying that the reverse message is a valid message that can be used in the authentication procedure when the calling number of the reverse message is the number system of the mobile phone number.

In the authentication method using the disposable reverse message according to the present invention, the fourth step may include: checking a reverse message received at the specified disposable telephone number, and determining a mapping state between the disposable telephone number and the mobile phone number, And verifying that the reverse message is valid as an available message in the authentication procedure before the effective time has elapsed.

The authentication method using a disposable reverse message according to the present invention comprises the steps of: maintaining i (i > = 1) inserted codes set to be automatically inserted into a message body area of a message when a message is transmitted from a data network via a telephone network Analyzing the code included in the message body area of the reverse message received by the disposable telephone number to confirm whether the code includes at least one of the i inserted codes, And authenticating the reverse message as a valid message that can be used in the authentication procedure if the at least one insertion code is not included in the message body area of the message.

In an authentication method using a disposable reverse message according to the present invention, it is possible to maintain j (j > = 1) exception codes that are not used as authentication codes among codes that can be input in a message body area of a reverse message in a user's mobile phone Analyzing the code included in the message body area of the reverse message received in the disposable telephone number to confirm whether the message includes at least one exception code among the j exception codes; If the at least one exception code is not included in the message body area of the reverse message, confirming that the reverse message is effectively received.

The authentication method using the disposable reverse message according to the present invention is characterized in that when the at least one exception code is included in the message body area of the reverse message, an error of the message body area of the reverse message through the web / And outputting the information.

In the authentication method using the disposable reverse message according to the present invention, the fifth step may include the step of outputting the generated error information through the Web / App screen of the user terminal when an error occurs in the origination authentication or the code authentication And further comprising:

The recording medium using the disposable reverse message according to the present invention is characterized in that a program for executing the method of the first aspect is recorded.

A system for interworking with a user terminal used by a user through a separate data network separate from the telephone network and capable of exchanging messages via a mobile phone and a telephone network of a user, An authentication code identifying unit for identifying a mobile phone number of the user and a dynamically generated authentication code for providing a service, and a disposable mobile communication terminal including the mobile phone number of the user as a calling number, A disposable number identification unit for identifying a dynamically determined disposable telephone number to be used as a destination number of the reverse message, and a management unit for mapping the user's mobile phone number, the generated authentication code and the disposable telephone number, The mapping maintaining unit and the telephone network An information output unit for processing the security code including the authentication code and the disposable telephone number through a separate data network separated from the user terminal through a Web / App screen of the user terminal, A disposable telephone number output from the web / application screen of the user terminal is included in the called number area by the user and includes a mobile phone number of the user as a calling number, A message authentication unit for authenticating the validity of the received reverse-direction message via the telephone network, a message authentication unit for receiving the reverse-message including the authentication code input by the user in the message body area via the telephone network, If the reverse message is validly received, the originating number of the reverse message is checked, And the authentication code included in the message body area of the reverse message is matched with the authentication code mapped to the mobile phone number, and the authentication code included in the message body area of the reverse message is matched with the authentication code mapped to the mobile phone number And a result processing unit for generating and providing an authentication result for providing the service based on a result of the origination authentication and the code authentication.

According to the present invention, the disposable telephone number dynamically determined at the authentication time of the service provided through the web / application screen of the user terminal via the data network and the dynamically generated authentication code for providing the service are transmitted to the web / A disposable telephone number input in a destination number area of a disposable reverse message that is once transmitted backward through a separate telephone network separated from the data network by selecting a message transmission from the user's mobile phone after outputting through the application screen, There is an advantage that the validity of the service provided to the user through the web / application screen of the user terminal is securely and inexpensively authenticated via the data network separated from the telephone network by using the authentication code input to the user terminal.

1 is a diagram illustrating a configuration of an authentication system using a disposable reverse message according to an embodiment of the present invention.
FIG. 2 is a diagram illustrating an information confirmation and mapping process for a disposable message-based authentication procedure according to an embodiment of the present invention.
3 is a diagram illustrating a process of outputting an authentication code and a disposable telephone number via a data network according to an embodiment of the present invention.
4 is a diagram illustrating a process of authenticating the validity of a service provided through a data network using a disposable reverse message received via a telephone network according to an embodiment of the present invention.

The operation principle of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention.

In other words, the following embodiments correspond to the preferred embodiment of the preferred embodiment of the present invention. In the following embodiments, a specific configuration (or step) is omitted, or a specific configuration (or step) (Or steps), or an embodiment that incorporates functions implemented in more than one configuration (or step) into any one configuration (or step), a particular configuration (or step) It will be apparent that the present invention is not limited to the embodiments described below. Therefore, it should be clearly stated that various embodiments corresponding to subsets or combinations based on the following embodiments can be subdivided based on the filing date of the present invention.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

1 is a diagram illustrating a configuration of an authentication system using a disposable reverse message according to an embodiment of the present invention.

In more detail, FIG. 1 illustrates a process of generating a predetermined authentication code when requesting authentication for providing a service from a service server 175 providing a service designated by a user terminal 170 used by a user, The method comprising the steps of: determining a disposable telephone number to be used as a destination number of a reverse message to be received in a reverse direction once via the Internet, mapping and storing the user's mobile number, the generated authentication code and the disposable telephone number, And transmits the security code including the authentication code and the disposable telephone number through the Web / App screen of the user terminal 170 via the network to output the disposable telephone number to the user Recognizes the Web / App screen of the user terminal 170 and inputs the entered authentication code into the message body area And receives the disposable reverse message including the disposable telephone number in the called party number field and verifies whether the received reverse message is a reverse message sent backward in a valid manner once in a valid user's cell phone 180, Authenticates that the authentication code included in the message body area of the message is a code corresponding to the security code output through the Web / App screen of the user terminal 170, and processes the authentication code for the service provision of the service server 175 It should be understood by those skilled in the art that reference is made to and / or modified by reference to FIG. 1 to describe various implementations of the configuration of the authentication system (e.g., Or a subdivided or combined implementation), but the present invention is not limited to the above- Is made, including any exemplary method of estimation, to which the technical feature that is not limited to the exemplary method shown in the figure 1.

The system of the present invention includes a user's mobile phone 180 capable of exchanging messages via at least one telephone network including a mobile telephone network of a mobile communication company, a user terminal 170 used by a user to receive a designated service, A service server 175 for providing a service designated by the user terminal 170 through a separate data network separated from the service network 170 and a service server 175 for exchanging messages with the user's mobile phone 180 via the telephone network, And an operation server 100 interlocked with a user terminal 170 used by a user through a separate data network.

The user's cellular phone 180 is a mobile communication terminal capable of transmitting and receiving messages via one or more telephone networks including a cellular phone network of a mobile communication company, and may preferably include a feature phone or a smart phone subscribed to a mobile communication company.

According to an embodiment of the present invention, the user's mobile phone 180 can receive SMS (Short Message Service), EMS (Enhanced Messaging Service), MMS (Multimedia Message Service ), And / or may send at least one message of SMS, EMS, MMS through the message center. Hereinafter, the present invention will be described with reference to an embodiment in which the message transmitted / received to / from the user's cell phone 180 via the telephone network is 'SMS'. However, in the present invention, the embodiment of the message is not limited to 'SMS', and the user's mobile phone 180 can transmit / receive to / from the user's mobile phone 180 via one or more telephone networks including the mobile communication network of the mobile communication company It is evident that any message is included in the scope of the present invention.

The service server 175 is connected to a service provider 170 through a separate data network separate from the telephone network used for sending and receiving messages to and from the user's mobile phone 180, A web-based service is preferably provided using the user terminal 170 used by the user, or an application specified in the user terminal 170 used by the user is installed, and the application-based Can be provided. For example, the service server 175 may include an Internet banking server used by a financial institution including a bank to provide a web-based Internet banking service to a user terminal 170 used by a user. Alternatively, the service server 175 may include a home trading server used by a financial institution including a securities company to provide a home trading service through a home trading application installed in a user terminal 170 used by a user.

The user terminal 170 is a general term of a terminal used by a user to receive a designated service from the service server 175 via a separate data network separated from the telephone network and is preferably connected to a wired data network such as a wired Internet A wired terminal such as a personal computer or a notebook computer, and a wireless terminal such as a tablet PC or a notebook connected to a wireless data network including a wireless LAN.

According to an embodiment of the present invention, the user terminal 170 includes a browser for receiving a web-based service from the service server 175, or a browser for receiving a web-based service from the service server 175 You can install the app.

