[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2016140476A1 - Device for decoding encoded data and method therefor - Google Patents

Device for decoding encoded data and method therefor Download PDF

Info

Publication number
WO2016140476A1
WO2016140476A1 PCT/KR2016/001992 KR2016001992W WO2016140476A1 WO 2016140476 A1 WO2016140476 A1 WO 2016140476A1 KR 2016001992 W KR2016001992 W KR 2016001992W WO 2016140476 A1 WO2016140476 A1 WO 2016140476A1
Authority
WO
WIPO (PCT)
Prior art keywords
decryption
encrypted data
payment
decoding
data
Prior art date
Application number
PCT/KR2016/001992
Other languages
French (fr)
Korean (ko)
Inventor
김봉세
Original Assignee
김봉세
주식회사 페이서브
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 김봉세, 주식회사 페이서브 filed Critical 김봉세
Publication of WO2016140476A1 publication Critical patent/WO2016140476A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to an apparatus and method for decrypting encrypted data, and more particularly, to an apparatus and method capable of conveniently and efficiently decrypting encrypted data.
  • a payment is performed using a card payment terminal for card payment, and the payment terminal includes a decryption means such as a secure application module (SAM) to decrypt the encrypted data read from the card.
  • SAM secure application module
  • SAM has one to three SAM slots for accommodating a card having a program capable of decrypting therein, so that the card information having different decryption methods is different.
  • the payment terminal includes a decryption means therein, it is difficult to miniaturize and it is difficult to add a new payment method because it can drive a program for decryption limited to the provided SAM slot.
  • the present invention relates to an apparatus and a method for efficiently decrypting encrypted data.
  • the present invention also relates to an apparatus and a method for conveniently extending the means for decrypting encrypted data.
  • the present invention also relates to an apparatus and method for performing electronic payment by decrypting encrypted data.
  • the decryption apparatus includes a receiver for receiving at least one encrypted data having a different decryption method, a transmitter for transmitting decrypted data for the encrypted data, a plurality of decryptors for decrypting the encrypted data, and the encrypted data. And a controller configured to perform a decryption in a decryption unit capable of verifying and decrypting the encrypted data, wherein each of the plurality of decryption units is previously determined to correspond to each payment agency server that receives decryption data.
  • the decoded data transmitted to the payment agency server based on the information about the payment agency received from the terminal for transmitting the encrypted data to be decrypted in the decryption unit corresponding to the payment agency server, the control unit The plurality of decoders When a plurality of decryption units having the same encryption method are included and the receiver receives a plurality of encrypted data that is decrypted in the same manner, any one of traffic and payment agent fees of each decryption unit capable of decrypting the received encrypted data And a decryption unit for decrypting the received encrypted data based on the determination.
  • the controller may add a new decryption unit capable of decrypting the non-decryptable encrypted data when there is encrypted data that cannot be decrypted in the initially set decryption unit.
  • a plurality of decryption units that perform decryption in the server can be configured or extended, so that decryption can be efficiently and conveniently performed.
  • the server can drive the decryption unit in consideration of the traffic, the decryption can be quickly expanded.
  • FIG. 1 is a view showing the configuration of an electronic payment system according to an embodiment of the present invention.
  • FIG. 2 is a view showing the configuration of a terminal of the electronic payment system according to an embodiment of the present invention.
  • FIG 3 is a view showing the configuration of a server of the electronic payment system according to an embodiment of the present invention.
  • FIG. 4 is a diagram illustrating a configuration of a decryption unit of a server according to an embodiment of the present invention.
  • FIG. 5 is a flow chart for explaining the operation of the electronic payment system according to an embodiment of the present invention.
  • FIG. 6 is a flowchart illustrating a decryption operation of a server according to an embodiment of the present invention.
  • FIG. 1 is a view showing the configuration of an electronic payment system according to an embodiment of the present invention.
  • the electronic payment system of the present invention includes first to third terminals 100, 110, and 120, a server 130, and a payment institution server 140.
  • the first to third terminals 100, 110, and 120 transmit the encrypted data stored in the payment means to the server 130.
  • the first to third terminals 100, 110, and 120 read the card information from the card storing the encrypted card information and transmit the same to the server 130. do.
  • the first to third terminals 100, 110, and 120 may receive encrypted data for performing payment from an external terminal (not shown), and may transmit the received data to the server 130.
  • the encrypted data transmitted from the first to the third terminal (100, 110, 120) to the server 130 may have a different encryption or decryption scheme, for example, the first terminal 100 is a credit card, the second terminal 120 The traffic card, the third terminal 130 may lead to the card information encrypted in the cash card.
  • the first to third terminals 100, 110, and 120 may be configured as merchant terminals, smart phones, smart pads, or the like.
  • the server 130 decrypts the encrypted data received from the first to third terminals 100, 110, and 120 and transmits the decrypted data to the payment institution server 140.
  • the encrypted card information is decrypted and transmitted to the payment institution server 140.
  • the server 130 may process various decryption methods. For example, the server 130 may process various encrypted data even if the decryption methods of the encrypted data received from the first to third terminals 100, 110, and 120 are different.
  • the payment institution server 140 determines whether the payment is approved using the decrypted data received from the server 130, and transmits a message about whether the payment is approved to the server 130.
  • the server 130 transmits the decryption data and payment data such as payment amount, installment, signature information, etc. to the payment agency server (not shown), the payment agency server (not shown) is received from the server 130
  • the decrypted data may be transmitted to the payment institution server 140.
  • the payment agency server may receive a message on whether the payment approval from the payment institution server 140 and transmits to the server 130.
  • FIG. 2 is a view showing the configuration of the first terminal 100 of the electronic payment system according to an embodiment of the present invention.
  • the first terminal 100 is described, and the second and third terminals 110 and 120 may also include a configuration that is the same as or similar to that of the first terminal 100.
  • the first terminal 1 of the present invention includes an input unit 200, an output unit 210, a reader unit 220, a display unit 240, a transmitter 250, a receiver 260, and a controller. 230.
  • the input unit 200 receives data from a user, and the display unit 240 displays data, and the input unit 200 and the display unit 240 may be configured as a touch panel or a touch screen.
  • the output unit 210 outputs data and may be configured as a printer.
  • the receiver 260 receives data, and the transmitter 250 transmits data.
  • the transmitter 250 transmits encrypted data to the server 130, and the receiver 260 approves payment from the server 130. You can receive a message about whether or not.
  • the receiver 260 may receive encrypted data for performing payment from an external terminal (not shown), and the transmitter 250 may transmit the received encrypted data to the server 130.
  • the receiver 260 and the transmitter 250 are not only wired communication but also Bluetooth, Wi-Fi, WiBRO, Third Generation WCDMA, Long Term Evolution (LTE), and 4G ( Four Generation) It can communicate by various wireless communication methods such as communication method.
  • the reader 220 reads encrypted data for performing a payment from a payment means.
  • the reader 220 reads card information from a card that stores encrypted card information.
  • the controller 230 controls the first terminal 100 as a whole such that when the reader 220 reads the encrypted data, the encrypted data is transmitted to the server 130.
  • FIG. 3 is a diagram showing the configuration of the server 130 of the electronic payment system according to an embodiment of the present invention.
  • the server 130 of the present invention includes a receiver 300, a transmitter 310, a decoder 330, and a controller 320.
  • the receiver 300 receives data, and the transmitter 310 transmits data.
  • the receiver 300 receives encrypted data from the first to third terminals 100, 110, and 120, and the transmitter 310 encrypts the data.
  • the decoded data is transmitted to the payment institution server 140.
  • the receiver 300 and the transmitter 310 are not only wired communication but also Wi-Fi, WiBRO, 3G (Third Generation), WCDMA, Long Term Evolution (LTE) and 4G (Four Generation) communication.
  • the communication can be performed in various wireless communication methods such as.
  • the decryption unit 330 decrypts the encrypted data.
  • the decryption unit 330 may be configured as a SAM.
  • the decoder 330 may provide various decoding methods and may add a new decoding method.
  • the decoder 330 may be configured in hardware or programmed in software.
  • the controller 320 controls the server 130 of the present invention as a whole to decrypt the received encrypted data and transmit the decrypted data to the payment institution server 140.
  • the controller 320 examines the encrypted data and controls the decryption unit to decrypt the encrypted data, and each of the decryption units is each payment agency server to which the decrypted data is transmitted. It may be predetermined to correspond to. Therefore, the control unit 320 looks at the information on the payment agency received from the terminal that transmitted the encrypted data and controls the decryption unit to decode the encrypted data predetermined to correspond to the corresponding payment agency server.
