US20140058865A1 - Method and system for authenticating transaction request from device - Google Patents

Method and system for authenticating transaction request from device Download PDF

Info

Publication number
US20140058865A1
US20140058865A1 US13/965,364 US201313965364A US2014058865A1 US 20140058865 A1 US20140058865 A1 US 20140058865A1 US 201313965364 A US201313965364 A US 201313965364A US 2014058865 A1 US2014058865 A1 US 2014058865A1
Authority
US
United States
Prior art keywords
device
authentication information
pos terminal
transaction
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
US13/965,364
Inventor
Do-jun Yang
Sun-Eung Park
Jin-Goo Seo
Soo-In Jang
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to KR10-2012-0092541 priority Critical
Priority to KR1020120092541A priority patent/KR20140026844A/en
Application filed by Samsung Electronics Co Ltd filed Critical Samsung Electronics Co Ltd
Assigned to SAMSUNG ELECTRONICS CO., LTD. reassignment SAMSUNG ELECTRONICS CO., LTD. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: JANG, SOO-IN, PARK, SUN-EUNG, Seo, Jin-Goo, YANG, DO-JUN
Publication of US20140058865A1 publication Critical patent/US20140058865A1/en
Application status is Pending legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices

Abstract

A method and system for authenticating a transaction request from a device are provided. The method includes storing authentication information that is generated by the device based on a user input to the device; and when the device approaches to within a predetermined range from the POS terminal, providing the authentication information to the POS terminal. The authentication information that is provided to the POS terminal is compared with authentication information that is generated by the POS terminal based on a user input to the POS terminal, and then is used to authenticate a transaction request from the device.

