WO2002014975A2 - System and method for autorizing e-commerce - Google Patents

System and method for autorizing e-commerce Download PDF

Info

Publication number
WO2002014975A2
WO2002014975A2 PCT/KR2001/001341 KR0101341W WO0214975A2 WO 2002014975 A2 WO2002014975 A2 WO 2002014975A2 KR 0101341 W KR0101341 W KR 0101341W WO 0214975 A2 WO0214975 A2 WO 0214975A2
Authority
WO
WIPO (PCT)
Prior art keywords
client
authentication
recording medium
server
shopping mall
Prior art date
Application number
PCT/KR2001/001341
Other languages
French (fr)
Other versions
WO2002014975A3 (en
Inventor
Hyeoung-Sig Moon
Original Assignee
Cd Cash Co., Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cd Cash Co., Ltd filed Critical Cd Cash Co., Ltd
Priority to AU2001278802A priority Critical patent/AU2001278802A1/en
Publication of WO2002014975A2 publication Critical patent/WO2002014975A2/en
Publication of WO2002014975A3 publication Critical patent/WO2002014975A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights

Definitions

  • the present invention relates to a system and method for authorizing electronic commerce. More specifically, the present invention relates to a system and method for authorizing electronic commerce using recording medium linked with billing information of banking agencies.
  • the electronic commerce includes a series of actions of marketing for customers, advertisements, supply, services, production, transportation and purchase as well as commercial transactions based on money using electronic media, techniques and means under integrated and automated information environments between business and business, business and customers, customers and customers, or government and business.
  • a buyer accesses a shopping mall site on the Internet via a computer, buys desired products and requests a billing process.
  • the shopping mall site then requests an authentication to an authentication agency after receiving the buyer' s billing request.
  • the authentication agency of the banking agencies such as banks, credit card companies or advance payment card companies refers to self-built authentication database to execute the authentication process and conclude a corresponding electronic commerce.
  • electronic money for electronic commerce can be used for a billing method, and the electronic money is categorized as an integrated circuit (IC) card type electronic money which has a rechargeable IC chip to which money information is provided, and a network type electronic money which uses money information stored on the buyer'- s hard disk of the computer.
  • IC integrated circuit
  • credit cards can be used for conventional billing methods on the Internet.
  • information on private identity (ID) that is, a credit card number and an expiration date have to be provided.
  • ID private identity
  • bank account transfer a bank account number and a password have to be filled in a predetermined on-line form .
  • advance payment cards an ID and a password have to be filled in a predetermined on-line form .
  • the above-noted buyer' s direct input methods can expose the buyer' s private credit information on the network by careless management or a cracker' s hacking.
  • the user has to undergo complex and uncomfortable processes such as inputting of various data and authentication for electronic commerce.
  • an electronic commerce authentication system comprises an authentication processor which includes: a recording media database that stores identification codes of the recording media; and an authentication server that authenticates the recording medium as a registered medium when the identification code transmitted from the client is stored in the recording media database; and a card billing processor which includes: a card information database that stores credit card numbers corresponding to the identification numbers of the recording media; and a billing server that searches the card information database based on the identification numbers of the recording media inserted into the client, finds the corresponding credit card numbers, performs a billing approval on a transaction executed between the client and the shopping mall server, and provides approval results to the authentication processor, the authentication processor transmitting the approval results provided by the card billing processor to the shopping mall server so as to finally perform a transaction between the client and the shopping mall server.
  • an electronic commerce authentication method comprises steps of: transmitting a reading unit to the client when receiving information including an electronic transaction number and a billed price from the shopping mall server; checking whether the recording medium is a registered one by using an identification code or an identification number when receiving the identification code and the identification number of the recording medium inserted into the client from the reading unit; performing a card billing approval on the billed price by using a credit card number corresponding to the identification number when the recording medium is authenticated to be the registered one; and transmitting approval results of the card billing to the shopping mall server so as to finally execute the electronic transaction between the client and the shopping mall server.
  • FIG. 1 shows a configuration of an electronic commerce authentication system according to a preferred embodiment of the present invention
  • FIG. 2 shows an operation between components of the electronic commerce authentication system according to a first preferred embodiment of the present invention
  • FIGs. 3(a) and 3(b) each show an operation of the electronic commerce authentication system according to the first preferred embodiment of the present invention
  • FIG. 4 shows an operation between components of the electronic commerce authentication system according to a second preferred embodiment of the present invention
  • FIGs. 5(a) and 5(b) each show an operation of the electronic commerce authentication system according to the second preferred embodiment of the present invention
  • FIG. 6 shows an operation between components of the electronic commerce authentication system according to a third preferred embodiment of the present invention
  • FIGs. 7(a) and 7(b) each show an operation of the electronic commerce authentication system according to the third preferred embodiment of the present invention.
