[DESCRIPTION]
[invention Title] BILLING SYSTEM ACCORDING TO ORDERING BY TELEPHONE AND METHOD THEREOF [Technical Field] The present invention relates, in general, to a payment system and method based on the authentication of a called party and a calling party and, more particularly, to a payment system and method, which can authenticate a called party and a calling party, arrange payment for an order and issue a receipt for a transaction simultaneously with telephone ordering, when the calling party places an order by telephone .
[Background Art] In Korea, a cash receipt system began on January 1
2001 with respect to cash transactions above 5,000 Won. A cash receipt system is a system for notifying the Office of National Tax Administration of cash transaction details through terminals placed in shops or restaurants, which are affiliated stores, using credit cards (or resident registration numbers), etc., and allowing employees to benefit from deductions and exemptions in year-end settlement using a certificate of usage record provided
from the Office of National Tax Administration. If a consumer or user presents a card for identifying the customer or user (a credit card, a debit card, etc.) to an affiliated store together with cash when the consumer or user pays for a purchased commodity or service, the affiliated store issues a cash receipt through ,a terminal. In this case, the card is required to identify the user, and another card is not required. When having no such card, the user presents identification to provide the resident registration number thereof, and inputs the resident registration number, thus the user can be issued a cash receipt . In deductions and exemptions using such a cash receipt, 20% of the amount used exceeding 10% of annual wages is deducted from earned income depending on the amount used. In an affiliated store, 1% of sales is deducted from the amount of value-added tax to be paid. Cash transactions, conducted by independent businessmen, are automatically exposed through such a cash receipt system, thus enhancing the fairness of taxation, and reducing the tax burden on employees . With the implementation of the cash receipt system, each affiliated store must be provided with a cash receipt issuing machine, and must prepare for implementations, such as the construction of a computerized system for the cash receipt system or the selection of a Value-Added Network (VAN)
service provider. Meanwhile, in the case of ordering and payment by telephone, cash payment may frequently occur. With the implementation of a cash receipt system, cash receipts must be issued with respect to such ordering and payment. However, in order to issue cash receipts with respect to ordering and payment by telephone, there is the inconvenience of personally disclosing or inputting a card number or resident registration number required to identify a calling party who is an orderer . Further, personal information may leak through such an identification procedure and then be illegally used. Therefore, the present invention proposes a system for issuing a cash receipt simultaneously with telephone ordering, which is convenient and is capable of satisfying demand for security even in the case of ordering and payment by telephone.
[Disclosure] [Technical Problem] Accordingly, an object of the present invention to solve the above problems is to provide a payment system and method, which can conveniently issue cash receipts with respect to ordering and payment by telephone, etc. Another object of the present invention is to provide a payment system and method, which can issue cash receipts
with respect to ordering and payment by telephone, etc., without a credit card number or resident registration number being manually input. A further object of the present invention is to provide a payment system and method, which can completely satisfy demand for security and authentication.