Description

    CROSS-REFERENCE TO RELATED PATENT APPLICATION
  • This application claims priority from Korean Patent Application No. 10-2012-0092541, filed on Aug. 23, 2012, in the Korean Intellectual Property Office, the disclosure of which is incorporated herein by reference in its entirety.
  • BACKGROUND
  • 1. Field
  • Methods, systems, and devices consistent with exemplary embodiments relate to authenticating a transaction request from a device by using authentication information that is generated in the device and authentication information that is generated in a point of sale (POS) terminal.
  • 2. Description of the Related Art
  • Due to developments in a data transmission technology and network technology, mobile devices are commonly used, thus, a technology for providing a transaction service by using the mobile device becomes an issue. In order to use a mobile transaction service, a user may use a subscriber identity module (SIM), and in this regard, the user may insert or mount a SIM card storing credit card information, financial information, or the like into a mobile phone or a smart phone and this stored information may be provided to the mobile transaction service.
  • However, when the user loses the SIM card or the mobile device having the SIM card mounted therein, a transaction by a third party may be possible, such that the mobile transaction service using the SIM card may cause a security problem. In order to address the security problem, access to the data of the mobile device or a point of sale (POS) terminal may be restricted by requesting the user to input a password or the like. However, when the PIN code is exposed, security of the transaction information cannot be assured.
  • SUMMARY
  • One or more exemplary embodiments provide a method and system for authenticating a transaction request from a device by using authentication information that is generated in the device and authentication information that is generated in a point of sale (POS) terminal.
  • One or more exemplary embodiments also provide a method and system for authenticating a transaction request from a device by using authentication information with respect to at least one of a fingerprint, a pupil, a voice, and a signature which are of a user.
  • According to an aspect of an exemplary embodiment, there is provided a method of requesting, by a device, a transaction with a point of sale (POS) terminal, the method including storing authentication information that is generated by the device based on a user input to the device; and when the device approaches to within a predetermined range from the POS terminal, providing the authentication information to the POS terminal, wherein the authentication information that is provided to the POS terminal is compared with authentication information that is generated by the POS terminal based on a user input to the POS terminal, and then is used to authenticate a transaction request from the device.
  • The method may further include providing transaction information to the POS terminal, and when the transaction request from the device is authenticated, the transaction information that is provided to the POS terminal may be then provided from the POS terminal to a transaction server.
  • When the transaction request from the device is authenticated, at least one of the authentication information that is provided to the POS terminal and the authentication information that is generated by the POS terminal may be then provided from the POS terminal to the transaction server.
  • The authentication information that is provided to the transaction server may be used by the transaction server to perform the transaction request from the device.
  • The operation of providing the transaction information may include providing the transaction information to the POS terminal when the transaction request from the device is authenticated.
  • The authentication information may include information about at least one of an image of a pupil of a user, a voice of the user, a fingerprint of the user, and a signature of the user.
  • The authentication information may include link information for downloading information about at least one of an image of a pupil of a user, a voice of the user, a fingerprint of the user, and a signature of the user.
  • The transaction information may include at least one of card information, coupon information, and user information.
  • According to an aspect of another exemplary embodiment, there is provided a method of requesting, by a device, a transaction with a point of sale (POS) terminal, the method including storing authentication information that is generated by the device based on a user input to the device; when the device approaches to within a predetermined range from the POS terminal, receiving authentication information, which is generated by the POS terminal based on a user input to the POS terminal, from the POS terminal; authenticating a transaction request from the device, based on the authentication information generated by the device and the received authentication information; and providing transaction information to the POS terminal.
  • When the transaction request from the device is authenticated, the transaction information that is provided to the POS terminal may be then provided from the POS terminal to a transaction server.
  • When the transaction request from the device is authenticated, at least one of the authentication information that is provided to the POS terminal and the authentication information that is generated by the POS terminal may be then provided from the POS terminal to the transaction server.
  • The authentication information that is provided to the transaction server may be used by the transaction server to perform the transaction request from the device.
  • The operation of providing the transaction information may include an providing the transaction information to the POS terminal when the transaction request from the device is authenticated.
  • The authentication information may include information about at least one of an image of a pupil of a user, a voice of the user, a fingerprint of the user, and a signature of the user.
  • The authentication information may include link information for downloading information about at least one of an image of a pupil of a user, a voice of the user, a fingerprint of the user, and a signature of the user.
  • The transaction information may include at least one of card information, coupon information, and user information.
  • According to an aspect of another exemplary embodiment, there is provided a method of authenticating, by a point of sale (POS) terminal, a transaction request from a device, the method including, when the device approaches to within a predetermined range from the POS terminal, receiving authentication information that is stored in the device from the device; generating authentication information based on a user input to the POS terminal; and comparing the received authentication information and the generated authentication information, and authenticating the transaction request from the device based on a result of the comparing.
  • The method may further include operations of receiving transaction information from the device; and when the transaction request from the device is authenticated, providing the received authentication information to a transaction server.
  • When the transaction request from the device is authenticated, at least one of the received authentication information and the generated authentication information may be then provided from the POS terminal to the transaction server.
  • The at least one of the received authentication information and the generated authentication information that is provided from the POS terminal to the transaction server may be used by the transaction server to perform the transaction request from the device.
  • According to yet another aspect of one or more exemplary embodiments, there is provided a method of authenticating, by a point of sale (POS) terminal, a transaction request from a device, the method including operations of generating authentication information based on a user input to the POS terminal; and when the device approaches to within a predetermined range from the POS terminal, providing the authentication information to the device, wherein the authentication information that is provided to the device is compared with authentication information that is generated by the device based on a user input to the device, and is used to authenticate the transaction request from the device.
  • According to an aspect of another exemplary embodiment, there is provided a device including an authentication information storage that stores authentication information that is generated by the device based on a user input to the device; an authentication information comparer that receives authentication information, which is generated by a point of sale (POS) terminal based on a user input to the POS terminal, from the POS terminal when the device approaches to within a predetermined range from the POS terminal, and compares the authentication information generated by the device and the received authentication information; and a transaction requester that requests a transaction with the POS terminal, based on a result of the comparing.
  • According to yet another aspect of one or more exemplary embodiments, there is provided a point of sale (POS) terminal including an authentication information generator that generates authentication information based on a user input to the POS terminal; and an authentication information transmitter that provides the authentication information to the device, when the device approaches to within a predetermined range from the POS terminal, wherein the authentication information that is provided to the device is compared with authentication information that is generated by the device based on a user input to the device, and is used to authenticate a transaction request from the device.
  • According to an aspect of another exemplary embodiment, there is provided a non-transitory computer-readable recording medium having recorded thereon a program, which when executed by a computer, performs one of the methods described above.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The above and other aspects will become more apparent by describing in detail exemplary embodiments with reference to the attached drawings in which:
  • FIG. 1 is a block diagram of a system for authenticating a transaction request from a device, according to an exemplary embodiment;
  • FIG. 2 illustrates an example in which, since the device and a point of sale (POS) terminal perform a short-range contact, each of the device and the POS terminal obtains authentication information of a user in a transaction request authenticating system;
  • FIG. 3 is a flowchart of a method of authenticating, by the POS terminal, a transaction request from the device in the transaction request authenticating system, according to an exemplary embodiment;
  • FIG. 4 is a flowchart of a method of authenticating, by the POS terminal, a transaction request from the device in the transaction request authenticating system, according to another exemplary embodiment;
  • FIG. 5 is a flowchart of a method of authenticating, by a server, a transaction request from the device in the transaction request authenticating system, according to an exemplary embodiment;
  • FIG. 6 illustrates an example in which each of the device and the POS terminal obtains authentication information by capturing an image of a pupil of a user, according to an exemplary embodiment;
  • FIG. 7 illustrates an example in which each of the device and the POS terminal obtains authentication information by recognizing a fingerprint of a user, according to an exemplary embodiment;
  • FIG. 8 illustrates an example in which each of the device and the POS terminal obtains authentication information by recording a voice of a user, according to an exemplary embodiment;
  • FIG. 9 illustrates an example in which each of the device and the POS terminal obtains authentication information by receiving a signature of a user, according to an exemplary embodiment;
  • FIGS. 10A and 10B illustrate execution screens of a transaction application that is executed in the device, according to an exemplary embodiment;
  • FIG. 11 illustrates an example in which a credit card for a transaction is selected in the device, according to an exemplary embodiment;
  • FIGS. 12A and 12B illustrate an example in which a card and a coupon for a transaction are selected in the device, and transaction information is displayed on a screen of the device, according to an exemplary embodiment;
  • FIG. 13 illustrates an example in which a shopping list (i.e., a shopping cart) is displayed on the device, according to an exemplary embodiment;
  • FIG. 14 is a block diagram of the device, according to an exemplary embodiment; and
  • FIG. 15 is a block diagram of the POS terminal, according to an exemplary embodiment.
  • DETAILED DESCRIPTION
  • Hereinafter, the exemplary embodiments will now be described more fully with reference to the accompanying drawings. The present inventive concept may, however, be embodied in many different forms and should not be construed as being limited to the exemplary embodiments set forth herein; rather, these exemplary embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the present inventive concept to those of ordinary skill in the art. In the following description, well-known functions or constructions are not described in detail so as not to obscure the present inventive concept with unnecessary detail. Also, throughout the specification, like reference numerals in the drawings denote like elements.
  • Throughout the specification, it will also be understood that when an element is referred to as being “connected to” another element, it can be directly connected to the other element, or electrically connected to the other element while intervening elements may also be present. Also, when a part “includes” or “comprises” an element, unless there is a particular description contrary thereto, the part can further include other elements, not excluding the other elements.
  • Also, throughout the specification, it will be understood that when an element A and an element B perform a short-range contact, it means that the element A is located within a communication range of the element B or the element B is located within a communication range of the element A.
  • Expressions such as “at least one of,” when preceding a list of elements, modify the entire list of elements and do not modify the individual elements of the list.
  • FIG. 1 is a block diagram of a system for authenticating a transaction request from a device, according to an exemplary embodiment.
  • As illustrated in FIG. 1, the system for authenticating the transaction request (hereinafter, referred to as the ‘transaction request authenticating system’) includes a device 1000, a point of sale (POS) terminal 2000, a server 3000, and a network 4000.
  • The device 1000 may previously generate and store authentication information of a user. As the device 1000 approaches the POS terminal 2000, the device 1000 may automatically provide the stored authentication information to the POS terminal 2000. The authentication information may be used to authenticate a transaction request from the device 1000, and for example, the authentication information may include at least one of an image obtained by capturing a pupil of the user, a voice of the user, a fingerprint of the user, and a signature of the user.
  • The device 1000 may include, but is not limited to, a smart phone, a mobile phone, a personal digital assistant (PDA), a laptop, a media player, a global positioning system (GPS) apparatus, or other mobile or non-mobile apparatuses.
  • The POS terminal 2000 may separately generate authentication information of the user, compared to the device 1000. When the POS terminal 2000 receives the authentication information from the device 1000, the POS terminal 2000 may capture an image of the user, may record a voice of the user, may recognize a fingerprint of the user, or may receive a signature input from the user, thereby separately generating the authentication information of the user. Also, the POS terminal 2000 may authenticate the transaction request from the device 1000 by comparing the authentication information from the device 1000 with the authentication information that is generated by the POS terminal 2000.
