WO2019031666A1 - 가상카드번호를 생성하는 스마트카드, 스마트카드 기반의 가상카드번호 제공방법 및 프로그램 - Google Patents
가상카드번호를 생성하는 스마트카드, 스마트카드 기반의 가상카드번호 제공방법 및 프로그램 Download PDFInfo
- Publication number
- WO2019031666A1 WO2019031666A1 PCT/KR2018/000868 KR2018000868W WO2019031666A1 WO 2019031666 A1 WO2019031666 A1 WO 2019031666A1 KR 2018000868 W KR2018000868 W KR 2018000868W WO 2019031666 A1 WO2019031666 A1 WO 2019031666A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- card number
- virtual card
- virtual
- code
- count
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
Definitions
- the present invention relates to a smart card for generating a virtual card number, a method for providing a virtual card number based on a smart card, and a program.
- Code type data is used in many areas.
- the IPIN number and the resident registration number for user identification are code type data.
- the present invention provides a smart card, a smart card, and a smart card for generating a virtual card number that prevents a financial transaction from proceeding because a mobile phone can not generate a usable virtual card number even if another person intercepts data provided in real- A card-based virtual card number providing method and program.
- a method for providing a virtual card number based on a smart card includes the steps of: receiving a virtual card number provision request according to a user's activation of a smart card; Synchronizing the time of the encryption algorithm with the smart card; Wherein the virtual card number generation module generates a virtual card number, wherein the virtual card number is generated for each unit count by a virtual card number generation function; Wherein the virtual card number generation module generates the virtual card number as an encrypted code based on a synchronized encryption algorithm; And the virtual card number generation module transmits the encryption code to the smart card, wherein the virtual card number generation module is included in an application installed in the mobile terminal and is included in the virtual card number verification server And the same virtual card number generation function, wherein the unit count is set at a specific time interval and is changed as the time interval elapses.
- the virtual card number generating step may include: generating the plurality of detailed codes by the plurality of detailed code generating functions; And generating a virtual card number by combining the plurality of detailed codes with the detailed code combination function by the virtual card number generation module, wherein the detailed code generation function and the detailed code combination function are generated by combining the virtual card number
- the plurality of detailed codes comprises a first code for setting a starting point of a storage location search; And a second code for setting a search path from the start point to the storage position in accordance with a specific search method.
- the encryption algorithm is characterized in that the encryption rule is matched for each time.
- the method further includes generating the virtual security code using the virtual security code generation function, wherein the virtual security code includes a time value and a card security And the detailed code generation function generates each detailed code using the virtual security code.
- the virtual card number generation module may acquire an identification value of the smart card at the time of registering the smart card, wherein the encryption code generation step includes: Generating a one-time code for code conversion using the time data; And converting the virtual card number into an encrypted code by applying a conversion pattern corresponding to the one-time code for code conversion.
- a method for providing a virtual card number based on a smart card is characterized in that a first virtual card number generation module generates a virtual security code using a time value and a card security code of an actual card number, Wherein the security code is a specific number of one-time codes; And the first virtual card number generation module transmits the virtual security code to the smart card, wherein the first virtual card number generation module is included in an application installed in the mobile terminal, The second virtual card number generation module generates a plurality of detailed codes corresponding to the unit count for which the virtual card number generation is requested using the virtual security code, And outputs the virtual card number to the outside.
- the unit count is set at a specific time interval, and is changed as the time interval elapses.
- the first virtual card number generation module receives the virtual card number provision request according to the activation of the smart card of the user.
- the plurality of detailed codes may include: a first code generated based on a first count; And a second code generated based on a second count, wherein the first count is the number of unit counts elapsed from the initial time when the virtual card number generation function is activated in the virtual card number verification server, The count is a unit count number elapsed from the time when a specific user's actual card number is issued and the second virtual card number generation module applies the virtual security code as the count count elapsed from the second count or the current time .
- the virtual security code is used when the virtual card number verification server confirms whether the virtual card number transmitted through the smart card is normally generated.
- the first virtual card number generation module receives a smart card registration request from a user; The first virtual card number generation module receiving an identification value of the smart card from a user; And providing the installation data to the smart card by the first virtual card number generation module, wherein the installation data includes a second virtual card number generation module.
- the virtual card number is generated by combining a fixed code and a plurality of detailed codes according to a specific rule, and the fixed code is coupled to a predetermined position in the virtual card number, It is a code for determining the card company or card type corresponding to the card number.
- a method of providing a virtual card number based on a smart card includes: receiving a virtual security code from a first virtual card number generation module by a second virtual card number generation module; The second virtual card number generating module generating a plurality of detailed codes by a plurality of detailed code generating functions; Generating a virtual card number by combining the plurality of detailed codes by the second virtual card number generating module with a detailed code combining function; And outputting a virtual card number through an output means included in the smart card, wherein the virtual card number is generated for each unit count by a virtual card number generating function, Wherein the virtual card number generation function includes the detailed code generation function and the detailed code combination function, the first virtual card number generation module is included in an application installed in a mobile terminal interlocked with the smart card, The virtual card number generation module includes a virtual card number generation function that is the same as that included in the virtual card number verification server and is installed in the smart card by the installation data provided from the application to the smart card, Is set at a
- the plurality of detailed codes may include: a first code generated based on a first count; And a second code generated based on a second count, wherein the first count is the number of unit counts elapsed from the initial time when the virtual card number generation function is activated in the virtual card number verification server, Wherein the count is a unit count number elapsed from a point of time when a specific user's actual card number is issued and the detailed code generating step applies the virtual security code as the count count elapsed from the second count or the current time point do.
- the smart card-based virtual card number providing program executes the above-mentioned smart card-based virtual card number providing method in combination with hardware, and is stored in the medium.
- a smart card for generating a virtual card number includes a virtual security code receiving unit for receiving a virtual security code from a mobile terminal; A detailed code generation unit for generating a plurality of detailed codes based on the virtual security code; A virtual card number generator for generating a virtual card number by combining the plurality of detailed codes; And a virtual card number providing unit for outputting the virtual card number to the outside in order to provide the virtual card number to the virtual card number verification server.
- the virtual card number is generated differently for each unit count by the virtual card number generating function, Wherein the unit count is set at a specific time interval and is changed as the time interval elapses, the virtual card number generation function includes the detailed code generation function and the detailed code combination function, A first code generated based on a first count; And a second code generated based on a second count, wherein the first count is the number of unit counts elapsed from the initial time when the virtual card number generation function is activated in the virtual card number verification server, The count is a unit count number elapsed from the time when a specific card number of a specific user is issued and the detailed code generation unit applies the virtual security code as the count count elapsed from the second count or the current time .
- the process of generating a virtual card number may be divided into a smart card and an application in a mobile terminal, or an application may encrypt a virtual card number provided to a smart card based on a special encryption algorithm between the smart card and the application, And data that is exchanged between the application and the application is stolen, it is not possible for another person to generate or restore the virtual card number, thereby preventing financial accidents.
- a user can perform a financial transaction based on a virtual card number while maintaining the same usability as a payment using a general card.
- FIG. 1 is a block diagram of a system for providing a virtual card number based on a smart card according to an embodiment of the present invention.
- FIG. 2 is a system configuration diagram between a mobile terminal and a smart card according to an embodiment of the present invention.
- FIG. 3 is a flowchart of a method of providing a virtual card number based on a smart card according to an embodiment of the present invention.
- FIG. 4 is a flowchart illustrating a process of generating a virtual card number according to an embodiment of the present invention.
- FIG. 5 is a flowchart of a smart card-based virtual card number providing method for generating a virtual card number based on a virtual security code according to an embodiment of the present invention.
- FIG. 6 is a flowchart of a smart card-based virtual card number providing method for converting a virtual card number into an encrypted code by using a one-time code for code conversion generated based on a smart card identification value according to an embodiment of the present invention.
