KR20050015475A - System and Method For Accounting By Certification Code - Google Patents

Abstract

PURPOSE: A payment system and method are provided to allow a user to make safe payment of commodities or services by using a cellular phone though the user does not have a credit card. CONSTITUTION: The method comprises several steps. An authentication server receives price data on purchased commodities from a terminal of a store(S10,S12). The authentication server generates an authentication code in response to a transmission of the price data, and sends the authentication code to the terminal of the store(S14). The authentication code is exposed to a user, and the authentication code and a user secret number are transmitted to the authentication server via the cellular phone of the user(S16,S18). The authentication server requests a bank server to make payment of the commodities if the generated authentication code is identical to one transmitted from the cellular phone of the user and the transmitted secret number is identical to the prestored one(S20,S22,S24).

Description

Payment system and method using authentication code {System and Method For Accounting By Certification Code}

The present invention relates to a payment system using a verification code and a method thereof, and more particularly, to receive a payment verification code from a mobile terminal of a user who wants to purchase a product, to authenticate a user, and to pay the financial server to an authenticated user. It relates to a payment system and a method for requesting approval.

In general, buyers of goods must have a credit or debit card in order to make payments using an online financial system rather than cash. On the back of the credit or debit card there is a magnetic line including card information.

Therefore, when the buyer presents the card as a payment method, the seller reads the card information included in the magnetic line using a card reader, and transmits the product price and the card information to the card company through a van network. Ask for approval.

These payment systems have recently introduced various payment models in combination with mobile phones.

Representative examples include using a mobile phone as a micro payment method of electronic commerce by attaching a verification code to a mobile phone, attaching a chip containing user credit information to the mobile phone, and making a payment request by bringing the mobile phone close to a specific reader.

This application allows buyers to use their cell phones as a payment method without having to carry their cards all the time.

However, all of the above methods have a disadvantage in that remote payment is impossible. In particular, attaching a chip with credit information to a mobile phone requires a separate reader for each merchant in order to read the chip contents, and there is a problem that a third party can make an unauthorized payment if the mobile phone is lost.

In addition, since a separate mobile phone with a chip containing credit information must be provided, there is a problem that it takes a considerable time and cost to build such an infrastructure.

The present invention has been made to solve the above-mentioned problems, and compared to the generated authentication code and the authentication code remotely transmitted through the user's mobile terminal, only secure users can make secure remote payments by making a payment request to the financial server. Its purpose is to provide a payment system and a method thereof.

Other objects and advantages of the invention will be described below and will be appreciated by the practice of the invention. In addition, the objects and advantages of the present invention can be realized by means and combinations indicated in the claims.

The present invention for achieving the above object is a method for paying a user's purchases on the basis of a computer-generated authentication code, the computer is a first step of receiving price information on the purchases from the store terminal, A second step of generating an authentication code in response to the transmission and transmitting the authentication code to the shop terminal; and after receiving the authentication code to the user, receiving the authentication code and the user password from the user portable terminal. If the verification code generated in step 3 and step 2 matches the verification code received in step 3, and the previously stored user password and the password received in the third step is connected to the previously stored user financial server and the A fourth step of requesting payment approval for the amount corresponding to the price information is performed.

In addition, the present invention for achieving the above object is a system for paying the user's purchases on the basis of the authentication code, a user information DB for storing the user's financial information and password, price information for the purchases from the store terminal Receiving means for receiving the transmission, Authentication code generation means for generating an authentication code in response to the transmission, Transmission means for transmitting the generated authentication code to the store terminal, After the authentication code is exposed to the user, the user portable ARS means for receiving the authentication code and the user password by automatically responding to the call setup of the terminal, confirming whether the authentication code generated by the authentication code generating means matches the authentication code sent by the ARS means, Whether the password stored in the user information DB and the user password sent by the ARS means match User authentication means for checking whether or not, and if it is authenticated, the payment means for requesting the payment approval for the amount corresponding to the price information by accessing the financial server based on the user financial information stored in the user information DB.

