WO2016140476A1 - Dispositif permettant de décoder des données codées et procédé correspondant - Google Patents

Dispositif permettant de décoder des données codées et procédé correspondant Download PDF

Info

Publication number
WO2016140476A1
WO2016140476A1 PCT/KR2016/001992 KR2016001992W WO2016140476A1 WO 2016140476 A1 WO2016140476 A1 WO 2016140476A1 KR 2016001992 W KR2016001992 W KR 2016001992W WO 2016140476 A1 WO2016140476 A1 WO 2016140476A1
Authority
WO
WIPO (PCT)
Prior art keywords
decryption
encrypted data
payment
decoding
data
Prior art date
Application number
PCT/KR2016/001992
Other languages
English (en)
Korean (ko)
Inventor
김봉세
Original Assignee
김봉세
주식회사 페이서브
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 김봉세, 주식회사 페이서브 filed Critical 김봉세
Publication of WO2016140476A1 publication Critical patent/WO2016140476A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to an apparatus and method for decrypting encrypted data, and more particularly, to an apparatus and method capable of conveniently and efficiently decrypting encrypted data.
  • a payment is performed using a card payment terminal for card payment, and the payment terminal includes a decryption means such as a secure application module (SAM) to decrypt the encrypted data read from the card.
  • SAM secure application module
  • SAM has one to three SAM slots for accommodating a card having a program capable of decrypting therein, so that the card information having different decryption methods is different.
  • the payment terminal includes a decryption means therein, it is difficult to miniaturize and it is difficult to add a new payment method because it can drive a program for decryption limited to the provided SAM slot.
  • the present invention relates to an apparatus and a method for efficiently decrypting encrypted data.
  • the present invention also relates to an apparatus and a method for conveniently extending the means for decrypting encrypted data.
  • the present invention also relates to an apparatus and method for performing electronic payment by decrypting encrypted data.
  • the decryption apparatus includes a receiver for receiving at least one encrypted data having a different decryption method, a transmitter for transmitting decrypted data for the encrypted data, a plurality of decryptors for decrypting the encrypted data, and the encrypted data. And a controller configured to perform a decryption in a decryption unit capable of verifying and decrypting the encrypted data, wherein each of the plurality of decryption units is previously determined to correspond to each payment agency server that receives decryption data.
  • the decoded data transmitted to the payment agency server based on the information about the payment agency received from the terminal for transmitting the encrypted data to be decrypted in the decryption unit corresponding to the payment agency server, the control unit The plurality of decoders When a plurality of decryption units having the same encryption method are included and the receiver receives a plurality of encrypted data that is decrypted in the same manner, any one of traffic and payment agent fees of each decryption unit capable of decrypting the received encrypted data And a decryption unit for decrypting the received encrypted data based on the determination.
  • the controller may add a new decryption unit capable of decrypting the non-decryptable encrypted data when there is encrypted data that cannot be decrypted in the initially set decryption unit.
  • a plurality of decryption units that perform decryption in the server can be configured or extended, so that decryption can be efficiently and conveniently performed.
  • the server can drive the decryption unit in consideration of the traffic, the decryption can be quickly expanded.
  • FIG. 1 is a view showing the configuration of an electronic payment system according to an embodiment of the present invention.
  • FIG. 2 is a view showing the configuration of a terminal of the electronic payment system according to an embodiment of the present invention.
  • FIG 3 is a view showing the configuration of a server of the electronic payment system according to an embodiment of the present invention.
  • FIG. 4 is a diagram illustrating a configuration of a decryption unit of a server according to an embodiment of the present invention.
  • FIG. 5 is a flow chart for explaining the operation of the electronic payment system according to an embodiment of the present invention.
  • FIG. 6 is a flowchart illustrating a decryption operation of a server according to an embodiment of the present invention.
  • FIG. 1 is a view showing the configuration of an electronic payment system according to an embodiment of the present invention.
  • the electronic payment system of the present invention includes first to third terminals 100, 110, and 120, a server 130, and a payment institution server 140.
  • the first to third terminals 100, 110, and 120 transmit the encrypted data stored in the payment means to the server 130.
  • the first to third terminals 100, 110, and 120 read the card information from the card storing the encrypted card information and transmit the same to the server 130. do.
  • the first to third terminals 100, 110, and 120 may receive encrypted data for performing payment from an external terminal (not shown), and may transmit the received data to the server 130.
