WO2014171694A1 - Method and server for payment system authenticating buyer using mobile phone and credit card electronic payment system using same - Google Patents

Abstract

The present invention relates to a method and a system for a payment system authenticating a buyer by using a mobile phone, and an electronic payment system using same. The method, the system, and the electronic payment system using same, according to the present invention, authenticate the user by transmitting to the mobile phone of the buyer an authentication message comprising URL information, receiving a private IP and MSISDN information from devices such as an IPLS from a communications company server when the buyer attempts to access the URL information from the mobile phone of the buyer, and comparing the private IP and the MSISDN information with communications company subscription information received from a terminal of the buyer.

Description

Buyer Authentication Method, Certificate Server, and Internet Electronic Payment System Using Mobile Phone

The present invention relates to a buyer authentication method of a payment system using a mobile phone, an authentication server, and an internet electronic payment system using the same. More particularly, a buyer authentication method of a payment system using a mobile phone utilizing identification information of a mobile phone in an IP based protocol. And an authentication server and an internet electronic payment system using the same.

Recently, the use of the Internet and the mobile phone has become popular, and a personal authentication method using a mobile phone is widely used when paying for products in an internet shopping mall. The authentication method using a mobile phone is a mobile phone micropayment method in which the product price is added to the mobile communication fee of the user's mobile phone, and a simple credit card payment that approves the credit card payment through mobile phone authentication without entering a credit card number. It can also be used for identity verification at Internet payment companies such as PayPal and PayPal.

The authentication method using such a mobile phone has an advantage that it can be easily purchased by personal authentication without complicated procedures such as entering a credit card number or using a public certificate. However, in the authentication method using a mobile phone, when personal credit information is leaked, there is a risk that someone who knows the resident registration number and the mobile phone number of the authentication requester can easily make a payment through authentication.

In order to solve this problem, a user typically transmits an authentication time (OTP: One Time Password) generated by a shopping mall server to a mobile terminal using a text message service (SMS), and then allows the buyer to input the authentication number. The authentication method is mainly used. The buyer authentication method is a method of confirming whether a buyer is directly carrying a mobile phone subscribed to by his / her name at the time of purchase.

However, the recent increase in the use of the Internet using a mobile phone such as a smart phone, the crime of hacking a mobile phone has increased significantly. In particular, 'smiching' is a combination of text messaging (PMS) and phishing (Phishing) is a recent mobile phone micropayment fraud method. 'Smiching' mainly sends a text to the user in the form of 'Offer of coupon coupon', 'Arrival of mobile gift certificate', 'Send smart bill', etc. This is how the code is installed.

When malware is installed on the user's mobile phone, others who distribute the malware make payments using the user's personal information, and the mobile phone user is notified of the payment because the authentication number issued by the shopping mall server is sent directly to others. You will not be aware of the fraud.

Therefore, the existing authentication method of randomly generating an authentication number in a shopping mall and sending a text message to a user terminal has a problem in that it cannot cope with such 'smiching'.

The present invention has been made to solve the problems described above, the buyer authentication method of the payment system using a mobile phone enhanced security by performing the buyer authentication using the mobile phone identification information in the IP-based protocol, authentication server and the same Its purpose is to provide an internet electronic payment system.

To this end, a buyer authentication method for authenticating an electronic payment in the electronic shopping mall by using a mobile phone of an electronic shopping mall server, an Internet payment company server, and a communication server connected to a communication company server through a communication network according to an embodiment of the present invention When the electronic payment request of the purchaser terminal is transmitted to the internet loyalty server through the electronic shopping mall server, and the subscriber authentication is completed at the internet payment company server, the authentication server is transferred from the internet payment company server to the electronic shopping mall server. A first step of receiving a service provider subscription information including a mobile phone number of the connected buyer; When there is a network request from the cellular phone of the buyer to the authentication server, the authentication server extracts the originating internal IP from the network request, and uses the extracted originating internal IP of the cellular phone of the buyer through the authentication information server. A second step of receiving unique identification information; And a third step of performing authentication of the mobile phone of the buyer by comparing the unique identification information with the communication company subscription information and determining whether the mobile phone that attempted the network request to the authentication server is the mobile phone of the buyer. have.

The network request to the authentication server may be one of 3 to 7 layer IP based protocols in the OSI 7 layer model.

The network request to the authentication server may be a network request through a browser or a network request through a dedicated application.

Between the first step and the second step, one of the electronic shopping mall server, the authentication server and a server provided separately to transmit the access URL information to the authentication server to the mobile phone of the buyer via the communication company server It may further include.

The transmitting of the access URL information to the authentication server to the mobile phone of the purchaser may be performed by transmitting a URL callback message including the access URL information or a short message including the URL information.

 The unique identification information may be one of a mobile station international ISDN number (MSISDN), a mobile directory number (MDN), and a mobile identification number (MIN).