  • control unit 320 includes a plurality of decryption units having the same decryption method, and when receiving a plurality of encrypted data that decrypts in the same manner, traffic and payment agent fees of each decryption unit capable of decrypting the received encrypted data.
  • the decryption unit which decrypts the received encrypted data based on any one of them is determined.
  • the traffic of each decoder may be monitored so that the traffic of any decoder is not increased, and the decryption may be performed in the decryption unit corresponding to the payment agency server that adds less payment agency fee in consideration of the payment agency fee. To control.
  • FIG. 4 is a diagram illustrating a configuration of the decryption unit 330 of the server 130 according to an embodiment of the present invention.
  • the decoder 330 of the server 130 of the present invention includes a sub decoder, and includes, for example, the first to fourth decoders 400, 410, 420, and 430.
  • the first to fourth decoders 400, 410, 420, and 430 may decode in the same manner or may decode in different ways. That is, the decoder 330 may include at least one sub decoder that performs decoding in the same manner, or may include at least one sub decoder that performs decoding in different ways.
  • the decryption method of the encrypted data is different, the first and second decryption units 400 and 410 read from the first card.
  • the decrypted encrypted data may be decrypted, and the third decryption unit 420 may decrypt the encrypted data read from the second card, and the fourth decryption unit 430 may decrypt the encrypted data read from the third card.
  • the sub-decoding unit 400, 410, 420, 430 decoding the data transmitted to the payment agent sub (not shown) and the payment agent sub (not shown) may be determined in advance.
  • the first decoder 400 may correspond to the first payment agent server (not shown)
  • the second decoder 410 may be predetermined to correspond to the second payment agent server (not shown).
  • the controller 320 transmits the data decoded by the first decoder 400 to the first payment agent server (not shown), and the data decoded by the second decoder 410 is the second payment agent server ( (Not shown).
  • the first and second payment agent servers (not shown) transmit the decrypted data to the payment institution server 140.
  • the terminals 100, 110, 120 and the sub decoders 400, 410, 420, 430 may also be predetermined.
  • the encrypted data transmitted from the first terminal 100 is decrypted by the first decryption unit 400
  • the encrypted data transmitted from the second terminal 110 is decrypted by the second decryption unit 410. May be performed.
  • the first and second terminals 100 and 110 transmit encrypted data
  • the first and second terminals 100 and 110 transmit information about the first and second payment agency (not shown), thereby encrypting the control unit 320 transmitted from the first terminal 100.
  • the data may be decrypted by the first decryption unit 400, and the encrypted data transmitted from the second terminal 110 may be decrypted by the second decryption unit 410.
  • the encrypted data transmitted from the first and second terminals 100 and 110 to the server 140 may have the same encryption or decryption method.
  • the control unit 320 is a sub decryption unit 400, 410, 420, 430 that can verify and decrypt the encrypted data in consideration of the traffic or payment agency fees in each sub decryption unit ) Can be decoded.
  • control unit 320 looks at the traffic of each decryption unit that can decrypt the received encrypted data and ensures that the traffic of each decryption unit is properly maintained. Can be controlled so as not to increase.
  • the controller 320 when a plurality of encrypted data to be decrypted in the same manner is received and there is only one sub-decryptor 400, 410, 420, and 430 capable of decrypting the received encrypted data, the controller 320 causes decryption of the encrypted data sequentially. .
  • the controller 320 may perform decryption simultaneously in each sub decryption unit or decryption in any one sub decryption unit. In this case, the control unit 320 may control the decoding operation in consideration of traffic or a payment agent fee in each sub decoding unit.
  • the control unit 320 may perform a first decryption. And decoding in the second decoding unit 400, 410 simultaneously, or in a sub-decoding unit having low traffic or low payment agency fee in consideration of traffic or payment agency fees of the first and second decoding units 400, 410.
  • a specific decoder can be specified to be performed.
  • a new fifth decryption unit 440 may be added to decrypt encrypted data that cannot be decrypted by the sub decryption units 400, 410, 420, and 430 initially set by the decryption unit 330. If the fifth decoder 440 is added, the controller 320 controls the first to fifth decoders 400, 410, 420, 430, and 440.
  • the fifth decoder 440 is added to include a peripheral component interconnect (PCI), a serial advanced technology attachment (SATA), and a universal USB (USB). serial bus)
  • PCI peripheral component interconnect
  • SATA serial advanced technology attachment
  • USB universal USB
  • the server 130 may be added in an extension method using resources, or may be added if necessary by having a separate expansion port (not shown) in the decoder 330.
  • the fifth decryption unit 440 when the fifth decryption unit 440 is added, the fifth decryption unit 440 by changing a specific PIN of the expansion port (not shown) to high (HI) or low (low) ) May be added or may be added, or the fifth decoder 440 may be added by forcibly turning on / off a DIP switch.
  • the fifth decoder 440 When available resources of the server 130 are limited or when it is difficult to add the fifth decoder 440 using an expansion port (not shown), the fifth decoder through communication methods such as Ethernet, 3G, LTE, WiBro, etc. 440 may be added.
  • the decryption unit 330 and the additional fifth decryption unit 440 may each include a physical security key that cannot be duplicated, and the decryption unit 330 and the fifth decryption unit 440 using the physical security key. Can recognize each other.
  • the physical security key may be a smart card technology used for IC credit cards, traffic cards, SIM cards, and the like.
  • the first to fifth decoders 400, 410, 420, 430, and 440 may include protocol information, and may output decoded data and protocol information after performing a decoding operation.
  • the control unit 330 performs the payment procedure according to the access information and the protocol standard of the payment institution server 140 with reference to the protocol information.
  • FIG. 5 is a flowchart illustrating the operation of the electronic payment system according to an embodiment of the present invention.
  • the first terminal 100 is described, but the second and third terminals 110 and 120 may be similarly or similarly applied.
  • the first terminal 100 transmits a reset signal to the server 130 (510).
  • the server 130 resets the decoder 330 in response to the reset signal in step 520 and transmits a reset response signal to the first terminal 100 in step 530.
  • the first terminal 100 transmits the encrypted data to the server 130 (540), and the server 130 decrypts the encrypted data (550).
  • the first terminal 100 transmits payment data such as payment amount, installment, signature information, etc. to the server 130 (560), the server 130 transmits the decrypted data and payment data to the payment institution server 140
  • the request for payment approval is sent to 570. If payment approval is determined, the payment institution server 140 transmits a response to the payment approval request to the server 130 (580), and the server 130 sends a response to the payment approval request to the first terminal 100. Transmit 590.
  • FIG. 6 is a flowchart illustrating a decryption operation of the server 130 according to an embodiment of the present invention.
  • the controller 320 determines whether the decryption method of the encrypted data is the same. If the decoding methods are the same (YES in 610), the control unit 320 determines whether there are a plurality of sub-decoding units 400, 410, 420, and 430 decoding in the same manner to the decoding unit 330. In step 640, the decoding is performed (640), and in the case of one (No of 620), the decoding is sequentially performed (650).
  • the controller 320 may control the decoding in each sub decoding unit in consideration of the traffic or the payment agent fee of each sub decoding unit. For example, when there is a plurality of sub-decryptors that decrypt in the same manner, when the traffic of any one of the sub-decryptors is high, the encrypted data decoded by the high-decryption sub-decryption unit is reduced and processed by another sub-decryptor with low traffic. To increase the encrypted data.
  • the controller 320 checks information on the payment agency (not shown) transmitted from the terminals 100, 110, and 120 and the payment agency (not shown).
  • the decoding may be performed by the predetermined sub decoding decoders 400, 410, 420, and 430 to correspond.
  • control unit 320 can look at the payment agency fees of each payment agency and may be decrypted in the decryption unit corresponding to the payment agency server with less payment agency fees.
  • the controller 320 causes decryption to be performed in a sub decryption unit capable of decrypting the encrypted data (630).
  • the decrypted data is transmitted to the payment institution server 140 (660).
  • the present invention can be used in an apparatus and method that can efficiently and conveniently extend the means for decrypting encrypted data.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A decoding device according to the present invention comprises: a receiving unit for receiving at least one piece of encoded data having different decoding methods; a transmission unit for transmitting decoding data on the encoded data; a plurality of decoding units for decoding the encoded data; and a control unit for confirming the encoded data such that decoding is carried out in the decoding units capable of decoding the encoded data, wherein each of the plurality of decoding units is determined in advance so as to correspond to each payment agency server for receiving the decoding data, the control unit enables the decoding data transmitted to the payment agency servers to be decoded in the decoding units corresponding to the payment agency servers on the basis of information related to the payment agency and received from a terminal transmitting the encoded data, and the control unit includes a plurality of decoding units having the same decoding method.