  • the encrypted data transmitted from the first to the third terminal (100, 110, 120) to the server 130 may have a different encryption or decryption scheme, for example, the first terminal 100 is a credit card, the second terminal 120 The traffic card, the third terminal 130 may lead to the card information encrypted in the cash card.
  • the first to third terminals 100, 110, and 120 may be configured as merchant terminals, smart phones, smart pads, or the like.
  • the server 130 decrypts the encrypted data received from the first to third terminals 100, 110, and 120 and transmits the decrypted data to the payment institution server 140.
  • the encrypted card information is decrypted and transmitted to the payment institution server 140.
  • the server 130 may process various decryption methods. For example, the server 130 may process various encrypted data even if the decryption methods of the encrypted data received from the first to third terminals 100, 110, and 120 are different.
  • the payment institution server 140 determines whether the payment is approved using the decrypted data received from the server 130, and transmits a message about whether the payment is approved to the server 130.
  • the server 130 transmits the decryption data and payment data such as payment amount, installment, signature information, etc. to the payment agency server (not shown), the payment agency server (not shown) is received from the server 130
  • the decrypted data may be transmitted to the payment institution server 140.
  • the payment agency server may receive a message on whether the payment approval from the payment institution server 140 and transmits to the server 130.
  • FIG. 2 is a view showing the configuration of the first terminal 100 of the electronic payment system according to an embodiment of the present invention.
  • the first terminal 100 is described, and the second and third terminals 110 and 120 may also include a configuration that is the same as or similar to that of the first terminal 100.
  • the first terminal 1 of the present invention includes an input unit 200, an output unit 210, a reader unit 220, a display unit 240, a transmitter 250, a receiver 260, and a controller. 230.
  • the input unit 200 receives data from a user, and the display unit 240 displays data, and the input unit 200 and the display unit 240 may be configured as a touch panel or a touch screen.
  • the output unit 210 outputs data and may be configured as a printer.
  • the receiver 260 receives data, and the transmitter 250 transmits data.
  • the transmitter 250 transmits encrypted data to the server 130, and the receiver 260 approves payment from the server 130. You can receive a message about whether or not.
  • the receiver 260 may receive encrypted data for performing payment from an external terminal (not shown), and the transmitter 250 may transmit the received encrypted data to the server 130.
  • the receiver 260 and the transmitter 250 are not only wired communication but also Bluetooth, Wi-Fi, WiBRO, Third Generation WCDMA, Long Term Evolution (LTE), and 4G ( Four Generation) It can communicate by various wireless communication methods such as communication method.
  • the reader 220 reads encrypted data for performing a payment from a payment means.
  • the reader 220 reads card information from a card that stores encrypted card information.
  • the controller 230 controls the first terminal 100 as a whole such that when the reader 220 reads the encrypted data, the encrypted data is transmitted to the server 130.
  • FIG. 3 is a diagram showing the configuration of the server 130 of the electronic payment system according to an embodiment of the present invention.
  • the server 130 of the present invention includes a receiver 300, a transmitter 310, a decoder 330, and a controller 320.
  • the receiver 300 receives data, and the transmitter 310 transmits data.
  • the receiver 300 receives encrypted data from the first to third terminals 100, 110, and 120, and the transmitter 310 encrypts the data.
  • the decoded data is transmitted to the payment institution server 140.
  • the receiver 300 and the transmitter 310 are not only wired communication but also Wi-Fi, WiBRO, 3G (Third Generation), WCDMA, Long Term Evolution (LTE) and 4G (Four Generation) communication.
  • the communication can be performed in various wireless communication methods such as.
  • the decryption unit 330 decrypts the encrypted data.
  • the decryption unit 330 may be configured as a SAM.
  • the decoder 330 may provide various decoding methods and may add a new decoding method.
  • the decoder 330 may be configured in hardware or programmed in software.
  • the controller 320 controls the server 130 of the present invention as a whole to decrypt the received encrypted data and transmit the decrypted data to the payment institution server 140.
  • the controller 320 examines the encrypted data and controls the decryption unit to decrypt the encrypted data, and each of the decryption units is each payment agency server to which the decrypted data is transmitted. It may be predetermined to correspond to. Therefore, the control unit 320 looks at the information on the payment agency received from the terminal that transmitted the encrypted data and controls the decryption unit to decode the encrypted data predetermined to correspond to the corresponding payment agency server.
  • control unit 320 includes a plurality of decryption units having the same decryption method, and when receiving a plurality of encrypted data that decrypts in the same manner, traffic and payment agent fees of each decryption unit capable of decrypting the received encrypted data.
