KR20220104123A - Card - Google Patents

Abstract

According to a card of the present invention, a card provided with an antenna transmitting and receiving a wireless signal based on near field communication (NFC) includes a chip having an algorithm that receives information including a time value calculated by a timer designated by processing NFC with a terminal in a near distance and an authentication value for designated authentication and generates a code to be provided to the terminal by using a seed value including the time value and a storage value stored inside when performing authentication using the authentication value.

Description

card {Card}

In the present invention, in a card having an antenna for transmitting and receiving NFC (Near Field Communication)-based wireless signals, based on the power supplied through the antenna, the NFC communication is processed with a terminal at a close distance and calculated by a designated timer. Information including a time value and a specified authentication value for authentication is provided, and authentication using the authentication value is performed to provide to the terminal using a seed value including the time value and a stored value stored therein at the time of authentication. A card having a chip having an algorithm for generating code.

The principle of separation of media in non-face-to-face transactions is the principle that “the medium used as the electronic financial transaction method and the medium used as the transaction authentication method are used separately”. Paragraph 2, No. 5” is applied. However, the criteria for judging the separation of media between electronic financial transaction means and transaction authentication means are flexible, which confuses the market.

For the safety of non-face-to-face transactions, the principle of separation of media must be observed, but considering the convenience of use, the principle of separation of media is also very inconvenient. As specified in the Electronic Financial Supervision Regulations, the principle of medium separation must be strictly observed in the field of using one-time passwords. In this case, conventional OTP media (for example, input means for PIN input) and an OTP generating device or OTP generating card equipped with an output means marked with a one-time password and a battery for maintaining time and supplying operating power, etc.), other methods cannot be applied. If any one of the above input means, output means and battery is removed and an OTP medium that generates and displays a one-time password by relying on other devices is proposed, this may immediately violate the principle of medium separation. . That is, the fact that any one of the input means, the output means, and the battery possessed by the conventional OTP medium depends on another device itself may be interpreted as not establishing the separation of the medium.

On the other hand, random number cards and OTP media are the same type of authentication means, and all financial institutions selectively issue either random number cards or OTP media. That is, when a random number card is issued, the OTP medium is not issued. On the contrary, when the OTP medium is issued, the random number card is not issued. If a customer who has been issued a random number card wants to receive an OTP medium, the OTP medium is issued after discarding the previously issued random number card. That is, in the case of issuing two authentication methods of the same type, non-face-to-face transactions are possible even with only one, and in the case of a customer, even if either one of the two authentication methods is lost or stolen, he or she can conduct a non-face-to-face transaction through the other immediately. Because it does not report loss/theft and does not apply for reissuance because it is outdated, it causes a fatal security problem.

It is an object of the present invention, in a card having an antenna for transmitting and receiving NFC (Near Field Communication)-based wireless signals, by processing NFC communication with a terminal in a proximity based on the power supplied through the antenna by a designated timer Information including the calculated time value and the specified authentication value for authentication is provided, and authentication using the authentication value is performed to the terminal using a seed value including the time value and a stored value stored therein during authentication. An object of the present invention is to provide a card having a chip having an algorithm for generating a code to be provided.

The card according to the present invention is a card having an antenna for transmitting and receiving NFC (Near Field Communication)-based wireless signals, based on the power supplied through the antenna, by processing NFC communication with a terminal at a close distance to a designated timer The terminal is provided with information including the time value calculated by the user and the authentication value for the specified authentication, and using the seed value including the time value and the stored internally stored value during authentication by performing authentication using the authentication value It is characterized in that it comprises a chip having an algorithm for generating a code to be provided.

In the card according to the present invention, the chip further receives at least one of a server-side received value received from a designated server through the NFC communication and a terminal-side stored value stored in the terminal, and the seed value is , characterized by further comprising at least one of the server-side received value and the terminal-side stored value.

The card according to the present invention, in the card, while receiving power through an antenna for transmitting and receiving a radio frequency signal and a radio frequency signal transmitted from and received through the antenna at a proximity terminal and near the terminal and NFC (Near Field Communication) Field Communication) communication is processed to receive information including a time value calculated by a timer provided on the outside of the card, and the NFC using a seed value including the received time value and a stored value stored therein and a chip having an algorithm for generating a code to be provided to the terminal via

In the card according to the present invention, the chip further receives an authentication value for authenticating code generation from the terminal through the NFC, and performs authentication for code generation through the authentication value provided from the terminal, In the authentication, the code is generated using the seed value.

In the card according to the present invention, the chip further receives a server-side received value received from the terminal through the NFC, and the seed value further includes a server-side received value provided from the terminal. It is characterized in that it is done.

In the card according to the present invention, the chip further receives a stored value stored in the terminal through the NFC, and the seed value further includes a stored value provided from the terminal.

The card according to the present invention, in the card, while receiving power through an antenna for transmitting and receiving a radio frequency signal and a radio frequency signal transmitted from and received through the antenna at a proximity terminal and near the terminal and NFC (Near Field Communication) Field Communication) is provided from the terminal to receive values including a terminal-side time value calculated by a timer of the terminal and a server-side received value received from a designated server to the terminal through a communication network, and through the terminal and a chip having an algorithm for generating a code to be transmitted to a designated server via the terminal using a seed value including the received terminal-side time value and the server-side received value.

In the card according to the present invention, the chip further receives an authentication value for authenticating code generation from the terminal through the NFC, and performs authentication for code generation through the authentication value provided from the terminal, In the authentication, the code is generated using a seed value.

In the card according to the present invention, the chip further receives a stored value stored in the terminal through the NFC, and the seed value further includes a stored value provided from the terminal.

In the card according to the present invention, the seed value is characterized in that it further includes a stored value stored inside the chip.

In the card according to the present invention, a random number table including a plurality of random number codes that can be inputted to a terminal is displayed on one surface of the card.

The card according to the present invention, in the card, while receiving power through an antenna for transmitting and receiving a radio frequency signal and a radio frequency signal transmitted from and received by the antenna at a close distance, the near field terminal and NFC (Near Field) Communication) processing communication to receive information for specified authentication from the terminal, a terminal-side time value calculated by a timer of the terminal, and a server-side received value received by the terminal from a designated server through a communication network, and when the authentication is performed An algorithm for generating a code to be transmitted to a designated server via the terminal using a designated value including a terminal-side time value provided through the terminal and a server-side received value based on the power supplied through the radio frequency signal Equipped with a chip, it is characterized in that the battery for maintaining time is not built-in.

In the card according to the present invention, the chip is further provided with the stored value stored in the terminal side through the NFC, and generates the code using a designated value further including the stored value provided from the terminal. characterized.

In the card according to the present invention, the chip generates the code by using a designated value that further includes a stored value stored therein.

In the card according to the present invention, a random number table including a plurality of random number codes that can be inputted to a terminal is displayed on one surface of the card.

The card according to the present invention, in the card, an antenna for transmitting and receiving radio frequency signals and using the antenna to process NFC (Near Field Communication) communication with the terminal in the proximity while receiving operating power from the terminal in the proximity, When at least one value of the time value of the terminal and the value received by the terminal through the communication network is provided through the NFC communication, the at least one value provided from the terminal and at least one value stored therein are used in multiple ways. and a chip having an algorithm for generating a code to be transmitted to a designated server via the terminal.

In the card according to the present invention, a random number table including a plurality of random number codes that can be inputted to a terminal is displayed on one surface of the card.

In the card according to the present invention, the card does not have a built-in battery, and the chip operates the code using the operating power supplied through the antenna when one or more values are provided from the terminal for the NFC communication. It is characterized by creating

In the card according to the present invention, the at least one value provided from the terminal further includes a value stored in the terminal.

