KR20230004042A - An apparatus for providing payment services of a distributed token for encrypted data of payment information to be used only by a specific franchisee and a method for operating it - Google Patents

Abstract

A method for operating a token processing device according to one embodiment of the present invention comprises the steps of: receiving a token issuance request for issuance of a token usable only at a first affiliated store from a user terminal or payment terminal; encrypting payment means data included in the token issuance request using a first encryption key calculated by using affiliated store information and encryption counter information of the first affiliated store; generating a distribution-type payment token for a first affiliated store-only transaction based on a first portion of the encrypted payment means data and the encryption counter information; and providing the distribution-type payment token to the user terminal or the payment terminal. According to the present invention, the method can prevent personal information such as card information from leaking.

Description

A payment service providing device that provides merchant-only distributed token payment of payment method data and its operation method IT}

The present invention relates to a distributed token processing device and an operating method thereof. More specifically, the present invention relates to a payment service providing apparatus and operation method for providing distributed token payment for affiliated store-only payment method data.

With the expansion of electronic payment infrastructure, credit payment services based on card payments such as credit cards, check cards, and debit cards (hereinafter referred to as "credit cards") have become common. In the credit payment service, after a user purchases goods or services by card payment at a member store, the user pays the price for using the goods or services to a credit card company, etc. It refers to a payment method using electronic payment infrastructure that receives payment.

The system for providing the credit payment service is a combination of a plurality of card terminals provided in a plurality of affiliated stores and a value added network (VAN) company that provides a payment agency service related to card payment between the plurality of affiliated stores and the card company. A server (hereinafter referred to as "a payment agent server") and a server of a card company that issued a credit card to a user are connected through a communication network. The VAN refers to a payment network for a payment transaction between card terminals and a card company server.

Although the payment system using such an electronic payment network has brought innovative improvements in the convenience and speed of payment, it continues to cause damage due to fraudulent use of card information data and leakage of personal information. In order to solve the problem, electronic payment methods that can maintain security due to hacking of communication networks have been proposed.

Among them, in the token payment method, a virtual temporary token valid for a certain period of time is issued from the payment company server to the user terminal in response to the user's unique information or card information, and when the full text of the payment request using the temporary token is received by the server , A method in which the payment company server checks card information mapped with the temporary token and requests card payment to the card company server may be exemplified.

Since this token payment method uses a temporarily issued virtual random token, there is an advantage in that personal information cannot be identified even if it is leaked.

However, since the temporarily issued token is also a payment method used for payment, an attacker hacks the token itself before payment or the payment method data itself in the full text of the payment request including the token, and uses it for payment at other merchants In the case of making a payment or requesting duplicate payment, there is a problem that it is very difficult for the payment company server to distinguish it, and there is no practical countermeasure at present.

In other words, even if the issued token is used at an affiliate store that the user did not intend, it is difficult for the payment company server to determine the authenticity of the payment request. There is a problem that increases the cost of infrastructure construction, and there is a problem that can only be solved by providing an attempt or damage processing at the point of post-settlement without determining it in real time.

Furthermore, the current token payment method is a method of generating a virtual random token and mapping it to real personal information. Personal information such as card information must be fully possessed by the payment company server in order to be matched with the virtual random token and verified. Therefore, even if a virtual random token is used, a fundamental problem is that if the database of the payment company server itself is hacked, card information and customer information will inevitably be leaked.

The present invention has been devised to solve the above problems, and the encrypted data of payment method data dedicated to a specific affiliate is obtained by specialized encryption processing from payment method data itself such as card information rather than a virtual random token. By creating and issuing distributed token information to replace payment methods, it is possible to prevent the leakage of personal information such as card information, as well as to verify the decentralized token information itself for use in other merchants. It is possible to quickly check whether or not it is reused, leaked, or hacked, and only the remaining decentralized token information is stored on the payment company server itself, so that even if the payment company server is hacked, the complete card information cannot be confirmed. Its purpose is to provide a payment service providing device and its operation method that provide distributed token payment for affiliates.

A method according to an embodiment of the present invention for solving the above problems is, in the operating method of a payment service providing device, a request for issuing a distributed token that can only be used at a first affiliated store corresponding to the payment terminal from a payment terminal. receiving; obtaining a distributed payment token using a first part of payment method encryption data obtained by encrypting payment method information included in the token issuance request exclusively for the first affiliated store using a hardware security module; Transmitting the full text of the distributed payment token for the first affiliated store-only transaction including the distributed payment token to the payment terminal; Receiving a payment approval request message using the distributed payment token from the payment terminal; obtaining payment method information obtained by decrypting the payment method encryption data by using the distributed payment token and member store identification information in the full text of the payment approval request; and processing a payment approval request to a payment company server using the payment method information.

In addition, an apparatus according to an embodiment of the present invention for solving the above problems is a payment service providing apparatus, receiving a request for issuing a distributed token that can only be used at a first affiliated store corresponding to the payment terminal from a payment terminal communication department; and obtaining a distributed payment token using a first part of the payment method encryption data in which the payment method information included in the token issuance request is encrypted exclusively for the first affiliated store using hardware security module equipment, and the distributed payment token and a distributed payment token management unit that transmits a full text of the distributed payment token for the transaction exclusively for the first affiliated store to the payment terminal, wherein the communication unit requests payment approval using the distributed payment token from the payment terminal. receiving the full text, and the payment approval processing unit obtains the payment method information by decrypting the payment method encryption data using the distributed payment token and affiliate identification information of the payment approval request message, and obtains the payment method information Process payment approval request to the used payment company server.

In addition, the method according to the embodiment of the present invention for solving the above problems may be stored in a program stored in a computer readable medium for executing the method in a computer and a recording medium in which the program is recorded. .

According to an embodiment of the present invention, the key serial information and encryption counter information issued in correspondence with the affiliate store information of the first affiliate store are converted into the payment method data included in the token issuance request, the affiliate store information and encryption counter information of the first affiliate store By performing encryption with a first encryption key calculated using information, and generating and distributing a distributed payment token for the first merchant-only transaction based on the first part of the encrypted card information and the encryption counter information , A safe payment service that can be used only at exclusive merchants, prevents reuse of the data itself, and prevents the entire card number from being stored on the payment company server, can be provided quickly without increasing the cost of building a separate infrastructure.