  • Also, after the POS terminal 2000 authenticates the transaction request, the POS terminal 2000 may receive transaction information from the device 1000, may provide the transaction information to the server 3000, and thus may allow the server 3000 to perform the transaction.
  • The network 4000 may be formed as a wired network such as a wide area network (WAN), a value added network (VAN), or the like, or may be formed as a wireless network such as a mobile radio communication network, a near field communication (NFC) network, a satellite communication network, or the like. Also, the network 4000 collectively indicates data communication networks allowing network configuration elements shown in FIG. 1 to smoothly communicate with each other, and includes wired internet, wireless internet, and a mobile wireless communication network.
  • FIG. 2 illustrates an example in which, since the device 1000 and the POS terminal 2000 perform a short-range contact, each of the device 1000 and the POS terminal 2000 obtains authentication information of a user in the transaction request authenticating system.
  • Referring to FIG. 2, the device 1000 may previously generate authentication information of the user by using several pieces of equipment that are included in the device 1000. The device 1000 may capture an image of a pupil of the user by using a camera of the device 1000 and may store the captured image, or may recognize a fingerprint of the user from a finger of the user that touches a screen of the device 1000 and may store fingerprint information. Alternatively, the device 1000 may record a voice of the user by using a microphone of the device 1000 and may store the recorded voice.
  • Once the device 1000 and the POS terminal 2000 approach each other to within a predetermined range, the authentication information that is previously stored in the device 1000 may be automatically transmitted to the POS terminal 2000 via a wireless personal area network (WPAN), and then the POS terminal 2000 may authenticate a transaction request from the device 1000 by comparing the authentication information from the device 1000 with the authentication information that is generated by the POS terminal 2000.
  • For example, the WPAN may include, but is not limited to, NFC, ZigBee communication, radio frequency identification (RFID) communication, and ultra wide band (UWB) communication.
  • The POS terminal 2000 may capture an image of the pupil of the user by using a camera that is included in the POS terminal 2000 or that is connected with the POS terminal 2000, and may store the captured image. Also, the POS terminal 2000 may recognize the fingerprint of the user that touches a screen of a fingerprint recognizing apparatus that is included in the POS terminal 2000 or that is connected with the POS terminal 2000, and may store fingerprint information. Also, the POS terminal 2000 may record a voice of the user by using a microphone that is included in the POS terminal 2000 or that is connected with the POS terminal 2000, and may store the recorded voice.
  • FIG. 3 is a flowchart of a method of authenticating, by the POS terminal 2000, a transaction request from the device 1000 in the transaction request authenticating system, according to an exemplary embodiment of the present invention.
  • In operation S300, the device 1000 stores authentication information that is input by a user. The authentication information may be used to authenticate the transaction request from the device 1000 and may include information about at least one of a pupil image of the user, a voice of the user, a fingerprint of the user, and a signature of the user. The device 1000 may generate the authentication information by using at least one of a camera, a microphone, a fingerprint recognizing apparatus, and a touch screen, and may previously store the generated authentication information in its memory. Alternatively, the device 1000 may store the generated authentication information in a separate storage space.
  • In operation S302, the device 1000 performs a short-range contact with the POS terminal 2000. The device 1000 and the POS terminal 2000 may approach each other to within a predetermined range, and once the device 1000 and the POS terminal 2000 reach the predetermined range, the device 1000 and the POS terminal 2000 may be connected to each other via an NFC network. The connection between the device 1000 and the POS terminal 2000 may be established by exchanging messages between the device 1000 and the POS terminal 2000.
  • In operation S304, the device 1000 requests a transaction with the POS terminal 2000. In operation S304, since the device 1000 is within the predetermined range of the POS terminal 2000, the device 1000 may request the transaction with the POS terminal 2000.
  • In operation S306, the device 1000 transmits the authentication information that is stored in the device 1000 to the POS terminal 2000. Once the device 1000 is within the predetermined range of the POS terminal 2000, the device 1000 may extract the information about at least one of the pupil image of the user, the voice of the user, the fingerprint of the user, and the signature of the user from the memory or the separate storage space, and may transmit the extracted information to the POS terminal 2000. The device 1000 may store the authentication information in the separate storage space and may transmit link information for downloading the authentication information to the POS terminal 2000. The POS terminal 2000 may then use the link information to download the authentication information from the separate storage space of the device 1000.
  • Also, the device 1000 may display a user interface for an input of a password on the screen of the device 1000, and when the password is correctly input by the user, the device 1000 may provide the authentication information to the POS terminal 2000.
  • Also, according to a payment amount of types of an item to be purchased, the device 100 may transmit a preset type of authentication information to the POS terminal 2000. For example, the user may previously set types of the authentication information according to a payment amount or types of an item to be purchased, and the device 1000 may transmit the preset type of the authentication information to the POS terminal 2000. However, the present inventive concept is not limited thereto, and thus, the user may randomly preset types of the authentication information to be used. Also, when the device 1000 has transmitted the preset type of the authentication information to the POS terminal 2000, the POS terminal 2000 may authenticate the transaction request from the device 1000 only when authentication information that is generated by the POS terminal 2000 is of the same type as the authentication information that has been transmitted to the POS terminal 2000.
  • In operation S308, the POS terminal 2000 generates authentication information based on the user input. The POS terminal 2000 may capture an image of the pupil of the user by using a camera that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Alternatively, the POS terminal 2000 may record the voice of the user by using a microphone that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Alternatively, the POS terminal 2000 may recognize the fingerprint of the user by using a fingerprint recognizing apparatus that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Alternatively, the POS terminal 2000 may generate an image of the signature that is input from the user via a touch screen that is in the POS terminal 2000 or connected with the POS terminal 2000.
  • In operation S310, the POS terminal 2000 compares the authentication information that is received from the device 1000 with the authentication information that is generated by the POS terminal 2000. For example, when the authentication information is an image obtained by capturing an image of the pupil of the user, the POS terminal 2000 may compare the pupil image that is received from the device 1000 with the pupil image that is captured by the POS terminal 2000.
  • Also, for example, when the authentication information is the voice of the user, the POS terminal 2000 may compare voice data of the user that is received from the device 1000 with voice data of the user that is recorded by the POS terminal 2000. In this case, the POS terminal 2000 may determine whether the voice data that is received from the device 1000 and the voice data that is recorded by the POS terminal 2000 are voice data of the same user. Also, the POS terminal 2000 may convert the voice data into text, and may determine whether text that corresponds to the voice data from the device 1000 is equal to the text that corresponds to the voice data that is recorded by the POS terminal 2000.
  • Also, for example, when the authentication information is a fingerprint image, the POS terminal 2000 may compare the fingerprint image that is received from the device 1000 with a fingerprint image that is generated by the POS terminal 2000. Also, for example, when the authentication information is the signature of the user, the POS terminal 2000 may compare the signature image that is received from the device 1000 with a signature image that is generated by the POS terminal 2000.
  • In operation S312, the POS terminal 2000 authenticates the transaction request. When the POS terminal 2000 determines that the authentication information from the device 1000 is equal to the authentication information that is generated by the POS terminal 2000, the POS terminal 2000 may authenticate the transaction request that is received from the device 1000.
  • In operation S314, the device 1000 transmits transaction information to the POS terminal 2000. When the transaction request from the device 1000 is authenticated by the POS terminal 2000, the device 1000 may transmit the transaction information to the POS terminal 2000. The transaction information may be used in a transaction with respect to a product or a service and may include one or more of card information, coupon information, and user information.
  • In the above, it is described that, after the POS terminal 2000 authenticates the transaction request, the device 1000 provides the transaction information to the POS terminal 2000, but the present inventive concept is not limited thereto. In operation S306, the device 1000 may transmit the authentication information and the transaction information to the POS terminal 2000.
  • In operation S316, the POS terminal 2000 transmits the transaction information and the authentication information to the server 3000. The POS terminal 2000 may transmit the transaction information and the authentication information, which are received from the device 1000, to the server 3000. Also, the POS terminal 2000 may transmit the authentication information, which is generated by the POS terminal 2000, to the server 3000.
  • In operation S318, the server 3000 performs the transaction. The server 3000 may perform the transaction, based on the transaction information and the authentication information that are received from the POS terminal 2000. The server 3000 may further safely perform the transaction by using the authentication information that is generated by the device 1000 and the authentication information that is generated by the POS terminal 2000.
  • FIG. 4 is a flowchart of a method of authenticating, by the POS terminal 2000, a transaction request from the device 1000 in the transaction request authenticating system, according to another exemplary embodiment. In the exemplary embodiment of FIG. 4, the device 1000 may compare authentication information that is generated by the device 1000 with authentication information that is generated by the POS terminal 2000.
  • In operation S400, the device 1000 stores authentication information that is input by a user. The device 1000 may generate the authentication information by using at least one of a camera, a microphone, a fingerprint recognizing apparatus, and a touch screen, and may previously store the authentication information in a memory of the device 1000. Alternatively, the device 1000 may store the authentication information in a separate storage space.
  • In operation S402, the POS terminal 2000 generates authentication information, based on a user input. The POS terminal 2000 may capture an image of a pupil of the user by using a camera that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Also, the POS terminal 2000 may record a voice of the user by using a microphone that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Also, the POS terminal 2000 may recognize a fingerprint of the user by using a fingerprint recognizing apparatus that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Also, the POS terminal 2000 may generate an image of a signature that is input from the user to a touch screen that is included in the POS terminal 2000 or that is connected with the POS terminal 2000.
  • In operation S404, the device 1000 performs a short-range contact with the POS terminal 2000. The device 1000 and the POS terminal 2000 may approach each other to within a predetermined range, and once the device 1000 and the POS terminal 2000 are within the predetermined range, the device 1000 and the POS terminal 2000 may be connected to each other via an NFC network. The connection between the device 1000 and the POS terminal 2000 may be established by exchanging messages between the device 1000 and the POS terminal 2000. In the above, it is described that, after the POS terminal 2000 generates authentication information, the device 1000 performs a short-range contact with the POS terminal 2000, but the present inventive concept is not limited thereto. After the device 1000 performs a short-range contact with the POS terminal 2000, the POS terminal 2000 generates authentication information, based on a user input.
  • In operation S406, the POS terminal 2000 transmits the authentication information, which is generated by the POS terminal 2000, to the device 1000. Since the POS terminal 2000 is within the predetermined range of the device 1000, the POS terminal 2000 may transmit information about at least one of the pupil image of the user, the voice of the user, the fingerprint of the user, and the signature of the user to the device 1000. The POS terminal 2000 may store the authentication information in a separate storage space and may transmit link information for downloading the authentication information to the device 1000. The device 1000 may then use the link information to download the authentication information from the separate storage space of the POS terminal 2000.
  • In operation S408, the device 1000 compares the authentication information that is received from the POS terminal 2000 with the authentication information that is generated by the device 1000. For example, when the authentication information corresponds to the image obtained by capturing an image of the pupil of the user, the device 1000 may compare the pupil image that is received from the POS terminal 2000 with a pupil image that is generated by the device 1000.
  • Alternatively, for example, when the authentication information corresponds to the voice of the user, the device 1000 may compare voice data of the user that is received from the POS terminal 2000 with voice data of the user that is recorded by the device 1000. In this case, the device 1000 may determine whether the voice data from the POS terminal 2000 and the voice data that is recorded by the device 1000 are from the same user, based on a frequency and a pattern of the voice data. Also, the device 1000 may convert the voice data into text, and may determine whether text that corresponds to the voice data from the POS terminal 2000 is equal to the text that corresponds to the voice data that is recorded by the device 1000.