The card according to the present invention, in the card, processes NFC (Near Field Communication) communication with a terminal at a close distance using an antenna for transmitting and receiving radio frequency signals and the antenna, and the time value of the terminal and the time value through the NFC communication Algorithm for generating a code to be transmitted to a designated server for transaction or authentication using the terminal by using one or more values including the value provided from the terminal after receiving at least one value among the values received from the terminal through a communication network It is characterized in that it embeds a chip having a , and displays a random number table including a plurality of random number codes that can be input to a terminal on one side of the card, and receives power through the radio frequency signal without a built-in battery.

In the card according to the present invention, the chip generates the code by further using a value stored in the chip.

In the card according to the present invention, the value provided from the terminal further includes a value stored in the terminal.

In the card according to the present invention, the chip communicates with a terminal at a close distance using the antenna, and the random number table includes a plurality of random number codes input to the terminal communicating with the chip. .

In the card according to the present invention, the random number table includes a plurality of random number codes to be input to a terminal, and the chip communicates with the terminal receiving the random number code using the antenna.

The card according to the present invention, in the card, processes NFC (Near Field Communication) communication with a terminal in a close distance using an antenna for transmitting and receiving radio frequency signals and the antenna, and receives the value provided from the terminal through the NFC communication a chip having an algorithm for generating a code to be transmitted to a designated server through the terminal using one or more values including It is characterized in that a random number table including a plurality of random number codes that can be inputted to a terminal is displayed on one side of the card.

In the card according to the present invention, the chip generates the code by further using a value stored in the chip.

In the card according to the present invention, the chip generates the code using a value received and provided by the terminal through a communication network.

In the card according to the present invention, the value provided from the terminal further includes a value stored in the terminal.

In the card according to the present invention, the random number table includes a plurality of random number codes to be input to a terminal, and the chip communicates with the terminal receiving the random number code using the antenna.

In the card according to the present invention, the random number table includes a random number table design consisting of i (i > 1) rows and j (j > 1) columns, and a number is assigned to each row and each column. .

In the card according to the present invention, at least one of a serial number assigned to the random number table on one side of the card on which the random number table is displayed, and an explanatory phrase for inputting the random number table into the terminal and using it on one side of the card on which the random number table is displayed are displayed. characterized by being made.

In the card according to the present invention, a character design for recognizing that the NFC function is built into the card on at least one surface of the card, an image design for recognizing that the NFC function is built into the card on at least one surface of the card, Characterized in that at least one of a character design for using the card in proximity to a terminal and an image design for using the card in proximity to a terminal on at least one surface of the card on at least one surface of the card do it with

In the card according to the present invention, on at least one surface of the card, one or more random number codes included in the random number table displayed on the card are input to a terminal and used. It is characterized in that by displaying at least one of the following image designs to input one or more random number codes included in the terminal to be used.

The transaction authentication method according to the present invention is a medium separation-based transaction authentication method executed by a server that performs a transaction procedure requested from one or more transaction media through a communication network, and identifies a random number table displayed on one side of a card medium Simultaneously, a first step of storing one or more unique identification values uniquely identifying a one-time code to be dynamically generated through a chip embedded in the card medium; A second step of identifying the type of transaction or the type of the transaction medium requested through the communication network using one or more codes among the one-time codes dynamically generated through and a third step of processing to perform an authentication procedure using the code if it matches the code used, wherein a random number table is displayed on one side of the card medium and at the same time, NFC (Near Field Communication) based radio frequency signal A card with a built-in antenna for transmitting and receiving, and a chip with a chip that is transmitted through the antenna after dynamically generating a one-time code using a radio frequency signal received through the antenna, wherein the transaction medium is a specified principle of separation of media Accordingly, it includes a terminal used to request various transactions in a state separated from the card medium.

According to the present invention, the unique identification value is a random number table identification value that uniquely identifies a random number table displayed on one side of the card medium, a medium identification value displayed on the outer surface of the card medium, and uniquely identifies a chip of the card medium a chip identification value, a storage identification value uniquely identifying information stored in the chip of the card carrier, one or more seed values written to the memory of the chip for dynamically generating the one-time code, one or more seed values written to the memory of the chip at least one or more of a seed identification value uniquely identifying the Combinations may be included.

According to the present invention, the first step may include mapping two or more values corresponding to the unique identification value when the unique identification value includes two or more values.

According to the present invention, the type of transaction may include at least one of a non-face-to-face payment transaction of less than a specified amount, a non-face-to-face payment transaction of more than a specified amount, a non-face-to-face financial transaction of less than a specified amount, and a non-face-to-face financial transaction of a specified amount or more. can

According to the present invention, the type of the transaction medium may include at least one of a transaction medium satisfying the condition for separating the card medium from the medium and a transaction medium not satisfying the condition for separating the card medium from the medium. The transaction medium satisfying the condition for separating the card medium from the medium includes a transaction medium that does not receive the one-time code dynamically generated from the chip of the card medium through NFC, and the condition for separating the card medium from the medium is not satisfied The transaction medium may include a transaction medium that receives the one-time code dynamically generated from the chip of the card medium through NFC.

According to the present invention, in the third step, when the identified transaction type matches the random number code authentication, it is confirmed whether the transaction requested through the communication network is the requested transaction using the random number code displayed on the random number table of the card medium. It may further include the step of

According to the present invention, in the third step, when the type of the identified transaction matches the one-time code authentication, the transaction requested through the communication network is requested using the one-time code dynamically generated through the chip of the card medium. It may further include the step of confirming whether the transaction.

According to the present invention, in the third step, when the type of the identified transaction matches a combination of a random number code and a one-time code authentication, the transaction requested through the communication network is a random number code displayed on the random number table of the card medium and the card The method may further include verifying that the transaction is the requested transaction using a one-time code generated dynamically via a chip in the medium.

According to the present invention, in the third step, when the type of the identified transaction medium matches the random number code authentication, whether the transaction requested through the communication network is a requested transaction using a random number code displayed on the random number table of the card medium The step of confirming may be further included.

According to the present invention, in the third step, when the type of the identified transaction medium matches the one-time code authentication, the transaction requested through the communication network is requested using the one-time code dynamically generated through the chip of the card medium. It may further include a step of confirming whether the transaction has been made.

According to the present invention, in the third step, when the type of the identified transaction medium matches a combination of a random number code and a one-time code authentication, the transaction requested through the communication network is performed with the random number code displayed on the random number table of the card medium and the The method may further include confirming whether the transaction is requested by using a one-time code dynamically generated through a chip of the card medium.

According to the present invention, the third step includes: when the identified type of transaction matches the random number code authentication, checking a random number code received from a transaction medium through a communication network for the transaction, and the unique identification value It may include processing so that the authentication procedure of the random number code is performed using .

According to the present invention, the third step includes: when the identified type of transaction matches the one-time code authentication, checking the one-time code received from the transaction medium through the communication network for the transaction; the unique identification value It may include the step of processing so that the authentication procedure of the one-time code is performed using.

According to the present invention, in the third step, when the identified transaction type matches a combination of a random number code and a one-time code authentication, a random number code and a one-time code received from a transaction medium through a communication network for the transaction are checked. and processing the random number code authentication procedure and the one-time code authentication procedure to be performed according to a specified procedure using the unique identification value.

According to the present invention, when the type of the identified transaction medium matches the random number code authentication, checking the random number code received from the transaction medium through a communication network for the transaction, and the random number using the unique identification value It may include the step of processing the code authentication procedure to be performed.