The authentication information server may be one of IPLS, GGSN, P-GW, SGSN, S-GW, MME, HLR, HSS, PCRF, AAA, SPR.

In addition, according to an embodiment of the present invention, a purchaser authentication method using a mobile phone of an electronic payment system including an electronic shopping mall server, an internet payment company server, a communication company server, and an authentication server, the electronic shopping mall server from the terminal of the buyer A first step of receiving commodity transaction information including commodity information and purchase price information; A second step of the electronic shopping mall server requesting an electronic payment from the Internet payment company server; A third step of the internet payment company server authenticating the subscriber by receiving the purchaser subscription information of the buyer from the buyer terminal; A fourth step of, if the internet billing company subscriber authentication succeeds, requesting the purchaser's mobile phone authentication to the authentication server while delivering the service provider subscription information including the mobile phone number of the buyer; When there is a network request from the mobile phone of the buyer to the authentication server, the authentication server extracts an originating internal IP from the network request of the buyer mobile phone, and uses the extracted originating internal IP through the authentication information server. A fifth step of receiving unique identification information of the cellular phone; And a sixth step in which the authentication server compares the unique identification information with the telecommunication company subscription information and determines whether the mobile phone that attempted the network request to the authentication server is the mobile phone of the buyer, thereby performing the mobile phone authentication of the buyer. have.

Between the fourth step and the fifth step, if the Internet payment company subscriber authentication is successful, the Internet payment company server transmits the access URL information to the authentication server to the mobile phone of the buyer via the communication server server It may further include.

The network request to the authentication server may be one of 3 to 7 layer IP based protocols in the OSI 7 layer model.

The network request to the authentication server may be an HTTP network request through a browser or a network request through a dedicated application.

The transmitting of the access URL information to the authentication server to the mobile phone of the purchaser may be performed by transmitting a URL callback message including the access URL information or a short message including the URL information.

The unique identification information may be one of a mobile station international ISDN number (MSISDN), a mobile directory number (MDN), and a mobile identification number (MIN).

The authentication information server may be one of IPLS, GGSN, P-GW, S-GW, MME, HLR, HSS, PCRF, AAA, and SPR.

In addition, the Internet electronic payment system using a mobile phone according to an embodiment of the present invention, the electronic shopping mall server that receives from the buyer terminal product transaction information including the purchase target product information and purchase price information; In response to a payment request of the electronic shopping mall server, the Internet payment company subscription information inputted from the buyer terminal is performed to perform subscriber authentication, and if the subscriber authentication is successful, the carrier information including the mobile phone number of the buyer is transmitted. An internet billing company server for requesting authentication of the mobile phone of the buyer with an authentication server; When there is a network request from the cellular phone of the buyer to the authentication server, the originating internal IP is extracted from the network request, and the unique identification information of the cellular phone of the buyer is obtained through an authentication information server using the extracted originating internal IP. And the authentication server for authenticating the mobile phone of the buyer by comparing the unique identification information with the service provider subscription information and determining whether the mobile phone attempting the network request to the authentication server is the mobile phone of the buyer. have.

 When the subscriber authentication is successful, the internet payment company server may transmit the access URL information to the authentication server to the mobile phone of the buyer through the communication company server.

The network request to the authentication server may be one of 3 to 7 layer IP based protocols in the OSI 7 layer model.

The network request to the authentication server may be a network request through a browser or a network request through a dedicated application.

Sending the access URL information to the authentication server to the purchaser's mobile phone may be one of transmitting a URL callback message including the access URL information, or transmitting a short message including the URL information.

The unique identification information may be one of a mobile station international ISDN number (MSISDN), a mobile directory number (MDN), and a mobile identification number (MIN).

The authentication information server may be one of IPLS, GGSN, P-GW, S-GW, MME, HLR, HSS, PCRF, AAA, and SPR.

According to the buyer authentication method, the authentication server and the electronic payment system using the same according to the present invention, even if the user receives a text message received by the buyer's mobile phone by hacking technique such as smishing, Since the unique identification number is different, there is an effect that can fundamentally block hacking, such as smishing.

In addition, the present invention has the advantage that the buyer can simply perform the buyer authentication simply by sending a network request to the mobile phone without the inconvenience of pressing the authentication number.

1 is a schematic configuration diagram of an electronic payment system using a mobile phone according to an embodiment of the present invention.

2 is a flowchart illustrating an operation of the electronic payment system of FIG. 1.

3 is a schematic structural diagram of an electronic payment system using a mobile phone according to another embodiment of the present invention.

4 is a flowchart illustrating an operation of the electronic payment system of FIG. 3.

5 is a schematic structural diagram of an electronic payment system using another mobile phone according to another embodiment of the present invention.

6 is a flowchart illustrating an operation of the electronic payment system of FIG. 5.

Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.