  • Also, when the authentication information corresponds to a fingerprint image of the user, the device 1000 may compare a fingerprint image that is received from the POS terminal 2000 with a fingerprint image that is generated by the device 1000. Also, when the authentication information corresponds to a signature of the user, the device 1000 may compare a signature image that is received from the POS terminal 2000 with a signature image that is generated by the device 1000.
  • In operation S410, the device 1000 requests a transaction with the POS terminal 2000. When the authentication information that is received from the POS terminal 2000 is equal to the authentication information that is generated by the device 1000, the device 1000 may request a transaction with the POS terminal 2000. The device 1000 may request the transaction with the POS terminal 2000 and simultaneously may provide transaction information and the authentication information that is generated by the device 1000 to the POS terminal 2000. The transaction information may be used in a transaction with respect to a product or a service and may include one or more of card information, coupon information, and user information. Also, in operation S410, once the device 1000 is within the predetermined distance of the POS terminal 2000, the device 1000 may request the transaction with the POS terminal 2000.
  • In operation S412, the POS terminal 2000 authenticates the transaction request. When the POS terminal 2000 determines that the authentication information that is received from the device 1000 is equal to the authentication information that is generated by the POS terminal 2000, the POS terminal 2000 may authenticate the transaction request that is received from the device 1000.
  • In operation S414, the POS terminal 2000 transmits the transaction information and the authentication information to the server 3000. The POS terminal 2000 transmits the transaction information and the authentication information that are received from the device 1000 to the server 3000. Also, the POS terminal 2000 may transmit the authentication information that is generated by the POS terminal 2000 to the server 3000.
  • In operation S416, the server 3000 performs the transaction. The server 3000 may perform the transaction, based on the transaction information and the authentication information that are received from the POS terminal 2000. The server 3000 may perform the transaction, by using the authentication information that is generated by the device 1000 and the authentication information that is generated by the POS terminal 2000.
  • FIG. 5 is a flowchart of a method of authenticating, by the server 3000, a transaction request from the device 1000 in the transaction request authenticating system, according to an exemplary embodiment. In the exemplary embodiment of FIG. 5, the server 3000 may compare authentication information that is generated by the device 1000 with authentication information that is generated by the POS terminal 2000.
  • In operation S500, the device 1000 stores authentication information that is input by a user. The authentication information is used in authentication of the transaction request from the device 1000. The device 1000 may generate the authentication information by using at least one of a camera, a microphone, a fingerprint recognizing apparatus, and a touch screen, and may previously store the authentication information in a memory of the device 1000. Alternatively, the device 1000 may store the authentication information in a separate storage space.
  • In operation S502, the device 1000 performs a short-range contact with the POS terminal 2000. The device 1000 and the POS terminal 2000 may approach each other to within a predetermined range, and once the device 1000 and the POS terminal 2000 are within the predetermined range, the device 1000 and the POS terminal 2000 may be connected to each other via an NFC network. The connection between the device 1000 and the POS terminal 2000 may be established by exchanging messages between the device 1000 and the POS terminal 2000.
  • In operation S504, the device 1000 requests a transaction with the POS terminal 2000. In operation S504, once the device 1000 is within the predetermined distance of the POS terminal 2000, the device 1000 may request the transaction with the POS terminal 2000.
  • In operation S506, the device 1000 transmits the authentication information that is stored in the device 1000 to the POS terminal 2000. Once the device 1000 is within the predetermined distance of the POS terminal 2000, the device 1000 may extract information about at least one of a pupil image of the user, a voice of the user, a fingerprint of the user, and a signature of the user from the memory or the separate storage space, and may transmit the extracted information to the POS terminal 2000. The device 1000 may store the authentication information in the separate storage space and may transmit link information for downloading the authentication information to the POS terminal 2000. The POS terminal 2000 may then use the link information to download the authentication information from the separate storage space of the device 1000.
  • Also, the device 1000 may display a user interface for an input of a password on a screen of the device 1000, and when the password is correctly input by the user, the device 1000 may provide the authentication information to the POS terminal 2000.
  • Also, according to a payment amount or types of an item to be purchased, the device 100 may transmit a preset type of authentication information to the POS terminal 2000. For example, the user may previously set types of the authentication information according to a payment amount or types of an item to be purchased, and the device 1000 may transmit the preset type of the authentication information to the POS terminal 2000. However, the present inventive concept is not limited thereto, and thus, the user may randomly preset types of the authentication information to be used. Also, when the device 1000 has transmitted the preset type of the authentication information to the POS terminal 2000, the POS terminal 2000 may authenticate the transaction request from the device 1000 only when authentication information that is generated by the POS terminal 2000 is of the same type as the authentication information that has been transmitted to the POS terminal 2000.
  • In operation S508, the POS terminal 2000 generates authentication information based on the user input. The POS terminal 2000 may capture an image of a pupil of the user by using a camera that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Alternatively, the POS terminal 2000 may record a voice of the user by using a microphone that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Alternatively, the POS terminal 2000 may recognize a fingerprint of the user by using a fingerprint recognizing apparatus that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Alternatively, the POS terminal 2000 may generate an image of a signature that is input from the user via a touch screen that is included in the POS terminal 2000 or that is connected with the POS terminal 2000.
  • In operation S510, the POS terminal 2000 transmits the authentication information that is received from the device 1000 and the authentication information that is generated by the POS terminal 2000 to the server 3000.
  • In operation S512, the server 3000 compares the authentication information that is generated by the device 1000 with the authentication information that is generated by the POS terminal 2000. For example, when the authentication information is an image obtained by capturing an image of the pupil of the user, the server 3000 may compare a pupil image that is generated by the device 1000 with a pupil image that is generated by the POS terminal 2000.
  • Also, for example, when the authentication information is the voice of the user, the server 3000 may compare voice data of the user that is generated by the device 1000 with voice data of the user that is generated by the POS terminal 2000. In this case, the server 3000 may determine whether the voice data that is generated by the device 1000 and the voice data that is generated by the POS terminal 2000 are voice data of the same user. Also, the server 3000 may convert the voice data into text, and may determine whether text that corresponds to the voice data that is generated by the device 1000 is equal to text that corresponds to the voice data that is generated by the POS terminal 2000.
  • Also, for example, when the authentication information is a fingerprint image of the user, the server 3000 may compare a fingerprint image that is generated by the device 1000 with a fingerprint image that is generated by the POS terminal 2000. Also, for example, when the authentication information is the signature of the user, the server 3000 may compare a signature image that is generated by the device 1000 with a signature image that is generated by the POS terminal 2000.
  • In operation S514, the server 3000 authenticates the transaction request. When the server 3000 determines that the authentication information that is generated by the device 1000 is equal to the authentication information that is generated by the POS terminal 2000, the server 3000 may authenticate the transaction request from the device 1000.
  • In operation S516, the device 1000 transmits the transaction information to the POS terminal 2000, and in operation S518, the POS terminal 2000 transmits the transaction information to the server 3000. When the server 3000 authenticates the transaction request from the device 1000, the device 1000 may transmit the transaction information to the POS terminal 2000. The transaction information may be used in a transaction with respect to a product or a service and may include card information, coupon information, and user information. Further, the device 1000 directly transmits the transaction information to the server 3000.
  • In the above, it is described that, after the server 3000 authenticates the transaction request, the device 1000 provides the transaction information to the POS terminal 2000, but the present inventive concept is not limited thereto. In operation S506, the device 1000 may transmit the authentication information and the transaction information to the POS terminal 2000.
  • In operation S520, the server 3000 performs the transaction. The server 3000 may perform the transaction, based on the transaction information and the authentication information that are received from the POS terminal 2000. The server 3000 may perform the transaction by using both of the authentication information that is generated by the device 1000 and the authentication information that is generated by the POS terminal 2000.
  • FIG. 6 illustrates an example in which each of the device 1000 and the POS terminal 2000 obtains authentication information by capturing an image of a pupil of a user, according to an exemplary embodiment.
  • Referring to FIG. 6, the device 1000 may capture the image of the pupil of the user by using a camera included in the device 1000, and the POS terminal 2000 may capture the image of the pupil of the user by using a camera included in the POS terminal 2000. The device 1000 may capture the image of the pupil of the user and may previously store the pupil image, and once the device 1000 and the POS terminal 2000 approach each other to within a predetermined range, the POS terminal 2000 may capture the image of the pupil of the user and then may generate the pupil image. Also, the pupil image that is generated by the device 1000 and the pupil image that is generated by the POS terminal 2000 may be compared to each other, and the comparison may be used in authentication of a transaction request from the device 1000.
  • FIG. 7 illustrates an example in which each of the device 1000 and the POS terminal 2000 obtains authentication information by recognizing a fingerprint of a user, according to an exemplary embodiment.
  • Referring to FIG. 7, the device 1000 may recognize the fingerprint of the user by using a touch screen included in the device 1000, and the POS terminal 2000 may recognize the fingerprint of the user by using a fingerprint recognizing apparatus included in the POS terminal 2000. The device 1000 may recognize the fingerprint of the user and may previously store a fingerprint image, and once the device 1000 and the POS terminal 2000 approach each other to within a predetermined range, the POS terminal 2000 may recognize the fingerprint of the user and may generate a fingerprint image. Also, the fingerprint image that is generated by the device 1000 and the fingerprint image that is generated by the POS terminal 2000 may be compared to each other, and the comparison may be used in authentication of a transaction request from the device 1000.
  • FIG. 8 illustrates an example in which each of the device 1000 and the POS terminal 2000 obtains authentication information by recording a voice of a user, according to an exemplary embodiment.
  • Referring to FIG. 8, the device 1000 may record the voice of the user by using a microphone included in the device 1000, and the POS terminal 2000 may record the voice of the user by using a microphone included in the POS terminal 2000. The device 1000 may record the voice of the user and may previously store voice data, and once the device 1000 and the POS terminal 2000 approach each other to within a predetermined range, the POS terminal 2000 may record the voice of the user and then may generate voice data. Also, the voice data that is generated by the device 1000 and the voice data that is generated by the POS terminal 2000 may be compared to each other, and the comparison may be used in authentication of a transaction request from the device 1000.
  • FIG. 9 illustrates an example in which each of the device 1000 and the POS terminal 2000 obtains authentication information by receiving a signature of a user, according to an exemplary embodiment.
  • Referring to FIG. 9, the device 1000 may generate a signature image of the user by using a touch screen included in the device 1000, and the POS terminal 2000 may generate a signature image of the user by using a touch screen included in the POS terminal 2000. The device 1000 may previously store the signature image of the user, and once the device 1000 and the POS terminal 2000 approach each other to within a predetermined range, the POS terminal 2000 may generate the signature image of the user. Also, the signature image that is generated by the device 1000 and the signature image that is generated by the POS terminal 2000 may be compared to each other, and the comparison may be used in authentication of a transaction request from the device 1000.
  • FIGS. 10A and 10B illustrate execution screens of a transaction application that is executed in the device 1000, according to an exemplary embodiment.
  • As illustrated in FIG. 10A, when the transaction application is executed in the device 1000, a credit card to be used in transaction and a transaction amount may be displayed on a screen of the device 1000. Also, when a user selects a button for transaction, as illustrated in FIG. 10B, a user interface for an input of a password may be displayed. When the user inputs the password via the displayed user interface, the device 1000 may generate authentication information by capturing an image of a pupil of the user, by recording a voice of the user, by recognizing a fingerprint of the user, or by receiving a signature of the user. In this case, the authentication information that is generated by the device 1000 may match with the credit card as displayed in FIG. 10A, and may be stored. Thus, a plurality of pieces of authentication information that are different from one other may be respectively matched with credit cards of the user.
  • In the above, it is described that, after the credit card and the transaction amount are displayed, the device 1000 generates the authentication information, but the present inventive concept is not limited thereto. Thus, the device 1000 may match predetermined authentication information with at least one of the credit card and the transaction amount. Also, it is possible that the device 1000 does not match predetermined authentication information with the credit card and the transaction amount.
