WO2016080811A1 - 스마트멀티카드 및 스마트멀티카드용 카드데이터 발급방법 - Google Patents
스마트멀티카드 및 스마트멀티카드용 카드데이터 발급방법 Download PDFInfo
- Publication number
- WO2016080811A1 WO2016080811A1 PCT/KR2015/012564 KR2015012564W WO2016080811A1 WO 2016080811 A1 WO2016080811 A1 WO 2016080811A1 KR 2015012564 W KR2015012564 W KR 2015012564W WO 2016080811 A1 WO2016080811 A1 WO 2016080811A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- card
- data
- information
- encryption
- unit
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/352—Contactless payments by cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/357—Cards having a plurality of specified features
- G06Q20/3572—Multiple accounts on card
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
- G06Q20/40975—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
Definitions
- the present invention relates to a smart multi-card and smart multi-card card issuing method, and more particularly to a method for issuing and providing card data to the smart multi-card and smart multi-card to output the selected specific card data in a desired output method. It is about.
- a card that can be used by integrating various cards such as a debit card, a check card, a credit card, and a membership card.
- Among the various card data output means included in the smart multi-card is to provide a smart multi-card, outputting the card data through the output means desired by the user.
- the card data encrypted to prevent the actual card data is leaked to the outside when the card is issued through the wireless communication to the smart multi-card, and the data required to perform tokenization (ie, seed data) in order to increase security during payment
- tokenization ie, seed data
- card data issuing method for a smart multi-card.
- the smart multi-card stores one or more first encrypted data and seed data, wherein the first encrypted data is generated by first encrypting specific card information or substitute information corresponding to the card information.
- a first storage unit which is the data;
- a second storage unit for storing card-related data including storage location data in the first storage unit of specific first encrypted data and seed data;
- a user input unit configured to receive a user's manipulation to select one or more cards;
- a first controller configured to generate token data by performing second encryption on the first encryption data corresponding to the selected card by the seed data;
- a second controller requesting a first controller to provide the token data based on the storage location data corresponding to the selected card;
- a card data output unit configured to output the token data to the outside, wherein the card data output unit includes an IC chip, and the first control unit and the first storage unit are included in the IC chip.
- the wireless communication unit may further include a wireless communication unit configured to receive and transmit first encryption data and seed data corresponding to a specific card by performing data transmission and reception with the mobile terminal through wireless communication.
- the first encrypted data and the seed data may be requested to be stored in a specific storage location in the first storage unit.
- the first encryption data and the seed data may be received by the mobile terminal through a wireless communication from a card information management server and transferred to the smart multi-card.
- the wireless communication unit may transmit the first user authentication information, which is compared with the second user authentication information stored in the mobile terminal, to the mobile terminal, and the first user authentication information and the second user authentication information correspond to each other.
- the first encryption data and the seed data may be received from the mobile terminal.
- the card-related data may include card identification information, and may further include a display unit for visually displaying a screen of card identification information of the selected card.
- the seed data is different for each user or financial company
- the token data is transferred from the payment terminal to the financial company server after the second decoding is performed based on the seed data, the first decoding corresponding to the first encryption Is performed, it may be characterized in that the payment approval is determined.
- the second control unit may combine time data corresponding to a point in time at which the token data is received from the first control unit, to the token data, and the time data may be determined by the financial company server. It may be used to determine whether it falls within a specific time range from a time point corresponding to the time data.
- time data may be generated according to a specific random number generation rule in the second control unit.
- the card data output unit may further include a magnetic field generator configured to output the token data through the formation of a magnetic field including one or more magnetic cells, wherein the user input unit receives a selection of an output method of the token data from a user. It can be characterized.
- Smart card data issuing method according to another embodiment of the present invention, the step of receiving the card information of the real card held by the user from the mobile terminal; Requesting a financial institution server to generate substitute information matching the card information; And receiving the first encrypted data and the seed data generated by first encrypting the substitute information and transmitting the first encrypted data and the seed data directly to the smart multi-card or through the mobile terminal to the smart multi-card.
- Smart card data issuing method the step of receiving a new issuance request of a specific card from the mobile terminal; Requesting a financial institution server to provide the newly issued card information; And receiving the first encrypted data and the seed data generated by first encrypting the card information and directly transmitting the received encrypted data and the seed data to the smart multi-card or the smart multi-card through the mobile terminal.
- the user can easily enter a new card in the smart multi-card.
- the card information is encrypted and stored in the IC chip, it can be prevented from leaking to the outside.
- the first encrypted card data (that is, the first encrypted data) is transmitted and received through the wireless communication, it is possible to prevent the interception of the actual card data to be intercepted.
- the token data generated by encryption is performed at the time of payment, the actual card data can be prevented from being leaked during the payment.
- the financial company server determines whether the settlement approval is exceeded over a specific time range by combining time data, the transaction may not be approved because it is determined to be an abnormal transaction. Through this, it is effective to increase the security by introducing a maximum time range for payment approval.
- 1 is an internal configuration of a smart multi-card according to an embodiment of the present invention.
- FIG. 2 is an exemplary diagram of a smart multi card having an IC chip connector unit according to an embodiment of the present invention.
- FIG 3 is an exemplary view of a smart multi-card having a magnetic field generating unit and an IC chip connector according to an embodiment of the present invention.
- FIG. 4 is a flowchart illustrating a method for issuing card data for a smart multi-card when there is a real card according to an embodiment of the present invention.