  • the decryption unit which decrypts the received encrypted data based on any one of them is determined.
  • the traffic of each decoder may be monitored so that the traffic of any decoder is not increased, and the decryption may be performed in the decryption unit corresponding to the payment agency server that adds less payment agency fee in consideration of the payment agency fee. To control.
  • FIG. 4 is a diagram illustrating a configuration of the decryption unit 330 of the server 130 according to an embodiment of the present invention.
  • the decoder 330 of the server 130 of the present invention includes a sub decoder, and includes, for example, the first to fourth decoders 400, 410, 420, and 430.
  • the first to fourth decoders 400, 410, 420, and 430 may decode in the same manner or may decode in different ways. That is, the decoder 330 may include at least one sub decoder that performs decoding in the same manner, or may include at least one sub decoder that performs decoding in different ways.
  • the decryption method of the encrypted data is different, the first and second decryption units 400 and 410 read from the first card.
  • the decrypted encrypted data may be decrypted, and the third decryption unit 420 may decrypt the encrypted data read from the second card, and the fourth decryption unit 430 may decrypt the encrypted data read from the third card.
  • the sub-decoding unit 400, 410, 420, 430 decoding the data transmitted to the payment agent sub (not shown) and the payment agent sub (not shown) may be determined in advance.
  • the first decoder 400 may correspond to the first payment agent server (not shown)
  • the second decoder 410 may be predetermined to correspond to the second payment agent server (not shown).
  • the controller 320 transmits the data decoded by the first decoder 400 to the first payment agent server (not shown), and the data decoded by the second decoder 410 is the second payment agent server ( (Not shown).
  • the first and second payment agent servers (not shown) transmit the decrypted data to the payment institution server 140.
  • the terminals 100, 110, 120 and the sub decoders 400, 410, 420, 430 may also be predetermined.
  • the encrypted data transmitted from the first terminal 100 is decrypted by the first decryption unit 400
  • the encrypted data transmitted from the second terminal 110 is decrypted by the second decryption unit 410. May be performed.
  • the first and second terminals 100 and 110 transmit encrypted data
  • the first and second terminals 100 and 110 transmit information about the first and second payment agency (not shown), thereby encrypting the control unit 320 transmitted from the first terminal 100.
  • the data may be decrypted by the first decryption unit 400, and the encrypted data transmitted from the second terminal 110 may be decrypted by the second decryption unit 410.
  • the encrypted data transmitted from the first and second terminals 100 and 110 to the server 140 may have the same encryption or decryption method.
  • the control unit 320 is a sub decryption unit 400, 410, 420, 430 that can verify and decrypt the encrypted data in consideration of the traffic or payment agency fees in each sub decryption unit ) Can be decoded.
  • control unit 320 looks at the traffic of each decryption unit that can decrypt the received encrypted data and ensures that the traffic of each decryption unit is properly maintained. Can be controlled so as not to increase.
  • the controller 320 when a plurality of encrypted data to be decrypted in the same manner is received and there is only one sub-decryptor 400, 410, 420, and 430 capable of decrypting the received encrypted data, the controller 320 causes decryption of the encrypted data sequentially. .
  • the controller 320 may perform decryption simultaneously in each sub decryption unit or decryption in any one sub decryption unit. In this case, the control unit 320 may control the decoding operation in consideration of traffic or a payment agent fee in each sub decoding unit.
  • the control unit 320 may perform a first decryption. And decoding in the second decoding unit 400, 410 simultaneously, or in a sub-decoding unit having low traffic or low payment agency fee in consideration of traffic or payment agency fees of the first and second decoding units 400, 410.
  • a specific decoder can be specified to be performed.
  • a new fifth decryption unit 440 may be added to decrypt encrypted data that cannot be decrypted by the sub decryption units 400, 410, 420, and 430 initially set by the decryption unit 330. If the fifth decoder 440 is added, the controller 320 controls the first to fifth decoders 400, 410, 420, 430, and 440.
  • the fifth decoder 440 is added to include a peripheral component interconnect (PCI), a serial advanced technology attachment (SATA), and a universal USB (USB). serial bus)
  • PCI peripheral component interconnect
  • SATA serial advanced technology attachment
  • USB universal USB
  • the server 130 may be added in an extension method using resources, or may be added if necessary by having a separate expansion port (not shown) in the decoder 330.
  • the fifth decryption unit 440 when the fifth decryption unit 440 is added, the fifth decryption unit 440 by changing a specific PIN of the expansion port (not shown) to high (HI) or low (low) ) May be added or may be added, or the fifth decoder 440 may be added by forcibly turning on / off a DIP switch.