Accordingly, according to an embodiment of the present invention, according to a specialized encryption process from the payment method data itself, rather than a virtual random token, card information encryption data dedicated to a specific affiliate is generated, and it is composed of distributed token information to By issuing a replacement payment method, not only can personal information such as card information be prevented from being leaked, but also verification of the decentralized token information itself can be used in other merchants, reused, leaked, hacked, etc. can be quickly checked at the same time, and only the remaining decentralized token information is stored in the payment company server itself so that complete card information cannot be verified even if the payment company server is hacked. will be able to provide

1 is a conceptual diagram schematically illustrating an entire system according to an embodiment of the present invention.
2 is a block diagram showing a token processing device according to an embodiment of the present invention in more detail.
3 is a flowchart illustrating a token providing operation of a token processing device according to an embodiment of the present invention.
4 is a diagram for illustrating and explaining a distributed tokenization processing process according to an embodiment of the present invention.
5 is a flowchart illustrating a decryption operation of a token processing device according to an embodiment of the present invention.
6 is a diagram for illustrating and explaining a distributed token-based decryption processing process according to an embodiment of the present invention.
7 is a block diagram illustrating a payment service providing server in more detail according to an embodiment of the present invention.
8 is a ladder diagram for explaining a distributed payment token-based payment processing process according to an embodiment of the present invention.
9 is a ladder diagram for explaining a management process of a distributed payment token according to an embodiment of the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

The above objects, features and advantages of the present invention will become more apparent from the following detailed description taken in conjunction with the accompanying drawings. Hereinafter, preferred embodiments according to the present invention will be described in detail with reference to the accompanying drawings. Like reference numbers indicate like elements throughout the specification. In addition, if it is determined that a detailed description of a known function or configuration related to the present invention may unnecessarily obscure the subject matter of the present invention, the detailed description will be omitted.

Hereinafter, a server device and a terminal device related to the present invention will be described in more detail with reference to the drawings. The suffixes "module" and "unit" for components used in the following description are given or used together in consideration of ease of writing the specification, and do not have meanings or roles that are distinct from each other by themselves.

First, terms used in the specification of the present invention are briefly defined, and then embodiments of the present invention will be described.

The "payment terminal" described herein includes a POS terminal, a computer, a mobile phone, a smart phone, a laptop computer, a digital broadcasting terminal, a personal digital assistant (PDA), a portable multimedia player (PMP), and a navigation device. and the like may be included, but the present invention is not limited thereto, and other various devices capable of user input and information display may be used.

In addition, the term “relay server” refers to a server on the side of a VAN company that relays electronic payment of a combined card as an example, but various types of servers related to electronic payment of a credit card may also correspond to this, and depending on specific functions It is also possible to separate the actual payment relay function and other additional functions into a separate server form.

1 is a diagram showing an entire system according to an embodiment of the present invention.

Referring to FIG. 1 , the entire system according to an embodiment of the present invention may include a token processing device 100, a relay server 200, a payment terminal 300, and a card company server 500, and the token processing device 100 may include or be connected to a Hardware Security Module (HSM) device 101, and the payment terminal 300 may include or be connected to a card reader module 310.

Referring to FIG. 1, the relay server 200 is disclosed as an example of a financial server that relays the payment service of the card company server 500, and provides a value added value added service in an electronic payment system using a credit card. Network: VAN) company side server may be exemplified.

Here, the "financial server" may mean a server that processes information related to financial transactions. For example, the financial server includes a bank server that relays transactions between financial accounts, a VAN company server that relays financial card electronic payments, a card company server that processes payment approval for credit card transactions, and various other types of servers. may be applicable. In addition, there may be a form in which the actual financial transaction function and other additional functions are separated in the form of a separate server according to a specific function.

Normally, the card reader module 310 and the payment terminal 300 may be configured separately, but are often combined, and are generally referred to as 'POS terminal' or POS. However, below, a form in which the card reader module 310 is fully or partially coupled to the payment terminal 300 may also be referred to as the payment terminal 300 .

First, the card reader module 310 is a device for obtaining payment method data including a card number, etc., for example, from a magnetic strip reader (MSR) that reads card information from a magnetic card, or an integrated circuit (IC) card. It may be a variety of devices, such as an IC card reader for reading card information, an NFC reader for receiving card information using a short range wireless communication method, or a barcode reader for reading card information using a barcode.

In addition, the card reader module 310 may obtain pre-encrypted payment method data with a preset card information encryption key corresponding to the relay server 200, and the encrypted payment method data may be stored in the relay server 200 having a private key. Card information that has been pre-encrypted using a public key method to be decrypted only in .

In addition, the payment terminal 300, when pre-encrypted payment method data is obtained through the card reader module 310, distributed type for use as a payment method for the first affiliated store corresponding to the payment terminal 300 Issuance of a payment token is requested to the relay server 200 . Here, the request for issuing the distributed payment token of the payment terminal 300 may include the pre-encrypted payment means data.

Accordingly, the relay server 200 obtains pre-encrypted payment method data from the distributed payment token issuance request information received from the payment terminal 300, decrypts the pre-encrypted payment method data, and decrypts the distributed payment method. You can configure the data to be encrypted for the token. Here, the data to be encrypted may include, for example, at least one of a card number of a payment method, an expiration date, a separator, a filter, validation data, and CVC information.

Also, the relay server 200 may transmit a token issuance request including data to be encrypted to the token processing device 100 .

The token processing device 100 may obtain a decentralized payment token that has been subjected to distributed encryption so that it can be used only at the first affiliated store corresponding to the payment terminal 300, in response to data to be encrypted included in the token issuance request, , The acquired distributed payment token may be provided to the relay server 200 or the distributed payment token may be directly provided to the requested payment terminal 300.

Here, the token processing device 100 may include a hardware security module (HSM) equipment 101 inside or outside that generates and manages a base token derivation key through a physically secured hardware system, the hardware A first encryption key dedicated to the first affiliated store may be configured using the security module device 101, and the distributed payment token may be generated using at least a portion of payment method data encrypted with the first encryption key.

Describing the token processing device 100 in more detail, the token processing device 100 calculates the payment method data included in the token issuance request using the affiliate store information and encryption counter information of the first affiliate store. With 1 encryption key, it is possible to generate a distributed payment token for a transaction dedicated to the first affiliated store based on the encrypted first part of the encrypted payment method data and the encryption counter information, and the distributed payment token may be provided to the relay server 200 or the payment terminal 300.

And, the first encryption key can be calculated in the token processing device 100 using the hardware security module device 101. First, the hardware security module device 101 physically secures the hardware system. Through this, a base token derivation key for initial encryption key calculation for key serial information corresponding to affiliated store information of the first affiliated store can be output.

The token processing device 100 may calculate the initial encryption key using the key serial information and the base token derivation key, and calculate the first encryption key using the initial encryption key and the encryption counter information. can be printed out.

Accordingly, in the token processing device 100, while being processed as the first encryption key so that it can be used only at the first affiliated store, the server side does not have complete payment method data, so that the first part and the remaining second part are distributed and processed payment means A distributed payment token using data can be constructed, and the distributed payment token can be provided to the payment terminal 300 directly or via the relay server 200.

In addition, when the payment terminal 300 receives the distributed payment token for the first affiliated store, it generates and relays a full payment approval request using the distributed payment token and payment information (payment amount, payment date and time, product data, etc.) It can be transmitted to the server 200. Accordingly, the full text of the payment approval request may further include distributed payment token identifier information indicating that the distributed payment token is included in the full text.