- FIG. 5 is a flowchart illustrating a method for issuing card data for a smart multi-card when issuing a new card through a financial company server according to an embodiment of the present invention.
- FIG. 6 is a connection diagram of a smart multi-card, mobile terminal, card information management server and financial company server according to an embodiment of the present invention.
- the mobile terminal 100 refers to a terminal that can be used while the user moves. That is, the mobile terminal 100 may be a cellular phone, a personal communication service phone (PCS phone), a mobile terminal of a synchronous / asynchronous IMT-2000 (International Mobile Telecommunication-2000), or a palm PC (Palm). Personal computers, personal digital assistants, smart phones, WAP phones, wireless game protocao phones, mobile game consoles, tablet PCs, etc. May be included.
- the mobile terminal 100 may be represented as a mobile device.
- the card data means data provided to a payment terminal (or card reader) for payment or accumulation. That is, in the case of a general magnetic card, since the actual card number is provided to the card reader as it is, the actual card number may correspond to the card data. In addition, when the data output to the payment terminal is encrypted data, the card data may correspond to the encrypted data.
- the card data may be expressed as card information below.
- the first encrypted data is data generated by first encrypting specific card information or substitute information corresponding to the card information. That is, the first encryption data refers to data generated by applying a specific encryption rule (ie, performing the first encryption) to the actual card information (ie, card data) at the financial company server.
- a specific encryption rule ie, performing the first encryption
- Seed data in the present specification is data about a rule or algorithm used to perform encryption or tokenization in a card (eg, IC chip in a card).
- the token data refers to data obtained by encrypting card data (eg, actual card data or first encryption data) in the smart multi-card using seed data.
- card-related data means data related to a card other than card data used for payment or accumulation. That is, the card related data may include card identification information, card benefit information, and the like, and may also include storage location data of the card data.
- the smart multi-card 100 is a plate 110; Display unit 120; A user input unit 130; Control unit 140; Storage unit 150; Card data output unit 160; A wireless communication unit 170; Unlocking unit; And all or part of the insertion detecting unit.
- the components will be described in order.
- the smart multi-card 100 may include one or more card information in one card (that is, device), unlike the existing card that included only one card information in an IC (Integrated Circuit) chip in one card Corresponds to the card.
- the smart multi-card 100 is a card that can be loaded one or more of the stored one or more card information to perform payment or point accumulation.
- the plate 110 may be formed in a square plate shape, and the corner portion of the square plate shape may be rounded.
- the plate 110 may include a configuration of the smart multi card 100 such as the card data output unit 160 and the controller 140.
- Plate 110 may be made of a plastic or metal plate of a resilient material, such as a general card, it may be configured by stacking a number of layers.
- the plate 110 may be formed by molding a substrate on which the configuration of the smart multi-card 100 is disposed with a material of a specific material.
- the plate 110 may include a card data output unit 160 to be described later.
- the card data output unit 160 when the card data output unit 160 is an IC chip 162, the card data output unit 160 may be disposed to be exposed to the outside on one side of the front surface.
- the card data output unit 160 includes a magnetic field generating unit 161 for generating a magnetic signal (ie, a magnetic signal)
- the plate 110 formed on one side of the rear surface, more specifically, a rectangle 110. It may be arranged to be exposed to the outside on one side of the rear surface adjacent to one of the two long sides of the).
- the plate Built in the 110 may transmit a wireless communication signal corresponding to the card information to the outside.
- the plate 110 may be provided such that the insertion detecting unit described later in the direction continuous with one end of the magnetic field generating unit 161 (for example, the card reader insertion direction of the plate 110) is exposed to the outside.
- the front side of the plate 110 is provided with a display 120 and a user input unit 130 to be described later may be exposed to the outside.
- the inside of the plate 110 is a part of the configuration that is exposed to the outside, such as card data output unit 160, the insertion detection unit, the display unit 120, the user input unit 130 is built-in
- the control unit 140, an electric wiring (not shown), a memory (not shown), a power supply unit (not shown), and the like may be incorporated.
- the electrical wiring, when the plate 110 is composed of several layers, may be composed of a plurality of sheets between the layers of each plate 110, each of the layers of the plate 110 vias corresponding to the wiring passage ( Via Via).
- the user input unit 130 performs a function of receiving input data for controlling the operation of the smart multi-card 100 from the user.
- the user input unit 130 may include a key pad, a dome switch, a touch pad (constant voltage / capacitance), a jog wheel, a jog switch, and the like.
- a touch pad Constant voltage / capacitance
- a jog wheel a jog switch
- a touch screen when the touch pad forms a mutual layer structure with the display unit 120 to be described later, this may be referred to as a touch screen.
- the display unit 120 is provided at one side of the plate 110 to perform a function of visually displaying card-related data on a screen and providing the same to a user. That is, the display 120 performs a function of displaying the image or image data generated and provided by the controller 140.
- the card-related data may include card identification information such as a card image, a card name, a card company, and may include benefit information such as discount information of the card and interest-free installment information.
- the display unit 120 includes a liquid crystal display, a thin film transistor-liquid crystal display, an organic light-emitting diode, a flexible display, and an electronic paper (E).
- -paper may include at least one.
- two or more display units 120 may exist according to the implementation form of the multi-card.
- the display unit 120 may be provided in front and rear portions of the multi-card.
- the electronic paper is an electronic device that can feel the feeling of paper as it is and can act as a paper, also called e-paper.
- the electronic paper may be applied to various methods such as a method of making ink effect using a small ball or capsules and a paper effect by making a flat panel display such as a conventional liquid crystal display (LCD) thinner.