Embodiments of the present invention are provided to more fully explain the present invention to those skilled in the art, and the following embodiments may be modified in many different forms, the scope of the present invention It is not limited to the following embodiments. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the invention to those skilled in the art.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the singular forms "a", "an" and "the" may include the plural forms as well, unless the context clearly indicates otherwise. In addition, as used herein, “comprise” and / or “comprising” are those that specify the presence of the shapes, numbers, steps, actions, members, elements, and / or groups thereof mentioned. It is not intended to exclude the presence or addition of one or more other shapes, numbers, acts, members, elements and / or groups. As used herein, the term “and / or” includes any and all combinations of one or more of the listed items.

Although the terms first, second, etc. are used herein to describe various members, regions, and / or portions, it is obvious that these members, components, regions, layers, and / or portions should not be limited by these terms. Do. These terms do not imply any particular order, up or down, or superiority, and are only used to distinguish one member, region or region from another member, region or region. Accordingly, the first member, region, or region described below may refer to the second member, region, or region without departing from the teachings of the present invention.

Hereinafter, embodiments of the present invention will be described with reference to the drawings schematically showing embodiments of the present invention. In the drawings, for example, variations in the shape shown may be expected, depending on manufacturing techniques and / or tolerances. Thus, embodiments of the present invention should not be construed as limited to the specific shapes of the regions shown herein, but should include, for example, changes in shape resulting from manufacturing.

1 is a schematic configuration diagram of an electronic payment system using a mobile phone according to an embodiment of the present invention.

Referring to Figure 1, using a mobile phone according to an embodiment of the present invention, but the electronic payment system buyer terminal 10, buyer mobile phone 20, electronic shopping mall server 30, payment agency server 40 And the authentication server 50, the authentication information server 55, and the communication company server 60.

The purchaser terminal 10, the electronic shopping mall server 30, and the payment agency server 30 are connected through a public network, and the purchaser mobile phone 20 is wirelessly connected to the communication company server 60 through the base station 5. It is connected through a network.

Specifically, the authentication server 50 and the authentication information server 55 is located in the mobile communication internal network (Core Network), the carrier server 60 is located in the mobile communication business computing network. In this case, the communication company server 60 may be configured to belong to a mobile communication internal network or to both a mobile communication internal network and a business computing network in some cases. (In this case, two separate servers may exist. will be)

The network in the present invention means an internet communication network connected using the TCP / IP protocol, and includes LAN, WAN, intranet, and other networks. The wireless communication network means a communication network using a communication method such as CDMA, TDMA, IMT2000, LTE. In particular, the internal mobile communication network refers to a network that communicates by assigning a private IP before the mobile phone is connected to the external Internet network, which will be described in detail later.

The purchaser terminal 10 is a terminal in which a buyer accesses the electronic shopping mall server 30 to search for a product and requests a purchase, and then inputs information necessary for electronic payment using the purchaser's mobile phone 20 to the electronic shopping mall server 30. to be. The purchaser terminal 10 may be any device as long as it can be connected to a shopping mall through an Internet communication network using the TCP / IP protocol. In general, a desktop PC, a laptop, etc. may correspond to this, but a tablet PC and a smartphone may also correspond to this.

The purchaser mobile phone 20 is a device used at the time of payment of the electronic payment system according to the present invention, and means a device subscribed to the communication company server 60. Therefore, the purchaser's mobile phone 20 refers to a device which is opened through a mobile communication company and can be communicated by the purchaser while paying a certain amount. Generally, a smart phone may correspond to this, but a smart pad, a tablet PC, etc. to which a phone number is assigned may also correspond to this.

The electronic shopping mall server 30 is configured to provide product information by opening an online site and to perform electronic payment through a payment agency server 40 so that a buyer can access and shop through a communication network.

The payment agency 40 is connected to the electronic shopping mall server 30 and the communication company server 60 serves to act for the electronic payment. Specifically, when the payment agency 40 is approved in the carrier server 60, the payment agency 40 acts for payment so that the billing can be completed in the next month mobile phone bill, in this process the buyer using the authentication server 50 To perform cell phone authentication.

When the payment agency server 40 performs the electronic payment through the buyer's mobile phone 20, the authentication server 50 verifies whether the buyer owns the buyer's mobile phone 20 at the time of purchase and authenticates the buyer. Do it.

The telecommunication company server 60 establishes a subscriber database of the telecommunication company, delivers the subscriber authentication information of the buyer to the payment agency 40, and transmits the authentication message to the buyer mobile phone 20 according to the request of the payment agency server 40. It plays a role.

Referring to Figure 1, the schematic operation of the electronic payment system using a mobile phone according to an embodiment of the present invention will be described.

When the purchaser terminal 10 transmits the purchase request information to the electronic shopping mall server, the electronic shopping mall server 30 requests the electronic payment to the payment agency server 40. The payment agency server 40 requests the first authentication while transmitting the carrier subscription information including the mobile phone number and the social security number of the buyer to the carrier server 60. In this case, the service provider subscription information is generally a mobile phone number and a social security number, but of course, it may further include additional information.