Description

암호화 데이터를 복호화하기 위한 장치 및 그 방법Apparatus and method for decrypting encrypted data
본 발명은 암호화 데이터를 복호화하기 위한 장치 및 그 방법에 관한 것으로, 암호화된 데이터의 복호화를 편리하고 효율적으로 수행할 수 있는 장치 및 그 방법에 관한 것이다.The present invention relates to an apparatus and method for decrypting encrypted data, and more particularly, to an apparatus and method capable of conveniently and efficiently decrypting encrypted data.
일반적으로 카드 결제를 위해서는 카드 결제단말기를 이용하여 결제를 수행하는데, 결제단말기는 카드로부터 리드(Read)한 암호화 데이터를 복호화 하기 위해 SAM(Secure Application Module)과 같은 복호화 수단을 포함하고 있다. 또한, 카드마다 암호화 데이터를 복호화하는 방식이 다를 수 있기 때문에 SAM에는 복호화를 수행할 수 있는 프로그램이 내장된 카드를 수용할 수 있는 SAM 슬롯을 1개 내지 3개 정도 구비하여 복호화 방식이 다른 카드 정보를 복호화 한다. 이와 같은 결제단말기는 복호화 수단을 내부에 포함하고 있으므로 소형화가 어렵고 구비된 SAM 슬롯에 한정하여 복호화를 위한 프로그램을 구동시킬 수 있기 때문에 새로운 결제방식을 추가하는 것이 어렵다는 문제가 있다.Generally, a payment is performed using a card payment terminal for card payment, and the payment terminal includes a decryption means such as a secure application module (SAM) to decrypt the encrypted data read from the card. In addition, since different methods of decrypting encrypted data may be different for each card, SAM has one to three SAM slots for accommodating a card having a program capable of decrypting therein, so that the card information having different decryption methods is different. Decrypt Since the payment terminal includes a decryption means therein, it is difficult to miniaturize and it is difficult to add a new payment method because it can drive a program for decryption limited to the provided SAM slot.
본 발명은 암호화 데이터의 복호화를 효율적으로 수행할 수 있는 장치 및 그 방법에 관한 것이다.The present invention relates to an apparatus and a method for efficiently decrypting encrypted data.
또한, 본 발명은 암호화 데이터의 복호화를 위한 수단을 편리하게 확장할 수 있는 장치 및 그 방법에 관한 것이다. 또한, 본 발명은 암호화 데이터를 복호화하여 전자결제를 수행할 수 있는 장치 및 그 방법에 관한 것이다.The present invention also relates to an apparatus and a method for conveniently extending the means for decrypting encrypted data. The present invention also relates to an apparatus and method for performing electronic payment by decrypting encrypted data.
본 발명에 따른 복호화 장치는 복호화 방식이 서로 다른 적어도 하나의 암호화 데이터를 수신하는 수신부와, 상기 암호화 데이터에 대한 복호화 데이터를 송신하는 송신부와 상기 암호화 데이터를 복호화하는 복수의 복호화부와 상기 암호화 데이터를 확인하여 상기 암호화 데이터를 복호화할 수 있는 복호화부에서 복호화를 수행하도록 하는 제어부를 포함하며, 상기 복수의 복호화부 각각은 복호화 데이터를 수신하는 각각의 결제대행기관서버와 대응되도록 미리 결정되며, 상기 제어부는 상기 암호화 데이터를 전송하는 단말로부터 수신한 상기 결제대행기관에 관한 정보에 기초하여 상기 결제대행기관서버에 전송되는 복호화 데이터가 상기 결제대행기관서버와 대응되는 복호화부에서 복호화되도록 하고, 상기 제어부는 상기 복수의 복호화부가 복호화 방식이 동일한 복수의 복호화부를 포함하며, 상기 수신부에서 동일한 방식으로 복호화를 수행하는 복수의 암호화 데이터를 수신하는 경우, 수신된 암호화 데이터를 복호화 할 수 있는 각 복호화부의 트래픽 및 결제대행수수료 중 어느 하나를 기초로 상기 수신된 암호화 데이터를 복호화하는 복호화부를 결정하는 것을 특징으로 한다.The decryption apparatus according to the present invention includes a receiver for receiving at least one encrypted data having a different decryption method, a transmitter for transmitting decrypted data for the encrypted data, a plurality of decryptors for decrypting the encrypted data, and the encrypted data. And a controller configured to perform a decryption in a decryption unit capable of verifying and decrypting the encrypted data, wherein each of the plurality of decryption units is previously determined to correspond to each payment agency server that receives decryption data. The decoded data transmitted to the payment agency server based on the information about the payment agency received from the terminal for transmitting the encrypted data to be decrypted in the decryption unit corresponding to the payment agency server, the control unit The plurality of decoders When a plurality of decryption units having the same encryption method are included and the receiver receives a plurality of encrypted data that is decrypted in the same manner, any one of traffic and payment agent fees of each decryption unit capable of decrypting the received encrypted data And a decryption unit for decrypting the received encrypted data based on the determination.
또한, 상기 제어부는 초기에 셋팅된 상기 복호화부에서 복호화할 수 없는 암호화 데이터가 있는 경우, 상기 복호화할 수 없는 암호화 데이터를 복호화할 수 있는 새로운 복호화부를 추가하는 것을 특징으로 한다.The controller may add a new decryption unit capable of decrypting the non-decryptable encrypted data when there is encrypted data that cannot be decrypted in the initially set decryption unit.
단말에 복호화부를 내장하는 대신 서버에서 복호화를 수행하는 복호화부를 복수로 구성하거나 확장할 수 있어 효율적이고 편리하게 복호화를 수행할 수 있다. 또한, 서버에서 트래픽을 고려하여 복호화부를 구동할 수 있으므로 신속하게 복호화를 확장할 수 있다.Instead of embedding the decryption unit in the terminal, a plurality of decryption units that perform decryption in the server can be configured or extended, so that decryption can be efficiently and conveniently performed. In addition, since the server can drive the decryption unit in consideration of the traffic, the decryption can be quickly expanded.
도 1은 본 발명의 일 실시예에 의한 전자결제시스템의 구성을 나타내는 도면.1 is a view showing the configuration of an electronic payment system according to an embodiment of the present invention.
도 2는 본 발명의 일 실시예에 의한 전자결제시스템의 단말의 구성을 나타내는 도면.2 is a view showing the configuration of a terminal of the electronic payment system according to an embodiment of the present invention.
도 3은 본 발명의 일 실시예에 의한 전자결제시스템의 서버의 구성을 나타내는 도면.3 is a view showing the configuration of a server of the electronic payment system according to an embodiment of the present invention.
도 4는 본 발명의 일 실시예에 의한 서버의 복호화부의 구성을 나타내는 도면.4 is a diagram illustrating a configuration of a decryption unit of a server according to an embodiment of the present invention.
도 5는 본 발명의 일 실시예에 의한 전자결제시스템의 동작을 설명하기 위한 흐름도.5 is a flow chart for explaining the operation of the electronic payment system according to an embodiment of the present invention.
도 6은 본 발명의 일 실시예에 의한 서버의 복호화 동작을 나타내는 순서도.6 is a flowchart illustrating a decryption operation of a server according to an embodiment of the present invention.
이하, 본 발명의 실시예를 도면과 함께 상세히 설명한다. 본 발명을 설명함에 있어서 관련된 공지 기능 혹은 구성에 대한 구체적인 설명이 본 발명의 요지를 불필요하게 흐릴 수 있다고 판단된 경우 그 상세한 설명은 생략한다.Hereinafter, embodiments of the present invention will be described in detail with the drawings. In the following description of the present invention, when it is determined that detailed descriptions of related known functions or configurations may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted.
도 1은 본 발명의 일 실시예에 의한 전자결제시스템의 구성을 나타내는 도면이다.1 is a view showing the configuration of an electronic payment system according to an embodiment of the present invention.
도 1을 참조하면, 본 발명의 전자결제시스템은 제1 내지 제3 단말(100,110,120), 서버(130) 및 결제기관서버(140)를 포함한다. 제1 내지 제3 단말(100,110,120)은 결제수단에 저장되어 있는 암호화 데이터를 서버(130)에 전송하는데, 일 예로 암호화된 카드정보를 저장하고 있는 카드로부터 카드정보를 리드하여 서버(130)에 전송한다. 또한, 제1 내지 제3 단말(100,110,120)은 결제를 수행하기 위한 암호화 데이터를 외부 단말(미도시)로부터 수신할 수 있으며, 수신된 데이터를 서버(130)에 전송할 수 있다. 또한, 제1 내지 제3 단말(100,110,120)에서 서버(130)에 전송되는 암호화 데이터는 암호화 또는 복호화 방식이 다를 수 있는데, 일 예로, 제1 단말(100)은 신용카드, 제2 단말(120)은 교통카드, 제3 단말(130)은 현금카드 등에서 암호화된 카드정보를 리드할 수 있다. 제1 내지 제3 단말(100,110,120)은 가맹점 단말, 스마트 폰, 스마트 패드 등으로 구성할 수 있다.Referring to FIG. 1, the electronic payment system of the present invention includes first to third terminals 100, 110, and 120, a server 130, and a payment institution server 140. The first to third terminals 100, 110, and 120 transmit the encrypted data stored in the payment means to the server 130. For example, the first to third terminals 100, 110, and 120 read the card information from the card storing the encrypted card information and transmit the same to the server 130. do. In addition, the first to third terminals 100, 110, and 120 may receive encrypted data for performing payment from an external terminal (not shown), and may transmit the received data to the server 130. In addition, the encrypted data transmitted from the first to the third terminal (100, 110, 120) to the server 130 may have a different encryption or decryption scheme, for example, the first terminal 100 is a credit card, the second terminal 120 The traffic card, the third terminal 130 may lead to the card information encrypted in the cash card. The first to third terminals 100, 110, and 120 may be configured as merchant terminals, smart phones, smart pads, or the like.