  • FIG. 8 shows an operation between components of the electronic commerce authentication system according to a fourth preferred embodiment of the present invention.
  • FIGs. 9(a) and 9(b) each show an operation of the electronic commerce authentication system according to the fourth preferred embodiment of the present invention.
  • FIG. 1 0 shows an operation between components of the electronic commerce authentication system according to a fifth preferred embodiment of the present invention.
  • FIGs. 1 1 (a) and 1 1 (b) each show an operation of the electronic commerce authentication system according to the fifth preferred embodiment of the present invention
  • FIG. 1 shows a configuration of an electronic commerce authentication system according to a preferred embodiment of the present invention.
  • the electronic commerce authentication system comprises an authentication processor 40 connected to a plurality of clients 20 and shopping mall servers 30 via the Internet 10, and further optionally comprises a card billing processor 50 connected to the authentication processor 40 via a proprietary line, an electronic gift certificate processor 60, a cooperation banking processor 70, and an electronic purse processor 80.
  • the shopping mall server 30 can be connected to the card billing processor 50 via a payment gate 90, and the electronic purse processor 80 to an additional banking processor 1 00 for processing banking jobs related to an electronic purse.
  • the client 10 can access the authentication processor 40 via the network such as the Internet 1 0, and a communication device that can read recording medium provided by the present invention is used as the client 1 0.
  • the recording media include optical recording media such as compact discs (CD) or digital video discs (DVD) , magnetic recording media such as hard disks or floppy discs, or recording media such as flash memories.
  • the CD is used as the recording medium , and accordingly, the client 20 has a built-in CD driver to read the CD.
  • the recording medium on which authentication information is stored will be hereinafter referred to as a " CD card.”
  • the CD card 1 1 0 stores authentication information related to billing information of the banking agencies (e.g. , credit card companies, banks, electronic purse releasing companies and electronic gift certificate releasing companies) , and the authentication information includes a CD code which is an ID of the corresponding CD card, and a CD number which relates to billing information of the banking agencies.
  • the banking agencies e.g. , credit card companies, banks, electronic purse releasing companies and electronic gift certificate releasing companies
  • the CD card 1 1 0 can be used as a credit card for authentication of billing the electronic commerce in connection with a billing process using ordinary credit card, and besides, can be used as the electronic purse or the electronic gift certificate. Therefore, the billing information of the banking agencies includes a credit card number for a credit card billing service, an account number of a bank account transfer service, an electronic purse account number for an electronic purse billing service, and a price of a gift certificate for an electronic gift certificate billing service. This billing information is selected depending on what billing agencies the CD card will cooperate with so as to execute the electronic commerce authentication. Description on this selection of the billing information will be provided in respective following preferred embodiments.
  • the client 20 can comprise a reading unit 21 which reads the CD code and
  • the reading unit 21 can be downloaded from the authentication processor 40 as a plug-in method and then installed in the client 20, can be provided every time when the client 20 accesses the authentication processor 40 according to the Java applet method, or can be provided according to the ActiveX method or further various methods.
  • the shopping mall servers 30 can be shopping mall servers that cooperate with the authentication processor 40 on the electronic commerce authentication services, or other shopping mall servers which do not cooperate with the authentication processor 40.
  • the shopping mall servers 30 sell products to the client 20 who accesses the site via the Internet 10.
  • the authentication processor 40 for executing the authentication on transactions between the client 20 and the shopping mall servers 30 comprises a management information database 41 , a CD information database 42, an adjustment information database 43, a management server 44, and an authentication server 45.
  • the management information database 41 stores various sorts of information, required for managing the sites of the authentication processor 40, such as data on homepages and various information-providing pages, and addresses of the shopping mall sites cooperated with respect to the commerce authentication jobs.
  • the management server 44 provides web services for a plurality of the clients 20 to access the sites on the Internet 1 0, and provides information on the cooperated shopping malls to the clients 20 using information stored in the management information database 41 , and when the client 20 selects a desired shopping mall, links the client 20 to the corresponding shopping mall server.
  • the CD information database 42 stores the CD codes and CD numbers of the CD cards released by the authentication processor 40 or the banking agencies which are cooperated with the authentication processor 40 on the commerce authentication jobs, and also stores passwords, for checking whether or not the CD card is a registered one, in correspondence with the CD codes.
  • the authentication server 45 compares the CD code and password transmitted by the client 20 with the CD codes and passwords stored in the CD information database 42 so as to check whether the CD card 1 1 0 of the client 20 is the registered one, and stores billing process results performed using the authenticated CD card in the adjustment information database 43.
  • the adjustment information database 43 stores information such as billed price, states of authentication, and banking agencies that executed the billing process with respect to the CD codes in order of the requested authentication.
