KR20180109035A - Method and System for Providing Certification by using Disposable Reverse Direction Message, and Record Medium - Google Patents

Abstract

The present invention relates to an authentication method using a one-time reverse message, capable of processing authentication for providing a service of a service server. The authentication method using a reverse reply message comprises: a step of performing a procedure for checking a user′s mobile number and a one-time phone number; a step of mapping the user′s mobile number with the generated authentication code and the one-time phone number to maintain the same for a predetermined effective time; a step of performing a message authentication procedure; a step of performing a transmission authentication procedure and a code authentication procedure when the reverse message is validly received; and a step of generating an authentication result for providing a service of a service server based on transmission and code authentication results to provide the authentication result to the service server or the user′s wireless terminal.

Description

TECHNICAL FIELD The present invention relates to an authentication method and system using a disposable reverse message, and a recording medium for the authentication method and system using the disposable reverse message.

The present invention relates to a method and system for providing a discrete telephone number dynamically determined at an authentication time of a service provided through a web / application screen of a user wireless terminal via a data network and a dynamically generated authentication code for providing the service, A disposable telephone number input in a destination number area of a disposable reverse message that is once transmitted backward through a separate telephone network separated from the data network by selecting a message transmission from a user's wireless terminal after outputting through the application screen, And verifies the validity of the service provided to the user through the web / application screen of the wireless terminal via the data network separated from the telephone network by using the authentication code input in the area.

There is provided an SMS authentication for generating an authentication number in a server on the Internet, sending an SMS including the authentication number to a user's wireless terminal, and receiving and authenticating the authentication number through a terminal of a user connected to the Internet. However, since the conventional SMS authentication includes the authentication number in the SMS and is forwarded (= forward) to the user's wireless terminal, the SMS authentication can be easily taken by intercepting characters, Since the authentication is performed by inputting a key on the terminal, it includes various problems that can be authenticated by inputting a key through a terminal of a third party rather than a terminal used by an actual user. Accordingly, the Financial Supervisory Service (FSS) recommends the use of the conventional SMS authentication for the additional authentication such as financial transactions, and some banks (for example, NH bank, etc.) have already stopped the conventional SMS authentication service.

Meanwhile, in addition to the SMS authentication for authenticating and forwarding the SMS including the authentication number, the ARS authentication is provided to input and receive the authentication number by dialing the ARS-based phone with the user's telephone. However, such conventional ARS authentication also poses problems such as incoming call control, voice interception, inaccessibility of hearing-impaired persons, restriction of overseas use, and generation of two to three times higher costs than SMS authentication, but there are other alternatives It is a temporary use until now.

As a result, an additional low-cost and safe authentication method is required while eliminating the problems of conventional SMS authentication and ARS authentication. However, the proposed method has technically difficult problems to solve the above-mentioned problems.

An object of the present invention to overcome the above problems is to provide a service providing server that generates a predetermined authentication code when requesting authentication for providing a service from a service server that provides a service designated by a user to a wireless terminal through a data network, Determining a disposable telephone number to be used as a destination number of an uplink message to be received in a reverse direction through the telephone network from a user's wireless terminal via a separate telephone network separated from the data network, After the disposable telephone number is mapped and stored, a security code including the authentication code and the disposable telephone number are output through a web / app screen of the wireless terminal via a separate data network separated from the telephone network Based on the message sending selection from the user's wireless terminal, Receiving a disposable reverse message including the authentication code entered in the message body area and including the disposable telephone number in the called number area, recognizing the web / application screen of the wireless terminal, and transmitting the received reverse- Wherein the authentication code included in the message body area of the reverse message is a code corresponding to the security code output through the web / app screen of the wireless terminal, And an authentication method for providing a service of the service server, and an authentication method and system using the disposable reverse message and a recording medium therefor.

The authentication method using the disposable reverse message according to the present invention is a method of interworking with a service server providing a service designated by a user and exchanging messages with a user's wireless terminal via a telephone network, A method for executing a service through an operation server capable of interworking through a separate data network, the method comprising the steps of: confirming a mobile phone number of a user at the time of authentication for providing a service of the service server and confirming a dynamically generated authentication code And performing a procedure for identifying a dynamically determined disposable telephone number to be used as a called number of a disposable reverse message to be received in a reverse direction once through the telephone network including the mobile telephone number of the user as a calling number, A step of generating the user's mobile phone number, A second step of mapping the increase code and the disposable telephone number for a designated valid period of time and a second step of maintaining a security code including the authentication code on the web / And a third step of outputting the disposable telephone number, and a third step of transmitting the disposable telephone number, which is output through the web / app screen of the wireless terminal, Received from the user and included in the called party number area and includes an authentication code input by the user among the security codes output through the web / application screen of the wireless terminal in the message body area via the telephone network A fourth step of performing a message authentication procedure for authenticating whether or not to receive the reverse message, An originating authentication procedure for confirming a calling number of the uplink message and authenticating whether a disposable telephone number corresponding to a called number of the uplink message matches a mapped mobile number and an authentication code included in a message body area of the uplink message A fifth step of performing a code authentication procedure for authenticating whether the mobile phone number matches the mobile phone number and the authentication code mapped to the mobile phone number, and generating an authentication result for providing a service of the service server based on the result of the outgoing authentication and the code authentication, To a server of the user or a wireless terminal of the user.

The authentication method using the disposable reverse message according to the present invention is characterized in that the first step is a step of authenticating the N number of telephone numbers from the number management module managing N (N? 2) 1 ≤ n ≤ N) as a disposable telephone number to be used as a destination number of the reverse message.

The authentication method using the disposable reverse message according to the present invention is characterized in that the first step includes the steps of generating N (N > / = 2), which can be generated by combining a dynamic number of digits designated by a designated station number managed by the number management module, (1 ≤ n ≤ N) telephone numbers, which are generated by combining non-overlapping numbers of digits designated by the designated station number among the telephone numbers of the reverse telephone number, as one-time telephone numbers to be used as destination numbers of the reverse message The method comprising the steps of:

In the authentication method using the disposable reverse message according to the present invention, in the first step, when the mobile phone number of the user is confirmed, the number of the N phone numbers from the number management module managing N (N? 2) (1 ≤ n ≤ N) telephone number that is not duplicated and has no history mapped with the mobile number is identified as a one-time telephone number to be used as a destination number of an uplink message including the mobile number And a control unit.

In the authentication method using the disposable reverse message according to the present invention, in the first step, when the mobile phone number of the user is confirmed, a dynamic number of digits designated by a designated station number managed by the number management module is combined (1? N? N), which is generated so as not to overlap with a number of digits specified by a designated station number among N (N? 2) And confirming the telephone number as a disposable telephone number to be used as a destination number of an uplink message including the mobile phone number as a calling number.

The authentication method using the disposable reverse message according to the present invention is characterized in that the n-th telephone number is a telephone number that is not used as a disposable telephone number for a predetermined period of time out of N telephone numbers, A telephone number that has not been reused for a certain period of time after being used as a one-time telephone number among N telephone numbers, or a telephone number of N telephone numbers that have not been reused for the longest period after being used as a one- And at least one telephone number.

In the authentication method using the disposable reverse message according to the present invention, the second step may further include storing mapping history information on a mapping relationship between the mobile phone number and the disposable telephone number in a designated DB and managing the mapping history information .

In the authentication method using the disposable reverse message according to the present invention, the second step may further include starting counting an effective time for maintaining a mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number, Determining whether an effective time for maintaining the relationship has elapsed; and deactivating the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number when the valid time has elapsed.

In the authentication method using the disposable reverse message according to the present invention, the security code may include an authentication code to be input in a message body area of the reverse message, or may be input into the message body area of the reverse message And a combination of arbitrary dummy codes.

In the authentication method using the disposable reverse message according to the present invention, the third step is a step of guiding the authentication code output through the Web / App screen of the wireless terminal into the message body area of the reverse message and returning it And outputting the information through the web / application screen of the wireless terminal.

The authentication method using the disposable reverse message according to the present invention is characterized in that the reverse message is a message transmitted through a telephone network to which a user's wireless terminal is subscribed, The mobile terminal verifies whether the mobile number actually assigned to the mobile station matches the origination number included in the message and if the mobile number of the mobile station matches the origination number of the message, And is received by the corresponding disposable telephone number.

In the authentication method using the disposable reverse message according to the present invention, the fourth step may include: checking a reverse message received at the designated disposable telephone number, reading the number system of the origination number of the reverse message, And verifying that the reverse message is a valid message that can be used in the authentication procedure when the calling number of the reverse message is the number system of the mobile phone number.

In the authentication method using the disposable reverse message according to the present invention, the fourth step may include: checking a reverse message received at the specified disposable telephone number, and determining a mapping state between the disposable telephone number and the mobile phone number, And verifying that the reverse message is valid as an available message in the authentication procedure before the effective time has elapsed.

The authentication method using a disposable reverse message according to the present invention comprises the steps of: maintaining i (i > = 1) inserted codes set to be automatically inserted into a message body area of a message when a message is transmitted from a data network via a telephone network Analyzing the code included in the message body area of the reverse message received by the disposable telephone number to confirm whether the code includes at least one of the i inserted codes, And authenticating the reverse message as a valid message that can be used in the authentication procedure if the at least one insertion code is not included in the message body area of the message.

In the authentication method using the disposable reverse message according to the present invention, the user's wireless terminal maintains j (j > = 1) exception codes that are not used as authentication codes among codes that can be input in the message body area of the reverse message Analyzing the code included in the message body area of the reverse message received by the disposable telephone number to determine whether the message includes at least one exception code among j exception codes; If the at least one exception code is not included in the message body area of the uplink message, confirming that the uplink message is effectively received.

In the authentication method using the disposable reverse message according to the present invention, when at least one exception code is included in the message body area of the reverse message, And outputting the information.

