KR20210027837A - System and method for providing personal information certification service - Google Patents

Abstract

The present invention relates to a system and a method for providing a personal information certification service. With the present invention, voice call-based personal information certification can be replaced using blockchain technology. The present invention includes: a carrier server generating an artificial identifier of a user terminal requesting the personal information certification service; the user terminal generating private and public keys based on the artificial identifier upon receiving the artificial identifier from the carrier server and performing transmission with certification request data for personal information certification included in the public key; and a blockchain server storing the certification request data received from the user terminal in the ledger of a carrier peer node as one of multiple peer nodes, generating a new block including a transaction, having the generated new block verified by another interested party peer node, sharing and storing the certification request data of the verified new block in the ledger of the interested party peer node, having the shared and stored certification request data additionally certified by an interested party server, and sharing and storing the additionally certified certification request data in the ledger of the interested party peer node.

Description

Personal information authentication service provision system and its personal information authentication service provision method {SYSTEM AND METHOD FOR PROVIDING PERSONAL INFORMATION CERTIFICATION SERVICE}

The present invention relates to a system for providing a personal information authentication service, and more particularly, to a system for providing a personal information authentication service that can replace personal information authentication by voice call using a block chain technology, and a method for providing the personal information authentication service. About.

In general, the Happy Call performed by a home shopping company is an act of authenticating information such as customer credit information inquiry and identity verification by voice call in order to provide services such as rental goods, discounted goods, and free gifts.

In addition, the customer makes a Happy Call reservation to a home shopping company with his/her own contact information, and the counselor or person in charge of the home shopping company calls the customer according to the order of the reservation.

Here, the happy call must be processed as voice, and may be processed as voice by a third party who can prove family relationship.

As described above, at present, the Happy Call service can be used only through a voice call method, but in the case of deaf people such as hearing impaired or speech impaired, it is not possible to answer the phone itself because hearing or speaking is impaired. Cannot be provided.

Due to this problem, home shopping companies sometimes suggest agent (family) authentication as a method to replace the voice call method, but since the disorder is expressed by inheritance, there are many cases where all family members are deaf. The problem is not solved by itself.

In some cases, a sign language interpreter may be substituted and a video call method may be used, but the position is that such a method cannot be substituted due to the weak evidence to prove that he is a deaf.

Therefore, there is a need to develop a personal information authentication service providing system that can replace personal information authentication by voice call by generating integrity personal information authentication data using blockchain technology.

An object of the present invention is to provide a system for providing personal information authentication service and a method for providing personal information authentication service thereof that can replace personal information authentication by voice call by generating integrity personal information authentication data using blockchain technology.

The technical problems to be achieved in the present invention are not limited to the technical problems mentioned above, and other technical problems that are not mentioned will be clearly understood by those of ordinary skill in the technical field to which the present invention belongs from the following description. I will be able to.

In order to solve the above technical problem, the system for providing personal information authentication service according to an embodiment of the present invention provides an artificial identifier from a communication company server and a communication company server that generates an artificial identifier of a user terminal requesting a personal information authentication service. Upon receipt, a user terminal that generates a private key and a public key based on the artificial identifier and transmits the authentication request data for personal information authentication in the public key, and the authentication request data received from the user terminal are transmitted to a plurality of peer nodes. ), a new block containing the transaction is created by storing it in the ledger of the peer node of the telecommunication company, the new block is verified by the other stakeholder peer nodes, and the authentication request data of the verified new block is stored in the ledger of the stakeholder peer node. It may include a blockchain server that is shared and stored, and additionally authenticates the authentication request data stored shared by the stakeholder server, and shares and stores the additional authenticated authentication request data in the ledger of the stakeholder peer node.

In addition, the personal information authentication service providing method of the personal information authentication service providing system according to an embodiment of the present invention includes a personal information authentication service providing system including a telecommunication company server and a block chain server communicatively connected to a user terminal. As a service providing method, the step of requesting a personal information authentication service from a user terminal to a communication service provider server, a step of generating an artificial identifier of the user terminal corresponding to the personal information authentication service by the mobile service provider server and transmitting it to the user terminal, and the user terminal being a mobile service provider server. Receiving an artificial identifier from the user terminal, generating a private key and a public key based on the artificial identifier, including the authentication request data for personal information authentication in the public key, and transmitting the authentication request data to the blockchain server. Creating a new block containing the transaction by storing the authentication request data received from the terminal in the ledger of the peer node of the communication company among the plurality of peer nodes, and the new block generated by the blockchain server with the rest of the other interested parties. The step of sharing and storing the authentication request data of the new block verified and verified by the peer node in the ledger of the stakeholder peer node, and the blockchain server additionally authenticated and additionally authenticated authentication request data stored shared by the stakeholder server. It may include the step of storing shared in the ledger of the stakeholder peer node.

On the other hand, the user terminal according to an embodiment of the present invention, a communication unit that is communicatively connected to a communication company server and a blockchain server, a key generation unit that generates a private key and a public key, and stores the generated private key and a personal information authentication app. It includes a storage unit, a display unit that executes and displays a personal information authentication app, and a communication unit, a key generation unit, a storage unit, and a control unit that controls the display unit. The communication unit controls the communication unit to transmit the information authentication service request signal to the service provider server, and when receiving an artificial identifier from the mobile service provider server, the key generator is controlled to generate a private key and a public key based on the artificial identifier, and the storage unit is controlled to store the private key. When authentication request data for information authentication is input, the communication unit can be controlled to transmit the public key and authentication request data to the blockchain server.

Meanwhile, a method of providing a personal information authentication service of a user terminal according to an embodiment of the present invention includes a user terminal including a communication unit, a key generation unit, a storage unit, and a control unit for controlling a display unit, which are communicatively connected to a communication company server and a blockchain server. A method of providing personal information authentication service of, wherein when a user input for requesting a personal information authentication service is received by a control unit, controlling the communication unit to transmit a personal information authentication service request signal to a communication company server, and the control unit receives an artificial identifier from the communication company server. Then, controlling the key generation unit to generate a private key and a public key based on the artificial identifier, controlling the storage unit so that the control unit stores the private key, and when the control unit inputs authentication request data for personal information authentication, the public key and the public key It may include controlling the communication unit to transmit the authentication request data to the blockchain server.

On the other hand, the communication service provider server according to an embodiment of the present invention includes a communication unit that is communicatively connected to a user terminal and a blockchain server, an artificial identifier generator that generates an artificial identifier of the user terminal, a storage unit that stores customer information of the user terminal, And it includes a control unit for controlling the communication unit, the artificial identifier generation unit and the storage unit, the control unit, when a personal information authentication service request signal is received from the user terminal, inquires the customer information of the user terminal in the storage unit and based on the customer information of the user terminal It checks whether the customer of the user terminal is a subscriber, and if the customer of the user terminal is a subscriber, controls the artificial identifier generator to generate an artificial identifier of the user terminal, and controls the communication unit to transmit the artificial identifier of the user terminal to the user terminal when it is generated. I can.

On the other hand, the method of providing personal information authentication service of a communication company server according to an embodiment of the present invention is a personal information service provider of a communication service provider server including a communication unit for communication connection between a user terminal and a blockchain server, an artificial identifier generation unit, and a control unit for controlling the storage unit. As a method of providing information authentication service, the control unit inquires the customer information of the user terminal in the storage unit when a signal for requesting personal information authentication service is received from the user terminal. Checking whether the user terminal is a customer, the control unit controlling the artificial identifier generation unit to generate an artificial identifier of the user terminal if the customer of the user terminal is a subscriber, and the communication unit transmitting the artificial identifier of the user terminal to the user terminal when the control unit generates the artificial identifier of the user terminal. It may include controlling.

On the other hand, the blockchain server according to an embodiment of the present invention is a peer node server including a plurality of peer nodes, a communication company peer among a plurality of peer nodes upon receiving public key and authentication request data from a user terminal. Blockchain SDK (Software Development Kit) server that calls the chaincode from the node, and the orderer that stores the public key and authentication request data in the ledger of the peer node of the carrier through the called chaincode, and creates a new block including the transaction. /Including Kafka server, the peer node server receives the generated new block verified by the stakeholder peer node among the plurality of peer nodes, and shares the authentication request data of the verified new block to the ledger of the stakeholder peer node It is stored, and the shared-stored authentication request data may be additionally authenticated by the stakeholder server, and the additional authenticated authentication request data may be shared and stored in the ledger of the stakeholder peer node.

On the other hand, the method of providing personal information authentication service of a blockchain server according to an embodiment of the present invention is a method for providing a personal information authentication service of a blockchain server, including a peer node server having a plurality of peer nodes, a blockchain SDK server, and an orderer/Kafka server. As a method of providing information authentication service, when the blockchain SDK server receives the public key and authentication request data from the user terminal, the step of calling the chain code from the peer node of the communication company among the plurality of peer nodes, the chain in which the orderer/Kafka server is called. Storing the public key and authentication request data in the ledger of the communication company peer node through the code and generating a new block including the transaction, the peer node server generates the new block by the stakeholder peer node among the plurality of peer nodes. The step of sharing and storing the authentication request data of the new verified and verified block in the ledger of the stakeholder peer node, the peer node server is additionally authenticated by the stakeholder server and additionally authenticated authentication request data stored by the stakeholder It may include storing shared in the ledger of the peer node.