- LCD liquid crystal display
- the display unit 120 may be disposed on one side of the front surface of the plate 110.
- the display unit 120 may be disposed in an area which does not overlap the IC chip 162 disposed on one side of the front surface of the plate 110 and the magnetic field generator 161 disposed on one side of the rear surface of the plate 110. Through this, the display unit 120 may be prevented from being damaged when the magnetic field generating unit 161 performs a swiping in the magnetic card reader or when the multi-card is inserted into the IC card reader.
- the display unit 120 may be disposed at a position on the plate 110 adjacent to the user input unit (for example, the touch unit or the touch pad) so that the user may easily perform a touch operation while viewing the display unit 120. have.
- the display unit 120 When the display unit 120 and the touch sensor form a mutual layer structure (hereinafter, referred to as a touch screen), the display unit 120 may be used as an input device in addition to the output device.
- the touch screen may display a user interface (UI) screen of the card and receive an input operation for a position corresponding to the screen from the user.
- the touch screen may receive various input operations such as a touch operation, a slide operation, a swiping operation, a knock operation, and the like from a user.
- the card data output unit 160 performs a function of transmitting card information to perform payment or accumulation.
- the card data output unit 160 may correspond to various components that can transmit card information to an external card reader.
- the card data output unit 160 may include a magnetic field generator 161, an IC chip 162, and the like.
- some modules for example, NFC communication module, BLE communication module, etc.
- the wireless communication unit 170 to be described later may perform the function of the card data output unit 160 by transmitting the card data to the payment terminal. .
- the magnetic field generating unit 161 includes a magnetic cell which forms a magnetic field through current flow and outputs a card information magnetic signal.
- the magnetic field generator 161 may include at least one track. Each track may include a magnetic cell to generate a magnetic signal to provide to the header of the card reader.
- Magnetic cells may be configured in various forms. For example, single or multiple magnetic cells can be disposed on the track. In addition, the magnetic cells may have various arrangement directions. For example, the magnetic cell may be erected so that only a specific polarity is exposed to one side of the plate 110 (ie, in the magnetic signal output direction) when the magnetic field is generated.
- the magnetic cell may be disposed on one side of the specific plate 110 so that only a specific polarity according to the current direction is exposed in the magnetic signal output direction.
- the magnetic cells may be arranged such that both polarities are exposed in the magnetic signal output direction.
- the IC chip 162 may perform data exchange with the contact card reader. That is, the IC chip 162 is exposed to the outside of the plate 110, the connector portion which is in physical contact with the card reader to the outside, the contact when inserting the smart multi-card 100 into the contact card reader Direct data exchange can be performed by contacting the card contact portion of the card reader.
- the card data output unit 160 may output card data generated by the controller.
- the second control unit (the second control unit when the first control unit and the second control unit are separated to perform a function) uses the seed information as card information (particularly, the first encryption data).
- the card data output unit 160 may output the token data according to a request of a controller (or a first controller in the case of performing a function by separating the first controller and the second controller). Can be.
- the magnetic field generating unit 161 may output token data by causing the magnetic field direction of the one or more magnetic cells to change in time.
- the card data output unit 160 may increase security by outputting the second encrypted or tokenized data by the seed data.
- the smart multi-card 100 outputs the token data through the magnetic field generating unit 161, even if another person detects a change in the magnetic field, the card information (ie, card number, expiration date, CVC, etc.) cannot be confirmed. have.
- the controller 140 is provided in the plate 110 to perform an overall control function required for using a multi-card.
- the controller 140 performs a function of transferring card information to a specific card data output unit 160.
- the control unit 140 may generate card data corresponding to a card selected according to a user's manipulation of the user input unit. It can transmit to to generate a specific magnetic drive current signal.
- the controller 140 may generate a magnetic signal generated by the magnetic field generator 161 in time series by supplying or supplying a magnetic driving current signal. That is, the magnetic cell can adjust the direction of the magnetic field applied to the head of the card reader through the current control.
- the controller 140 may collectively control the current direction to generate the same polarity in the magnetic signal output direction (card reader header direction) in each magnetic cell.
- the controller 140 may generate a magnetic field change in the head of the card reader corresponding to each track by adjusting a magnetic driving current signal input for each track.
- the controller 140 may perform a function of generating information or a screen to be displayed on the display 120. That is, the controller 140 may generate a card UI screen and provide the card UI screen to the display 120. When the user can select or set a desired UI screen configuration, the controller 140 may generate a UI screen corresponding to the user's setting and provide the UI screen to the display 120.
- the controller 140 may receive an input operation from the user input unit 130, determine a corresponding operation, and perform a function of instructing the operation to be performed. Specifically, when the user input unit 130 is a touch screen combined with the display unit 120, the controller 140 determines the position of the input operation received by the touch screen, the type of the input operation or the type of the input operation. In this case, the corresponding control command can be determined. When an input operation is applied to the touch screen, the controller 140 may transfer card data of card information corresponding to the input operation to a specific card data output unit 160, and transmit card information corresponding to the input operation. A display screen may be generated and transferred to the touch screen.
- the controller 140 may include a first controller 141 and a second controller 142. That is, the first controller 141 and the second controller 142 may be performed by separating the functions of the controller 140.
- the first control unit 141 may perform a function of generating card data generated or output externally to perform a payment or storing card data at a specific location in the first storage unit.
- the second controller 142 may perform an overall operation for card control other than the operation performed by the first controller 141.
- the first control unit may be provided in the IC chip.