In the authentication method using the disposable reverse message according to the present invention, the fifth step may include the step of outputting the generated error information through the Web / App screen of the mobile terminal when the error of the origin authentication or the code authentication occurs And further comprising:

The recording medium using the disposable reverse message according to the present invention is characterized in that a program for executing the method of the first aspect is recorded.

The present invention provides a system capable of exchanging messages with a wireless terminal of a user via a telephone network and interworking through a separate data network separated from the user's wireless terminal and the telephone network, A mobile phone number confirmation unit for confirming a mobile phone number of a user and an authentication code confirmation unit for confirming a dynamically generated authentication code for providing a service and a disposable mobile phone including a mobile phone number of the user as a calling number, A disposable number identification unit for identifying a dynamically determined disposable telephone number to be used as a destination number of the reverse message of the reverse message, and a controller for mapping the user's mobile phone number, the generated authentication code and the disposable telephone number, And a telephone network An information output unit which processes the security code including the authentication code and the disposable telephone number through a web / app screen of the wireless terminal via a separate data network, A disposable telephone number output from the web / app screen of the wireless terminal is included in the called number area by the user and includes the mobile number of the user as a calling number, A message authentication unit for authenticating the validity of the received reverse-direction message via the telephone network; and a message authentication unit for authenticating the validity of the reverse-direction message received via the telephone network, The base station checks the originating number of the uplink message, The originating authentication unit authenticating whether the disposable telephone number corresponding to the called number of the message matches the mapped mobile number and the authentication code included in the message body area of the reverse message to match the authentication code mapped to the mobile number And a result processing unit for generating and providing an authentication result for providing the service based on a result of the origination authentication and the code authentication.

According to the present invention, the disposable telephone number dynamically determined at the authentication time of the service provided through the web / application screen of the user wireless terminal via the data network and the dynamically generated authentication code for providing the service are transmitted to the user wireless terminal A disposable telephone number input in a destination number area of a disposable reverse message that is once output in a reverse direction via a separate telephone network separated from the data network by selecting a message transmission from a user's wireless terminal after outputting through a web / There is an advantage that the validity of the service provided to the user via the web / app screen of the wireless terminal is securely and inexpensively authenticated via the data network separated from the telephone network by using the authentication code input in the message body area.

1 is a diagram illustrating a configuration of an authentication system using a disposable reverse message according to an embodiment of the present invention.
2 is a diagram illustrating an information confirmation and mapping process for a disposable message-based authentication procedure according to an embodiment of the present invention.
3 is a diagram illustrating a process of outputting an authentication code and a disposable telephone number via a data network according to an embodiment of the present invention.
4 is a diagram illustrating a process of authenticating the validity of a service provided through a data network using a disposable reverse message received via a telephone network according to an embodiment of the present invention.

The operation principle of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. It should be understood, however, that the drawings and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention, and are not to be construed as limiting the present invention.

In other words, the following embodiments correspond to the preferred embodiment of the preferred embodiment of the present invention. In the following embodiments, a specific configuration (or step) is omitted, or a specific configuration (or step) (Or steps), or an embodiment that incorporates functions implemented in more than one configuration (or step) into any one configuration (or step), a particular configuration (or step) It will be apparent that the present invention is not limited to the embodiments described below. Therefore, it should be clearly stated that various embodiments corresponding to subsets or combinations based on the following embodiments can be subdivided based on the filing date of the present invention.

In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. The terms used below are defined in consideration of the functions of the present invention, which may vary depending on the user, intention or custom of the operator. Therefore, the definition should be based on the contents throughout the present invention.

As a result, the technical idea of the present invention is determined by the claims, and the following embodiments are merely means for effectively explaining the technical idea of the present invention to a person having ordinary skill in the art to which the present invention belongs Only.

FIG. 1 is a diagram illustrating a configuration of an authentication system using a disposable reverse message according to an embodiment of the present invention.

In more detail, FIG. 1 illustrates a method of generating a predetermined authentication code when requesting authentication for a service from a service server 175 that provides a service designated by a user's wireless terminal 170 through a data network, A disposable telephone number to be used as a destination number of a reverse message to be received in a reverse direction once via the telephone network from a user's wireless terminal 170 via a separate telephone network separated from the network, Code and the disposable telephone number, and transmits the security code including the authentication code and the disposable telephone number through the web / application screen of the wireless terminal 170 via a separate data network separated from the telephone network, And outputs the message to the user based on the message sending selection from the user's wireless terminal 170. [ Receiving a disposable reverse message containing the authentication code entered in the message body area and including the disposable telephone number in the called party number area, recognizing the web / app screen of the speech 170, And the authentication code included in the message body area of the reverse message is transmitted from the wireless terminal 170 of the wireless terminal 170 via the web / 1 is a block diagram illustrating a configuration of a system for authenticating a code corresponding to a code and processing it as an authentication for providing a service of the service server 175. As a person skilled in the art, Reference and / or variations on the various embodiments of the authentication system (e.g., some of the components may be omitted, Would be able to infer, or combined method embodiment), the present invention is made, including any exemplary way in which the inference, to which the technical feature that is not limited to the exemplary method shown in the figure 1.

The system of the present invention comprises a wireless terminal 170 of a user capable of exchanging messages via at least one telephone network including a mobile telephone network of a mobile communication company, a user's wireless terminal 170 for receiving a designated service, A service server 175 for providing a service designated by the user's wireless terminal 170 through a data network via a separate data network separated from the service provider server 170 and a user's wireless terminal 170 via a telephone network, And an operation server 100 capable of interworking with the user's wireless terminal 170 through a separate data network separated from the telephone network.

The user's wireless terminal 170 is capable of transmitting and receiving messages via one or more telephone networks including a mobile telephone network of a mobile communication company (e.g., an exchange), and is capable of transmitting and receiving messages through a telephone network including a mobile telephone network A wireless data network (e.g., a data network that connects to the Internet via a separate packet-based router other than the mobile device's congregation, or a data network that connects to the Internet via LTE-based packet based communication) and / or WiFi A mobile phone, a tablet PC, etc., subscribed to a mobile communication company, which can be connected to the Internet through at least one data network among a wireless data network based on short-range wireless communication means such as Bluetooth One can be included.

According to the embodiment of the present invention, the user's wireless terminal 170 transmits a Short Message Service (SMS), an Enhanced Messaging Service (EMS), a Multimedia Message (MMS) message Service, and / or send at least one of SMS, EMS, MMS through the message center. Hereinafter, the present invention will be described with respect to an embodiment in which the message transmitted / received to / from the user's wireless terminal 170 via the telephone network is 'SMS'. However, in the present invention, the embodiment of the message is not limited to 'SMS', and the user's wireless terminal 170 may be connected to the user's wireless terminal 170 via one or more telephone networks including the mobile communication network of the mobile communication company It is evident that any message is included in the scope of the present invention if it is a message that can be transmitted and received.

The service server 175 is connected to a service provider 170 to provide a service designated by the user's wireless terminal 170 through a separate data network separate from the telephone network used for sending and receiving messages to the user's wireless terminal 170. [ Or a web based service using the wireless terminal 170 of the user or installing an application specified in the user's wireless terminal 170 and transmitting the application based service using the application Can be provided. For example, the service server 175 may include a wireless banking server used by a financial institution including a bank to provide a web-based wireless banking service to a user's wireless terminal 170. Alternatively, the service server 175 may include a home trading server used by a financial institution including a securities company to provide a home trading service through a home trading application installed in a user's wireless terminal 170.

According to an embodiment of the present invention, the user's wireless terminal 170 includes a browser for receiving a web-based service from the service server 175, or a browser for receiving an application-based service from the service server 175 You can install specific apps for

The operating server 100 is capable of exchanging messages with the user's wireless terminal 170 via one or more telephone networks and is capable of exchanging messages with the user's wireless terminal 170 through a separate data network separate from the telephone network As a general term for a server side configuration for performing an authentication procedure according to the present invention, the present invention is characterized in that the operating server 100 transmits a channel through which a message is exchanged with the user's wireless terminal 170 via one or more telephone networks, And the service server 175 may be connected to the wireless terminal 170 through the data network, or may be a channel that the operating server 100 interacts with the user's wireless terminal 170 through a separate data network separate from the telephone network, 170 is defined as a 'service channel'. In the present invention, the authentication channel including the telephone network and the service channel including the data network are physically and / or logically separated so as not to interfere with each other.

According to an embodiment of the present invention, an authentication channel including one or more telephone networks at the user's wireless terminal 170 in the direction opposite to the messaging direction received by the user's wireless terminal 170 via the authentication channel A message to be transmitted to the designated telephone number on the operation server 100 side is defined as an 'reverse message'.

Referring to FIG. 1, the operation server 100 includes an authentication request confirmation unit 105 for confirming an authentication request for providing a service of the service server 175, a mobile phone number confirmation unit (110), an authentication code checking unit (115) for checking the authentication code dynamically generated for providing the service, and a disposable reverse direction receiving unit A disposable number identification unit (120) for identifying a dynamically determined disposable telephone number to be used as a destination number of the message; a mapping unit (120) for mapping the mobile phone number of the user, the generated authentication code and the disposable telephone number, And a mapping holding unit 125 that holds the mapping information.

The service server 175 of the service providing organization requests authentication for providing the service while providing the web / application based service to the user's wireless terminal 170 through the service channel including the designated data network, Unit 105 receives authentication request information requesting authentication of the service using a message transmitted and received through an authentication channel including one or more telephone networks separated from the data network by the service server 175. [

According to an embodiment of the present invention, the authentication request information may include interworking information for interworking with a user's wireless terminal 170 through a service channel including a data network in the operation server 100, Service identification information for identifying a service to be provided to the user via the wireless terminal 170 of the user via the wireless terminal 170, user identification information for identifying the user, (E.g., financial transaction information in the case of a wireless banking service, securities transaction information in the case of a home trading service), information on a part of the service information, a mobile phone number of a user identified by the service server 175, An authentication code dynamically generated by the service server 175, and a disposable telephone number determined by the service server 175. [

On the other hand, upon confirming the authentication request for providing the service of the service server 175 through the authentication request confirmation unit 105, the mobile number identification unit 110 determines that the mobile terminal 170 And confirms the mobile phone number of the user to be used as the origination number of the reverse message to be transmitted backward through the authentication channel.