Meanwhile, an embodiment of the present invention may further provide a computer-readable program for executing any one of the personal information authentication service providing methods and a recording medium on which the program is recorded.

The system for providing personal information authentication service and the method for providing personal information authentication service according to at least one embodiment of the present invention configured as described above, by generating integrity personal information authentication data using blockchain technology, It can provide user convenience that can replace personal information authentication.

In addition, the present invention can eliminate fundamental problem elements that cannot be solved at present by using a blockchain, which is a strong trust platform that can prove the identity of the person.

In addition, according to the present invention, not only personal information authentication but also information added as needed can be shared and used by interested organizations.

In addition, the present invention, Paperwork and metabolism can be simplified through trust applications (smart contracts) running on the blockchain.

In addition, the present invention, The interface standard of each linkage period can be simplified by using a blockchain platform.

In addition, the present invention, Since all transactions that occur in all tasks can be used, it can be used as a basis for inspections and disputes.

Accordingly, the present invention solves the difficulties of the underprivileged (deaf people) who do not receive the service benefits provided by home shopping, and the home shopping company can provide an effect of attracting additional new customers.

In addition, since the present invention does not simply share authentication information, it is possible to provide an effect that can be applied to objects that complain of difficulties in business processing due to obstacles in finance, communication, administrative work, etc., rather than a simple home shopping company.

In addition, the present invention, In the current non-face-to-face authentication method (identity card scanning, biometric information authentication, etc.), it has the advantage of reinforcing parts that cannot be handled such as identity theft, and it has the advantage that it can be used permanently without renewal with one authentication.

The effects that can be obtained in the present invention are not limited to the above-mentioned effects, and other effects not mentioned can be clearly understood by those of ordinary skill in the art from the following description. will be.

1 is a diagram schematically illustrating a system for providing a personal information authentication service according to the present invention.
FIG. 2 is a block diagram illustrating the user terminal of FIG. 1.
3 is a block diagram illustrating a communication service provider server of FIG. 1.
4 is a block diagram illustrating the block chain server of FIG. 1.
5 is a flowchart illustrating a method of providing a personal information authentication service in a system for providing a personal information authentication service according to the present invention.
6 to 9 are diagrams for explaining a process of registering authentication request data for personal information authentication by the user terminal of FIG. 1.
10 is a flowchart illustrating a method of providing a personal information authentication service of a user terminal according to the present invention.
11 is a flowchart illustrating a method of providing a personal information authentication service by a communication company server according to the present invention.
12 is a flowchart illustrating a method of providing a personal information authentication service by a blockchain server according to the present invention.

Hereinafter, an apparatus and various methods to which embodiments of the present invention are applied will be described in more detail with reference to the drawings. The suffixes "module" and "unit" for constituent elements used in the following description are given or used interchangeably in consideration of only the ease of preparation of the specification, and do not have meanings or roles that are distinguished from each other by themselves.

In the above, even if all the constituent elements constituting the embodiments of the present invention have been described as being combined into one or operating in combination, the present invention is not necessarily limited to these embodiments. That is, within the scope of the object of the present invention, all the constituent elements may be selectively combined and operated in one or more. In addition, although all of the components may be implemented as one independent hardware, a program module that performs some or all functions combined in one or more hardware by selectively combining some or all of the components. It may be implemented as a computer program having Codes and code segments constituting the computer program may be easily inferred by those skilled in the art of the present invention. Such a computer program is stored in a computer-readable storage medium, and is read and executed by a computer, thereby implementing an embodiment of the present invention. The storage medium of the computer program may include a magnetic recording medium, an optical recording medium, a carrier wave medium, and the like.

In the description of the embodiment, in the case of being described as being formed in "top (top) or bottom (bottom)", "before (front) or after (back)" of each component, "top (top) or bottom (Below)” and “before (front) or after (back)” include both components formed by direct contact with each other or one or more other components disposed between the two components.

In addition, the terms such as "include", "consist of" or "have" described above mean that the corresponding component may be included unless otherwise stated, excluding other components. It should not be construed as being able to further include other components. All terms, including technical or scientific terms, unless otherwise defined, have the same meaning as commonly understood by one of ordinary skill in the art to which the present invention belongs. Terms generally used, such as terms defined in the dictionary, should be interpreted as being consistent with the meaning in the context of the related technology, and are not interpreted as ideal or excessively formal meanings unless explicitly defined in the present invention.

In addition, in describing the constituent elements of the present invention, terms such as first, second, A, B, (a) and (b) may be used. These terms are for distinguishing the constituent element from other constituent elements, and the nature, order, or order of the constituent element is not limited by the term. When a component is described as being "connected", "coupled" or "connected" to another component, that component may be directly connected or connected to that other component, but another component between each component It will be understood that elements may be “connected”, “coupled” or “connected”.

In the following description of the present invention, when it is determined that the subject matter of the present invention may be unnecessarily obscured as matters apparent to those skilled in the art with respect to related known technologies, a detailed description thereof will be omitted.

1 is a diagram schematically illustrating a system for providing a personal information authentication service according to the present invention.

As shown in FIG. 1, the system for providing a personal information authentication service of the present invention may include a block chain server 300 that is communicated to the user terminal 100 and the communication service provider server 200 through a network.

Here, the user terminal 100 is a standing device such as a personal computer (PC), a network TV (network TV), a hybrid broadcast broadband TV (HBBTV), a smart TV, an Internet Protocol TV (IPTV), and the like. ), and a mobile device or handheld device such as a smart phone, a tablet PC, a notebook, and a personal digital assistant (PDA).

In addition, the network for communication connection between the user terminal 100 and the communication company server 200 and between the user terminal 100 and the blockchain server 300 includes both wired/wireless networks, and the user terminal 100 and Communication supporting various communication standards or protocols for pairing or/and data transmission/reception between the communication company server 200, between the user terminal 100 and the blockchain server 300, and between the block chain server 300 and external servers Collectively referred to as network.

These wired/wireless networks include all communication networks to be supported now or in the future according to the standard, and can support all of one or more communication protocols therefor.

Such wired/wireless networks include, for example, Universal Serial Bus (USB), Composite Video Banking Sync (CVBS), Component, S-Video (analog), Digital Visual Interface (DVI), High Definition Multimedia Interface (HDMI), Networks for wired connection such as RGB and D-SUB, communication standards or protocols therefor, Bluetooth, Radio Frequency Identification (RFID), infrared data association (IrDA), Ultra Wideband (UWB), Zigbee (ZigBee), DLNA (Digital Living Network Alliance), WLAN (Wireless LAN) (Wi-Fi), Wibro (Wireless broadband), Wimax (World Interoperability for Microwave Access), HSDPA (High Speed Downlink Packet Access), LTE/LTE -A (Long Term Evolution/LTE-Advanced), Wi-Fi direct (direct), such as a network for a wireless connection and a communication standard or protocol for the network.

The user terminal 100 generates a private key and a public key based on the artificial identifier upon receiving the artificial identifier from the communication company server 200, and includes authentication request data for personal information authentication in the public key, and the blockchain server 300 ).

Here, the user terminal 100 may install a personal information authentication app and request a personal information authentication service from the communication company server 200 through the personal information authentication app.

For example, when a user input for selecting a personal information authentication app is received, the user terminal 100 provides a personal information authentication service window on the display screen, and a user who selects the personal information authentication request button from the personal information authentication service window When an input is received, a personal information authentication service may be requested from the communication company server 200.

In addition, when generating a private key and a public key based on the artificial identifier, the user terminal 100 uses a PKI (Public Key Infrastructure) algorithm to include a private key and a public key corresponding to the artificial identifier. key) pair can be created.

Then, when the private key and the public key are generated based on the artificial identifier, the user terminal 100 stores and stores the private key in a security-enhanced (SE) of the personal information authentication app, and can include the public key in the transmission parameter. have.

In addition, when the private key and the public key are generated based on the artificial identifier, the user terminal 100 displays an input window for inputting authentication request data on the display screen, confirms whether the authentication request data has been entered, and requests authentication. When data is inputted, when a user input for selecting an authentication request data registration request button in the input window is received, the public key may include authentication request data for personal information authentication and transmit.

Here, when the user terminal 100 displays an input window for inputting authentication request data on the display screen, the user terminal 100 requests a list of necessary information from the stakeholder server requesting the authentication request data, and a list of necessary information from the stakeholder server When is received, an input window can be created and displayed based on the list of necessary information.

In addition, when the user terminal 100 includes authentication request data for personal information authentication in the public key and transmits it, the user terminal 100 may create a transaction by signing with a private key stored in a security-enhanced (SE) of the personal information authentication app. .

In some cases, the user terminal 100 transmits at least one of a channel name, a chain code name, a chain code version, and a function name of the blockchain network when transmitting including authentication request data for personal information authentication in the public key. It can be included in and transmitted to the blockchain server, but is not limited thereto.

In addition, the user terminal 100 may receive and display a notification of completion of registration of authentication request data through a pre-installed personal information authentication app.

Here, when the user terminal 100 receives and displays the authentication request data registration completion notification, the user terminal 100 may receive and display the authentication request data registration completion notification through the personal information authentication app according to the user request.

In some cases, when the user terminal 100 receives and displays the authentication request data registration completion notification, when the authentication request data registration is complete, the user terminal 100 automatically receives and displays the authentication request data registration completion notification through the personal information authentication app. You may.

In addition, the user terminal 100 may receive and display the usage history of registered authentication request data through a pre-installed personal information authentication app.