- FIG. 7 is a system configuration diagram between a mobile terminal and a smart card according to another embodiment of the present invention.
- FIG. 8 is a flowchart of a method of providing a virtual card number based on a smart card according to another embodiment of the present invention.
- FIG. 9 is a diagram illustrating a process of generating a virtual card number by applying a virtual security code to a second count according to an embodiment of the present invention.
- FIG. 10 is a flowchart of a smart card-based virtual card number providing method, further including a process of receiving a virtual card number providing request according to an activation of a smart card according to an embodiment of the present invention.
- FIG. 11 is a flow chart of a method of providing a smart card-based virtual card number, further comprising the step of providing installation data of a second virtual card number generation module to a smart card through a smart card registration process according to an embodiment of the present invention. to be.
- FIG. 12 is a flowchart of a method for providing a virtual card number based on a smart card according to another embodiment of the present invention.
- FIG. 13 is an internal configuration diagram of a smart card for generating a virtual card number according to an embodiment of the present invention.
- facial transaction means a procedure to be performed with a financial institution. 'Financial transactions' include payment of cards and withdrawals from bank accounts.
- " As used herein, the term " letter " includes all or some of upper-case alphabetic characters, lower-case alphabetic characters, numerals, and special characters.
- 'code' means a character string.
- a 'card number' is used for financial transactions such as settlement, and is a number assigned to a card and transmitted to a credit card company in a situation such as settlement or payment cancellation.
- 'actual card number' is a number assigned to a specific user's card by the card company. That is, 'actual card number' means a number assigned to a general physical card, a mobile card, and the like.
- 'virtual card number' is a card number temporarily generated to be connected to an actual card number, and is a specific number of digits composed of letters including numbers.
- 'detailed code' means some code included in the virtual card number. That is, when a virtual card number is generated by combining a plurality of separately generated codes, the detailed code means an individual code that is separately generated and constitutes a virtual card number. That is, the virtual card number is generated by combining a plurality of detailed codes according to a specific rule.
- the 'unit count' is a unit defined as a specific time interval, which is changed as the time interval elapses.
- a specific time interval e.g. 1.5 seconds.
- the 'virtual card number generation function' means a function used to generate a virtual card number.
- the 'detailed code generation function' refers to a function for generating each detail code constituting the virtual card number.
- the 'detailed code combining function' means a function for generating a virtual card number by combining or combining a plurality of detailed codes.
- the 'detailed code combining function' generates a virtual card number by combining not only the detailed code but also other codes together when the code includes a code other than the detailed code (for example, a fixed code).
- 'smart card' means a card capable of changing the card number and outputting it.
- " virtual security code "
- virtual security code " means a specific number of one-time codes used for generating a virtual card number (particularly, detailed code).
- the term 'mobile terminal' as used herein encompasses various devices capable of performing computational processing to provide results to a user.
- the computer may be a smart phone, a tablet PC, a cellular phone, a personal communication service phone (PCS phone), a synchronous / asynchronous A mobile terminal of IMT-2000 (International Mobile Telecommunication-2000), a Palm Personal Computer (PC), a personal digital assistant (PDA), and the like.
- PCS phone personal communication service phone
- IMT-2000 International Mobile Telecommunication-2000
- PC Palm Personal Computer
- PDA personal digital assistant
- 'virtual card number generation module means a module by generating a virtual card number of a type provided to a virtual card number verification server.
- the virtual card number generation module can be divided into a plurality of detailed modules according to roles to be performed.
- the detailed module included in the virtual card number generation module may be included in one terminal device or may be separately included in another terminal device.
- the 'first virtual card number generation module' means a module for generating a virtual security code used for generating a virtual card number.
- the 'second virtual card number generation module' means a module for generating a virtual card number using the virtual security code generated in the first virtual card number generation module. That is, the 'second virtual card number generation module' includes a detailed code generation function and a detailed code combination function.
- the 'actual card number' includes at least one of a card identification number, a card security code, and an expiration date.
- the card identification number refers to a card company, a card type, and a code assigned to identify a card user.
- the card identification number assigned to the card is 15 or 16 digits. In the case of a card identification number consisting of 16 digits in general, the former six digits are made up of the issuer identification number (IIN) of the card, and from the seventh digit to the fifteenth digit, And the 16th digit is a value for verifying the card identification number by a specific formula.
- IIN issuer identification number
- the card security code is a code for confirming whether the card number is normal, which is a number of specific digits printed on one side of the card (for example, 3 digits for Visa, Master, and 4 digits for Amex). In other words, if the card security code is 3 digits and the card identification number is 16 digits, the three-digit code of the security code of the card and the 16-digit code of the card identification number are decrypted according to the predetermined rule. .
- the card security code is called a card verification value (CVV), the master card / JCB is a card validation code (CVC), and the American Express is a CID (confidential identifier number or card identification number).
- the expiration date means the expiration date after the actual card number is issued.
- the validity period is made up of four digits with two digits given for year / month. Since the magnetic card contains the actual card number as it is, there is a problem that the entire card number is leaked just by reading the magnetic card, so that the use of the magnetic card is limited in recent years, . There is a problem in that a new terminal must be installed or a process must be changed differently from the existing process in order to apply a high security method. Therefore, there is a need for a method capable of preventing card number leakage while applying the same process using existing existing card numbers. In particular, there is a need for a method of improving the security while using the existing magnetic card reader.
- FIG. 1 is a block diagram of a system for providing a virtual card number based on a smart card according to an embodiment of the present invention.
- a smart card-based virtual card number providing system includes a mobile terminal 10; A smart card 20; And a virtual card number verification server (30).
- the mobile terminal 10 generates a virtual card number and provides it to the smart card 20 or generates a virtual security code used to generate the virtual card number and provides the generated virtual security code to the smart card 20.
- the mobile terminal 10 generates a virtual card number or a module for generating a virtual security code (i.e., a virtual card number generation module 100 when generating the virtual card number itself, a virtual card number generation And a first virtual card number generation module 110, which is one module included in the module 100).
- the smart card 20 receives the virtual card number from the mobile terminal 10 and provides it to the financial transaction terminal or generates a virtual card number using the virtual security code provided from the mobile terminal 10 and provides the virtual card number to the financial transaction terminal.
- the virtual card number verification server 30 refers to a server that receives a virtual card number provided to a financial transaction terminal, searches for an actual card number, and proceeds with a financial transaction.
- the virtual card number verification server 30 may be a financial company server that receives the virtual card number received from the financial transaction terminal from the PG company server and searches for the actual card number.
- FIG. 2 is a system configuration diagram between a mobile terminal 10 and a smart card 20 according to an embodiment of the present invention.
- FIG. 3 is a flowchart of a method of providing a virtual card number based on a smart card according to an embodiment of the present invention.
- a method for providing a virtual card number based on a smart card is a method in which a virtual card number generation module 100 generates a virtual card number based on a virtual card number Receiving a provision request (S120); (S130) the virtual card number generation module 100 synchronizes the time of the encryption algorithm with the smart card 20; Wherein the virtual card number generation module (100) generates a virtual card number, wherein the virtual card number is generated for each unit count by a virtual card number generation function (S150); The virtual card number generation module 100 generates the virtual card number as an encryption code based on the synchronized encryption algorithm (S170); And the virtual card number generation module 100 transmits the encryption code to the smart card 20 (S190).
- a virtual card number generation module 100 generates a virtual card number based on a virtual card number Receiving a provision request (S120); (S130) the virtual card number generation module 100 synchronizes the time of the encryption algorithm with the smart card 20; Wherein the virtual card number generation module (100) generates
- the virtual card number generation module 100 receives a virtual card number provision request according to activation of the user's smart card 20 (S120). That is, when the user manipulates the smart card 20 to use the smart card 20 (for example, presses a button provided on the smart card 20 or operates to move the smart card 20) (20) directly transmits a virtual card number provision request to an application including the virtual card number generation module (100).