- the IC chip may have a COS operating system therein to serve as a first control unit. Looking at the function performed by the first control unit 141 in detail as follows.
- the first control unit 141 stores the card data in a specific storage location (for example, a stack which is a specific storage location of the first storage unit described later).
- the first controller 141 may receive a specific storage location from the second controller 142 and store card data in the corresponding location. For example, when the card data is the first encrypted data and the seed data, the first controller 141 combines the first encrypted data and the seed data together at a specific storage location in the first storage designated by the second controller 142. Can be stored.
- the second controller can load the memory when necessary without checking the card data.
- the first control unit 141 is a card data (for example, encryption) for a new card (for example, a card that the user holds as a newly issued card or a real card and wants to input to a smart multi card).
- Data and seed data may be stored in a specific storage space (eg, a first storage unit that is an electrically erasable programmable read-only memory (EEPROM) provided in an IC chip).
- EEPROM electrically erasable programmable read-only memory
- the first controller 141 may perform a function of generating card data as token data. That is, the first controller 141 may generate token data that can be output to the outside through the first encryption data stored therein through the second encryption using the seed data.
- token data is generated and output based on seed data, which is an algorithm that performs encryption
- seed data which is an algorithm that performs encryption
- the card information is not immediately exposed to the outside at the time of card payment, thereby improving security. That is, the seed data is different for each user or financial company, so that card information (for example, card number, CVC number, expiration date information, etc.) cannot be extracted from the token data from the outside, and the token data cannot be extracted from the payment terminal. Since the decryption is performed based on the same seed data transmitted and stored at 400, security may be enhanced.
- the financial company server 400 when generating token data using the first encryption data, the financial company server 400 must perform the first decryption corresponding to the first encryption and the second decryption corresponding to the tokenization (that is, the second encryption). Since the card information can be confirmed, security can be greatly enhanced.
- the financial company server 400 may determine whether the payment is approved based on the card information identified through the first decryption and the second decryption.
- the second controller may perform functions of the entire card except for the card data generation or storage function performed by the first controller.
- the second controller In order to output the card data to the card reader, the second controller detects a storage location where specific card data (eg, first encryption data and seed data) are stored, and based on the identified storage location, the first controller 141. ) Can be requested to provide card data.
- the second controller 142 may detect a selection operation input from the user input unit, select a specific card, and request the first controller 141 to load card data corresponding to the selected card.
- the second controller 142 may request the first controller to store the first encryption data and the seed data received through the wireless communication unit 170 in a specific storage location in the first storage unit.
- the second control unit 142 may transfer the card data provided from the first control unit to a selected specific card data output unit (for example, a contact portion or a magnetic field generating portion of the IC chip). That is, the smart multi-card 100 may be selected not only the card to be used through the user input unit 130, but also a specific output method (that is, one or more of one or more types of card data output unit), the selected card data output unit Card data (eg, token data) may be transmitted to 160.
- a selected specific card data output unit for example, a contact portion or a magnetic field generating portion of the IC chip.
- the second controller 142 may serve to combine time data corresponding to the point in time at which the token data is received from the first controller 141 to the token data.
- the time data may be used to determine whether the payment approval time of the financial company server 400 falls within a specific time range from a time point corresponding to the time data. That is, when the decryption is completed in the financial institution server 400 after a specific time elapses from the time when the token data is provided for payment from the first controller, it may be determined that the payment is abnormal and the payment is not approved. Through this, the time interval from the time of generating the token data for payment using the smart multi-card to the determination of the approval of the payment of the financial company server 400 is prevented from becoming large, thereby preventing the abnormal payment and enhancing the security. .
- time data may be generated according to a specific random number generation rule in the second control unit.
- the financial company server 400 or the card information management server 300 includes the same random number generation rule as that of the second controller so that the time corresponding to the specific random number can be determined. Through this, time data for improving security can be prevented from leaking to the outside.
- the storage unit 150 stores a plurality of card information and card data.
- the storage unit 150 may classify and store cards in order to allow a user to quickly and easily select a card.
- the smart multi card 100 may classify and store cards according to card types such as credit card classification, check card classification, point card classification, membership card classification, and the like, based on the frequency of card use or the card issuer. Can be sorted and stored.
- the storage 150 may store a program for the operation of the controller 140.
- the storage unit 150 may include a first storage unit 151 and a second storage unit 152.
- the first storage unit may perform a function of storing card data. That is, the first storage unit stores seed information necessary for performing tokenization (ie, second encryption) and card information (for example, information in which a card number, an expiration date, a CVC number, etc. are combined) provided from the outside is encrypted. Function can be performed.
- the first storage unit may correspond to an electrically erasable programmable read-only memory (EEPROM) in the IC chip.
- EEPROM electrically erasable programmable read-only memory
- the EEPROM in the IC chip is a system area that stores information necessary for operating a card and unique information, and an application file area that can be accessed through a COS corresponding to the first controller.
- the card data (eg, the first encryption data and the seed data) may be stored in an application file area in the EEPROM so that the card controller may access the card data when necessary.
- the second storage unit 142 may perform a function of storing data necessary for performing card overall. That is, the second storage unit may store card related data. For example, the second storage unit may store card-specific benefit data and card identification information (eg, card image, card name, etc.). In addition, the second storage unit may store the storage position data for each card data for requesting the card data by the second controller.
- card related data For example, the second storage unit may store card-specific benefit data and card identification information (eg, card image, card name, etc.).
- the second storage unit may store the storage position data for each card data for requesting the card data by the second controller.