[Technical Solution] In accordance with one aspect of the present invention to accomplish the above objects, there is provided a payment system, in which a calling party places an order with a called party using a communication terminal and pays for the order, and a receipt is output through a called terminal, comprising a calling terminal for allowing the calling party to request call connection from the called terminal, a telephone network for transmitting phone numbers of the called terminal and the calling terminal to a payment server and requesting service from the payment server at the same time that the telephone network transmits a call connection signal to the called terminal if the call connection request is generated by the calling terminal, the payment server for authenticating the calling terminal and the called terminal in response to the service request from the telephone network, transmitting payment amount information received from the called terminal to the calling terminal, and transmitting payment approval
information and additional calling party information to the called terminal if the payment approval information is received from a server of a payment institution, the server of the payment institution for receiving payment amount information and identification information about the calling party from the payment server, and transmitting payment approval information to the payment server if payment has been successfully processed, and the called terminal for encrypting payment amount information and identification information about the called terminal and transmitting the encrypted information to the payment server, or receiving payment approval information and additional calling party information from the payment server and outputting the receipt using the payment approval information and the additional calling party information, wherein the receipt is output through the called terminal at the same time that ordering and payment are performed using the communication terminal of the calling party. Preferably, the payment server may comprise a data transmission/reception unit for receiving the phone number of the calling party from the telephone network or transmitting data to outside of the payment server, a data encryption unit for generating an identification number for the calling party and encrypting the calling party identification number, and an authentication unit for
authenticating the called terminal using the calling party identification number and predetermined data received from the called terminal if the predetermined data are received from the called terminal through the data transmission/reception unit, wherein the data encrypted by the data encryption unit are transmitted to the called terminal using the data transmission/reception unit. Preferably, the payment server may comprise a user database for storing and managing identification information about a registered user and additional user information, the user database including at least one item selected from among a group including phone numbers of wired/wireless telephones, a password, a resident registration number, a name, a credit card number and an address. Preferably, the payment server may identify a user corresponding to the phone number of the calling terminal using the user database, and authenticates the calling party. Preferably, the payment server may further comprise a random number generation unit for generating a random number and synchronizing the generated random number with the called terminal, and the authentication unit may detect a terminal serial number corresponding to a call number of the called terminal from the database and authenticates data received from the called terminal using the random
number that is synchronized with the called terminal by the random number generation unit, the calling party identification number and the terminal serial number of the called terminal. In accordance with another aspect of the present invention, there is provided a payment server, comprising a user database for storing and managing information about a registered user, a data transmission/reception unit for receiving phone numbers of a calling terminal and a called terminal from a telephone network, transmitting or receiving data to or from both the calling terminal and the called terminal, or transmitting payment approval information and additional calling party information, which are received from a server of a payment institution, to the called terminal, a data encryption unit for generating a calling party identification number for the phone number of the calling terminal, and encrypting the generated calling party identification number, a random number generation unit for generating a random number, and synchronizing the generated random number with the called terminal, and an authentication unit for receiving the encrypted information from the called terminal and authenticating the encrypted information, received from the called terminal, using the calling party identification number, a call number of the called terminal and the random number. In accordance with a further aspect of the present
invention, there is provided a payment method performed by a payment system, in which a calling party places an order for a commodity or service and pays for the commodity or service using a communication terminal and a called party issues a receipt for this transaction, comprising the steps of (a) receiving phone numbers of the calling terminal and a called terminal from a telephone network, (b) generating a calling party identification number for the phone number of the calling terminal, generating a random number and synchronizing the generated random number with the called terminal, (c) encrypting the calling party identification number and transmitting the encrypted calling party identification number to the called terminal, (d) receiving the encrypted information from the called terminal, (e) detecting a serial number of the called terminal corresponding to a call number of the called terminal from a database, (f) authenticating the information received from the called terminal using the calling party identification number, the random number synchronized with the called terminal, and the serial number of the called terminal, (g) transmitting payment amount information to the calling party, receiving a password from the calling party and authenticating the calling party using the password, (h) transmitting payment related information to a server of a predetermined payment institution and receiving payment approval information from the server of the payment
institution, and (i) transmitting the payment approval information and additional calling party information to the called terminal, wherein the receipt can be output through the called terminal at the same time that the calling party places an order and pays for the order by telephone. In accordance with yet another aspect of the present invention, there is provided a payment system, in which a first user who is an orderer places an order using a first terminal with a second terminal of a second user who is an ordering agent, and pays for the order, and a third terminal of a third user who is a service provider outputs a receipt, comprising a telephone network for transmitting phone numbers of the second and first user terminals to a payment server and requesting service from the payment server, at the same -time that the telephone network connects a call from the first user terminal to the second user terminal, the payment server for authenticating the first and second terminals in response to the service request from the telephone network, transmitting payment amount information received from the second terminal to the first terminal, and transmitting payment approval information and additional information about the orderer to the second or third terminal if the payment approval information has been received from a server of a payment institution, the server of the payment institution for receiving the payment amount information and identification
information about the orderer from the payment server, and transmitting payment approval information to the payment server if payment has been successfully processed, and the second terminal for encrypting the payment amount information and identification information about the second terminal and transmitting the encrypted information to the payment server, or receiving the payment approval information and the additional orderer information from the payment server and outputting a receipt using the payment approval information and the additional orderer information, wherein the receipt is output through the second or third terminal at the same time that the orderer completes ordering and payment. Preferably, the second user may be a call center for handling an ordering operation or telemarketing operation for the third user.