The operating server 100 is capable of exchanging messages with the user's mobile phone 180 via one or more telephone networks and is capable of exchanging messages through a separate data network separated from the telephone network, The present invention relates to a server-side configuration for performing an authentication procedure according to the present invention, wherein the operating server 100 defines a channel through which a message is exchanged with a user's mobile phone 180 via one or more telephone networks as an 'authentication channel' A channel interlocked with the user terminal 170 used by the user through the separate data network separated from the operating network server 100 or the channel connecting the service server 175 to the user terminal 170 ) Is defined as a 'service channel'. In the present invention, the authentication channel including the telephone network and the service channel including the data network are physically and / or logically separated so as not to interfere with each other.

According to an embodiment of the present invention, the operation of the user is controlled via the authentication channel, which includes one or more telephone networks in the user's cellular phone 180 in the direction opposite to the messaging direction received by the user's cellular phone 180 via the authentication channel. A message to be transmitted to a designated telephone number on the server 100 side is defined as an 'reverse message'.

Referring to FIG. 1, the operation server 100 includes an authentication request confirmation unit 105 for confirming an authentication request for providing a service of the service server 175, a mobile phone number confirmation unit (110), an authentication code checking unit (115) for checking the authentication code dynamically generated for providing the service, and a disposable reverse direction receiving unit A disposable number identification unit (120) for identifying a dynamically determined disposable telephone number to be used as a destination number of the message; a mapping unit (120) for mapping the mobile phone number of the user, the generated authentication code and the disposable telephone number, And a mapping holding unit 125 that holds the mapping information.

The service server 175 of the service providing organization requests authentication for providing the service while providing the web / application based service to the user terminal 170 through the service channel including the designated data network, 105 receives authentication request information requesting authentication of the service using a message transmitted / received through an authentication channel including one or more telephone networks separated from the data network by the service server 175.

According to an embodiment of the present invention, the authentication request information may be interworking information for interworking with the user terminal 170 through the service channel including the data network in the operation server 100, Service identification information for identifying the service to be provided to the user through the user terminal 170, user identification information for identifying the user, service information about the service to be provided to the user through the user terminal 170 in the service server 175 (For example, financial transaction information in the case of an Internet banking service, securities transaction information in the case of a home trading service, etc.), partial information of the service information, mobile phone number of the user identified by the service server 175, An authentication code, and a disposable telephone number determined by the service server 175. [

On the other hand, upon confirming the authentication request for providing the service of the service server 175 through the authentication request confirmation unit 105, the mobile phone number check unit 110 checks whether the mobile phone 180 has received the message And confirms the mobile number of the user to be used as the originating number of the reverse message to be transmitted in the reverse direction through the authentication channel.

According to the first mobile phone number confirmation embodiment of the present invention, the service server 175 receives the mobile phone number from the user through the user terminal 170 or registers the mobile phone number in the DB of the service server 175 (For example, included in the authentication request information provided to the operation server 100) to the operation server 100, and the mobile phone number check unit 110 checks the mobile phone number of the user The mobile phone number of the user can be received from the server 175.

According to the second mobile phone number identification method of the present invention, the mobile phone number identification unit 110 may be connected to the user terminal 170 used by the user via the data network (for example, (In cooperation with the user terminal 170 based on the interworking information included in the request information), and receive and receive the mobile phone number of the user from the user terminal 170. [

According to the third embodiment of the present invention, the service server 175 and the operation server 100 share user information, and the mobile phone number identification unit 110 identifies the mobile phone number (E.g., user identification information included in the authentication request information received from the service server 175), and confirm the mobile phone number of the user by referring to the designated DB on the operation server 100 side.

Meanwhile, at the time of confirming the authentication request for providing the service of the service server 175 through the authentication request confirmation unit 105, the authentication code confirmation unit 115 checks the authentication code dynamically generated for providing the service .

According to the first authentication code checking embodiment of the present invention, the service server 175 may generate a random number authentication code dynamically using a random number generation algorithm, or may include a dynamic seed including a time value or a random number value One or more seeds can be applied to the specified hash algorithm to dynamically generate disposable authorization codes or any combination from arbitrary numbers and / or characters and / or combinations of symbols stored in the database can be selected for dynamic use with disposable authentication codes And may provide the authentication code dynamically generated (or determined) as described above to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100), and the authentication The code verification unit 115 may receive the authentication code from the service server 175. [

According to the second authentication code checking embodiment of the present invention, the authentication code checking unit 115 may dynamically generate a random number authentication code using a random number generating algorithm, or may generate a dynamic seed containing a time value or a random number One or more included seeds may be applied to a specified hash algorithm to dynamically generate a disposable authentication code or to select any combination from a DB that stores any number and / or a combination of letters and / or symbols to generate a disposable authentication code . ≪ / RTI >

On the other hand, upon confirming the authentication request for service provision of the service server 175 through the authentication request confirmation unit 105, the disposable number identification unit 120 identifies the disposable number based on the message sending selection from the user's mobile phone 180 And identifies the dynamically determined disposable telephone number to be used as the disposable destination number of the reverse message to be sent backwards through the authentication channel including the telephone network.

According to the first disposable telephone number identification method of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for transmitting and receiving messages via a telephone network And a program code executed in the DB 100 and / or the operation server 100), and the disposable number identification unit 120 identifies the N number of telephone numbers managed by the number management module It is possible to select one n (1? N? N) telephone number and confirm it as a disposable telephone number to be used as a destination number of the reverse message.

According to the embodiment of the present invention, the disposable number identification unit 120 does not duplicate the mobile phone number and other phone numbers among the N phone numbers managed by the number management module, , Unused phone numbers after a specified initialization, unused phone numbers after a specified initialization, phone numbers that have been used more than once as one-time phone numbers and have not been reused for a certain period of time, An nth telephone number including a telephone number that satisfies at least one condition of at least one of the telephone numbers that have not been reused for a long period of time can be selected and confirmed as a disposable telephone number to be used as a destination number of the reverse message.

According to the second disposable telephone number identification embodiment of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for sending and receiving messages via the telephone network And a program code executed in the DB 100 and / or the operation server 100), and when the mobile phone number of the user is confirmed through the mobile phone number checking unit 110, (120) checks the mapping history information of the identified mobile phone number, selects one of N phone numbers managed by the number management module and does not duplicate and has no history mapped with the mobile phone number based on the mapping history information (1 ≤ n ≤ N), and confirm the disposable telephone number to be used as a destination number of an uplink message including the mobile phone number as a calling number.

According to the embodiment of the present invention, the disposable number identification unit 120 can identify the disposable number of the user, which is not duplicated with another phone number being mapped to another mobile phone number among the N phone numbers managed by the number management module, A telephone number that is not used as a disposable telephone number for a certain period of time or longer, a telephone number that is not used as a disposable telephone number after a designated initialization, a disposable telephone number that has not been reused for a certain period of time A telephone number, a telephone number that is more than once used as a disposable telephone number, and a telephone number that more satisfies at least one condition of a telephone number that has not been reused for the longest period of time, You can check with a one-time phone number to be used.

According to the third disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., program code executed in the operating server 100) capable of generating 22 number of telephone numbers, and the disposable number identifying unit 120 identifies N N (2? N? N) phone numbers generated by combining the number of digits of the number of digits specified in the designated station number out of the N? 2 phone numbers, which are not duplicated, and used as the destination number of the reverse message You will be able to identify with a disposable phone number.

According to the embodiment of the present invention, the disposable number identification unit 120 does not duplicate the mobile phone number and other phone numbers being mapped among N (N? 2) phone numbers that can be generated through the number management module, A phone number that is not used as a one-time phone number after a specified period of time, a phone number that is not used as a one-time phone number after a specified initialization, a phone number that has not been reused for more than a certain period of time after being used as one- Numbered telephone number including at least one telephone number of telephone numbers that have not been reused for the longest period after being used as a number and can be identified as a disposable telephone number to be used as a destination number of the reverse message.

According to the fourth disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., program code executed in the operating server 100) capable of generating 22 number of telephone numbers, and when the mobile phone number of the user is confirmed through the mobile phone number checking unit 110, The disposable number identification unit 120 checks the mapping history information of the identified mobile phone number and identifies the number N (N > = 2) of phone numbers that can be generated through the number management module, (1 ≤ n ≤ N) telephone numbers that are generated so as not to overlap with each other and have no history mapped to the mobile phone number based on the mapping history information W can confirm the phone number to a one-off phone number be used as a called number of the reverse message including the calling number.