  • the card billing processor 50 executes a credit card billing process
  • the electronic gift certificate processor 60 executes a gift certificate billing process
  • the cooperation banking processor 70 executes an account transfer process
  • the electronic purse processor 80 executes an electronic purse billing process by using the CD number of the corresponding CD card. Configurations and operations of the respective devices 50 to 80 will be described in the respective preferred embodiments of the present invention.
  • the commerce authentication includes a process for checking whether the CD card is a registered one, and a process for billing the products (including goods and services) the user wants to buy by using the authentication information recorded on the CD card.
  • FIG. 2 shows an operation between components of the electronic commerce authentication system according to a first preferred embodiment of the present invention.
  • the electronic commerce authentication system uses the CD card , on which the CD number is recorded and which relates to the existing credit card num ber, so as to perform the electronic commerce authentication, and accordingly, the authentication processor 40 cooperates with the card billing processor 50 on the commerce authentication jobs so as to perform authentication on the transactions between the client 20 and the shopping mall server 30.
  • the card billing processor 50 is managed by the existing credit card company, and as shown in FIG. 1 , comprises a card information database 51 which stores credit card numbers corresponding to the CD numbers of the released CD cards; an approval information database 52 which stores users' identity information (e.g. , expiration periods, money limits, arrears) for respective credit card numbers, -and billed results; and a billing server 53 which performs card billing processes using information stored in the card information database 51 and the approval information database 52.
  • the card billing processor 50 transmits and receives information via the exclusive line connected to the authentication processor 40.
  • FIGs. 3(a) and 3(b) each show an operation of the electronic commerce authentication system according to the first preferred embodiment of the present invention.
  • the client 20 is automatically accessed to the authentication processor 40 via the Internet 10 by an operation of an automatic accessing program installed on the CD card 1 1 0 in steps S10 and S20.
  • the management server 44 of the authentication processor 40 reads a homepage from the management information database 41 , and accordingly, the homepage of the authentication processor 40 is displayed on a screen of the client 20, and homepage displays various menus such as a " Guide to the CD Card Usage” and a “ Guide to the Shopping Malls.”
  • the management server 44 When the user clicks the " Guide to the Shopping Malls" , the management server 44 provides information on a plurality of cooperated shopping malls, and when the user selects a specific shopping mall, the management server 44 connects the client 20 to the shopping mall server in steps S30 to S50.
  • the shopping mall server 30 When the client 20 accesses the shopping mall server 30 via the authentication processor 40, the shopping mall server 30 provides information on various products to the client 20 in step S60, and when a buying message is transmitted to the shopping mall server 30 by the client 20, the shopping mall server 30 selects a billing method on the products the client 20 wants to buy in step S70.
  • the shopping mall server 30 when a CD-card-using billing method is selected, the shopping mall server 30 generates a transaction number, and transmits the transaction number and a billing price to the authentication processor 40 so as to request a transaction approval in step S80.
  • the client 20 is connected to the authentication processor 40, and a billing window is called by the authentication processor 40 and then provided to the client 20.
  • the shopping mall server 30 installs a connection program to the authentication server 45, and transmits the transaction numbers and the billing price via socket communication, and besides, encrypts the transaction numbers and the billing price with an open key method, and transmits the encrypted data, and thereby, enhancing security. Communication and encryption methods are not restricted to the above-noted description.
  • the authentication server 45 of the authentication processor 40 transmits the reading unit 21 to the client 20 which has a transaction with the shopping mall server 30 in step S90.
  • the reading unit 21 When the reading unit 21 is transmitted to the client 20 in step S100, the reading unit 21 displays a password input window for authentication of the CD card on the client' s screen, reads the CD code and the CD number from the CD card 110 inserted into the CD drive of the client 20, converts the password, the CD code and the CD number to fit the Internet protocol, and then transmits the converted data to the authentication processor 40 in step S110 and S120.
  • the CD code, the CD number and the password are encrypted using the open key method, and then transmitted.
  • the authentication server 45 searches the CD information database 42 based on the CD code transmitted from the client 20, and when the transmitted
  • CD code is stored in the CD information database 42, compares the password corresponding to the CD code with the transmitted password, and when they are identical, determines that the CD card 110 inserted into the client 20 is a registered one for commerce authentication in step S130.
  • the authentication server 45 transmits the CD number of the corresponding CD card and the billing price to the. cooperated card billing processor 50 and requests a billing approval in step S1 40, and the billing server 53 of the card billing processor 50 searches the card information database 51 and finds a credit card number corresponding to the CD number transmitted from the authentication server 45 in step S1 50.
  • the billing server 53 processes a card billing approval on the billed price by using the information on the user' s identity corresponding to the credit card number read from the approval information database 52, and transmits approval results to the authentication server 45 in steps S160 and S1 70. At this time, when the card billing is approved, the billing server 53 creates an approval number and transmits the same to the authentication server 45, and when the card billing is not approved (e.g. , because of expiration date, limit excess, or arrears) , the billing server 53 transmits an approval failure message to the authentication server 45.