According to the present invention, the third step includes: when the type of the identified transaction medium matches the one-time code authentication, checking the one-time code received from the transaction medium through the communication network for the transaction; It may include processing to perform the authentication procedure of the one-time code using the value.

According to the present invention, in the third step, when the type of the identified transaction medium matches the combination of the random number code and the one-time code authentication, the random number code and the one-time code received from the transaction medium through the communication network for the transaction It may include the step of confirming, and processing the authentication procedure of the random number code and the authentication procedure of the one-time code to be performed according to a specified procedure using the unique identification value.

According to the present invention, the transaction authentication method may further include a fourth step of processing the transaction approval procedure to be performed based on an authentication result corresponding to the type of the transaction or the type of the transaction medium.

According to the present invention, while displaying a random number table on one side of the card medium, it has a function of dynamically generating a one-time code inside the card medium and transmitting it through NFC, and then selectively (or automatically according to a specified method) using it By using it as an authentication method for non-face-to-face transactions, it has the advantage of providing a transaction that complies with the principle of media separation and guarantees ease of use.

1 is a diagram showing the configuration of a medium separation-based transaction authentication system according to the present invention.
2A to 2D are diagrams illustrating a card medium according to an embodiment of the present invention.
3 is a diagram illustrating a transaction authentication process based on medium separation according to an embodiment of the present invention.

Hereinafter, the principle of operation of the preferred embodiment of the present invention will be described in detail with reference to the accompanying drawings and description. However, the drawings shown below and the description to be given below relate to a preferred implementation method among various methods for effectively explaining the characteristics of the present invention, and the present invention is not limited only to the following drawings and description. For example, it is possible to be implemented in a form in which a component provided on the server side is implemented on the terminal side, or, conversely, a component provided on the terminal side is implemented on the server side.

In addition, in the following description of the present invention, if it is determined that a detailed description of a related well-known function or configuration may unnecessarily obscure the gist of the present invention, the detailed description thereof will be omitted. And the terms to be described later are terms defined in consideration of functions in the present invention, which may vary according to intentions or customs of users and operators. Therefore, the definition should be made based on the content throughout the present invention.

As a result, the technical spirit of the present invention is determined by the claims, and the following examples are one means for efficiently explaining the technical spirit of the present invention to those of ordinary skill in the art to which the present invention belongs. only

1 is a diagram showing the configuration of a medium separation-based transaction authentication system according to the present invention.

In more detail, in FIG. 1, a medium separation-based transaction authentication is processed for each transaction medium using a card medium 150 with a random number table displayed on one side and a function of dynamically generating and transmitting a one-time code by a radio frequency signal. As an example of a system configuration to which the present invention pertains, those of ordinary skill in the art may refer to and/or modify this figure 1 for various implementations of the configuration of the medium separation-based transaction authentication system. A method (eg, an implementation method in which some components are omitted, subdivided, or combined) may be inferred, but the present invention includes all of the inferred implementation methods, and only the implementation method shown in FIG. 1 is used. Its technical characteristics are not limited.

In the medium separation-based transaction authentication of the present invention, a random number table is displayed on one side, and an antenna 205 for transmitting and receiving an NFC (Near Field Communication)-based radio frequency signal is built-in, and a radio frequency received through the antenna 205 It is implemented by the card medium 150 in which the chip 200 is embedded, which is transmitted through the antenna 205 after dynamically generating a one-time code using a signal. That is, the card medium 150 of the present invention displays a random number table used for various transaction authentication on one side of the medium manufactured in the form of a card, and an antenna 205 for transmitting and receiving NFC-based radio frequency signals inside the medium and A generic term for a card-type medium in which a chip 200 that dynamically generates a one-time code is embedded. It may be formed in the form of the chip 200 or the NFC chip 200 . Preferably, the chip 200 of the card medium 150 may receive power through the radio frequency signal. The chip 200 of the card medium 150 may receive a PIN value input by a user to a terminal having an input means through the radio frequency signal and perform PIN authentication for generating a one-time code. The chip 200 of the card medium 150 may receive a one-time code as a result of the PIN authentication. The chip 200 of the card medium 150 may receive at least one seed value through the radio frequency signal to generate the one-time code. Here, the seed value received through the radio frequency signal is a time value obtained through a timer on the terminal side that transmits and receives the radio frequency signal with the card medium 150, a value stored on the terminal side, and the terminal side receives through a communication network It may contain one or more of one value.

According to the embodiment of the present invention, the one-time code dynamically generated through the chip 200 of the card medium 150 is one or more seeds specified in a specified code generation algorithm (eg, a hash algorithm such as MD4, MD5, SHA, etc.) It can include OTP (One Time Password) or OTC (One Time Code) of a specified number of digits that are dynamically generated by entering a value, and any code in the form of a dynamically generated code clearly falls within the scope of the one-time code of the present invention It is revealed

According to the embodiment of the present invention, the card medium 150 displays a random number table on one side of the card type medium, and at the same time, the antenna 205 and It is preferable to be manufactured and implemented in the form of a single card provided with the chip 200 . However, the physical shape of the card medium 150 is by no means limited to one single card form, and two or more card-type media (eg, a first card-type medium with a random number table displayed on one side, the antenna 205 and a chip) (a combination of the second card-type medium provided with 200), if the two or more card-type media are linked (or mapped) through the designated storage medium 110, this is also the card medium 150 of the present application It is clearly stated that it belongs to the category of In addition, in the card medium 150 of the present application, a random number table is displayed on one side of a card-type medium, and a code generation module corresponding to all or a part of the chip 200 that dynamically generates a one-time code is included in the transaction medium 160 . Even if implemented in a form provided in or provided on a designated code server, if the one card-type medium and the code generation module are linked (or mapped) through the designated storage medium 110, this is also the card medium 150 of the present application. ) to clearly state that it belongs to the category of

In the medium separation-based transaction authentication system of the present invention, the random number code displayed in the random number table of the card medium 150 and the card medium 150 are embedded in the card medium 150 in a state separated from the card medium 150 according to the specified medium separation principle. A transaction medium 160 that requests various transactions (eg, financial transactions, settlement transactions, payment transactions, payment transactions, etc.) , it is determined whether the card medium 150 and the transaction medium 160 satisfy the specified medium separation principle in response to a transaction request from the transaction medium 160, and when the medium separation principle is satisfied, the random number It is configured to include one or more servers 100 that control the authentication procedure for one or more of the code and the one-time code to be performed. The server 100 of the present invention is implemented in the form of at least one server or a combination of two or more servers, or is already provided in various transaction systems (eg, financial transaction system, payment transaction system, payment transaction system, payment transaction system, etc.) It can be implemented in the form of a program module implemented in the server that is used for the server 100 , and it is clear that the present invention is not limited by the physical implementation method of the server 100 . In addition, some (or all) of the constituent parts of the server 100 of FIG. 1 may be implemented in the form of applications provided in each transaction medium 160, and it is clearly revealed that the present invention also includes such an embodiment. it's put

The transaction medium 160 is a generic term for terminals used to request various transactions in a state separated from the card medium 150 according to the specified medium separation principle. Preferably, at least a smartphone, a mobile phone, a tablet PC, etc. It should be clearly stated that all types of terminals used for a transaction request may be included, including a wired terminal including at least one wireless terminal including one, a computer, and a notebook computer. The principle of separation of media is the principle that “the medium used as an electronic financial transaction method and the medium used as the transaction authentication method are used separately”. No.”, and the criteria for judging media separation between electronic financial transaction means (=corresponding to the transaction medium 160 of this company) and transaction authentication means (corresponding to the card medium 150 of the company) are flexible. That is, whether physical separation is judged as medium separation, or whether communication separation is judged as medium separation along with physical separation is flexible. However, it is an object of the present invention to allow the principle of media separation through one card medium 150 to be applied no matter what criteria is applied, and the present invention is to implement this.