  • FIG. 11 illustrates an example in which a credit card for a transaction is selected in the device 1000, according to an exemplary embodiment.
  • As illustrated in FIG. 11, in the present exemplary embodiment, when a plurality of transaction means (e.g., credit cards, coupons, etc.) exist, the device 1000 may output a list of the plurality of transaction means on its screen. A user may select a predetermined transaction means from the list of the plurality of transaction means that are displayed on the screen.
  • FIGS. 12A and 12B illustrate an example in which a card and a coupon for transaction are selected in the device 1000, and transaction information is displayed on a screen of the device 1000, according to an exemplary embodiment.
  • As illustrated in FIG. 12A, a user may select a plurality of transaction means (e.g., a card 1 and a coupon 2) from a transaction means list. Here, as illustrated in FIG. 12B, the device 1000 may pay $100 out of a total transaction amount (i.e., $300) by using the coupon 2, and may pay $200 by using the card 1.
  • FIG. 13 illustrates an example in which a shopping list (i.e., a shopping cart) is displayed on the device 1000, according to an exemplary embodiment.
  • Referring to FIG. 13, the device 1000 may display a list of a plurality of products and a plurality of pieces of price information that correspond to the plurality of products, respectively, on a screen of the device 1000. In this case, a user may review the plurality of products and prices and then may select a product to buy. For example, when the user selects a product 1 and a product 2, the device 1000 may collectively process a transaction for the products 1 and 2.
  • FIG. 14 is a block diagram of the device 1000, according to an exemplary embodiment.
  • As illustrated in FIG. 14, the device 1000 includes an authentication information storage 1100, an authentication information transmitter 1200, an authentication information comparer 1300, a transaction requester 1400, a memory 1500, a transceiver 1600, and a controller 1700.
  • The authentication information storage 1100 stores authentication information that is input by a user. The authentication information may be used to authenticate a transaction request from the device 1000 and may include information about at least one of a pupil image of the user, a voice of the user, a fingerprint of the user, and a signature of the user. The authentication information storage 1100 may generate the authentication information by using at least one of a camera, a microphone, a fingerprint recognizing apparatus, and a touch screen, and may previously store the authentication information in the memory 1500 to be described later. However, the present inventive concept is not limited thereto, and thus the authentication information storage 1100 may store the authentication information in a separate storage space.
  • The authentication information transmitter 1200 transmits the authentication information to the POS terminal 2000. Once the device 1000 and the POS terminal 2000 approach each other to within a predetermined range, the authentication information transmitter 1200 may extract information about at least one of a pupil image of the user, a voice of the user, a fingerprint of the user, and a signature of the user from the memory 1500 or a separate storage space, and may transmit the extracted information to the POS terminal 2000. In a case where the authentication information is stored in the separate storage space, the authentication information providing unit 1200 may transmit link information for downloading the authentication information to the POS terminal 2000.
  • Also, the device 1000 may display a user interface for an input of a password on a screen of the device 1000, and when the password is correctly input by the user, the authentication information transmitter 1200 may provide the authentication information to the POS terminal 2000.
  • Also, according to a payment amount or types of an item to be purchased, the authentication information transmitter 1200 may transmit a preset type of authentication information to the POS terminal 2000. For example, the user may previously set types of the authentication information according to a payment amount or types of an item to be purchased, and the authentication information transmitter 1200 may transmit the preset type of the authentication information to the POS terminal 2000. However, the present inventive concept is not limited thereto, and thus, the user may randomly preset types of the authentication information to be used. Also, when the authentication information transmitter 1200 has transmitted the preset type of the authentication information to the POS terminal 2000, the POS terminal 2000 may authenticate the transaction request from the device 1000 only when authentication information that is generated by the POS terminal 2000 is of the same type as the authentication information that has been transmitted to the POS terminal 2000.
  • The authentication information comparer 1300 compares the authentication information that is received from the POS terminal 2000 with the authentication information that is generated by the device 1000. The POS terminal 2000 may generate the authentication information in a manner different than the device 1000, and may provide the generated authentication information to the device 1000.
  • For example, when the authentication information corresponds to an image obtained by capturing an image of the pupil of the user, the authentication information comparer 1300 may compare a pupil image that is received from the POS terminal 2000 with a pupil image that is generated by the device 1000.
  • Alternatively, for example, when the authentication information corresponds to the voice of the user, the authentication information comparer 1300 may compare voice data of the user that is received from the POS terminal 2000 with voice data of the user that is recorded by the device 1000. In this case, the authentication information comparer 1300 may determine whether the voice data from the POS terminal 2000 and the voice data that is generated by the device 1000 are from the same user, based on a frequency and a pattern of the voice data. Also, the authentication information comparer 1300 may convert the voice data into text, and may determine whether text that corresponds to the voice data from the POS terminal 2000 is equal to the text that corresponds to the voice data that is generated by the device 1000.
  • Also, when the authentication information corresponds to a fingerprint image of the user, the authentication information comparer 1300 may compare a fingerprint image that is received from the POS terminal 2000 with a fingerprint image that is generated by the device 1000. Also, when the authentication information corresponds to a signature of the user, the device 1000 may compare a signature image that is received from the POS terminal 2000 with a signature image that is generated by the device 1000.
  • The transaction requester 1400 requests transaction. Once the device 1000 and the POS terminal 2000 approach each other to within a predetermined range, the transaction requester 1400 may request the transaction with the POS terminal 2000. Transaction information may be used in transaction with respect to a product or a service and may include one or more of card information, coupon information, and user information.
  • The memory 1500 stores various types of information that are used for the device 1000 to generate the authentication information, to compare the stored authentication information with the authentication information that is generated by the POS terminal 2000, and to request the transaction with the POS terminal 2000.
  • The transceiver 1600 exchanges the various types of information with the server 3000 and the POS terminal 2000, wherein the various types of information are used for the device 1000 to generate the authentication information, to compare the stored authentication information with the authentication information that is generated by the POS terminal 2000, and to request the transaction with the POS terminal 2000.
  • The controller 1700 controls all operations of the device 1000, and controls the authentication information storage 1100, the authentication information transmitter 1200, the authentication information comparer 1300, the transaction requester 1400, the memory 1500, and the transceiver 1600 so as to allow the device 1000 to generate the authentication information, to compare the stored authentication information with the authentication information that is generated by the POS terminal 2000, and to request the transaction with the POS terminal 2000.
  • FIG. 15 is a block diagram of the POS terminal 2000, according to an exemplary embodiment.
  • As illustrated in FIG. 15, the POS terminal 2000 includes an authentication information generator 2100, an authentication information receiver 2200, an authentication information transmitter 2300, an authenticator 2400, a transaction requester 2500, a memory 2600, a transceiver 2700, and a controller 2800.
  • The authentication information generator 2100 generates authentication information, based on a user input. The authentication information generator 2100 may capture an image of a pupil of a user by using a camera that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Also, the authentication information generator 2100 may record a voice of the user by using a microphone that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Also, the authentication information generator 2100 may recognize a fingerprint of the user by using a fingerprint recognizing apparatus that is included in the POS terminal 2000 or that is connected with the POS terminal 2000. Also, the authentication information generator 2100 may generate an image of a signature that is input from the user to a touch screen that is included in the POS terminal 2000 or that is connected with the POS terminal 2000.
  • The authentication information receiver 2200 receives authentication information, which is stored in the device 1000, from the device 1000. Once the device 1000 approaches the POS terminal 2000 to within a predetermined range, the device 1000 may extract information about at least one of a pupil image of the user, a voice of the user, a fingerprint of the user, and a signature of the user from the memory 1500 or a separate storage space, and may transmit the extracted information to the POS terminal 2000. In a case where the device 1000 stores the authentication information in the separate storage space, the authentication information receiver 2200 may receive link information for downloading the authentication information from the device 1000.
  • The authentication information transmitter 2300 provides the authentication information that is generated by the authentication information generator 2100 to the device 1000. Once the POS terminal 2000 approaches the device 1000 to within a predetermined range, the authentication information transmitter 2300 may transmit information about at least one of a pupil image of the user, a voice of the user, a fingerprint of the user, and a signature of the user to the device 1000. In a case where the POS terminal 2000 stores the authentication information in a separate storage space, the authentication information transmitter 2300 may transmit link information for downloading the authentication information to the device 1000.
  • The authenticator 2400 authenticates a transaction request from the device 1000. When the authenticator 2400 determines that the authentication information that is received from the device 1000 is equal to the authentication information that is generated by the POS terminal 2000, the authenticator 2400 may authenticate the transaction request that is received from the device 1000.
  • Also, according to a payment amount or types of an item to be purchased, the device 100 may transmit a preset type of authentication information to the POS terminal 2000. For example, the user may previously set types of the authentication information according to a payment amount or types of an item to be purchased, and the device 1000 may transmit the preset type of the authentication information to the POS terminal 2000. However, the present inventive concept is not limited thereto, and thus, the user may randomly preset types of the authentication information to be used.
  • When the device 1000 has transmitted the preset type of the authentication information to the POS terminal 2000, the authenticator 2400 may authenticate the transaction request from the device 1000 only when authentication information that is generated by the POS terminal 2000 is of the same type as the authentication information that has been transmitted to the POS terminal 2000.
  • The transaction requester 2500 requests a transaction with the server 3000. The transaction requester 2500 may transmit transaction information and the authentication information to the server 3000. The transaction requester 2500 may transmit transaction information and the authentication information, which are received from the device 1000, to the server 3000. Also, the transaction requester 2500 may transmit the authentication information that is generated by the POS terminal 2000 to the server 3000.
  • The memory 2600 stores various types of information that are used for the POS terminal 2000 to generate the authentication information, to compare the authentication information that is generated by the POS terminal 2000 with the authentication information that is received from the device 1000, and to request the transaction with the server 3000.
  • The transceiver 2700 exchanges the various types of information with the device 1000 and the server 3000, wherein the various types of information are used for the POS terminal 2000 to generate the authentication information, to compare the authentication information that is generated by the POS terminal 2000 with the authentication information that is received from the device 1000, and to request the transaction with the server 3000.
  • The controller 2800 controls all operations of the POS terminal 2000, and controls the authentication information generator 2100, the authentication information receiver 2200, the authentication information transmitter 2300, the authenticator 2400, the transaction requester 2500, the memory 2600, and the transceiver 2700 so as to allow the POS terminal 2000 to generate the authentication information, to compare the authentication information that is generated by the POS terminal 2000 with the authentication information that is received from the device 1000, and to request the transaction with the server 3000.
  • The one or more exemplary embodiments of the present invention may be embodied as a recording medium, e.g., a program module to be executed in computers, which include computer-readable commands. The computer storage medium may include any usable medium that may be accessed by computers, volatile and non-volatile medium, and detachable and non-detachable medium. Also, the computer storage medium may include a computer storage medium and a communication medium. The computer storage medium includes all of volatile and non-volatile medium, and detachable and non-detachable medium that are designed to store information including computer readable commands, data structures, program modules or other data. The communication medium includes computer-readable commands, a data structure, a program module, and other transmission mechanisms, and includes other information transmission mediums.
  • The present inventive concept may, however, be embodied in many different forms and should not be construed as being limited to the exemplary embodiments set forth herein; rather, these exemplary embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the inventive concept to those of ordinary skill in the art. For example, configuring elements that are singular forms may be executed in a distributed fashion, and also, configuring elements that are distributed may be combined and then executed.
  • While the present inventive concept has been particularly shown and described with reference to exemplary embodiments thereof, it will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope as defined by the following claims.