Here, when the user terminal 100 receives and displays the usage history of the authentication request data, the user terminal 100 may receive and display the usage history of the authentication request data through the personal information authentication app according to the user's request.

In some cases, when receiving and displaying the usage history of the authentication request data, the user terminal 100 may automatically receive and display the usage history of the authentication request data through the personal information authentication app when the authentication request data is used. have.

Meanwhile, the communication company server 200 may generate an artificial identifier of a user terminal requesting a personal information authentication service.

Here, when the communication company server 200 receives a request for inquiry of customer information for a personal information authentication service from the user terminal 100 through the personal information authentication app, it searches the customer information of the user terminal 100 through the database 210 And, from the customer information of the user terminal 100, it is checked whether the customer of the user terminal 100 is a registered customer, and if the customer of the user terminal 100 is a registered customer, an artificial identifier of the user terminal 100 may be generated. .

For example, when generating the artificial identifier of the user terminal 100, the communication company server 200 may generate the artificial identifier based on the contract number of the user terminal 100 and identification information of the user terminal 100.

For example, the identification information of the user terminal 100 may be an International Mobile Subscriber Identity (IMSI) composed of a combination of a mobile country code (MCC), a mobile network code (MNC), and a phone number, but is not limited thereto. .

In addition, the identification information of the user terminal 100 may consist of a total of 15 digits, but is not limited thereto.

Next, the blockchain server 300 is a peer node server 310, a blockchain SDK (Software Development Kit) server 320 that calls a chaincode, and an orderer/an orderer that creates a new block through the called chaincode. It may include a Kafka server 330.

The blockchain server 300 stores the authentication request data received from the user terminal 100 in the ledger of a communication company peer node 312 among a plurality of peer nodes 310 to include a transaction. Is created, the generated new block is verified to the rest of the stakeholder peer nodes, the authentication request data of the verified new block is shared and stored in the ledger of the stakeholder peer node, and the shared stored authentication request data is added from the stakeholder server. It is authenticated, and additional authenticated authentication request data can be shared and stored in the ledger of the stakeholder peer node.

Here, the blockchain server 300, when generating a new block, when receiving the public key and authentication request data from the user terminal 100, calls the chain code from the communication company peer node 312, and stores the called chain code. Through this, a new block including a transaction may be generated by storing the public key and authentication request data in the ledger of the communication company peer node 312.

At this time, when storing the public key and authentication request data, the blockchain server 300 may store the public key and authentication request data in the ledger of the communication company peer node 312 in a key-value method.

In addition, when creating a new block, the blockchain server 300 performs verification at the communication company peer node 312, including the authority check and parameter value check of the creator who created the transaction, and if there is no abnormality in the verification result, the new block Can be created.

In addition, when a new block is generated, the blockchain server 300 may chain-connect the generated new block to an existing block of a peer node of a communication company.

Subsequently, when the generated new block is verified by the other stakeholder peer nodes, the stakeholder peer node performs verification of the new block, and if there is no abnormality in the verification result, the ledger is updated. I can.

For example, the stakeholder peer node is the home shopping company peer node 314 corresponding to the home shopping company server 400, the disabled association peer node 316 corresponding to the disabled association server 500, and the community center server 600 In the case of including the corresponding community center peer node 318, the ledger of the communication service provider peer node 312 corresponding to the communication service provider server 200 is a home shopping company peer node 314, which is a stakeholder peer node, and the disabled association peer node 316 ), and the community center peer node 318 may perform verification for the new block, and if there is no abnormality in the verification result, the ledger may be updated and shared with each other.

Accordingly, the communication company peer node 312, the home shopping company peer node 314, the disabled association peer node 316, and the community center peer node 318 may share a ledger in which authentication request data verified with each other is stored. .

Next, the blockchain server 300, when additional authentication of the shared stored authentication request data is performed, when the stakeholder server performs additional authentication to confirm whether it is a registered customer based on the authentication request data stored in the ledger, the additional authentication value is included. Ledger can be updated.

Here, when updating the ledger, the blockchain server 300 may update all ledgers of other stakeholder peer nodes including the communication company peer node 312.

For example, when updating the ledger, the blockchain server 300 may update the ledger to include an additional authentication value by filling in a true value in the authentication field of the ledger.

In addition, when the authentication request data of the new block is shared and stored in the ledger, the interested party server inquires the ledger of the stakeholder peer node related to it, and retrieves the customer information of the authentication request data stored in the ledger and the customer information stored in its database. You can compare it to see if it is a registered customer.

Here, the interested party server may perform additional authentication when the customer information of the authentication request data is confirmed as customer information of the registered customer.

For example, when performing additional authentication, the stakeholder server may perform additional authentication of updating the ledger by filling in a true value in the authentication field of the ledger.

For example, when the disabled association server 500 is a stakeholder server, the disabled association server 500 queries the ledger of the disabled association peer node 316, and the customer information of the authentication request data stored in the ledger and its own By comparing customer information stored in the database 510, it is possible to check whether the customer is a registered disabled customer.

In addition, when the customer information of the authentication request data is confirmed as the customer information of the registered customer, the disabled association server 500 may perform additional authentication of updating the ledger by filling in a true value in the authentication field of the ledger.

In addition, when the community center server 600 is a stakeholder server, the community center server 600 queries the ledger of the community center peer node 318, and the customer information of the authentication request data stored in the ledger and its own database ( By comparing the customer information stored in 610), it is possible to check whether the customer is a registered local customer.

In addition, when the customer information of the authentication request data is confirmed as the registered customer's customer information, the community center server 600 may perform additional authentication of updating the ledger by filling in a true value in the authentication field of the ledger.

Next, when the home shopping company server 400 is an interested party server requiring personal information authentication, the home shopping company server 400 inquires the ledger of the home shopping company peer node 314, and the identification value registered in the communication company server 200 And the disabled association server 500 and the community center server 600 verify the true value of the authentication field authenticated, and use the authentication request data provided by the user terminal based on the true value of the authentication field. The service can also be provided to users who cannot make a voice call.

As described above, the present invention can provide user convenience that can replace personal information authentication by voice call by generating integrity personal information authentication data using a block chain technology.

Accordingly, the present invention solves the difficulties of the underprivileged (deaf people) who do not receive the service benefits provided by home shopping, and the home shopping company can provide an effect of attracting additional new customers.

In addition, since the present invention does not simply share authentication information, furthermore, it is possible to provide an effect that can be applied to a subject complaining of difficulties in business processing due to obstacles in finance, communication, administrative work, etc., rather than a simple home shopping company.

In addition, the present invention, In the current non-face-to-face authentication method (identity card scanning, biometric information authentication, etc.), it has the advantage of reinforcing parts that cannot be handled such as identity theft, and it has the advantage that it can be used permanently without renewal with one authentication.

FIG. 2 is a block diagram illustrating the user terminal of FIG. 1.

As shown in FIG. 2, the user terminal 100 includes a communication unit 110 that is communicatively connected to a communication company server and a blockchain server, a key generation unit 120 that generates a private key and a public key, and the generated private key and A storage unit 130 for storing a personal information authentication app, a display unit 140 for executing and displaying a personal information authentication app, and a communication unit 110, a key generation unit 120, a storage unit 130, and a display unit ( 140) may include a control unit 150 to control.

Here, the communication unit 110 may be communicatively connected to a communication company server and a blockchain server, and may transmit/receive digital data such as content by connecting to a network by wire or wirelessly.

For example, the communication unit 110 may include a wireless Internet module, a short-range communication module, and the like.

Here, the wireless Internet module refers to a module for wireless Internet access, and may be built-in or external to the user terminal 100.

The wireless Internet module is configured to transmit and receive wireless signals in a communication network according to wireless Internet technologies.

Examples of wireless Internet technologies include WLAN (Wireless LAN), Wi-Fi (Wireless-Fidelity), Wi-Fi (Wireless Fidelity) Direct, DLNA (Digital Living Network Alliance), WiBro (Wireless Broadband), WiMAX (World Interoperability for Microwave Access), HSDPA (High Speed Downlink Packet Access), HSUPA (High Speed Uplink Packet Access), LTE (Long Term Evolution), LTE-A (Long Term Evolution-Advanced), etc. Data is transmitted and received according to at least one wireless Internet technology within a range including Internet technologies not listed in.

From the point of view that wireless Internet access by WiBro, HSDPA, HSUPA, GSM, CDMA, WCDMA, LTE, LTE-A, etc. is made through a mobile communication network, a wireless Internet module that performs wireless Internet access through a mobile communication network is It can also be understood as a kind of module.

The short range communication module is for short range communication, and includes Bluetooth™, Radio Frequency Identification (RFID), Infrared Data Association (IrDA), Ultra Wideband (UWB), ZigBee, and NFC (Near NFC). Field Communication), Wi-Fi (Wireless-Fidelity), Wi-Fi Direct, and Wireless Universal Serial Bus (USB) technologies may be used to support short-range communication.

Further, the controller 150 controls the communication unit 110 to transmit a personal information authentication service request signal to the communication company server when a user input requesting the personal information authentication service is received, and when receiving the artificial identifier from the communication company server, the artificial identifier Controls the key generation unit 120 to generate a private key and a public key based on, and controls the storage unit 130 to store the private key, and when authentication request data for personal information authentication is input, the public key and authentication request It is possible to control the communication unit 110 to transmit data to the blockchain server.