According to the present invention, the transaction medium 160 used by the user for various transactions is physically separated from the card medium 150 and communicates with the chip 200 embedded in the card medium 150 through NFC. A possible first-class transaction medium, a second-type transaction medium that is physically separated from the card medium 150 and does not communicate via NFC with the chip 200 embedded in the card medium 150, the card medium 150 .

The first type of transaction medium is a generic name of a transaction medium 160 that receives a one-time code of a specified number of digits from the chip 200 of the card medium 150 through NFC and uses it for a transaction,

A generic name of the transaction medium 160 that receives an N (N>1) digit disposable code to be used immediately for a transaction and uses it for a transaction, preferably including a wireless terminal such as a smart phone, a mobile phone, and a tablet PC equipped with an NFC module can do. However, a terminal having an NFC module is not classified as a first-class transaction medium, and by using the NFC module, a one-time code of N-digits dynamically generated through the chip 200 of the card medium 150 is received for transaction. It is preferable to classify it as the first type of transaction medium of the present application only by requesting it. Even if the NFC module is provided, the N-digit disposable code is not received from the chip 200 of the card medium 150 through the NFC module at the time of requesting a transaction, or even if the card medium 150 Even if an N-digit one-time code is received from the chip 200 through NFC, if it is not used for a transaction, it is not classified as the first type of transaction medium.

According to the first implementation method for the first type of transaction medium, the chip 200 of the card medium 150 can dynamically generate a one-time code of N (N>1) digits to be used for a transaction, The type 1 transaction medium may receive an N-digit disposable code from the chip 200 of the card medium 150 through NFC and use it for transaction.

According to the second implementation method for the first type of transaction medium, the chip 200 of the card medium 150 dynamically converts the n (1≤n<N)-digit code among the N-digit disposable codes to be used for the transaction. may be generated, and the remaining (N-n) digit code may be dynamically generated inside the first-type transaction medium (eg, a program provided in a terminal corresponding to the first-type transaction medium). In this case, the first type of transaction medium may combine the n-digit code and the (N-n)-digit code to implement an N-digit one-time code to be used for the transaction and use it for the transaction.

According to the third implementation method for the first type of transaction medium, the chip 200 of the card medium 150 may generate one or more dynamic seed values necessary for dynamically generating an N-digit one-time code to be used for a transaction. In addition, the N-digit one-time code to be used for the actual transaction may be generated inside the first type transaction medium, and is a part of the seed value of the N-digit disposable code dynamically generated inside the third type transaction medium. The dynamic seed value may be used. In this case, the first type transaction medium receives a dynamic seed value from the chip 200 of the card medium 150 through NFC, and receives an N-digit disposable code through one or more seed values including the dynamic seed value. After creating it dynamically, it can be used for trading.

According to the fourth implementation method for the first type of transaction medium, the chip 200 of the card medium 150 stores a designated unique identification value and provides it through NFC, and the N-digit number to be used for the actual transaction The one-time code may be generated inside the third type of transaction medium, but the unique identification value provided from the chip 200 of the card medium 150 is a trigger (or authentication) for dynamically generating an N-digit one-time code. key) or as part of the seed value. However, an embodiment in which the unique identification value is used as a part of the seed value will be described with reference to the third implementation method of the first type transaction medium, and an embodiment in which the unique identification value is used as a trigger (or authentication key) decide to do Preferably, the first type of transaction medium receives a unique identification value from the chip 200 of the card medium 150 through NFC, and uses it as a trigger (or authentication key) to use one or more specified seed values. After dynamically generating an N-digit one-time code, it can be used for transactions.

The second type of transaction medium is a terminal that requests a transaction by inputting one or more random number codes displayed on a random number table on one side of the card medium 150 from a user, or a one-time code dynamically generated through the card medium 150 . is a generic name of the transaction medium 160 for requesting a transaction by receiving input from a user, and preferably includes all terminals having an input means capable of inputting the random number code or the one-time code. Therefore, even if the NFC module is provided, the terminal receiving the random number code of the card medium 150 and requesting a transaction or receiving a one-time code displayed on another terminal having an NFC module to request a transaction is the second type of the present application. It is desirable to be classified as a transaction medium. If the card medium 150 is provided with a display, a terminal that receives a one-time code displayed on the display of the card medium 150 and requests a transaction may be classified as the second type of transaction medium of the present application.

On the other hand, in the case of the second type of transaction medium, the other terminal having the NFC module and displaying the one-time code is applied to the first to fourth implementation methods for the first type transaction medium and the third type transaction medium below. It is possible to identify and display the disposable code in a manner combining at least one or two or more of the first to fifth implementation methods, thereby clearly stating that the present invention is not limited thereto.

The third type of transaction medium receives a one-time code of a specified number of digits available for transaction from the chip 200 of the card medium 150 through NFC and uses it for the transaction, but N (N > 1) to be used for the transaction ) a code server designated for processing to generate a one-time code of digit (eg, a server that provides at least one seed value for generating a one-time code, or a card medium 150 among N-digit one-time codes to be used for a transaction) As a generic name of the transaction medium 160 that communicates with the (N-n)-digit code excluding the n (1≤n<N)-digit code to be generated through the chip 200 (such as a server that generates and provides a code), preferably NFC It may include a wireless terminal such as a smart phone, a mobile phone, and a tablet PC having a module, but is not limited thereto.

According to the first implementation method for the third type of transaction medium, the chip 200 of the card medium 150 may dynamically generate an N-digit one-time code to be used for a transaction. In this case, the third type of transaction The medium receives at least one specified seed value required for the chip 200 of the card medium 150 to dynamically generate an N-digit one-time code from a specified code server, and receives the chip ( 200) can be provided. Thereafter, the third type of transaction medium may receive an N-digit one-time code from the chip 200 of the card medium 150 through NFC and use it for transaction.

According to the second implementation method for the third type of transaction medium, the chip 200 of the card medium 150 dynamically converts the n (1≤n<N)-digit code among the N-digit disposable codes to be used for the transaction. may be generated, and the remaining (N-n) digit code may be dynamically generated inside the third type transaction medium (eg, a program provided in a terminal corresponding to the third type transaction medium). In this case, the third type transaction medium receives at least one specified seed value required for the chip 200 of the card medium 150 to dynamically generate an n-digit code from a specified code server, and receives the card medium through the NFC. (N-n) digits by receiving at least one seed value necessary for dynamically generating a code of (N-n) digits in the third type transaction medium, provided to the chip 200 of 150, or from the designated code server code can be dynamically generated. The third type of transaction medium may implement an N-digit one-time code by combining the n-digit code and the (N-n)-digit code and use it for a transaction.

According to the third implementation method for the third type of transaction medium, the chip 200 of the card medium 150 can dynamically generate an n-digit code among the N-digit disposable codes to be used for the transaction, and the remaining ( N-n) digit code can be dynamically generated through a designated code server. In this case, the third type of transaction medium receives an n-digit code from the chip 200 of the card medium 150 through NFC, and after receiving a (N-n)-digit code from the designated code server, the n By combining the digit code and the (N-n) digit code, the N-digit one-time code to be used for the transaction can be implemented and used for the transaction.