- the virtual card number generation module 100 is directly connected to the virtual card number generation application installed in the specific mobile terminal 10 so that the virtual card number generation module 100 can directly issue the virtual card number provision request Data can be received via wireless communication (e. G., Bluetooth or the like). Accordingly, the user can proceed with the financial transaction with the virtual card number without being added to the existing method of providing the card to the other party in order to perform the financial transaction with the ordinary card.
- wireless communication e. G., Bluetooth or the like
- the virtual card number generation module 100 synchronizes the time of the encryption algorithm with the smart card 20 (S130).
- the virtual card number generation module 100 and the smart card 20 include the same encryption algorithm so that the virtual card number generation module 100 generates the virtual card number as an encrypted code as described later, Decrypts the received encryption code and restores it to the virtual card number.
- the virtual card number generation module 100 and the smart card 20 are connected to the virtual card number generation module 100 such that the virtual card number generation module 100 acquires a plurality of encryption codes provided to the smart card 20 by the virtual card number generation module 100, It is possible to change the encryption algorithm according to a specific rule (for example, change the encryption pattern (or the encrypted code conversion pattern) every unit time). That is, when the virtual card number generation module 100 receives the virtual card number generation request, in order for the virtual card number generation module 100 and the smart card 20 to perform conversion and restoration in the same encryption pattern, The generation module 100 synchronizes time with the smart card 20. [ For example, the virtual card number generation module 100 may perform synchronization according to time data of a clock included in the smart card 20. A method of changing the encryption pattern using the time data will be described later.
- the virtual card number generation module 100 generates a virtual card number (S150: virtual card number generation step).
- the virtual card number generation module 100 includes a virtual card number generation function that is the same as that included in the virtual card number verification server 30. Accordingly, the virtual card number verification server 30 (for example, a financial company server) receives the virtual card number generated by the virtual card number generation module 100 and provided to the smart card 20, Post-financing transactions can proceed.
- the virtual card number verification server 30 for example, a financial company server
- the virtual card number generation function generates virtual card numbers in various ways. As shown in FIG. 4, the virtual card number generation step S150 may include generating the one or more detailed codes by the one or more detailed code generation functions (S151 ); And the virtual card number generation module 100 generates a virtual card number by combining the one or more detailed codes by a detailed code combination function (S153). That is, the virtual card number generating function includes a detailed code generating function and a detailed code combining function.
- the virtual card number generation module 100 generates one or more detailed codes by one or more detailed code generation functions (S151).
- the virtual card number generation module 100 includes a first function and a second function as a detailed code generation function, and generates a first code and a second code.
- the plurality of detailed codes are stored in the virtual card number verification server 30 (for example, a financial company server) A first code for setting a starting point of the actual card number storage location search; And a second code for setting a search path from the start point to the storage location in accordance with the specific search method.
- the first code and the second code have a correlation for searching the storage location of the actual card number in the virtual card number verification server 30.
- the virtual card number generation device 100 however, And a second function for generating the second code as the detailed code generation function, but may not include the data on the correlation between the first code and the second code.
- the plurality of detailed codes may include: a first code generated based on a first count; And a second code generated based on the second count.
- the first count is the number of unit counts elapsed from the first time when the virtual card number generating function is driven in the virtual card number verifying server 30 and the second count is the number of elapsed The number of unit counts. That is, the first function for generating the first code is a function for providing a specific code value corresponding to the first count, the second function for generating the second code is a function for providing a specific code value corresponding to the second count, to be.
- the first code may be any code value among the codes matched for each count from the initial point of time when the first function is driven in the virtual card number verification server 30 (for example, Count), and the virtual card number generation module 100 generates a different code value for each virtual card number generation time in the same user as the first code.
- the virtual card number generation module 100 always has a different second count value for each virtual card number generation module 100 so that the actual card number is not simultaneously issued at the same time, Always generates a different second code.
- the first code has a different code value for each count
- the second code corresponds to the virtual card number creation module 100 (i.e., the application card application installed in each mobile terminal 10 of each user)
- the virtual card number in which the first code and the second code are combined becomes a code value that is not duplicated regardless of the time when the user and the virtual card number are requested to be generated.
- the virtual card number generation module 100 (i.e., the second virtual card number generation module 120) generates the first code and the second code using the virtual security code. That is, the second virtual card number generation module 120 applies the virtual security code as the count count elapsed from the second count or the current time. At this time, the second virtual card number generation module 120 applies the count number obtained by adding the count corresponding to the actual card number issue time (i.e., the count as the reference for generating the second code) to the virtual security code as the first count Thereby generating a first code.
- the method of generating the first code and the second code using the virtual security code will be described later in detail.
- the virtual card number generation module 100 generates the virtual card number by combining the one or more detailed codes by the detailed code combination function (S153).
- the detailed code combination function the virtual card number generation module 100 may generate a virtual card number by alternately arranging the first code of N digits and the second code of N digits.
- the detailed code combining function may be a function that combines the second code after the first code. As the detailed code included in the virtual function increases, various detailed code combining functions can be generated.
- the virtual card number generation module 100 generates the virtual card number as an encryption code based on the synchronized encryption algorithm (S170). That is, the virtual card number generation module 100 generates a virtual card number as an encrypted code based on a conversion pattern (i.e., an encryption pattern) corresponding to a point in time when the virtual card number is synchronized with the smart card 20.
- a conversion pattern i.e., an encryption pattern
- the virtual card number generation module 100 transmits the encryption code to the smart card 20 (S190). At this time, the virtual card number generation module 100 can transmit the encryption code through various communication methods.
- the virtual card number generation module 100 generates a virtual security code using the virtual security code generation function (S140). That is, the virtual card number generation module 100 included in the application in the mobile terminal 10 generates the virtual card number generation module 120 together with the second virtual card number generation module 120 including the virtual card number generation function, And a first virtual card number generation module 110 for generating a virtual card number.
- the first virtual card number generation module 110 includes a virtual security code generation function.
- the virtual security code is generated using the card security code (i.e., the CVC or CVV of the actual card number) of the time data (i.e., the time of requesting generation of the virtual card number), the card unique value, It is a disposable code.
- the card unique value is a unique value given to an application installed in the mobile terminal 10 (for example, an application card application). That is, the card unique value is a value provided when the application card application is provided for installation from the financial server or application providing server (for example, an application store server) to the mobile terminal 10.
- the first virtual card number generation module 110 may internally store a card unique value and a card security code for generating a virtual security code.
- the first virtual card number generation module 110 generates a virtual security code using OTP (One Time Password: user authentication using a one-time password generated randomly instead of a fixed password) . That is, the first virtual card number generation module 110 stores the card security code (i.e., CVC or CVV of the actual card number) of the time data (i.e., the time of requesting generation of the virtual card number) And generates the OTP using the key data.
- OTP One Time Password: user authentication using a one-time password generated randomly instead of a fixed password
- the second virtual card number generation module 120 generates each detail code using the virtual security code. That is, the second virtual card number generation module 120 sets the virtual security code as a second count (i.e., a count number shifted from the actual card number issuance time) or a count number elapsed from the current point The number of counts shifted from the viewpoint). At this time, the second virtual card number generation module 120 applies the count number obtained by adding the count corresponding to the actual card number issue time (i.e., the count as the reference for generating the second code) to the virtual security code as the first count Thereby generating a first code. This makes it impossible to confirm the order in which the first and second codes constituting the virtual card number are provided by other persons (i.e., the first function and the second function), and the security can be improved.