  • the authentication server 45 transmits the approval results transmitted from the card billing processor 50 to the shopping mall server 30 which requests the transaction approval, and stores the approval results (such as the billed price and states of the approval) in the adjustment information database 43 in order of the CD numbers in step S1 80.
  • the shopping mall server 30 checks whether the product transaction is billed according to the approval results transmitted from the authentication server 45, and when the authentication number is transmitted according to the card billing approval, transmits a billing approval message to the client 20 to notify that the transaction on the corresponding product is concluded in step S190.
  • the shopping mall server 30 transmits a billing failure message to the client 20 to notify that the user' s using of the CD card is not authenticated, and requests another billing method to the user.
  • the user can check the states of the billing on the desired products when watching the billed results displayed on the screen of the client 20, and the shopping mall server 30 then delivers the product to the user via a delivery system in steps S200 and S210.
  • the authentication information recorded on the CD card is automatically transmitted to the authentication processor and the card billing process on the bought product is executed, and therefore, safe transactions can be executed with leakage of information on private identity.
  • CD card using transactions can be authenticated, and furthermore, even when the client 20 wishes to buy a product from non-cooperated shopping mall servers, the CD card using transactions can be authenticated.
  • a second preferred embodiment of the present invention for authenticating the transactions between the client with a built-in CD card and the non-cooperated shopping mall servers will now be described.
  • FIG. 4 shows an operation between components of the electronic commerce authentication system according to the second preferred embodiment of the present invention.
  • the authentication processor 40 performs the credit card billing processes using the card billing processor 50 and the CD number identically with the first preferred embodiment, and performs authentications and billing processes executed between the client 20 and the non-cooperated shopping mall server 31 according to a transaction authentication request generated by the client 20 with a built-in CD card 110 differently from the first preferred embodiment.
  • the non-cooperated shopping mall server 31 can be connected to the card billing processor 50 via the payment gate 90. Since the configurations of the authentication processor 40 and the card billing processor 50 are identical with those of the first preferred embodiment, further description will not be described.
  • FIGs. 5(a) and 5(b) each show an operation of the electronic commerce authentication system according to the second preferred embodiment of the present invention.
  • Internet 1 0 via the client 20, accesses the non-cooperated shopping mall server 31 , buys desired products and selects a credit card billing process to pay the product in steps S300 to S320, the shopping mall server 30 provides a credit card number inputting window to the client 20, and the client 20 requests a temporary card number to the authentication processor 40 in step S330.
  • the user drives the CD card 1 1 0 inserted into the client 20 so as to automatically request the temporary card number to the authentication processor
  • the authentication server 45 of the authentication server 40 transmits the reading unit 21 to the client 20, and the reading unit 21 displays a password inputting window, encrypts the password provided via the password inputting window, the CD code and the CD number read from the CD card 1 10, converts the encrypted data to fit the Internet protocol, and transmits the converted data to the authentication processor 40 in steps S340 to S370.
  • the authentication server 45 searches the CD information database 42 using the CD code and the password transmitted by the client 20, and checks whether the CD card 1 1 0 inserted into the client 20 is the registered one, and when the CD card 1 1 0 is the registered one, the authentication server 45 generates a temporary card number and transmits the same to the client 20 and the card billing processor 50 especially together with the
  • the billing server 53 of the card billing processor 50 stores the temporary card number in the card information database 51 corresponding to the CD number transmitted from the authentication processor 40 in step S400.
  • the temporary card number is displayed on the screen of the client 20, and the user enters the temporary card number transmitted from the authentication processor 40 in a credit card number inputting window requested by the non-cooperated shopping mall server 31 .
  • the non-cooperated shopping mall server 31 recognizes the temporary card number provided by the client 20 through the window as a credit card number, and transmits the temporary card number and the billed price to the payment gate
  • the payment gate 90 transmits the temporary card number and the billed price to the card billing processor 50 via the value added network (VAN) in steps
  • card billing processor 50 searches the card information database 51 using the temporary card number to find the CD number and the credit card number corresponding to the temporary card number, and as in the same manner of the first preferred embodiment, processes the card billing approval on the billed price according to information on the user' s identity corresponding to the credit card number in steps S440 and S450.
  • the card billing processor 50 generates an approval number according to the card billing approval and transmits the same to the payment gate 90, and the payment gate 90 transmits the approval number to the non-cooperated shopping mall server 31 in steps S460 and S470.
  • the non-cooperated shopping mall server 31 When receiving the approval number with respect to the temporary card number input from the client via the payment gate 90, the non-cooperated shopping mall server 31 generates a message that the transaction is concluded to the client 20 in order ' for the user to check the message in steps S480 and S490, and then delivers the billed product to the corresponding user in step S495.
  • the card billing processor 50 transmits the approval results on the card billing with respect to the temporary card number to the authentication processor
  • the authentication server 45 stores the approval results by the temporary card number in the adjustment information database 43 so as to use the same in paying fees caused by cooperation with the card billing processor.