The present invention also provides a storage device, a database, and a processing device connected to the storage device and the database as a system for paying a user's purchased goods based on an authentication code, wherein the storage device is configured to process the processing. Stores a program for controlling the device, the database stores the financial information and password of the user, the processing device receives the price information for the purchased goods from the store terminal to generate an authentication code, the store terminal Transmitting the authentication code to the user, receiving the authentication code and the user password from the user's mobile terminal when the authentication code is exposed to the user, checking whether the transmitted authentication code matches the generated authentication code, and The transmitted password is stored in the database. If the stored password that matches the features that a program operated by a payment authorization request for the amount corresponding to the price information by connecting to the server based on the user's financial financial information.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. Prior to this, terms or words used in the specification and claims should not be construed as having a conventional or dictionary meaning, and the inventors should properly explain the concept of terms in order to best explain their own invention. Based on the principle that can be defined, it should be interpreted as meaning and concept corresponding to the technical idea of the present invention.

Therefore, the embodiments described in the specification and the drawings shown in the drawings are only the most preferred embodiment of the present invention and do not represent all of the technical idea of the present invention, various modifications that can be replaced at the time of the present application It should be understood that there may be equivalents and variations.

1 is an overall system configuration according to a preferred embodiment of the present invention. As shown in the drawing, the entire system includes an authentication server 100, a user portable terminal 200, a store terminal 300, and a financial server 400. In particular, the authentication server 100, the user portable terminal 200 and the store terminal 300 is preferably wireless communication via a base station (BS).

In order to use the payment system according to the present invention, a buyer of a product (hereinafter referred to as a user) must sign up for service use in the authentication server 100.

Along with membership registration, the user information DB 170 of the authentication server 100 registers and stores a password, a type of a credit card or a debit card, and a card number together with basic user information.

After signing up, when a user makes a payment request to a store for a product he / she wants to purchase, the seller transmits price information about the purchased product to the authentication server 100 using the store terminal 300.

The authentication server 100 generates a unique authentication code corresponding to the transmission and transmits it to the store terminal 300 again.

The store terminal 300 exposes the authentication code to the user, and the user transmits the authentication code and the password to the authentication server 100 using the user portable terminal 200.

The authentication server 100 compares the generated authentication code with the authentication code transmitted by the user portable terminal 100, and if it matches, the password stored in the user information DB 170 from the user portable terminal 200. It is determined whether the received password matches.

If there is a match, the user is determined to be a legitimate user and accesses the financial server 400 based on the financial information (card type and card number) registered in the user information DB 170 and requests a payment approval.

Therefore, if the user only knows the authentication code generated by the authentication server 100, payment can be made at a remote location. Such a payment system enables a seller and a user to make a payment without exposing the user's card number to the Internet in an electronic commerce system in which a remote location is located.

In addition, it is possible to extend the expiration time of the authentication code to be used for TV home shopping. That is, the authentication code for the product is displayed together with the product advertisement, and the product buyer can easily pay by transmitting the authentication code and the password using the user portable terminal 100.

In addition, as well as in the home shopping campaign using the authentication code according to the present invention in the fund-raising movement can be obtained an effective fundraising effect.

In addition, even without a credit card, it is possible to use a cash dispenser only by authenticating a user so that the cash service can be safely and conveniently received.

The present invention provides an effective and secure payment system and method as described above. Referring to FIG. 1, the authentication server 100 includes a server engine 110, an authentication code generation module 120, a user authentication module 130, a transmission / reception module 140, an ARS module 150, and a payment module 160. And user information DB 170.

The authentication server 100 is a high-capacity computer system including a central processing unit, RAM, ROM, terminal interface, data storage device, etc., which is a traditional personal computer or workstation having a considerable amount of memory and processing power. Can be used as a server computer.

In addition, the authentication server 100 can perform a large amount of work by executing a huge amount of mathematical calculations in information processing or database search. Pentium microprocessors, mainly from Intel, can be used as central processing units.

Server engine 110 provides a platform for server-side programs such as the above modules.

The authentication code generation module 120 is a program for generating a specific authentication code when the price information on the purchased product is transmitted from the store terminal 300. In consideration of the number of users, a predetermined number of digits may be required so as not to overlap.

In addition, by performing the user authentication only when the base station index (BS index) of the store terminal 300 and the user portable terminal 200 is the same, the number of authentication code digits can be reduced even if the number of users nationwide increases.

The generated authentication code is immediately destroyed when the authentication is completed, it is preferable that the same authentication code is not used in the same time.

In addition, the authentication code generation module 120 is built as a separate server may be operated by another operator. In this case, the generated authentication code is transmitted to the store terminal 130 and the authentication server 100 one by one.

Transmitting and receiving module 140 is a program that receives the price information on the goods purchased from the store terminal 300, and transmits the authentication code generated by the authentication code generation module 120 to the store terminal 300. .

In addition, the transmission and reception module 140 performs a function of transmitting and receiving data for payment by accessing the financial server 400 for the authenticated user.