[Advantageous Effects] Accordingly, the system of the present invention can issue cash receipts even when ordering is performed by telephone and deferred payment is made by cash. Further, in this case, an orderer can be promptly issued a cash receipt without personally inputting a resident registration number or credit card number required to identify or authenticate the orderer,
[Description of Drawings] FIG. 1 is a view showing the entire construction of a payment system according to an embodiment of the present invention; FIG. 2 is a flowchart sequentially showing the operation of the payment system according to an embodiment of the present invention; FIGS. 3a and 3b are flowcharts sequentially showing the operation of a payment server in the payment system according to an embodiment of the present invention; FIG. 4 is a view showing the entire construction of a payment system according to another embodiment of the present invention; FIG. 5 is a view showing the entire construction of a payment system according to a further embodiment of the present invention; and FIG. 6 is a view showing the construction of a payment server of the payment system according to the present invention. [Best Mode] Hereinafter, a payment system and method based on the authentication of a calling party and a called party on a communication terminal according to embodiments of the present invention will be described in detail with reference to the attached drawings.
Referring to FIG. 1, an authentication-based payment system according to an embodiment of the present invention includes a calling party 100 for placing an order and paying fo the order using a communication terminal, such as a telephone, a called party 110 for providing specific service in response to the order of the calling party, a telephone network 120, a payment server 130 for providing payment service according to the present invention, and servers 150, 160 and 170 of one or more payment institutions for processing payment. Hereinafter, the construction and operation of the components constituting the system of the present invention as described above are described in detail. First, the calling party makes a call to the called party that provides a specific service, using a communication terminal, and places an order to request desired service. The called party requests the calling party to pay depending on the order of the calling party and issues a cash receipt or card receipt according to payment. In this case, as the communication terminal used by the calling party, various terminals, such as a wired/wireless telephone, a smart phone or a Personal Digital Assistant (PDA) , can be used, and any devices enabling telephone communication, other than the above terminals, can be used. Further, as a terminal used by the called party, terminals enabling telephone communication
and data transmission/reception and capable of issuing receipts must be used. However, the terminal of the called party according to an embodiment of the present invention can be separated into a telephone for ordering and a terminal for transmitting/receiving data to/from the payment server and outputting receipts. Further, the terminal of the called party according to another embodiment may be implemented so that a telephone ' and a terminal functioning to transmit/receive data and output receipts are integrated into a single body. Next, the telephone network 120 operates in conjunction with the payment server 130, and performs operations required for the authentication of the called party and the calling party, the payment of the calling party and the issuance of a receipt of the called party, at the same time that the telephone network 120 connects a call to the called party when a call connection request signal is received from the calling party. This process is described in detail. First, if a call connection request signal is received from the calling party, the telephone network connects a call from the calling party to the called party and determines whether the called party is a service subscriber. Next, if the called party is the service subscriber, the telephone network requests the service of the system according to the present invention from a payment server while transmitting the phone numbers
of a calling terminal and a called terminal to the payment server. In this case, according to the preferred embodiment of the present invention in FIG. 1, a user database for storing and managing a list of service subscribers is installed in the payment server. The telephone network determines whether the called party is a service subscriber through the payment server when a call connection signal is received from the calling party. However, in another embodiment of the present invention, the database can be variously installed in the telephone network, a Customer Oriented Information System (COIS) , etc., depending on the design of a system. If necessary, the telephone network can be connected to the database and be provided with corresponding information. If the payment server 130 receives the phone number of the calling party from the telephone network and receives a service provision signal, the payment server 130 performs a procedure of authenticating the calling party and the called party, receives information about a payment amount from the called party and processes a payment procedure in conjunction with the server of a corresponding payment institution. The construction and operation of the payment server will be described later. If payment approval information, including a payment approval number, is received from a payment institution, the payment server 130 transmits additional calling party