- a second count i.e., a count number shifted from the actual card number issuance time
- the virtual security code is used when the virtual card number verification server 30 confirms whether the virtual card number transmitted through the smart card 20 is normally generated. That is, the virtual card number verification server 30 extracts the virtual security code (i.e., the received virtual security code) contained in the virtual card number after receiving the virtual card number acquired by the financial transaction terminal, Based on the information stored in the server (i.e., the virtual security code generating function, the card unique value, and the card security code of the actual card number), it is checked whether the received virtual security code is normally generated at the time of requesting the financial transaction, .
- the method of verifying the virtual card number differs according to the method of using the virtual security code when generating the detailed code.
- the virtual card number verification server 30 extracts the virtual security code from the second code generated based on the virtual security code, and then transmits the virtual security code generation function (i.e., the OTP function) A count within a specific range is input from a count, and it is determined whether or not there is a value that matches the virtual security code among the OTP numbers calculated.
- the virtual card number verification server 30 obtains the virtual security code value (i.e., the OTP function value) used for generating the second code by applying the inverse function of the second function to the second code, And finds a count to calculate.
- the virtual card number verification server 30 can verify whether the virtual card number generation module 100 that transmitted the virtual card number normally matches the actual card number, thereby improving the security.
- the virtual card number generation module 100 generates a virtual card number corresponding to a count that is a sum of a unique value in the virtual card number generation device and a virtual security code value generated based on the card security code, Generates a first code and generates a second code corresponding to a count obtained by adding a count difference between a time of issuing the actual card number (time A) and a time of requesting the financial transaction (time C) and a virtual security code value. That is, the formula for generating the first code and the second code using the first function and the second function by the virtual card number generation module 100 is as follows.
- Second code f 2 (C start time count - A start time count + virtual security code)
- the virtual card number verification server 30 searches the actual card number storage location based on the first code and the second code in the received virtual card number and stores the card security code included in the actual card number storage location Or the CVC) and the virtual card number generation module 100.
- the virtual card number verification server 30 extracts the unique value of the virtual security number from the reception time of the financial transaction request based on the card security code and the unique value, (I.e., an OTP number).
- the virtual card number verification server 30 calculates the sum of the number of counts from the actual card number issuance time (point A) to each count in the specific count range to the virtual security code (i.e., OTP number) It is determined whether or not a count equal to the number of counts corresponding to the second code (i.e., the value obtained by applying the inverse function of the second function to the second code) exists.
- the virtual card number verification server 30 can determine the actual card number issuance time by searching for a point where the actual card number storage location matches based on the first code and the second code. Accordingly, the virtual card number verification server 30 can confirm whether or not the virtual card number generation module 100 providing the virtual card number is normally issued.
- the virtual card number generation module 100 acquires the identification value of the smart card 20 at the time of registering the use of the smart card 20 (S100).
- the identification value is a serial number assigned to the smart card 20.
- the identification value is used for encryption (i.e., code conversion) for data transmission between the smart card 20 and an application associated with the smart card 20.
- the virtual card number generation module 100 provides the use registration interface to the screen of the mobile terminal 10, and receives the identification value of the smart card 20 from the user. Accordingly, the virtual card number generation module 100 receives and stores the identification value stored in the smart card 20.
- the encryption code generation step S170 generates a one-time code for code conversion using the time data synchronized with the identification value (S171), and corresponds to the one-time code for code conversion , And converts the virtual card number into an encryption code (S172).
- the virtual card number generation module 100 may include various rules for generating a virtual card number with an encryption code (i.e., an encryption rule), and may include encryption (encryption) corresponding to the generated one- Apply the rule to generate the encryption code.
- the encrypted code can not be restored to the virtual card number.
- the encryption code prevents the other person from restoring the virtual card number by key data leakage . That is, the decryption module in the virtual card number generation module 100 and the smart card 20 performs encryption and decryption using a disposable code for code conversion randomly generated by the OTP function at each point in time, The key data used for encryption and decryption can not be grasped. Accordingly, the key data used for encryption and decryption is fixed, thereby solving the problem of the conventional encryption method in which the encryption code can be decrypted by others due to leakage of the key data.
- the virtual card number generation module 100 may provide the installation data to the smart card 20 at the time of registration of the smart card 20.
- the installation data may include a decryption module for decrypting the virtual card number encrypted by the virtual card number generation module 100 included in the application in the mobile terminal 10.
- FIG. 7 is a system configuration diagram between the mobile terminal 10 and the smart card 20 according to another embodiment of the present invention.
- FIG. 8 is a flowchart of a method of providing a virtual card number based on a smart card according to another embodiment of the present invention.
- a method for providing a virtual card number based on a smart card is characterized in that the first virtual card number generation module 110 generates a virtual card number based on a time value and a card security code A step S240 (virtual security code generation step) of generating a virtual security code using the virtual security code; And the first virtual card number generation module 110 transmits the virtual security code to the smart card 20 (S260).
- a step S240 virtual security code generation step
- a card number generation module 120 is required.
- the application including the first virtual card number generation module 110 and the second virtual card number generation module 120 is separated and the application installed in the mobile terminal 10 is connected to the first virtual card number generation module 110 and the smart card 20 includes the second virtual card number generation module 120.
- the first virtual card number generation module 110 generates a virtual security code using the time value and the card security code of the actual card number (S240; virtual security code generation step).
- the first virtual card number generation module 110 is included in an application installed in the mobile terminal 10 and includes a virtual security code generation function.
- the virtual security code is generated using the card security code (i.e., the CVC or CVV of the actual card number) of the time data (i.e., the time of requesting generation of the virtual card number), the card unique value, It is a disposable code.
- the card unique value is a unique value given to an application installed in the mobile terminal 10 (for example, an application card application). That is, the card unique value is a value provided when the application card application is provided for installation from the financial server or application providing server (for example, an application store server) to the mobile terminal 10.
- the first virtual card number generation module 110 may internally store a card unique value and a card security code for generating a virtual security code.
- the first virtual card number generation module 110 generates a virtual security code using OTP (One Time Password: user authentication using a one-time password generated randomly instead of a fixed password) . That is, the first virtual card number generation module 110 stores the card security code (i.e., CVC or CVV of the actual card number) of the time data (i.e., the time of requesting generation of the virtual card number) And generates the OTP using the key data.
- OTP One Time Password: user authentication using a one-time password generated randomly instead of a fixed password
- the first virtual card number generation module 110 transmits the virtual security code to the smart card 20 (S260).
- the first virtual card number generation module 110 uses the identification value of the smart card 20 input at the time of registering the smart card 20 (i.e., the serial number of the smart card 20) as key data,
- the code is encrypted and transmitted.
- the smart card 20 receiving the encrypted virtual security code decrypts based on the identification value of the smart card 20 stored therein to grasp the virtual security code.
- the second virtual card number generation module 120 included in the smart card 20 uses the virtual security code received from the first virtual card number generation module 110 in the application to generate a virtual card number And generates a plurality of matching detailed codes. That is, the virtual security code may be reflected in generation of the first code and the second code without outputting the virtual card number to the outside.
- the second virtual card number generation module 120 generates a virtual card number by combining the plurality of detailed codes, and outputs the virtual card number to the outside.
- the plurality of detail codes comprising: a first code generated based on a first count; And a second code generated based on the second count.
- the first count is the number of unit counts elapsed from the first time when the virtual card number generating function is driven in the virtual card number verifying server 30 and the second count is the number of elapsed The number of unit counts. That is, the first function for generating the first code is a function for providing a specific code value corresponding to the first count, the second function for generating the second code is a function for providing a specific code value corresponding to the second count, to be.
- the second virtual card number generation module 120 sets the virtual security code as a second count (i.e., a count number shifted from the actual card number issuance time) or a count number elapsed from the current point The number of counts shifted from the viewpoint). At this time, the second virtual card number generation module 120 applies the count number obtained by adding the count corresponding to the actual card number issue time (i.e., the count as the reference for generating the second code) to the virtual security code as the first count Thereby generating a first code.
