WO2018117455A1 - Procédé permettant de créer et de mettre au rebut une carte virtuelle dynamique - Google Patents

Procédé permettant de créer et de mettre au rebut une carte virtuelle dynamique Download PDF

Info

Publication number
WO2018117455A1
WO2018117455A1 PCT/KR2017/013657 KR2017013657W WO2018117455A1 WO 2018117455 A1 WO2018117455 A1 WO 2018117455A1 KR 2017013657 W KR2017013657 W KR 2017013657W WO 2018117455 A1 WO2018117455 A1 WO 2018117455A1
Authority
WO
WIPO (PCT)
Prior art keywords
module
platform
virtual card
dynamic virtual
security
Prior art date
Application number
PCT/KR2017/013657
Other languages
English (en)
Korean (ko)
Inventor
김진호
김경욱
Original Assignee
주식회사 한국스마트카드
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 한국스마트카드 filed Critical 주식회사 한국스마트카드
Priority to JP2019552436A priority Critical patent/JP6840861B2/ja
Priority to MYPI2019002738A priority patent/MY196388A/en
Publication of WO2018117455A1 publication Critical patent/WO2018117455A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/351Virtual cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • G06Q20/027Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP] involving a payment switch or gateway
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/388Payment protocols; Details thereof using mutual authentication without cards, e.g. challenge-response