According to the embodiment of the present invention, the disposable number identification unit 120 can identify the disposable number without being duplicated with other phone numbers being mapped to the mobile phone number among N (N? 2) phone numbers that can be generated through the number management module A phone number that is not used as a one-time phone number after a predetermined period, a phone number that is not used as a one-time phone number after a designated initialization, An nth telephone number including at least one telephone number of a telephone number that has not been reused for a predetermined period or more, a telephone number that has been used as a disposable telephone number more than once, and a telephone number that has not been reused for a longest period of time, You can check with a one-time phone number to be used.

According to an embodiment of the fifth disposable telephone number verification method of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, and N telephone numbers managed by the number management module (1? N? N) telephone numbers that are not duplicated among the numbers of the telephone numbers and provide them to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100) The disposable number identification unit 120 receives the n-th telephone number from the service server 175 and can identify the disposable telephone number to be used as the called number of the uplink message.

According to the embodiment of the present invention, the service server 175 does not duplicate the mobile phone number and other phone numbers being mapped among the N phone numbers managed by the number management module, and uses the same as the disposable phone number for a predetermined period or more Unused phone numbers, unused phone numbers after a specified initialization, unused phone numbers that have been used as one-time disposable phone numbers, unused phone numbers that have not been reused for a certain period of time, The disposable number identification unit 120 may select the nth telephone number including at least one telephone number among the telephone numbers that have not been reused during the service period, And receives the n-th telephone number and confirms it as a disposable telephone number to be used as a destination number of the reverse message.

According to the sixth disposable telephone number confirmation embodiment of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, (N < = 1 < / = n) which is not duplicated among the N telephone numbers managed by the number management module and has no history mapped to the mobile phone number based on the mapping history information. (e.g., provided in the authentication request information provided to the operation server 100) to the operation server 100, and the disposable number identification unit 120 may identify And receives the n-th phone number from the service server 175 and confirms the mobile phone number as a one-time phone number to be used as a destination number of an uplink message including the mobile phone number.

According to the embodiment of the present invention, the service server 175 may store the history mapped with the mobile phone number of the identified user without overlapping with the mobile phone number and other phone numbers being mapped among the N phone numbers managed by the number management module A telephone number that is not used as a disposable telephone number for a predetermined period or more, a telephone number that is not used as a disposable telephone number after a designated initialization, a telephone number that has been used for one or more disposable telephone numbers for a predetermined period or more, And may provide an n-th telephone number including at least one telephone number of telephone numbers that have not been reused for the longest period of time after being used as one-time telephone numbers to the operation server 100, The confirmation unit 120 receives the n-th telephone number from the service server 175 and transmits the reception number As a one-time phone number.

According to the seventh disposable telephone number identification example of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (N > = 2) telephone numbers that can be generated by the number management module, wherein the number of N (N > = 2) telephone numbers (1? N? N) telephone numbers which are not included in the authentication request information provided to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100) The disposable number confirmation unit 120 receives the n-th telephone number from the service server 175 and can confirm the disposable telephone number to be used as the called number of the uplink message.

According to the method of the present invention, the service server 175 does not overlap with the mobile phone number and other phone numbers being mapped among N (N? 2) phone numbers that can be generated through the number management module, Phone numbers that are not used as one-off phone numbers, unused phone numbers that have not been used as one-off phone numbers after a specified initialization, phone numbers that have not been reused for more than a certain period of time after being used as one-time phone numbers, And the n-th telephone number including at least one telephone number of the telephone numbers that have not been reused for the longest period after use may be selected and provided to the operating server 100, Receives the n-th telephone number from the service server 175 and confirms it as a one-time telephone number to be used as a destination number of the reverse message .

According to the eighth disposable telephone number identification example of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N ? 2) number, and when the mobile phone number of the user is confirmed, the mobile terminal confirms the mapping history information of the mobile phone number and confirms N (N?) That can be generated through the number management module. (1? N? N), which is generated so as not to be duplicated by combining digits of the number of digits specified in the designated station number among the 2) telephone numbers, and which has no history mapped with the mobile number based on the mapping history information, ) May be selected and provided to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100) The service number confirmation unit 120 may receive the n-th phone number from the service server 175 and confirm the service number as a disposable telephone number to be used as a destination number of an uplink message including the mobile phone number as a calling number.

According to an embodiment of the present invention, the service server 175 may receive the mobile phone number of the mobile phone number N (N > = 2) generated by the number management module, , A phone number that is not used as a disposable telephone number for a certain period of time or longer, a telephone number that is not used as a disposable telephone number after a designated initialization, or a disposable telephone number that is used more than once and is not reused for a certain period of time A first telephone number including at least one telephone number of a telephone number that has not been reused for a longest period of time after being used as a disposable telephone number at least once, and may provide the selected telephone number to the operation server 100 , The disposable number identifying unit 120 receives the n-th phone number from the service server 175 and transmits the reverse message You can see a disposable phone number that will be used arcs.

The mobile phone number of the user is confirmed through the mobile phone number confirmation unit 110 and the authentication code dynamically generated for providing the service is confirmed through the authentication code checking unit 115, If the disposable telephone number to be used as the destination number of the reverse message to be received in the reverse direction via the telephone network is confirmed from the user's mobile phone 180 based on the message sending selection of the user's mobile phone 180, Maps the mobile phone number of the user, the generated authentication code, and the disposable telephone number and stores the same in a designated medium (e.g., a specified DB or memory area).

According to an embodiment of the present invention, the mapping holding unit 125 stores the mobile phone number, the authentication code, and the disposable telephone number of the user in a designated medium for a specified effective time, The mobile phone number, the authentication code, and the disposable telephone number are mapped and stored in the designated medium, and at the same time, the effective time for maintaining the mapping relationship between the mobile number, the authentication code, and the disposable telephone number is counted. It is preferable to maintain a state in which the mobile phone number, the authentication code, and the disposable telephone number are mapped to the medium. On the other hand, after the mobile phone number, the authentication code, and the disposable telephone number are mapped and stored in the designated medium, the mapping storage unit 125 confirms whether the effective time for maintaining the mapping relationship has elapsed. It is desirable to deactivate the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number.

According to an embodiment of the present invention, the mapping holding unit 125 maps the mobile phone number, the authentication code, and the disposable telephone number to a designated medium, and stores the mobile phone number, the disposable telephone number, The mapping history information including the mapping relationship of the mapping of the mapping information to the mapping database is stored and managed in the designated DB. The mapping history information may then be used to avoid cases where the mobile number is mapped to the same or similar disposable telephone number.

Referring to FIG. 1, the operation server 100 transmits a security code including the authentication code to the user terminal 170 via a separate data network separated from the telephone network, And an information output unit 130 for processing to output a telephone number.

On the other hand, if the mobile phone number of the user, the generated authentication code, and the disposable telephone number are mapped on the designated medium, the information output unit 130 may transmit the discrete telephone number through a service channel including a separate data network And outputs the security code including the authentication code and the disposable telephone number through the web / application screen of the user terminal 170. [

According to the first security code embodiment of the present invention, it is preferable that the security code includes the authentication code confirmed by the authentication code checking unit 115, / App screen, and then the message is sent to the user's mobile phone 180 and is input to the message body area of the reverse message. For example, if the authentication code confirmed by the authentication code checking unit 115 is '12', the security code may include '12', '12' is a message body area of the reverse message Lt; / RTI >

According to the second security code embodiment of the present invention, the security code may include a code combination obtained by combining an authentication code and an arbitrary dummy code, which are identified through the authentication code checking unit 115, in a designated code structure, The dummy code includes any code that is output through the web / application screen of the user terminal 170 but is not input into the message body area of the reverse message. For example, if the authentication code confirmed by the authentication code checking unit 115 is '12' and the dummy code is '34', the security code may be '1234' concatenating '12' and '34' '12' is input to the message body region of the reverse message, and '34' may not be inputted to the message body region of the reverse message.

According to an embodiment of the present invention, the information output unit 130 may receive the service information and the service information through a Web / App screen of the user terminal 170 through a service channel including a separate data network separated from the telephone network, The security code and the disposable telephone number may be output or the security code and the disposable telephone number may be output on the service information related screen being output through the web / app screen of the user terminal 170. [

According to the embodiment of the present invention, the information output unit 130 may receive the authentication code output through the Web / App screen of the user terminal 170, So that the web page can be processed through the Web / App screen of the user terminal 170. The guide information may further include a guide for inputting the disposable telephone number output through the web / application screen of the user terminal 170 into the call number field of the reverse message.