According to the first mobile phone number identification method of the present invention, the service server 175 receives the mobile phone number from the user through the wireless terminal 170 of the user, or receives the mobile phone number from the service server 175 side (For example, provided in the authentication request information provided to the operation server 100) to the operation server 100, and the mobile phone number check unit 110 may check the mobile phone number of the user And may receive the mobile phone number of the user from the service server 175.

According to the second mobile phone number identification method of the present invention, the mobile phone number identification unit 110 may be connected to the user's wireless terminal 170 through a data network (for example, an authentication request received from the service server 175) (In cooperation with the wireless terminal 170 of the user based on the interworking information included in the information), and receive and receive the user's mobile phone number from the wireless terminal 170 of the user.

According to the third embodiment of the present invention, the service server 175 and the operation server 100 share user information, and the mobile phone number identification unit 110 identifies the mobile phone number (E.g., user identification information included in the authentication request information received from the service server 175), and confirm the mobile phone number of the user by referring to the designated DB on the operation server 100 side.

Meanwhile, at the time of confirming the authentication request for providing the service of the service server 175 through the authentication request confirmation unit 105, the authentication code confirmation unit 115 checks the authentication code dynamically generated for providing the service .

According to the first authentication code checking embodiment of the present invention, the service server 175 may generate a random number authentication code dynamically using a random number generation algorithm, or may include a dynamic seed including a time value or a random number value One or more seeds can be applied to the specified hash algorithm to dynamically generate disposable authorization codes or any combination from arbitrary numbers and / or characters and / or combinations of symbols stored in the database can be selected for dynamic use with disposable authentication codes And may provide the authentication code dynamically generated (or determined) as described above to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100), and the authentication The code verification unit 115 may receive the authentication code from the service server 175. [

According to the second authentication code checking embodiment of the present invention, the authentication code checking unit 115 may dynamically generate a random number authentication code using a random number generating algorithm, or may generate a dynamic seed containing a time value or a random number One or more included seeds may be applied to a specified hash algorithm to dynamically generate a disposable authentication code or to select any combination from a DB that stores any number and / or a combination of letters and / or symbols to generate a disposable authentication code . ≪ / RTI >

On the other hand, upon confirming the authentication request for providing the service of the service server 175 through the authentication request confirmation unit 105, the disposable number identification unit 120 determines that the user's wireless terminal 170 To determine a disposable telephone number that is dynamically determined to be used as a disposable destination number of a reverse message to be forwarded back through an authentication channel including a designated telephone network.

According to the first disposable telephone number identification method of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for transmitting and receiving messages via a telephone network And a program code executed in the DB 100 and / or the operation server 100), and the disposable number identification unit 120 identifies the N number of telephone numbers managed by the number management module It is possible to select one n (1? N? N) telephone number and confirm it as a disposable telephone number to be used as a destination number of the reverse message.

According to the embodiment of the present invention, the disposable number identification unit 120 does not duplicate the mobile phone number and other phone numbers among the N phone numbers managed by the number management module, , Unused phone numbers after a specified initialization, unused phone numbers after a specified initialization, phone numbers that have been used more than once as one-time phone numbers and have not been reused for a certain period of time, An nth telephone number including a telephone number that satisfies at least one condition of at least one of the telephone numbers that have not been reused for a long period of time can be selected and confirmed as a disposable telephone number to be used as a destination number of the reverse message.

According to the second disposable telephone number identification embodiment of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for sending and receiving messages via a telephone network And a program code executed in the DB 100 and / or the operation server 100), and when the mobile phone number of the user is confirmed through the mobile phone number checking unit 110, (120) checks the mapping history information of the identified mobile phone number, selects one of N phone numbers managed by the number management module and does not duplicate and has no history mapped with the mobile phone number based on the mapping history information (1 ≤ n ≤ N), and confirm the disposable telephone number to be used as a destination number of an uplink message including the mobile phone number as a calling number.

According to the embodiment of the present invention, the disposable number identification unit 120 can identify the disposable number of the user, which is not duplicated with another phone number being mapped to another mobile phone number among the N phone numbers managed by the number management module, A telephone number that is not used as a disposable telephone number for a certain period of time or longer, a telephone number that is not used as a disposable telephone number after a designated initialization, a disposable telephone number that has not been reused for a certain period of time A telephone number, a telephone number that is more than once used as a disposable telephone number, and a telephone number that more satisfies at least one condition of a telephone number that has not been reused for the longest period of time, You can check with a one-time phone number to be used.

According to the third disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., program code executed in the operating server 100) capable of generating 22 number of telephone numbers, and the disposable number identifying unit 120 identifies N N (2? N? N) phone numbers generated by combining the number of digits of the number of digits specified in the designated station number out of the N? 2 phone numbers, which are not duplicated, and used as the destination number of the reverse message You will be able to identify with a disposable phone number.

According to the embodiment of the present invention, the disposable number identification unit 120 does not duplicate the mobile phone number and other phone numbers being mapped among N (N? 2) phone numbers that can be generated through the number management module, A phone number that is not used as a one-time phone number after a specified period of time, a phone number that is not used as a one-time phone number after a specified initialization, a phone number that has not been reused for more than a certain period of time after being used as one- Numbered telephone number including at least one telephone number of telephone numbers that have not been reused for the longest period after being used as a number and can be identified as a disposable telephone number to be used as a destination number of the reverse message.

According to the fourth disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., program code executed in the operating server 100) capable of generating 22 number of telephone numbers, and when the mobile phone number of the user is confirmed through the mobile phone number checking unit 110, The disposable number identification unit 120 checks the mapping history information of the identified mobile phone number and identifies the number N (N > = 2) of phone numbers that can be generated through the number management module, (1 ≤ n ≤ N) telephone numbers that are generated so as not to overlap with each other and have no history mapped to the mobile phone number based on the mapping history information W can confirm the phone number to a one-off phone number be used as a called number of the reverse message including the calling number.

According to the embodiment of the present invention, the disposable number identification unit 120 can identify the disposable number without being duplicated with other phone numbers being mapped to the mobile phone number among N (N? 2) phone numbers that can be generated through the number management module A phone number that is not used as a one-time phone number after a predetermined period, a phone number that is not used as a one-time phone number after a designated initialization, An nth telephone number including at least one telephone number of a telephone number that has not been reused for a predetermined period or more, a telephone number that has been used as a disposable telephone number at least once, and a telephone number that has not been reused for a longest period of time, You can check with a one-time phone number to be used.

According to an embodiment of the fifth disposable telephone number verification method of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, and N telephone numbers managed by the number management module (1? N? N) telephone numbers that are not duplicated among the numbers of the telephone numbers and provide them to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100) The disposable number identification unit 120 receives the n-th telephone number from the service server 175 and can identify the disposable telephone number to be used as the called number of the uplink message.

According to the embodiment of the present invention, the service server 175 does not duplicate the mobile phone number and other phone numbers being mapped among the N phone numbers managed by the number management module, and uses the same as the disposable phone number for a predetermined period or more Unused phone numbers, unused phone numbers after a specified initialization, unused phone numbers that have been used as one-time disposable phone numbers, unused phone numbers that have not been reused for a certain period of time, The disposable number identification unit 120 may select the nth telephone number including at least one telephone number among the telephone numbers that have not been reused during the service period and may provide the nth telephone number to the operation server 100, And receives the n-th telephone number and confirms it as a disposable telephone number to be used as a destination number of the reverse message.

According to the sixth disposable telephone number confirmation embodiment of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, (N < = 1 < / = n) which is not duplicated among the N telephone numbers managed by the number management module and has no history mapped to the mobile phone number based on the mapping history information. (e.g., provided in the authentication request information provided to the operation server 100) to the operation server 100, and the disposable number identification unit 120 may identify And receives the n-th phone number from the service server 175 and confirms the mobile phone number as a one-time phone number to be used as a destination number of an uplink message including the mobile phone number.

According to the embodiment of the present invention, the service server 175 may store the history mapped with the mobile phone number of the identified user without overlapping with the mobile phone number and other phone numbers being mapped among the N phone numbers managed by the number management module A telephone number that is not used as a disposable telephone number for a predetermined period or more, a telephone number that is not used as a disposable telephone number after a designated initialization, a telephone number that has been used for one or more disposable telephone numbers for a predetermined period or more, And may provide an n-th telephone number including at least one telephone number of telephone numbers that have not been reused for the longest period of time after being used as one-time telephone numbers to the operation server 100, The confirmation unit 120 receives the n-th telephone number from the service server 175 and transmits the reception number As a one-time phone number.

According to the seventh disposable telephone number identification example of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (N > = 2) telephone numbers that can be generated by the number management module, wherein the number of N (N > = 2) telephone numbers (1? N? N) telephone numbers which are not included in the authentication request information provided to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100) The disposable number confirmation unit 120 receives the n-th telephone number from the service server 175 and can confirm the disposable telephone number to be used as the called number of the uplink message.

According to the method of the present invention, the service server 175 does not overlap with the mobile phone number and other phone numbers being mapped among N (N? 2) phone numbers that can be generated through the number management module, Phone numbers that are not used as one-off phone numbers, unused phone numbers that have not been used as one-off phone numbers after a specified initialization, phone numbers that have not been reused for more than a certain period of time after being used as one-time phone numbers, And the n-th telephone number including at least one telephone number of the telephone numbers that have not been reused for the longest period after use may be selected and provided to the operating server 100, Receives the n-th telephone number from the service server 175 and confirms it as a one-time telephone number to be used as a destination number of the reverse message .