If the service provider subscription information is successful in the service provider server 60, the service provider server 60 according to the request of the payment agency server 40, the service provider server 60 to the purchaser mobile phone 20, the authentication message including the URL address of the authentication server 50 Send (SMS). In this case, it is only one embodiment that the communication server 60 transmits the authentication message to the mobile phone of the buyer, and any method may be used as long as the carrier server 60 transmits the access URL information so that the buyer knows the access URL to the authentication server 50. . That is, not only the callback message and the short message including the access URL information are transmitted to the buyer mobile phone 20, but also the access URL information is displayed on the screen of the purchaser terminal 10, or a dedicated application is provided on the buyer mobile phone 20. It can also be installed to provide access URL information and allow access.

In addition, the communication company server 60 transmits the service provider subscription information, in particular, the mobile phone number requested by the payment agency server 40 to the authentication server 50. Of course, at this time, the mobile phone number may be transmitted directly from the payment agency server 40 to the authentication server 50 via the NAT / firewall (7). At this time, the order of transmitting the access URL information and the transmission of the service provider subscription information to the authentication server 50 may be changed, and the payment agency server 40 may perform all of them directly. In this case, the communication service server 60 performs the first authentication result after receiving the notification.

Next, the purchaser attempts a network connection request through the wireless network to the authentication server URL of the authentication message arrived at the purchaser's mobile phone. At this time, the network connection request may be to attempt a network request (for example, HTTP connection) through a wireless network as an authentication server URL, and the authentication server URL may be a fixed URL (internal IP) such as "www.payment.com". You do not have to send an authentication message. That is, as mentioned above, it is sufficient to simply inform the buyer terminal 10 of the URL address to which the buyer mobile phone 20 is connected. Therefore, even if not in the form of an authentication message, a method of directly displaying or browsing the access URL address on the purchaser terminal 10 may be used.

At this time, the network request to the authentication server 50 may be one of IP-based protocols of three or more network layers in the OSI 7 layer model such as TCP, UDP, HTTP, and SMTP. Examples of protocols are shown in the table below.

[Revision 12.06.2014 under Rule 26]
Table 1

The authentication server 50 requests and receives the mobile phone number information (unique identification information) using the corresponding IP from the authentication information server 55 based on the IP information of the buyer's mobile phone 20 connected to the user, and the carrier registration information. The purchaser's mobile phone number and the mobile phone number information received from the authentication information server 55 are compared to perform authentication.

The authentication server 60 may transmit a response page (indicative of authentication success or failure) to the purchaser mobile phone 20 and transmit the authentication result to the payment agency server 40. Thereafter, the payment agency server 40 transmits the authentication result to the communication company server 50, the communication company server 50 receives the authentication result to approve the payment, and transmits the payment approval result to the payment agency server 40. The payment agency server 40 may complete the payment.

Alternatively, the authentication server 60 may transmit the authentication result to the communication company server 50. In this case, the communication company server 50 receives the authentication result, approves the payment, transmits the payment approval result to the payment agency server 40, and the payment agency server 40 may complete the payment.

Of course, the authentication server 60 may be configured to transmit the authentication result message to the payment agency server 40 and the carrier server 50 at the same time. However, even in this case, the payment agency server 40 checks the payment approval result of the communication company server 50 and finally completes the payment.

The payment agency server 40 completes the payment upon receiving the authentication success message and transmits the result of the payment to the purchaser terminal 10 through the electronic shopping mall server 30, or stops the payment upon receiving the authentication failure message. And, the result of this transfers the payment failure message to the purchaser terminal 10 through the electronic shopping mall server 30.

At this time, the communication company server 60 may have a primary identification number of the mobile phone IDS MSISDN and social security number matching database (DB) of each subscriber, and perform the first authentication through this, and interworking with the mobile communication internal network (Core Network) It sends a text message (SMS).

The authentication information server 55 refers to a server having a private IP assigned to a mobile phone and a mobile phone number (ex, MSISDN) matching DB in a mobile communication internal network (Core Network). The MSISDN (Mobile Station International ISDN Number) includes a Country Code (CC), except for the CC, there is also a Mobile Directory Number (MDN). In addition, a mobile identification number (MIN) has been used for CDMA. Therefore, the unique identification information matching the number of the mobile phone may be MSISDN, MDN, MIN and the like.

Most systems in the carrier's internal network have matching DBs for call processing, such as SGSN, GGSN, S-GW, P-GW, MME, HLR, HSS, PCRF, AAA, SPR. In addition, for convenience of call processing, non-standard DB server such as IPLS is operated separately.