Claims (33)

What is claimed is:
1. A method of requesting, by a device, a transaction with a point of sale (POS) terminal, the method comprising:
storing authentication information that is generated by the device based on a user input to the device; and
when the device enters within a predetermined range from the POS terminal, providing the authentication information to the POS terminal,
wherein the authentication information that is provided to the POS terminal is compared with authentication information that is generated by the POS terminal based on a user input to the POS terminal, and then is used to authenticate a transaction request from the device.
2. The method of claim 1, further comprising:
providing transaction information to the POS terminal,
wherein, when the transaction request from the device is authenticated, the transaction information that is provided to the POS terminal is then provided from the POS terminal to a transaction server.
3. The method of claim 2, wherein, when the transaction request from the device is authenticated, at least one of the authentication information that is provided to the POS terminal and the authentication information that is generated by the POS terminal is then provided from the POS terminal to the transaction server.
4. The method of claim 3, wherein the authentication information that is provided to the transaction server is used by the transaction server to perform the transaction request from the device.
5. The method of claim 2, wherein the providing of the transaction information comprises providing the transaction information to the POS terminal when the transaction request from the device is authenticated.
6. The method of claim 1, wherein the authentication information comprises information about at least one of an image of a pupil of a user, a voice of the user, a fingerprint of the user, and a signature of the user.
7. The method of claim 1, wherein the authentication information comprises link information for downloading information about at least one of an image of a pupil of a user, a voice of the user, a fingerprint of the user, and a signature of the user.
8. The method of claim 1, wherein the transaction information comprises at least one of card information, coupon information, and user information.
9. A method of requesting, by a device, a transaction with a point of sale (POS) terminal, the method comprising:
storing authentication information that is generated by the device based on a user input to the device;
when the device enters within a predetermined range from the POS terminal, receiving authentication information, which is generated by the POS terminal based on a user input to the POS terminal, from the POS terminal;
authenticating a transaction request from the device, based on the authentication information generated by the device and the received authentication information; and
providing transaction information to the POS terminal.
10. The method of claim 9, wherein, when the transaction request from the device is authenticated, the transaction information that is provided to the POS terminal is then provided from the POS terminal to a transaction server.
11. The method of claim 10, wherein, when the transaction request from the device is authenticated, at least one of the authentication information that is provided to the POS terminal and the authentication information that is generated by the POS terminal is then provided from the POS terminal to the transaction server.
12. The method of claim 11, wherein the authentication information that is provided to the transaction server is used by the transaction server to perform the transaction request from the device.
13. The method of claim 9, wherein the providing of the transaction information comprises providing the transaction information to the POS terminal when the transaction request from the device is authenticated.
14. The method of claim 9, wherein the authentication information comprises information about at least one of an image of a pupil of a user, a voice of the user, a fingerprint of the user, and a signature of the user.
15. The method of claim 9, wherein the authentication information comprises link information for downloading information about at least one of an image of a pupil of a user, a voice of the user, a fingerprint of the user, and a signature of the user.
16. The method of claim 9, wherein the transaction information comprises at least one of card information, coupon information, and user information.
17. A method of authenticating, by a point of sale (POS) terminal, a transaction request from a device, the method comprising:
when the device enters within a predetermined range from the POS terminal, receiving authentication information that is stored in the device from the device;
generating authentication information based on a user input to the POS terminal;
comparing the received authentication information and the generated authentication information; and
authenticating the transaction request from the device based on a result of the comparing.
18. The method of claim 17, further comprising:
receiving transaction information from the device; and
when the transaction request from the device is authenticated, providing the received authentication information to a transaction server.
19. The method of claim 18, wherein, when the transaction request from the device is authenticated, at least one of the received authentication information and the generated authentication information is then provided from the POS terminal to the transaction server.
20. The method of claim 19, wherein the at least one of the received authentication information and the generated authentication information that is provided from the POS terminal to the transaction server is used by the transaction server to perform the transaction request from the device.
21. A method of authenticating, by a point of sale (POS) terminal, a transaction request from a device, the method comprising:
generating authentication information based on a user input to the POS terminal; and
when the device enters within a predetermined range from the POS terminal, providing the authentication information to the device,
wherein the authentication information that is provided to the device is compared with authentication information that is generated by the device based on a user input to the device, and a result of the comparison is used to authenticate the transaction request from the device.
22. A device comprising:
an authentication information storage that is configured to store authentication information that is generated by the device based on a user input to the device;
an authentication information comparer that is configured to receive authentication information, which is generated by a point of sale (POS) terminal based on a user input to the POS terminal, from the POS terminal when the device enters within a predetermined range from the POS terminal, and compare the authentication information generated by the device and the received authentication information; and
a transaction requester that is configured to request a transaction with the POS terminal, based on a result of the comparing.
23. A point of sale (POS) terminal comprising:
an authentication information generator that is configured to generate authentication information based on a user input to the POS terminal; and
an authentication information transmitter that is configured to transmit the authentication information to the device, when the device enters within a predetermined range from the POS terminal,
wherein the authentication information that is provided to the device is compared with authentication information that is generated by the device based on a user input to the device, and a result of the comparison is used to authenticate a transaction request from the device.
24. A non-transitory computer-readable recording medium having recorded thereon a program, which when executed by a computer, performs a method comprising:
storing authentication information that is generated by the device based on a user input to the device; and
when the device enters within a predetermined range from the POS terminal, providing the authentication information to the POS terminal,
wherein the authentication information that is provided to the POS terminal is compared with authentication information that is generated by the POS terminal based on a user input to the POS terminal, and then is used to authenticate a transaction request from the device.
25. A computer-readable recording medium having recorded thereon a program, which when executed by a computer, performs the method comprising:
storing authentication information that is generated by the device based on a user input to the device;
when the device enters within a predetermined range from the POS terminal, receiving authentication information, which is generated by the POS terminal based on a user input to the POS terminal, from the POS terminal;
authenticating a transaction request from the device, based on the authentication information generated by the device and the received authentication information; and
providing transaction information to the POS terminal.
26. A non-transitory computer-readable recording medium having recorded thereon a program, which when executed by a computer, performs, by using a computer, a method comprising:
when the device enters within a predetermined range from the POS terminal, receiving authentication information that is stored in the device from the device;
generating authentication information based on a user input to the POS terminal;
comparing the received authentication information and the generated authentication information; and
authenticating the transaction request from the device based on a result of the comparing.
27. A non-transitory computer-readable recording medium having recorded thereon a program, which when executed by a computer, performs, by using a computer, a method comprising:
generating authentication information based on a user input to the POS terminal; and
when the device enters within a predetermined range from the POS terminal, providing the authentication information to the device,
wherein the authentication information that is provided to the device is compared with authentication information that is generated by the device based on a user input to the device, and a result of the comparison is used to authenticate the transaction request from the device.
28. A system for authenticating a transaction request between devices, the system comprising:
a first device that comprises a storage, a camera, a touch screen, and a microphone, the first device configured to pre-store authentication information input by a user into the device using the camera, the touch screen, or the microphone; and
a second device that comprises a storage, a camera, a touch screen, and a microphone,
wherein when the first device is physically moved within a range of the second device for communicating using a wireless personal area network (WPAN), the first device is further configured to automatically transmit the authentication information to the second device using the WPAN, and in response to receiving the authentication information, the second device is configured to request and receive an input from a target user through one of the camera, the touch screen, and the microphone of the second device, generate authentication information using the input, and compare the received authentication information with the generated authentication information, and
wherein in response to receiving a transaction request from the first device, the second device is further configured to authenticate the transaction request the when the generated authentication data matches the received authentication data.
29. The system according to claim 28, wherein the WPAN includes near field communication, ZigBee communication, radio frequency identification (RFID) communication, or ultra wide band (UWB) communication.
30. The system according to claim 29, wherein the WPAN uses near field communication.
31. The system according to claim 29, wherein the WPAN uses RFID communication.
32. The system according to claim 28, wherein the authentication information comprises information about at least one of an image of a pupil of a user input through the camera, a voice of the user input through the microphone, a fingerprint of the user input through the touch screen, and a signature of the user input through the touch screen of the first device.
33. The system according to claim 32, wherein the authentication information generated by the second device comprises information about at least one of an image of a pupil of a user input through the camera, a voice of the user input through the microphone, a fingerprint of the user input through the touch screen, and a signature of the user input through the touch screen of the first device.
US13/965,364 2012-08-23 2013-08-13 Method and system for authenticating transaction request from device Pending US20140058865A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
KR10-2012-0092541 2012-08-23
KR1020120092541A KR20140026844A (en) 2012-08-23 2012-08-23 Method and system for authenticating transaction request from device