According to the eighth disposable telephone number identification example of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N ? 2) number, and when the mobile phone number of the user is confirmed, the mobile terminal confirms the mapping history information of the mobile phone number and confirms N (N?) That can be generated through the number management module. (1? N? N), which is generated so as not to be duplicated by combining digits of the number of digits specified in the designated station number among the 2) telephone numbers, and which has no history mapped with the mobile number based on the mapping history information, ) May be selected and provided to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100) The service number confirmation unit 120 may receive the n-th phone number from the service server 175 and confirm the service number as a disposable telephone number to be used as a destination number of an uplink message including the mobile phone number as a calling number.

According to an embodiment of the present invention, the service server 175 may receive the mobile phone number of the mobile phone number N (N > = 2) generated by the number management module, , A phone number that is not used as a disposable telephone number for a certain period of time or longer, a telephone number that is not used as a disposable telephone number after a designated initialization, or a disposable telephone number that is used more than once and is not reused for a certain period of time A first telephone number including at least one telephone number of a telephone number that has not been reused for a longest period of time after being used as a disposable telephone number at least once, and may provide the selected telephone number to the operation server 100 , The disposable number identifying unit 120 receives the n-th phone number from the service server 175 and transmits the reverse message You can see a disposable phone number that will be used arcs.

The mobile phone number of the user is confirmed through the mobile phone number confirmation unit 110 and the authentication code dynamically generated for providing the service is confirmed through the authentication code checking unit 115, If the disposable telephone number to be used as the destination number of the reverse message to be received in the reverse direction via the telephone network is confirmed from the user's wireless terminal 170 based on the message sending selection of the user wireless terminal 170, 125 stores the mobile phone number of the user, the generated authentication code, and the disposable telephone number in a predetermined medium (e.g., designated DB, memory area, or the like).

According to an embodiment of the present invention, the mapping holding unit 125 stores the mobile phone number, the authentication code, and the disposable telephone number of the user in a designated medium for a specified effective time, The mobile phone number, the authentication code, and the disposable telephone number are mapped and stored in the designated medium, and at the same time, the effective time for maintaining the mapping relationship between the mobile number, the authentication code, and the disposable telephone number is counted. It is preferable to maintain a state in which the mobile phone number, the authentication code, and the disposable telephone number are mapped to the medium. On the other hand, after the mobile phone number, the authentication code, and the disposable telephone number are mapped and stored in the designated medium, the mapping storage unit 125 confirms whether the effective time for maintaining the mapping relationship has elapsed. It is desirable to deactivate the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number.

According to an embodiment of the present invention, the mapping holding unit 125 maps the mobile phone number, the authentication code, and the disposable telephone number to a designated medium, and stores the mobile phone number, the disposable telephone number, The mapping history information including the mapping relationship of the mapping of the mapping information to the mapping database is stored and managed in the designated DB. The mapping history information may then be used to avoid cases where the mobile number is mapped to the same or similar disposable telephone number.

Referring to FIG. 1, the operation server 100 transmits a security code including the authentication code through the web / application screen of the wireless terminal 170 via a separate data network separated from the telephone network, And an information output unit 130 for processing to output a telephone number.

On the other hand, if the mobile phone number of the user, the generated authentication code, and the disposable telephone number are mapped on the designated medium, the information output unit 130 may transmit the discrete telephone number through a service channel including a separate data network And outputs the security code including the authentication code and the disposable telephone number through the web / application screen of the wireless terminal 170. [

According to the first security code embodiment of the present invention, it is preferable that the security code includes an authentication code confirmed through the authentication code checking unit 115, / App screen, and then the message is transmitted to the user's wireless terminal 170 and is input to the message body area of the reverse message. For example, if the authentication code confirmed by the authentication code checking unit 115 is '12', the security code may include '12', '12' is a message body area of the reverse message Lt; / RTI >

According to the second security code embodiment of the present invention, the security code may include a code combination obtained by combining an authentication code and an arbitrary dummy code, which are identified through the authentication code checking unit 115, in a designated code structure, The dummy code includes any code that is output through the Web / App screen of the wireless terminal 170 but is not input into the message body area of the reverse message. For example, if the authentication code confirmed by the authentication code checking unit 115 is '12' and the dummy code is '34', the security code may be '1234' concatenating '12' and '34' '12' is input to the message body region of the reverse message, and '34' may not be inputted to the message body region of the reverse message.

According to the embodiment of the present invention, the information output unit 130 may transmit the service information and the service information through a Web / App screen of the wireless terminal 170 through a service channel including a separate data network separated from the telephone network. The security code and the disposable telephone number may be outputted or may be output to the service information related screen being output through the web / application screen of the wireless terminal 170 to output the security code and the disposable telephone number.

According to an embodiment of the present invention, the information output unit 130 may receive guidance information for guiding the reception of the authentication code output through the Web / App screen of the wireless terminal 170 into the message body area of the reverse message, And outputs the web page through the web / application screen of the wireless terminal 170. [ The guide information may further include a guide for inputting the disposable telephone number output through the web / app screen of the user terminal into the call number area of the reverse message.

If the security code including the authentication code is output through the web / application screen of the wireless terminal 170, the information output unit 130 outputs the reverse message corresponding to the message transmission selection of the user wireless terminal 170 And transmits the authentication code output from the web / application screen of the wireless terminal 170 to the message body area of the wireless terminal 170 . For example, when the security code including the authentication code '12' is output through the web / application screen of the wireless terminal 170, the information output unit 130 outputs the security code including the authentication code ' The user terminal 170 configures the guide information to guide the user to input the two-digit number being output on the screen into the message body area of the reverse message corresponding to the message sending selection of the user wireless terminal 170, And output it through the app screen.

Meanwhile, when a security code in which a combination of an authentication code and an arbitrary dummy code is outputted through the web / application screen of the wireless terminal 170 is output, a security code output from the web / The user terminal 170 selects the authentication code except for the authentication code and inputs it to the message body area of the reverse message corresponding to the message sending selection of the user wireless terminal 170, And the like. For example, when a security code including '1234', which is a combination of an authentication code '12' and an arbitrary dummy code '34', is outputted through the web / application screen of the wireless terminal 170, Corresponding to the message transmission selection of the user wireless terminal 170, the number corresponding to the first two digits of the numbers included in the security code being output to the Web / App screen of the wireless terminal 170, The user can configure the guidance information to guide the user to input and reply to the body area and output the web page through the web / application screen of the wireless terminal 170. [

Referring to FIG. 1, the operation server 100 includes a mobile phone number of the user as a calling number based on a message sending selection of the user wireless terminal 170, And receives the disposable telephone number output by the user and includes the authentication code input by the user among the security codes output through the Web / App screen of the wireless terminal 170 in the reception number area A message reception unit 135 for receiving the reverse message through the telephone network or confirming the reverse message received via the telephone network, and a reverse direction message receiving unit 135 for receiving the reverse message from the user's wireless terminal 170 via one or more telephone networks A message authentication unit 140 for performing a message authentication procedure for authenticating a valid reverse message received validly with a disposable telephone number It is.

The user who owns the wireless terminal 170 corresponding to the mobile number identifies the security code and the disposable phone number output through the web / application screen of the wireless terminal 170 that he / she uses.

According to the embodiment of the present invention, the authentication code output from the web / application screen of the wireless terminal 170 is inputted to the message body area of the reverse message on the web / application screen of the user wireless terminal 170, (For example, a web page that is output through the web / application screen of the wireless terminal 170) on the web / application screen of the wireless terminal 170 according to the guide information, And a disposable telephone number of the wireless terminal 170 in the message body area of the reverse message based on the message sending selection of the user wireless terminal 170 The authentication code corresponding to the guidance information among the security codes output through the Web / App screen is inputted and the authentication code corresponding to the guidance code is inputted through the web / application screen of the wireless terminal 170 You can reply by inputting the output disposable telephone number. For example, if the user's wireless terminal 170 is a smart phone, the security code output from the web / application screen of the wireless terminal 170 through the message transmission as illustrated in FIG. A corresponding authentication code may be input into the message body area and the disposable telephone number output on the web / application screen of the wireless terminal 170 may be input to the called party number area and returned.

The present invention includes a mobile phone number assigned to a user's wireless terminal 170 as a calling number and includes a disposable telephone number entered by a user in a called party number area and also includes an authentication code entered by a user in a message body area A message sent backward from the user's wireless terminal 170 through the telephone network once is defined as a disposable reverse message for the authentication procedure of the present invention.

According to an embodiment of the present invention, the reverse message is a message sent backward from the user's wireless terminal 170 based on the message sending selection, and simultaneously transmitted from the user's wireless terminal 170, ) Is transmitted to the subscribed communication company system. The communication company system checks the device information of the wireless terminal 170 that has sent the uplink message and the mobile phone number actually assigned to the wireless terminal 170 by referring to the DB managing the communication terminal subscribed to the wireless terminal 170, The wireless terminal 170 that has transmitted the reverse message verifies that it is the wireless terminal 170 corresponding to the communication terminal that is subscribed to the wireless terminal 170, (I.e., a mobile phone number actually assigned to the mobile terminal 170 that has transmitted the reverse message and a reverse mobile phone number in the reverse direction) Verifying whether the origination number included in the message is matched). If the cellular phone number of the wireless terminal 170 and the origination number of the reverse message coincide with each other, the communication company system relays the reverse message to be delivered to the disposable telephone number corresponding to the called number included in the reverse message . \

The message receiving unit 135 may include the mobile phone number of the user as a calling number based on the message sending selection of the user wireless terminal 170 and may include a disposable telephone number output through the web / And transmits the reverse message including the authentication code input by the user to the message body area among the security codes output from the web / application screen of the wireless terminal 170, Or a reverse message received by a separate message server (not shown).

When the reverse message is received (or confirmed) via the message receiver 135, the message authenticator 140 receives the reverse message from the user's wireless terminal 170 via one or more telephone networks and is valid as a designated one- And performs a message authentication procedure to authenticate whether the received message is a valid reverse message.