  • the fifth decoder 440 When available resources of the server 130 are limited or when it is difficult to add the fifth decoder 440 using an expansion port (not shown), the fifth decoder through communication methods such as Ethernet, 3G, LTE, WiBro, etc. 440 may be added.
  • the decryption unit 330 and the additional fifth decryption unit 440 may each include a physical security key that cannot be duplicated, and the decryption unit 330 and the fifth decryption unit 440 using the physical security key. Can recognize each other.
  • the physical security key may be a smart card technology used for IC credit cards, traffic cards, SIM cards, and the like.
  • the first to fifth decoders 400, 410, 420, 430, and 440 may include protocol information, and may output decoded data and protocol information after performing a decoding operation.
  • the control unit 330 performs the payment procedure according to the access information and the protocol standard of the payment institution server 140 with reference to the protocol information.
  • FIG. 5 is a flowchart illustrating the operation of the electronic payment system according to an embodiment of the present invention.
  • the first terminal 100 is described, but the second and third terminals 110 and 120 may be similarly or similarly applied.
  • the first terminal 100 transmits a reset signal to the server 130 (510).
  • the server 130 resets the decoder 330 in response to the reset signal in step 520 and transmits a reset response signal to the first terminal 100 in step 530.
  • the first terminal 100 transmits the encrypted data to the server 130 (540), and the server 130 decrypts the encrypted data (550).
  • the first terminal 100 transmits payment data such as payment amount, installment, signature information, etc. to the server 130 (560), the server 130 transmits the decrypted data and payment data to the payment institution server 140
  • the request for payment approval is sent to 570. If payment approval is determined, the payment institution server 140 transmits a response to the payment approval request to the server 130 (580), and the server 130 sends a response to the payment approval request to the first terminal 100. Transmit 590.
  • FIG. 6 is a flowchart illustrating a decryption operation of the server 130 according to an embodiment of the present invention.
  • the controller 320 determines whether the decryption method of the encrypted data is the same. If the decoding methods are the same (YES in 610), the control unit 320 determines whether there are a plurality of sub-decoding units 400, 410, 420, and 430 decoding in the same manner to the decoding unit 330. In step 640, the decoding is performed (640), and in the case of one (No of 620), the decoding is sequentially performed (650).
  • the controller 320 may control the decoding in each sub decoding unit in consideration of the traffic or the payment agent fee of each sub decoding unit. For example, when there is a plurality of sub-decryptors that decrypt in the same manner, when the traffic of any one of the sub-decryptors is high, the encrypted data decoded by the high-decryption sub-decryption unit is reduced and processed by another sub-decryptor with low traffic. To increase the encrypted data.
  • the controller 320 checks information on the payment agency (not shown) transmitted from the terminals 100, 110, and 120 and the payment agency (not shown).
  • the decoding may be performed by the predetermined sub decoding decoders 400, 410, 420, and 430 to correspond.
  • control unit 320 can look at the payment agency fees of each payment agency and may be decrypted in the decryption unit corresponding to the payment agency server with less payment agency fees.
  • the controller 320 causes decryption to be performed in a sub decryption unit capable of decrypting the encrypted data (630).
  • the decrypted data is transmitted to the payment institution server 140 (660).
  • the present invention can be used in an apparatus and method that can efficiently and conveniently extend the means for decrypting encrypted data.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention concerne un dispositif de décodage qui comprend : une unité de réception permettant de recevoir au moins un élément de données codées ayant différents procédés de décodage ; une unité de transmission permettant de transmettre des données de décodage sur les données codées ; une pluralité d'unités de décodage permettant de décoder les données codées ; et une unité de commande permettant de confirmer les données codées de sorte que le décodage est exécuté dans les unités de décodage capables de décoder les données codées, chacune de la pluralité d'unités de décodage est déterminée à l'avance de manière à correspondre à chaque serveur d'agence de paiement pour recevoir les données de décodage, l'unité de commande permet aux données de décodage transmises aux serveurs d'agences de paiement d'être décodées dans les unités de décodage correspondant aux serveurs d'agences de paiement sur la base d'informations relatives à l'agence de paiement et reçues en provenance d'un terminal qui transmet les données codées, et l'unité de commande comprend une pluralité d'unités de décodage ayant le même procédé de décodage.
PCT/KR2016/001992 2015-03-03 2016-02-29 Dispositif permettant de décoder des données codées et procédé correspondant WO2016140476A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR20150029523 2015-03-03
KR10-2015-0029523 2015-03-03