Definitions

  • the present invention provides a card provided as hardware as a virtual card, and relates to a method of generating and discarding a dynamic virtual card for dynamically generating and discarding the virtual card.
  • the present invention relates to a distributed installation method of a virtual card platform for the dynamic virtual card in a server and a mobile device.
  • Mobile cards are used for transportation cards, payment of goods / services, identification, points accumulation and use.
  • an independent security device eg, USIM, IC Chip
  • USIM universal mobile subscriber Identity
  • IC Chip integrated circuit
  • 1 is a view for explaining a conventional mobile card service.
  • the payment application 11 running on the card platform 12 of the security device 10 is generally secured.
  • the security device 10 may be installed in a mobile device such as, for example, a smartphone.
  • the mobile device and the security device may be operated by operating systems that are distinct from each other, and user applications that are distinguished from each other may be installed in the mobile device and the security device.
  • a payment application 11 is installed in the security device 10 mounted on the mobile device, and transaction authentication calculated through data and security keys stored locally in the payment application 11.
  • the transaction can be made through the process of transmitting the code to the terminal application.
  • the payment application 11 may receive a financial card by receiving and storing static data from a payment management server (not shown) existing on the network.
  • a payment management server not shown
  • the payment application 11 receives a transaction request from the payment terminal 20
  • the payment application 11 performs a transaction using the stored static data, and stores transaction history information in a storage of the payment application 11 as necessary.
  • the issued financial card can be used.
  • the issued payment application 11 may be used for a payment or charging transaction in an offline form not connected to the payment management server.
  • a business agreement between an IC card owner (eg, a carrier) and the payment application provider is usually used. Should be. And it is common for the payment application provider to be delegated the technical authority of the physical security device from the IC card holder.
  • This business consensus procedure has a business problem that the payment application provider must be subordinated to the IC card holder (communication company) in spreading the service provided by the payment application provider.
  • the physical security device since the physical security device has a small memory space, the types of applications that can be installed may be limited.
  • the physical security device has a structure without a network function independently. Therefore, the payment application once issued as described above is used for payment or charging transactions in an offline form that is not connected to the payment management server, so it is difficult to control a lost or stolen IC card. That is, a lost or stolen IC card can be used alone without control of the management server, so there is a risk that it can be stolen.
  • a method of distributing and installing a dynamic virtual card platform including a plurality of functional modules by using a plurality of devices capable of mutual communication. That is, the dynamic virtual card platform to be effectively operated in the mobile device is dynamically generated and discarded in a separate server, and accordingly, the server and the mobile device are organically determined to be valid, and the dynamic card platform between the mobile device and the server is generated. If you want to provide a way to run a card application or discard a dynamically created platform.
  • a method for distributing and installing a dynamic virtual card platform including a plurality of functional modules by using a plurality of devices capable of mutual communication.
  • the method comprises the steps of: a platform updating step of updating, by a first device, a first functional module constituting a dynamic virtual card platform to operate effectively and a second functional module associated with the first functional module, and the first device;
  • a platform distributed installation step may include storing the updated first function module in the first device and providing only a second function module of the first function module and the second function module to a remote security module. Can be.
  • the first functional module may include an ISD module
  • the second functional module may include an APSD module.
  • the first device further comprises the step of receiving a request for financial settlement preparation from the third device, wherein the platform update step is performed every time the request is received, 3
  • the device and the security module may be configured to communicate with each other.
  • the first device is a server
  • the security module is a security device capable of communicating with the third device or a module implemented by software in the third device, in the distributed platform installation step
  • the second The functional module may be provided to the security module using wired or wireless communication between the first device and the third device.
  • the dynamic virtual card generating method may include: a platform updating step of updating, by a first device, a first functional module constituting a dynamic virtual card platform that operates effectively and a second functional module associated with the first functional module;
  • the first device stores the updated first functional module in the first device, and distributed platform installation step of providing only the second functional module of the first functional module and the second functional module to a remote security module
  • a payment application distributed installation step of storing the updated value storage module only in the first device and providing the updated relay module to the security module.
  • the relay module may be configured to perform a function of relaying the third device communicating with the security module to perform a payment transaction
  • the updated dynamic virtual card platform may be invalidated when the payment transaction is performed. Can be.
  • the first device before the platform update step and the payment application update step, the first device further includes receiving a request for financial settlement preparation from the third device, wherein the platform update step and the payment application update step May be performed each time the request is received.
  • the updating of the payment application may include: dividing the updated relay module into a plurality of segments, generating an electronic signature value from the plurality of segments, and generating one or more keys of the plurality of segments. And encrypting the encrypted plurality of segments, wherein the distributed installation of the payment application includes providing the scrambled information to the security module, wherein the one or more keys are provided. And the digital signature value may be provided to the security module.
  • the security module descrambling the scrambled information, decrypting the descrambled information using the one or more keys, verifying the decrypted information by using the digital signature value And installing the relay module in the security module using the verified decrypted information.
  • a server for distributing and installing a dynamic virtual card platform including a plurality of functional modules.