If the security code including the authentication code is output through the web / application screen of the user terminal 170, the information output unit 130 outputs the reverse message corresponding to the message sending selection of the user mobile phone 180 The user terminal 170 may configure the guide information to guide the user to input and return the authentication code output on the web / application screen of the user terminal 170 in the message body area, have. For example, when the security code including the authentication code '12' is output through the web / application screen of the user terminal 170, the information output unit 130 may transmit the security code including the authentication code ' The user terminal 170 forms guide information for inputting a two-digit number being output on the screen into the message body area of the reverse message corresponding to the message sending selection of the user's cellular phone 180, And output it through the screen.

Meanwhile, when a security code obtained by combining an authentication code and an arbitrary dummy code is output through the web / application screen of the user terminal 170, a security code output from the web / The user terminal 170 selects the authentication code except for the authentication code and inputs it to the message body area of the reverse message corresponding to the message sending selection of the user mobile phone 180, It is possible to process the data to be output through the network. For example, when a security code including '1234', which is a combination of an authentication code '12' and an arbitrary dummy code '34', is output through the Web / App screen of the user terminal 170, (130) transmits the number corresponding to the first two digits among the numbers included in the security code outputting on the web / application screen of the user terminal (170) to the message body of the reverse message corresponding to the message sending selection of the user mobile phone Area of the user terminal 170 and output it through the web / application screen of the user terminal 170. [

Referring to FIG. 1, the operation server 100 includes the mobile phone number of the user as a calling number based on the message sending selection of the user mobile phone 180, and displays the web / The disposable telephone number output by the user is included in the called party number area, and the authentication code input by the user among the security codes output through the web / app screen of the user terminal 170 is included in the message body area A message reception unit 135 for receiving the reverse message via the telephone network or confirming the reverse message received via the telephone network, and a reverse disconnection message reception unit 135 for receiving the reverse message from the user's mobile phone 180 via one or more telephone networks, A message authentication unit 140 for performing a message authentication procedure for authenticating a valid reverse message received validly Respectively.

The user who owns the mobile phone 180 corresponding to the mobile phone number confirms the security code and the disposable phone number output through the web / application screen of the user terminal 170 which he / she uses.

According to the embodiment of the present invention, the authentication code output from the web / application screen of the user terminal 170 is input to the message body area of the reverse message on the web / application screen of the user terminal 170, (For example, the security (security) information output via the web / application screen of the user terminal 170, the authentication code output via the Web / App screen of the user terminal 170 according to the guidance information, Code and a disposable telephone number of the user terminal 170 in the message body area of the reverse message based on the message sending selection of the user's cellular phone 180, An authentication code corresponding to the guidance information is input from the security code output through the application screen, and the web / application screen of the user terminal 170 is displayed in the reception number area of the reverse message A disposable phone number can be output to respond to input. For example, when the mobile phone 180 is a smart phone, among the security codes output through the Web / App screen of the user terminal 170 through message transmission as illustrated in FIG. 1, authentication Code can be input to the message body area and the disposable telephone number output on the web / application screen of the user terminal 170 can be input into the call number field and returned.

The present invention includes a mobile phone number assigned to a user's mobile phone 180 as a calling number and includes a one-time phone number input by a user in a call number area, and at the same time, A single message sent backward via the telephone network from the mobile phone 180 of the mobile terminal 180 is defined as a disposable reverse message for the authentication procedure of the present invention.

According to an embodiment of the present invention, the reverse message is transmitted from the user's mobile phone 180 as a message sent backward from the user's mobile phone 180 based on the message sending selection, Lt; / RTI > The communication company system checks the device information of the mobile phone 180 that has sent the reverse message and the mobile phone number actually given to the mobile phone 180 by referring to the DB managing the mobile phone 180 subscribed to the mobile phone 180, Verifies that the cell phone 180 that has sent the reverse message is the cell phone 180 that is subscribed to the cell phone 180 and verifies the cell phone 180 that is the cell phone 180 that has been verified to be subscribed to the cell phone 180, It is determined whether or not a cell phone number corresponding to the calling number included in the uplink message is actually given (i.e., the cell phone number actually assigned to the cell phone 180 that sent the uplink message matches the calling number included in the uplink message) . If the cell phone number of the mobile phone 180 matches the calling number of the uplink message, the communication company system relays the uplink message to be transmitted to the one-time phone number corresponding to the called number included in the uplink message .

The message receiving unit 135 includes the mobile phone number of the user as a calling number based on the message sending selection of the user mobile phone 180 and transmits the disposable telephone number output through the web / Via the telephone network, a reverse message including the authentication code input by the user and included in the called party number area and input by the user among the security codes outputted through the web / application screen of the user terminal 170, (Not shown) or a reverse message received by a separate message server (not shown).

When the reverse message is received (or confirmed) via the message receiver 135, the message authenticator 140 validates the reverse message from the user's mobile phone 180 via the at least one telephone network to the specified disposable telephone number And performs a message authentication procedure for authenticating that the received valid reverse message is valid.

According to the first message authentication method of the present invention, the message authentication unit 140 reads out the number system of the origination number of the reverse message received (or confirmed) through the message receiving unit 135, Check if it is a numbering system. According to the embodiment of the present invention, since the reverse message received (or confirmed) through the message receiver 135 is a message sent from the user's mobile phone 180, the calling number of the reverse message must be the mobile phone number of the user . However, a message (for example, SMS or the like) via the telephone network can not only be sent to the mobile phone 180, but can also be a wired telephone connected to a wired telephone network, an Internet telephone or a VoIP phone based on the Internet network, You can also send a message via the phone network through the designated gateway. The message authentication unit 140 checks whether the number system of the originating number of the reverse message is a number system of the mobile phone number. If the originating number of the reverse message is identified by the number system of the mobile phone number, Authenticate with a valid message available for the authentication procedure, or otherwise automatically discard the reverse message. According to the method of the present invention, when a reverse message is transmitted from the mobile phone 180 to which the mobile phone 180 is subscribed, the communication company system to which the mobile phone 180 is subscribed, It is set so as to relay the reverse message to the receiver only when it is verified that the mobile phone number actually matched with the calling number of the reverse message is matched with the calling number of the reverse message so that if the calling number of the reverse message is a mobile phone number, It can be regarded as a real mobile phone 180. [ According to the embodiment of the present invention, if a communication company subscribed to a fixed line telephone, an internet telephone, or a VoIP phone other than the mobile communication company to which the mobile phone 180 is subscribed also implements the function of verifying the calling number of the reverse message, In addition to the mobile phone 180 that is subscribed to the mobile communication company, the message authentication unit 140 may be extended to a landline telephone, an internet phone, a VoIP phone, etc. In this case, VoIP phone, and the present invention is not limited thereto.

According to the second message authentication embodiment of the present invention, the message authentication unit 140 identifies the disposable telephone number corresponding to the called number of the reverse message received (or confirmed) through the message receiving unit 135, It is confirmed whether or not the effective time for maintaining the mapping state of the disposable telephone number and the mobile phone number that received the reverse message has elapsed or has passed. According to the embodiment of the present invention, the message authentication unit 140 can read the effective time counted by being mapped with the disposable telephone number that received the reverse message, and check whether the valid time is before or after the effective time elapses . If the validity period has not elapsed, the message authentication unit 140 can authenticate the uplink message with a valid message that can be used in the authentication procedure. Otherwise, the message authentication unit 140 can automatically discard the uplink message.

According to the third message authentication embodiment of the present invention, when the message authentication unit 140 sends a message via the telephone network in the data network, i (i, 1) You can keep the embedded code. Preferably, when the i inserted codes are transmitted from a server on a data network, not a terminal on the telephone network (for example, the mobile phone 180 subscribed to the mobile telephone network) via the telephone network, Code that is set to be automatically inserted into the message body area of a message to be sent. For example, the code may include one or more codes of '[', 'Web', 'web', 'WEB', 'web', ' . Meanwhile, when the disposable reverse message including the disposable telephone number in the called party number area is received (or confirmed) through the message receiver 135 as well as the mobile phone number as the calling number, the message authentication unit 140 Analyzes the code included in the message body area of the reverse message received (or confirmed) through the message receiver 135, and determines whether at least one of the i inserted codes is included. If the message authentication unit 140 does not include at least one embedded code in the message body region of the uplink message, the message authentication unit 140 determines that the uplink message is not transmitted via the telephone network on the data network, (E.g., mobile phone 180 subscribed to the mobile telephone network), and authenticate the uplink message as a valid message available for the authentication procedure. Otherwise, the uplink message may be automatically discarded.