The user authentication module 130 confirms whether the authentication code and the password transmitted from the user portable terminal 200 match the authentication code generated by the authentication code generation module 120 and the password registered in the user information DB 170. Is a program that authenticates users to political parties.

The ARS module 150 is a program that performs an automatic response function to efficiently receive the authentication code and password from the user portable terminal 200.

In a preferred embodiment of the present invention, when a user inputs a station number and an authentication code for an ARS auto-answer call using the user portable terminal 200, the authentication server 100 and the user portable terminal are automatically generated by the ARS module 150. 200 is set, and the user may be prompted to enter a password in accordance with a pre-recorded answering service.

The payment module 160 connects to the financial server 400 only for political parties authenticated by the user authentication module 130, and transmits the card number and the payment amount stored in the user information DB 170 to request payment approval. Program.

Although the above-described modules have been described as a program concept existing inside the authentication server 100 for convenience of description, it is a matter of course that the modules may be physically embedded in another server computer and executed.

The financial server 400 is a payment system of a bank or a card company based on a card type and card number registered by a user and approves a payment in response to a payment approval request of the payment module 160. The procedure after requesting payment approval is the same as the credit card procedure using a van network, so detailed description thereof will be omitted.

The user portable terminal 200 includes a cellular portable terminal, a PDA, and the like, which are commonly used, and any type of mobile terminal 200 can be transmitted and received by wirelessly establishing a call with the authentication server 100.

The store terminal 300 is a terminal capable of transmitting and receiving data wirelessly connected to the authentication server 100, and is preferably a terminal having an output unit for issuing a receipt for a product purchased by the user. Therefore, the store terminal 300 may use a dedicated terminal having a receipt output unit in a cellular terminal or a PDA having a paper printing function.

In addition, the shop terminal 300 is connected to the display unit for exposing the authentication code transmitted from the authentication server 100 is preferably output immediately after the authentication code is transmitted to the user.

The display unit may be a large display board or the like depending on the store.

Hereinafter, a payment method using an authentication code will be described in detail with reference to FIG. 2. In the description, the user and the product seller perform various operations on the authentication server 100 using the user mobile terminal 200 and the store terminal 300, respectively, but for convenience of explanation, the user and the seller directly authenticate the server 100. It is sometimes described as performing a specific action. However, even in this case, it should be understood that a specific operation is performed through the user portable terminal 200 and the store terminal 300 provided with the data communication means.

Referring to the drawing, a user who wishes to purchase a product requests a seller to purchase a product for a desired product (S10). If the product transaction is made through e-commerce, the product purchase request may be made by clicking a purchase button on a web page using a pointing means such as a mouse. If the transaction is offline, the intention of delivering the product to the seller is indicated at the checkout counter. This can be done by.

When the purchase intention is transmitted from the user to the seller, the seller transmits price information about the product to the authentication server 100 using the store terminal 300 (S12). The price information is made through the keypad input of the store terminal 300 and is transmitted to the authentication server 100 through the base station (BS).

The transmission and reception module 140 of the authentication server receives the price information, and the authentication code generation module 120 generates a unique authentication code. The generated authentication code has a predetermined expiration time. In other words, it is preferable to reuse the authentication code resources by automatically extinguishing them when there is no authentication within a predetermined time from the generation of the authentication code.

On the other hand, the generated authentication code is transmitted to the store terminal 300 (S14), the transmitted authentication code is displayed to the user. That is, in the case of electronic commerce, the authentication code may be displayed on the user's computer as a web page, and in the case of an off-line transaction, the authentication code may be exposed to the user through a display unit such as an electronic sign.

The user transmits the authentication code and his password to the authentication server 100 using the user portable terminal 200 (S18). At this time, the authentication server 100 is preferably able to quickly extract the authentication code and password using the ARS automatic response service as described above.

In addition, it is preferable that the user checks the amount to be paid and inputs a password through the ARS auto answering service.

The authentication server 100 performs user authentication based on the received authentication code and password. That is, whether the authentication code generated by the authentication code generation module 120 and the authentication code received from the user portable terminal 200 match or not, and the password registered in the user information DB 170 and the user portable terminal It is checked whether or not the password received from the 200 matches.

3 illustrates a data field structure of the user information DB 170. As shown, the user information DB 170 stores personal information including a user name, a password, a card type and a card number held by the user in advance through a user registration procedure from a user who wants to use the payment service according to the present invention. have.