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US16/252,109 Continuation US20190172056A1 (en) 2012-08-23 2019-01-18 Method and system for authenticating transaction request from device

Publications (1)

Publication Number Publication Date
US20140058865A1 true US20140058865A1 (en) 2014-02-27

Family

ID=49036447

Family Applications (1)

Application Number Title Priority Date Filing Date
US13/965,364 Pending US20140058865A1 (en) 2012-08-23 2013-08-13 Method and system for authenticating transaction request from device

Country Status (10)

Country Link
US (1) US20140058865A1 (en)
EP (2) EP2701108A1 (en)
JP (2) JP2014041616A (en)
KR (1) KR20140026844A (en)
CN (1) CN103632265B (en)
AU (1) AU2013306668B2 (en)
BR (1) BR112015003848A2 (en)
RU (1) RU2615334C2 (en)
TW (1) TWI585701B (en)
WO (1) WO2014030836A1 (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103903133A (en) * 2014-04-09 2014-07-02 广西中烟工业有限责任公司 High-safety POS machine system and payment processing method thereof
US20140337220A1 (en) * 2012-05-15 2014-11-13 Bphav, Llc Systems, methods, and computer program products for the receipt of transaction offers
US9202212B1 (en) 2014-09-23 2015-12-01 Sony Corporation Using mobile device to monitor for electronic bank card communication
US9292875B1 (en) 2014-09-23 2016-03-22 Sony Corporation Using CE device record of E-card transactions to reconcile bank record
US9317847B2 (en) 2014-09-23 2016-04-19 Sony Corporation E-card transaction authorization based on geographic location
US9355424B2 (en) 2014-09-23 2016-05-31 Sony Corporation Analyzing hack attempts of E-cards
US9367845B2 (en) 2014-09-23 2016-06-14 Sony Corporation Messaging customer mobile device when electronic bank card used
US9378502B2 (en) 2014-09-23 2016-06-28 Sony Corporation Using biometrics to recover password in customer mobile device
US9519901B1 (en) * 2015-09-16 2016-12-13 Square, Inc. Biometric payment technology
US9558488B2 (en) 2014-09-23 2017-01-31 Sony Corporation Customer's CE device interrogating customer's e-card for transaction information
TWI578245B (en) * 2014-04-08 2017-04-11 Rakuten Inc
WO2017072647A1 (en) * 2015-10-27 2017-05-04 Fox Glacier Asset Management Llc Mobile payment system
US9646307B2 (en) * 2014-09-23 2017-05-09 Sony Corporation Receiving fingerprints through touch screen of CE device
US9953323B2 (en) 2014-09-23 2018-04-24 Sony Corporation Limiting e-card transactions based on lack of proximity to associated CE device
US10262316B2 (en) 2014-09-23 2019-04-16 Sony Corporation Automatic notification of transaction by bank card to customer device

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3063608A1 (en) 2013-10-30 2016-09-07 Apple Inc. Displaying relevant use interface objects
CN103927654B (en) * 2014-04-17 2018-03-30 福建联迪商用设备有限公司 A mobile communication terminal pos machine contacting method, apparatus, and method of payment
US9324067B2 (en) 2014-05-29 2016-04-26 Apple Inc. User interface for payments
WO2016049273A1 (en) * 2014-09-24 2016-03-31 Sri International Control of wireless communication device capability in a mobile device with a biometric key
CN105719130A (en) * 2014-12-02 2016-06-29 中兴通讯股份有限公司 Payment verification method, payment verification device and payment verification system
US20160224973A1 (en) 2015-02-01 2016-08-04 Apple Inc. User interface for payments
SG10201506662XA (en) * 2015-03-03 2016-10-28 Mastercard Asia Pacific Pte Ltd Method For Enabling A Communication Link Between A Mobile Terminal And A Receiving Terminal
US9940637B2 (en) * 2015-06-05 2018-04-10 Apple Inc. User interface for loyalty accounts and private label accounts
KR101721132B1 (en) * 2015-09-02 2017-03-29 엘지전자 주식회사 Mobile terminal and method for controlling the same
CN105405217A (en) * 2015-10-13 2016-03-16 昆山古鳌电子机械有限公司 Automatic transaction system with crime prevention system
KR101808733B1 (en) 2016-10-24 2018-01-19 주식회사 올아이티탑 Electronic payment system using finger vein recognition and method for processing thereof