- a second count i.e., a count number shifted from the actual card number issuance time
- the second virtual card number generation module 120 applies the count number obtained by adding the count corresponding to the actual card number issue time (i.e., the count as the reference for generating the second code) to the virtual security code as the first count Thereby generating a first code.
- the second virtual card number generation module 120 generates a first code corresponding to a count of the virtual security code plus the actual card number issue time, and counts a count corresponding to the virtual security code value Lt; / RTI > That is, the first code and the second code are generated based on the count shifted by the virtual security code from the point A where the actual card number is issued to the first user.
- the count shifted from the A point may be counted before or after the count corresponding to the current time according to the generated virtual security code value. This makes it impossible to confirm the order in which the first and second codes constituting the virtual card number are provided by other persons (i.e., the first function and the second function), and the security can be improved.
- the second virtual card number generation module 120 in the smart card 20 applies the virtual security code value based on the count of the actual card number issue time (i.e., applies the virtual security code value to the second count)
- the smart card 20 since the smart card 20 does not need to acquire the time data, it is not necessary to have a clock inside the device. In this way, the smart card 20 can eliminate battery consumption for clock driving.
- the virtual security code is used when the virtual card number verification server 30 confirms whether the virtual card number transmitted through the smart card 20 is normally generated. That is, the virtual card number verification server 30 extracts the virtual security code (i.e., the received virtual security code) contained in the virtual card number after receiving the virtual card number acquired by the financial transaction terminal, Based on the information stored in the server (i.e., the virtual security code generating function, the card unique value, and the card security code of the actual card number), it is checked whether the received virtual security code is normally generated at the time of requesting the financial transaction, .
- the virtual security code i.e., the received virtual security code
- the virtual security code is used as the second count (i.e., the virtual card number verification server 30 (i.e., the financial company server) does not include the clock for acquiring the current time in the smart card 20) (I.e., OTP function) after extracting the virtual security code from the second code generated based on the virtual security code and inputting the count within the specific range from the count of receiving the virtual card number to the OTP Check whether the number has a value that matches the security code.
- the virtual card number verification server 30 i.e., the financial company server
- the virtual card number verification server 30 (i.e., the financial company server) obtains the virtual security code value (i.e., the OTP function value) used for generating the second code by applying the inverse function of the second function to the second code, And finds a count that yields the same value as the security code value. There is a difference between the time at which the virtual security code is generated by the virtual card number generation means by the transmission time or delay of the virtual card number and the time at which the virtual card number verification server 30 receives the virtual security code, The count obtained when the server 30 receives the virtual card number and the count generated by generating the OTP number corresponding to the virtual security code may not coincide with each other so that the virtual card number verification server 30 calculates the error number Allow range.
- the virtual security code value i.e., the OTP function value
- the first virtual card number generation module 110 receives a virtual card number provision request according to the activation of the user's smart card 20 (S220), as shown in FIG. 10, .
- the virtual card number provision request received by the first virtual card number generation module 110 from the smart card 20 is generated when the second virtual card number generation module 120 in the smart card 20 generates a virtual card number To provide the virtual security code needed to do so.
- the smart card 20 Transmits the virtual card number provision request to the application including the virtual card number generation module 100 directly.
- the virtual card number generation module 100 is directly connected to the virtual card number generation application installed in the specific mobile terminal 10 so that the virtual card number generation module 100 can directly issue the virtual card number provision request Data can be received via wireless communication (e. G., Bluetooth or the like). Accordingly, the user can proceed with the financial transaction with the virtual card number without being added to the existing method of providing the card to the other party in order to perform the financial transaction with the ordinary card.
- wireless communication e. G., Bluetooth or the like
- the first virtual card number generation module 110 receives a request for registering a smart card 20 from a user (S200); The step (S201) of receiving the identification value of the smart card 20 from the user by the first virtual card number generation module 110; And providing the installation data to the smart card 20 by the first virtual card number generation module 110 (S202).
- the installation data includes a second virtual card number generation module 120. That is, the application is provided with the installation data necessary for installing the second virtual card number generation module 120 in the smart card 20 at the time of installation in the mobile terminal 10, and at the time of registration of the specific smart card 20 To the smart card 20 via wireless communication.
- the third party Even if the application receives the installation data from another person in the process of providing the installation data for the second virtual card number generation module 120 to the smart card 20, the third party generates a virtual security code corresponding to the time of the financial transaction request It is not possible to generate a virtual card number that matches the time of the request for a financial transaction, and thus the financial transaction can not be performed.
- the installation data of the second virtual card number generation module 120 includes only the information on the virtual card number generation function and the time point when the user issues the actual card number (i.e., the actual card number issuance time point) A card unique value, and a virtual security code generation function (i.e., an OTP function) necessary for generating the virtual security code necessary for generating the first code and the second code by the card number generation function,
- a virtual security code generation function i.e., an OTP function
- FIG. 12 is a flowchart of a method for providing a virtual card number based on a smart card according to another embodiment of the present invention.
- a method for providing a virtual card number based on a smart card includes a second virtual card number generation module 120, a first virtual card number generation module 110 (S320) for receiving a virtual security code from the card security code;
- the second virtual card number generation module 120 generates one or more detailed codes by one or more detailed code generation functions (S340);
- the second virtual card number generation module 120 generates a virtual card number by combining the one or more detailed codes by a detailed code combination function (S360); And outputting the virtual card number through the output means included in the smart card 20 (S380).
- the detailed description of each step is omitted.
- a card number generation module 120 is required.
- the present embodiment separates the apparatus including the first virtual card number generation module 110 and the second virtual card number generation module 120 so that an application installed in the mobile terminal 10 is transferred to the first virtual card number generation module 110
- the second virtual card number generation module 120 in the smart card 20 includes the second virtual card number generation module 120.
- the second virtual card number generation module 120 receives the virtual security code from the first virtual card number generation module 110 (S320: receiving the card security code).
- the second virtual card number generation module 120 receives the virtual security code generated in real time in the first virtual card number generation module 110 through wireless communication.
- the second virtual card number generation module 120 includes a virtual card number generation function identical to that included in the virtual card number verification server 30, And is installed in the smart card 20.
- the second virtual card number generation module 120 generates one or more detailed codes by one or more detailed code generation functions (S340, S151).
- the plurality of detail codes comprises: a first code generated based on a first count; And a second code generated based on the second count.
- the first count is the number of unit counts elapsed from the first time when the virtual card number generating function is driven in the virtual card number verifying server 30 and the second count is the number of elapsed
- the detailed code generation step S340 applies the virtual security code to the second count or the number of counts elapsed from the current time.
- the second virtual card number generation module 120 generates a virtual card number by combining the one or more detailed codes by the detailed code combination function (S360: same as S153).
- the second virtual card number generation module 120 outputs the virtual card number through the output means included in the smart card 20 (S380). If the smart card 20 provides the virtual card number to the POS device via the specific output means, the virtual card number verification server 30 (i.e., the financial company server) Procedure) to receive the virtual card number.
- the virtual card number verification server 30 i.e., the financial company server
- the virtual card number is generated by combining a fixed code and a plurality of detailed codes according to a specific rule, and the fixed code is coupled to a predetermined position in the virtual card number, It is a code for determining the card company or card type corresponding to the card number. That is, the virtual card number may include an unmodified fixed code for distinguishing groups together with a plurality of detailed codes.
- the virtual card number verification server 30 may include a plurality of virtual card number generation functions corresponding to the various card types, and it is necessary for the user to know the card company and card type of the card to be used in the financial transaction, So that the actual card number search can be performed.