IP Location Server (IPLS) is a server that matches session and location information of wireless network subscribers in real time and provides them to related clients. Gateway GPRS Support Node (GGSN) is an external network interworking gateway of GSM 2G / 3G network and is a device that is a terminal IP allocator when using dynamic IP policy. P-GW (PDN Gateway) is an external network interworking gateway of the GSM LTE network and is a device that becomes a terminal IP assignment subject when using a dynamic IP policy. Serving GPRS Support Node (SGSN): A gateway for handling user traffic in GSM 2G / 3G networks, and is a subscriber location and session management system in the PS domain. Serving Gateway (S-GW) is a device that serves as a gateway for processing user traffic in a GSM LTE network. Mobility Management Equipment (MME) is a device for managing home location registration in subscriber networks of a GSM LTE network. Home Subscribe Server (HSS) is a home location registration management device in a GSM LTE network. Policy & Charging Rule Function (PCRF) is a device that determines QoS policy or charging policy of GSM wireless network subscriber. AAA (Authentication Authorization Accounting) is a device that handles authorization / authentication / billing of users in the network. Subscriber Profile Repository (SPR) is a database (DB) that stores subscriber profile information in a GSM wireless network.

According to the present invention, when the authentication server 50 is disposed in the internal network of the mobile communication company, that is, the same internal network as the authentication information server 55 described above, and there is a network request from the purchaser mobile phone 20 to the authentication server 50, By analyzing the source IP address and extracting MSISDN information matching the source IP address, it is possible to identify the mobile phone number of the purchaser mobile phone 20.

As described above, identifying the mobile phone number of the purchaser's mobile phone 20 requesting the network to the authentication server is the most essential feature of the present invention. Due to this configuration, hacking such as smishing is fundamentally blocked.

That is, the mobile communication service provider must charge each subscriber in order to measure the usage of voice, data, etc. of the subscriber's mobile phone, so that the purchaser's mobile phone 20 must check the access time and data usage when the mobile phone 20 accesses the Internet. To this end, the mobile operator assigns a private IP to each mobile phone before connecting the purchaser mobile phone 20 to the public IP of the external Internet.

Through the private IP and unique identification information of the mobile phone (for example, MSISDN), whenever the mobile phone accesses the external Internet network, the access time and the connection termination time can be checked and the corresponding mobile phone can be identified. At this time, the typical identification information is MSISDN (Mobile Station International ISDN Number) information.

IPLS 7 is a representative device for managing private IP and MSISDN information. That is, as shown in FIG. 1, when the purchaser cellular phone 20 attempts to access the Internet, the purchaser mobile phone 20 accesses the communication company server 60 through the base station 5, and stores the private IP and MSISDN information corresponding thereto. It is IPLS (7).

Further, although functionally different from the IPLS 7, the devices having information on the private IP and the MSISDN matched thereto include the GGSN, the P-GW, the SGSN, the S-GW, and the MME.

Therefore, when the authentication server 50 attempts to access the network from the purchaser's mobile phone 20 to the authentication server 50 by using such a point, the private IP assigned at that time and the MSISDN information corresponding thereto are authenticated through the internal network. Request to the server 55.

The authentication server 50 compares the telecommunication company subscription information received from the telecommunication company server 60 and the unique identification information received from the authentication information server 55 to determine whether the buyer is carrying the buyer's mobile phone 20 directly. Performs cell phone authentication.

That is, since the MSISDN and the mobile phone number, which are unique identification information, correspond to each other, it is determined whether the buyer is carrying the buyer's mobile phone 20 by checking whether the two information match each other.

Using this method, even if a hacker tries to access the authentication server with his mobile phone by a hacking technique such as smishing, the buyer authentication fails because the unique identification information of the mobile phone is different from that of the buyer. Therefore, the present invention can fundamentally block hacking such as smishing.

2 is a flowchart illustrating an operation of the electronic payment system of FIG. 1.

Referring to FIG. 2, the buyer connects to the electronic shopping mall server 30 through the purchaser terminal 10 (S201), selects a product, and requests electronic payment (S203). Of course, at this time, the electronic payment request will mean a mobile phone payment request through the buyer mobile phone (20).

The electronic shopping mall server 30 transmits an electronic payment request message to the payment agency server 40 (S205), and the payment agency server 40 requests the carrier's subscription information from the purchaser terminal 10 (S207). At this time, the carrier registration information includes the purchaser's social security number and subscribed mobile phone number. Of course, additional information may also be requested.

The purchaser terminal 10 transmits the carrier subscription information to the payment agency server 40 (S209), and the payment agency server 40 requests a subscriber authentication inquiry from the carrier server 60 (S211). The communication company server 60 queries the subscriber database 70 and transmits the subscriber authentication inquiry result to the payment agency server 40. (S213)

When the subscriber authentication success message is received, the payment agency server 40 transmits the service provider subscription information to the authentication server 50 (S215), and requests for the transmission of the authentication message to the service provider server 60 (S217). The communication company server 60 transmits an authentication message including the access URL information to the authentication server 50 to the purchaser mobile phone 20 (S219).