According to the first message authentication method of the present invention, the message authentication unit 140 reads out the number system of the origination number of the reverse message received (or confirmed) through the message receiving unit 135, Check if it is a numbering system. According to the embodiment of the present invention, since the reverse message received (or confirmed) through the message receiver 135 is a message transmitted from the user wireless terminal 170, the calling number of the reverse message must be the mobile phone number of the user do. However, a message (for example, an SMS or the like) via the telephone network can not be transmitted only by the wireless terminal 170, but may be a wired telephone connected to a wired telephone network, an Internet telephone or a VoIP phone based on the Internet network, Via the gateway to the designated gateway. The message authentication unit 140 checks whether the number system of the originating number of the reverse message is a number system of the mobile phone number. If the originating number of the reverse message is identified by the number system of the mobile phone number, Authenticate with a valid message available for the authentication procedure, or otherwise automatically discard the reverse message. According to an embodiment of the present invention, when a reverse message is transmitted from a wireless terminal 170 subscribed to the wireless terminal 170, the communication company system to which the wireless terminal 170 is subscribed, 170 and the originating number of the uplink message are identical to each other, and if it is verified, the corresponding uplink message is relayed to the receiver. Therefore, if the originating number of the uplink message is a mobile number, The calling party may be regarded as the actual wireless terminal 170. [ According to the embodiment of the present invention, if a communication company subscribed to a fixed line telephone, an internet telephone, a VoIP phone, etc., other than the mobile communication company to which the mobile terminal 170 is subscribed also verifies the calling number of the reverse message, An Internet telephone, a VoIP phone, etc. In this case, the message authentication unit 140 may notify the originating number of the reverse message to a wired telephone, an Internet telephone, Phone, or VoIP phone, and the present invention is not limited thereto.

According to the second message authentication embodiment of the present invention, the message authentication unit 140 identifies the disposable telephone number corresponding to the called number of the reverse message received (or confirmed) through the message receiving unit 135, It is confirmed whether or not the effective time for maintaining the mapping state of the disposable telephone number and the mobile phone number that received the reverse message has elapsed or has passed. According to the embodiment of the present invention, the message authentication unit 140 can read the effective time counted by being mapped with the disposable telephone number that received the reverse message, and check whether the valid time is before or after the effective time elapses . If the validity period has not elapsed, the message authentication unit 140 can authenticate the uplink message with a valid message that can be used in the authentication procedure. Otherwise, the message authentication unit 140 can automatically discard the uplink message.

According to the third message authentication embodiment of the present invention, when the message authentication unit 140 sends a message via the telephone network in the data network, i (i, 1) You can keep the embedded code. Preferably, when the i inserted codes are transmitted from a server on a data network rather than a terminal on the telephone network (for example, the wireless terminal 170 subscribed to the mobile telephone network) via the telephone network, And includes code that is set to be automatically inserted into the message body area of a message sent by the user, for example, one or more codes of '[', 'Web', 'web', 'WEB', 'web', ' can do. Meanwhile, when the disposable reverse message including the disposable telephone number in the called party number area is received (or confirmed) through the message receiver 135 as well as the mobile phone number as the calling number, the message authentication unit 140 Analyzes the code included in the message body area of the reverse message received (or confirmed) through the message receiver 135, and determines whether at least one of the i inserted codes is included. If the message authentication unit 140 does not include at least one embedded code in the message body region of the uplink message, the message authentication unit 140 determines that the uplink message is not transmitted via the telephone network on the data network, (E.g., the mobile terminal 170 subscribed to the mobile telephone network), the mobile terminal can authenticate the reverse message as a valid message available for the authentication procedure, and if not, the reverse message can be automatically discarded.

Meanwhile, when at least one embedded code is included in the message body area of the reverse message, the message authentication unit 140 determines whether the reverse message includes at least one embedded code, (E.g., a Web / App screen of the wireless terminal 170 matched with the mobile number, which is the calling number of the uplink message, or a web / application screen of the mobile terminal 170 matched with the disposable telephone number, / App screen) and output error information on the message body area of the reverse message through the web / application screen of the wireless terminal 170. [

According to the fourth message authentication embodiment of the present invention, the message authentication unit 140 receives the message body area of the reverse message through key input means (for example, a key button, a touch screen, etc.) designated by the user's wireless terminal 170 (J > = 1) exception codes so that they can not be used as authentication codes among the input codes. For example, when the authentication code is composed of only digits including '1' to '9' and '0', the message authentication unit 140 determines that the code that can be input through the key input unit of the wireless terminal 170 J " exception codes including codes such as all the characters except for the numbers including '1' to '9' and '0' and symbols (including spaces such as 'space bar'). If the authentication code includes numbers and alphabets including '1' to '9' and '0', the message authentication unit 140 may be configured to allow the user to input, via key input means of the wireless terminal 170, You can keep j exception codes that contain codes such as all the characters and symbols except for the numbers in the code and the English alphabet. Meanwhile, when the authentication code includes a number including '1' to '9' and '0' and a Hangul word, the message authentication unit 140 may receive a message You can maintain j exception codes that contain code such as all the characters and symbols except for numbers and Hangul vowels. Meanwhile, when the disposable reverse message including the disposable telephone number in the called party number area is received (or confirmed) through the message receiver 135 as well as the mobile phone number as the calling number, the message authentication unit 140 And analyzes the code included in the message body area of the reverse message received (or confirmed) through the message receiver 135 to determine whether at least one of the j exception codes is included. If the message authentication unit 140 does not include at least one exception code in the message body area of the uplink message, the message authentication unit 140 receives the authentication code in the message body area of the uplink message from the user's wireless terminal 170 It is possible to authenticate the reverse message as a valid message that can be used in the authentication procedure without regard to an input error and consider that an input error has occurred in the reverse message and to automatically discard the reverse message.

According to an embodiment of the present invention, when at least one exception code is included in the message body area of the uplink message, the message authentication unit 140 transmits a message to the web application / (E.g., a Web / App screen of the wireless terminal 170 matched with the mobile number, which is the calling number of the uplink message, or a web / application screen of the mobile terminal 170 matched with the disposable telephone number, / App screen) and output error information on an input error occurring in the authentication code included in the message body area of the reverse message through the web / application screen of the wireless terminal 170.

According to the fifth message authentication embodiment of the present invention, the message authentication unit 140 may be configured to at least partially combine at least two embodiments among the first to fourth message authentication embodiments to generate the reverse message Authentication with a valid message available for the authentication procedure, and thus the present invention is not limited thereto.

Referring to FIG. 1, when the reverse message is validly received, the operation server 100 checks the origination number of the reverse message and matches the disposable telephone number corresponding to the called number of the reverse message with the mapped mobile number And a code authentication process for authenticating whether the authentication code included in the message body area of the reverse message is matched with the authentication code mapped to the mobile phone number And generates an authentication result for providing the service of the service server 175 based on the result of the origination authentication and the code authentication and transmits the authentication result to the service server 175 or the user's wireless terminal 170, And a result processing unit 155 for providing the result to the user.

When the validity of the uplink message is authenticated through the message authentication unit 140, the origination authentication unit 145 identifies the origination number of the uplink message, and the designated medium holding the information registered in the medium holding unit After confirming the disposable telephone number corresponding to the called number of the reverse message and the mapped mobile number, authenticates whether the calling number of the reverse message matches the mobile number confirmed through the designated medium. Meanwhile, according to another embodiment of the present invention, the originating authentication unit 145 identifies the disposable telephone number corresponding to the called number of the reverse message, and transmits the reverse direction message through the designated medium holding the information registered in the medium holding unit. After confirming the mobile telephone number corresponding to the origination number of the message and the disposable telephone number mapped, authenticate whether the called number of the reverse message matches the disposable telephone number confirmed through the designated medium, The origination authentication procedure is substantially the same as the authentication procedure for checking and comparing the mobile phone number mapped with the disposable phone number corresponding to the called number of the reverse message through the designated medium. According to an embodiment of the present invention, it is preferable that the designated medium effectively maintains the mapping relationship between the disposable telephone number and the mobile phone number only for a designated valid time, and after the expiration of the effective time, Even if the phone number and the mapped mobile number are not confirmed or even confirmed, the disposable number may be mapped to another mobile number.

According to the embodiment of the present invention, when the valid mobile phone number is not confirmed through the designated medium, or when the originating number of the reverse message does not match the mobile phone number confirmed through the designated medium, App screen of the wireless terminal 170 corresponding to the uplink message (e.g., a Web / App screen of the wireless terminal 170 matched with the mobile number, which is the calling number of the uplink message, or a web / App screen of the wireless terminal 170 matched with the disposable telephone number as the called number) and to output the error information for the outgoing authentication through the Web / App screen of the wireless terminal 170 have.

When the validity of the uplink message is authenticated through the message authenticator 140, the code authenticator 150 checks the authentication code included in the message body area of the uplink message, And / or the authentication code mapped to the disposable telephone number corresponding to the called number of the reverse message, and then transmits the message of the reverse message And performs a code authentication procedure for authenticating whether an authentication code included in the body area matches an authentication code confirmed through the designated medium. According to the method of the present invention, it is preferable that the designated medium effectively maintains the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number only for a designated valid time, The authentication code mapped to the mobile phone number or the authentication code mapped to the disposable telephone number is not confirmed. Even if the mobile phone number or the disposable phone number is confirmed, the mobile phone number or the disposable phone number may be mapped to the authentication code of another authentication procedure have.

According to the embodiment of the present invention, when a valid authentication code is not confirmed through the designated medium or an authentication code included in the message body area of the reverse message does not match the authentication code confirmed through the designated medium, The code authentication unit 150 checks the web / app screen of the wireless terminal 170 corresponding to the uplink message (for example, the web / app screen of the wireless terminal 170 matched with the mobile number, (Or a Web / App screen of the wireless terminal 170 matched with the disposable telephone number, which is the destination number of the reverse message), and transmits error information on the code authentication through the web / To be output.