  • the server is configured to perform a platform update step of updating a first functional module constituting a dynamic virtual card platform that operates effectively and a second functional module associated with the first functional module.
  • the platform may be configured to perform a platform distributed installation step of storing a first function module in the server and providing only a second function module of the first function module and the second function module to a remote security module.
  • the first functional module may include an ISD module
  • the second functional module may include an APSD module.
  • the server is further configured to receive a request for financial settlement preparation from a third device, wherein the platform update step is performed every time the request is received.
  • the device and the security module may be configured to communicate with each other.
  • the present invention can easily manage the applications installed on the dynamic virtual card platform, it can be easily installed applications of various purposes.
  • the application data for the dynamic virtual card can be freely updated through the network.
  • the dependency between the physical security device owner and the provider of the application installed on the dynamic virtual card platform can be eliminated.
  • 1 is a view for explaining a conventional mobile card service.
  • FIG. 2 is a view for explaining a mobile card service according to an embodiment of the present invention.
  • FIG. 3 is a flowchart illustrating providing a mobile card service according to an embodiment of the present invention.
  • FIG. 4 is a view embodying the embodiment of FIG.
  • FIG. 5 is a flowchart illustrating the steps performed after updating the relay module in the cloud server according to an embodiment of the present invention.
  • FIG. 6 is a flowchart illustrating a process performed when a relay module is received by a mobile device according to an embodiment of the present invention.
  • FIG. 2 is a view for explaining a mobile card service according to an embodiment of the present invention.
  • the mobile card service may refer to a service for virtually providing a financial card to a mobile device such as a smart phone, and performing the charging / payment using the financial card by cooperating with the financial card and the mobile device.
  • the mobile device may be performed by any one of a separate charging / payment device initiates a request for a financial activity to the other, and the other responds to the mobile card service.
  • the system for providing a mobile card service may include a charging / payment device 20, a cloud server 30, and a mobile device 40.
  • the mobile device 40 may include an operating system for the mobile device 40 and a UX / UI application 41 running on the operating system.
  • the security module 42 may be installed in the mobile device 40.
  • the mobile device 40 and the security module 42 may be independent computing devices.
  • the security module may be provided using a conventional SE (Secure Element).
  • the security module 42 may be a module executed as software in the mobile device 40.
  • the UX / UI application 41 may be, for example, an application that a user of the mobile device 40 actually uses to make a payment through the mobile device.
  • the payment application 11 and the card platform 12 described above in FIG. 1 may be distributed and located in the cloud server 30 and the security module 42 as shown in FIG. 2. That is, in the related art, if the payment application 11 is installed only in the security module 42, in the present invention, the payment application 11 is stored in the cloud server 30 and the security module 42 in the value storage module 32, respectively. And it may be installed divided into a relay module (52).
  • the card platform according to the present invention may be referred to as a 'dynamic virtual card platform' because the conventional card platform is installed in a plurality of devices (servers and mobile devices) through a network.
  • the dynamic virtual card platform may be referred to as a 'dynamic virtual card platform' because it can be updated every time a financial transaction request is made.
  • the dynamic virtual card platform 12 is disassembled into the first function module 31 and the second function module 51 and provided.
  • the first functional module 31 and the second functional module 51 may be distributed and installed in the cloud server 30 and the security module 42, respectively.
  • the dynamic virtual card 1 may be made by combining the payment application 11 and the dynamic virtual card platform 12. Since the payment application 11 is also installed in a plurality of devices (server and mobile device) through a network, the payment application according to the present invention may be referred to as a 'dynamic virtual payment application.' The dynamic virtual payment application may be referred to as a 'dynamic virtual payment application' because it may be updated whenever there is a financial transaction request in an embodiment of the present invention.
  • the cloud server 30 and the mobile device 40 may be connected to each other through a network to exchange information.
  • the relay module 51 may store the value storage module 31. It may perform a function of relaying to perform a payment transaction with the charging / payment device 20 using the financial value stored in.
  • the mobile device 40 is implemented to help the data exchange between the security module 42 and the cloud server 30, and to help the data exchange between the charging / payment device 20 and the security module 42.
  • This role may be implemented by the UX / UI APP 41.
  • the UX / UI APP 41 may be provided by a person providing the dynamic virtual payment application 11.
  • the actual financial transaction is made between the dynamic virtual card 1 and the charging / payment device 20, and the mobile device 40 may provide a communication function for the financial transaction.
  • the first functional module 32 includes, for example, an Issuer Security Domain (ISD)
  • the second functional module 52 includes, for example, an Application Provider Security Domain (APSD), a Certificate Authority Security Domain (CASD), And a user authentication framework (UAF).
  • ISD Issuer Security Domain
  • APID Application Provider Security Domain
  • SCD Certificate Authority Security Domain
  • UAF user authentication framework
  • FIG. 3 is a flowchart illustrating providing a mobile card service according to an embodiment of the present invention.
  • the UI application 41 of the mobile device 40 may request a financial settlement preparation from the cloud server 30.
  • Various functions of the UI application 41 may be activated by a user of the mobile device 40 through a user interface of the mobile device 40.
  • the financial settlement preparation request may be caused, for example, by the user of the mobile device 40 accessing the charging / payment device 20 to activate the UI application 41 for financial settlement.
  • step S20 the cloud server 40 updates the first function module and the second function module associated with the first function module constituting the operative dynamic virtual card platform 12. Can be.
  • the dynamic virtual card platform 12 defined by the first functional module and the second functional module is updated.
  • the dynamic virtual card platform 12 may be updated whenever the UI application 41 requests the financial settlement preparation.
  • the cloud server 40 may store the updated first function module in the cloud server 30.
  • the cloud server 40 may transmit the updated second function module to the security module 42 of the mobile device 40 through a wired / wireless network.
  • the mobile device 40 may provide a wired / wireless network communication function for the security module 42.