Meanwhile, according to the embodiment of the present invention, when at least one embedded code is included in the message body area of the uplink message, the message authentication unit 140 transmits the web / application of the user terminal 170 corresponding to the uplink message (E.g., a Web / App screen of the user terminal 170 matched with the mobile number, which is the origination number of the uplink message, or a web / application screen of the user terminal 170 matched with the disposable telephone number, / App screen) and output error information on the message body area of the reverse message through the Web / App screen of the user terminal 170. [

According to the fourth message authentication embodiment of the present invention, the message authenticator 140 may be configured to transmit a message to a message body area of a reverse message through a key input unit (e.g., a key button, a touch screen, etc.) It is possible to keep j (j ≥ 1) exception codes that can not be used as authentication codes among inputable codes. For example, when the authentication code is composed of only digits including '1' to '9' and '0', the message authenticating unit 140 transmits' J excepting codes including codes such as all the characters except for the numbers including '1' to '9' and '0' and symbols (including spaces such as 'space bar'). If the authentication code includes numerals including '1' to '9' and '0' and an alphabetical alphabet, the message authenticator 140 may generate a code that can be input through key input means of the mobile phone 180, You can keep j exception codes that contain codes such as all letters and symbols except the middle and the English alphabet. If the authentication code includes a number including '1' to '9' and '0' and a Hangul word, the message authentication unit 140 transmits a code that can be input through the key input unit of the mobile phone 180 You can keep j exception codes that contain codes such as all digits and symbols except for Chinese digits and Hangul characters. Meanwhile, when the disposable reverse message including the disposable telephone number in the called party number area is received (or confirmed) through the message receiver 135 as well as the mobile phone number as the calling number, the message authentication unit 140 And analyzes the code included in the message body area of the reverse message received (or confirmed) through the message receiver 135 to determine whether at least one of the j exception codes is included. If the message authentication unit 140 does not include at least one exception code in the message body area of the uplink message, the message authentication unit 140 may input the authentication code to the message body area of the uplink message It is possible to authenticate the reverse message as a valid message that can be used in the authentication procedure without regard to the error, and to consider the input error as an error in the reverse message and to automatically discard the reverse message.

Meanwhile, when at least one exception code is included in the message body area of the reverse message, the message authentication unit 140 determines whether the reverse message includes at least one of a web / (E.g., a Web / App screen of the user terminal 170 matched with the mobile number, which is the origination number of the uplink message, or a web / application screen of the user terminal 170 matched with the disposable telephone number, And displays error information on an input error occurring in the authentication code included in the message body area of the reverse message through the web / application screen of the user terminal 170. [

According to the fifth message authentication embodiment of the present invention, the message authentication unit 140 may be configured to at least partially combine at least two embodiments among the first to fourth message authentication embodiments to generate the reverse message Authentication with a valid message available for the authentication procedure, and thus the present invention is not limited thereto.

Referring to FIG. 1, when the reverse message is validly received, the operation server 100 checks the origination number of the reverse message and matches the disposable telephone number corresponding to the called number of the reverse message with the mapped mobile number And a code authentication process for authenticating whether the authentication code included in the message body area of the reverse message is matched with the authentication code mapped to the mobile phone number And generates an authentication result for providing a service of the service server 175 based on a result of the origination authentication and the code authentication and provides the authentication result to the service server 175 or the user terminal 170 And a result processing unit 155.

When the validity of the uplink message is authenticated through the message authentication unit 140, the origination authentication unit 145 identifies the origination number of the uplink message, and the designated medium holding the information registered in the medium holding unit After confirming the disposable telephone number corresponding to the called number of the reverse message and the mapped mobile number, authenticates whether the calling number of the reverse message matches the mobile number confirmed through the designated medium. Meanwhile, according to another embodiment of the present invention, the originating authentication unit 145 identifies the disposable telephone number corresponding to the called number of the reverse message, and transmits the reverse direction message through the designated medium holding the information registered in the medium holding unit. After confirming the mobile telephone number corresponding to the origination number of the message and the disposable telephone number mapped, authenticate whether the called number of the reverse message matches the disposable telephone number confirmed through the designated medium, The origination authentication procedure is substantially the same as the authentication procedure for checking and comparing the mobile phone number mapped with the disposable phone number corresponding to the called number of the reverse message through the designated medium. According to an embodiment of the present invention, it is preferable that the designated medium effectively maintains the mapping relationship between the disposable telephone number and the mobile phone number only for a designated valid time, and after the expiration of the effective time, Even if the phone number and the mapped mobile number are not confirmed or even confirmed, the disposable number may be mapped to another mobile number.

According to the embodiment of the present invention, when the valid mobile phone number is not confirmed through the designated medium, or when the originating number of the reverse message does not match the mobile phone number confirmed through the designated medium, (For example, a web / app screen of the user terminal 170 matched with the mobile phone number, which is the calling number of the reverse message, or a web / app screen of the user terminal 170 corresponding to the reverse message, To check the Web / App screen of the user terminal 170 matched with the disposable telephone number, which is the called number), and to output the error information on the outgoing authentication through the Web / App screen of the user terminal 170 have.

When the validity of the uplink message is authenticated through the message authenticator 140, the code authenticator 150 checks the authentication code included in the message body area of the uplink message, And / or the authentication code mapped to the disposable telephone number corresponding to the called number of the reverse message, and then transmits the message of the reverse message And performs a code authentication procedure for authenticating whether an authentication code included in the body area matches an authentication code confirmed through the designated medium. According to the method of the present invention, it is preferable that the designated medium effectively maintains the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number only for a designated valid time, The authentication code mapped to the mobile phone number or the authentication code mapped to the disposable telephone number is not confirmed. Even if the mobile phone number or the disposable phone number is confirmed, the mobile phone number or the disposable phone number may be mapped to the authentication code of another authentication procedure have.

According to the embodiment of the present invention, when a valid authentication code is not confirmed through the designated medium or an authentication code included in the message body area of the reverse message does not match the authentication code confirmed through the designated medium, The code authentication unit 150 checks the Web / App screen of the user terminal 170 corresponding to the uplink message (for example, the web / app screen of the user terminal 170 matched with the mobile number, , Or a web / app screen of the user terminal 170 matched with the disposable telephone number, which is the called number of the reverse message), and transmits error information on the code authentication through the web / To be output.

The result processing unit 155 checks the result of the outgoing authentication performed by the outgoing authentication unit 145 and verifies the result of the code authentication performed through the code authentication unit 150, And outputs the generated authentication result information to the service server 175 and / or transmits the generated authentication result information to the user terminal 170. [ And displays it on the web / application screen of the user terminal 170. [

When the generated authentication result information is provided to the service server 175 or the user terminal 170, the result processing unit 155 transmits the user's mobile phone number, authentication code, and disposable (Or deactivates) the mapping relationship of the telephone number so that the third party (or hacker) can block attempts to exploit the mapping relationship regardless of the remaining time of the validity time maintaining the mapping relationship .

FIG. 2 is a diagram illustrating an information confirmation and mapping process for a disposable message-based authentication procedure according to an embodiment of the present invention.

In more detail, FIG. 2 shows a case where a user's mobile phone number is confirmed at the time of authentication for providing a service, a dynamically generated authentication code is confirmed for providing the service, and the mobile phone number of the user is included as a calling number, After identifying a dynamically determined disposable telephone number to induce the use of the disposable reverse message to be used as a destination number of the disposable reverse message to be received once in a reverse direction, mapping the user's mobile phone number, the generated authentication code, and the disposable telephone number And may be stored and maintained for a valid period of time. It will be understood by those skilled in the art that reference to and / or modification of FIG. 2 may be applied to various implementations of the process Can be omitted, or the order is changed) , The present invention includes all of the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

Referring to FIG. 2, the user terminal 170 requests (200) a service designated by the service server 175 of the service providing organization via the data network through the designated web / application screen, and the service server 175 The user terminal 170 confirms the designated service request via the data network 205 and checks the service information required for providing the requested service through the data network 210. For example, when the service providing organization is a bank, the service server 175 is an Internet banking server, and the service request is a money transfer request, the service server 175 transmits a request to the user terminal 170, The user can confirm the transfer information for the account transfer (210). If the service information for providing the service is not confirmed, the service server 175 may perform a process of communicating with the user terminal 170 through the data network to check the service information for providing the service 210).

Meanwhile, when the service information for providing the service is confirmed, the service server 175 confirms whether to perform the authentication using the disposable message according to the present invention for providing the service using the confirmed service information (215). If the service using the disposable message is not required for providing the service, the service server 175 performs a procedure for providing the service using the service information to the user terminal 170 through the data network 220 ), The user terminal 170 performs a procedure for receiving a service via the data network from the service server 175 through the web / application screen (225).

Meanwhile, when authentication using the disposable message is to be performed for providing the service, the service server 175 configures the authentication request information including the service information and provides the authentication request information to the designated operation server 100 (230) The operation server 100 receives the authentication request information from the service server 175, and determines whether authentication for the service provision is requested (235).