Therefore, the user authentication can be performed by comparing the password transmitted from the user portable terminal 200 with the password stored in the user information DB 170.

When the user authentication is completed because the authentication code and the password match, the authentication server accesses the financial server 400 based on the card type and card number registered in the user information DB 170, and the card number and the purchase product. The price information is transmitted and a payment approval request is made (S20).

In response to the payment approval request, the financial server 400 performs a predetermined approval procedure and transmits the approval information to the store terminal 300 (S22).

After that, the user pays for the approved amount to the bank or card company after a predetermined time (for example, one month as in a normal credit card) (S24).

By using this payment method, users can make secure payments through their mobile terminals without carrying a credit card. If the store and the user are physically separated, only the verification code can be used to make payment without exposing the credit information. It is possible.

As mentioned above, although this invention was demonstrated by the limited embodiment and drawing, this invention is not limited by this, The person of ordinary skill in the art to which this invention belongs, Of course, various modifications and variations are possible within the scope of equivalent claims.

According to the present invention, the user can securely pay only by the mobile terminal without a credit card.

In addition, even if the mobile terminal is lost, the third party cannot know the password, thereby preventing the third party from being stolen.

In addition, even if the user wants to buy the product and physically separated from the store, if the user can only know the authentication code can be securely settled without exposing other credit information.

In addition, since most of the modern people have a mobile terminal, it is easy to establish a payment system without any additional equipment, and ultimately, a product buyer can induce credit purchase and contribute to a transparent economic society.

1 is an overall system configuration according to a preferred embodiment of the present invention,

2 is a view for explaining a process of making a payment according to a preferred embodiment of the present invention,

3 is an exemplary diagram of a data field of the user information DB of FIG. 1.

<Description of main reference numerals in the drawings>

100: authentication server 200: user mobile terminal

300: store terminal 400: financial terminal

110: server engine 120: authentication code generation module

130: user authentication module 140: transmission and reception module

150: ARS module 160: payment module

170: user information DB

Claims (6)

A payment method for a user's purchases based on a verification code issued by a computer. A first step of receiving price information on the purchased product from a store terminal; Generating a verification code in response to the transmission and transmitting the verification code to the shop terminal; A third step of receiving the authentication code and the user password from the user portable terminal after the authentication code is exposed to the user; And If the authentication code generated in the second step is identical to the authentication code transmitted in the third step, and the previously stored user password and the password received in the third step is connected to the previously stored user financial server to the price information Step 4 requesting payment authorization for the corresponding amount Payment method using a verification code comprising a. The method of claim 1, The store terminal is wirelessly connected to the computer through a base station, The computer is And performing a fourth step only when the base station index to which the store terminal belongs is the same as the base station index to which the user portable terminal belongs. The method of claim 1 The third step is Received by using ARS auto answering service Payment method using a verification code characterized in that. As a system for payment of a user's purchases based on a verification code A user information DB for storing the financial information and the password of the user; Receiving means for receiving price information on the purchased goods from a store terminal; Authentication code generation means for generating an authentication code in response to the transmission; Transmitting means for transmitting the generated authentication code to the shop terminal; ARS means for receiving the authentication code and the user password by automatically responding to the call setup of the user portable terminal after the authentication code is exposed to the user; Check whether the authentication code generated by the authentication code generating means matches the authentication code sent by the ARS means, and whether the password stored in the user information DB and the user password transmitted by the ARS means match. User authentication means for confirming; And In case of being authenticated, a payment means for requesting payment approval requesting the amount corresponding to the price information by accessing a financial server based on user financial information stored in the user information DB. Payment system using a verification code comprising a. The method of claim 4, wherein The store terminal is wirelessly connected to the computer through a base station, The user authentication means And a user authentication is performed only when the base station index to which the store terminal belongs is the same as the base station index to which the user portable terminal belongs. As a system for payment of a user's purchases based on a verification code, Memory; Database; And A processing device connected to said storage and said database, The storage device stores a program for controlling the processing device, The database stores the financial information and password of the user, The processing device Receives the price information on the purchased product from the store terminal to generate an authentication code, and transmits the authentication code to the store terminal, if the authentication code is exposed to the user the authentication code and the user password from the user portable Receives the transmission, and confirms whether the transmitted authentication code matches the generated authentication code, and if the transmitted password matches the password stored in the database by connecting to the financial server based on the user financial information Payment system using the authentication code, characterized in that the operation by the program requesting the payment approval requesting the amount corresponding to the price information.