  • the cloud server 40 is a value storage module 31 constituting a dynamic virtual payment application 11 that operates in the dynamic virtual card platform 12 and a relay module associated with the value storage module. (51) can be updated.
  • the value storage module may be a Cloud Tmoney TM
  • the relay module may be a Tmoney Agent TM .
  • the dynamic virtual payment application 11 defined by the value storage module 31 and the relay module 51 is updated.
  • the dynamic virtual payment application 11 may be updated whenever the UI application 41 requests the financial settlement preparation.
  • the cloud server 40 may store the updated value storage module 31 in the cloud server 30.
  • the cloud server 40 may transmit the updated relay module 51 to the security module 42 of the mobile device 40 through a wired / wireless network.
  • the mobile device 40 may provide a wired / wireless network communication function for the security module 42.
  • step S60 the updated and provided relay module 51 may be installed in the security module 42 of the mobile device 40.
  • Controlling 20 may cause a financial transaction between the dynamic virtual card and the charging / payment device 20.
  • the triggering of the financial transaction may be made by the dynamic virtual card or the UI application or the mobile device 40.
  • step S70 when the oil trading is triggered, the first function module and the second function module constituting the dynamic virtual card platform 12 are verified, and the value storage constituting the dynamic virtual payment application is stored.
  • the consistency between the module and the relay module can be verified. The reason for verifying the consistency is that each time the card platform and payment application is updated, each module corresponding to a different mapping value is paired and dynamically generated.
  • the verification of the integrity may be made by the cloud server or the dynamic virtual card or the UI application, for this purpose, communication between the mobile device 40 and the cloud server 30 may be maintained.
  • the cloud server may be physically implemented by one server or by a plurality of distinct devices.
  • the dynamic virtual card may perform the payment between the value storage module and the charging / payment device through the relay module.
  • step S90 if the payment is successfully completed or the payment has been confirmed by the cloud server 30, the cloud server 30, the updated first functional module of the cloud server 30 and You can remove the value store module.
  • step S91 if the payment is successfully completed or the payment has been confirmed by the security module 42, the security module 42, the updated second functional module of the security module 42 and The relay module can be removed.
  • all the updated modules constituting the dynamic virtual card may be discarded after one payment transaction process succeeds or fails. That is, whenever the financial settlement preparation request is requested as in step S10, all the modules constituting the virtual card, that is, the dynamic virtual card, may be updated.
  • the updated dynamic virtual card may be removed after the payment transaction process is performed once as in steps S90 and S91.
  • the above description may mean that a dynamic virtual card is dynamically generated whenever a financial settlement preparation request is requested (every time a card is requested), and the dynamic virtual card program ends when the transaction is terminated.
  • FIG. 4 is a diagram embodying the embodiment of FIG. 3.
  • the cloud server 30 may include a service application server 35, a payment management unit 36, and a dynamic virtual card platform management unit 37.
  • the mobile device 40 may include a UI application 41 and a security module 42.
  • the UI application 41 may be configured to select a type of transportation such as one-time pass, commuter pass, cloud t-money, t-money pay, and mobile t-money.
  • the UI application 41 may transmit a service subscription and / or card activation request to the service application server of the cloud server 30.
  • the payment application unit 35 and the dynamic virtual card platform manager 37 may request to activate the cloud tmoney.
  • the payment management unit 36 and the dynamic virtual card platform management unit 37 may generate a dynamic virtual card.
  • the cloud Tmoney 31 corresponding to the value storage module and the ISD module of the card platform may be stored in the server, and the Tmoney agent 51 corresponding to the relay module and the APSD of the card platform. , CASD, and UAF modules may be stored in the security module 42 of the mobile device 40.
  • the payment management unit 36 and the dynamic virtual card platform management unit 37 receives the activation request, the payment management unit 36 may create an account and personalize the Tmoney agent.
  • the dynamic virtual card platform management unit 37 may personalize each security domain (SD) module and the UAF module.
  • SD security domain
  • the source code of the T-money agent and each of the security domain (APSD, CASD) modules and the UAF modules are different from each other, and may be encrypted and scrambled and transmitted to the security device of the mobile device.
  • the security device may be used for transactions after descrambling and decrypting modules encrypted and scrambled in memory at the time of application execution.
  • Cloud T-money 31 and T-money agent 51 corresponding to the payment application, and ISD, APSD, CASD, and UAF corresponding to the card platform may function as one virtual card 1.
  • the account and security information for generating the dynamic virtual card is stored in the cloud server, the ID and non-security information for accessing the account may be stored in the mobile device.
  • payment may be performed through the cloud T-money 31 using the T-money agent 51.
  • FIG. 5 is a flowchart illustrating the steps performed after updating the relay module in the cloud server according to an embodiment of the present invention. That is, FIG. 5 is a flowchart illustrating a process performed between step S40 and step S51 of FIG. 3.
  • the updated relay module may be divided into a plurality of segments.
  • an electronic signature value may be generated using the plurality of segments.
  • the plurality of segments may be encrypted using one or more keys.
  • the encrypted plurality of segments may be scrambled.
  • the scrambled information, information on the one or more keys used, and the generated electronic signature value may be transmitted to the security module 42 of the mobile device 40.
  • FIG. 6 is a flowchart illustrating a process performed when a relay module is received by a mobile device according to an embodiment of the present invention. That is, FIG. 6 is a flowchart illustrating a process performed in step S60 of FIG. 3.
  • the security device may receive scrambled information, information on one or more keys, and an electronic signature value from the cloud server.
  • step S210 the scrambled information may be restored to its original arrangement.
  • the restored descrambling information may be decrypted using the information on the one or more keys.
  • the information decoded by operation S220 may be verified using the digital signature value.
  • the relay module may be installed using the verified decoded information.
  • the dynamic virtual card platform described in the present invention may be an OS for the dynamic virtual card.
  • the dynamic virtual payment application may be an application program operating on the dynamic virtual card platform.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Stored Programmes (AREA)