Accordingly, the relay server 200 may transmit a decryption request corresponding to the distributed payment token to the token processing device 100 when the distributed payment token is obtained from the full text of the payment approval request.

The token processing device 100 attempts decryption using the affiliated store information included in the full payment approval request and the distributed payment token, but if decryption fails, transfers failure information to the relay server 200, relay server Step 200 may generate payment failure information and respond to the payment terminal 300 .

Here, if the payment fails, payment approval is requested from an affiliate store other than the first affiliate store, and the wrong key serial information is matched, or a transaction at a time other than the current transaction in which encryption counting is matched, or the first part of the payment data may be a transaction that is not normally confirmed, and a normal transaction can be approved only when the first part of the payment data for a transaction that is substantially counted in the first affiliated store is confirmed.

Accordingly, the token processing device 100 performs the derivation of the first encryption key based on the hardware security module device 101 again, and maps the distributed payment token including the first part of the payment method data and thereto. The integrity of the payment method data itself, the validity of the first affiliated store, and the validity of the transaction counter are obtained by combining the stored second part of the payment method data to obtain the encrypted payment method data and decrypting it with the first encryption key. It is possible to quickly verify at one time, acquire complete payment method data according to the verification result, and provide it to the relay server 200.

Thereafter, the relay server 200 may generate a payment approval request message to the card company server 500 using the payment method data and transmit it to the card company server 500, and receive an approval response from the card company server 500 to receive the payment terminal ( 300) can be transmitted. In addition, in the relay server 200, the payment method data used for the approval request is discarded, thereby removing the possibility of leaking personal information afterward.

Meanwhile, for the above operation, each payment terminal 300, relay server 200, card company server 500, and token processing device 100 are equipped with a communication module to enable network access to a network communication network or Internet network. and may be configured to be interconnected through a communication network connection.

In addition, the payment terminal 300 includes a POS module (not shown) for generating an approval request message, a communication module (not shown) for communicating with an external server such as the relay server 200, and a kind of distributing data. It may be configured to include a gateway module (not shown) serving as a gateway, a registry (not shown) for storing payment information data and distributed payment tokens or temporarily storing encrypted payment means data.

2 is a block diagram showing a token processing device according to an embodiment of the present invention in more detail.

Referring to FIG. 2 , the token processing device 100 according to an embodiment of the present invention includes a control unit 110, a communication unit 120, an affiliated store key management unit 130, an encryption processing unit 140, a payment token processing unit 150 , a transaction counter management unit 160, a service provider 170, a storage unit 180, and a data management unit 190.

The control unit 110 may include one or more microprocessors for controlling the overall operation of each component and driving the operation of the token processing apparatus 100 according to an embodiment of the present invention.

The communication unit 120 may include one or more communication modules for transmitting and receiving data for wired/wireless communication with the relay server 200 . The communication module may include a wired/wireless communication interface module, a modem that encodes and modulates a signal to be transmitted, and demodulates and decodes a signal received through a cable or antenna, and an RF front end that processes an RF signal. etc. can be exemplified.

Also, the affiliate store key management unit 130 maps, stores, and manages key serial information issued in correspondence with each affiliate store. Here, the key serial information can be stored and managed in a DUKPT DUKPT (Derived Unique Key Per Transaction)-based KSN (Key Serial Number) format, and the affiliated store key management unit 130 uses the KSN dedicated to each affiliated store to be managed. The KSN for each specific affiliated store can be updated.

In addition, the specific affiliated store KSN managed by the affiliated store key management unit 130 may be interlocked with the base token derivation key output from the hardware security module device 101 . Here, the hardware security module device 101 is a base token for calculating an Initial Pin Encryption Key (IPEK) for key serial information corresponding to affiliated store information of a specific first affiliated store through a physically secured hardware system It may be a device that outputs an induction key.

This hardware security module device 101, also referred to as a hardware security module (HSM), may be a normal hardware security module device 101 used as a dedicated hardware system device for generating and managing encryption keys. It has a hardware random number generation function that generates random numbers using hardware noise as a source, and can be equipped with dedicated OS and software to prevent stealing of encryption keys. In particular, including a defense function against physical attacks, A function of self-destroying an encryption key in storage may be provided. Furthermore, the hardware security module device 101 may further include a cryptographic calculation function and a log management function for performing part of the cryptographic calculation within the hardware security module device 101 .

This hardware security module device 101 can be used to generate an encryption key for encrypting card information, but in order to generate a distributed payment token according to an embodiment of the present invention, KSN information and calculation of the specific affiliated store It can be used to obtain a base derivation key (BDK) for a token that enables an initial encryption key (IPEK) to be obtained. The base derivation key for the token may also be referred to as the base token derivation key, and may be the topmost unique key for acquiring the first encryption key, so that strong security of the encryption process through the hardware security module equipment 101 is maintained. It becomes possible.

In addition, the encryption processing unit 140 may calculate an initial encryption key using the KSN dedicated to the affiliated store and the base token derivation key of the hardware security module device 101 . Here, the initial encryption key may be in the form of IPEK (Initial Pin Encryption Key), and IPEK and encryption counter information (encryption KSN, etc.) are calculated to finally calculate the first encryption key according to an embodiment of the present invention. can

Here, the transaction counter management unit 160 may store and manage the encryption counter information, and the encryption counter information increases in response to each transaction as encryption of payment method data according to each transaction is processed. As serial number information that can only be renewed, it can be calculated through encrypted KSN.

Accordingly, when the first encryption key is obtained, the encryption processing unit 140 may process encryption of the payment means data using the first encryption key, wherein the first encryption key is a symmetric key type encryption key. can This is to confirm and use the same key during decryption later. For example, a symmetric key encryption method of the AES 128/256 method may be exemplified.

Further, the payment token processing unit 150 may generate a distributed payment token for the first affiliated store-only transaction based on the first part of the encrypted payment method data and the encryption counter information.

More specifically, the payment token processing unit 150 extracts at least a part corresponding to the first part of the encrypted payment means data, and combines the encryption counter information obtained from the encrypted KSN information to configure the distributed payment token. can do.

Accordingly, the service providing unit 170 may convert the configured distributed payment token into a preset message form and provide it to the relay server 200 or the payment terminal 300 through the communication unit 120 .

Here, the preset telegram form may include a text telegram format instructed to use the distributed payment token only as a payment method corresponding to the transaction exclusively for the first affiliated store, and the distributed payment token is in Base64 format It may be a string token or a string token in HexString format and included in the full text.

The number of valid uses or the valid period of use of the distributed token may be specified in the full text of the distributed payment token. can be managed

On the other hand, the data management unit 190 matches the second part of the encrypted payment method data except for the first part with key serial information issued in correspondence with the affiliated store information of the first affiliated store, so that the distributed type It can be stored and managed in the storage unit 180 as a mapping database for decrypting the encrypted payment method data from the full text of the payment approval request using the payment token.