서버(130)는 제1 내지 제3 단말(100,110,120)로부터 수신된 암호화 데이터를 복호화하여 결제기관서버(140)에 복호화된 데이터를 전송한다. 일 예로 암호화된 카드정보를 복호화하여 결제기관서버(140)에 전송한다. 서버(130)는 다양한 복호화 방식을 처리할 수 있는데, 일 예로 제1 내지 제3 단말(100,110,120)로부터 수신된 암호화 데이터의 복호화 방식이 달라도 다양한 암호화 데이터를 처리할 수 있다.The server 130 decrypts the encrypted data received from the first to third terminals 100, 110, and 120 and transmits the decrypted data to the payment institution server 140. As an example, the encrypted card information is decrypted and transmitted to the payment institution server 140. The server 130 may process various decryption methods. For example, the server 130 may process various encrypted data even if the decryption methods of the encrypted data received from the first to third terminals 100, 110, and 120 are different.
결제기관서버(140)는 서버(130)로부터 수신한 복호화 데이터를 이용하여 결제승인 여부를 결정하며, 결제승인 여부에 대한 메시지를 서버(130)에 전송한다. 한편, 서버(130)는 복호화 데이터와 결제금액, 할부여부, 서명정보 등과 같은 결제 데이터를 결제대행기관서버(미도시)에 전송하고, 결제대행기관서버(미도시)는 서버(130)로부터 수신한 복호화 데이터 등을 결제기관서버(140)에 전송할 수 있다. 또한, 결제대행기관서버(미도시)는 결제기관서버(140)로부터 결제승인 여부에 대한 메시지를 수신하여 서버(130)에 전송할 수 있다.The payment institution server 140 determines whether the payment is approved using the decrypted data received from the server 130, and transmits a message about whether the payment is approved to the server 130. On the other hand, the server 130 transmits the decryption data and payment data such as payment amount, installment, signature information, etc. to the payment agency server (not shown), the payment agency server (not shown) is received from the server 130 The decrypted data may be transmitted to the payment institution server 140. In addition, the payment agency server (not shown) may receive a message on whether the payment approval from the payment institution server 140 and transmits to the server 130.
도 2는 본 발명의 일 실시예에 의한 전자결제시스템의 제1 단말(100)의 구성을 나타내는 도면이다.2 is a view showing the configuration of the first terminal 100 of the electronic payment system according to an embodiment of the present invention.
도 2에서는 제1 단말(100)에 대해서 설명하며, 제2 및 제3 단말(110,120)도 제1 단말(100)과 동일 또는 유사한 구성을 포함할 수 있다. 도 2를 참조하면, 본 발명의 제1 단말(1)은 입력부(200), 출력부(210), 리더부(220), 디스플레이부(240), 송신부(250), 수신부(260) 및 제어부(230)를 포함한다.In FIG. 2, the first terminal 100 is described, and the second and third terminals 110 and 120 may also include a configuration that is the same as or similar to that of the first terminal 100. 2, the first terminal 1 of the present invention includes an input unit 200, an output unit 210, a reader unit 220, a display unit 240, a transmitter 250, a receiver 260, and a controller. 230.
입력부(200)는 사용자로부터 데이터를 입력받으며, 디스플레이부(240)는 데이터를 디스플레이하는데 입력부(200)와 디스플레이부(240)는 터치패널 또는 터치스크린으로 구성할 수 있다.The input unit 200 receives data from a user, and the display unit 240 displays data, and the input unit 200 and the display unit 240 may be configured as a touch panel or a touch screen.
출력부(210)는 데이터를 출력하며 프린터로 구성할 수 있다.The output unit 210 outputs data and may be configured as a printer.
수신부(260)는 데이터를 수신하고, 송신부(250)는 데이터를 송신하는데, 일 예로 송신부(250)는 암호화 데이터를 서버(130)에 전송하며, 수신부(260)는 서버(130)로부터 결제승인 여부에 관한 메시지를 수신할 수 있다. 또한, 수신부(260)는 외부 단말(미도시)로부터 결제를 수행하기 위한 암호화 데이터를 수신할 수 있으며, 송신부(250)는 수신된 암호화 데이터를 서버(130)에 전송할 수 있다.The receiver 260 receives data, and the transmitter 250 transmits data. For example, the transmitter 250 transmits encrypted data to the server 130, and the receiver 260 approves payment from the server 130. You can receive a message about whether or not. In addition, the receiver 260 may receive encrypted data for performing payment from an external terminal (not shown), and the transmitter 250 may transmit the received encrypted data to the server 130.
수신부(260)와 송신부(250)는 유선 통신방식 뿐만아니라 불루투스(Bluetooth), 와이 파이(Wi-Fi), 와이브로(WIBRO), 3G(Third Generation) WCDMA 방식, LTE(Long Term Evolution) 및 4G(Four Generation) 통신방식 등의 다양한 무선 통신방식으로 통신할 수 있다.The receiver 260 and the transmitter 250 are not only wired communication but also Bluetooth, Wi-Fi, WiBRO, Third Generation WCDMA, Long Term Evolution (LTE), and 4G ( Four Generation) It can communicate by various wireless communication methods such as communication method.
리더부(220)는 결제 수단으로부터 결제를 수행하기 위한 암호화 데이터를 리드하는데, 일 예로 암호화된 카드정보를 저장하고 있는 카드로부터 카드정보를 리드한다.The reader 220 reads encrypted data for performing a payment from a payment means. For example, the reader 220 reads card information from a card that stores encrypted card information.
제어부(230)는 리더부(220)에서 암호화 데이터를 리드하면 암호화 데이터를 서버(130)로 전송하도록 하는 등 제1 단말(100)를 전체적으로 제어한다.The controller 230 controls the first terminal 100 as a whole such that when the reader 220 reads the encrypted data, the encrypted data is transmitted to the server 130.
도 3은 본 발명의 일 실시예에 의한 전자결제시스템의 서버(130)의 구성을 나타내는 도면이다.3 is a diagram showing the configuration of the server 130 of the electronic payment system according to an embodiment of the present invention.
도 3을 참조하면, 본 발명의 서버(130)는 수신부(300), 송신부(310), 복호화부(330) 및 제어부(320)를 포함한다.Referring to FIG. 3, the server 130 of the present invention includes a receiver 300, a transmitter 310, a decoder 330, and a controller 320.
수신부(300)는 데이터를 수신하고, 송신부(310)는 데이터를 송신하는데, 일 예로 수신부(300)는 제1 내지 제3 단말(100,110,120)로부터 암호화 데이터를 수신하며, 송신부(310)는 암호화 데이터를 복호화한 데이터를 결제기관서버(140)에 전송한다. 수신부(300)와 송신부(310)는 유선 통신방식 뿐만아니라 와이 파이(Wi-Fi), 와이브로(WIBRO), 3G(Third Generation), WCDMA 방식, LTE(Long Term Evolution) 및 4G(Four Generation) 통신방식 등의 다양한 무선 통신방식으로 통신할 수 있다.The receiver 300 receives data, and the transmitter 310 transmits data. For example, the receiver 300 receives encrypted data from the first to third terminals 100, 110, and 120, and the transmitter 310 encrypts the data. The decoded data is transmitted to the payment institution server 140. The receiver 300 and the transmitter 310 are not only wired communication but also Wi-Fi, WiBRO, 3G (Third Generation), WCDMA, Long Term Evolution (LTE) and 4G (Four Generation) communication. The communication can be performed in various wireless communication methods such as.
복호화부(330)는 암호화된 데이터를 복호화 하는데, 일 예로 SAM으로 구성될 수 있다. 복호화부(330)는 다양한 복호화 방식을 제공할 수 있으며, 새로운 복호화 방식을 추가할 수 있다. 또한, 복호화부(330)는 하드웨어적으로 구성되거나 소프트웨어로 프로그램화되어 구성될 수 있다.The decryption unit 330 decrypts the encrypted data. For example, the decryption unit 330 may be configured as a SAM. The decoder 330 may provide various decoding methods and may add a new decoding method. In addition, the decoder 330 may be configured in hardware or programmed in software.
제어부(320)는 수신된 암호화 데이터를 복호화하여 결제기관서버(140)에 전송하도록 하는 등 본 발명의 서버(130)를 전체적으로 제어한다.The controller 320 controls the server 130 of the present invention as a whole to decrypt the received encrypted data and transmit the decrypted data to the payment institution server 140.
또한, 상기 제어부(320)는 암호화 데이터가 수신되면 해당 암호화 데이터를 살펴보고 암호화 데이터를 복호화 할 수 있는 복호화부에서 복호화 하도록 제어하며, 상기 복호화부 각각은 복호화 데이터가 전송되는 각각의 결제대행기관서버와 대응되도록 미리 결정될 수 있다. 따라서 상기 제어부(320)는 암호화 데이터를 전송한 단말로부터 수신한 결제대행기관에 관한 정보를 살펴보고 해당 결제 대행기관서버에 대응되도록 미리 결정된 복호화부에서 해당 암호화 데이터를 복호하 하도록 제어한다.In addition, when the encrypted data is received, the controller 320 examines the encrypted data and controls the decryption unit to decrypt the encrypted data, and each of the decryption units is each payment agency server to which the decrypted data is transmitted. It may be predetermined to correspond to. Therefore, the control unit 320 looks at the information on the payment agency received from the terminal that transmitted the encrypted data and controls the decryption unit to decode the encrypted data predetermined to correspond to the corresponding payment agency server.
또한, 상기 제어부(320)는 복호화 방식이 동일한 복수의 복호화부를 포함하고 동일한 방식으로 복호화를 수행하는 복수의 암호화 데이터를 수신하는 경우 수신된 암호화 데이터를 복호화 할 수 있는 각 복호화부의 트래픽 및 결제대행수수료 중 어느 하나를 기초로 수신된 암호화 데이터를 복화하하는 복호화부를 결정한다.In addition, the control unit 320 includes a plurality of decryption units having the same decryption method, and when receiving a plurality of encrypted data that decrypts in the same manner, traffic and payment agent fees of each decryption unit capable of decrypting the received encrypted data. The decryption unit which decrypts the received encrypted data based on any one of them is determined.