The result processing unit 155 checks the result of the outgoing authentication performed by the outgoing authentication unit 145 and verifies the result of the code authentication performed through the code authentication unit 150, The result of the code authentication is ANDed to generate authentication result information for providing the service of the service server 175 and provides the generated authentication result information to the service server 175 and / 170, and outputs it through the web / application screen of the wireless terminal 170.

When the generated authentication result information is provided to the service server 175 or the user's wireless terminal 170, the result processing unit 155 transmits the generated authentication result information to the mapping unit 125 through the mapping unit 125, (Or deactivates) the mapping relationship of the disposable telephone number so that the third party (or hacker) intercepts the attempt to abuse the mapping relationship regardless of the remaining time of the validity time maintaining the mapping relationship .

FIG. 2 is a diagram illustrating an information confirmation and mapping process for a disposable message-based authentication procedure according to an embodiment of the present invention.

In more detail, FIG. 2 shows a case where a user's mobile phone number is confirmed at the time of authentication for providing a service, a dynamically generated authentication code is confirmed for providing the service, and the mobile phone number of the user is included as a calling number, After identifying a dynamically determined disposable telephone number to induce the use of the disposable reverse message to be used as a destination number of the disposable reverse message to be received once in a reverse direction, mapping the user's mobile phone number, the generated authentication code, and the disposable telephone number And may be stored and maintained for a valid period of time. It will be understood by those skilled in the art that reference to and / or modification of FIG. 2 may be applied to various implementations of the process Can be omitted, or the order is changed) , The present invention includes all of the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG.

Referring to FIG. 2, a user's wireless terminal 170 requests (200) a service designated by a service server 175 of a service providing organization via a data network through a designated web / Checks the designated service request from the wireless terminal 170 of the user via the data network 205 and checks the service information necessary for providing the requested service through the data network. For example, if the service providing organization is a bank, the service server 175 is a wireless banking server, and the service request is a money transfer request, the service server 175 transmits The user can confirm the transfer information for the account transfer by communicating through the data network (210). If the service information for providing the service is not confirmed, the service server 175 further performs a process of communicating with the user's wireless terminal 170 through the data network to check the service information for providing the service (210).

Meanwhile, when the service information for providing the service is confirmed, the service server 175 confirms whether to perform the authentication using the disposable message according to the present invention for providing the service using the confirmed service information (215). If authentication using the disposable message is not required for providing the service, the service server 175 performs a procedure for providing a service using the service information to the user's wireless terminal 170 through the data network (220). The user's wireless terminal (170) performs a procedure of receiving a service via the data network from the service server (175) through a web / application screen (225).

Meanwhile, when authentication using the disposable message is to be performed for providing the service, the service server 175 configures the authentication request information including the service information and provides the authentication request information to the designated operation server 100 (230) The operation server 100 receives the authentication request information from the service server 175, and determines whether authentication for the service provision is requested (235).

Upon confirmation of the authentication request for providing the service of the service server 175, the operation server 100 transmits the reverse message to be transmitted backward through the authentication channel based on the message transmission selection from the user's wireless terminal 170 The mobile phone number of the user to be used as the number is checked (240).

According to the first mobile phone number identification method of the present invention, the service server 175 receives the mobile phone number from the user through the wireless terminal 170 of the user, or receives the mobile phone number from the service server 175 side And the operation server 100 may receive the mobile phone number of the user from the service server 175 in operation 240.

According to the second mobile phone number identification method of the present invention, the operation server 100 may communicate with the user's wireless terminal 170 through the data network (for example, the authentication request information received from the service server 175) The mobile terminal 170 may receive and receive the mobile phone number of the user from the mobile terminal 170 of the user (in cooperation with the mobile terminal 170 of the user based on the included interworking information).

According to the third embodiment of the present invention, the service server 175 and the operation server 100 share the user information, and the operation server 100 receives the identifier (E.g., user identification information included in the authentication request information received from the service server 175), the mobile phone number of the user can be confirmed 240 by referring to the designated DB on the operation server 100 side.

Meanwhile, at the time of confirming the authentication request for providing the service of the service server 175, the operating server 100 confirms the authentication code dynamically generated for providing the service (245).

According to the first authentication code checking embodiment of the present invention, the service server 175 may generate a random number authentication code dynamically using a random number generation algorithm, or may include a dynamic seed including a time value or a random number value One or more seeds can be applied to the specified hash algorithm to dynamically generate disposable authorization codes or any combination from arbitrary numbers and / or characters and / or combinations of symbols stored in the database can be selected for dynamic use with disposable authentication codes And may provide the authentication code dynamically generated (or determined) as described above to the operation server 100 (for example, provided in the authentication request information provided to the operation server 100), and the operation The server 100 may receive the authentication code from the service server 175 (245).

According to the second authentication code checking embodiment of the present invention, the operation server 100 may generate a random number authentication code dynamically using a random number generation algorithm, or may include a dynamic seed including a time value or a random number value One or more seeds can be applied to the specified hash algorithm to dynamically generate disposable authorization codes or any combination from arbitrary numbers and / or characters and / or combinations of symbols stored in the database can be selected for dynamic use with disposable authentication codes (245).

On the other hand, upon confirmation of the authentication request for providing the service of the service server 175, the operation server 100 sends backward through the authentication channel including the designated telephone network based on the message sending selection from the user's wireless terminal 170 (250) a dynamically determined disposable telephone number to induce a disposable called number of the reverse message to be used.

According to the first disposable telephone number identification method of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for transmitting and receiving messages via a telephone network And a program code executed in the DB 100 and / or the operation server 100). In this case, the operation server 100 selects one n (1? N? N) telephone numbers that are not duplicated among the N telephone numbers managed by the number management module, (250).

According to the second disposable telephone number identification embodiment of the present invention, the operation server 100 includes a number management module (e.g., N (N)) for managing N (N? 2) telephone numbers available for sending and receiving messages via the telephone network And a program code executed by the operation server 100. When the mobile phone number of the user is confirmed through the operation server 100, the operation server 100 ) Confirms the mapping history information of the identified mobile phone number, and determines whether or not any of the N phone numbers managed by the number management module is not duplicated and the n < th > (1 < / = N < / = N), and confirms the phone number as a disposable telephone number to be used as a destination number of an uplink message including the mobile phone number as a calling number (250).

According to the third disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., a program code executed in the operating server 100) capable of generating? 2? Number of telephone numbers. In this case, the operation server 100 generates a non-overlapping n (n) number of N (N > = 2) telephone numbers generated by combining the non- 1 ≤ N ≤ N), and can identify the telephone number as a disposable telephone number to be used as a destination number of the reverse message.

According to the fourth disposable telephone number identification method of the present invention, the operation server 100 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (E.g., a program code executed in the operating server 100) capable of generating a phone number of > = 2). When the mobile phone number of the user is confirmed through the operating server 100, The operation server 100 confirms the mapping history information of the identified mobile phone number, and selects a combination of N (N > = 2) phone numbers that can be generated through the number management module, (1 ≤ n ≤ N) phone numbers which are generated so as not to overlap with each other and have no history mapped to the mobile phone number based on the mapping history information, It can be found in one-time telephone number be used for daepon number to a call number of an uplink message containing a calling number (250).

According to an embodiment of the fifth disposable telephone number verification method of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, and N telephone numbers managed by the number management module (1 < / = N < / = N) telephone numbers that are not duplicated in the number of the service server (175) And receives the telephone number and confirms it as a disposable telephone number to be used as a destination number of the reverse message (250).

According to the sixth disposable telephone number confirmation embodiment of the present invention, the service server 175 includes a number management module for managing N (N > = 2) telephone numbers, (N < = 1 < / = n) which is not duplicated among the N telephone numbers managed by the number management module and has no history mapped to the mobile phone number based on the mapping history information. (e.g., provided in the authentication request information provided to the operation server 100) to the operation server 100, and the operation server 100 may select the phone number from the service server 100, And receives the n-th phone number from the mobile phone 175 and confirms it as a one-time phone number to be used as a destination number of an uplink message including the mobile phone number as a calling number (250).

According to the seventh disposable telephone number identification method of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N (N > = 2) telephone numbers that can be generated by the number management module, wherein the number of N (N > = 2) telephone numbers (1 < n < N) telephone numbers, which are not included in the telephone number list, from the service server 175 to the operation server 100, (250) by using the disposable telephone number to be used as the called number of the reverse message.

According to the eighth disposable telephone number identification example of the present invention, the service server 175 combines the dynamic numbers of digits designated by the designated station numbers into a designated telephone number system, and transmits N (N ? 2) number, and when the mobile phone number of the user is confirmed, the mobile terminal confirms the mapping history information of the mobile phone number and confirms N (N?) That can be generated through the number management module. (1? N? N), which is generated so as not to be duplicated by combining digits of a number of digits specified in the designated station number among the 2) telephone numbers, and which has no history mapped with the mobile number based on the mapping history information, ) To the operation server 100, and the operation server 100 receives the n-th telephone number from the service server 175 The mobile phone number can be confirmed as a disposable telephone number to be used as a destination number of an uplink message including the mobile phone number as a calling number (250).

According to the method of the present invention, the disposable telephone number identified through at least one of the first to eighth disposable telephone number identification examples is not duplicated and is not used as a disposable telephone number for a predetermined period or more Phone number, unused phone number after designated initialization, unused phone number, unused phone number that has been used more than once as one-time phone number, unused phone number for more than one period, And may include at least one telephone number out of the telephone numbers.

The mobile phone number of the user is confirmed and a dynamically generated authentication code for providing the service is confirmed and transmitted from the user's wireless terminal 170 via the telephone network based on the message sending selection of the user wireless terminal 170, When a disposable telephone number to be used as a destination number of a reverse message to be received is identified, the operation server 100 maps the mobile phone number of the user, the generated authentication code, and the disposable telephone number to a designated medium Or memory area, etc.) for a validity time designated (255).