This mapping database may be configured as a database for indexing the second part in correspondence with the payment method data of the first part of the distributed payment token in the full text of the payment approval request, and converting the key serial information to a hash function It can be processed and stored and managed as index information.

Accordingly, when the payment approval request is received through the communication unit 120 and the distributed payment token is confirmed, the data management unit 190 converts the affiliated store identification information of the first affiliated store included in the distributed payment token into an affiliated store key Transfer to the management unit 130 to obtain key serial information (affiliate store KSN) corresponding to the affiliate store identification information of the first affiliate store, and process the affiliate store KSN with a hash function to obtain the encrypted payment method using index information obtained A second portion of data may be indexed in the mapping database.

The data of the second part obtained from the data management unit 190 is combined with the data of the first part included in the decentralized payment token to reconstruct encrypted payment method data.

In addition, the encryption processing unit 140, the encryption counter information (encrypted KSN-based counter information) included in the distributed payment token of the payment approval request message and the key serial information issued in response to the affiliate store information of the first affiliate store (affiliate store KSN), the first encryption key processed through the hardware security module device 101 can be obtained again, and the encrypted payment means data can be decrypted using the first encryption key. there is.

Accordingly, the service provider 170 may provide the decrypted payment method data to the relay server 200, and the relay server 200 may use the payment method data to pay a payment company such as the card company server 500. By generating a payment approval request message to the server and transmitting it through the communication unit 120, final payment approval and response processing are performed. The payment method data used here is deleted after use, and in the case of the decentralized payment token, it may be deleted according to the use completion information received through the payment terminal 300 .

According to this configuration, payment processing exclusively for the first affiliate based on the decentralized payment token becomes possible, and if the affiliate identified from the full text and the actual affiliate KSN do not match, it is not a dedicated affiliate, so the payment method data of the second part If the index fails and the encryption counter information (KSN counter) does not match, the first encryption key cannot be derived, so decryption becomes impossible, and the first part of the distributed token or the payment method data itself of the second part Since it is impossible to restore the actual payment method data alone, even if the relay server 200 or the token processing device 100 itself is hacked and the stored information is leaked, reuse can be fundamentally prevented.

Meanwhile, the storage unit 180 may store and manage encryption information processed by the token processing device 100, payment method data, member store identification information, distributed token information, and a mapping database. The storage unit 180 includes RAM (Random Access Memory), flash memory, ROM (Read Only Memory), EPROM (Erasable Programmable ROM), EEPROM (Electronically Erasable and Programmable ROM), registers, hard disks, removable disks, and memory cards. It may be implemented as a storage device of a built-in type such as the like, as well as a storage device of a removable type such as a USB memory.

3 is a flowchart illustrating a token provision operation of a token processing device according to an embodiment of the present invention, and FIG. 4 is a diagram for illustrating and explaining a distributed tokenization processing process according to an embodiment of the present invention.

Referring to FIGS. 3 and 4 , first, the token processing device 100 receives a token issuance request for a first affiliated store corresponding to the payment terminal 300 network (S101).

Then, the token processing device 100 obtains encryption target data included in the token issuance request (S103).

Here, the data to be encrypted may include card number and expiration date information as shown in FIG. 4, and may further include delimiter information, filter information, and CRC information.

And, as shown in FIG. 4, the token processing device 100 may convert data to be encrypted composed of a normal string into a BCD (Binary-coded Decimal, BCD) type to facilitate encryption processing. This is a numeral system in which four binary digits are combined into one decimal digit, enabling rapid conversion.

Meanwhile, referring to FIG. 3 again, the token processing device 100 obtains key serial information (merchant KSN) corresponding to the affiliate store information of the first affiliate store (S105), and obtains a key corresponding to the affiliate store information of the first affiliate store. Serial information is input to the hardware security module device 101 to obtain a base token derivation key for initial encryption key calculation for the key serial information (S107).

Referring to FIG. 4 , the hardware security module device 101 may generate a token base derivation key (BDK) linked with an affiliated store KSN in a secure state according to hardware random number processing.

And, referring to FIGS. 3 and 4, the token processing device 100 calculates the initial encryption key (merchant shop IPEK) using the key serial information (affiliate shop KSN) and the base token derivation key, and the initial A first encryption key is calculated using an encryption key (affiliate store IPEK) and encryption counter information (KSN transaction counter of encryption KSN) corresponding to the data to be encrypted (S109).

Here, the first encryption key is a key for encrypting the next card and may also be referred to as FK (Future Key), and in FIG. 4 , the card encryption FK may function as the first encryption key. This may be assigned as a payment method encryption key dedicated to the first affiliated store, and the BCD type-converted data to be encrypted may be encrypted with a card encryption FK to form card number encryption data.

Meanwhile, referring to FIG. 3, the token processing device 100 generates a distributed payment token for the first affiliated store-only transaction based on the first part of the encrypted card information and the encryption counter information (S111) .

Referring to FIG. 4 again, when a string conversion process (Base 64, HexString, etc.) is performed by connecting the upper 8 BYTE information of the card number encrypted data with the KSN transaction counter information of the card encrypted KSN, a decentralized distributed payment token is obtained. can be configured.

And, referring to FIG. 3, the token processing device 100 matches the second part of the encrypted card information excluding the first part with the key serial information issued in correspondence with the affiliate store information of the first affiliate store. , The encrypted card information from the payment approval request using the distributed payment token is stored as a mapping database for decryption (S113).

As shown in FIG. 4, the affiliate store KSN can be HASH-processed and used as an index key for the remaining second part (lower 8 BYTE) data, and according to the storage and management of the mapping database, the first part and the second part Cross-index mapping and joining is easily accomplished.

Then, the configured distributed payment token may be distributed to the payment terminal 300 or the relay server 200 (S115). Alternatively, the distributed payment token may be distributed to a relay server, a payment terminal, or a specific user terminal and used for online payment.

5 is a flowchart illustrating a decryption operation of a token processing device according to an embodiment of the present invention, and FIG. 6 is a diagram illustrating and explaining a distributed token-based decryption processing process according to an embodiment of the present invention.

5 and 6, it shows a process of restoring payment method data corresponding to a distributed payment token using a pre-stored mapping database and hardware security module equipment 101. First, the token processing device 100 A card information decryption request including a distributed payment token is received from the relay server 200 (S201).

Here, the card information decryption request may be generated from the full payment approval request of the payment terminal 300, and may include the distributed payment token and member store identification information.

Then, the token processing device 100 acquires the pre-stored second part by using key serial information issued corresponding to the affiliated store information of the first affiliated store (S103).

To this end, the token processing device 100 may obtain affiliated store key serial information identified in the affiliated store key management unit 130 in response to affiliated store identification information included in the card information decryption request, and hash the key serial information ( HASH) function, and the second part may be indexed in the mapping database using the hash function-processed key serial information as a key.