- the first storage unit may store one or more first encryption data and seed data
- the second storage unit may be the specific of the first encryption data and the seed data
- the card-related data including the storage location data in the first storage unit may be stored.
- the wireless communication unit 170 is provided in the plate 110 and performs a function of transmitting card information to the outside through wireless communication. That is, the wireless communication unit 170 may perform a function of transmitting card data to a payment terminal (ie, card reader).
- a payment terminal ie, card reader
- the wireless communication unit 170 performs data transmission and reception with the mobile terminal 200 through wireless communication, so as to generate card data corresponding to a specific card (for example, seed data used to generate first encryption data and token data). Can be received. That is, the smart multi card 100 receives card data (for example, a combination of first encryption data and seed data) from the card information management server 300 through the mobile terminal 200 (for example, the mobile terminal). The card 200 may be received from the card information management server 300 through Wi-Fi, LTE cellular communication, etc., and the mobile terminal 200 may be transmitted to the smart multi-card through short-range wireless communication.
- card data for example, a combination of first encryption data and seed data
- the card 200 may be received from the card information management server 300 through Wi-Fi, LTE cellular communication, etc.
- the wireless communication unit 170 may perform a function of receiving user authentication information from the mobile terminal 200. That is, the wireless communication unit 170 may receive information (ie, first user authentication information) for performing user authentication when receiving new card information from the mobile terminal 200 later.
- the user authentication information may correspond to biometric information such as fingerprint information of the user, and may correspond to various information for identifying the user.
- the wireless communication unit 170 transmits the first user authentication information to be compared with the second user authentication information stored in the mobile terminal 200 to the mobile terminal 200, and the first user authentication information and When the second user authentication information matches, the first encryption data and the seed data may be received from the mobile terminal 200. That is, the smart multi card 100 compares user authentication information when receiving new card information from the mobile terminal 200 and checks whether it corresponds to a device of the same user, and if it corresponds to a device of the same user, the mobile terminal ( New card data may be received in accordance with the approval of 200).
- Short-range communication technology used in the wireless communication unit including Bluetooth, BLE (Bluetooth Low Energy), Beacon, Radio Frequency Identification (RFID), Infrared Data Association (IrDA), Ultra Wideband (UWB), ZigBee, Near Field Communication (NFC), and the like may be used.
- the wireless communication unit receives the new card information and transmits the new card information to the control unit 140, and the control unit 140 performs information processing and stores the information in the memory.
- the insertion detecting unit may recognize card insertion in the card reader.
- the insertion detecting unit may include a pressure sensor to detect whether the card is inserted into the IC card reader.
- a pressure sensor is attached to one side of the smart multi card (for example, a short side adjacent to the IC chip), and the smart multi card is inserted into the IC card reader so that the side with the pressure sensor is located inside the card reader. If it contacts the side, it can be determined that the card is inserted.
- the insertion detecting unit may be disposed at a specific position on the plate 110 through which the header of the card reader passes.
- the pressure sensor is disposed above or below the magnetic field generating unit 161, so that when the card is inserted, pressure may be applied to the pressure sensor by the head. That is, when a header is inserted between the header and one side of the card reader while the header is in contact with one side of the card reader, and the header presses the card, the card recognizes the insertion in the card reader and can supply power to the magnetic cell. have.
- the insertion detecting unit is provided at a position adjacent to the end of the magnetic field generating unit 161, and the magnetic field generating unit 161 when the card is moved in the card reader. ) May detect the contact of the head before it is recognized by the head. Through this, the multi-card can start to generate a magnetic signal when the card reading starts to reduce the power consumption.
- the insertion detecting unit may detect the insertion in the card reader by receiving the electrical signal according to the exchange of the card information magnetic signal with the header of the card reader from the magnetic field generating unit 161. That is, the magnetic cell of the magnetic field generating unit 161 serves as an inductive sensor, and detects the magnetic field change between the card reader header and transmits the card information.
- the insertion detecting unit may utilize a pressure sensor and an inductive sensor together. This prevents malfunction due to pressure applied to the pressure sensor by a configuration other than the header of the card reader, and magnetic field changes in the magnetic cell by an object in which a magnetic field change other than the header of the card reader occurs. It can prevent the malfunction caused by the detection.
- the unlocking unit is provided on one surface of the plate 110 and performs a function of receiving an unlocking operation for activating a touch manipulation function of the touch unit. That is, when the user wishes to perform a multi-card operation, the user may activate the touch operation function by operating the unlocking unit before the touch unit operation or together with the touch unit operation. For example, the touch unit may activate a touch manipulation function only while an unlock operation for the unlocking unit is input from the user. Accordingly, it is possible to prevent the unintended touch manipulation from being input through the touch unit.
- the unlocking unit may be provided as a button or a touch sensor (for example, a body contact sensor). That is, when a user wants to input a touch manipulation, when a user presses a button with a specific finger or touches a finger on the touch sensor, the touch manipulation function may be activated.
- a touch sensor for example, a body contact sensor
- the unlocking unit may further include a fingerprint recognition module configured to receive fingerprint information of the user.
- the touch manipulation function may be activated. That is, the fingerprint recognition module may receive fingerprint information when the user's finger is touched and determine whether the touch manipulation function or the entire function of the multi card is activated by determining whether the fingerprint information matches the user's fingerprint information stored in the multi card. Through this, it is possible to prevent someone other than the card owner from randomly manipulating the card or performing a payment.