After the mobile phone number of the user is mapped to the authentication code and the disposable telephone number in the designated storage medium, the operation server 100 maintains the mapping relationship between the mobile phone number held in the designated medium, the authentication code, and the disposable telephone number (260). ≪ / RTI > If the expiration time for maintaining the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number has elapsed, the operation server 100 determines a mapping relationship between the mobile phone number held in the designated storage medium, the authentication code and the disposable telephone number (265).

FIG. 3 is a diagram illustrating a process of outputting an authentication code and a disposable telephone number via a data network according to an embodiment of the present invention.

In detail, FIG. 3 is a diagram illustrating an example in which a user's mobile phone number, an authentication code, and a disposable telephone number are mapped to each other, and then, through the separate data network separated from the telephone network, The security code including the code and the disposable telephone number are outputted. As a person skilled in the art, referring to and / or modified in FIG. 3, It is to be understood that the invention may be practiced otherwise than as specifically described herein, but it is to be understood that the invention may be practiced otherwise than as specifically described herein, The technical characteristics thereof are not limited.

Referring to FIG. 3, when the mobile phone number of the user, the authentication code, and the disposable telephone number are mapped to the designated medium through the process of FIG. 2, the operation server 100 transmits the web / App screen (300), and outputs a security code including the authentication code and the disposable telephone number through a web / app screen of the wireless terminal (170) via a separate data network separated from the telephone network (305), guides authentication code among the security codes output through the web / application screen of the wireless terminal (170) according to the method of selection, inputs the authentication code into the message body area of the reverse message and returns it, and / Or the guidance information for guiding the user to input the disposable telephone number output through the Web / App screen of the wireless terminal 170 into the reception number area of the reverse message, She processes to output through 305. The

The wireless terminal 170 receives the security code including the authentication code and the disposable telephone number through the data network and outputs the security code and the disposable telephone number through a web / application screen (310) Information is received and output through the web / app screen (310).

4 is a diagram illustrating a process of authenticating the validity of a service provided through a data network using a disposable reverse message received via a telephone network according to an embodiment of the present invention.

4 illustrates a case where the security code is outputted through the Web / App screen of the wireless terminal 170, and the mobile phone number of the user is included as a calling number based on the message sending selection of the user wireless terminal 170 And transmits the disposable telephone number output from the Web / App screen of the wireless terminal 170 to the user terminal of the wireless terminal 170, A message authentication procedure is performed to authenticate whether the reverse message including the authentication code entered in the message body area is validly received via the telephone network. If the reverse message is validly received, the origination number of the reverse message is checked An originating authentication procedure for authenticating whether the disposable telephone number corresponding to the called number of the uplink message matches a mapped mobile number, And a code authentication procedure for authenticating whether the authentication code included in the message body area of the direction message is matched with the authentication code mapped to the mobile phone number. The present invention is not limited to the above- It is possible to refer to and / or modify the FIG. 4 to derive various implementations of the process (e.g., omitting some of the steps or changing the order) All the methods of implementation are included, and the technical features thereof are not limited only by the method shown in FIG.

Referring to FIG. 4, when a security code is outputted through the Web / App screen of the wireless terminal 170 through the process of FIG. 3, the user inputs the guidance information output from the web / Selects a designated authentication code among the security codes output on the web / application screen of the wireless terminal 170 according to the guidance information output on the web / application screen of the wireless terminal 170 And inputs the disposable telephone number output to the web / application screen of the wireless terminal 170 in the called party number field, and the wireless terminal 170 transmits the disposable telephone number to the message body area for message transmission Receives the authentication code, and receives the disposable telephone number in the destination number field (405).

The authentication code selected from the security code output on the web / application screen of the wireless terminal 170 is input to the message body area and the disposable telephone number output on the web / The user's wireless terminal 170 includes the mobile phone number of the user as a calling number and receives the disposable telephone number output through the web / And transmits the reverse message including the authentication code input by the user among the security codes output from the web / application screen included in the number field to the message body area through the designated mobile phone network in the reverse direction 410, and the operating server 100 may include the disposable telephone number in the called party number area based on the message sending selection, The incoming message is received via one or more telephone networks (415).

When the user's wireless terminal 170 receives the reverse dis- tributed reverse-direction message including the disposable telephone number in the destination number area via one or more telephone networks, the operation server 100 transmits the disposable telephone number to the reception number area And performs a message authentication procedure to authenticate the validity of the reverse received reverse message including the received reverse message (420).

According to the first message authentication embodiment of the present invention, the operation server 100 reads out the number system of the origination number of the received reverse message, and confirms whether the number system corresponds to the mobile phone number. According to the embodiment of the present invention, since the reverse message is a message sent from the user wireless terminal 170, the calling number of the reverse message must be the mobile number of the user. However, a message (for example, an SMS or the like) via the telephone network can not be transmitted only by the wireless terminal 170, but may be a wired telephone connected to a wired telephone network, an Internet telephone or a VoIP phone based on the Internet network, Via the gateway to the designated gateway. The operation server 100 checks whether the number system of the origination number of the reverse message is a number system of the mobile phone number, and if the origination number of the reverse message is confirmed as the number system of the mobile number, (420) with a valid message available for the procedure.

According to the second message authentication embodiment of the present invention, the operation server 100 confirms the disposable telephone number corresponding to the called number of the received reverse message, and transmits the disposable telephone number and the mobile phone number It is checked whether the effective time for maintaining the mapping state has elapsed or has elapsed. According to the embodiment of the present invention, the operation server 100 can read the effective time counted and mapped with the disposable telephone number that received the reverse message, and confirm whether the valid time is before or after the effective time has elapsed. If the expiration time is before the expiration time, the operation server 100 may authenticate the uplink message with a valid message available for the authentication procedure (420).

According to the third message authentication embodiment of the present invention, when the operation server 100 sends a message via the telephone network in the data network, i (i > = 1) inserts that are automatically inserted into the message body area of the message You can keep your code. Preferably, when the i inserted codes are transmitted from a server on a data network rather than a terminal on the telephone network (for example, the wireless terminal 170 subscribed to the mobile telephone network) via the telephone network, And includes code that is set to be automatically inserted into the message body area of a message sent by the user, for example, one or more codes of '[', 'Web', 'web', 'WEB', 'web', ' can do. Meanwhile, when the disposable reverse message including the mobile number as the origination number and the disposable telephone number in the destination number area is received, the operation server 100 transmits the code included in the message body area of the received reverse message And checks whether or not at least one of the i inserted codes is included. If the mobile terminal does not include at least one embedded code in the message body area of the reverse message, the operation server 100 determines that the reverse message is not transmitted via the telephone network on the data network, (E.g., the wireless terminal 170 subscribed to the telephone network) and authenticates the reverse message with a valid message available for the authentication procedure (420).

According to the fourth message authentication embodiment of the present invention, the operation server 100 transmits a message to a message body area of a reverse message through key input means (for example, a key button, a touch screen, etc.) designated by the user's wireless terminal 170 It is possible to keep j (j ≥ 1) exception codes that can not be used as authentication codes among inputable codes. For example, when the authentication code is composed of only digits including '1' to '9' and '0', the operating server 100 transmits' J excepting codes including codes such as all the characters except for the numbers including '1' to '9' and '0' and symbols (including spaces such as 'space bar'). Meanwhile, when the authentication code includes a number including '1' to '9' and '0' and an alphabetical alphabet, the operating server 100 may transmit a code that can be input through key input means of the wireless terminal 170 You can keep j exception codes that contain codes such as all letters and symbols except the middle and the English alphabet. Meanwhile, when the authentication code includes digits including '1' to '9' and '0' and Hangul words, the operating server 100 transmits a code that can be inputted through key input means of the wireless terminal 170 You can keep j exception codes that contain codes such as all digits and symbols except for Chinese digits and Hangul characters. Meanwhile, when the disposable reverse message including the mobile number as the origination number and the disposable telephone number in the destination number area is received, the operation server 100 transmits the code included in the message body area of the received reverse message To check whether it contains at least one exception code among j exception codes. If the operation server 100 does not include at least one exception code in the message body area of the reverse message, the operation server 100 inputs an authentication code to the message body area of the reverse message at the user's wireless terminal 170 It can be considered that the authentication code has been normally input without any error, and the reverse message can be authenticated (420) as a valid message available for the authentication procedure.

According to the fifth message authentication embodiment of the present invention, the operation server 100 authenticates the reverse message through at least part of at least two embodiments of the first to fourth message authentication embodiments (420) with the valid message available for the procedure, and the invention is not limited thereby.

If the validity of the uplink message is not authenticated, the operation server 100 generates error information of the message authentication procedure (425), and transmits the error information through the web / application screen of the wireless terminal 170 via the data network (430), the user's wireless terminal (170) receives the error information of the message authentication procedure through the data network and outputs the error information through the web / application screen (435) . Meanwhile, the operation server 100 may discard the erroneous reverse message (step 440).

On the other hand, if the validity of the uplink message is not authenticated, the operation server 100 checks the origination number of the uplink message, and transmits the uplink message to the called party (Step 445). After confirming the disposable telephone number and the mapped mobile phone number, the originating authentication process is performed to authenticate whether the origination number of the reverse message matches the mobile phone number confirmed through the designated medium.

If the origination number of the reverse message does not match the mobile number confirmed through the designated medium, the operation server 100 generates error information of the origination authentication procedure (425) (430) the error information of the origination authentication procedure through the web / application screen of the terminal 170, and the user's wireless terminal 170 receives the error information of the origination authentication procedure through the data network And outputs it via the web / app screen (435). Meanwhile, the operation server 100 may discard the erroneous reverse message (step 440).