  • the user can pay the product using the CD card when he buys the product at the non-cooperated shopping mall, information on the user' s identity is not leaked and safe transactions are possible.
  • a CD card that stores authentication information relating to the credit card numbers is used to get transaction approvals (i.e. , billing approval of the credit card), and furthermore, transaction approvals using electronic purse billing processes can be executed by recording authentication information relating to electronic purse account numbers on the CD card.
  • transaction approvals i.e. , billing approval of the credit card
  • transaction approvals using electronic purse billing processes can be executed by recording authentication information relating to electronic purse account numbers on the CD card.
  • FIG. 6 shows an operation between components of the electronic commerce authentication system according to the third preferred embodiment of the present invention.
  • the electronic commerce authentication system issues the CD card 110 as an electronic purse by which the user buys desired products freely within the amount of money that the user deposited in his electronic purse account.
  • Electronic purse companies open electronic purse accounts corresponding to the CD numbers of the CD cards.
  • the electronic purse accounts are advance payment accounts that can be either representative accounts of the electronic purse companies or Internet-only accounts for individuals.
  • the authentication processor 40 performs the electronic-purse-using commerce authenticating processes together with the electronic purse processor 80 managed by the electronic purse companies.
  • the electronic purse processor 80 comprises an electronic purse account database 81 which stores an electronic purse account number corresponding to the CD number of the CD card; and a processing server 82 which checks the electronic purse account number of the CD number provided by the authentication processor 40 by using the information stored in the electronic purse account database 81 and then requests billed price transfers from the electronic purse account to a selling adjustment account to cooperated banks.
  • the electronic purse processor 80 is connected to the banking processor 1 00 of the cooperated banks via the proprietary line.
  • the banking processor 100 comprises -an account information database 101 which stores information on the balances for the respective account numbers; and a transfer processing server 102 which transfers the billed price from the corresponding electronic purse account to the selling adjustment account according to the account transfer requests generated by the electronic purse processor 80.
  • the money for paying the products to the shopping mall that cooperates with the electronic purse companies is deposited in the selling adjustment account, and by using the money deposited in the selling adjustment account, the price of the bought products are paid according to selling histories of the respective shopping malls by using the electronic purse processor.
  • the billed price can be individually transferred from the electronic purse account corresponding to the user' s CD card to the shopping mall account opened by the shopping mall.
  • FIGs. 7(a) and 7(b) each show an operation of the electronic commerce authentication system according to the third preferred embodiment of the present invention.
  • a CD card 1 1 0 (which will be referred as a CD electronic purse in the third preferred embodiment) is inserted into the client 20, the client 20 is automatically accessed to the authentication processor 40 and then to a specific shopping mall server 30 cooperated with the authentication processor 40, and a transaction is executed.
  • a CD electronic purse billing is set as a billing method in steps S500 to S560
  • the shopping mall server 30 generates a transaction number according to the transaction and transmits the transaction number and the billed price to the authentication processor 40 to request a transaction approval in step S570.
  • the shopping mall server 30 can encrypt the transaction number and the billed price by using an open key encryption method, and transmit the same to the authentication processor 40 via a socket communication.
  • the authentication server 45 of the authentication processor 40 transmits the reading unit 21 to the client 20 which has a transaction with the shopping mall server 30 in step S580, and the reading unit 21 encrypts the password input by the user and the CD code and the CD number read from the CD electronic purse 1 1 0 and transmits the encrypted data to the authentication processor 40 in steps S590 and S61 0.
  • the authentication server 45 identically with the first preferred embodiment, checks whether the CD electronic purse is a registered one by using the transmitted CD code and the password in step S620.
  • the authentication server 45 transmits the CD number of the corresponding CD electronic purse 1 1 0 and the billed price to the electronic purse processor 80 to request a billing approval in step S630, and the processing server 82 of the electronic purse processor 80 searches the electronic purse account database 81 by using the CD number transmitted from the authentication server 45 and finds the corresponding electronic purse account number in step S640.
  • the processing server 82 provides the electronic purse account number corresponding to the CD electronic purse and the billed price to the banking processor 1 00 of the cooperated bank and requests a transfer to the selling adjustment account of the electronic purse company in step S650.
  • the transfer processing server 1 02 of the banking processor 1 00 searches the account information database 101 , checks the balances left in an advance payment account corresponding to the electronic purse account number transmitted from the electronic purse processor 80, and determines whether or not the billed price can be transferred, and in the case the transfer is possible, the transfer processing server 1 02 transfers the billed price from the electronic purse account (the advance payment account) to the selling adjustment account in step S660.
  • the transfer processing server 1 02 provides transfer results to the electronic purse processor 80, and the processing server 82 of the electronic purse processor 80 generates an approval number which represents a billing approval when the transfer is completed, and transmits the approval number to the authentication processor 40 in steps S670 and S680, and the authentication server 45 transmits the approval number to the shopping mall server 30 which requested the approval of the transaction in step S690.