- FIG. 4 is a flowchart illustrating a method for issuing card data for a smart multi-card when there is a real card according to an embodiment of the present invention.
- Smart card data issuing method the step of receiving the card information of the real card held by the user from the mobile terminal (200) (S100); Requesting the financial institution server 400 to generate substitute information matching the card information (S110); And receiving first encrypted data and seed data generated by first encrypting the substitute information and transmitting the first encrypted data and seed data directly to the smart multi-card or transmitting to the smart multi-card through the mobile terminal 200 (S120).
- S100 the step of receiving the card information of the real card held by the user from the mobile terminal (200)
- a method of issuing card data for a smart multi-card according to an embodiment of the present invention will be described in order.
- the card information management server 300 receives the card information of the real card held by the user from the mobile terminal 200 (S100).
- the user can directly input information such as card number, CVC number, expiration date, etc. directly to the mobile terminal 200 to transmit the card information of the real card to the card information management server 300, the real card to the mobile terminal 200
- By taking a picture of the card information of the real card through OCR or image recognition, etc. may be transmitted to the card information management server 300.
- the card information management server 300 requests the financial company server 400 to generate substitute information matching the card information (S110). Since the real card already exists, the card information management server 300 may request the financial company server 400 to assign an alternative number corresponding to the card number of the real card.
- the card information management server 300 receives the first encryption data and the seed data generated by first encrypting the substitute information and directly transmits the data to the smart multi-card or through the mobile terminal 200 to the smart multi-card ( S120). That is, the card information management server 300 may request the financial company server 400 to provide the alternative number by performing the first encryption, and to perform the tokenization (that is, the second encryption) within the smart multi-card. You can request the provision of the required seed data. When the card information is transmitted through wireless communication, the card information may be intercepted during transmission. Therefore, the card information management server 300 may complete the first encryption of the card information from the financial institution server 400 (that is, the first encryption). Data).
- the card information management server 300 may transmit the first encryption data and the seed data together to the smart multi card.
- the card information management server 300 may directly transmit card data to the smart multi card.
- the card information management server 300 transfers the card data to the mobile terminal 200 through wireless communication.
- the mobile terminal 200 may transmit card data to the smart multi-card through wireless communication such as NFC and BLE.
- FIG. 5 is a flowchart illustrating a method for issuing card data for a smart multi-card when issuing a new card through the financial company server 400 according to an exemplary embodiment of the present invention.
- Smart card data issuing method the step of receiving a new issuance request of a specific card from the mobile terminal (200) (S200); Requesting the financial institution server 400 to provide the newly issued card information (S210); And receiving the first encrypted data and the seed data generated by first encrypting the card information and transmitting the received first encryption data and the seed data directly to the smart multi-card or through the mobile terminal 200 to the smart multi-card (S220).
- S200 mobile terminal
- S210 Requesting the financial institution server 400 to provide the newly issued card information
- the card information management server 300 receives a new issuance request of a specific card from the mobile terminal 200 (S200). The user may apply for issuance of a specific new card through an application installed in the mobile terminal 200.
- the card information management server 300 requests the financial company server 400 to provide the newly issued card information (S210). That is, the card information management server 300 may request the financial company server 400 to issue the card requested by the user. At this time, the card information management server 300 may transmit not only the card identification information for the card company, the card name, etc., but also the user identification information requesting the card issuance.
- the card information management server 300 receives the first encryption data and the seed data generated by first encrypting the card information and directly transmits the data to the smart multi-card or transmits the data to the smart multi-card through the mobile terminal 200. (S220). That is, the card information management server 300 may request the financial company server 400 to provide the first encryption of the card information such as the card number and provide the token information (ie, the second encryption) in the smart multi-card. You can request the provision of seed data needed to perform When the card information is transmitted through wireless communication, the card information may be intercepted during transmission. Therefore, the card information management server 300 may complete the first encryption of the card information from the financial institution server 400 (that is, the first encryption). Data).
- the card information management server 300 may transmit the first encryption data and the seed data together to the smart multi card.
- the card information management server 300 may directly transmit card data to the smart multi card.
- the card information management server 300 transfers the card data to the mobile terminal 200 through wireless communication.
- the mobile terminal 200 may transmit card data to the smart multi-card through wireless communication such as NFC and BLE.
- the user can easily enter a new card in the smart multi-card.
- the card information is encrypted and stored in the IC chip, it can be prevented from leaking to the outside.
- the first encrypted card data (that is, the first encrypted data) is transmitted and received through the wireless communication, it is possible to prevent the interception of the actual card data to be intercepted.
- the token data generated by encryption is performed at the time of payment, the actual card data can be prevented from being leaked during the payment.
- the financial company server determines whether the settlement approval is exceeded over a specific time range by combining time data, the transaction may not be approved because it is determined to be an abnormal transaction. Through this, it is effective to increase the security by introducing a maximum time range for payment approval.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Networks & Wireless Communication (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
Claims (11)
- 하나 이상의 제1암호화데이터 및 시드데이터를 저장하되, 상기 제1암호화데이터는 특정한 카드정보 또는 상기 카드정보에 대응하는 대체정보를 제1암호화하여 생성된 데이터인, 제1저장부;특정한 제1암호화데이터 및 시드데이터의 상기 제1저장부 내 저장위치데이터를 포함하는 카드관련데이터를 저장하는 제2저장부;하나 이상의 카드 중에서 선택을 위해 사용자의 조작을 입력받는 사용자입력부;선택된 카드에 대응하는 제1암호화데이터를 시드데이터에 의해 제2암호화를 수행하여 토큰데이터를 생성하는 제1제어부;상기 선택된 카드에 상응하는 상기 저장위치데이터를 바탕으로 상기 토큰데이터의 제공을 제1제어부에 요청하는 제2제어부; 및상기 토큰데이터를 외부로 출력하는 카드데이터출력부;를 포함하며,상기 카드데이터출력부는 IC칩을 포함하며,상기 제1제어부 및 상기 제1저장부는 상기 IC칩 내에 포함되는, 스마트멀티카드.