And, the control unit 150, when transmitting the personal information authentication service request signal to the communication company server, the personal information authentication app is installed, and the communication unit 110 to transmit the personal information authentication service request signal to the communication company server through the personal information authentication app. ) Can be controlled.

Subsequently, when a user input for selecting a personal information authentication app is received, the control unit 150 controls the display unit 140 to display a personal information authentication service window, and selects a personal information authentication request button from the personal information authentication service window. When a user input is received, the communication unit 110 may be controlled to transmit a personal information authentication service request signal to the communication company server.

For example, when generating a private key and a public key based on the artificial identifier, the control unit 150 uses a PKI (Public Key Infrastructure) algorithm to include a private key and a public key corresponding to the artificial identifier. key) pair can be created.

In addition, when the private key and the public key are generated based on the artificial identifier, the control unit 150 may store and store the private key in a security-enhanced (SE) of the personal information authentication app, and include the public key in a transmission parameter. .

Next, when the private key and the public key are generated based on the artificial identifier, the control unit 150 controls the display unit 140 to display an input window for inputting authentication request data, and checks whether the authentication request data has been entered. When the authentication request data is inputted, when a user input for selecting the authentication request data registration request button in the input window is received, the authentication request data for personal information authentication may be included in the public key and transmitted through the communication unit 110.

Here, the control unit 150, when displaying an input window for inputting authentication request data, requests a list of necessary information from the stakeholder server requesting the authentication request data, and is required when the list of necessary information is received from the stakeholder server. The display unit 140 may be controlled to generate and display an input window based on the information list.

In addition, when transmitting the public key and the authentication request data, the control unit 150 may create a transaction by signing with a private key stored in a security-enhanced (SE) of the personal information authentication app.

Subsequently, when transmitting the public key and the authentication request data, the control unit 150 may include at least one of a channel name, chain code name, chain code version, and function name of the blockchain network as a transmission parameter and transmit it to the blockchain server. .

In addition, the control unit 150 may receive and display a notification of completion of registration of authentication request data through a pre-installed personal information authentication app.

Here, when receiving and displaying an authentication request data registration completion notification, the controller 150 may receive and display an authentication request data registration completion notification through a personal information authentication app according to a user request.

In some cases, when receiving and displaying an authentication request data registration completion notification, the controller 150 automatically receives and displays an authentication request data registration completion notification through the personal information authentication app when registration of the authentication request data is completed. May be.

In addition, the control unit 150 may receive and display the usage history of registration-completed authentication request data through a pre-installed personal information authentication app.

Here, when receiving and displaying the usage history of the authentication request data, the controller 150 may receive and display the usage history of the authentication request data through a personal information authentication app according to a user request.

In some cases, when receiving and displaying the usage history of the authentication request data, the controller 150 may automatically receive and display the usage history of the authentication request data through the personal information authentication app when the authentication request data is used. .

3 is a block diagram illustrating a communication service provider server of FIG. 1.

As shown in FIG. 3, the communication company server 200 includes a communication unit 210 that is communicatively connected to a user terminal and a blockchain server, an artificial identifier generation unit 220 that generates an artificial identifier of the user terminal, and a customer of the user terminal. A storage unit 230 for storing information, and a control unit 240 for controlling the communication unit 210, the artificial identifier generation unit 220, and the storage unit 230 may be included.

Here, the communication unit 210 may be communicatively connected to a user terminal and a blockchain server, and may transmit/receive digital data such as content by connecting to a network by wire or wirelessly.

For example, the communication unit 210 may include a wireless Internet module, a short-range communication module, and the like.

Here, the wireless Internet module refers to a module for wireless Internet access, and may be built into or external to the communication company server 200.

The wireless Internet module is configured to transmit and receive wireless signals in a communication network according to wireless Internet technologies.

Examples of wireless Internet technologies include WLAN (Wireless LAN), Wi-Fi (Wireless-Fidelity), Wi-Fi (Wireless Fidelity) Direct, DLNA (Digital Living Network Alliance), WiBro (Wireless Broadband), WiMAX (World Interoperability for Microwave Access), HSDPA (High Speed Downlink Packet Access), HSUPA (High Speed Uplink Packet Access), LTE (Long Term Evolution), LTE-A (Long Term Evolution-Advanced), etc. Data is transmitted and received according to at least one wireless Internet technology within a range including Internet technologies not listed in.

From the point of view that wireless Internet access by WiBro, HSDPA, HSUPA, GSM, CDMA, WCDMA, LTE, LTE-A, etc. is made through a mobile communication network, a wireless Internet module that performs wireless Internet access through a mobile communication network is It can also be understood as a kind of module.

The short range communication module is for short range communication, and includes Bluetooth™, Radio Frequency Identification (RFID), Infrared Data Association (IrDA), Ultra Wideband (UWB), ZigBee, and NFC (Near NFC). Field Communication), Wi-Fi (Wireless-Fidelity), Wi-Fi Direct, and Wireless Universal Serial Bus (USB) technologies may be used to support short-range communication.

And, the control unit 240, when a personal information authentication service request signal is received from the user terminal, inquires the customer information of the user terminal in the storage unit 230, and whether the customer of the user terminal is a subscribed customer based on the customer information of the user terminal. And, if the customer of the user terminal is a subscribed customer, the artificial identifier generator 220 is controlled to generate the artificial identifier of the user terminal, and when the artificial identifier of the user terminal is generated, the communication unit 210 is controlled to transmit it to the user terminal. can do.

Here, when generating the artificial identifier of the user terminal, the controller 240 may control the artificial identifier generator 220 to generate the artificial identifier based on the contract number of the user terminal and the identification information of the user terminal.

For example, the identification information of the user terminal may be an International Mobile Subscriber Identity (IMSI) comprising a combination of a Mobile Country Code (MCC), a Mobile Network Code (MNC), and a phone number.

In addition, the identification information of the user terminal may consist of a total of 15 digits, but is not limited thereto.

Subsequently, the controller 240 may verify the authentication request data when the authentication request data of the user terminal is stored in the ledger of the communication company peer node from the blockchain server, and update the ledger if there is no abnormality in the verification result.

4 is a block diagram illustrating the block chain server of FIG. 1.

As shown in FIG. 4, the blockchain server 300 receives a public key and authentication request data from a peer node server 310 including a plurality of peer nodes 312, 314, 316, and a user terminal. Blockchain SDK (Software Development Kit) server 320 that calls the chaincode from the peer node of the carrier among multiple peer nodes, and requests public key and authentication to the ledger of the peer node of the carrier through the called chaincode It may include an orderer/Kafka server 330 that stores data and creates a new block including a transaction.

Here, the peer node server 310 receives verification of the generated new block by a stakeholder peer node among a plurality of peer nodes 312, 314, and 316, and receives the authentication request data of the verified new block as a stakeholder peer node. It is shared and stored in the ledger of the Stakeholder, and the shared-stored authentication request data is additionally authenticated by the stakeholder server, and the additional authenticated authentication request data can be shared and stored in the ledger of the stakeholder peer node.

Subsequently, when storing the public key and authentication request data, the orderer/kafka server 330 may store the public key and authentication request data in the ledger of the peer node of the communication company in a key-value manner.

In addition, the orderer/Kafka server 330 may generate a new block if the communication company peer node performs verification including the authority check and parameter value check of the creator who created the transaction, and if there is no abnormality in the verification result.

Here, when a new block is generated, the communication company peer node may chain-connect the generated new block to the existing block of the communication company peer node.

Next, when the generated new block is verified by the stakeholder peer node, the peer node server 310 performs verification on the new block at the stakeholder peer node, and if there is no abnormality in the verification result, the ledger can be updated. connect.

In addition, when the peer node server 310 is additionally authenticated with the authentication request data stored in the ledger, the peer node server 310 includes the additional authentication value when performing additional authentication to confirm whether the stakeholder server is a registered customer based on the authentication request data stored in the ledger Ledger can be updated.

Here, when updating the ledger, the peer node server 310 may update all ledgers of other stakeholder peer nodes including the communication provider peer node.

In addition, when updating the ledger, the peer node server 310 may update the ledger to include an additional authentication value by filling in the authentication field of the ledger with a true value.

5 is a flowchart illustrating a method of providing a personal information authentication service in a system for providing a personal information authentication service according to the present invention.

As shown in FIG. 5, the user terminal 100 may request a personal information authentication service from the communication company server 200 (S10).

Here, the user terminal 100 may install a personal information authentication app and request a personal information authentication service from the communication company server 200 through the personal information authentication app.

When a user input for selecting a personal information authentication app is received, the user terminal 100 provides a personal information authentication service window on the display screen, and when a user input for selecting a personal information authentication request button is received from the personal information authentication service window. Personal information authentication service may be requested from the communication company server 200.

For example, the user terminal 100 may request a communication company customer inquiry from the communication company server 200 through a service application that replaces the happy call service provided by a home shopping company.

Next, the communication company server 200 may generate an artificial identifier of the user terminal 100 in response to the personal information authentication service (S20) and transmit the generated artificial identifier to the user terminal 100 (S30).

Here, the communication company server 200, when receiving a request to query customer information for a personal information authentication service from the user terminal 100 through the personal information authentication app, inquires the customer information of the user terminal 100, and retrieves the customer information of the user terminal 100. ) From the customer information of the user terminal 100, it is checked whether the customer of the user terminal 100 is a registered customer, and if the customer of the user terminal 100 is a registered customer, an artificial identifier of the user terminal 100 may be generated.