Upon confirmation of the authentication request for providing the service of the service server 175, the operation server 100 transmits a message to the user mobile phone 180 based on the message transmission selection, to the originating number of the reverse message to be transmitted in the reverse direction through the authentication channel The mobile phone number of the user to be used is confirmed (240).

According to the first mobile phone number confirmation embodiment of the present invention, the service server 175 receives the mobile phone number from the user through the user terminal 170 or registers it in the DB of the service server 175 And the operation server 100 may receive the mobile phone number of the user from the service server 175 in operation 240.

According to the second mobile phone number identification method of the present invention, the operation server 100 may operate in cooperation with the user terminal 170 used by the user through the data network (for example, the authentication request information received from the service server 175 The user terminal 170 may receive and receive a mobile phone number of the user from the user terminal 170 (operation 240).

According to the third embodiment of the present invention, the service server 175 and the operation server 100 share the user information, and the operation server 100 receives the identifier (E.g., user identification information included in the authentication request information received from the service server 175), the mobile phone number of the user can be confirmed 240 by referring to the designated DB on the operation server 100 side.

Meanwhile, at the time of confirming the authentication request for providing the service of the service server 175, the operating server 100 confirms the authentication code dynamically generated for providing the service (245).

According to the first authentication code checking embodiment of the present invention, the service server 175 may generate a random number authentication code dynamically using a random number generation algorithm, or may include a dynamic seed including a time value or a random number value One or more seeds can be applied to the specified hash algorithm to dynamically generate disposable authorization codes or any combination from arbitrary numbers and / or characters and / or combinations of symbols stored in the database can be selected for dynamic use with disposable authentication codes And may provide the authentication code dynamically generated (or determined) as described above to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100), and the operation The server 100 may receive the authentication code from the service server 175 (245).

According to the second authentication code checking embodiment of the present invention, the operation server 100 may generate a random number authentication code dynamically using a random number generation algorithm, or may include a dynamic seed including a time value or a random number value One or more seeds can be applied to the specified hash algorithm to dynamically generate disposable authorization codes or any combination from arbitrary numbers and / or characters and / or combinations of symbols stored in the database can be selected for dynamic use with disposable authentication codes (245).

On the other hand, upon confirming the authentication request for providing the service of the service server 175, the operation server 100 transmits the reverse message to the reverse direction to be forwarded through the authentication channel including the designated telephone network based on the message sending selection from the user mobile phone 180 A dynamically determined disposable telephone number is identified (250) to induce use as a disposable destination number of the message.

According to the first disposable telephone number identification method of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for transmitting and receiving messages via a telephone network And a program code executed in the DB 100 and / or the operation server 100). In this case, the operation server 100 selects one n (1? N? N) telephone numbers that are not duplicated among the N telephone numbers managed by the number management module, (250).

According to the second disposable telephone number identification embodiment of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for sending and receiving messages via a telephone network And a program code executed by the operation server 100. When the mobile phone number of the user is confirmed through the operation server 100, the operation server 100 ) Confirms the mapping history information of the identified mobile phone number, and determines whether or not any of the N phone numbers managed by the number management module is not duplicated and the n < th > (1 < / = N < / = N), and confirms the phone number as a disposable telephone number to be used as a destination number of an uplink message including the mobile phone number as a calling number (250).

According to the third disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., a program code executed in the operating server 100) capable of generating? 2? Number of telephone numbers. In this case, the operation server 100 generates a non-overlapping n (n) number of N (N > = 2) telephone numbers generated by combining the non- 1 < / = N < / = N), and can identify the phone number as a disposable telephone number to be used as a destination number of the reverse message.

According to the fourth disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., a program code executed in the operating server 100) capable of generating a phone number of > = 2). When the mobile phone number of the user is confirmed through the operating server 100, The operation server 100 confirms the mapping history information of the identified mobile phone number, and selects a combination of N (N > = 2) phone numbers that can be generated through the number management module, (1 ≤ n ≤ N) phone numbers which are generated so as not to overlap with each other and have no history mapped to the mobile phone number based on the mapping history information, It can be found in one-time telephone number be used for daepon number to a call number of an uplink message containing a calling number (250).

According to an embodiment of the fifth disposable telephone number verification method of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, and N telephone numbers managed by the number management module (1 < / = N < / = N) telephone numbers that are not duplicated in the number of the service server (175) And receives the telephone number and confirms it as a disposable telephone number to be used as a destination number of the reverse message (250).

According to the sixth disposable telephone number confirmation embodiment of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, (N < = 1 < / = n) which is not duplicated among the N telephone numbers managed by the number management module and has no history mapped to the mobile phone number based on the mapping history information. (e.g., provided in the authentication request information provided to the operation server 100) to the operation server 100, and the operation server 100 may select the phone number from the service server 100, And receives the n-th phone number from the mobile phone 175 and confirms it as a one-time phone number to be used as a destination number of an uplink message including the mobile phone number as a calling number (250).

According to the seventh disposable telephone number identification method of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (N > = 2) telephone numbers that can be generated by the number management module, wherein the number of N (N > = 2) telephone numbers (1 < n < N) telephone numbers, which are not included in the telephone number list, from the service server 175 to the operation server 100, (250) by using the disposable telephone number to be used as the called number of the reverse message.

According to the eighth disposable telephone number identification example of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N ? 2) number, and when the mobile phone number of the user is confirmed, the mobile terminal confirms the mapping history information of the mobile phone number and confirms N (N?) That can be generated through the number management module. (1? N? N), which is generated so as not to be duplicated by combining digits of a number of digits specified in the designated station number among the 2) telephone numbers, and which has no history mapped with the mobile number based on the mapping history information, ) To the operation server 100, and the operation server 100 receives the n-th telephone number from the service server 175 The mobile phone number can be confirmed as a disposable telephone number to be used as a destination number of an uplink message including the mobile phone number as a calling number (250).

According to the method of the present invention, the disposable telephone number identified through at least one of the first to eighth disposable telephone number identification examples is not duplicated and is not used as a disposable telephone number for a predetermined period or more Phone number, unused phone number after designated initialization, unused phone number, unused phone number that has been used more than once as one-time phone number, unused phone number for more than one period, And may include at least one telephone number out of the telephone numbers.

The mobile phone number of the user is confirmed and a dynamically generated authentication code for providing the service is confirmed and received from the user's mobile phone 180 via the telephone network on the basis of the message sending selection of the user mobile phone 180 When the disposable telephone number to be used as the destination number of the reverse message is identified, the operation server 100 maps the mobile phone number of the user, the generated authentication code, and the disposable telephone number to a designated medium (e.g., Area, etc.) for the validity time specified (255).

After the mobile phone number of the user is mapped to the authentication code and the disposable telephone number in the designated storage medium, the operation server 100 maintains the mapping relationship between the mobile phone number held in the designated medium, the authentication code, and the disposable telephone number (260). ≪ / RTI > If the expiration time for maintaining the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number has elapsed, the operation server 100 determines a mapping relationship between the mobile phone number held in the designated storage medium, the authentication code and the disposable telephone number (265).

FIG. 3 is a diagram illustrating a process of outputting an authentication code and a disposable telephone number via a data network according to an embodiment of the present invention.

In detail, FIG. 3 is a diagram illustrating an example in which a user's mobile phone number, an authentication code, and a disposable telephone number are mapped and then displayed on a Web / App screen of the user terminal 170 via a separate data network, And outputting the disposable telephone number. As a person skilled in the art, referring to and / or modifying FIG. 3, the process of outputting the security code and the disposable telephone number It is to be understood that the invention may be practiced otherwise than as specifically described herein, but it is to be understood that the invention may be practiced otherwise than as specifically described herein, Its technical characteristics are not limited.

Referring to FIG. 3, when the mobile phone number of the user, the authentication code, and the disposable telephone number are mapped to the designated medium through the process of FIG. 2, the operation server 100 searches the Web of the user terminal 170 / App screen (300), and outputs a security code including the authentication code and the disposable telephone number through a web / application screen of the user terminal (170) via a separate data network separated from the telephone network (305), guides authentication code among the security codes output through the Web / App screen of the user terminal (170) according to the execution method, inputs the authentication code into the message body area of the reverse message and returns it, and / Or guide information for inputting the disposable telephone number output through the Web / App screen of the user terminal 170 into the call recipient number field of the reverse message, / Treated so as to output through the app screen 305. The

The user terminal 170 receives the security code including the authentication code and the disposable telephone number via the data network and outputs the security code and the disposable telephone number through the web / application screen (310) Information is received and output through the web / app screen (310).