If there is a network request from the purchaser mobile phone 20 to the authentication server (S221), the authentication server 50 extracts the originating IP from the network request of the buyer mobile phone 20, using the originating IP authentication information server 55 The unique identification information is requested (S223). The authentication information server 55 such as IPLS extracts the MSISDN, which is unique identification information matched thereto, based on the received outgoing IP and transmits it to the authentication server 50 (S225). The authentication server 50 compares the received MSISDN information with the service provider subscription information to perform the mobile phone authentication of the buyer (S227), and transmits the authentication result to the payment agency server 40 (S229).

The payment agency server 40 requests the payment approval to the communication company server 60 (S231).

The communication company server 40 inquires payment limit information and the like to approve payment (S233), and transmits the payment approval result to the payment agency server 40 (S235).

If the payment agency server 40 determines that the payment approval is successful, the payment is finally completed (S237), and the payment result is transmitted to the electronic shopping mall server 30 (S239).

The electronic shopping mall server 30 transmits the payment result to the purchaser terminal 10 (S241).

3 is a schematic structural diagram of an electronic payment system using a mobile phone according to another embodiment of the present invention.

The electronic payment system of FIG. 3 is the same as the electronic payment system of FIG. 1, but the only difference is that the credit card company server 70 is further provided. Therefore, the reference numerals of the configuration excluding the credit card company server 70 are the same as those of the embodiment of FIG. 1, and the description of the same components as those of FIG. 1 will be replaced with the description of FIG. 1.

That is, in FIG. 3, when the purchaser terminal 10 inputs purchase request information to the electronic shopping mall server 30, the electronic shopping mall server 30 requests electronic payment from the payment agency server 40, and the payment agency server 40. ) Is the step of requesting the electronic payment to the credit card company server 70, receiving the credit card company subscription information from the buyer is added to perform the authentication whether the credit card company subscription information is valid.

When the payment agency server 40 receives the credit card company subscriber authentication success message from the credit card company server 70, it requests the communication company server 60 to authenticate the carrier information.

That is, in FIG. 3, except that the credit card company subscriber authentication step is added, the detailed description of the overlapping configuration will be omitted.

4 is a flowchart illustrating an operation of the electronic payment system of FIG. 3.

Referring to FIG. 4, the buyer connects to the electronic shopping mall server 30 through the purchaser terminal 10 (S401), selects a product, and requests electronic payment (S403). Of course, at this time, the electronic payment request will mean a mobile phone payment request through the buyer mobile phone (20).

The electronic shopping mall server 30 transmits the electronic payment request message to the payment agency server 40 (S405), and the payment agency server 40 transmits the electronic payment request message to the credit card company server 70 (S407).

The credit card company server 70 requests the purchaser terminal 10 to purchase the credit card company subscription information (S409), and when the purchaser terminal 10 transmits the credit card company subscription information (S411), it performs subscriber authentication based on this. do.

The credit card company server 70 transmits the subscriber authentication inquiry result to the payment agency server 40 together with the telecommunication company subscription information including the purchaser's mobile phone number (S413). At this time, the carrier registration information including the mobile phone number of the buyer corresponds to the information already held in the credit card company server (70).

If it is determined that the subscriber authentication success message has been received, the payment agency server 40 transmits the carrier subscription information to the authentication server 50 (S415), and sends a request for sending an authentication message to the carrier server 60 (S417), the carrier The server 60 transmits the authentication message including the access URL information to the authentication server 50 to the purchaser mobile phone 20 (S419).

At this time, the payment agency server 40 checks the carrier subscription information once again with the carrier server 60 before the step S415 in order to determine whether the carrier subscription information transmitted from the credit card company server 70 is valid again. Of course it can be.

When a network connection is requested from the purchaser mobile phone 20 to the authentication server 50 (S421), the authentication server 50 extracts the originating IP address of the purchaser mobile phone 20, and uses the extracted originating IP address to authenticate information. The server 55 requests the unique identification information (S423). That is, the authentication information server 55 extracts MSISDN information matching the received source IP address and transmits it to the authentication server 50 (S425).

The authentication server 50 compares the unique identification information and the carrier registration information to perform the mobile phone authentication of the buyer (S427), and if it is determined that the buyer mobile phone authentication is successful, and transmits the authentication result to the payment agency server 40 (S429). .

The payment agency server 40 requests the payment approval to the credit card company server 70 when the mobile phone authentication of the buyer is successful (S431), and the credit card company server 70 after the payment approval is completed (S433), the payment agency server ( The payment approval result is transmitted to 40 (S435).

When the payment agency server 40 receives the payment approval message from the credit card company server 70, the payment is completed (S437), and transmits the payment result to the electronic shopping mall server 30 (S439).

The electronic shopping mall server 30 transmits the payment result to the purchaser terminal 10 again (S441).

5 is a schematic structural diagram of an electronic payment system using a mobile phone according to another embodiment of the present invention.