For example, the communication company server 200 may generate an artificial identifier based on the contract number of the user terminal and identification information of the user terminal.

In this case, the identification information of the user terminal may be an International Mobile Subscriber Identity (IMSI) composed of a combination of a Mobile Country Code (MCC), a Mobile Network Code (MNC), and a phone number, but is not limited thereto.

In addition, the identification information of the user terminal may consist of a total of 15 digits, but is not limited thereto.

For example, the communication service company server 200 checks whether the customer of the user terminal 100 is a registered customer of the company by inquiring the customer information database of the company, and if the customer is a registered customer, the contract number of the user terminal 100 and the current A new artificial identifier may be generated by using the International Mobile Subscriber Identity (IMSI) of the user terminal 100 being opened and returned to the user terminal 100.

At this time, the IMSI is composed of a total of 15 digits, and may be composed of a combination of a mobile country code (MCC), a mobile network code (MNC), and a phone number.

Then, the user terminal 100 receives the artificial identifier from the communication company server 200, generates a private key and a public key based on the artificial identifier, and then blocks the authentication request data for personal information authentication in the public key. It can be transmitted to the chain server 300 (S40).

Here, the user terminal 100 may generate a two-key pair including a private key and a public key corresponding to the artificial identifier by using a Public Key Infrastructure (PKI) algorithm.

In addition, when the private key and the public key are generated based on the artificial identifier, the user terminal 100 stores and stores the private key in a security-enhanced (SE) of the personal information authentication app, and can include the public key in the transmission parameter. have.

In addition, when the private key and the public key are generated based on the artificial identifier, the user terminal 100 displays an input window for inputting authentication request data on the display screen, confirms whether the authentication request data has been entered, and requests authentication. When data is inputted, when a user input for selecting an authentication request data registration request button in the input window is received, the public key may include authentication request data for personal information authentication and transmit.

Here, the user terminal 100 may request a list of necessary information from a stakeholder server requesting authentication request data, and when a list of necessary information is received from the stakeholder server, the user terminal 100 may create and display an input window based on the list of necessary information .

In addition, the user terminal 100 may generate a transaction by signing with a private key stored in a security-enhanced (SE) of the personal information authentication app.

In some cases, the user terminal 100 may include at least one of a channel name, a chain code name, a chain code version, and a function name of the block chain network as a transmission parameter and transmit it to the block chain server 300.

For example, the user terminal 100 includes a private key and a public key using a PKI (Public Key Infrastructure) algorithm in the application of the user terminal 100 that has received the artificial identifier returned. A two-key pair is generated, the private key is stored in the SE (Security-Enhanced) of the user terminal 100, and the public key can be stored in a parameter to be transmitted to the private cloud blockchain server 300. have.

The app of the user terminal 100 receives the values requested by the home shopping company when authenticating personal information using voice calls into the user interface (UI) of the application, and the channel name and chain of the blockchain network together with the public key filled in the previous step. After including the code name, chain code version, function name, etc. in parameters, it can be transmitted to the private cloud blockchain server 300.

In this case, a transaction in which an app of the user terminal 100 occurs may be signed with a private key stored in a security-enhanced (SE) of the app of the user terminal 100.

Next, the blockchain server 300 may generate a new block including a transaction by storing the authentication request data received from the user terminal in the ledger of a communication company peer node among a plurality of peer nodes (S50). ).

Here, the blockchain server 300, upon receiving the public key and authentication request data from the user terminal 100, calls the chain code from the peer node of the communication company, and the public key and the public key in the ledger of the peer node of the communication company through the called chain code. It stores the authentication request data and can create a new block containing a transaction.

In addition, the blockchain server 300 may store the public key and authentication request data in the ledger of the communication company peer node in a key-value method.

In addition, the blockchain server 300 may perform verification, including a permission check and a parameter value check of the creator who created the transaction, at the communication company peer node, and if there is no abnormality in the verification result, a new block may be generated.

Subsequently, when a new block is generated, the blockchain server 300 may chain-connect the generated new block to an existing block of a peer node of a communication company.

For example, at the gateway of the private cloud blockchain server 300, the authentication request data can be transmitted to the blockchain SDK server, and the received blockchain SDK can call the chaincode running in the communication company peer node.

In addition, through the chaincode, the ledger can store the authentication request data value, the transaction is included in the block according to the transaction policy of the block chain, and the newly created block can be connected to the existing ledger.

At this time, the authority check of the creator who created the transaction and the parameter value check, etc., are first performed by the communication company peer node, and if there is no abnormality, the orderer/Kafka server may request block generation.

Next, the blockchain server 300 may receive verification of the generated new block by the other stakeholder peer nodes, and share and store the authentication request data of the verified new block in the ledger of the stakeholder peer node (S60, S70, S80).

Here, the blockchain server 300 may perform verification of the new block at the stakeholder peer node, and update the ledger if there is no abnormality in the verification result.

For example, if a block is generated without abnormality, it can be verified by a peer node of a home shopping company, a peer node of a disabled association, and a peer node of a local community center and updated in the ledger.

As a result, the authentication request data values that can replace the public key of the user terminal 100 app and the result of Happy Call may be stored in the ledger in the form of a key-value and shared and stored in the peer nodes of the three interested parties. .

The stored authentication request data value cannot be forged or altered arbitrarily, and if you want to change the status value, you must agree with all the stakeholders sharing the ledger, and since it is not randomly generated data, the integrity of the data is Can be guaranteed.

Next, the blockchain server may additionally receive authentication request data shared and stored from the stakeholder server, and share and store the additional authenticated authentication request data in the ledger of the stakeholder peer node.

For example, if the disabled association server 500 is a stakeholder server, the disabled association server 500 queries the ledger of the disabled association peer node, and the customer information of the authentication request data stored in the ledger and stored in its database By comparing the customer information, it is possible to check whether the customer is a registered disabled customer (S90).

And, when the customer information of the authentication request data is confirmed as the customer information of the registered customer, the disabled association server 500 may perform additional authentication of updating the ledger by filling in a true value in the authentication field of the ledger ( S100).

That is, in the disabled association server 500, if it is confirmed that the disabled person is a registered disabled person after querying the ledger in the company’s disabled association peer node and comparing it with the company’s disabled person information database, the authentication field is True ) Fill in the value and update it back to the ledger.

In this case, it may contain additionally necessary contents requested by the home shopping company.

In addition, when the community center server 600 is a stakeholder server, the community center server 600 queries the ledger of the community center peer node, and the customer information of the authentication request data stored in the ledger and the customer information stored in its database It is possible to check whether it is a registered local customer by comparing (S110).

Then, when the customer information of the authentication request data is confirmed as the registered customer's customer information, the community center server 600 may perform additional authentication of updating the ledger by filling in a true value in the authentication field of the ledger ( S120).

In other words, the community center server 600 checks the contents of the ledger through its local community center peer node, and then, in the same manner as the disabled person association server 500, the registered user of the company is true. ) You can update the ledger by filling in the values.

In this case, it may contain additionally necessary contents requested by the home shopping company.

Next, when the home shopping company server 400 is a stakeholder server requiring personal information authentication, the home shopping company server 400 inquires the ledger of the home shopping company peer node (S130), and an identification value registered in the communication company server 200 And the disabled association server 500 and the community center server 600 verify the true value of the authentication field authenticated (S140), and authentication request data provided by the user terminal based on the true value of the authentication field The service can be provided to users who are unable to make a voice call by using.

That is, for the happy call requested by the home shopping company server 400, the user requests an authentication service from the communication company to which the user subscribes through the application of the user terminal 100 through the present invention, and the association with the disabled user 100 belongs. , After passing through the certification of the community center, the home shopping company can finally provide the service based on the certification by the telecommunications company, the disabled association, and the local community center.

In addition, the home shopping company server 400 retrieves the ledger through its peer node, and the identification value registered in the communication company server 200 and the field authenticated by the disabled association server 500 and the local community center server 600 You can check the (True) value and request additional required authentication contents in the same way.

Since the user is officially registered with the association and the local community center as well as certifying his/her identity at the telecommunications service provider, the user can update related materials on the ledger and share the same ledger.

Here, the distributed ledger of the present invention can check data integrity through the following grounds.

First, when updating the value of the ledger, it is possible to obtain and proceed with the consensus of those who participated in the network.

Second, all transactions occurring in the network are put into blocks through hash calculation, and each block is also hashed and put into blocks.

At this time, since the block generated at N+1 contains the hash value of the Nth block, the N+1th block refers to the Nth block as in the form of a chain.

Third, if you want to change the value of any one block randomly, you need to change all the information of the block that has been created and connected in the form of a chain. As it is impossible.

Fourth, chaincode (smart contract), an application that manipulates the ledger, is also distributed and installed through the agreement of the parties participating in the network in the form of a single transaction, thereby ensuring integrity based on the above principle.

As described above, the home shopping company can check the data integrity of the ledger on the basis of the above four reasons, and it can be applied to the service by using this.

In addition, the home shopping company may request additional authentication values without limitation, if additional authentication values are required.

6 to 9 are diagrams for explaining a process of registering authentication request data for personal information authentication by the user terminal of FIG. 1.

As shown in FIG. 6, the user terminal 100 may receive a user input for selecting a personal information authentication app icon 180 from among a plurality of icons displayed on the display screen 102.