Abstract

La présente invention concerne un procédé permettant d'installer de manière répartie une plate-forme de carte virtuelle dynamique, comprenant une pluralité de modules de fonction, en utilisant une pluralité de dispositifs capables d'une communication mutuelle, le procédé consistant : à effectuer une mise à jour de plate-forme permettant de mettre à jour un premier module de fonction, constituant une plate-forme de carte virtuelle dynamique dans laquelle un premier dispositif fonctionne de manière efficace, et un second module de fonction associé au premier module de fonction ; à stocker le premier module de fonction mis à jour uniquement dans le premier dispositif ; et à fournir, à un second dispositif situé à un site distant, le second module de fonction mis à jour, ce qui permet d'installer de manière répartie la plate-forme.
PCT/KR2017/013657 2016-12-21 2017-11-28 Procédé permettant de créer et de mettre au rebut une carte virtuelle dynamique WO2018117455A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2019552436A JP6840861B2 (ja) 2016-12-21 2017-11-28 動的仮想カードの生成及び廃棄方法
MYPI2019002738A MY196388A (en) 2016-12-21 2017-11-28 Method for Creating and Discarding Dynamic Virtual Card

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2016-0176093 2016-12-21
KR1020160176093A KR101798059B1 (ko) 2016-12-21 2016-12-21 동적가상카드의 생성 및 폐기 방법

Publications (1)

Publication Number Publication Date
WO2018117455A1 true WO2018117455A1 (fr) 2018-06-28

Family

ID=60806682

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2017/013657 WO2018117455A1 (fr) 2016-12-21 2017-11-28 Procédé permettant de créer et de mettre au rebut une carte virtuelle dynamique

Country Status (5)

Country Link
JP (1) JP6840861B2 (fr)
KR (1) KR101798059B1 (fr)
CN (1) CN108229957B (fr)
MY (1) MY196388A (fr)
WO (1) WO2018117455A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20110082888A (ko) * 2010-01-12 2011-07-20 에스케이 텔레콤주식회사 통합 결제 서비스 장치 및 방법, 통합 결제 서비스 서버, 이를 위한 클라이언트 단말 및 스마트 카드
KR20140099325A (ko) * 2011-12-20 2014-08-11 애플 인크. 글로벌 플랫폼 규격을 사용하는 발행자 보안 도메인에 대한 키 관리 시스템 및 방법
KR101560720B1 (ko) * 2015-03-24 2015-10-16 주식회사지니 암호화된 결제 정보를 이용한 결제 처리 시스템 및 그 방법
KR20150137380A (ko) * 2014-05-29 2015-12-09 삼성에스디에스 주식회사 결제 인증 서버 및 이를 이용한 모바일 결제 시스템과 방법
KR20160097892A (ko) * 2015-02-10 2016-08-18 한국전자통신연구원 가상화 기반의 보안 서비스 제공 장치 및 제공 방법