Publications (1)

Publication Number Publication Date
WO2016140476A1 true WO2016140476A1 (fr) 2016-09-09

Family

ID=56848098

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2016/001992 WO2016140476A1 (fr) 2015-03-03 2016-02-29 Dispositif permettant de décoder des données codées et procédé correspondant

Country Status (1)

Country Link
WO (1) WO2016140476A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20070117420A (ko) * 2006-06-08 2007-12-12 한국정보통신주식회사 결제방법 및 시스템과 이를 위한 프로그램 기록매체
KR20100071682A (ko) * 2008-12-19 2010-06-29 엘지전자 주식회사 보안 데이터 전달 장치
JP2013134708A (ja) * 2011-12-27 2013-07-08 Sumitomo Mitsui Banking Corp 支払処理方法およびその支払処理に用いる銀行サーバ
JP2013137633A (ja) * 2011-12-28 2013-07-11 Asahi Seiko Co Ltd クレジットカード決済システム
KR20140114638A (ko) * 2013-03-19 2014-09-29 주식회사 에이텍 카드 정보 처리장치 및 그 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20070117420A (ko) * 2006-06-08 2007-12-12 한국정보통신주식회사 결제방법 및 시스템과 이를 위한 프로그램 기록매체
KR20100071682A (ko) * 2008-12-19 2010-06-29 엘지전자 주식회사 보안 데이터 전달 장치
JP2013134708A (ja) * 2011-12-27 2013-07-08 Sumitomo Mitsui Banking Corp 支払処理方法およびその支払処理に用いる銀行サーバ
JP2013137633A (ja) * 2011-12-28 2013-07-11 Asahi Seiko Co Ltd クレジットカード決済システム
KR20140114638A (ko) * 2013-03-19 2014-09-29 주식회사 에이텍 카드 정보 처리장치 및 그 방법

Similar Documents

Publication Publication Date Title
US10970423B2 (en) Method and apparatus for securing KVM matrix
CN101098222B (zh) 无线通信系统、无线通信设备和在无线通信设备之间交换密钥的方法
WO2013100413A1 (fr) Système de paiement par carte de crédit de téléphone intelligent utilisant une prise écouteur, et procédé correspondant
CN107358441B (zh) 支付验证的方法、系统及移动设备和安全认证设备
CN203482199U (zh) 近场通信设备
CA2462673A1 (fr) Compatibilite entre des systemes et des procedes de gestion numerique de droits
US11159329B2 (en) Collaborative operating system
US20080235520A1 (en) Transportable, Configurable Data Carrier For Exchanging Data Between Electrical Devices, and Method Therefor
CN102947836B (zh) 存储设备、主机设备和使用双重加密方案在第一和第二存储设备之间传递密码的方法
CN103118032A (zh) 一种终端登录账号同步的方法、终端与服务器
US20110016310A1 (en) Secure serial interface with trusted platform module
WO2016085062A1 (fr) Procédé d'authentification par carte d'authentification nfc
WO2020116975A1 (fr) Système de sécurité d'accès utilisant une carte de sécurité et terminal mobile, et procédé de sécurité associé
CN110784386B (zh) 固件更新方法及相关设备
US20140223523A1 (en) System and method for nfc peer-to-peer authentication and secure data transfer
CN110598429B (zh) 数据加密存储和读取的方法、终端设备及存储介质
WO2020050584A1 (fr) Système et procédé permettant des transactions sécurisées avec un environnement d'exécution de confiance (tee)
CN103220148A (zh) 电子签名令牌响应操作请求的方法、系统和电子签名令牌
EP3429158A1 (fr) Procédé et appareil de communication sécurisée pour un véhicule, système multimédia de véhicule et véhicule
CN108734005B (zh) 一种安全/身份验证方法、移动设备及存储装置
WO2016076487A1 (fr) Dispositif de sécurité usb ayant un capteur d'empreinte digitale, une carte à puce et une carte mémoire insérables, et son procédé de sécurité
CN101208704A (zh) 用于保护包括多个设备的至少一个装置的完整性的安全系统及方法
CN104796266A (zh) 一种认证方法、装置及系统
WO2014098901A1 (fr) Composant actif incorporé à un câble
WO2014107060A1 (fr) Appareil de sécurisation de données mobiles et procédé pour celui-ci

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16759112

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16759112

Country of ref document: EP

Kind code of ref document: A1