Thereafter, the token processing device 100 acquires encrypted card information by combining the first part and the second part of the payment method data included in the distributed payment token (S205).

Then, the token processing device 100 obtains the first encryption key by performing the hardware security module equipment-based operation based on the key serial information issued in correspondence with the encryption counter information and the affiliate store information of the first affiliate store (S207).

Thereafter, the token processing device 100 decrypts the encrypted card information using the first encryption key (S209), and the decrypted card information may be provided to the relay server 200 (S211).

A process of obtaining and decrypting the first encryption key is illustrated in more detail in FIG. 6 . Referring to FIG. 6, in the full text of the token payment approval request, the upper 8 bytes of the card number encryption data and the KSN transaction counter can be identified as distributed payment token data, and the affiliate store KSN corresponding to the affiliate store identification information (merchant store ID, TID) This query can be processed.

Accordingly, the token processing device 100 may search the mapping database using the HASH-processed value of the merchant KSN as a key, and the second part (lower 8BYTE) data indexed therefrom is combined with the first part to obtain a card Number encryption data (16BYTE) can be configured.

In addition, the token processing device 100 may re-output the token BDK using the affiliate store KSN, calculate the affiliate IPEK, and reconstruct the card encryption FK using the KSN transaction counter, which is the affiliate store exclusive payment method data It can be used as a decryption key for

Accordingly, the decrypted card number data is transmitted to the relay server 200 again, so that payment approval processing is performed through the card company server 500 .

7 is a block diagram illustrating a payment service providing server in more detail according to an embodiment of the present invention.

Referring to FIG. 7 , the relay server 200 according to an embodiment of the present invention may operate as a payment service providing server that relays payment approval processing between the card company server 500, which is a payment company server, and the payment terminal 300, and , Issuance and management of distributed payment tokens for payment service provision according to an embodiment of the present invention, specialized processing of payment approval requests based on distributed payment tokens, and approval requests and responses can be performed.

To this end, the relay server 200 according to an embodiment of the present invention, as shown in FIG. It includes a payment approval processing unit 250 and a storage unit 260 .

The control unit 210 controls the overall operation of each component of the relay server 200, and one or more microcontrollers for executing a payment process based on the distributed payment token of the relay server 210 according to an embodiment of the present invention. may include a processor.

The communication unit 220 may include one or more communication modules for transmitting/receiving data for wired/wireless communication with the payment terminal 300, the card company server 500, or the token processing device 100. The communication module may include a wired/wireless communication interface module, a modem that encodes and modulates a signal to be transmitted, and demodulates and decodes a signal received through a cable or antenna, and an RF front end that processes an RF signal. etc. can be exemplified.

The affiliated store information management unit 230 may register, store, and manage affiliated store information corresponding to the payment terminal 300 in advance. Affiliate store information may include, for example, affiliate store name, business registration number, affiliate store address, affiliate phone number, etc., and identification information (TID) of a terminal registered in correspondence with the affiliate store may be stored as affiliate store identification information. In addition, terminal identification information (TID) of each of the plurality of payment terminals 300 may be grouped and stored in one member store identification information. Accordingly, the terminal identification information may be used as affiliate store identification information for identifying the first affiliate store to use the above-described distributed payment token.

In addition, when the distributed payment token management unit 240 receives a request for issuing a distributed token that can only be used at the first affiliated store corresponding to the payment terminal through the communication unit 220 from the payment terminal 300, the token issuance request Transfers the payment method information and affiliate identification information included in the token processing device 100, and uses the hardware security module equipment 101 in the token processing device 100 to encrypt the payment method encrypted exclusively for the first affiliated store A decentralized payment token using the first part of the data may be received and obtained.

Here, the process of generating the distributed payment token may be performed in the same manner as described above with reference to FIGS. 1 to 6.

In addition, the distributed payment token management unit 240 may transmit and process the full text of the distributed payment token for the transaction exclusively for the first affiliated store including the distributed payment token to the payment terminal.

Meanwhile, the payment approval processing unit 250 may receive a full text of a payment approval request using the distributed payment token from the payment terminal 300 through the communication unit 220, and the distributed payment of the full text of the payment approval request. The token and merchant identification information are transferred to the token processing device 100, the payment method information obtained by decrypting the payment method encryption data is obtained from the token processing device 100, and the payment company server using the payment method information A payment approval request to the card company server 500 may be processed.

Also, the payment approval processing unit 250 may receive a payment approval response from the card company server 500 through the communication unit 220 and transmit it to the payment terminal 300 .

On the other hand, the storage unit 260 may store and manage the full text of payment approval requests processed by the relay server 200, distributed payment tokens, member store information, payment method data, and the like. The storage unit 260 includes RAM (Random Access Memory), flash memory, ROM (Read Only Memory), EPROM (Erasable Programmable ROM), EEPROM (Electronically Erasable and Programmable ROM), registers, a hard disk, a removable disk, and a memory card. It may be implemented as a storage device of a built-in type such as the like, as well as a storage device of a removable type such as a USB memory.

8 is a ladder diagram for explaining a distributed payment token-based payment processing process according to an embodiment of the present invention.

Referring to FIG. 8 , in the distributed payment token-based payment processing process according to an embodiment of the present invention, the payment program is first executed in the payment terminal 300 (S1001), and the payment terminal 300 receives payment information from the user. Input is received (S1003).

Then, the payment terminal 300 transmits a distributed payment token issuance request corresponding to the payment method data input from the user to the relay server 200 (S1005).

Thereafter, the relay server 200 transmits a distributed payment token issuance request including payment method data and member store identification information to the token processing device 100 (S1007).

Then, the token processing device 100 encrypts the payment method data for the first affiliated store corresponding to the payment terminal (S1009), and generates a distributed payment token using the first part of the encrypted payment method data and the encryption counter (S1011), and stores and manages the remaining second partial data and hash information of the affiliated store KSN in a database by mapping them (S1013).

Thereafter, the token processing device 100 provides the distributed payment token to the relay server 200 (S1015), and the distributed payment token is registered and status information in the distributed payment token management unit 240 of the relay server 200. can be managed.

Then, the registered distributed payment token is delivered to the payment terminal 300 (S1017), and the payment terminal 300 generates a full payment approval request using the distributed payment token (S1019), and sends it to the relay server 200. Transmit (S1021).

Thereafter, the relay server 200 extracts the distributed payment token and affiliate identification information from the full text of the payment approval request (S1023), and transfers the extracted distributed payment token and affiliate identification information to the token processing device 100 to provide payment means Decryption of data is requested (S1025).

Thereafter, the token processing device 100 indexes the second partial data using hash information of the affiliated store KSN corresponding to the affiliated store identification information as a key in the mapping database, and combines the indexed second partial data with the first partial data to obtain encrypted payment method data (S1027), and decryption processing is performed using the decryption key dedicated to the first affiliated store using the affiliated store KSN and the encryption KSN including the encryption counter and the hardware security module equipment 101 (S1029 ).