According to the fourth implementation method for the third type of transaction medium, the chip 200 of the card medium 150 dynamically generates a seed value necessary for dynamically generating an N-digit one-time code to be used for a transaction, and then through NFC. provided, and the N-digit one-time code to be used for the actual transaction may be generated inside or through a designated code server of the third type of transaction medium, but is dynamically generated through the chip 200 of the card medium 150 The seed value may be used as part of the seed value to dynamically generate an N-digit one-time code. Preferably, the third type of transaction medium receives a dynamic seed value from the chip 200 of the card medium 150 through NFC, receives a part of the remaining seed value from a designated code server, and uses it to N A one-time digit code can be dynamically generated and used for transactions. According to the implementation method, the dynamic seed value generated through the chip 200 of the card medium 150 is a code of n' (1≤n'<N) digits in the third type transaction medium among N-digit disposable codes. and the remaining (N-n') digit code can be generated and received through a designated code server. In this case, the third type of transaction medium is ) digit codes can be combined to implement N-digit one-time codes and use them for transactions. Alternatively, (N-n') digit code is generated through a code server in which a dynamic seed value generated through the chip 200 of the card medium 150 is specified, or an N digit one-time code is generated according to an implementation method It is possible to be used for this, and the present invention is not limited thereto.

According to the fifth implementation method for the third type of transaction medium, the chip 200 of the card medium 150 stores the designated unique identification value and provides it through NFC, and the N-digit number to be used for the actual transaction is The one-time code may be generated inside the third type of transaction medium or through a designated code server, but the unique identification value provided from the chip 200 of the card medium 150 is used to dynamically generate an N-digit one-time code. It may be used as a trigger (or authentication key) for However, an embodiment in which the unique identification value is used as a part of the seed value will be described with reference to the fourth implementation method of the third type transaction medium, and an embodiment in which the unique identification value is used as a trigger (or authentication key) decide to do Preferably, the third type of transaction medium receives a unique identification value from the chip 200 of the card medium 150 through NFC, and uses it as a trigger (or authentication key) to obtain a specified seed value from a specified code server. Receive and use it to dynamically generate an N-digit one-time code, and then use it for transactions. According to the implementation method, the unique identification value provided from the chip 200 of the card medium 150 generates a code of n" (1≤n"<N) digits in the third type transaction medium among N-digit disposable codes. It is used as a trigger (or authentication key) for N-n") digit codes can be combined to implement N-digit one-time codes and use them for transactions. Alternatively, according to the implementation method, the unique identification value provided from the chip 200 of the card medium 150 is specified through a code server. It can be used as a trigger (or authentication key) for generating an (N-n") digit code, or used as a trigger (or authentication key) for generating an N-digit one-time code, whereby the present invention is limited doesn't happen

Referring to FIG. 1 , the server 100 identifies a random number table displayed on one side of the card medium 150 , and at the same time, a disposable code to be dynamically generated through the chip 200 embedded in the card medium 150 . and an identification value storage unit 105 for storing one or more unique identification values that uniquely identify .

The identification value storage unit 105 identifies a random number table displayed on one side of the card medium 150 issued to the user from a designated institution together with the user identification value from the terminal used by the user, and at the same time, the card medium 150 ) receives a unique identification value that uniquely identifies a one-time code to be dynamically generated through the chip 200 built in, and stores the user identification value and the unique identification value in association (or mapping) in the designated storage medium 110 do. Alternatively, the identification value storage unit 105 identifies a random number table displayed on one side of the card medium 150 together with the user identification value from a terminal provided in an institution issuing the card medium 150 to the user. At the same time, a unique identification value uniquely identifying a one-time code to be dynamically generated is received through the chip 200 embedded in the card medium 150, and the user identification value and the unique identification value are linked (or mapped) to It is stored in the designated storage medium 110 . When the unique identification value includes two or more values, the identification value storage unit 105 maps and stores two or more values corresponding to the unique identification value.

* The unique identification value for simultaneously identifying the random number table displayed on one side of the card medium 150 and the disposable code to be dynamically generated through the built-in chip 200 is unique to the random number table displayed on one side of the card medium 150 A random number table identification value for uniquely identifying, a medium identification value displayed on the outer surface of the card medium 150, a chip 200 identification value for uniquely identifying the chip 200 of the card medium 150, and the card medium 150 a stored identification value that uniquely identifies the information stored in the chip 200 of at least one of a seed identification value uniquely identifying a seed value, a rule identification value uniquely identifying a rule that dynamically determines at least one seed value, a server identification value for a server involved in generating or authenticating a one-time code, or combination of two or more

Preferably, the random number table identification value includes a serial number assigned to the random number table displayed on one surface of the card medium 150 .

The medium identification value is a generic term for all unique numbers displayed on the outer surface of the card medium 150. For example, the card medium 150 has a random number table displayed on one surface and through the built-in chip 200. A one-time code is dynamically generated and at the same time as an IC card having a COB (Chip On Board) connected to the chip 200, a credit card, a check card, a debit card, a cash card, an electronic bankbook, a point card, a membership card, the card Among them, it may be provided with functions as various issuing cards, such as a composite card having two or more card functions. The medium identification value may include a card number assigned to the IC card when the card medium 150 functions as an IC card.

The chip 200 identification value includes a serial code or serial number uniquely assigned to the chip 200 that is embedded in the card medium 150 to dynamically generate a disposable code, and preferably, the chip 200 is manufactured It is desirable to include the physical number assigned by the manufacturer at the time of the application.

The storage identification value is a generic name of a unique code or a unique number stored in the memory of the chip 200 in the issuance process of the card medium 150 and the subsequent issuance process, and is stored in the chip 200 memory of the other card medium 150. Any value may be used as long as it is an identification value that is distinct from the stored value. For example, when the card medium 150 operates as an IC card having an issuing card function, the storage identification value includes card information (eg, card number, expiration date, CVC, issuer name, etc.) of the IC card. may include

The seed value is a generic name of a seed value designated to be written to the memory of the chip 200 among various seed values to be input to a code generation algorithm designated for dynamically generating the one-time code. Preferably, the seed value may include at least one of a random number value and a unique value assigned to the user/card medium 150 .

Preferably, the seed identification value comprises an index assigned to uniquely identify a set of seed values input to a code generation algorithm designated for dynamically generating the one-time code.

Some of the seed values to be input to the code generation algorithm to dynamically generate the one-time code may be dynamically generated, and the rule identification value is a rule (eg, seed generation) for determining a dynamically determined dynamic seed value among the seed values. It is a value assigned to uniquely identify an algorithm, etc.).

The process in which the one-time code is dynamically generated or the process in which the one-time code is authenticated can be processed by intervening at least one server (eg, a code server involved in the generation of the one-time code, an authentication server that authenticates the one-time code, etc.) And, the server identification value is a value for identifying a server involved in the generation or authentication of the one-time code. Preferably, the server identification value may be formed in the form of a server address, server name, server number, server index, and the like.

Referring to FIG. 1 , the server 100 establishes a communication network by using one or more random number codes displayed on the random number table of the card medium 150 and one or more one-time codes dynamically generated through the card medium 150 . It includes a transaction processing unit 115 for processing a transaction requested from a specified transaction medium 160 through a designated transaction medium 160 , and according to an implementation method, the transaction may be processed through the specified transaction server 170 .

The transaction processing unit 115 performs a transaction procedure requested from a specified transaction medium 160 through a communication network, or controls the transaction procedure to be performed through a separate transaction server 170 , or the transaction server As a generic name of a component that can confirm the transaction procedure performed through 170 , the transaction is one or more random number codes displayed on the random number table of the card medium 150 and one-time codes dynamically generated through the card medium 150 . It is desirable to include a transaction using one or more codes as a means of authentication. Those of ordinary skill in the art to which the present invention pertains will be aware of the types of transactions using at least one of the random number code and the one-time code as an authentication means and various procedures in which the transactions are performed. is to be omitted.