- 제1항에 있어서,무선통신을 통해 이동단말기와의 데이터 송수신을 수행하여 특정한 카드에 대응하는 제1암호화데이터 및 시드데이터를 수신하는 무선통신부;를 더 포함하고,상기 제2제어부는,상기 무선통신부를 통해 수신하는 상기 제1암호화데이터 및 상기 시드데이터를 제1저장부 내 특정한 저장위치에 저장을 요청하는, 스마트멀티카드.
- 제2항에 있어서,상기 제1암호화데이터 및 시드데이터는,상기 이동단말기가 카드정보관리서버로부터 무선통신으로 수신하여 상기 스마트멀티카드로 전달하는 것을 특징으로 하는, 스마트멀티카드.
- 제2항에 있어서,상기 무선통신부는,상기 이동단말기에 저장된 제2사용자인증정보와 비교 수행되는 제1사용자인증정보를 상기 이동단말기로 전송하며,상기 제1사용자인증정보와 상기 제2사용자인증정보가 일치하는 경우, 상기 이동단말기로부터 상기 제1암호화데이터 및 상기 시드데이터를 수신하는, 스마트멀티카드.
- 제1항에 있어서,상기 카드관련데이터는 카드식별정보를 포함하고,상기 선택된 카드의 카드식별정보를 화면을 시각적으로 표시하는 디스플레이부;를 더 포함하는, 스마트멀티카드.
- 제1항에 있어서,상기 시드데이터는 사용자별 또는 금융사별로 상이하며,상기 토큰데이터는,결제단말기로부터 금융사서버로 전달되어 상기 시드데이터를 바탕으로 제2복호화가 수행된 후, 상기 제1암호화에 대응하는 제1복호화가 수행되어, 결제승인여부가 판단되는 것을 특징으로 하는, 스마트멀티카드.
- 제1항에 있어서,상기 제2제어부는,상기 토큰데이터를 상기 제1제어부로부터 전달받는 시점에 상응하는 시간데이터를 상기 토큰데이터에 결합하는 것을 특징으로 하며,상기 시간데이터는,금융사서버의 결제승인여부 판단시점이 상기 시간데이터에 상응하는 시점으로부터 특정시간범위 내에 해당하는지 여부 판단에 사용되는 것을 특징으로 하는, 스마트멀티카드.
- 제7항에 있어서,상기 시간데이터는,상기 제2제어부 내의 특정한 난수생성 규칙에 따라 생성되는, 스마트멀티카드.
- 제1항에 있어서,상기 카드데이터출력부는,하나 이상의 자기셀을 포함하여 자기장 형성을 통해 상기 토큰데이터를 출력하는 자장발생부;를 더 포함하고,상기 사용자입력부는,사용자로부터 상기 토큰데이터의 출력방식을 선택받는 것을 특징으로 하는, 스마트멀티카드.
- 카드정보관리서버가 스마트멀티카드 내에 저장되는 카드데이터를 발급하는 방법에 있어서,이동단말기로부터 사용자가 보유한 실물카드의 카드정보를 수신하는 단계;상기 카드정보에 매칭되는 대체정보의 생성을 금융사서버에 요청하는 단계; 및상기 대체정보를 제1암호화하여 생성된 제1암호화데이터 및 시드데이터를 수신하여 상기 스마트멀티카드로 직접 전송하거나 상기 이동단말기를 통해 상기 스마트멀티카드로 전송하는 단계;를 포함하는, 스마트멀티카드용 카드데이터 발급방법.
- 카드정보관리서버가 스마트멀티카드 내에 저장되는 카드데이터를 발급하는 방법에 있어서,이동단말기로부터 특정한 카드의 신규발급 요청을 수신하는 단계;상기 신규발급 요청된 카드정보 제공을 금융사서버에 요청하는 단계; 및상기 카드정보를 제1암호화하여 생성된 제1암호화데이터 및 시드데이터를 수신하여 상기 스마트멀티카드로 직접 전송하거나 상기 이동단말기를 통해 상기 스마트멀티카드로 전송하는 단계;를 포함하는, 스마트멀티카드용 카드데이터 발급방법.