4 is a diagram illustrating a process of authenticating the validity of a service provided through a data network using a disposable reverse message received via a telephone network according to an embodiment of the present invention.

In more detail, FIG. 4 shows a case where a security code is outputted through a web / application screen of a user terminal 170, and then the mobile phone number of the user is included as a calling number based on a message sending selection of the user mobile phone 180 The disposable telephone number output from the web / application screen of the user terminal 170 is received by the user and included in the called number area. The security code output from the web / A message authentication procedure is performed to authenticate whether the reverse message including the authentication code inputted in the message body area is validly received via the telephone network, and if the reverse message is validly received, the originating number of the reverse message is confirmed, An outgoing authentication procedure for authenticating whether the disposable telephone number corresponding to the called number of the reverse message matches the mapped mobile number, A code authentication procedure is performed to authenticate whether an authentication code included in a message body area of a base station message is matched with an authentication code mapped to the mobile phone number. In the description of the related art, It is possible to refer to and / or modify the FIG. 4 to various implementations of the process (e.g., omitting some steps or changing the order) And the technical features thereof are not limited only by the method shown in FIG.

Referring to FIG. 4, when the security code is outputted through the Web / App screen of the user terminal 170 through the process of FIG. 3, the user can input the guidance information output from the web / Selects a designated authentication code among the security codes output on the web / application screen of the user terminal 170 according to the guidance information output on the web / application screen of the user terminal 170 And inputs the disposable telephone number output to the web / application screen of the user terminal 170 in the called party number field, and the cellular phone 180 transmits the disposable telephone number to the message body area for sending the message And receives the disposable telephone number in the destination number area (405).

The authentication code selected from the security code output on the web / application screen of the user terminal 170 is input to the message body area and the disposable telephone number output on the web / The mobile phone 180 includes the mobile phone number of the user as a calling number and receives a disposable telephone number output from the web / application screen of the user terminal 170 by the user, (410) the reverse message including the authentication code input by the user among the security codes output through the web / application screen of the user terminal (170) via the designated mobile phone network in the message body area, The operating server 100 may include the disposable telephone number in the called party number area on the basis of the message sending selection, The message is received via one or more telephone networks (415).

If the user's mobile phone 180 receives the reverse dis- tributed forwarding message including the disposable telephone number in the called party number area via one or more telephone networks, the operating server 100 inserts the disposable telephone number into the called number area And performs a message authentication procedure to authenticate the validity of the reverse received reverse-direction message (420).

According to the first message authentication embodiment of the present invention, the operation server 100 reads out the number system of the origination number of the received reverse message, and confirms whether the number system corresponds to the mobile phone number. According to the embodiment of the present invention, since the reverse message is a message transmitted from the user's mobile phone 180, the calling number of the reverse message must be the mobile phone number of the user. However, a message (for example, SMS or the like) via the telephone network can not only be sent to the mobile phone 180, but can also be a wired telephone connected to a wired telephone network, an Internet telephone or a VoIP phone based on the Internet network, You can also send a message via the phone network through the designated gateway. The operation server 100 checks whether the number system of the origination number of the reverse message is a number system of the mobile phone number, and if the origination number of the reverse message is confirmed as the number system of the mobile number, (420) with a valid message available for the procedure.

According to the second message authentication embodiment of the present invention, the operation server 100 confirms the disposable telephone number corresponding to the called number of the received reverse message, and transmits the disposable telephone number and the mobile phone number It is checked whether the effective time for maintaining the mapping state has elapsed or has elapsed. According to the embodiment of the present invention, the operation server 100 can read the effective time counted and mapped with the disposable telephone number that received the reverse message, and confirm whether the valid time is before or after the effective time has elapsed. If the expiration time is before the expiration time, the operation server 100 may authenticate the uplink message with a valid message available for the authentication procedure (420).

According to the third message authentication embodiment of the present invention, when the operation server 100 sends a message via the telephone network in the data network, i (i > = 1) inserts that are automatically inserted into the message body area of the message You can keep your code. Preferably, when the i inserted codes are transmitted from a server on a data network, not a terminal on the telephone network (for example, the mobile phone 180 subscribed to the mobile telephone network) via the telephone network, Code that is set to be automatically inserted into the message body area of a message to be sent. For example, the code may include one or more codes of '[', 'Web', 'web', 'WEB', 'web', ' . Meanwhile, when the disposable reverse message including the mobile number as the origination number and the disposable telephone number in the destination number area is received, the operation server 100 transmits the code included in the message body area of the received reverse message And checks whether or not at least one of the i inserted codes is included. If the mobile terminal does not include at least one embedded code in the message body area of the reverse message, the operation server 100 determines that the reverse message is not transmitted via the telephone network on the data network, The mobile phone 180 subscribed to the telephone network, or the like) to authenticate the reverse message with a valid message available for the authentication procedure (420).

According to the fourth message authentication embodiment of the present invention, the operation server 100 inputs (inputs) the message body area of the reverse message through the key input means (for example, a key button, a touch screen, etc.) It is possible to keep j (j ≥ 1) exception codes that are not used as authentication codes among the possible codes. For example, when the authentication code is composed of only digits including '1' to '9' and '0', the operating server 100 transmits '1' J " including codes such as all the characters except for the numbers including '0' to '9' and '0' (including spaces such as 'space bar') and the like. Meanwhile, when the authentication code includes numbers and alphabets including '1' to '9' and '0', the operating server 100 transmits a code that can be input through key input means of the mobile phone 180 You can keep j exception codes that contain codes such as all letters and symbols except numbers and alphabets. Meanwhile, when the authentication code includes digits including '1' to '9' and '0' and Hangul words, the operating server 100 transmits a code that can be inputted through key input means of the mobile phone 180 You can keep j exception codes containing codes such as all characters and symbols except numbers and Hangul characters. Meanwhile, when the disposable reverse message including the mobile number as the origination number and the disposable telephone number in the destination number area is received, the operation server 100 transmits the code included in the message body area of the received reverse message To check whether it contains at least one exception code among j exception codes. If the at least one exception code is not included in the message body area of the uplink message, the operation server 100 determines that the input error (420) as an authenticable code that has been normally input without authenticating the reverse message.

According to the fifth message authentication embodiment of the present invention, the operation server 100 authenticates the reverse message through at least part of at least two embodiments of the first to fourth message authentication embodiments (420) with the valid message available for the procedure, and the invention is not limited thereby.

If the validity of the uplink message is not authenticated, the operation server 100 generates error information of the message authentication procedure (step 425), and transmits the error information to the user terminal 170 via the data / (430). The user terminal (170) receives the error information of the message authentication procedure through the data network and outputs the error information through the web / application screen (435). Meanwhile, the operation server 100 may discard the erroneous reverse message (step 440).

On the other hand, if the validity of the uplink message is not authenticated, the operation server 100 checks the origination number of the uplink message, and transmits the uplink message to the called party (Step 445). After confirming the disposable telephone number and the mapped mobile phone number, the originating authentication process is performed to authenticate whether the origination number of the reverse message matches the mobile phone number confirmed through the designated medium.

If the origination number of the reverse message does not match the mobile number identified through the designated medium, the operation server 100 generates error information of the origination authentication procedure (425), and transmits the error information to the user terminal (430) the error information of the origination authentication procedure through the web / application screen of the user terminal (170), and the user terminal (170) receives the error information of the origination authentication procedure through the data network, And outputs it through the screen (435). Meanwhile, the operation server 100 may discard the erroneous reverse message (step 440).

If the source number of the reverse message is matched with the mobile phone number confirmed through the designated medium, the operation server 100 checks the authentication code included in the message body area of the reverse message, After confirming the authentication code mapped with the mobile phone number corresponding to the calling number of the reverse message and / or mapped with the disposable telephone number corresponding to the called number of the reverse message through a designated medium for maintaining the information, (450) a code authentication procedure for authenticating whether an authentication code included in the message body area matches an authentication code identified through the designated medium.

If the authentication code included in the message body area of the uplink message does not match the authentication code mapped to the mobile phone number, the operation server 100 generates error information of the code authentication procedure (step 425) (430) the error information of the code authentication procedure through the web / application screen of the user terminal (170) via the network (170), and the user terminal (170) And outputs it via the web / app screen (435). Meanwhile, the operation server 100 may discard the erroneous reverse message (step 440).

If the authentication code included in the message body area of the reverse message is matched with the authentication code mapped to the mobile phone number, the operation server 100 searches the service server 175 based on the results of the origination authentication and the code authentication, And provides the authentication result to the service server 175 or the user terminal 170 in step 455. The user terminal 170 generates a disposable message based on the service of the service server 175 (460), and the service server (175) provides the designated service through the web / application screen of the user terminal (170) via the data network based on the authentication result based on the disposable message can do.