Accordingly, the decrypted payment method data is transmitted to the relay server 200 (S1031), and the relay server 200 transmits a payment approval request based on the payment method data to the card company server 500 (S1033), and the result It is received (S1035) and the response message is transmitted to the payment terminal 300 (S1037).

When the approval process is completed, the relay server 200 may perform management processing such as deducting the number of times of use of the distributed payment token through the distributed payment token management unit 240. Status information corresponding to the number of uses or the expiration date may be managed and inquired according to a request of the payment terminal 300 .

9 is a ladder diagram for explaining a management process of a distributed payment token according to an embodiment of the present invention.

Referring to FIG. 9, the payment terminal 300 may select a distributed payment token currently received from the relay server 200 and managed (S2001), and search status information corresponding to the selected distributed payment token to the relay server (S2001). 200) can be requested (S2003).

Accordingly, the relay server 200 may request token status information inquiry from the token processing device 100 or query management information managed by the relay server 200 (S2005), and the inquired status information may be retrieved from the payment terminal ( 300) may be processed as a response (S2007, S2009).

On the other hand, the relay server 200 may check the discontinued processing of the distributed payment token as status information according to a preset condition (S2011).

Here, the status information can be exemplified by the current number of uses versus the number of valid uses or the current use time compared to the valid period. Managing the status information of these tokens is useful in various payment systems such as gas stations, unmanned vending machines, amusement parks, and hotels. can be utilized For example, a distributed payment token set to allow payment for a certain amount of time, such as in a hotel or amusement park, can be created, and a distributed payment token set to allow payment only a certain number of times at a gas station can be created. The type payment token management unit 240 may directly perform unavailability processing for an expired token or the like according to the state information inquiry.

Here, the unusable processing includes the individual deletion processing of the distributed payment token itself for which the number of uses or the expiration date has elapsed, or the decryption rejection processing that causes the relay server 200 to reject decryption even if the token is not deleted. Alternatively, it may include batch deletion processing of unusable processing tokens accumulated over a certain period of time.

For example, the relay server 200 may perform unusable processing of a distributed payment token whose expiration date or number of uses has exceeded, and may transmit the information to the token processing device 100 (S2015), according to the decision Token unavailability processing result information may be transmitted to the relay server 200, and token unusable response information may be transmitted to the payment terminal 300 as status information (S2019).

In addition, when the token processing device 100 receives a token deletion request, the second part of the encrypted payment method data mapped and stored in the mapping database and the affiliate KSN hash information are deleted, thereby preventing the distributed payment token from being used any longer can be dealt with Furthermore, all of the distributed payment tokens stored and managed in the payment terminal 300 or the relay server 200 are deleted and processed so that both the first partial data and the second partial data are not reused.

Meanwhile, FIGS. 10 and 11 are ladder diagrams for explaining a distributed payment token-based payment processing process according to other embodiments of the present invention.

10 and 11, the decentralized payment token-based payment processing process according to another embodiment of the present invention is based on preliminary approval and true approval in various payment systems such as gas stations, unmanned vending machines, amusement parks, and hotels. It can be processed as a payment process of

In particular, when the payment process based on the distributed payment token according to the embodiment of the present invention is processed into two payment processes divided into preliminary approval and true approval, which will be described later, when a payment error occurs, incorrect billing, or illegal use cases can be prevented in advance, a process for acquiring a separate token is not required, and a secure decentralized payment token-based payment process is processed with only one payment method recognition, and provisional approval as a result of normal processing Since the approval and cancellation responses of the full request can be confirmed, and the decentralized payment token-based approval and payment responses of the true approval request can be confirmed, the payment details management in the payment terminal 300 can also be easily processed. there is.

To this end, the relay server 200 can issue a distributed payment token and transaction serial number corresponding to the provisional approval payment request as the distributed token issuance request of the payment terminal 300, and the transaction serial number and card number information of payment means can be mapped, stored and managed.

In addition, the payment terminal 300 receives a pre-approval result response including the transaction serial number and the distributed payment token, and sends a pre-authorization cancellation request based on the transaction serial number and a true authentication payment request based on the distributed payment token. It can be transmitted to the relay server 200.

Corresponding to this, the payment processing process for each case is disclosed in FIGS. 10 and 11 . Here, the provisional approval may correspond to a pre-approval request corresponding to a preset tentative transaction amount, the preset tentative transaction amount may be greater than or equal to the actual transaction amount of the true transaction amount, and the true transaction amount corresponding to the actual transaction amount. It can also be referred to as a post-approval request.

Therefore, the decentralized token issuance request in FIG. 8 may include a provisional approval payment request corresponding to the tentative transaction amount received from the payment terminal in FIGS. 10 and 11, and the distributed payment token full text is A preliminary authorization result response corresponding to the payment request may be included, and the preliminary authorization result response may include a transaction serial number used to cancel the preliminary authorization payment and the distributed payment token.

Furthermore, a genuine approval payment request corresponding to a transaction for which cancellation of the provisional approval payment is confirmed may be processed, and the true approval payment request may function as a full text of a payment approval request using the distributed payment token. In addition, an integrated message in which the pre-approved payment cancellation using the transaction serial number and the true-approved payment request message using the distributed payment token are combined may be used as the payment approval request message using the distributed payment token. This will be described in more detail in FIGS. 10 and 11 .

First, referring to FIG. 10, in the decentralized payment token-based payment processing process according to an embodiment of the present invention, first, a payment program is executed in the payment terminal 300 (S3001), and the payment terminal 300 makes payment from the user. Sudan data and pre-approved payment information including the transaction amount are input, and a pre-approval request message is generated (S3003).

Then, the payment terminal 300 transmits a provisional approval payment request including the payment method data input from the user and the tentative transaction amount to the relay server 200 (S3005).

Thereafter, the relay server 200 transmits the provisional approval payment request to the card company server 500 (S3007) and receives an approval response corresponding thereto (S3009).

Here, the relay server 200 may issue a transaction serial number corresponding to the approved pre-approved payment in advance, and the issued transaction serial number is composed of a card number of the payment method data and a mapping table, so that the relay server 200 may be temporarily stored.

Thereafter, the relay server 200 transmits a distributed payment token issuance request including payment method data and member store identification information to the token processing device 100 (S3011).

Then, the token processing device 100 encrypts the payment method data for the first affiliated store corresponding to the payment terminal (S3013), and generates a distributed payment token using the first part of the encrypted payment method data and the encryption counter And (S3015), the remaining second partial data and the hash information of the affiliated store KSN are mapped and stored and managed in the database (S3017).

Thereafter, the token processing device 100 provides the distributed payment token to the relay server 200 (S3019), and the distributed payment token is registered and status information in the distributed payment token management unit 240 of the relay server 200. can be managed.