- the second virtual card number generation module 120 includes unfixed fixed codes for identifying card companies and card types. For example, the second virtual card number generation module 120 uses the first six digits of the card number and the card type as a fixed code.
- the fixed code may be combined at a predetermined position in the virtual card number.
- the virtual card number verification server 30 can extract the fixed code from the virtual card number to determine the card type group.
- the fixed code may be combined into a predetermined location within the virtual card number (e.g., the same location as the issuer identification number of the actual card number) so as to be separable without a separate function.
- FIG. 13 is an internal configuration diagram of a smart card 20 for generating a virtual card number according to an embodiment of the present invention.
- a smart card 20 for generating a virtual card number includes a virtual security code receiving unit 210; A detailed code generating unit 220; A virtual card number generation unit 230; And a virtual card number providing unit 240.
- the virtual security code receiving unit 210 receives the virtual security code from the mobile terminal 10.
- the detailed code generation unit 220 generates one or more detailed codes based on the virtual security code.
- the plurality of detail codes comprising: a first code generated based on a first count; And a second code generated based on the second count, wherein the first count is the number of unit counts elapsed from the initial time when the virtual card number generation function is activated in the virtual card number verification server 30, The second count is a unit count number elapsed from the time when a specific card number of a specific user is issued.
- the detailed code generating unit 220 generates the virtual security code by counting the number of counts elapsed from the second count or the current time .
- the virtual card number generation unit 230 generates a virtual card number by combining the one or more detailed codes.
- the virtual card number providing unit 240 outputs the virtual card number to the virtual card number verifying server 30 in order to provide the virtual card number.
- the virtual card number providing unit 240 outputs the virtual card number to the virtual card number verifying server 30 in order to provide the virtual card number to the virtual card number verifying server 30.
- the virtual card number providing unit 240 may include various configurations for providing the virtual card number to the outside.
- the virtual card number providing unit 240 includes a wireless Internet module; Local area communication module; An IC chip 131; A magnetic field generator; A display portion 132, and the like.
- the wireless Internet module refers to a module for wireless Internet access, and may be built in or enclosed in the mobile terminal 100.
- Wireless Internet technologies include WLAN (Wi-Fi), Wibro (Wireless broadband), Wimax (World Interoperability for Microwave Access), HSDPA (High Speed Downlink Packet Access), LTE (Long Term Evolution-Advanced) or the like can be used.
- the short-range communication module is a module for short-range communication.
- Bluetooth Bluetooth
- BLE Bluetooth Low Energy
- Beacon Beacon
- RFID Radio Frequency Identification
- NFC Near Field Communication
- IrDA Infrared Data Association
- UWB Ultra Wideband
- ZigBee ZigBee
- the virtual card number providing unit 240 may include a magnetic field generating unit or an IC chip.
- the magnetic field generator outputs the card data in the form of a magnetic signal and transmits the card data to the card reader.
- the magnetic field generator may include one or more magnetic cells for generating a magnetic field through current flow to output a card information magnetic signal.
- the magnetic field generator may be provided to expose the top or bottom surface of the PCB plate along the long side adjacent to a specific long side of the PCB plate of the card.
- the IC chip is mounted in the PCB board and can be brought into contact with the terminal of the card reader of the IC system to perform data exchange. That is, the IC chip transfers the virtual card number generated by the virtual card number generation unit 230 to the IC card reader.
- the display unit may be a liquid crystal display, a thin film transistor-liquid crystal display, an organic light-emitting diode, a flexible display, or an electronic paper And may include at least one.
- the display unit visually outputs the virtual card number generated by the virtual card number generation unit 230 to the outside. Accordingly, the user of the smart card 20 can visually confirm the virtual card number generated in real time, and directly input the virtual card number visually confirmed to the virtual card number verification server 30.
- the virtual card number generation device when the virtual card number generation device is the smart card 20, the virtual card number generation device includes a display unit that can output the virtual card number without describing the card number on the surface .
- the display unit may be an electronic paper, an OLED, or a 7-Segment display.
- the method of providing a virtual card number based on a smart card may be implemented as a program (or an application) in order to be executed in combination with a computer, which is hardware, and stored in a medium.
- the above-described program may be stored in a computer-readable medium such as C, C ++, JAVA, machine language, or the like that can be read by the processor (CPU) of the computer through the device interface of the computer, And may include a code encoded in a computer language of the computer.
- code may include a functional code related to a function or the like that defines necessary functions for executing the above methods, and includes a control code related to an execution procedure necessary for the processor of the computer to execute the functions in a predetermined procedure can do.
- code may further include memory reference related code as to whether the additional information or media needed to cause the processor of the computer to execute the functions should be referred to at any location (address) of the internal or external memory of the computer have.
- the code may be communicated to any other computer or server remotely using the communication module of the computer
- a communication-related code for determining whether to communicate, what information or media should be transmitted or received during communication, and the like.
- the medium to be stored is not a medium for storing data for a short time such as a register, a cache, a memory, etc., but means a medium that semi-permanently stores data and is capable of being read by a device.
- examples of the medium to be stored include ROM, RAM, CD-ROM, magnetic tape, floppy disk, optical data storage, and the like, but are not limited thereto.
- the program may be stored in various recording media on various servers to which the computer can access, or on various recording media on the user's computer.
- the medium may be distributed to a network-connected computer system so that computer-readable codes may be stored in a distributed manner.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
Claims (15)
- 가상카드번호생성모듈이 사용자의 스마트카드 활성화에 따라 가상카드번호 제공요청을 수신하는 단계;상기 가상카드번호생성모듈이 상기 스마트카드와 암호화알고리즘의 시간을 동기화하는 단계;상기 가상카드번호생성모듈이 가상카드번호를 생성하되, 상기 가상카드번호는 가상카드번호생성함수에 의해 단위카운트마다 생성되는 것인, 가상카드번호생성단계;상기 가상카드번호생성모듈이 상기 가상카드번호를 동기화된 암호화알고리즘을 기반으로 암호화코드로 생성하는 단계; 및상기 가상카드번호생성모듈이 상기 암호화코드를 스마트카드로 전송하는 단계;를 포함하되,상기 가상카드번호생성모듈은,이동단말기에 설치되는 어플리케이션 내에 포함되고,가상카드번호검증서버에 포함되는 것과 동일한 가상카드번호생성함수를 포함하고,상기 단위카운트는,특정한 시간간격으로 설정되어, 상기 시간간격이 경과됨에 따라 변경되는 것인, 스마트카드 기반의 가상카드번호 제공방법.
- 제1항에 있어서,상기 가상카드번호생성단계는,상기 가상카드번호생성모듈이 복수의 세부코드생성함수에 의해 복수의 세부코드를 생성하는 단계; 및상기 가상카드번호생성모듈이 세부코드결합함수에 의해 상기 복수의 세부코드를 조합하여 가상카드번호로 생성하는 단계;를 포함하되,상기 세부코드생성함수 및 상기 세부코드결합함수는 상기 가상카드번호생성함수에 포함되는 것이며,상기 복수의 세부코드는,저장위치 탐색의 시작지점을 설정하는 제1코드; 및특정한 탐색방식에 따라, 상기 시작지점으로부터 상기 저장위치로의 탐색경로를 설정하는 제2코드;를 포함하는 것인, 스마트카드 기반의 가상카드번호 제공방법.
- 제1항에 있어서,상기 암호화알고리즘은,시간마다 암호화규칙이 매칭되어 있는 것을 특징으로 하는, 스마트카드 기반의 가상카드번호 제공방법.
- 제2항에 있어서,상기 가상카드번호생성모듈이 가상보안코드생성함수를 이용하여 가상보안코드를 생성하는 단계;를 더 포함하고,상기 가상보안코드는 시간값 및 실제카드번호의 카드보안코드를 이용하여 생성되는 일회용 코드이며,상기 세부코드생성함수는,상기 가상보안코드를 이용하여 각각의 세부코드를 생성하는 것을 특징으로 하는, 스마트카드 기반의 가상카드번호 제공방법.