Next, as shown in FIG. 7, when a user input for selecting a personal information authentication app icon is received, the user terminal 100 may display a personal information authentication service window 190.

In addition, the user terminal 100 is a user who selects the personal information authentication request button 192 for home shopping requested by the home shopping company as a replacement for Happy Call from among a plurality of personal information authentication request buttons from the personal information authentication service window 190 When an input is received, a signal for requesting a personal information authentication service may be transmitted to a server of a communication service provider.

Subsequently, the user terminal 100 may receive an artificial identifier of the user terminal from the server of the communication service provider to authenticate the customer of the service provider.

Next, as shown in FIG. 8, the user terminal 100 may generate a private key and a public key based on the artificial identifier, and display an input window 170 for inputting authentication request data.

Here, the input window 170 may include authentication required information input items required by a home shopping company.

As an example, the authentication required information input item may include a name input item 172, a resident registration number input item 174, an address input item 176, an account number input item 177, etc., but is not limited thereto. .

In addition, the user terminal 100 checks whether the authentication request data has been entered for the authentication required information input items required by the home shopping company, the authentication request data is completed, and the authentication request data of the input window 170 When a user input for selecting the registration request button 178 is received, authentication request data for personal information authentication may be included in the public key and transmitted.

Next, when the user terminal 100 transmits the public key and authentication request data to the blockchain server, the registration is completed after going through the blockchainization process through the blockchain server, and then the authentication request data registration completion notification from the blockchain server 185 may be received and displayed.

Here, when the user terminal 100 receives and displays the authentication request data registration completion notification, the user terminal 100 may receive and display the authentication request data registration completion notification 185 through the personal information authentication app according to the user request.

In some cases, when the user terminal 100 receives and displays the authentication request data registration completion notification, when registration of the authentication request data is completed, the authentication request data registration completion notification 185 is automatically sent through the personal information authentication app. It can also be received and displayed.

In addition, the user terminal 100 may receive and display a usage history of registration-completed authentication request data through a personal information authentication app.

Here, when the user terminal 100 receives and displays the usage history of the authentication request data, the user terminal 100 may receive and display the usage history of the authentication request data through the personal information authentication app according to the user's request.

In some cases, when receiving and displaying the usage history of the authentication request data, the user terminal 100 may automatically receive and display the usage history of the authentication request data through the personal information authentication app when the authentication request data is used. have.

10 is a flowchart illustrating a method of providing a personal information authentication service of a user terminal according to the present invention.

As shown in FIG. 10, the user terminal may check whether a user input requesting a personal information authentication service is received (S110).

In addition, when a user input requesting a personal information authentication service is received, the user terminal may transmit a personal information authentication service request signal to the communication company server (S120).

Here, the user terminal may transmit a personal information authentication service request signal to the communication company server through the personal information authentication app.

Subsequently, the user terminal may check whether the artificial identifier is received from the communication company server (S130).

Next, upon receiving the artificial identifier, the user terminal may generate a private key and a public key based on the artificial identifier (S140).

Here, the user terminal may generate a two-key pair including a private key and a public key corresponding to the artificial identifier by using a Public Key Infrastructure (PKI) algorithm.

In addition, when a private key and a public key are generated based on the artificial identifier, the user terminal may store and store the private key in a security-enhanced (SE) of the personal information authentication app, and include the public key in a transmission parameter.

Then, the user terminal may store the private key and check whether authentication request data for personal information authentication is input (S150).

Subsequently, when the authentication request data for personal information authentication is input, the user terminal may transmit the public key and the authentication request data to the blockchain server (S160).

Here, when the user terminal transmits the public key and authentication request data, the user terminal may create a transaction by signing with a private key stored in a security-enhanced (SE) of the personal information authentication app.

In addition, when transmitting the public key and authentication request data, the user terminal may include at least one of a channel name, a chain code name, a chain code version, and a function name of the blockchain network as a transmission parameter and transmit it to the blockchain server.

11 is a flowchart illustrating a method of providing a personal information authentication service by a communication company server according to the present invention.

As shown in FIG. 11, the communication company server may receive a personal information authentication service request signal from a user terminal (S210).

In addition, the communication company server may query customer information of the user terminal when a personal information authentication service request signal is received from the user terminal (S220).

Subsequently, the communication company server may check whether the customer of the user terminal is a subscriber based on the customer information of the user terminal (S230).

Next, the communication company server may generate an artificial identifier of the user terminal if the customer of the user terminal is a subscriber (S240).

Here, the communication company server may generate an artificial identifier based on the contract number of the user terminal and the identification information of the user terminal.

For example, the identification information of the user terminal may be an International Mobile Subscriber Identity (IMSI) comprising a combination of a Mobile Country Code (MCC), a Mobile Network Code (MNC), and a phone number.

In addition, the identification information of the user terminal may consist of a total of 15 digits, but is not limited thereto.

Then, the communication company server may transmit the artificial identifier of the user terminal to the user terminal when the artificial identifier of the user terminal is generated (S250).

12 is a flowchart illustrating a method of providing a personal information authentication service by a blockchain server according to the present invention.

As shown in FIG. 12, the blockchain server may receive a public key and authentication request data from a user terminal (S310).

And, the blockchain server, upon receiving the public key and authentication request data from the user terminal, may call the chain code from the peer node of the communication company among the plurality of peer nodes (S320).

Subsequently, the blockchain server may store the public key and authentication request data in the ledger of the peer node of the communication company through the called chain code and generate a new block including a transaction (S330).

Here, when storing the public key and authentication request data, the blockchain server may store the public key and authentication request data in the ledger of the peer node of the communication company in a key-value method.

In addition, the blockchain server can generate a new block if the communication company peer node performs verification including the authority check and parameter value check of the creator who created the transaction, and if there is no abnormality in the verification result.

Next, the blockchain server may be verified by the stakeholder peer node among the plurality of peer nodes (S340).

Here, the blockchain server can verify the new block at the stakeholder peer node and update the ledger if there is no abnormality in the verification result.

Then, the blockchain server may check whether there is no abnormality in the authentication request data of the generated new block as a result of the verification (S350).

Subsequently, if there is no abnormality, the blockchain server may share and store the authentication request data of the verified new block in the ledger of the stakeholder peer node (S360).

Next, the blockchain server may additionally authenticate the shared and stored authentication request data by the stakeholder server (S370).

Here, the blockchain server may update the ledger to include the additional authentication value when the stakeholder server performs additional authentication to confirm whether the customer is a registered customer based on the authentication request data stored in the ledger.

In addition, when updating the ledger, the blockchain server may update all ledgers of other stakeholder peer nodes including the carrier peer node.

In addition, when updating the ledger, the blockchain server may update the ledger to include additional authentication values by filling in a true value in the authentication field of the ledger.

In addition, the blockchain server can check whether there is no abnormality in the additional authentication result and authentication request data (S380).

Subsequently, if there is no abnormality, the blockchain server may share and store additionally authenticated authentication request data in the ledger of the stakeholder peer node (S390).

As described above, in the present invention, the application installed in the user terminal is an intermediary system that enables interworking with a communication company.

In addition, the application makes it possible to inquire whether the first user is a user registered in the communication company customer information database, that is, a communication company customer.

In addition, the application of the user terminal can store the private key in its SE unit for the key pair received from the communication company, and transmit the public key to the blockchain ledger.

In addition, the application of the user terminal calls the blockchain SDK server existing in the private cloud blockchain server.

The blockchain SDK server receives the public key received from the user's application and the information requested by the home shopping company for personal identification and information verification as parameters and transmits it to the chaincode installed in each peer node.

Subsequently, the telecommunication company server generates and returns a PKI-based key pair that can use the service of the present invention in the case of its own customer after making a customer inquiry through the user's personal information. In this case, the identification value is the contract number and A combination of IMSI can be used.

And, the contents of the ledger are all shared with the communication company peer node, the home shopping company peer node, the disabled association peer node, and the local community center peer node, and the data shared in the ledger is signed with the creator's private key, and each peer node Integrity data that cannot be forged or altered is because the transaction verified in is contained in the block and the hash value of the block itself is linked.

Subsequently, each peer node may add additional information required for personal identification and information verification by the home shopping company, and the value may also be updated through the consensus of the connected peer node.

Next, the home shopping company server can check the user's personal information and information proof verified by the telecommunications company, the disabled association, and the local community center by checking its own ledger, and can provide services.

Accordingly, the present invention can provide user convenience that can replace personal information authentication by voice call by generating integrity personal information authentication data using a block chain technology.

In addition, the present invention can eliminate fundamental problem elements that cannot be solved at present by using a blockchain, which is a strong trust platform that can prove the identity of the person.

In addition, according to the present invention, not only personal information authentication but also information added as needed can be shared and used by interested organizations.

In addition, the present invention, Paperwork and metabolism can be simplified through trust applications (smart contracts) running on the blockchain.

In addition, the present invention, The interface standard of each linkage period can be simplified by using a blockchain platform.

In addition, the present invention, Since all transactions that occur in all tasks can be used, it can be used as a basis for inspections and disputes.

Accordingly, the present invention solves the difficulties of the underprivileged (deaf people) who do not receive the service benefits provided by home shopping, and the home shopping company can provide an effect of attracting additional new customers.

In addition, since the present invention does not simply share authentication information, it is possible to provide an effect that can be applied to objects that complain of difficulties in business processing due to obstacles in finance, communication, administrative work, etc., rather than a simple home shopping company.