The electronic payment system of FIG. 5 is the same as that of the electronic payment system of FIG. 1, except that the payment agency server 80 is replaced with the Internet payment company server 80.

The Internet payment company server 80 is a server that provides a service such as PayPal, and uses a method of charging the amount in advance or in conjunction with the card company server account to perform the electronic payment. If the Internet billing company 80 receives only the subscription information (ie, ID and password, etc.) of the buyer of the Internet billing company subscribers can be paid with a pre-charged amount.

Therefore, the reference numerals of the configuration excluding the Internet billing company server 80 are displayed in the same manner as in the embodiment of FIG. 1, and the description of the same components as those in FIG. 1 will be replaced with the description related to FIG. 1.

The operation changed by the Internet payment company server 80 will be described in detail with reference to FIG. 6 below.

FIG. 6 is a flowchart illustrating an operation of the electronic payment system of FIG. 5.

Referring to FIG. 5, the buyer connects to the electronic shopping mall server 30 through the purchaser terminal 10 (S601), selects a product, and requests electronic payment (S603). Of course, at this time, the electronic payment request will mean a mobile phone payment request through the buyer mobile phone (20).

The electronic shopping mall server 30 transmits an electronic payment request message to the Internet payment company server 80 (S605).

The Internet payment company server 80 requests the Internet payment company subscription information to the buyer terminal 10 (S607), the buyer terminal 10 transmits the Internet payment company subscription information of the buyer to the Internet payment company server 80. (S609).

The internet billing company server 80 performs subscriber authentication based on the received purchaser's internet billing company subscription information (S611). If the subscriber authentication is successful, the Internet billing company server 8 transmits the carrier subscription information to the authentication server 60 (S613), and the access URL to the authentication server 50 from the purchaser's mobile phone 20 to the carrier server 50. Request to send an authentication message including the information (S615). The communication company server 50 transmits the authentication message including the access URL information of the authentication server 50 to the mobile phone 20 of the purchaser (S617).

In this case, the service provider subscription information corresponds to information that the Internet payment company server 80 already holds in the purchaser of the Internet payment company server subscription. Here, the Internet billing company server 80 may be added to the step of querying the carrier registration information once again to the carrier server 60 before the step S613 in order to determine once again whether the carrier registration information held by him or her may be added. Of course.

When a network connection is requested from the purchaser mobile phone 20 to the authentication server 50 (S619), the authentication server 50 requests the unique identification information to the authentication information server 55 (S621). That is, the authentication information server 55 extracts MSISDN information matching the received source IP address and transmits it to the authentication server 50 (S623).

The authentication server 50 compares the unique identification information and the telecommunication company subscription information to perform the mobile phone authentication of the buyer (S625), and if it is determined that the purchaser mobile phone authentication is successful, and transmits the authentication result to the Internet payment company server (80) (S627). ).

If the purchaser's mobile phone authentication is successful, the internet payment company server 40 approves the payment (S629), and after completing the payment (S631), transmits the payment result to the electronic shopping mall server 30 (S633).

The electronic shopping mall server 30 transmits the payment result to the purchaser terminal 10 again (S635).

The embodiment of the present invention has been described above with reference to the drawings. However, this is only for the purpose of describing the present invention and is not described to limit or limit the contents of the present invention. Therefore, those skilled in the art can make various modifications and equivalents therefrom. It will be possible to implement one other embodiment, therefore, the true technical protection scope of the invention should be defined by the technical details of the appended claims.

The present invention can be used in the field of developing a payment system using a mobile phone.

Claims (21)