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP15861451.1A EP3223220A4 (en) | 2014-11-20 | 2015-11-20 | Smart multi card, and method for issuing card data for smart multi card |
US15/528,286 US20170364906A1 (en) | 2014-11-20 | 2015-11-20 | Smart multi card, and method for issuing card data for smart multi card |
JP2017527308A JP2018506093A (ja) | 2014-11-20 | 2015-11-20 | スマートマルチカードおよびスマートマルチカード用カードデータ発行方法 |
Applications Claiming Priority (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR20140162789 | 2014-11-20 | ||
KR20140162793 | 2014-11-20 | ||
KR10-2014-0162793 | 2014-11-20 | ||
KR10-2014-0162789 | 2014-11-20 | ||
KR10-2015-0163488 | 2015-11-20 | ||
KR1020150163488A KR101728523B1 (ko) | 2014-11-20 | 2015-11-20 | 스마트멀티카드 및 스마트멀티카드용 카드데이터 발급방법 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2016080811A1 true WO2016080811A1 (ko) | 2016-05-26 |
Family
ID=56014251
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2015/012564 WO2016080811A1 (ko) | 2014-11-20 | 2015-11-20 | 스마트멀티카드 및 스마트멀티카드용 카드데이터 발급방법 |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2016080811A1 (ko) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115314421A (zh) * | 2022-10-08 | 2022-11-08 | 北京国安广传网络科技有限公司 | 基于网络智慧平台的量化管理系统 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20060019114A (ko) * | 2004-08-26 | 2006-03-03 | 주식회사 하렉스인포텍 | 다수 발급사를 지원하는 ic칩 카드 발급/서비스 방법 및그 시스템 |
JP2011002883A (ja) * | 2009-06-16 | 2011-01-06 | Saitama Univ | 多機能icカード及びカードシステム |
US20130030997A1 (en) * | 2010-03-02 | 2013-01-31 | Spodak Douglas A | Portable e-wallet and universal card |
US20140084059A1 (en) * | 2011-05-11 | 2014-03-27 | Joseph Sierchio | Universal interactive smart card device |
US20140279555A1 (en) * | 2013-03-14 | 2014-09-18 | Nagraid Security, Inc. | Dynamically allocated security code system for smart debt and credit cards |
-
2015
- 2015-11-20 WO PCT/KR2015/012564 patent/WO2016080811A1/ko active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20060019114A (ko) * | 2004-08-26 | 2006-03-03 | 주식회사 하렉스인포텍 | 다수 발급사를 지원하는 ic칩 카드 발급/서비스 방법 및그 시스템 |
JP2011002883A (ja) * | 2009-06-16 | 2011-01-06 | Saitama Univ | 多機能icカード及びカードシステム |
US20130030997A1 (en) * | 2010-03-02 | 2013-01-31 | Spodak Douglas A | Portable e-wallet and universal card |
US20140084059A1 (en) * | 2011-05-11 | 2014-03-27 | Joseph Sierchio | Universal interactive smart card device |
US20140279555A1 (en) * | 2013-03-14 | 2014-09-18 | Nagraid Security, Inc. | Dynamically allocated security code system for smart debt and credit cards |
Non-Patent Citations (1)
Title |
---|
See also references of EP3223220A4 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115314421A (zh) * | 2022-10-08 | 2022-11-08 | 北京国安广传网络科技有限公司 | 基于网络智慧平台的量化管理系统 |
CN115314421B (zh) * | 2022-10-08 | 2022-12-23 | 北京国安广传网络科技有限公司 | 基于网络智慧平台的量化管理系统 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA3059245C (en) | Point of sale device with switchable internal connection roles | |
CN101454818B (zh) | 电子纸记录装置 | |
KR20160060596A (ko) | 스마트멀티카드 및 스마트멀티카드용 카드데이터 발급방법 | |
US11321694B2 (en) | Tamper detection using ITO touch screen traces | |
US20170213119A1 (en) | Multi-smartcard | |
US10089621B2 (en) | Data support with tan-generator and display | |
US20170289127A1 (en) | Smart data cards that enable the performance of various functions upon activation/authentication by a user's fingerprint, oncard pin number entry, and/or by facial recognition of the user, or by facial recognition of a user alone, including an automated changing security number that is displayed on a screen on a card's surface following an authenticated biometric match | |
US9881434B2 (en) | Intelligent portable object comprising graphical personalization data | |
KR101773376B1 (ko) | 스마트 카드 및 그 제어 방법 및 스마트 카드 충전기 및 스마트 카드 리더기 | |
CN115715397A (zh) | 具有用户可信纽带的多用智能卡 | |
WO2016080811A1 (ko) | 스마트멀티카드 및 스마트멀티카드용 카드데이터 발급방법 | |
WO2018008804A1 (ko) | 스마트 카드를 이용한 결제 방법 | |
WO2012129953A1 (zh) | 一种具有显示功能的ic卡 | |
KR20170121086A (ko) | 스마트 카드 및 그 제어 방법 및 스마트 카드 충전기 및 스마트 카드 리더기 | |
WO2018155912A1 (ko) | 스마트 멀티 카드의 제어 방법 및 이러한 방법을 사용하는 스마트 멀티 카드 | |
WO2016010327A1 (ko) | 멀티스마트카드 | |
WO2018155911A1 (ko) | 스마트 멀티 카드의 충전 방법 및 이러한 방법을 수행하는 충전 크래들 | |
KR20180097460A (ko) | 스마트 멀티 카드의 제어 방법 및 이러한 방법을 사용하는 스마트 멀티 카드 | |
WO2018216977A1 (ko) | 스마트카드 | |
WO2017119785A1 (ko) | 압력 값을 포함하는 싸인 정보를 이용한 본인 인증 처리 방법 및 이를 수행하는 애플리케이션 | |
KR102499625B1 (ko) | 지문입력부를 포함하는 멀티 카드 및 이를 이용한 결제 방법 | |
KR20160145298A (ko) | 이동단말기 결합형 멀티카드 | |
KR101405363B1 (ko) | 터치형 보안매체 | |
WO2016010324A1 (ko) | 멀티 마그네틱 카드 | |
WO2020213778A1 (ko) | 결제 서비스 제공 방법, 장치 및 시스템 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15861451 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2017527308 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 15528286 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
REEP | Request for entry into the european phase |
Ref document number: 2015861451 Country of ref document: EP |