  • the shopping mall server 30 When receiving the approval number according to the electronic purse billing approval from the authentication server 45, the shopping mall server 30 therefore transmits the billing results to the client 20 to notify that the final transaction on the corresponding product is concluded, and then delivers the sold product to the user in steps S700 to S720.
  • the banking processor 100 transmits a transfer failure message to the electronic purse processor 80, and when the electronic purse processor 80 generates and transmits an approval-not-allowed message to the shopping mall server 30 via the authentication server 45, the shopping mall server 30 requests another billing method to the client 20 to notify that the transaction is not executed.
  • the user can
  • the electronic purse companies can safely perform the billing jobs with the shopping malls cooperated via the CD electronic purse, and furthermore can maximize the advertisement effects with lower costs using the CD electronic purse.
  • FIG. 8 shows an operation between components of the electronic commerce authentication system according to a fourth preferred embodiment of the present invention.
  • the billing processes of the electronic commerce are performed by using the banking processor managed by the bank and not by the electronic purse companies, and as shown in FIG. 8, the authentication processor 40 is connected to the cooperation banking processor 70 via a proprietary line.
  • FIG. 8 shows an operation between components of the electronic commerce authentication system according to a fourth preferred embodiment of the present invention.
  • the billing processes of the electronic commerce are performed by using the banking processor managed by the bank and not by the electronic purse companies, and as shown in FIG. 8, the authentication processor 40 is connected to the cooperation banking processor 70 via a proprietary line.
  • the cooperation banking processor 70 comprises a banking account number database 71 which stores an opened account number corresponding to the CD number of the CD card; an account information database 72 which stores information on the accounts such as the balances for the respective account numbers; and a transfer processing server 73 which transfers the billed price from the banking account corresponding to the account number corresponding to the CD number transmitted from the authentication processor 40 to the selling adjustment account by using the banking account number database 71 and the account information database 72.
  • the banking account represents the Internet banking account and the user' s real account to be used at the bank.
  • FIGs. 9(a) and 9(b) each show an operation of the electronic commerce authentication system according to the fourth preferred embodiment of the present invention.
  • the client 20 accesses the specific shopping mall server 30 cooperated with the authentication processor 40 to buy desired products, and selects the CD card as a paying method, and when the shopping mall server 30 transmits a transaction number and the billed price to request a transaction approval in steps S800 to S870, the authentication server 45 of the authentication processor 40 transmits the reading unit 21 to the client 20 which has a transaction with the shopping mall server 30 in step S880.
  • the reading unit 21 encrypts the password, the CD code and -the CD number provided by the user and transmits them to the authentication processor
  • the authentication server 45 checks whether the corresponding CD card is the registered one using the CD code and the password transmitted identically with the first preferred embodiment, and when the CD card is a registered one, the authentication server 45 transfers the CD number and the billed price of the corresponding CD card to the cooperation banking processor 70 so as to request an account transfer in steps S920 and S930.
  • the transfer processing server 73 of the cooperation banking processor 70 searches the banking account number database 71 using the CD number transmitted from the authentication server 45 and finds the corresponding account number in step S940, and as shown in FIG. 9(b), checks the balances left in the account corresponding to the found account number, and determines whether the billed price can be transferred, and in the case the billed price can be transferred, the transfer processing server 73 transfers the billed price from the corresponding account to the selling adjustment account of the bank, and when the transferring process is completed, generates an approval number which indicates a. billing approval and transmits the approval number to the authentication processor 40 in steps S950 and S960.
  • the authentication server 45 transmits the approval number to the shopping mall server 30 which requested a transaction approval in step S9.70, and when receiving the approval number from the authentication server 45 according to the transaction approval of the account transfer, the shopping mall server 30 transmits the billing results to the client 20 to notify .that a final transaction to the corresponding product is concluded in steps S980 and S990, an then delivers the sold product to the user in step S995.
  • the cooperation banking processor 70 transmits a transfer failure to the authentication processor 40 to notify that the account transfer using the corresponding CD card is not executed.
  • the billed price is transferred from the user' s account according to the authentication information recorded on the CD card even when the user does not provided the account number, and therefore, safe transactions can be executed through the bank account transfer.
  • FIG. 1 0 shows an operation between components of the electronic commerce authentication system according to a fifth preferred embodiment of the present invention.
  • the CD card 1 1 0 is released as an electronic gift certificate which the user uses for paying the products in the cyber space, and a usable amount of money is set corresponding to the CD number of the CD card that is the electronic gift certificate issued by the electronic gift certificate companies.