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004054738A (ja) * 2002-07-23 2004-02-19 Hitachi Software Eng Co Ltd バーチャルカードシステム
US9881297B2 (en) * 2008-11-14 2018-01-30 Mastercard International Incorporated Methods and systems for secure mobile device initiated payments using generated image data
WO2011073734A1 (fr) * 2009-12-18 2011-06-23 Nxp B.V. Mode protegé pour des cartes intelligentes compatibles avec une plateforme globale
JP5763780B2 (ja) * 2010-12-06 2015-08-12 インターデイジタル パテント ホールディングス インコーポレイテッド ドメイン信頼評価機能およびドメインポリシー管理機能を有するスマートカード
CN106157013B (zh) * 2015-04-13 2019-08-30 中国电信股份有限公司 支付终端、机具、服务器、系统及支付处理方法
CN105719391B (zh) * 2016-01-10 2019-03-05 深圳市可秉资产管理合伙企业(有限合伙) 支持多个支付卡的移动装置和方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20110082888A (ko) * 2010-01-12 2011-07-20 에스케이 텔레콤주식회사 통합 결제 서비스 장치 및 방법, 통합 결제 서비스 서버, 이를 위한 클라이언트 단말 및 스마트 카드
KR20140099325A (ko) * 2011-12-20 2014-08-11 애플 인크. 글로벌 플랫폼 규격을 사용하는 발행자 보안 도메인에 대한 키 관리 시스템 및 방법
KR20150137380A (ko) * 2014-05-29 2015-12-09 삼성에스디에스 주식회사 결제 인증 서버 및 이를 이용한 모바일 결제 시스템과 방법
KR20160097892A (ko) * 2015-02-10 2016-08-18 한국전자통신연구원 가상화 기반의 보안 서비스 제공 장치 및 제공 방법
KR101560720B1 (ko) * 2015-03-24 2015-10-16 주식회사지니 암호화된 결제 정보를 이용한 결제 처리 시스템 및 그 방법

Also Published As

Publication number Publication date
JP6840861B2 (ja) 2021-03-10
JP2020501291A (ja) 2020-01-16
CN108229957A (zh) 2018-06-29
KR101798059B1 (ko) 2017-11-16
MY196388A (en) 2023-03-28
CN108229957B (zh) 2019-11-26

Similar Documents

Publication Publication Date Title
KR101979586B1 (ko) 블록 체인 기반으로 관리되는 사물 인터넷 디바이스 및 그 시스템 및 방법
WO2020013381A1 (fr) Dispositif de portefeuille en ligne et son procédé de création et de vérification
WO2019074326A1 (fr) Procédé et appareil de paiement hors ligne sécurisé
US8417964B2 (en) Software module management device and program
WO2017119564A1 (fr) Système et procédé de transmission d'informations sécurisées pour une authentification d'identité personnelle
KR101292503B1 (ko) 컴퓨터에 대한 장치의 바인딩
JP5895252B2 (ja) 端末ユーザ識別情報モジュールを接続した通信端末を保護する方法
CN101951420B (zh) 管理域的方法和设备
JP4252034B2 (ja) 携帯可能なリソースモジュールのリソースを管理するシステム及び方法
CN106936588B (zh) 一种硬件控制锁的托管方法、装置及系统
WO2018124856A1 (fr) Procédé et terminal d'authentification d'un utilisateur au moyen d'un id mobile grâce à une base de données de chaînes de blocs, et serveur utilisant le procédé et le terminal
CN107197041A (zh) 一种安全云计算系统
US9443067B1 (en) System for the distribution and deployment of applications, with provisions for security and policy conformance
CN110334531B (zh) 虚拟机密钥的管理方法、主节点、系统、存储介质及装置
US11848931B2 (en) Delegated authentication to certificate authorities
WO2014084608A1 (fr) Procédé et système de gestion d'élément sécurisé
JP2005117207A (ja) Icカードを用いたサービスの認証方法およびシステム
CN102984045A (zh) 虚拟专用网的接入方法及虚拟专用网客户端
WO2015069028A1 (fr) Authentification multicanal, procédé de transfert financier et système utilisant un terminal de communication mobile
US20130036160A1 (en) License issuing system, client terminal, server, and license issuing method
WO2020045826A1 (fr) Dispositif électronique pour traiter une clé numérique et son procédé de fonctionnement
CN101291220A (zh) 一种身份安全认证的系统、装置及方法
WO2019022585A1 (fr) Système de paiement et procédé de paiement pour valider directement un utilisateur après qu'une société de carte a reçu une demande de paiement
WO2018117455A1 (fr) Procédé permettant de créer et de mettre au rebut une carte virtuelle dynamique
CN104517070A (zh) 双系统计算机及其实现方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17884834

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2019552436

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17884834

Country of ref document: EP

Kind code of ref document: A1