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100325002A1 (en) * 2008-06-11 2010-12-23 Lmr Inventions, Llc System and method for verifying user identity information in financial transactions
US20130147603A1 (en) * 2011-12-13 2013-06-13 Irisguard Inc. Iris Cameras

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6601762B2 (en) * 2001-06-15 2003-08-05 Koninklijke Philips Electronics N.V. Point-of-sale (POS) voice authentication transaction system
JP4187451B2 (en) * 2002-03-15 2008-11-26 松下電器産業株式会社 Personal authentication device and the mobile terminal device
JP2004030176A (en) * 2002-06-25 2004-01-29 Nec Infrontia Corp System, method, and program for settlement by using fingerprint
US7784684B2 (en) * 2002-08-08 2010-08-31 Fujitsu Limited Wireless computer wallet for physical point of sale (POS) transactions
CN1514635A (en) * 2003-04-29 2004-07-21 叶丰平 Method of realizing mobile electronic business using finger print intelligence terminal and intelligent hand set
JP2005242768A (en) * 2004-02-27 2005-09-08 Toshiba Tec Corp Settlement system, settlement terminal used for settlement system, and server for settlement terminal
JP2005346606A (en) * 2004-06-07 2005-12-15 Matsushita Electric Ind Co Ltd Electronic settlement system using mobile telephone
EP1815383A4 (en) * 2004-10-26 2010-12-22 Transurban Ltd Transaction system and method
JP2006221515A (en) * 2005-02-14 2006-08-24 Oki Joho Systems:Kk Pos system
JP2006350588A (en) * 2005-06-15 2006-12-28 Sharp Corp Information processing apparatus and information processing system
US20080126260A1 (en) * 2006-07-12 2008-05-29 Cox Mark A Point Of Sale Transaction Device With Magnetic Stripe Emulator And Biometric Authentication
JP4382793B2 (en) * 2006-09-28 2009-12-16 株式会社エヌ・ティ・ティ・ドコモ Settlement system, settlement system, and the mobile station
CN201226167Y (en) * 2008-05-30 2009-04-22 汇宝科技有限公司 POS terminal
SK50852008A3 (en) * 2008-09-19 2010-06-07 Logomotion, S. R. O. System and method for contactless payment authorization
US20100082490A1 (en) * 2008-09-30 2010-04-01 Apple Inc. Systems and methods for secure wireless transactions
KR20100060707A (en) * 2008-11-28 2010-06-07 주식회사 하렉스인포텍 Patment and authorization, settlement and membership joining method, device and system by purchaser using mobile communication terminal
CN101770668B (en) * 2008-12-31 2012-05-30 技嘉科技股份有限公司 Mobile phone capable of transacting with electronic transaction device
US20100235313A1 (en) * 2009-03-16 2010-09-16 Tim Rea Media information analysis and recommendation platform
CN101853542B (en) * 2009-04-01 2012-01-18 张子文 IC card consumption system integrating finger vein identification technology
CN101901517A (en) * 2009-05-27 2010-12-01 上海点佰趣信息科技有限公司 Fingerprint payment certificate server, fingerprint payment method and system thereof
JP2013504126A (en) * 2009-09-04 2013-02-04 トーマス セーケThomas Szoke Personal multifunction access device comprising a separate format for authenticating and controlling data exchange
US9292870B2 (en) * 2010-12-13 2016-03-22 Qualcomm Incorporated System and method for point of service payment acceptance via wireless communication

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100325002A1 (en) * 2008-06-11 2010-12-23 Lmr Inventions, Llc System and method for verifying user identity information in financial transactions
US20130147603A1 (en) * 2011-12-13 2013-06-13 Irisguard Inc. Iris Cameras

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140337220A1 (en) * 2012-05-15 2014-11-13 Bphav, Llc Systems, methods, and computer program products for the receipt of transaction offers
TWI578245B (en) * 2014-04-08 2017-04-11 Rakuten Inc
CN103903133A (en) * 2014-04-09 2014-07-02 广西中烟工业有限责任公司 High-safety POS machine system and payment processing method thereof
US10262316B2 (en) 2014-09-23 2019-04-16 Sony Corporation Automatic notification of transaction by bank card to customer device
US9317847B2 (en) 2014-09-23 2016-04-19 Sony Corporation E-card transaction authorization based on geographic location
US9355424B2 (en) 2014-09-23 2016-05-31 Sony Corporation Analyzing hack attempts of E-cards
US9367845B2 (en) 2014-09-23 2016-06-14 Sony Corporation Messaging customer mobile device when electronic bank card used
US9378502B2 (en) 2014-09-23 2016-06-28 Sony Corporation Using biometrics to recover password in customer mobile device
US9292875B1 (en) 2014-09-23 2016-03-22 Sony Corporation Using CE device record of E-card transactions to reconcile bank record
US9558488B2 (en) 2014-09-23 2017-01-31 Sony Corporation Customer's CE device interrogating customer's e-card for transaction information
US9202212B1 (en) 2014-09-23 2015-12-01 Sony Corporation Using mobile device to monitor for electronic bank card communication
US9953323B2 (en) 2014-09-23 2018-04-24 Sony Corporation Limiting e-card transactions based on lack of proximity to associated CE device
US9646307B2 (en) * 2014-09-23 2017-05-09 Sony Corporation Receiving fingerprints through touch screen of CE device
US9652760B2 (en) 2014-09-23 2017-05-16 Sony Corporation Receiving fingerprints through touch screen of CE device
US9519901B1 (en) * 2015-09-16 2016-12-13 Square, Inc. Biometric payment technology
WO2017072647A1 (en) * 2015-10-27 2017-05-04 Fox Glacier Asset Management Llc Mobile payment system

Also Published As

Publication number Publication date
TW201413610A (en) 2014-04-01
RU2015109972A (en) 2016-10-20
AU2013306668B2 (en) 2016-05-19
EP2953077A1 (en) 2015-12-09
JP2014041616A (en) 2014-03-06
RU2615334C2 (en) 2017-04-04
EP2701108A1 (en) 2014-02-26
JP2019012538A (en) 2019-01-24
WO2014030836A1 (en) 2014-02-27
BR112015003848A2 (en) 2017-08-08
CN103632265B (en) 2019-05-03
KR20140026844A (en) 2014-03-06
AU2013306668A1 (en) 2015-02-05
CN103632265A (en) 2014-03-12
TWI585701B (en) 2017-06-01

Similar Documents

Publication Publication Date Title
US10152706B2 (en) Secure NFC data authentication
AU2014353151B2 (en) Automated account provisioning
US9105025B2 (en) Enhanced near field communications attachment
US20120246071A1 (en) System and method for presentment of nonconfidential transaction token identifier
US9177312B1 (en) System and method for providing contactless payment with a near field communications attachment
US9123041B2 (en) System and method for presentation of multiple NFC credentials during a single NFC transaction
EP2836971B1 (en) Systems, methods, and computer readable media for conducting a transaction using cloud based credentials
US8422949B1 (en) Public kiosk providing near field communication services
US20150195133A1 (en) Methods and systems for provisioning multiple devices
US8732022B2 (en) Secure mobile-based financial transactions
US20130171967A1 (en) Providing Secure Execution of Mobile Device Workflows
US8918855B2 (en) Transaction provisioning for mobile wireless communications devices and related methods
US20130204793A1 (en) Smart communication device secured electronic payment system
US20140114856A1 (en) System for performing payment in mobile terminal
US20100082490A1 (en) Systems and methods for secure wireless transactions
JP6441396B2 (en) System and method for dynamic one o'clock settlement authentication in a portable communication device
US20120159612A1 (en) System for Storing One or More Passwords in a Secure Element
KR101681436B1 (en) Method of pairing mobile devices
US20140164254A1 (en) Authenticating Remote Transactions Using a Mobile Device
US20130041831A1 (en) Secure and shareable payment system using trusted personal device
US9312923B2 (en) Personal point of sale
US20140273857A1 (en) Systems and methods to secure short-range proximity signals
US20170206524A1 (en) System and method using authorization and direct credit messaging
US20140040139A1 (en) System and method for dynamic temporary payment authorization in a portable communication device
US20160335623A1 (en) Reverse Payment Flow

Legal Events

Date Code Title Description
AS Assignment

Owner name: SAMSUNG ELECTRONICS CO., LTD., KOREA, REPUBLIC OF

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:YANG, DO-JUN;PARK, SUN-EUNG;SEO, JIN-GOO;AND OTHERS;REEL/FRAME:030996/0585

Effective date: 20130726

STCB Information on status: application discontinuation

Free format text: FINAL REJECTION MAILED