즉, 각 복호화부의 트래픽을 모니터링하여 어느 복호화부의 트래픽이 높아지지 않도록 제어할 수 있으며 결제대행수수료를 고려하여 보다 적은 결제대행수수료를 부가하는 결제대행기관서버에 대응하는 복호화부에서 복호화가 수행될 수 있도록 제어한다.That is, the traffic of each decoder may be monitored so that the traffic of any decoder is not increased, and the decryption may be performed in the decryption unit corresponding to the payment agency server that adds less payment agency fee in consideration of the payment agency fee. To control.
도 4는 본 발명의 일 실시예에 의한 서버(130)의 복호화부(330)의 구성을 나타내는 도면이다.4 is a diagram illustrating a configuration of the decryption unit 330 of the server 130 according to an embodiment of the present invention.
도 4를 참조하면, 본 발명의 서버(130)의 복호화부(330)는 서브 복호화부를 포함하는데, 일 예로 제1 내지 제4 복호화부(400,410,420,430)를 포함한다. 제1 내지 제 4 복호화부(400,410,420,430)는 동일한 방식으로 복호화를 수행하거나, 서로 다른 방식으로 복호화를 수행할 수 있다. 즉, 복호화부(330)는 동일한 방식으로 복호화를 수행하는 적어도 하나의 서브 복호화부를 포함하거나, 서로 다른 방식으로 복호화를 수행하는 적어도 하나의 서브 복호화부를 포함할 수 있다.Referring to FIG. 4, the decoder 330 of the server 130 of the present invention includes a sub decoder, and includes, for example, the first to fourth decoders 400, 410, 420, and 430. The first to fourth decoders 400, 410, 420, and 430 may decode in the same manner or may decode in different ways. That is, the decoder 330 may include at least one sub decoder that performs decoding in the same manner, or may include at least one sub decoder that performs decoding in different ways.
일 예로, 제1 카드는 신용카드, 제2 카드는 교통카드, 제3 카드는 현금카드와 같이 암호화 데이터의 복호화 방식이 다른 경우, 제1 및 제2 복호화부(400,410)는 제1 카드로부터 리드된 암호화 데이터를 복호화하며, 제3 복호화부(420)는 제2 카드로부터 리드된 암호화 데이터를 복호화하며, 제4 복호화부(430)는 제3 카드로부터 리드된 암호화 데이터를 복호화 할 수 있다.For example, if the first card is a credit card, the second card is a traffic card, and the third card is a cash card, the decryption method of the encrypted data is different, the first and second decryption units 400 and 410 read from the first card. The decrypted encrypted data may be decrypted, and the third decryption unit 420 may decrypt the encrypted data read from the second card, and the fourth decryption unit 430 may decrypt the encrypted data read from the third card.
또한, 결제를 위해 결제대행서브(미도시)가 이용되는 경우, 결제대행서브(미도시)에 전송되는 데이터를 복호화하는 서브 복호화부(400,410,420,430)와 결제대행서브(미도시)가 대응되도록 미리 결정될 수 있다. 일 예로, 제1 복호화부(400)는 제1 결재대행서버(미도시)와 대응되며, 제2 복호화부(410)는 제2 결재대행서버(미도시)와 대응되도록 미리 결정될 수 있다. 이때, 제어부(320)는 제1 복호화부(400)에서 복호화한 데이터는 제1 결재대행서버(미도시)에 전송하며, 제2 복호화부(410)에서 복호화한 데이터는 제2 결재대행서버(미도시)에 전송한다. 제1 및 제2 결재대행서버(미도시)는 복호화한 데이터를 결재기관서버(140)에 전송한다.In addition, when a payment agent sub (not shown) is used for payment, the sub-decoding unit 400, 410, 420, 430 decoding the data transmitted to the payment agent sub (not shown) and the payment agent sub (not shown) may be determined in advance. Can be. For example, the first decoder 400 may correspond to the first payment agent server (not shown), and the second decoder 410 may be predetermined to correspond to the second payment agent server (not shown). In this case, the controller 320 transmits the data decoded by the first decoder 400 to the first payment agent server (not shown), and the data decoded by the second decoder 410 is the second payment agent server ( (Not shown). The first and second payment agent servers (not shown) transmit the decrypted data to the payment institution server 140.
서브 복호화부(400,410,420,430)와 결제대행서브(미도시)가 대응되도록 미리 결정되면, 단말(100,110,120)과 서브 복호화부(400,410,420,430)도 대응되도록 미리 결정될 수 있다. 일 예로, 제1 단말(100)에서 전송된 암호화 데이터는 제1 복호화부(400)에서 복호화가 수행되도록 하고, 제2 단말(110)에서 전송된 암호화 데이터는 제2 복호화부(410)에서 복호화가 수행되도록 할 수 있다.When the sub decoders 400, 410, 420, 430 and the payment agent sub (not shown) are previously determined to correspond, the terminals 100, 110, 120 and the sub decoders 400, 410, 420, 430 may also be predetermined. For example, the encrypted data transmitted from the first terminal 100 is decrypted by the first decryption unit 400, and the encrypted data transmitted from the second terminal 110 is decrypted by the second decryption unit 410. May be performed.
이를 위해 제1 및 제2 단말(100,110)은 암호화 데이터를 전송할때 제1 및 제2 결제대행기관(미도시)에 대한 정보를 전송하여 제어부(320)가 제1 단말(100)로부터 전송된 암호화 데이터는 제1 복호화부(400)에서 복호화하도록 하고, 제2 단말(110)로부터 전송된 암호화 데이터는 제2 복호화부(410)에서 복호화하도록 할 수 있다. 이때, 제1 및 제2 단말(100,110)에서 서버(140)로 전송되는 암호화 데이터는 암호화 또는 복호화 방식이 동일할 수 있다.To this end, when the first and second terminals 100 and 110 transmit encrypted data, the first and second terminals 100 and 110 transmit information about the first and second payment agency (not shown), thereby encrypting the control unit 320 transmitted from the first terminal 100. The data may be decrypted by the first decryption unit 400, and the encrypted data transmitted from the second terminal 110 may be decrypted by the second decryption unit 410. In this case, the encrypted data transmitted from the first and second terminals 100 and 110 to the server 140 may have the same encryption or decryption method.
한편, 제1 내지 제3 단말(100,110,120)로부터 암호화 데이터가 수신되면 제어부(320)는 각 서브 복호화부에서의 트래픽 또는 결제대행수수료를 고려하여 암호화 데이터를 확인하여 복호화 할 수 있는 서브 복호화부(400,410,420,430) 에서 복호화를 수행하도록 할 수 있다.On the other hand, when the encrypted data is received from the first to third terminals (100, 110, 120), the control unit 320 is a sub decryption unit 400, 410, 420, 430 that can verify and decrypt the encrypted data in consideration of the traffic or payment agency fees in each sub decryption unit ) Can be decoded.
또한, 상기 제어부(320)는 수신된 암호화 데이터를 복호활 할 수 있는 각 복호화부의 트래픽을 살펴보고 각 복호화부의 트래픽이 적절히 유지될 수 있도록 하며, 특정 복호화부에 데이터가 집중되어 해당 복호화부의 트래픽이 높아지지 않도록 제어할 수 있다.In addition, the control unit 320 looks at the traffic of each decryption unit that can decrypt the received encrypted data and ensures that the traffic of each decryption unit is properly maintained. Can be controlled so as not to increase.
일 예로, 동일한 방식으로 복호화하는 암호화 데이터가 복수로 수신되고 수신된 암호화 데이터를 복호화 할 수 있는 서브 복호화부(400,410,420,430)가 1개인 경우, 제어부(320)는 암호화 데이터를 순차로 복호화가 수행되도록 한다. 수신된 암호화 데이터를 복호화 할 수 있는 서브 복호화부(400,410,420,430)가 복수인 경우, 제어부(320)는 각 서브 복호화부에서 동시에 복호화가 수행되도록 하거나, 어느 하나의 서브 복호화부에서 복호화가 수행되도록 할 수 있는데, 이때, 제어부(320)는 각 서브 복호화부에서의 트래픽 또는 결제대행수수료를 고려하여 복호화 수행을 제어할 수 있다.For example, when a plurality of encrypted data to be decrypted in the same manner is received and there is only one sub-decryptor 400, 410, 420, and 430 capable of decrypting the received encrypted data, the controller 320 causes decryption of the encrypted data sequentially. . When there are a plurality of sub decryption units 400, 410, 420, and 430 capable of decrypting the received encrypted data, the controller 320 may perform decryption simultaneously in each sub decryption unit or decryption in any one sub decryption unit. In this case, the control unit 320 may control the decoding operation in consideration of traffic or a payment agent fee in each sub decoding unit.
일 예로, 제1 및 제2 복호화부(400,410)가 동일한 방식으로 복호화를 수행하는 경우, 제1 및 제2 복호화부(400,410)에서 복호화하는 암호화 데이터가 복수로 수신되면 제어부(320)는 제1 및 제2 복호화부(400,410)에서 동시에 복호화가 수행되도록 하거나, 제1 및 제2 복호화부(400,410)의 트래픽 또는 결제대행수수료를 고려하여 트래픽이 낮거나 결제대행수수료가 낮은 서브 복호화부에서 복호화가 수행되도록 특정 복호화부를 지정할 수 있다.For example, when the first and second decryption units 400 and 410 perform decryption in the same manner, when a plurality of encrypted data to be decrypted by the first and second decryption units 400 and 410 are received, the control unit 320 may perform a first decryption. And decoding in the second decoding unit 400, 410 simultaneously, or in a sub-decoding unit having low traffic or low payment agency fee in consideration of traffic or payment agency fees of the first and second decoding units 400, 410. A specific decoder can be specified to be performed.
한편, 본 발명은 복호화부(330)에서 초기에 셋팅된 서브 복호화부(400, 410, 420, 430)에서 복호화할 수 없는 암호화 데이터를 복호화하기 위해 새로운 제5 복호화부(440)를 추가할 수 있으며, 제5 복호화부(440)가 추가되면 제어부(320)는 제1 내지 제5 복호화부(400,410,420,430,440)을 제어한다.Meanwhile, according to the present invention, a new fifth decryption unit 440 may be added to decrypt encrypted data that cannot be decrypted by the sub decryption units 400, 410, 420, and 430 initially set by the decryption unit 330. If the fifth decoder 440 is added, the controller 320 controls the first to fifth decoders 400, 410, 420, 430, and 440.