  • the electronic gift certificate processor 60 of the electronic certificate gift company comprises a price information database 61 which stores usable money corresponding to the CD number of the CD card that is the released electronic gift certificate; and a gift certificate processing server 62 which performs paying processes on the CD number transmitted from the authentication processor 40 by using information stored in the price information database 61 .
  • the electronic gift certificate processor 60 connected to the authentication processor 40 via a proprietary line, performs transaction authentication jobs such as approving the billing process.
  • FIGs. 11 (a) and 1 1 (b) each show an operation of the electronic commerce authentication system according to the fifth preferred embodiment of the present invention.
  • CD card 1 1 0 is inserted into the client 20, the client 20 accesses the specific shopping mall server 30 cooperated with the authentication processor 40 to buy desired products, and selects the CD card, that is, the electronic gift certificate as a paying method, and when the shopping mall server 30 transmits a transaction number and the billed price to request a transaction approval in steps S1000 to
  • the authentication server 45 of the authentication processor 40 transmits the reading unit 21 to the corresponding client 20.
  • the reading unit 21 encrypts the password, the CD code and the CD number provided by the user and transmits them to the authentication processor 40 in steps S1 080 to S1 1 1 0.
  • the authentication server 45 checks whether the corresponding CD card is the registered one using the CD code and the password transmitted identically with the first preferred embodiment, and when the CD card is a registered one, the authentication server 45 transfers the CD number and the billed price of the corresponding CD card to the electronic gift certificate processor 60 so as to request a billing approval in steps S1 120 and S1 1 30.
  • the gift certificate processing server 62 of the electronic gift certificate processor 60 searches the price information database 61 by using the CD number transmitted from the authentication server 45, and checks how much money is corresponded to the CD number, in other words, checks how much the CD card is in step S1 140, and when the corresponding price is bigger or equal to the billed price, the gift certificate processing server 62 subtracts the billed price from the money of the gift certificate in step S1 1 50.
  • the gift certificate processing server 62 when the billing process is executed using the price of the gift certificate, the gift certificate processing server 62 generates an approval number and transmits the approval number to the authentication processor 40 in step S1 1 60, and corresponds the balance of the gift certificate followed by the billing process to the corresponding CD number and stores the balance in the price information database 61 .
  • the shopping mall server 30 transmits the billing results to the client 20 to notify that the final transaction on the corresponding product is performed in steps S1 1 70 to S1 190, and then delivers the sold product to the user in step S1200.
  • the gift certificate processing server 62 of the electronic gift certificate processor 60 transmits a billing-not-allowed message to the authentication server 45 to notify a failure of the billing approval to the shopping mall server.
  • the CD card can store information on the price of the gift certificate, and the price of the gift certificate can be recharged into the respective CD cards.
  • CD card can be easily used as the electronic gift certificate in the transactions. Since the electronic commerce is performed using the CD card without additional inputting of private information and the billing approval is performed within the limit price of the gift certificate, stable and reliable transactions can be executed.
  • the CD card used in the above-noted preferred embodiments includes
  • CD-ROMs, CD-Rs and CD-RWs The authentication processor or respective processors of the banking agencies can issue the CD card.
  • the authentication processor is individually cooperated with various banking agencies to perform the authentication processes, and further, the authentication processor can be cooperated with the processors of all the banking agencies so as to globally manage the credit card billing, banking account transferring, electronic purse billing, and electronic gift certificate billing processes.
  • the shopping mall server communicated with the authentication processor in the socket communication method, but this communication method can include various communication methods to transmit and receive information to/from the authentication processor.
  • the encryption method is not restricted to the open key encryption method, but can include various encryption methods, and the encryption of information is selectively performed.
  • registration states of the CD card is determined by using the CD code, and furthermore, the registration states can be checked by determining whether the passwords are identical by use of the CD number, or the CD card can be determined to be the registered one only when the identification code, identification number and password transmitted from the client are identical with the identification code, identification number and password stored in the CD information database.
  • the electronic commerce authentication process is executed using a recording medium , on which authentication information which is inserted into the user' s terminal and is related to the billing information of the various banking agencies, is recorded, the authentication is performed without the user' s additional providing the credit information or banking information in the on ⁇ line state.
  • the user' s credit information or banking information is nor revealed, and risks caused by the conventional credit card of form inputting method or leakage of private credits or banking information the Internet banking are totally blocked. Since the authentication information stored in a recording medium is used, the processes become simpler.
  • various billing methods such as the credit card billing, billing via the bank account transfer, electronic purse billing, and the electronic gift certificate billing can be easily selected using the above-noted recording medium .
  • the electronic commerce authentication system uses the password after registering the password, other persons cannot use the password.