information and payment approval information to the called terminal 110. The called terminal 110 outputs a corresponding receipt, such as a cash receipt or card receipt, using the information received from the payment server 130. The payment system of the present invention can process payment using cash, a credit card, a debit card, a transfer or communication charge summation, depending on the calling party's selection. As shown in FIG. 1, if the calling party selects a transfer, a payment institution is a corresponding bank 150, and the payment server accesses the computerized system of the bank 150 and requests the computerized system to transfer money from the calling party's account to the called party' account. The computerized system of the bank performs authentication, transfers a payment amount to the called party's account, and transmits transfer payment information to the payment server. If the calling party selects credit card payment, a payment institution is a corresponding credit card company 160, and the payment server accesses the computerized system of the corresponding credit card company and requests the computerized system to process payment to the called party using the calling party's card. The computerized system of the credit card company performs authentication, processes payment using a credit card, and
transmits payment approval information, including an approval number, to the payment server. Further, if the calling party selects electronic payment using a Value-Added Network (VAN) service provider, the payment server requests the VAN service provider 180 to process payment using the calling party' s specific card or to transfer money from the calling party' s bank account to the called party's account. The VAN service provider, having received the request, requests a corresponding payment institution to approve receivables, and receives a payment approval number in response to the approval request. Next, the VAN service provider transmits payment approval information to the payment server. Further, if the calling party selects cash payment, a payment institution is a cash payment institution 170, and the payment server accesses the computerized system of the cash payment institution, transmits identification information about the calling party, called party information, payment amount information, etc. to the computerized system, and requests the computerized system to process payment. The computerized system of the cash payment institution performs authentication, approves cash payment, and transmits payment approval information, including a payment approval number for the issuance of a cash receipt, to the payment server. Further, if the calling party selects communication
charge summation payment, a payment institution is a telephone office, and the payment server transmits information, such as a payment amount or the phone number of the calling party, to the billing system of the telephone office, and requests the billing system to add the payment amount to communication charges. Next, the payment server receives payment approval information from the billing system of the telephone office. Meanwhile, in an embodiment of the present invention, a payment method is not selected by the user, but only one payment method can be used according to the system. Hereinafter, with reference to FIG. 6, the construction of the payment server 130 in the payment system of the present invention is described. As shown in FIG. 6, the payment server includes a user database 600, a data transmission/reception unit 610, a data encryption unit 620, a random number generation unit 630, and an authentication unit 640. First, the user database unit 600 is used to store and manage identification information about a registered user and additional user information, and has items, such as the wired/wireless telephone numbers of the user, a serial number of a user terminal, a password, a resident registration number, a name, a credit card number, or an address. The data transmission/reception unit 610
transmits/receives data to/from the telephone network, the calling terminal, the called terminal and the servers of payment institutions. If the phone number of the calling terminal is received from the telephone network through the data transmission/reception unit, the data encryption unit 620 generates a calling party identification number for the calling terminal, encrypts the generated calling party identification number and transmits the encrypted calling party identification number to the called terminal through the data transmission/reception unit. The random number generation unit 630 generates a random number in real time, and synchronizes the generated random number with the called terminal . The authentication unit 640 authenticates the data, received from the called terminal through the data transmission/reception unit, and the called terminal. If the data are received from the called terminal, the authentication unit 640 detects a terminal serial number corresponding to the call number of the called terminal from the user database, and generates an encryption key according to a predetermined encryption algorithm using the random number, synchronized with the called terminal by the random number generation unit, the calling party identification number and the terminal serial number. It is determined whether the generated encryption key is