이때, 추가되는 제5 복호화부(440)는 PCI(peripheral component interconnect), SATA(serial advanced technology attachment), USB(universal serial bus) 등과 같이 서버(130) 자원을 이용한 확장방식으로 추가되거나, 복호화부(330)에 별도의 확장포트(미도시)를 두고 필요시 추가할 수 있다. 확장포트(미도시)를 이용하는 경우, 제5 복호화부(440)가 추가될 때 확장포트(미도시)의 특정 PIN이 하이(HI) 또는 로우(Low)로 변경되도록 함으로써 제5 복호화부(440)가 추가 여부를 인지할 수 있으며, 또는 딥스위치(DIP Switch)로 강제 온/오프하는 등의 방식으로 제5 복호화부(440)를 추가 할 수 있다.In this case, the fifth decoder 440 is added to include a peripheral component interconnect (PCI), a serial advanced technology attachment (SATA), and a universal USB (USB). serial bus) The server 130 may be added in an extension method using resources, or may be added if necessary by having a separate expansion port (not shown) in the decoder 330. When using the expansion port (not shown), when the fifth decryption unit 440 is added, the fifth decryption unit 440 by changing a specific PIN of the expansion port (not shown) to high (HI) or low (low) ) May be added or may be added, or the fifth decoder 440 may be added by forcibly turning on / off a DIP switch.
서버(130)의 가용자원이 제한되어 있거나, 확장포트(미도시)를 이용하여 제5 복호화부(440)의 추가가 어려운 경우, 이더넷, 3G, LTE, 와이브로 등 통신방식을 통해 제5 복호화부(440)를 추가할 수 있다. 이때, 복호화부(330) 및 추가되는 제5 복호화부(440)는 각각 복제가 불가능한 물리보안키를 포함할 수 있으며, 물리보안키를 이용하여 복호화부(330)와 제5 복호화부(440)가 서로 인지할 수 있다. 물리보안키는 IC신용카드, 교통카드, SIM 카드 등에 활용되는 스마트카드(Smart card) 기술이 사용될 수 있다.When available resources of the server 130 are limited or when it is difficult to add the fifth decoder 440 using an expansion port (not shown), the fifth decoder through communication methods such as Ethernet, 3G, LTE, WiBro, etc. 440 may be added. At this time, the decryption unit 330 and the additional fifth decryption unit 440 may each include a physical security key that cannot be duplicated, and the decryption unit 330 and the fifth decryption unit 440 using the physical security key. Can recognize each other. The physical security key may be a smart card technology used for IC credit cards, traffic cards, SIM cards, and the like.
제1 내지 제5 복호화부(400, 410, 420, 430, 440)는 프로토콜정보를 포함할 수 있으며, 복호화작업 수행 후 복호화된 데이터와 프로토콜정보를 출력할 수 있다. 제어부(330)는 프로토콜정보를 참조하여 결제기관서버(140)의 접속정보와 프로토콜 규격에 따른 결제 절차를 수행한다.The first to fifth decoders 400, 410, 420, 430, and 440 may include protocol information, and may output decoded data and protocol information after performing a decoding operation. The control unit 330 performs the payment procedure according to the access information and the protocol standard of the payment institution server 140 with reference to the protocol information.
도 5는 본 발명의 일 실시예에 의한 전자결제시스템의 동작을 설명하기 위한 흐름도이다.5 is a flowchart illustrating the operation of the electronic payment system according to an embodiment of the present invention.
도 5에서는 제1 단말(100)에 대해서 설명하지만, 제2 및 제3 단말(110,120)도 동일 또는 유사하게 적용할 수 있다.In FIG. 5, the first terminal 100 is described, but the second and third terminals 110 and 120 may be similarly or similarly applied.
도 5를 참조하면, 제1 단말(100)에서 암호화 데이터를 리드하면(500), 제1 단말(100)은 서버(130)에 리셋신호를 전송한다(510). 서버(130)는 리셋신호에 응답하여 복호화부(330)를 리셋한 후(520) 리셋 응답 신호를 제1 단말(100)에 전송한다(530).Referring to FIG. 5, when the encrypted data is read by the first terminal 100 (500), the first terminal 100 transmits a reset signal to the server 130 (510). The server 130 resets the decoder 330 in response to the reset signal in step 520 and transmits a reset response signal to the first terminal 100 in step 530.
이후, 제1 단말(100)은 암호화 데이터를 서버(130)에 전송하며(540), 서버(130)는 암호화 데이터를 복호화한다(550). 또한, 제1 단말(100)은 결제금액, 할부여부, 서명정보 등과 같은 결제 데이터를 서버(130)에 전송하며(560), 서버(130)는 복호화 데이터 및 결제 데이터를 결제기관서버(140)에 전송하여 결제승인요청을 한다(570). 결제승인여부가 결정되면 결제기관서버(140)는 결제승인요청에 대한 응답을 서버(130)에 전송하며(580), 서버(130)는 결제승인요청에 대한 응답을 제1 단말(100)에 전송한다(590). Thereafter, the first terminal 100 transmits the encrypted data to the server 130 (540), and the server 130 decrypts the encrypted data (550). In addition, the first terminal 100 transmits payment data such as payment amount, installment, signature information, etc. to the server 130 (560), the server 130 transmits the decrypted data and payment data to the payment institution server 140 The request for payment approval is sent to 570. If payment approval is determined, the payment institution server 140 transmits a response to the payment approval request to the server 130 (580), and the server 130 sends a response to the payment approval request to the first terminal 100. Transmit 590.
도 6은 본 발명의 일 실시예에 의한 서버(130)의 복호화 동작을 나타내는 순서도이다.6 is a flowchart illustrating a decryption operation of the server 130 according to an embodiment of the present invention.
도 6을 참조하면, 수신부(300)에서 복수의 암호화 데이터를 수신하면(600), 제어부(320)는 암호화 데이터의 복호화 방식이 동일한지 확인한다. 복호화 방식이 동일한 경우(610의 예), 제어부(320)는 복호화부(330)에 동일한 방식으로 복호화하는 서브 복호화부(400,410,420,430)가 복수인지 확인하는데, 복수인 경우(620의 예) 각 서브 복호화부에서 복호화가 수행되도록 하고(640), 하나인 경우(620의 아니오) 순차로 복호화가 수행되도록 한다(650).Referring to FIG. 6, when the receiver 300 receives a plurality of encrypted data (600), the controller 320 determines whether the decryption method of the encrypted data is the same. If the decoding methods are the same (YES in 610), the control unit 320 determines whether there are a plurality of sub-decoding units 400, 410, 420, and 430 decoding in the same manner to the decoding unit 330. In step 640, the decoding is performed (640), and in the case of one (No of 620), the decoding is sequentially performed (650).
각 서브 복호화부에서 복호화가 수행될 때, 제어부(320)는 각 서브 복호화부의 트래픽 또는 결제대행수수료를 고려하여 각 서브 복호화부에서의 복호화 수행을 제어할 수 있다. 일 예로, 동일한 방식으로 복호화하는 서브 복호화부가 복수인 경우, 어느 하나의 서브 복호화부의 트래픽이 높은 경우, 트랙픽이 높은 서브 복호화부에서 복호화하는 암호화 데이터를 감소시키고, 트래픽이 낮은 다른 서브 복호화부에서 처리하는 암호화 데이터를 증가시킬 수 있다.When the decoding is performed in each sub decoding unit, the controller 320 may control the decoding in each sub decoding unit in consideration of the traffic or the payment agent fee of each sub decoding unit. For example, when there is a plurality of sub-decryptors that decrypt in the same manner, when the traffic of any one of the sub-decryptors is high, the encrypted data decoded by the high-decryption sub-decryption unit is reduced and processed by another sub-decryptor with low traffic. To increase the encrypted data.
또한, 결제를 위해 결제대행기관(미도시)이 이용되는 경우, 제어부(320)는 단말(100,110,120)로부터 전송된 결제대행기관(미도시)에 관한 정보를 확인하여 결제대행기관(미도시)과 대응되도록 미리 결정된 서브 복호호화부(400,410,420,430)에서 복호화가 수행되도록 할 수 있다.In addition, when a payment agency (not shown) is used for payment, the controller 320 checks information on the payment agency (not shown) transmitted from the terminals 100, 110, and 120 and the payment agency (not shown). The decoding may be performed by the predetermined sub decoding decoders 400, 410, 420, and 430 to correspond.
또한, 본 발명에 따른 상기 제어부(320)는 각 결제대행기관의 결제대행수수료를 살펴보고 결재대행수수료가 보다 적은 결제대행기관서버에 대응되는 복호화부에서 복호화가 수행되도록 할 수 있다.In addition, the control unit 320 according to the present invention can look at the payment agency fees of each payment agency and may be decrypted in the decryption unit corresponding to the payment agency server with less payment agency fees.
수신된 암호화 데이터의 복호화 방식이 다른 경우(610의 아니오), 제어부(320)는 암호화된 데이터를 복호화할 수 있는 서브 복호화부에서 복호화가 수행되도록 한다(630). 복호화된 데이터는 결제기관서버(140)에 전송한다(660).If the decryption method of the received encrypted data is different (NO in 610), the controller 320 causes decryption to be performed in a sub decryption unit capable of decrypting the encrypted data (630). The decrypted data is transmitted to the payment institution server 140 (660).
한편, 본 발명의 상세한 설명에서는 구체적인 실시 예에 관해 설명하였으나, 본 발명의 범위에서 벗어나지 않는 한도 내에서 여러 가지 변형이 가능함은 물론이다.Meanwhile, in the detailed description of the present invention, specific embodiments have been described, but various modifications may be made without departing from the scope of the present invention.
그러므로 본 발명의 범위는 설명된 실시 예에 국한되지 않으며, 후술되는 특허청구의 범위뿐만 아니라 이 특허청구의 범위와 균등한 것들에 의해 정해져야 한다.Therefore, the scope of the present invention should not be limited to the described embodiments, but should be defined not only by the scope of the following claims, but also by those equivalent to the scope of the claims.
본 발명은 암호화 데이터의 복호화를 위한 수단을 효율적이고 편리하게 확장할 수 있는 장치 및 방법에 이용될 수 있다. The present invention can be used in an apparatus and method that can efficiently and conveniently extend the means for decrypting encrypted data.