In addition, the registered distributed payment token may be included in the full text of the preliminary approval result response along with transaction serial number information and delivered to the payment terminal 300 (S3021).

In addition, the payment terminal 300 may generate a temporary approval payment cancellation request message using only the transaction serial number in response to the preliminary approval result response, and transmit it to the relay server 200 (S3023).

Thereafter, the relay server 200 may obtain card number information for pre-approval cancellation using a pre-mapped transaction serial number and a card number mapping table without a separate card number or token, and the obtained transaction serial number With the card number corresponding to the number, a request to cancel provisional authorization to the card company server 500 is requested (S3025).

Then, the relay server 200 receives the provisional authorization cancellation response from the card company server 500 (S3037) and transmits it to the payment terminal 300 (S3039).

Thereafter, the payment terminal 300 generates a true approval payment request message including the actual transaction amount and the distributed payment token for the first affiliate in response to the canceled pre-approval payment, and transmits it to the relay server 200 (S3041).

Accordingly, the relay server 200 extracts the distributed payment token and member store identification information from the full text of the payment approval request for Jinseung (S3043), and delivers the extracted distributed payment token and affiliate store identification information to the token processing device 100 to request decryption of the payment method data (S3045).

Thereafter, the token processing device 100 indexes the second partial data using hash information of the affiliated store KSN corresponding to the affiliated store identification information as a key in the mapping database, and combines the indexed second partial data with the first partial data to obtain encrypted payment method data (S3047), and decryption processing is performed using the decryption key dedicated to the first affiliated store using the affiliated store KSN and the encryption KSN including the encryption counter and the hardware security module equipment 101 (S3049 ).

Accordingly, the decrypted payment method data is transmitted to the relay server 200 (S3051), and the relay server 200 transmits a payment approval request based on the payment method data to the card company server 500 (S3053). The result is received (S3055) and a response message is transmitted to the payment terminal 300 (S3057).

Here, a key-in approval request message format may be used for the Jin Approval payment approval request transmitted from the relay server 200 to the card company server 500 . The key-in approval request is a method of requesting approval by directly inputting card information rather than separate encrypted data. In case the reader function of the terminal is broken, etc. As a possible approval request method, the relay server 200 generates a full text of a key-in approval request including the decrypted payment method data as card information as a payment approval request for true approval and transmits it to the card company server 500, A key-in approval response message may be received as a result and transmitted to the payment terminal 300 .

Accordingly, the payment terminal 300 can receive a key-in approval response of the decrypted payment means data as a full response corresponding to a genuine approval payment request including a distributed payment token.

According to this processing, the payment process using the distributed payment token according to the embodiment of the present invention can be implemented by the pre-approval and true-approval processes. As the payment token is used only for the payment of Jin-seung, it reduces the network load and can be applied to the payment process based on pre-approval and Jin-seung in various payment systems such as gas stations, unmanned vending machines, amusement parks, and hotels in a more efficient and rapid form. can

Also, referring to FIG. 11 , in the distributed payment token-based payment processing process according to another embodiment of the present invention, steps S4001 to S4021 may be performed identically to steps S3001 to S3021 of FIG. 10 .

Then, in response to the preliminary approval result response, the payment terminal 300 combines the full text of the temporary authorization payment cancellation request using only the transaction serial number and the full text of the true authorization payment request corresponding to the actual transaction amount and including the distributed payment token. , temporary approval cancellation and true approval approval request full text may be generated and transmitted to the relay server 200 (S4023).

Thereafter, as in FIG. 10, the relay server 200 can obtain card number information for pre-approval cancellation using a pre-mapped transaction serial number and a card number mapping table without a separate card number or token. , With the card number corresponding to the obtained transaction serial number, the card company server 500 requests cancellation of provisional authorization (S4025).

Then, the relay server 200 receives the provisional authorization cancellation response from the card company server 500 (S4027).

In addition, the relay server 200 extracts the distributed payment token and affiliate identification information from the full text of the payment approval request for Jinseung (S4029), and delivers the extracted distributed payment token and affiliate identification information to the token processing device 100 to Decryption of payment method data is requested (S4031).

Thereafter, the token processing device 100 indexes the second partial data using hash information of the affiliated store KSN corresponding to the affiliated store identification information as a key in the mapping database, and combines the indexed second partial data with the first partial data to obtain encrypted payment method data (S4033), and decryption processing is performed using the first affiliated store decryption key using the affiliated store KSN and the encryption KSN including the encryption counter and the hardware security module equipment 101 (S4035 ).

Accordingly, the decrypted payment method data is transmitted to the relay server 200 (S4037), and the relay server 200 transmits a payment approval request based on the payment method data to the card company server 500 (S4039). The result is received (S4041) and a response message is transmitted to the payment terminal 300 (S4043).

Here, the full text of the response may include the full text of the response to the cancellation of provisional authorization and the payment approval of true authorization, which can be transmitted as a unit to reduce the network load and provide rapid processing of cancellation of preliminary authorization and payment of true authorization. .

The method according to the present invention described above may be produced as a program to be executed on a computer and stored in a computer-readable recording medium. Examples of the computer-readable recording medium include ROM, RAM, CD-ROM, and magnetic tape. , floppy disks, optical data storage devices, and the like, and also includes those implemented in the form of carrier waves (for example, transmission through the Internet).

The computer-readable recording medium is distributed to computer systems connected through a network, so that computer-readable codes can be stored and executed in a distributed manner. In addition, functional programs, codes, and code segments for implementing the method can be easily inferred by programmers in the technical field to which the present invention belongs.

In addition, although the preferred embodiments of the present invention have been shown and described above, the present invention is not limited to the specific embodiments described above, and the technical field to which the present invention belongs without departing from the gist of the present invention claimed in the claims. Of course, various modifications can be made by those skilled in the art, and these modifications should not be individually understood from the technical spirit or perspective of the present invention.

Claims (25)