identical to a key received from the called terminal, and authentication succeeds if the keys are identical to each other. Hereinafter, with reference to FIG. 2 and FIGS. 3a and 3b, the operating process of the payment system of the present invention is described in detail based on the payment server 130. First, at step 200, the telephone network requests service to be provided by the called party from the payment server at the same time that the telephone network transmits the phone number of the calling terminal to the payment server in response to a call connection request from the calling party, and the payment server generates and stores a calling party identification number for the telephone number of the calling terminal in response to the request received from the telephone network. Next, at step 210, the calling party identification number is encrypted using hash code, and the encrypted calling party identification number is transmitted to the called terminal. Meanwhile, if the called party accepts an order from the calling party, inputs a payment amount for the order to the called terminal and presses a payment confirmation button, the called terminal encrypts the serial number of the called terminal and the payment amount using the encrypted calling party identification number, received from the payment server, and the random number,
synchronized with the called terminal, and transmits the encrypted information to the payment server. At step 220, the payment server receives information about the encrypted called terminal serial number and the encrypted payment amount from the called terminal . At step 230, the payment server detects a terminal serial number corresponding to the call number of the called terminal from the user database, and authenticates the encrypted information, received from the called terminal, and the called terminal, using the detected terminal serial number, the calling party identification number and the random number that is synchronized with the called terminal. The authentication of the called terminal is described in detail. First, the payment server detects a terminal serial number corresponding to the call number of the called terminal from the user database. The detected terminal serial number and the random number, synchronized with the called terminal, are combined, and then the combined information is encrypted using the calling party identification number. The encrypted information is encrypted again using a predetermined encryption algorithm, so that a predetermined encryption key is generated. If the encryption key generated in this way is identical to the key received from the called terminal, authentication succeeds . The embodiment of the present invention employs an encryption method using hash code as an encryption
algorithm, but it is apparent that any encryption method, in addition to this encryption method, can be used. Next, at step 240, the payment server requests the calling party to input a password, and verifies whether the password input by the calling terminal is identical to corresponding information stored in the database of the payment server. If the password is identical to the corresponding information, the calling party is authenticated. Next, at step 250, the payment server transmits payment information, such as a payment amount, to the calling party through the telephone network. At step 260, the payment server causes the calling party to select and input a payment means . In the case where the calling party selects "cash payment" as a payment means, at step 270, the payment server requests the calling party to input a password if the calling party is a registered user, while the payment server requests the calling party to input identification information (for example, a resident registration number, a credit card number, etc.) if the calling party is not a registered user. Next, at step 272, if corresponding information is input by the calling party, the payment server transmits the input information and payment amount to a cash payment institution, and requests the cash payment institution to approve payment. At step 274,
payment approval information, including a payment approval number, is received from the cash payment institution. If the calling party selects "credit card payment" as a payment means, the payment server requests the calling party to input a password for the payment means at step 280. At step 282, if the password has been input by the calling party, the payment server transmits the password and payment amount to a corresponding payment institution, and requests the payment institution to approve payment. Accordingly, at step 284, payment approval information, including a payment approval number, is received from the payment institution. If the calling party selects "communication charge summation payment" as a payment means, the payment server requests the calling party to input a password for the payment means at step 286. At step 287, if the password has been input by the calling party, the payment server transmits the input password, the payment amount and the phone number of the calling terminal to the billing system of the telephone office, and requests the billing system to approve payment. At step 288, payment approval information, including a payment approval number, is received from the billing system of the telephone office. Through the above process, if the payment approval information is received from the corresponding payment institution, such as a cash payment institution or credit