In addition, the present invention, In the current non-face-to-face authentication method (identity card scanning, biometric information authentication, etc.), it has the advantage of reinforcing parts that cannot be handled such as identity theft, and it has the advantage that it can be used permanently without renewal with one authentication.

Meanwhile, the present invention may further provide a computer-readable program for executing any one of the personal information authentication service providing methods and a recording medium in which the program is recorded.

Various embodiments described herein may be implemented in a recording medium that can be read by a computer or a similar device using, for example, software, hardware, or a combination thereof.

According to hardware implementation, the embodiments described herein include application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable gate arrays (FPGAs), It may be implemented using at least one of processors, controllers, micro-controllers, microprocessors, and electrical units for performing functions. It may be implemented by the control unit 140.

According to a software implementation, embodiments such as procedures or functions may be implemented together with separate software modules that perform at least one function or operation. The software code can be implemented by a software application written in an appropriate programming language. In addition, the software code may be stored in a memory and loaded and executed by the control unit 140.

In the above-described embodiment, the information exposure prevention image providing apparatus includes one or more application-specific integrated circuits (ASIC), digital signal processors (DSP), digital signal processing devices (DSPD), programmable logic devices (PLD), and field programs. Possible gate arrays (FPGAs), controllers, microcontrollers, microprocessors or other electronic components.

The method according to the above-described embodiment may be produced as a program for execution in a computer and stored in a computer-readable recording medium. Examples of computer-readable recording media include ROM, RAM, CD-ROM, and magnetic tape. , Floppy disks, optical data storage devices, etc. are also included.

The computer-readable recording medium is distributed over a computer system connected through a network, so that computer-readable codes can be stored and executed in a distributed manner. In addition, functional programs, codes, and code segments for implementing the above-described method can be easily inferred by programmers in the technical field to which the embodiment belongs.

It is apparent to those skilled in the art that the present invention can be embodied in other specific forms without departing from the spirit and essential features of the present invention.

Therefore, the detailed description above should not be construed as restrictive in all respects and should be considered as illustrative. The scope of the present invention should be determined by reasonable interpretation of the appended claims, and all changes within the equivalent scope of the present invention are included in the scope of the present invention.

100: user terminal
200: carrier server
300: Blockchain server
400: home shopping company server
500: Disabled Persons Association server
600: Community center server

Claims (49)