In the buyer authentication method for authenticating the electronic payment in the electronic shopping mall using the mobile phone of the electronic shopping mall server, the Internet billing company server and the communication company server through the communication network, When the electronic payment request of the purchaser terminal is transmitted to the Internet payment company server through the electronic shopping mall server, and the subscriber authentication is completed in the Internet payment company server, the authentication server is connected to the electronic shopping mall server from the Internet payment company server A first step of receiving a service provider subscription information including a mobile phone number of the buyer; When there is a network request from the cellular phone of the buyer to the authentication server, the authentication server extracts the originating internal IP from the network request, and uses the extracted originating internal IP of the cellular phone of the buyer through the authentication information server. A second step of receiving unique identification information; And And a third step of performing the mobile phone authentication of the buyer by comparing the unique identification information with the telecommunication company subscription information and determining whether the mobile phone that attempted the network request to the authentication server is the mobile phone of the buyer. Authentication method. The method of claim 1, The network request to the authentication server, the buyer authentication method, characterized in that one of the 3 to 7 layer IP based protocol in the OSI 7 layer model. The method of claim 1, wherein the network request to the authentication server, Buyer authentication method characterized in that the network request through a browser or a network request through a dedicated application. The method of claim 1, Between the first step and the second step, Buyer authentication method further comprises the step of transmitting the access URL information to the authentication server to the mobile phone of the buyer via the communication server server of the electronic shopping mall server, the authentication server and a separate server. The method of claim 4, wherein The step of transmitting the access URL information to the authentication server to the mobile phone of the buyer, And a method of transmitting a URL callback message including the access URL information or a short message including the URL information. The method of claim 1, The unique identification information is a buyer authentication method, characterized in that one of the Mobile Station International ISDN Number (MSISDN), Mobile Directory Number (MDN) and Mobile Identification Number (MIN). The method of claim 1, The authentication information server is a buyer authentication method, characterized in that one of the IPLS, GGSN, P-GW, SGSN, S-GW, MME, HLR, HSS, PCRF, AAA, SPR. In the purchaser authentication method using a mobile phone of the electronic payment system, including an electronic shopping mall server, Internet payment company server, carrier server and authentication server, A first step of receiving, by the electronic shopping mall server, product transaction information including purchase object product information and purchase price information from the terminal of the buyer; A second step of the electronic shopping mall server requesting an electronic payment from the Internet payment company server; A third step of the internet payment company server authenticating the subscriber by receiving the purchaser subscription information of the buyer from the buyer terminal; A fourth step of, when the internet payment company subscriber authentication succeeds, requesting the purchaser's mobile phone authentication to the authentication server while transmitting the service provider subscription information including the mobile phone number of the buyer; When there is a network request from the mobile phone of the buyer to the authentication server, the authentication server extracts an originating internal IP from the network request of the buyer mobile phone, and uses the extracted originating internal IP through the authentication information server. A fifth step of receiving unique identification information of the cellular phone; And A purchaser comprising a sixth step of performing the mobile phone authentication of the buyer by comparing the unique identification information with the telecommunication company subscription information and determining whether the mobile phone that attempted the network request to the authentication server is the mobile phone of the buyer; Authentication method. The method of claim 8, wherein between the fourth step and the fifth step, And if the internet payment company subscriber authentication succeeds, the internet payment company server transmitting the access URL information to the authentication server to the mobile phone of the buyer through the communication company server. The method of claim 8, The network request to the authentication server, the buyer authentication method, characterized in that one of the 3 to 7 layer IP based protocol in the OSI 7 layer model. The method of claim 8, wherein the network request to the authentication server, Buyer authentication method, characterized in that the HTTP network request via a browser or a network request through a dedicated application. The method of claim 8, The step of transmitting the access URL information to the authentication server to the mobile phone of the buyer, And a method of transmitting a URL callback message including the access URL information or a short message including the URL information. The method of claim 8, The unique identification information is a buyer authentication method, characterized in that one of the Mobile Station International ISDN Number (MSISDN), Mobile Directory Number (MDN) and Mobile Identification Number (MIN). The method of claim 8, The authentication information server, the buyer authentication method, characterized in that one of the IPLS, GGSN, P-GW, S-GW, MME, HLR, HSS, PCRF, AAA, SPR. An electronic shopping mall server that receives product transaction information including purchase target product information and purchase price information from a buyer terminal; In response to a payment request of the electronic shopping mall server, the Internet payment company subscription information inputted from the buyer terminal is performed to perform subscriber authentication, and if the subscriber authentication is successful, the carrier information including the mobile phone number of the buyer is transmitted. An Internet billing company server for requesting authentication of the mobile phone of the buyer with an authentication server; When there is a network request from the cellular phone of the buyer to the authentication server, the originating internal IP is extracted from the network request, and the unique identification information of the cellular phone of the buyer is obtained through an authentication information server using the extracted originating internal IP. And a mobile phone including the authentication server for authenticating the mobile phone of the buyer by determining whether the mobile phone that attempts the network request to the authentication server is compared with the unique identification information and the service provider subscription information. Internet electronic payment system using. The method of claim 15, The Internet payment company server, if the subscriber authentication is successful, the Internet electronic payment system using a mobile phone, characterized in that for transmitting the access URL information to the authentication server to the mobile phone of the buyer via the carrier server. The method of claim 15, The network request to the authentication server, the Internet electronic payment system using a mobile phone, characterized in that one of the 3 to 7 layer IP based protocol in the OSI 7 layer model. The method of claim 15, wherein the network request to the authentication server, Internet electronic payment system using a mobile phone, characterized in that the network request through a browser or a network request through a dedicated application. The method of claim 15, Sending the access URL information to the authentication server to the mobile phone of the buyer, And transmitting a URL callback message including the access URL information or a short message including the URL information. The method of claim 15, The unique identification information is an Internet electronic payment system using a mobile phone, characterized in that one of the MSISDN (Mobile Station International ISDN Number), MDN (Mobile Directory Number) and MIN (Mobile Identification Number). The method of claim 15, The authentication information server, the Internet electronic payment system, characterized in that one of the IPLS, GGSN, P-GW, S-GW, MME, HLR, HSS, PCRF, AAA, SPR.

Images