card company, the payment approval information and additional calling party information are transmitted to the called terminal at step 290, and the process is terminated. In this case, the called terminal, having received the payment approval information and the additional calling party information from the payment server, can output a cash receipt or card receipt using the above information. [Mode for Invention] Another embodiment of a payment system according to the present invention relates to a payment system applicable to the case in which a called party, a service provider, is provided with a call center or computerized ordering system, as shown in FIG. 4. In this embodiment, an orderer, a calling party, makes a call to the call center or computerized ordering system and places an order. A procedure related to ordering or the transmission of payment information is performed between the call center, the payment server and the calling party. Further, if payment approval information is received from the computerized system of a specific payment institution, the payment server transmits additional calling party information and payment approval information to the called party's desired terminal, thus allowing the called party to output a corresponding receipt through his or her terminal. As described above, a process of authenticating an orderer and the call center in a payment server operated in
conjunction with the telephone network when the orderer places an order with the call center through a telephone network by telephone is described as follows. First, in response to the order from the orderer using a communication terminal, the call center requests the payment server to process payment through the telephone network. The payment server generates a random number in real time, and synchronizes the random number with the call center. Next, the payment server receives the payment information, encrypted using the random number, and call center identification information from the call center, and authenticates the call center using the received information. Next, the payment server requests the orderer' s terminal to input a payment password, and authenticates the orderer using the payment password received from the orderer' s terminal. In this case, it is preferable that all data transmitted or received through the network be transmitted or received after the data have been encrypted using a predetermined encryption algorithm. At this time, the calling party may make a call to the call center and place an order. Alternatively, a typical user who is a called party may place an order when the call center makes a call to the user and conducts telemarketing. Even in this case, the above procedure can be equally applied. In a further embodiment of the payment system
according to the present invention, as shown in FIG. 5, a user accesses a Web server 500 that provides service through the Internet, and places an order through the Web server. Accordingly, the Web server transmits information about the user and payment amount information to the payment server through the telephone network. The payment server, having received the information from the Web server, authenticates the user and the Web server, and transmits additional user information and payment approval information to the called terminal after payment has been completed by the user. In this case, information about the called terminal can be extracted from the database provided in the payment server through the procedure of authenticating the Web server. In yet another embodiment of the present invention, if a payment means selected by the calling party is a transfer payment method, the payment server can postpone a transfer from the calling party' s account to the called party's account by a certain period to enable cancellation by the calling party. Further, if a payment means selected by the calling party is a communication charge summation payment means, the payment server can postpone requesting the billing system of the telephone office to add a payment amount to communication charges by a certain period to enable cancellation by the calling party. Although the preferred embodiments of the present
invention have been disclosed for illustrative purposes, those skilled in the art will appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims. For example, in the embodiments of the present invention, information that must be input by a calling party to identify or authenticate the calling party, information that must be transmitted by a called terminal to a payment server to authenticate the called terminal, an encryption method for data to be transmitted or received, etc. must be variously modified and implemented to improve the efficiency of the system according to the present invention. Further, variations in these modifications and applications should be interpreted as being included in the scope of the present invention defined in the accompanying claims .
[industrial Applicability] According to the system of the present invention, a cash receipt can be issued even when ordering is conducted by telephone and deferred payment is made by cash. Further, in this case, an orderer can be rapidly issued a cash receipt without personally inputting a resident registration number or credit card number required to identify or authenticate the orderer. Further, according to the system of the present
invention, the orderer (corresponding to a calling party) can completely make payment while making ' a call for ordering, and a service provider (corresponding to a called party) can receive required information from the payment server and output receipts. The system of the present invention is advantageous in that, even when the orderer using a telephone pays in cash, a cash receipt can be output at' the time that a telephone conversation is terminated. In this case, the called party provides the output cash receipt to the orderer together with an ordered commodity at the time of delivering the ordered commodity. Further, the system of the present invention can not only dually encrypt all data when the data are transmitted or received, but also uses all encryption keys once and then discards the encryption keys, thus further improving security.
[Sequence List Text]