Referring to FIG. 1 , the server 100 establishes a communication network by using one or more random number codes displayed on the random number table of the card medium 150 and one or more one-time codes dynamically generated through the card medium 150 . Transaction identification unit 120 for identifying the type of transaction requested through one or more random number codes displayed on the random number table of the card medium 150 and one or more codes of one-time codes dynamically generated through the card medium 150 The medium identification unit 125 for identifying the type of medium used for the transaction requested through the communication network, one or more random number codes displayed on the random number table of the card medium 150 and the one-time use dynamically generated through the card medium 150 Among the codes, the code identification unit 130 for identifying one or more codes used for the requested transaction includes one or more identification units 120 , 125 , and 130 .

According to the first code matching method of the present invention, it is determined whether or not to use one or more random number codes displayed on the random number table of the card medium 150 and one or more codes dynamically generated through the card medium 150 as an authentication means. The type of transaction may be used as a criterion for For example, at least one of the random number code and the one-time code is not used as an authentication means in an inquiry transaction, but at least one of the random number code and the one-time code is set to be used as an authentication means in a transfer transaction or a remittance transaction. can In order to determine whether to use one or more of the random number code and the one-time code as an authentication means, the transaction identification unit 120 is a transaction to be performed or is being performed through the transaction processing unit 115 or the transaction server 170 . identify the type of Preferably, the identified type of transaction includes at least one of a non-face-to-face payment transaction of less than a specified amount, a non-face-to-face payment transaction of more than a specified amount, a non-face-to-face financial transaction of less than a specified amount, and a non-face-to-face financial transaction of a specified amount or more. can

According to the second code matching method of the present invention, it is determined whether to use one or more random number codes displayed in the random number table of the card medium 150 and one or more codes dynamically generated through the card medium 150 as an authentication means. As a standard, the type of the transaction medium 160 may be used. For example, in a transaction in which a wired terminal is used as the transaction medium 160 , a random number code included in the random number table of the card medium 150 is used as an authentication means, or the chip 200 of the card medium 150 is used as an authentication means. Only when the one-time code generated dynamically through the wireless terminal is displayed on the wireless terminal having an NFC module and then input to the wired terminal can be set so that the one-time code is used as an authentication means. Alternatively, a transaction in which the wireless terminal is used as the transaction medium 160 may be set so that only the random number code included in the random number table of the card medium 150 is used as the authentication means. In order to determine whether to use one or more of the random number code and the one-time code as an authentication means, the medium identification unit 125 performs a transaction to be performed or is being performed through the transaction processing unit 115 or the transaction server 170 . Identifies the type of the transaction medium 160 requested. Preferably, the identified type of the transaction medium 160 is a transaction medium 160 that satisfies the condition for separating the card medium 150 from the medium, and a transaction medium 160 that does not satisfy the condition for separating the card medium 150 from the medium. It includes at least one of the transaction medium (160). Preferably, the transaction medium 160 satisfying the condition for separating the card medium 150 from the medium is a transaction medium that does not receive the one-time code dynamically generated in the chip 200 of the card medium 150 through NFC. (160). Alternatively, the transaction medium 160 that does not satisfy the conditions for separating the card medium 150 from the medium is the transaction medium 160 that receives the one-time code dynamically generated in the chip 200 of the card medium 150 through NFC. ) may be included. If the card medium 150 and the transaction medium 160 that do not satisfy the medium separation condition are identified, the card medium 150 and the transaction medium 160 are adjusted to satisfy the medium separation condition (eg, one-time use). If the condition of medium separation is not satisfied by the code, it is desirable to adjust the medium separation condition through the random number code of the random number table), and depending on the implementation method, even if transaction approval is possible, transaction approval may be rejected regardless of this have.

According to the embodiment of the present invention, the medium identification unit 125 is the type of the transaction medium 160, the type of the terminal used as the transaction medium 160 (eg, a wired terminal or a wireless terminal, etc.), the type of the terminal ( For example, Apple's smartphone, Samsung's smartphone, etc.), the type of communication network the terminal is connected to (eg, wired communication network, mobile communication network, WiFi-based local area network, etc.), communication protocol, the type of application provided in the terminal, One or more of the provided application identification values may be identified.

According to the third code matching method of the present invention, a combination of the first code matching method and the second code matching method may be provided. Identifies the type of transaction to be performed or is being performed through the transaction server 170 , and the medium identification unit 125 is scheduled to be performed or is being performed through the transaction processing unit 115 or the transaction server 170 . It is possible to identify the type of the transaction medium 160 requesting the transaction.

In the code identification unit 130 , the code received from the transaction medium 160 requesting a transaction to be performed or being performed through the transaction processing unit 115 or the transaction server 170 is a random number table of the card medium 150 . It is identified which code corresponds to one or more random number codes displayed in , and one-time codes dynamically generated through the card medium 150 . Preferably, the code transmitted from the transaction medium 160 to the transaction processing unit 115 or the transaction server 170 may include an identifier that can identify whether it is a random number code or a one-time code, and in this case, the code identification unit 130 can read the identifier and identify which code the code received from the transaction medium 160 corresponds to among a random number code and a one-time code. Alternatively, the code received from the transaction medium 160 may have a code system capable of recognizing the type of code. In this case, the code identification unit 130 reads the code system and receives the code received from the transaction medium 160 . It is possible to identify whether the code corresponds to a random number code or a one-time code.

According to the embodiment of the present invention, the code identification unit 130 identifies which code the code corresponds to among a random number code and a one-time code, and at the same time whether the code is keyed into the transaction medium 160 or It may be identified whether or not it is received by the transaction medium 160 through a designated communication method (eg, an NFC communication method, a communication network-based communication method). Preferably, the code transmitted from the transaction medium 160 to the transaction processing unit 115 or the transaction server 170 may include an identifier that can identify an acquisition method. In this case, the code identification unit 130 identifies the identifier. By reading, it is possible to identify whether the code received from the transaction medium 160 was obtained through key input to the transaction medium 160 or was obtained through a designated communication method. Alternatively, the code received from the transaction medium 160 may have a code system that can recognize the acquisition method. In this case, the code identification unit 130 reads the code system and receives the code received from the transaction medium 160 . It can be identified whether the code was obtained through key input to the corresponding transaction medium 160 or received through a designated communication method.

Referring to Figure 1, the server 100, the code-medium matching unit 135 for checking whether at least one specified among the identified type of transaction and the type of transaction medium 160 matches the code used for the transaction ), and an authentication procedure performing unit 140 that processes to perform an authentication procedure using the code when at least one specified among the type of the transaction and the type of the transaction medium 160 matches the code used for the transaction. ) is provided.

The code-medium matching unit 135 maps and maintains at least one of a code type available as an authentication means for each transaction type and a code acquisition method, or codes available as an authentication means for each transaction medium 160 type. At least one of a type and a code acquisition method is mapped and maintained, or at least one of a code type and a code acquisition method that can be used as an authentication means corresponding to the type of each transaction and the type of the transaction medium 160 is mapped and maintained. Preferably, the mapped information may be stored in a designated storage medium or may be implemented in the form of a program code constituting the code-medium matching unit 135 .