A communication company server that generates an artificial identifier of a user terminal requesting a personal information authentication service;
A user terminal that generates a private key and a public key based on the artificial identifier upon receiving the artificial identifier from the communication company server, and transmits the public key including authentication request data for personal information authentication; And,
The authentication request data received from the user terminal is stored in the ledger of a peer node of a communication company among a plurality of peer nodes to create a new block containing a transaction, and the generated new block is stored in the remaining peer nodes of other interested parties. And the authentication request data of the verified new block is shared and stored in the ledger of the stakeholder peer node, and the shared stored authentication request data is additionally authenticated from the stakeholder server, and the additional authenticated authentication request data Personal information authentication service providing system, characterized in that it comprises a blockchain server that is shared and stored in the ledger of the stakeholder peer node. The method of claim 1, wherein the user terminal,
A personal information authentication service providing system, characterized in that a personal information authentication app is installed, and the personal information authentication service is requested to the communication company server through the personal information authentication app. The method of claim 1, wherein the user terminal,
When generating a private key and a public key based on the artificial identifier, generating a two key pair including a private key and a public key corresponding to the artificial identifier using a Public Key Infrastructure (PKI) algorithm. Personal information authentication service providing system characterized by. The method of claim 1, wherein the user terminal,
Personal information authentication, characterized in that when a private key and a public key are generated based on the artificial identifier, the private key is stored and stored in a security-enhanced (SE) of a personal information authentication app, and the public key is included in a transmission parameter. Service delivery system. The method of claim 1, wherein the user terminal,
Personal information authentication service providing system, characterized in that when transmitting the public key including authentication request data for personal information authentication, a transaction is created by signing with a private key stored in a security-enhanced (SE) of a personal information authentication app. . The method of claim 1, wherein the user terminal,
When transmitting the public key including authentication request data for personal information authentication, at least one of the channel name, chain code name, chain code version, and function name of the blockchain network is included in the transmission parameter and transmitted to the blockchain server. Personal information authentication service providing system, characterized in that. The method of claim 1, wherein the communication company server,
When receiving a request for inquiry of customer information for personal information authentication service from the user terminal through the personal information authentication app, the customer information of the user terminal is inquired, and whether the customer of the user terminal is a registered customer from the customer information of the user terminal And generating an artificial identifier of the user terminal if the customer of the user terminal is a subscribed customer. The method of claim 1, wherein the communication company server,
When generating the artificial identifier of the user terminal, a personal information authentication service providing system, characterized in that generating an artificial identifier based on the contract number of the user terminal and identification information of the user terminal. The method of claim 1, wherein the blockchain server,
When generating the new block, upon receiving the public key and authentication request data from the user terminal, the chain code is called from the communication company peer node, and the public key and the public key on the ledger of the communication company peer node through the called chain code. A personal information authentication service providing system, characterized in that for storing authentication request data and generating a new block including the transaction. The method of claim 1, wherein the blockchain server,
When the generated new block is verified by the other stakeholder peer nodes, verification of the new block is performed by the stakeholder peer node, and if there is no abnormality in the verification result, the ledger is updated. Information authentication service provision system. The method of claim 1, wherein the blockchain server,
When the shared-stored authentication request data is additionally authenticated, updating the ledger to include an additional authentication value when the interested party server performs additional authentication to determine whether the customer is a registered customer based on the authentication request data stored in the ledger. Personal information authentication service providing system characterized by. The method of claim 11, wherein the interested party server,
When the authentication request data of the new block is shared and stored in the ledger, the ledger of the stakeholder peer node related to it is inquired, and the customer information stored in the authentication request data stored in the ledger is compared with the customer information stored in his database to be registered Personal information authentication service providing system, characterized in that to check the recognition. The method of claim 12, wherein the interested party server,
Personal information authentication service providing system, characterized in that performing additional authentication when the customer information of the authentication request data is confirmed as the customer information of the registered customer. In the personal information authentication service providing method of a personal information authentication service providing system including a communication company server and a block chain server that is communicatively connected to a user terminal,
Requesting, by the user terminal, a personal information authentication service from the communication company server;
Generating, by the communication company server, an artificial identifier of the user terminal in response to the personal information authentication service and transmitting it to the user terminal;
Receiving, by the user terminal, the artificial identifier from the communication company server;
Generating, by the user terminal, a private key and a public key based on the artificial identifier, including authentication request data for personal information authentication in the public key, and transmitting it to the blockchain server;
Generating, by the blockchain server, a new block including a transaction by storing the authentication request data received from the user terminal in a ledger of a peer node of a communication company among a plurality of peer nodes;
Receiving, by the blockchain server, verifying the generated new block by other stakeholder peer nodes, and sharing and storing the authentication request data of the verified new block in the ledger of the stakeholder peer node; And,
Personal information comprising the step of receiving, by the blockchain server, additional authentication of the shared-stored authentication request data from a stakeholder server, and sharing and storing the additional authenticated authentication request data in a ledger of the stakeholder peer node. How to provide authentication services. The method of claim 14, wherein the requesting the personal information authentication service to the communication company server comprises:
A personal information authentication service providing method, characterized in that a personal information authentication app is installed, and the personal information authentication service is requested to the communication company server through the personal information authentication app. The method of claim 14, wherein generating the artificial identifier of the user terminal comprises:
When receiving a request for inquiry of customer information for personal information authentication service from the user terminal through the personal information authentication app, the customer information of the user terminal is inquired, and whether the customer of the user terminal is a registered customer from the customer information of the user terminal And generating an artificial identifier of the user terminal if the customer of the user terminal is a subscribed customer. The method of claim 16, wherein generating the artificial identifier of the user terminal comprises:
And generating an artificial identifier based on the contract number of the user terminal and the identification information of the user terminal. The method of claim 14, wherein generating a private key and a public key based on the artificial identifier comprises:
A method for providing a personal information authentication service, comprising generating a two-key pair including a private key and a public key corresponding to the artificial identifier by using a Public Key Infrastructure (PKI) algorithm. The method of claim 14, wherein transmitting the authentication request data for personal information authentication to the public key to the blockchain server,
Personal information authentication, characterized in that when a private key and a public key are generated based on the artificial identifier, the private key is stored and stored in a security-enhanced (SE) of a personal information authentication app, and the public key is included in a transmission parameter. How to provide the service. The method of claim 14, wherein the step of including authentication request data for personal information authentication in the public key and transmitting it to the blockchain server,
Personal information authentication service providing method, characterized in that generating a transaction by signing with a private key stored in the SE (Security-Enhanced) of the personal information authentication app. The method of claim 14, wherein the step of including authentication request data for personal information authentication in the public key and transmitting it to the blockchain server,
A method of providing a personal information authentication service, comprising transmitting at least one of a channel name, a chain code name, a chain code version, and a function name of a block chain network to the block chain server in a transmission parameter. The method of claim 14, wherein generating the new block comprises:
Upon receiving the public key and authentication request data from the user terminal, the chain code is called from the communication company peer node, and the public key and authentication request data are stored in the ledger of the communication company peer node through the called chain code, and the transaction Personal information authentication service providing method, characterized in that generating a new block comprising a. The method of claim 14, wherein the step of verifying the generated new block by other stakeholder peer nodes,
The method of providing a personal information authentication service, comprising: performing verification on the new block at the stakeholder peer node, and updating the ledger if there is no abnormality in the verification result. The method of claim 14, wherein the step of receiving additional authentication of the shared and stored authentication request data,
And updating the ledger to include an additional authentication value when the interested party server performs additional authentication to check whether the customer is a registered customer based on the authentication request data stored in the ledger. In the user terminal,
A communication unit that is communicatively connected to a communication company server and a blockchain server;
A key generator for generating a private key and a public key;
A storage unit for storing the generated private key and personal information authentication app;
A display unit that executes and displays the personal information authentication app; And,
And a control unit for controlling the communication unit, a key generation unit, a storage unit, and a display unit,
The control unit,
When a user input for requesting personal information authentication service is received, the communication unit controls the communication unit to transmit the personal information authentication service request signal to the communication company server, and upon receiving the artificial identifier from the communication company server, the private key and the public key based on the artificial identifier Controls the key generation unit to generate a key, controls the storage unit to store the private key, and transmits the public key and authentication request data to the blockchain server when authentication request data for personal information authentication is input. User terminal, characterized in that to control the communication unit. The method of claim 25, wherein the control unit,
When transmitting the personal information authentication service request signal to the communication company server, a personal information authentication app is installed, and controlling the communication unit to transmit the personal information authentication service request signal to the communication company server through the personal information authentication app. User terminal characterized by. The method of claim 25, wherein the control unit,
When generating a private key and a public key based on the artificial identifier, generating a two key pair including a private key and a public key corresponding to the artificial identifier using a Public Key Infrastructure (PKI) algorithm. User terminal characterized by. The method of claim 25, wherein the control unit,
When a private key and a public key are generated based on the artificial identifier, the private key is stored and stored in a security-enhanced (SE) of a personal information authentication app, and the public key is included in a transmission parameter. The method of claim 25, wherein the control unit,
When transmitting the public key and the authentication request data, the user terminal, characterized in that for generating a transaction by signing with a private key stored in a security-enhanced (SE) of a personal information authentication app. The method of claim 25, wherein the control unit,
When transmitting the public key and authentication request data, at least one of a channel name, a chain code name, a chain code version, and a function name of a block chain network is included in a transmission parameter and transmitted to the block chain server. In the method of providing a personal information authentication service of a user terminal comprising a control unit for controlling a communication unit, a key generation unit, a storage unit, and a display unit that are communicatively connected to a communication service provider server and a blockchain server,
Controlling, by the controller, the communication unit to transmit the personal information authentication service request signal to the communication company server when a user input for requesting a personal information authentication service is received;
Controlling, by the control unit, the key generation unit to generate a private key and a public key based on the artificial identifier when receiving the artificial identifier from the communication company server;
Controlling, by the control unit, the storage unit to store the private key; And,
And controlling, by the control unit, the communication unit to transmit the public key and authentication request data to the blockchain server when authentication request data for personal information authentication is input. Delivery method. The method of claim 31, wherein transmitting the personal information authentication service request signal to the communication company server,
A personal information authentication service providing method of a user terminal, wherein a personal information authentication app is installed and the communication unit controls the communication unit to transmit the personal information authentication service request signal to the communication company server through the personal information authentication app. The method of claim 31, wherein generating a private key and a public key based on the artificial identifier comprises:
A method for providing a personal information authentication service of a user terminal, comprising generating a two-key pair including a private key and a public key corresponding to the artificial identifier by using a Public Key Infrastructure (PKI) algorithm. The method of claim 31, wherein generating a private key and a public key based on the artificial identifier comprises:
When a private key and a public key are generated based on the artificial identifier, the private key is stored and stored in a security-enhanced (SE) of a personal information authentication app, and the public key is included in a transmission parameter. How to provide personal information authentication service. The method of claim 31, wherein transmitting the public key and authentication request data comprises:
A method of providing a personal information authentication service of a user terminal, comprising generating a transaction by signing with a private key stored in a security-enhanced (SE) of a personal information authentication app. The method of claim 31, wherein transmitting the public key and authentication request data comprises:
A method of providing a personal information authentication service of a user terminal, characterized in that at least one of a channel name, a chain code name, a chain code version, and a function name of a block chain network is included in a transmission parameter and transmitted to the block chain server. In the carrier server,
A communication unit that is communicatively connected to the user terminal and the blockchain server;
An artificial identifier generator for generating an artificial identifier of the user terminal;
A storage unit for storing customer information of the user terminal; And,
And a control unit for controlling the communication unit, the artificial identifier generation unit, and the storage unit,
The control unit,
When a personal information authentication service request signal is received from the user terminal, customer information of the user terminal is inquired from the storage unit, and based on the customer information of the user terminal, it is checked whether the customer of the user terminal is a subscriber, and the user If the customer of the terminal is a subscriber, controlling the artificial identifier generator to generate an artificial identifier of the user terminal, and controlling the communication unit to transmit the artificial identifier of the user terminal to the user terminal when the artificial identifier of the user terminal is generated. . The method of claim 37, wherein the control unit,
And when generating the artificial identifier of the user terminal, controlling the artificial identifier generating unit to generate an artificial identifier based on a contract number of the user terminal and identification information of the user terminal. The method of claim 37, wherein the control unit,
When the authentication request data of the user terminal is stored in the ledger of the communication company peer node from the blockchain server, the authentication request data is verified, and if there is no abnormality in the verification result, the ledger is updated. In the method of providing personal information authentication service of a communication company server comprising a communication unit connected to a user terminal and a blockchain server for communication, an artificial identifier generation unit, and a control unit controlling a storage unit,
When the control unit receives a personal information authentication service request signal from the user terminal, querying the storage unit for customer information of the user terminal;
Determining, by the control unit, whether a customer of the user terminal is a subscriber based on customer information of the user terminal;
Controlling, by the control unit, the artificial identifier generation unit to generate an artificial identifier of the user terminal if the customer of the user terminal is a subscribed customer; And,
And controlling, by the control unit, the communication unit to transmit the artificial identifier of the user terminal to the user terminal when the artificial identifier of the user terminal is generated. The method of claim 40, wherein generating the artificial identifier of the user terminal comprises:
And the control unit controls the artificial identifier generation unit to generate an artificial identifier based on the contract number of the user terminal and the identification information of the user terminal. The method of claim 40,
The control unit further comprising, if the authentication request data of the user terminal is stored in the ledger of the communication company peer node from the blockchain server, verifying the authentication request data, and updating the ledger if there is no abnormality in the verification result. A method of providing personal information authentication service of a communication company server, characterized in that. In the blockchain server,
A peer node server including a plurality of peer nodes;
Blockchain SDK (Software Development Kit) server for calling a chain code from a communication company peer node among a plurality of peer nodes upon receiving the public key and authentication request data from the user terminal; And,
Including an orderer/Kafka server for storing the public key and authentication request data in the ledger of the peer node of the communication company through the called chaincode and generating a new block including the transaction,
The peer node server,
The generated new block is verified by a stakeholder peer node among the plurality of peer nodes, and the authentication request data of the verified new block is shared and stored in the ledger of the stakeholder peer node, and the shared stored authentication request data Blockchain server, characterized in that receiving additional authentication by the stakeholder server, and storing the additional authenticated authentication request data shared in the ledger of the stakeholder peer node. The method of claim 43, wherein the peer node server,
When the generated new block is verified by a stakeholder peer node, verification of the new block is performed at the stakeholder peer node, and if there is no abnormality in the verification result, the ledger is updated. server. The method of claim 43, wherein the peer node server,
When the shared-stored authentication request data is additionally authenticated, updating the ledger to include an additional authentication value when the interested party server performs additional authentication to determine whether the customer is a registered customer based on the authentication request data stored in the ledger. Blockchain server characterized by. In the method of providing personal information authentication service of a blockchain server including a peer node server having a plurality of peer nodes, a blockchain SDK server, and an orderer/Kafka server,
Calling a chain code from a communication company peer node among the plurality of peer nodes when the blockchain SDK server receives the public key and authentication request data from the user terminal;
Storing, by the orderer/kafka server, the public key and authentication request data in the ledger of the peer node of the communication company through the called chaincode, and generating a new block including the transaction;
The peer node server, receiving verification of the generated new block by a stakeholder peer node among the plurality of peer nodes, and sharing and storing the authentication request data of the verified new block in the ledger of the stakeholder peer node ;
And the peer node server receiving additional authentication of the shared-stored authentication request data by an interested party server, and sharing and storing the additional authenticated authentication request data in a ledger of the interested party peer node. Chain server's personal information authentication service provision method. The method of claim 46, wherein the step of verifying the generated new block by a stakeholder peer node,
The method of providing a personal information authentication service of a blockchain server, characterized in that the verification of the new block is performed by the stakeholder peer node, and if there is no abnormality in the verification result, the ledger is updated. The method of claim 46, wherein the step of receiving additional authentication of the shared and stored authentication request data,
Provides a personal information authentication service of a blockchain server, characterized in that the ledger is updated to include an additional authentication value when the interested party server performs additional authentication to confirm whether the customer is a registered customer based on the authentication request data stored in the ledger. Way. Items 14 to 24, 31 to 36, 40 to 42, 46 to 48, a computer-readable program recording a program for executing the method described in any one of Recording medium.

Images