- 제4항에 있어서,상기 가상카드번호생성모듈이 상기 스마트카드 이용등록 시에 상기 스마트카드의 식별값을 획득하는 단계;를 더 포함하되,상기 암호화코드 생성단계는,상기 식별값과 동기화된 시간데이터를 이용하여 코드변환용 일회용코드를 생성하는 단계; 및상기 코드변환용 일회용코드에 대응되는 변환패턴을 적용하여, 상기 가상카드번호를 암호화코드로 변환하는 단계;를 포함하는, 스마트카드 기반의 가상카드번호 제공방법.
- 제1가상카드번호생성모듈이 시간값 및 실제카드번호의 카드보안코드를 이용하여 가상보안코드를 생성하되, 상기 가상보안코드는 특정한 자릿수의 일회용코드인, 가상보안코드생성단계; 및상기 제1가상카드번호생성모듈이 상기 가상보안코드를 스마트카드로 전송하는 단계;를 더 포함하고,상기 제1가상카드번호생성모듈은 이동단말기에 설치되는 어플리케이션 내에 포함되고,상기 스마트카드는 제2가상카드번호생성모듈을 포함하고,상기 제2가상카드번호생성모듈은,상기 가상보안코드를 이용하여 가상카드번호생성이 요청된 단위카운트에 부합하는 복수의 세부코드를 생성하고,상기 복수의 세부코드를 조합하여 가상카드번호를 생성하고,상기 가상카드번호를 외부로 출력하는 것을 특징으로 하고,상기 단위카운트는,특정한 시간간격으로 설정되어, 상기 시간간격이 경과됨에 따라 변경되는 것인, 스마트카드 기반의 가상카드번호 제공방법.
- 제6항에 있어서,제1가상카드번호생성모듈이 사용자의 스마트카드 활성화에 따라 가상카드번호 제공요청을 수신하는 단계;를 더 포함하는, 스마트카드 기반의 가상카드번호 제공방법.
- 제6항에 있어서,상기 복수의 세부코드는,제1카운트를 기반으로 생성되는 제1코드; 및제2카운트를 기반으로 생성되는 제2코드;를 포함하는 것이고,상기 제1카운트는 가상카드번호검증서버에서 가상카드번호생성함수가 구동된 최초시점으로부터 경과된 단위카운트 개수이고,상기 제2카운트는 특정한 사용자의 실제카드번호가 발급된 시점으로부터 경과된 단위카운트 개수이며,상기 제2가상카드번호생성모듈은 상기 가상보안코드를 상기 제2카운트 또는 현재시점으로부터 경과된 카운트 개수로 적용하는 것을 특징으로 하는, 스마트카드 기반의 가상카드번호 제공방법.
- 제6항에 있어서,상기 가상보안코드는,가상카드번호검증서버에서 상기 스마트카드를 통해 전달된 가상카드번호가 정상적으로 생성된 것인지 확인 시에 이용되는 것인, 스마트카드 기반의 가상카드번호 제공방법.
- 제6항에 있어서,상기 제1가상카드번호생성모듈이 사용자로부터 스마트카드 등록요청을 수신하는 단계;상기 제1가상카드번호생성모듈이 사용자로부터 상기 스마트카드의 식별값을 수신하는 단계; 및상기 제1가상카드번호생성모듈이 상기 스마트카드로 설치데이터를 제공하는 단계;를 더 포함하고,상기 설치데이터는 제2가상카드번호생성모듈을 포함하는 것인, 스마트카드 기반의 가상카드번호 제공방법.
- 제1항 또는 제6항에 있어서,상기 가상카드번호는 고정코드 및 복수의 세부코드를 특정한 규칙에 따라 결합하여 생성되는 것이고상기 고정코드는, 상기 가상카드번호 내에 미리 정해진 위치에 결합되며, 상기 실제카드번호에 대응되는 카드사 또는 카드유형을 판단하는 코드인, 스마트카드 기반의 가상카드번호 제공방법.
- 제2가상카드번호생성모듈이 제1가상카드번호생성모듈로부터 가상보안코드를 수신하는 카드보안코드수신단계;상기 제2가상카드번호생성모듈이 복수의 세부코드생성함수에 의해 복수의 세부코드를 생성하는 단계;상기 제2가상카드번호생성모듈이 세부코드결합함수에 의해 상기 복수의 세부코드를 조합하여 가상카드번호로 생성하는 단계; 및상기 제2가상카드번호생성모듈이 스마트카드에 포함된 출력수단을 통해 가상카드번호를 출력하는 단계;를 포함하되,상기 가상카드번호는 가상카드번호생성함수에 의해 단위카운트마다 생성되는 것이고,상기 가상카드번호생성함수는 상기 세부코드생성함수 및 상기 세부코드결합함수를 포함하고,상기 제1가상카드번호생성모듈은,상기 스마트카드와 연동된 이동단말기에 설치되는 어플리케이션 내에 포함되고,상기 제2가상카드번호생성모듈은,가상카드번호검증서버에 포함되는 것과 동일한 가상카드번호생성함수를 포함하고,상기 어플리케이션로부터 상기 스마트카드로 제공된 설치데이터에 의해 상기 스마트카드 내에 설치되는 것이며,상기 단위카운트는, 특정한 시간간격으로 설정되어, 상기 시간간격이 경과됨에 따라 변경되는 것인, 스마트카드 기반의 가상카드번호 제공방법.
- 제12항에 있어서,상기 복수의 세부코드는,제1카운트를 기반으로 생성되는 제1코드; 및제2카운트를 기반으로 생성되는 제2코드;를 포함하는 것이고,상기 제1카운트는 가상카드번호검증서버에서 가상카드번호생성함수가 구동된 최초시점으로부터 경과된 단위카운트 개수이고,상기 제2카운트는 특정한 사용자의 실제카드번호가 발급된 시점으로부터 경과된 단위카운트 개수이며,상기 세부코드생성단계는,상기 가상보안코드를 상기 제2카운트 또는 현재시점으로부터 경과된 카운트 개수로 적용하는 것을 특징으로 하는, 스마트카드 기반의 가상카드번호 제공방법.
- 하드웨어인 컴퓨터와 결합되어, 제1항 내지 제10항 및 제12항 내지 제13항 중 어느 한 항의 방법을 실행시키기 위하여 매체에 저장된, 스마트카드 기반의 가상카드번호 제공프로그램.