Claims (2)

  1. 암호화 데이터를 복호화하는 장치에 있어서,An apparatus for decrypting encrypted data,
    복호화 방식이 서로 다른 적어도 하나의 암호화 데이터를 수신하는 수신부와;A receiving unit which receives at least one encrypted data having different decryption methods;
    상기 암호화 데이터에 대한 복호화 데이터를 송신하는 송신부와;A transmitting unit which transmits decryption data for the encrypted data;
    상기 암호화 데이터를 복호화하는 복수의 복호화부와;A plurality of decryption units for decrypting the encrypted data;
    상기 암호화 데이터를 확인하여 상기 암호화 데이터를 복호화할 수 있는 복호화부에서 복호화를 수행하도록 하는 제어부를 포함하며,And a controller configured to verify the encrypted data and perform a decryption in a decryption unit capable of decrypting the encrypted data.
    상기 복수의 복호화부 각각은 복호화 데이터를 수신하는 각각의 결제대행기관서버와 대응되도록 미리 결정되며,Each of the plurality of decryption units is predetermined to correspond to each payment agency server that receives the decrypted data,
    상기 제어부는 상기 암호화 데이터를 전송하는 단말로부터 수신한 상기 결제대행기관에 관한 정보에 기초하여 상기 결제대행기관서버에 전송되는 복호화 데이터가 상기 결제대행기관서버와 대응되는 복호화부에서 복호화되도록 하고,The control unit causes the decryption data transmitted to the payment agency server to be decrypted by the decryption unit corresponding to the payment agency server based on the information about the payment agency received from the terminal transmitting the encrypted data,
    상기 제어부는 상기 복수의 복호화부가 복호화 방식이 동일한 복수의 복호화부를 포함하며, 상기 수신부에서 동일한 방식으로 복호화를 수행하는 복수의 암호화 데이터를 수신하는 경우, 수신된 암호화 데이터를 복호화 할 수 있는 각 복호화부의 트래픽 및 결제대행수수료 중 어느 하나를 기초로 상기 수신된 암호화 데이터를 복호화하는 복호화부를 결정하는 장치. The control unit may include a plurality of decryption units having the same decryption method, and the decryption unit may decrypt the received encrypted data when the receiver receives a plurality of encrypted data that decrypts the same method. The apparatus for determining a decryption unit for decrypting the received encrypted data based on any one of traffic and payment agent fees.
  2. 제1항에 있어서,The method of claim 1,
    상기 제어부는 초기에 셋팅된 상기 복호화부에서 복호화할 수 없는 암호화 데이터가 있는 경우, 상기 복호화할 수 없는 암호화 데이터를 복호화할 수 있는 새로운 복호화부를 추가하는 장치.And the control unit adds a new decryption unit capable of decrypting the non-decryptable encrypted data when there is encrypted data that cannot be decrypted in the initially set decryption unit.
PCT/KR2016/001992 2015-03-03 2016-02-29 Device for decoding encoded data and method therefor WO2016140476A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR20150029523 2015-03-03
KR10-2015-0029523 2015-03-03