100: Operation server 105: Authentication request confirmation part
110: mobile phone number confirmation unit 115: authentication code verification unit
120: disposable number confirmation unit 125: mapping maintenance unit
130: Information output unit 135: Message receiving unit
140: message authentication unit 145: origin authentication unit
150: code authentication unit 155: result processing unit
170: user terminal 175: service server
180: Mobile phone

Claims (19)

And is executed through an operation server that can interoperate with a service server providing a designated service to a user and exchange messages via a user's cellular phone and a telephone network and interworking with a user terminal used by a user through a separate data network separated from the telephone network In the method,
And a control unit for confirming a mobile phone number of a user at the time of authentication for providing a service of the service server, confirming a dynamically generated authentication code for providing the service, storing the mobile phone number of the user as a calling number, Performing a procedure for identifying a dynamically determined disposable telephone number to be used as a destination number of a disposable reverse message to be received in the reverse direction;
A second step of mapping the mobile phone number of the user, the generated authentication code, and the disposable telephone number to maintain the mobile phone number for a specified valid time;
A third step of outputting a security code including the authentication code and the disposable telephone number through a web / app screen of the user terminal via a separate data network separated from the telephone network;
The mobile phone number of the user is included as a calling number on the basis of the message sending selection of the user mobile phone, the disposable telephone number outputted through the web / application screen of the user terminal is input by the user and included in the called number area, A fourth step of performing a message authentication procedure for authenticating whether the reverse message including the authentication code inputted by the user in the message body area is validly received via the telephone network among the security codes outputted through the web /
A source authentication procedure for verifying the originating number of the uplink message and authenticating whether the one-time phone number corresponding to the called number of the uplink message matches a mapped mobile number, when the uplink message is validly received, A fifth step of verifying the authentication code included in the mobile phone number and performing a code authentication procedure for authenticating whether the mobile phone number matches the authentication code mapped to the mobile phone number; And
And generating an authentication result for providing a service of the service server based on a result of the origination authentication and the code authentication, and providing the authentication result to the service server or the user terminal.
2. The method according to claim 1,
N number (1? N? N) telephone numbers which are not duplicated among the N telephone numbers from a number management module for managing N (N? 2) telephone numbers to be used as a destination number of the reverse message The method comprising the steps of: receiving a first message from a first user;
2. The method according to claim 1,
(N ≥ 2) telephone numbers that can be generated by combining the dynamic number of the designated number with the designated telephone number system in the designated station number managed by the number management module, (1 < / = N < / = N) telephone number to be used as a destination number of the uplink message.
2. The method according to claim 1,
When the mobile phone number of the user is confirmed,
N (1? N? N) telephone numbers that are not duplicated among the N telephone numbers from the number management module managing N (N? 2) telephone numbers and have no history mapped with the mobile number, Using a disposable telephone number to be used as a destination number of an uplink message including an originating number.
2. The method according to claim 1,
When the mobile phone number of the user is confirmed,
(N ≥ 2) telephone numbers that can be generated by combining the dynamic number of the number of digits specified in the designated station number managed by the number management module with the designated telephone number system, and combine the non-duplicated numbers of digits specified in the designated station number (1 ≤ n ≤ N) phone number, which is generated and has no history mapped to the mobile phone number, as a one-time phone number to be used as a destination number of an uplink message including the mobile phone number as a calling number And transmitting the discovery reverse-direction message to the authentication server.
The method as claimed in any one of claims 2 to 5,
N phone numbers that are not used as disposable telephone numbers for a certain period of time or longer,
N number of telephone numbers that are not used as one-time telephone numbers after the designated initialization,
A telephone number of N telephone numbers that has not been reused for a certain period of time after being used as a one-time telephone number,
And a telephone number of at least one of telephone numbers that have not been reused for the longest period after being used as a disposable telephone number among the N telephone numbers.
2. The method according to claim 1,
Further comprising the step of storing and managing mapping history information on a mapping relationship between the mobile phone number and the disposable telephone number in a designated DB.
The method according to claim 1,
Wherein the second step further comprises counting a validity time for maintaining a mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number,
Confirming whether the validity period of maintaining the mapping relationship has elapsed; And
And deactivating the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number when the valid time has elapsed.
The method of claim 1,
Includes an authentication code to be entered into a message body area of the reverse message, or
And a combination of the authentication code and an arbitrary dummy code not input in the message body area of the reverse message.
2. The method according to claim 1,
Further comprising the step of processing the guidance information for guiding the user to input the authentication code output through the web / application screen of the user terminal into the message body area of the reverse message and return the guidance information through the web / application screen of the user terminal And transmitting the discovery reverse-direction message.
2. The method of claim 1,
A message sent from a telephone network to which a user's mobile phone is subscribed, verifies whether the cell phone number actually assigned to the cell phone that sent the message matches the calling number included in the message, Wherein the disposable telephone number is received by the disposable telephone number corresponding to the called number included in the message through the communication company system when the cell number of the message matches the calling number of the message.
The method as claimed in claim 1,
Identifying a reverse message received at the designated disposable telephone number;
Reading the number system of the origination number of the reverse message and confirming whether the number system corresponds to the mobile phone number; And
And authenticating the uplink message as a valid message that can be used in the authentication procedure when the calling number of the uplink message is a number system of the mobile phone number.
The method as claimed in claim 1,
Identifying a reverse message received at the designated disposable telephone number; And
Confirming whether the valid time for maintaining the mapping state between the disposable telephone number and the mobile phone number that has received the reverse message has elapsed; And
And authenticating the uplink message as a valid message that can be used in the authentication procedure if the valid time is before the elapse of the valid time.
The method according to claim 1,
Further comprising the step of maintaining i (i > = 1) embedded codes set to be automatically inserted into the message body area of the message when the message is transmitted from the data network via the telephone network,
In the fourth step,
Analyzing a code included in the message body area of the reverse message received at the disposable telephone number to confirm whether the inserted code includes at least one of the i inserted codes; And
And if the at least one embedded code is not included in the message body region of the uplink message, authenticating the uplink message as a valid message usable in the authentication procedure.
The method according to claim 1,
(J > = 1) exception codes that are not used as authentication codes among codes that can be input in the message body area of the reverse message in the user's cellular phone,
In the fourth step,
Analyzing a code included in the message body area of the reverse message received by the disposable telephone number and confirming whether it includes at least one exception code among j exception codes; And
And checking that the reverse message is validly received if the message body area of the reverse message does not include at least one exception code.
16. The method of claim 15,
And outputting error information for a message body area of the uplink message through a Web / App screen of the user terminal when the at least one exception code is included in the message body area of the uplink message. The authentication method using the disposable reverse message.
The method as claimed in claim 1,
And outputting the generated error information through the Web / App screen of the user terminal when an error occurs in the origination authentication or the code authentication.
A computer-readable recording medium storing a program for executing the method of claim 1.
A system capable of exchanging messages via a mobile phone and a telephone network of a user and interworking with a user terminal used by a user through a separate data network separated from the telephone network,
A mobile phone number confirmation unit for confirming the mobile phone number of the user;
An authentication code confirmation unit for confirming a dynamically generated authentication code for service provision;
A disposable number identifying unit for identifying a dynamically determined disposable telephone number to be used as a called number of a disposable reverse message to be received in a reverse direction once through the telephone network including the mobile phone number of the user as a calling number;
A mapping unit configured to map the mobile phone number of the user, the generated authentication code, and the disposable telephone number to maintain the disposable telephone number for a designated valid time;
An information output unit for outputting a security code including the authentication code and the disposable telephone number through a web / app screen of the user terminal via a separate data network separated from the telephone network;
The mobile phone number of the user is included as a calling number on the basis of the message sending selection of the user mobile phone, the disposable telephone number outputted through the web / application screen of the user terminal is input by the user and included in the called number area, A message receiving unit for receiving, via a telephone network, a reverse message including an authentication code input by a user among security codes output through a web /
A message authentication unit for authenticating the validity of the reverse message received via the telephone network;
An originating authentication unit for verifying the origination number of the reverse message when the reverse message is received and authenticating whether the disposable telephone number corresponding to the called number of the reverse message is matched with the mapped mobile number;
A code authentication unit for verifying an authentication code included in the message body area of the reverse message and verifying whether the authentication code matches the authentication code mapped to the mobile phone number; And
And a result processor for generating and providing an authentication result for providing the service based on the results of the origination authentication and the code authentication.

Images