The code-medium matching unit 135 uses the mapped information to determine the type of transaction identified through the transaction identification unit 120 and the type of the transaction medium 160 identified through the medium identification unit 125 . It is checked whether one or more types of the random number code and the one-time code match one or more codes used for a transaction. For example, when a transaction requested from a wireless terminal having an NFC module is mapped to be usable as an authentication means by keying in a random number code included in a random number table displayed on one side of the card medium 150, the code-medium The matching unit 135 may determine whether the type of the transaction medium 160 is a wireless terminal and whether the code received from the transaction medium 160 is a random number code. Alternatively, the transaction requested from the wired terminal receives the one-time code dynamically generated through the chip 200 of the card medium 150 to the wireless terminal through NFC, displays it on the screen, and then inputs a key to the wired terminal as an authentication means. When mapped to be usable, the code-medium matching unit 135 determines that the type of the transaction medium 160 is a wired terminal and the code received from the transaction medium 160 is the chip 200 of the card medium 150 . It is possible to check whether the code is a one-time code that is dynamically generated through NFC, received and displayed by the wireless terminal, and then keyed into the wired terminal.

According to the implementation method of the present invention, the code-medium matching unit 135 determines that one or more codes designated among a random number code and a one-time code of the card medium 150 are transmitted through the transaction medium 160 according to the mapped information. It can be controlled to be obtained and transmitted to the transaction processing unit 115 or the transaction server 170 . Preferably, the code-medium matching unit 135 may provide a UI that allows one or more codes designated according to the mapped information to be obtained through the transaction medium 160 through the transaction medium 160 . According to an implementation method, the code-medium matching unit 135 may be provided in the form of an application provided in the transaction medium 160 .

According to the first transaction-code matching method of the present invention, when the identified transaction type is matched with random number code authentication, the code-medium matching unit 135 determines that the transaction requested through the communication network is performed on the card medium 150 . You can check whether the transaction was requested by using the random number code displayed in the random number table.

According to the second transaction-code matching method of the present invention, when the identified transaction type matches the one-time code authentication, the code-medium matching unit 135 determines that the transaction requested through the communication network is performed on the card medium 150 . It is possible to check whether the transaction is requested using the one-time code dynamically generated through the chip 200 of the

According to the third transaction-code matching method of the present invention, when the identified transaction type is matched with a combination of a random number code and one-time code authentication, the code-medium matching unit 135 determines that the transaction requested through the communication network is It can be confirmed whether the transaction is requested by using the random number code displayed on the random number table of the card medium 150 and the one-time code dynamically generated through the chip 200 of the card medium 150 .

According to the first medium-code matching method of the present invention, when the identified type of the transaction medium 160 matches the random number code authentication, the code-medium matching unit 135 determines that the transaction requested through the communication network is the card. It can be confirmed whether the transaction is requested by using the random number code displayed on the random number table of the medium 150 .

According to the second medium-code matching method of the present invention, when the identified type of the transaction medium 160 matches the one-time code authentication, the code-medium matching unit 135 determines that the transaction requested through the communication network is the card. A one-time code dynamically generated through the chip 200 of the medium 150 may be used to confirm whether the transaction is requested.

According to the third medium-code matching method of the present invention, when the identified type of the transaction medium 160 is matched with a combination of a random number code and a one-time code authentication, the code-medium matching unit 135 is configured through the communication network. Whether the requested transaction is the requested transaction may be confirmed using the random number code displayed on the random number table of the card medium 150 and the one-time code dynamically generated through the chip 200 of the card medium 150 .

If at least one specified among the type of the transaction and the type of the transaction medium 160 matches the code used for the transaction, the authentication procedure performing unit 140 returns the code identified through the code identification unit 130 . Controls so that an authentication procedure for authenticating the validity of the transaction is performed using The authentication procedure may be performed by the transaction processing unit 115 or the transaction server 170, or may be performed through an authentication server designated in response to each code, and the transaction processing unit 115 or the transaction server 170 As a result of the authentication procedure, a procedure for approving a transaction requested from the transaction medium 160 is performed.

According to the first transaction-code matching method of the present invention, when the identified transaction type matches the random number code authentication, the authentication procedure performing unit 140 receives from the transaction medium 160 through the communication network for the transaction. The random number code may be checked, and an authentication procedure of the random number code may be performed using the unique identification value.

According to the second transaction-code matching method of the present invention, when the identified transaction type matches the one-time code authentication, the authentication procedure performing unit 140 receives from the transaction medium 160 through the communication network for the transaction. It is possible to check the one-time code, and process it so that the authentication procedure of the one-time code is performed using the unique identification value.

According to the third transaction-code matching method of the present invention, when the identified transaction type is matched with a combination of a random number code and a one-time code authentication, the authentication procedure performing unit 140 performs a transaction medium through a communication network for the transaction. The random number code and one-time code received from 160 may be checked, and the random number code authentication procedure and the one-time code authentication procedure may be performed according to a specified procedure using the unique identification value.

According to the first medium-code matching method of the present invention, when the identified type of the transaction medium 160 matches the random number code authentication, the authentication procedure performing unit 140 performs the transaction medium ( 160), it is possible to check the random number code, and to perform an authentication procedure of the random number code using the unique identification value.

According to the second medium-code matching method of the present invention, when the identified type of the transaction medium 160 matches the one-time code authentication, the authentication procedure performing unit 140 performs the transaction medium ( 160), it is possible to check the one-time code received, and process to perform the authentication procedure of the one-time code using the unique identification value.

According to the third medium-code matching method of the present invention, when the identified type of the transaction medium 160 matches the combination of the random number code and the one-time code authentication, the authentication procedure performing unit 140 performs the communication network for the transaction. The random number code and the one-time code received from the transaction medium 160 through

2a to 2d are diagrams illustrating a card medium 150 according to an embodiment of the present invention.

In more detail, Fig. 2a illustrates one side of the card medium 150 on which a random number table design is displayed, and Fig. 2b illustrates the inside of the card medium 150 in which the antenna 205 and the chip 200 are embedded. , FIG. 2c illustrates that a character design is displayed on the other side of the card medium 150 , and FIG. 2d illustrates that an image design is displayed on the other side of the card medium 150 . On one side of the card medium 150 according to the present invention, a random number table design is displayed as shown in FIG. 2a, and the other side of the card medium 150 is one of the character design illustrated in FIG. 2c and the image design illustrated in FIG. 2d. The above designs may be displayed in a combined form.

Referring to Fig. 2a, on one side of the card medium 150, a random number table design consisting of i (i>1) rows and j (j>1) columns is displayed, and each row and column of the random number table is numbered and A random number code of a predetermined number of digits (eg, 4 digits) may be displayed. In addition, on one surface of the card medium 150 on which the random number table design is displayed, the serial number assigned to the random number table may be displayed (example omitted), and explanatory text for using the random number table may be further displayed (example omitted).

Referring to Figure 2b, the card medium 150 has a built-in antenna 205 for transmitting and receiving an NFC-based radio frequency signal, and after dynamically generating a one-time code using the radio frequency signal received through the antenna 205 A chip 200 that transmits through the antenna 205 is embedded. For convenience, the coil-shaped antenna 205 is illustrated in the example of FIG. 2B. However, the antenna 205 embedded in the card medium 150 is not limited to the coil form, and the antenna 205 of various shapes according to the radio frequency band. ) can be built-in. The chip 200 embedded in the card medium 150 includes a variety of chips 200 capable of dynamically generating a disposable code by having a processor and memory such as an NFC chip 200 , an RF chip 200 , and an IC chip 200 . can do.