If the source number of the reverse message is matched with the mobile phone number confirmed through the designated medium, the operation server 100 checks the authentication code included in the message body area of the reverse message, After confirming the authentication code mapped with the mobile phone number corresponding to the calling number of the reverse message and / or mapped with the disposable telephone number corresponding to the called number of the reverse message through a designated medium for maintaining the information, (450) a code authentication procedure for authenticating whether an authentication code included in the message body area matches an authentication code identified through the designated medium.

If the authentication code included in the message body area of the uplink message does not match the authentication code mapped to the mobile phone number, the operation server 100 generates error information of the code authentication procedure (step 425) (430) to output the error information of the code authentication procedure through the Web / App screen of the wireless terminal (170) via the wireless network (170), and the user's wireless terminal (170) Receives the error information, and outputs it via the web / application screen (435). Meanwhile, the operation server 100 may discard the erroneous reverse message (step 440).

If the authentication code included in the message body area of the reverse message is matched with the authentication code mapped to the mobile phone number, the operation server 100 searches the service server 175 based on the results of the origination authentication and the code authentication, And provides the authentication result to the service server 175 or the user's wireless terminal 170 in step 455. The user's wireless terminal 170 transmits the authentication result to the service server 175 (460), and the service server (175) transmits the web / application screen of the wireless terminal (170) via the data network based on the disposable message based authentication result To provide the designated service.

100: Operation server 105: Authentication request confirmation part
110: mobile phone number confirmation unit 115: authentication code verification unit
120: disposable number confirmation unit 125: mapping maintenance unit
130: Information output unit 135: Message receiving unit
140: message authentication unit 145: origin authentication unit
150: code authentication unit 155: result processing unit
170: wireless terminal 175: service server

Claims (19)

And is operable through an operation server operable through a separate data network separate from the user's wireless terminal and capable of exchanging messages with a user's wireless terminal through a telephone network in cooperation with a service server providing a designated service to the user Lt; / RTI >
And a control unit for confirming a mobile phone number of a user at the time of authentication for providing a service of the service server, confirming a dynamically generated authentication code for providing the service, storing the mobile phone number of the user as a calling number, Performing a procedure for identifying a dynamically determined disposable telephone number to be used as a destination number of a disposable reverse message to be received in the reverse direction;
A second step of mapping the mobile phone number of the user, the generated authentication code, and the disposable telephone number to maintain the mobile phone number for a specified valid time;
A third step of outputting the security code including the authentication code and the disposable telephone number via a web / app screen of the wireless terminal via a separate data network separated from the telephone network;
The mobile phone number of the user is included as a calling number on the basis of message sending selection of the user wireless terminal, the disposable telephone number outputted through the web / application screen of the wireless terminal is received by the user and included in the called number area, A fourth step of performing a message authentication procedure for authenticating whether a reverse message including the authentication code inputted by the user in the message body area is received validly via the telephone network, out of the security codes outputted through the web / application screen of the terminal;
A source authentication procedure for verifying the originating number of the uplink message and authenticating whether the one-time phone number corresponding to the called number of the uplink message matches a mapped mobile number, when the uplink message is validly received, A fifth step of verifying the authentication code included in the mobile phone number and performing a code authentication procedure for authenticating whether the mobile phone number matches the authentication code mapped to the mobile phone number; And
And generating an authentication result for providing a service of the service server based on a result of the origination authentication and the code authentication, and providing the authentication result to the service server or the user's wireless terminal.
2. The method according to claim 1,
N number (1? N? N) telephone numbers which are not duplicated among the N telephone numbers from a number management module for managing N (N? 2) telephone numbers to be used as a destination number of the reverse message The method comprising the steps of: receiving a first message from a first user;
2. The method according to claim 1,
(N ≥ 2) telephone numbers that can be generated by combining the dynamic number of the designated number with the designated telephone number system in the designated station number managed by the number management module, (1 < / = N < / = N) telephone number to be used as a destination number of the uplink message.
2. The method according to claim 1,
When the mobile phone number of the user is confirmed,
N (1? N? N) telephone numbers that are not duplicated among the N telephone numbers from the number management module managing N (N? 2) telephone numbers and have no history mapped with the mobile number, Using a disposable telephone number to be used as a destination number of an uplink message including an originating number.
2. The method according to claim 1,
When the mobile phone number of the user is confirmed,
(N ≥ 2) telephone numbers that can be generated by combining the dynamic number of the number of digits specified in the designated station number managed by the number management module with the designated telephone number system, and combine the non-duplicated numbers of digits specified in the designated station number (1 ≤ n ≤ N) phone number, which is generated and has no history mapped to the mobile phone number, as a one-time phone number to be used as a destination number of an uplink message including the mobile phone number as a calling number And transmitting the discovery reverse-direction message to the authentication server.
The method as claimed in any one of claims 2 to 5,
N phone numbers that are not used as disposable telephone numbers for a certain period of time or longer,
N number of telephone numbers that are not used as one-time telephone numbers after the designated initialization,
A telephone number of N telephone numbers that has not been reused for a certain period of time after being used as a one-time telephone number,
And a telephone number of at least one of telephone numbers that have not been reused for the longest period after being used as a disposable telephone number among the N telephone numbers.
2. The method according to claim 1,
Further comprising the step of storing and managing mapping history information on a mapping relationship between the mobile phone number and the disposable telephone number in a designated DB.
The method according to claim 1,
Wherein the second step further comprises counting a validity time for maintaining a mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number,
Confirming whether the validity period of maintaining the mapping relationship has elapsed; And
And deactivating the mapping relationship between the mobile phone number, the authentication code, and the disposable telephone number when the valid time has elapsed.
The method of claim 1,
Includes an authentication code to be entered into a message body area of the reverse message, or
And a combination of the authentication code and an arbitrary dummy code not input in the message body area of the reverse message.
2. The method according to claim 1,
Further comprising processing the guidance information for guiding the user to input the authentication code output through the web / application screen of the wireless terminal into the message body area of the reverse message and to return the guidance information through the web / application screen of the wireless terminal And transmitting the discovery reverse-direction message.
2. The method of claim 1,
A message transmitted through a telephone network to which the user's mobile terminal is subscribed, verifies whether the mobile phone number actually assigned to the mobile terminal that has sent the message in the communication company system providing the telephone network of the mobile station matches the calling number included in the message Wherein the disposable telephone number is received by the disposable telephone number corresponding to the called number included in the message through the communication company system when the cell phone number of the wireless terminal matches the calling number of the message. .
The method as claimed in claim 1,
Identifying a reverse message received at the designated disposable telephone number;
Reading the number system of the origination number of the reverse message and confirming whether the number system corresponds to the mobile phone number; And
And authenticating the uplink message as a valid message that can be used in the authentication procedure when the calling number of the uplink message is a number system of the mobile phone number.
The method as claimed in claim 1,
Identifying a reverse message received at the designated disposable telephone number; And
Confirming whether the valid time for maintaining the mapping state between the disposable telephone number and the mobile phone number that has received the reverse message has elapsed; And
And authenticating the uplink message as a valid message that can be used in the authentication procedure if the valid time is before the elapse of the valid time.
The method according to claim 1,
Further comprising the step of maintaining i (i > = 1) embedded codes set to be automatically inserted into the message body area of the message when the message is transmitted from the data network via the telephone network,
In the fourth step,
Analyzing a code included in the message body area of the reverse message received at the disposable telephone number to confirm whether the inserted code includes at least one of the i inserted codes; And
And if the at least one embedded code is not included in the message body region of the uplink message, authenticating the uplink message as a valid message usable in the authentication procedure.
The method according to claim 1,
Further comprising the step of maintaining j (j > = 1) exception codes that are not used as authentication codes among codes that can be input in the message body area of the reverse message at the user's wireless terminal,
In the fourth step,
Analyzing a code included in the message body area of the reverse message received by the disposable telephone number and confirming whether it includes at least one exception code among j exception codes; And
And checking that the reverse message is validly received if the message body area of the reverse message does not include at least one exception code.
16. The method of claim 15,
And outputting error information for the message body area of the reverse message through the web / app screen of the wireless terminal when the at least one exception code is included in the message body area of the reverse message. The authentication method using the disposable reverse message.
The method as claimed in claim 1,
And outputting the generated error information through the Web / App screen of the wireless terminal when an error occurs in the origination authentication or the code authentication.
A computer-readable recording medium storing a program for executing the method of claim 1.
A system capable of exchanging messages via a wireless network with a user and a telephone network, the system being operable through a separate data network separate from the user's wireless terminal and the telephone network,
A mobile phone number confirmation unit for confirming the mobile phone number of the user;
An authentication code confirmation unit for confirming a dynamically generated authentication code for service provision;
A disposable number identifying unit for identifying a dynamically determined disposable telephone number to be used as a called number of a disposable reverse message to be received in a reverse direction once through the telephone network including the mobile phone number of the user as a calling number;
A mapping unit configured to map the mobile phone number of the user, the generated authentication code, and the disposable telephone number to maintain the disposable telephone number for a designated valid time;
An information output unit for outputting a security code including the authentication code and the disposable telephone number via a web / app screen of the wireless terminal via a separate data network separated from the telephone network;
The mobile phone number of the user is included as a calling number on the basis of message sending selection of the user wireless terminal, the disposable telephone number outputted through the web / application screen of the wireless terminal is received by the user and included in the called number area, A message receiving unit for receiving, via a telephone network, an uplink message including an authentication code input by a user among security codes output through a web / application screen of the terminal in a message body area;
A message authentication unit for authenticating the validity of the reverse message received via the telephone network;
An originating authentication unit for verifying the origination number of the reverse message when the reverse message is received and authenticating whether the disposable telephone number corresponding to the called number of the reverse message is matched with the mapped mobile number;
A code authentication unit for verifying an authentication code included in the message body area of the reverse message and verifying whether the authentication code matches the authentication code mapped to the mobile phone number; And
And a result processor for generating and providing an authentication result for providing the service based on the results of the origination authentication and the code authentication.

Images