Publications (1)

Publication Number Publication Date
WO2016140476A1 true WO2016140476A1 (en) 2016-09-09

Family

ID=56848098

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2016/001992 WO2016140476A1 (en) 2015-03-03 2016-02-29 Device for decoding encoded data and method therefor

Country Status (1)

Country Link
WO (1) WO2016140476A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20070117420A (en) * 2006-06-08 2007-12-12 한국정보통신주식회사 System and method for payment and program recording medium
KR20100071682A (en) * 2008-12-19 2010-06-29 엘지전자 주식회사 Security data transmission apparatus
JP2013134708A (en) * 2011-12-27 2013-07-08 Sumitomo Mitsui Banking Corp Payment processing method and bank server to be used for payment processing
JP2013137633A (en) * 2011-12-28 2013-07-11 Asahi Seiko Co Ltd Credit card settlement system
KR20140114638A (en) * 2013-03-19 2014-09-29 주식회사 에이텍 Apparatus for processing card information and method thereof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20070117420A (en) * 2006-06-08 2007-12-12 한국정보통신주식회사 System and method for payment and program recording medium
KR20100071682A (en) * 2008-12-19 2010-06-29 엘지전자 주식회사 Security data transmission apparatus
JP2013134708A (en) * 2011-12-27 2013-07-08 Sumitomo Mitsui Banking Corp Payment processing method and bank server to be used for payment processing
JP2013137633A (en) * 2011-12-28 2013-07-11 Asahi Seiko Co Ltd Credit card settlement system
KR20140114638A (en) * 2013-03-19 2014-09-29 주식회사 에이텍 Apparatus for processing card information and method thereof

Similar Documents

Publication Publication Date Title
CN101098222B (en) Wireless communication system, wireless communication apparatus, and method of exchanging cryptography key between wireless communication apparatuses
CN111066008B (en) Method and device for protecting KVM matrix
WO2013100413A1 (en) Smartphone credit card payment system using an earphone jack, and method for same
CN103118032B (en) Method, terminal and server that a kind of terminal login account is synchronous
CN203482199U (en) Near-field communication equipment
CA2462673A1 (en) Systems and methods for providing digital rights management compatibility
US11159329B2 (en) Collaborative operating system
CN102947836B (en) Memory device, main process equipment and use dual encryption scheme transmit the method for password between the first and second memory devices
CN109361508B (en) Data transmission method, electronic device and computer readable storage medium
WO2013176491A1 (en) Method for authenticating web service user
US20110016310A1 (en) Secure serial interface with trusted platform module
US9307403B2 (en) System and method for NFC peer-to-peer authentication and secure data transfer
WO2016085062A1 (en) Authentication method using nfc authentication card
CN110784386B (en) Firmware updating method and related equipment
CN110598429B (en) Data encryption storage and reading method, terminal equipment and storage medium
CN108734005B (en) Security/identity authentication method, mobile equipment and storage device
WO2020050584A1 (en) System and method for secure transactions with a trusted execution environment (tee)
CN101208704B (en) Security system and method for securing the integrity of at least one arrangement comprising multiple devices
WO2016076487A1 (en) Usb security device having fingerprint sensor and insertable smart card and memory card, and security method thereof
CN104796266A (en) Authentication method, device and system
WO2014107060A1 (en) Apparatus for securing mobile data and method therefor
CN106295372B (en) A kind of encryption Hub device realized based on EMMC interface
CN101645893A (en) Network trading method, device and system
WO2016140476A1 (en) Device for decoding encoded data and method therefor
CN202918498U (en) SIM card adapter, mobile terminal and digital signature authentication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16759112

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16759112

Country of ref document: EP

Kind code of ref document: A1