In the operation method of the payment service providing device,
Receiving a request for issuing a distributed token usable only in a first affiliated store from a payment terminal;
obtaining a distributed payment token using a first part of payment method encryption data obtained by encrypting payment method information included in the token issuance request exclusively for the first affiliated store using a hardware security module;
Transmitting the full text of the distributed payment token for the first affiliated store-only transaction including the distributed payment token to the payment terminal;
Receiving a payment approval request message using the distributed payment token from the payment terminal;
obtaining payment method information obtained by decrypting the payment method encryption data by using the distributed payment token and member store identification information in the full text of the payment approval request; and
Processing a payment approval request to a payment company server using the payment method information
A method of operating a payment service providing device. According to claim 1,
The distributed token issuance request includes a provisional approval payment request corresponding to the provisional transaction amount received from the payment terminal,
The full text of the distributed payment token includes a preliminary authorization result response corresponding to the preliminary authorization payment request;
The preliminary approval result response includes the transaction serial number used to cancel the preliminary approval payment and the distributed payment token
A method of operating a payment service providing device. According to claim 2,
In the step of receiving a payment approval request message using the distributed payment token from the payment terminal,
Receiving, from the payment terminal, a true approval payment request corresponding to the transaction for which the cancellation of the provisional approval payment is confirmed as a full text of a payment approval request using the distributed payment token
A method of operating a payment service providing device. According to claim 2,
In the step of receiving a payment approval request message using the distributed payment token from the payment terminal,
Receiving, from the payment terminal, an integral message in which the pre-approved payment cancellation using the transaction serial number and the true-approved payment request message using the distributed payment token are combined as a payment approval request message using the distributed payment token. including
A method of operating a payment service providing device. According to claim 1,
The step of acquiring the distributed payment token,
Transmitting the payment method information to a token processing device so that the payment method data included in the token issuance request is encrypted with a first encryption key calculated using affiliated store information and encryption counter information of the first affiliated store. ; and
Receiving the distributed payment token for the first affiliated store-only transaction, generated based on the first part of the encrypted payment method data and the encryption counter information, from the token processing device
A method of operating a payment service providing device. According to claim 5,
The first encryption key is calculated using hardware security module equipment,
The hardware security module equipment,
Outputting a base token derivation key for initial encryption key calculation for key serial information corresponding to affiliated store information of the first affiliated store through a physically secured hardware system;
The token processing device
Calculating the initial encryption key using the key serial information and the base token derivation key, and calculating and outputting the first encryption key using the initial encryption key and the encryption counter information
A method of operating a payment service providing device. According to claim 6,
The token processing device,
By matching the second part except for the first part of the encrypted payment method data with key serial information issued in correspondence with the affiliated store information of the first affiliated store, from the payment approval request using the distributed payment token To decrypt encrypted payment method data, to store as a mapping database
A method of operating a payment service providing device. According to claim 7,
Receiving a payment approval request message using the distributed payment token from the payment terminal;
extracting the distributed payment token and member store identification information from the full text of the payment approval request; and
Transmitting a payment method data decryption request including the decentralized payment token and the member store identification information to the token processing device.
A method of operating a payment service providing device. According to claim 8,
The token processing device obtains the pre-stored second part using key serial information issued in correspondence with the affiliated store information of the first affiliated store included in the decryption request, and obtains the first part of the payment method encryption data. Obtaining the payment method encryption data by combining a part and the second part
A method of operating a payment service providing device. According to claim 8,
Decryption processing using the first encryption key processed through the hardware security module device by using the key serial information issued from the token processing device in correspondence with the encryption counter information and the affiliated store information of the first affiliated store Further comprising the step of receiving the payment method data
A method of operating a payment service providing device. According to claim 1,
Further comprising setting a valid use count or valid use period of the distributed payment token
A method of operating a payment service providing device. According to claim 11,
Retrieving status information including the valid use count or valid use period of the distributed payment token; and
Including the step of performing deletion processing of the distributed payment token for which the status information is inquired.
A method of operating a payment service providing device. In the payment service providing device,
a communication unit receiving a request for issuing a distributed token usable only at the first affiliated store from the payment terminal; and
Obtaining a distributed payment token using a first part of the payment method encryption data in which the payment method information included in the token issuance request is encrypted exclusively for the first affiliate using hardware security module equipment, and the distributed payment token A distributed payment token management unit that transmits a full text of the distributed payment token for the transaction exclusively for the first affiliated store to the payment terminal;
The communication unit receives a payment approval request message using the distributed payment token from the payment terminal,
The payment approval processing unit obtains the payment method information obtained by decrypting the payment method encryption data using the distributed payment token and member store identification information in the full text of the payment approval request, and returns to the payment company server using the payment method information. to process payment authorization requests from
Payment service provider device. According to claim 13,
The distributed token issuance request includes a provisional approval payment request corresponding to the provisional transaction amount received from the payment terminal,
The full text of the distributed payment token includes a preliminary authorization result response corresponding to the preliminary authorization payment request;
The preliminary approval result response includes the transaction serial number used to cancel the preliminary approval payment and the distributed payment token
Payment service provider device. According to claim 14,
The communication department,
Receiving, from the payment terminal, a true approval payment request corresponding to the transaction for which the preliminary approval payment cancellation is confirmed as a full text of the payment approval request using the distributed payment token
Payment service providing device. According to claim 14,
The communication department,
Receiving, from the payment terminal, an integral message in which the pre-approved payment cancellation using the transaction serial number and the true-approved payment request message using the distributed payment token are combined as a payment approval request message using the distributed payment token
Payment service providing device. According to claim 13,
The decentralized payment token management unit,
The payment method information is transmitted to a token processing device so that the payment method data included in the token issuance request is encrypted with a first encryption key calculated using affiliate store information and encryption counter information of the first affiliate store,
Receiving the distributed payment token for the first affiliated store-only transaction, generated based on the first part of the encrypted payment method data and the encryption counter information, from the token processing device
Payment service providing device. According to claim 17,
The first encryption key is calculated using hardware security module equipment,
The hardware security module equipment,
Outputting a base token derivation key for initial encryption key calculation for key serial information corresponding to affiliated store information of the first affiliated store through a physically secured hardware system;
The token processing device
An apparatus for calculating the initial encryption key using the key serial information and the base token derivation key, and calculating and outputting the first encryption key using the initial encryption key and the encryption counter information.
Payment service providing device. According to claim 18,
The token processing device,
By matching the second part except for the first part of the encrypted payment method data with key serial information issued in correspondence with the affiliated store information of the first affiliated store, from the payment approval request using the distributed payment token To decrypt encrypted payment method data, to store as a mapping database
Payment service providing device. According to claim 18,
The communication unit receives a payment approval request message using the distributed payment token from the payment terminal,
The payment approval processing unit extracts the distributed payment token and affiliated store identification information from the full text of the payment approval request, and transfers a payment method data decryption request including the distributed payment token and affiliated store identification information to the token processing device doing
Payment service providing device. According to claim 20,
The token processing device obtains the pre-stored second part using key serial information issued in correspondence with the affiliated store information of the first affiliated store included in the decryption request, and obtains the first part of the payment method encryption data. Obtaining the payment method encryption data by combining a part and the second part
Payment service provider device. According to claim 21,
The payment approval processing unit uses key serial information issued from the token processing device in correspondence with the encryption counter information and the affiliated store information of the first affiliated store, and the first encryption key processed through the hardware security module device Receiving the decrypted payment method data using
Payment service providing device. According to claim 13,
The distributed payment token management unit sets the number of valid uses or the effective use period of the distributed payment token.
Payment service providing device. According to claim 23,
The decentralized payment token management unit,
Inquiring status information including the number of valid uses or the valid period of use of the decentralized payment token, and deleting the decentralized payment token for which the status information has been inquired
Payment service providing device. A computer program stored in a computer readable medium for executing the method according to any one of claims 1 to 12 on a computer.

Images