Figure 2c exemplifies that a character design is displayed on one side of the card medium 150 except for one side of the card medium 150 on which the random number table design is displayed. Referring to Figure 2c, the other side of the card medium 150 is ( As shown in (a), the character design “NFC OTP” is displayed, so that the user knows that the chip 200 and the antenna 205 are built-in to generate a one-time code inside the card medium 150 and transmit it through a radio frequency signal. can be made aware of The text design of “NFC OTP” may be displayed in the form of explanatory text as shown in (B) of FIG. 2C. Alternatively, the character design displayed on the other side of the card medium 150 includes only “NFC” as shown in (C) or (D) of FIG. 2c, or “OTP” as shown in (E) or (F) of FIG. 2C ”, and the present invention is not limited thereto. Meanwhile, the character design may be changed to a Korean name and displayed, or may be displayed including an English full name instead of an initial, and the present invention is not limited thereto. In addition, the size, font, and display position of each character design can be variously changed, and the present invention is not limited thereto.

FIG. 2d illustrates that an image design is displayed on one side of the card medium 150 except for one side of the card medium 150 on which the random number table design is displayed. Referring to FIG. 2d, the other side of the card medium 150 is ( A chip that generates a disposable code inside the card medium 150 and transmits it through a radio frequency signal by displaying an image design that “closes the card medium 150 on top of the wireless terminal equipped with the NFC module” as in a) (200) and the antenna 205 are built-in can be recognized by the user. The method of bringing the card medium 150 close to the wireless terminal can be variously changed as shown in (B) or (C) of FIG. 2D, and the character design illustrated in FIG. 2C within the image design as shown in (D) of FIG. 2D. Some of them may be displayed. Alternatively, the image design displayed on the other side of the card medium 150 is an image design indicating that “input the random number code of the random number table” displayed on one side of the card medium 150 as shown in FIG. 2d (e). can be displayed, and the image design for inputting the random number code can be variously changed as shown in FIG. 2d (bar). For example, in the image design for inputting the random number code of the random number table, a wired terminal is displayed instead of the wireless terminal illustrated in (E) or (B) of FIG. 2D, or the shape of a hand is more to emphasize key input may be included. Meanwhile, the size and displayed position of each image design illustrated in FIG. 2D can be variously changed, and the present invention is not limited thereto.

* According to the embodiment of the present invention, the other side of the card medium 150 is any one of the examples of (A) to (B) of FIG. 2C and the examples of (A) to (B) of FIG. 2D, or Or two or more designs may be designed in a combined form. For example, on the other side of the card medium 150, a character design as shown in (A) of FIG. 2C is displayed, and a character design is displayed in the explanatory text as shown in (B) of FIG. 2C, along with FIG. 2D An image design as shown in (A) of FIG. 2d may be displayed on the left side of the other side of FIG. 2d, and an image design as shown in (E) of FIG.

3 is a diagram illustrating a transaction authentication process based on medium separation according to an embodiment of the present invention.

In more detail, in FIG. 3, a medium separation-based transaction authentication is processed for each transaction medium using a card medium 150 with a random number table displayed on one side and a function of dynamically generating and transmitting a one-time code by a radio frequency signal. As an illustration of the process of doing so, those of ordinary skill in the art to which the present invention pertains, refer to and/or modify this FIG. 3 to see various implementation methods for the transaction authentication process (eg, some steps are omitted, or Or the implementation method in which the order is changed) may be inferred, but the present invention is made including all the inferred implementation methods, and the technical characteristics are not limited to the implementation method shown in FIG. 3 only.

Referring to FIG. 3 , the server 100 identifies a random number table displayed on one side of the card medium 150 and, at the same time, uniquely generates a one-time code to be dynamically generated through the chip 200 embedded in the card medium 150 . Stores one or more unique identification values that uniquely identify.

As the transaction medium 160 requests a transaction using one or more of the random number code and the one-time code of the card medium 150 as an authentication means (305), the server 100 performs the transaction requested from the transaction medium 160 Confirms at least one of the type and the type of the transaction medium 160 (310), and according to the specified medium separation principle, a code corresponding to the type of transaction and/or the type of the transaction medium 160 is used as the authentication means of the transaction. Determine (315). The process of determining at least one of the random number code and the one-time code of the card medium 150 as an authentication means may be processed by an application provided in the transaction medium 160 (315).

The transaction medium 160 displays a UI for receiving a random number code included in a random number table displayed on one side of the card medium 150 from the user in accordance with the specified medium separation principle, and displays the UI from the user on one side of the card medium 150 . A random number code included in the displayed random number table may be input (320a). Alternatively, the card medium 150 is disposable based on a radio frequency signal (eg, power supply, a PIN value input to the terminal, a seed value, etc.) received according to NFC according to the specified medium separation principle. A code is dynamically generated and transmitted through the radio frequency signal (320b), and the transaction medium 160 is dynamically generated through the chip 200 of the card medium 150 through NFC according to the specified medium separation principle. The code may be received (320c), or the one-time code displayed on the designated terminal that has received the one-time code dynamically generated through the chip 200 of the card medium 150 may be input (320d). That is, when the transaction medium 160 is the type 1 transaction medium described in FIG. 1 , the type 1 transaction medium is a card medium ( 150) of a random number code and a one-time code may be obtained. If the transaction medium 160 is a type 2 transaction medium, the type 2 transaction medium may acquire one or more codes among a random number code and a one-time code of the card medium 150 according to the implementation method shown in FIG. . On the other hand, if the transaction medium 160 is a third type transaction medium, the third type transaction medium is a random number code and One or more of the one-time codes may be obtained.

The transaction medium 160 requests transaction authentication by using one or more codes of a random number code and a one-time code obtained from the card medium 150 as an authentication means of the transaction (325), and the server 100 is It is checked whether the code to be used matches at least one of the type of the transaction and the type of the transaction medium 160 ( 330 ). If the code used for the transaction does not match at least one of the type of the transaction and the type of the transaction medium 160 , the server 100 generates an authentication error regardless of the approval of the transaction, and accordingly, the transaction medium (160) outputs an authentication error for the code used for the transaction (335).

On the other hand, if the code used for the transaction matches at least one of the type of the transaction and the type of the transaction medium 160 , the server 100 uses the code used for the transaction as an authentication means from the transaction medium 160 . It processes so that the authentication procedure for the requested transaction is performed (340). If the code used for the transaction is not authenticated, the server 100 generates an authentication error regardless of the approval of the transaction, and accordingly, the transaction medium 160 outputs an authentication error for the code used for the transaction. do (335).

On the other hand, if the code used for the transaction is authenticated, the server 100 performs an approval procedure for the transaction requested from the transaction medium 160 as a result of authentication of the code used for the transaction ( 345 ), and the transaction medium (160) receives and outputs the approval result of the transaction (350).

105: identification value storage unit 110: storage medium
115: transaction processing unit 120: transaction identification unit
125: medium identification unit 130: code identification unit
135: code-medium matching unit 140: authentication procedure performing unit
150: card medium 160: transaction medium

Claims (2)

In the card having an antenna for transmitting and receiving a wireless signal based on NFC (Near Field Communication),
Based on the power supplied through the antenna, by processing NFC communication with a terminal at a close distance, information including a time value calculated by a specified timer and an authentication value for a specified authentication is provided, and authentication using the authentication value is performed. and a chip having an algorithm for generating a code to be provided to the terminal using a seed value including the time value and a stored value stored therein when performing authentication.
The method of claim 1,
The chip further receives at least one of a server-side received value received from a designated server through the NFC communication and a terminal-side stored value stored in the terminal,
The seed value further comprises at least one of the server-side received value and the terminal-side stored value.

Images