- 이동단말기로부터 가상보안코드를 수신하는 가상보안코드수신부;상기 가상보안코드를 기반으로 복수의 세부코드를 생성하는 세부코드생성부;상기 복수의 세부코드를 조합하여 가상카드번호로 생성하는 가상카드번호생성부; 및상기 가상카드번호를 가상카드번호검증서버로 제공하기 위해 외부로 출력하는 가상카드번호제공부;를 포함하고,상기 가상카드번호는 가상카드번호생성함수에 의해 단위카운트마다 상이하게 생성되는 것이고,상기 단위카운트는, 특정한 시간간격으로 설정되어, 상기 시간간격이 경과됨에 따라 변경되는 것이고,상기 가상카드번호생성함수는 세부코드생성함수 및 세부코드결합함수를 포함하고,상기 복수의 세부코드는,제1카운트를 기반으로 생성되는 제1코드; 및제2카운트를 기반으로 생성되는 제2코드;를 포함하는 것이고,상기 제1카운트는 가상카드번호검증서버에서 가상카드번호생성함수가 구동된 최초시점으로부터 경과된 단위카운트 개수이고,상기 제2카운트는 특정한 사용자의 실제카드번호가 발급된 시점으로부터 경과된 단위카운트 개수이며,상기 세부코드생성부는,상기 가상보안코드를 상기 제2카운트 또는 현재시점으로부터 경과된 카운트 개수로 적용하는 것을 특징으로 하는, 가상카드번호를 생성하는 스마트카드.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/784,195 US11842334B2 (en) | 2017-08-09 | 2020-02-06 | Smart card for generating virtual card number, and method and program for providing smart card-based virtual card number |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR20170100953 | 2017-08-09 | ||
KR10-2017-0100953 | 2017-08-09 | ||
KR10-2017-0149153 | 2017-11-10 | ||
KR1020170149153A KR101950904B1 (ko) | 2017-08-09 | 2017-11-10 | 가상카드번호를 생성하는 스마트카드, 스마트카드 기반의 가상카드번호 제공방법 및 프로그램 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/784,195 Continuation US11842334B2 (en) | 2017-08-09 | 2020-02-06 | Smart card for generating virtual card number, and method and program for providing smart card-based virtual card number |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019031666A1 true WO2019031666A1 (ko) | 2019-02-14 |
Family
ID=65272472
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2018/000868 WO2019031666A1 (ko) | 2017-08-09 | 2018-01-18 | 가상카드번호를 생성하는 스마트카드, 스마트카드 기반의 가상카드번호 제공방법 및 프로그램 |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2019031666A1 (ko) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113067859A (zh) * | 2021-03-15 | 2021-07-02 | 北京中联环信科技有限公司 | 一种基于云手机的通讯方法和装置 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20140105683A (ko) * | 2013-02-22 | 2014-09-02 | 농협은행(주) | Qr 보안코드를 이용한 금융 서비스 제공 방법 |
KR20160119296A (ko) * | 2015-04-02 | 2016-10-13 | 현대오토에버 주식회사 | 일회용 카드번호를 이용하여 결제서비스를 제공하는 방법 및 결제시스템 |
KR101675927B1 (ko) * | 2015-10-08 | 2016-11-14 | 주식회사 지씨엠씨 | 신용 조회 단말기, 결제 관리 서버, 결제 관리 방법, 결제 단말, 결제 단말의 동작방법, 결제 관리를 위해 매체에 저장된 컴퓨터 프로그램 및 신용 조회 단말기 |
KR20170040469A (ko) * | 2015-10-05 | 2017-04-13 | 페이몬㈜ | Otp 기반의 스마트카드 및 이를 이용한 인증방법 |
KR101746102B1 (ko) * | 2016-04-28 | 2017-06-13 | 주식회사 센스톤 | 무결성 및 보안성이 강화된 사용자 인증방법 |
-
2018
- 2018-01-18 WO PCT/KR2018/000868 patent/WO2019031666A1/ko active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20140105683A (ko) * | 2013-02-22 | 2014-09-02 | 농협은행(주) | Qr 보안코드를 이용한 금융 서비스 제공 방법 |
KR20160119296A (ko) * | 2015-04-02 | 2016-10-13 | 현대오토에버 주식회사 | 일회용 카드번호를 이용하여 결제서비스를 제공하는 방법 및 결제시스템 |
KR20170040469A (ko) * | 2015-10-05 | 2017-04-13 | 페이몬㈜ | Otp 기반의 스마트카드 및 이를 이용한 인증방법 |
KR101675927B1 (ko) * | 2015-10-08 | 2016-11-14 | 주식회사 지씨엠씨 | 신용 조회 단말기, 결제 관리 서버, 결제 관리 방법, 결제 단말, 결제 단말의 동작방법, 결제 관리를 위해 매체에 저장된 컴퓨터 프로그램 및 신용 조회 단말기 |
KR101746102B1 (ko) * | 2016-04-28 | 2017-06-13 | 주식회사 센스톤 | 무결성 및 보안성이 강화된 사용자 인증방법 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113067859A (zh) * | 2021-03-15 | 2021-07-02 | 北京中联环信科技有限公司 | 一种基于云手机的通讯方法和装置 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101950904B1 (ko) | 가상카드번호를 생성하는 스마트카드, 스마트카드 기반의 가상카드번호 제공방법 및 프로그램 | |
WO2018030707A1 (ko) | 인증 시스템 및 방법과 이를 수행하기 위한 사용자 단말, 인증 서버 및 서비스 서버 | |
WO2020032321A1 (ko) | 가상코드 기반의 금융거래제공시스템, 가상코드생성장치, 가상코드검증장치, 가상코드 기반의 금융거래제공방법 및 가상코드 기반의 금융거래제공프로그램 | |
WO2017222183A1 (ko) | 거래 승인 처리 방법 및 카드사 서버 | |
WO2014030836A1 (en) | Method and system for authenticating transaction request from device | |
WO2016085062A1 (ko) | 엔에프씨 인증카드를 이용한 인증방법 | |
WO2015068904A1 (ko) | 카드 리더, 단말기 및 그를 이용한 결제 정보 처리 방법 | |
WO2019031627A1 (ko) | 가상코드제공시스템, 가상코드생성장치, 가상코드검증장치, 가상코드제공방법 및 가상코드제공프로그램 | |
WO2016060345A1 (ko) | 멀티 카드 생성 방법, 멀티 카드 사용 방법 및 멀티 카드 시스템 | |
WO2019031717A1 (ko) | 매장 내부통신망 기반의 결제시스템, 매장 내부통신망 기반의 결제기능을 포함하는 이동단말기, 매장 내부통신망 기반의 결제서비스 제공방법, 및 이를 수행하는 프로그램 | |
WO2015076605A1 (ko) | 터치와 근거리 통신 기반의 전자 도장 및 이를 이용한 전자 날인 인증 시스템 | |
WO2016137291A1 (ko) | 타임 스탬프 기반의 보안 코드를 이용하는 pg 서버 시스템 및 그 구동 방법 | |
WO2015069028A1 (ko) | 이동통신단말기를 이용한 다채널 인증과 금융 이체 방법 및 시스템 | |
WO2019031666A1 (ko) | 가상카드번호를 생성하는 스마트카드, 스마트카드 기반의 가상카드번호 제공방법 및 프로그램 | |
WO2022114290A1 (ko) | 비대면 본인인증 시스템 및 그 방법 | |
WO2022186605A1 (ko) | 스마트 카드 장치, 인증용가상코드 생성 장치, 이를 이용한 인증용가상코드 생성 방법 및 인증용가상코드 검증 서버 | |
WO2017018861A1 (ko) | 생체정보를 이용하는 금융기기 및 그것의 동작방법 | |
WO2021172876A1 (ko) | 가상인증코드 기반의 절차 승인 장치 및 방법 | |
WO2012157893A2 (ko) | 금융거래 서비스 방법과, 이를 실행하는 금융거래 서비스 장치, 이동통신 단말기 | |
WO2020162739A1 (ko) | 칩 고유값 기반의 가상코드를 이용하여 장치를 식별하는 방법, 프로그램 및 장치 | |
WO2019031761A1 (ko) | 지불카드에서 생성된 가상코드의 화면출력방법 및 프로그램, 가상코드를 생성하는 지불카드 | |
WO2022186653A1 (ko) | 스마트 카드 장치, 데이터 일치 여부 판단을 통해 가상보안코드를 생성하는 장치 및 그 방법 | |
WO2014014295A1 (ko) | 태깅을 통한 카드결제용 디지털 시스템, 결제측 시스템 및 그 제공방법 | |
WO2015064985A1 (ko) | Otp 생성수단 발급 방법 및 시스템 | |
WO2020162738A1 (ko) | 웨어러블 디바이스 기반의 금융거래를 제공하는 방법, 프로그램, 서버 및 웨어러블 디바이스 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 18844473 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 18844473 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 03.07.2020) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 18844473 Country of ref document: EP Kind code of ref document: A1 |