Abstract

Disclosed is an electronic commerce authentication system which comprises an authentication processor which includes: a recording media database that stores identification codes of the recording media; and an authentication server that authenticates the recording medium as a registered medium when the identification code transmitted from the client is stored in the recording media database; and a card billing processor which includes: a card information database that stores credit card numbers corresponding to the identification numbers of the recording media; and a billing server that searches the card information database based on the identification numbers of the recording media inserted into the client, finds the corresponding credit card numbers, performs a billing approval on a transaction executed between the client and the shopping mall server, and provides approval results to the authentication processor, and the authentication processor transmits the approval results provided by the card billing processor to the shopping mall server so as to finally perform a transaction between the client and the shopping mall server.

Description

System and Method for Authorizing E-Commerce
BACKGROUND OF THE INVENTION
(a) Field of the Invention The present invention relates to a system and method for authorizing electronic commerce. More specifically, the present invention relates to a system and method for authorizing electronic commerce using recording medium linked with billing information of banking agencies.
(b) Description of the Related Art As the Internet has become popularized, global Internet electronic commerce has also been developed and used. The electronic commerce includes a series of actions of marketing for customers, advertisements, supply, services, production, transportation and purchase as well as commercial transactions based on money using electronic media, techniques and means under integrated and automated information environments between business and business, business and customers, customers and customers, or government and business.
In conventional electronic commerce, a buyer accesses a shopping mall site on the Internet via a computer, buys desired products and requests a billing process. The shopping mall site then requests an authentication to an authentication agency after receiving the buyer' s billing request. The authentication agency of the banking agencies such as banks, credit card companies or advance payment card companies refers to self-built authentication database to execute the authentication process and conclude a corresponding electronic commerce. In this electronic commerce, electronic money for electronic commerce can be used for a billing method, and the electronic money is categorized as an integrated circuit (IC) card type electronic money which has a rechargeable IC chip to which money information is provided, and a network type electronic money which uses money information stored on the buyer'- s hard disk of the computer. However, since transmitted and received messages can be divulged or forged when performing the electronic commerce using the above-noted electronic money, security problems such as privacy violations or financial loss becomes obstacles to the electronic commerce.
Besides, credit cards, bank account transfer, or advance payment cards can be used for conventional billing methods on the Internet. In case of credit cards, information on private identity (ID) , that is, a credit card number and an expiration date have to be provided. In case of bank account transfer, a bank account number and a password have to be filled in a predetermined on-line form . In case of advance payment cards, an ID and a password have to be filled in a predetermined on-line form .
However, the above-noted buyer' s direct input methods can expose the buyer' s private credit information on the network by careless management or a cracker' s hacking.
Especially, in case of utilizing a hacking tool such as the Back Orifice, all contents input through a keyboard can be hacked by hackers or crackers, and accordingly, it is very dangerous to input private information in public places such as a game room or an office.
Also, the user has to undergo complex and uncomfortable processes such as inputting of various data and authentication for electronic commerce.
DISCLOSURE OF THE INVENTION It is an object of the present invention to provide an authentication system and method for a user to be authenticated without additional information input process by using a recording medium on which authentication information for the user' s electronic commerce is recorded.
In one aspect of the present invention, in a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers, an electronic commerce authentication system comprises an authentication processor which includes: a recording media database that stores identification codes of the recording media; and an authentication server that authenticates the recording medium as a registered medium when the identification code transmitted from the client is stored in the recording media database; and a card billing processor which includes: a card information database that stores credit card numbers corresponding to the identification numbers of the recording media; and a billing server that searches the card information database based on the identification numbers of the recording media inserted into the client, finds the corresponding credit card numbers, performs a billing approval on a transaction executed between the client and the shopping mall server, and provides approval results to the authentication processor, the authentication processor transmitting the approval results provided by the card billing processor to the shopping mall server so as to finally perform a transaction between the client and the shopping mall server.
In another aspect of the present invention, in an authentication method of a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers, an electronic commerce authentication method comprises steps of: transmitting a reading unit to the client when receiving information including an electronic transaction number and a billed price from the shopping mall server; checking whether the recording medium is a registered one by using an identification code or an identification number when receiving the identification code and the identification number of the recording medium inserted into the client from the reading unit; performing a card billing approval on the billed price by using a credit card number corresponding to the identification number when the recording medium is authenticated to be the registered one; and transmitting approval results of the card billing to the shopping mall server so as to finally execute the electronic transaction between the client and the shopping mall server. BRIEF DESCRIPTION OF THE DRAWINGS The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate an embodiment of the invention, and, together with the description, serve to explain the principles of the invention:
FIG. 1 shows a configuration of an electronic commerce authentication system according to a preferred embodiment of the present invention;
FIG. 2 shows an operation between components of the electronic commerce authentication system according to a first preferred embodiment of the present invention;
FIGs. 3(a) and 3(b) each show an operation of the electronic commerce authentication system according to the first preferred embodiment of the present invention;
FIG. 4 shows an operation between components of the electronic commerce authentication system according to a second preferred embodiment of the present invention;
FIGs. 5(a) and 5(b) each show an operation of the electronic commerce authentication system according to the second preferred embodiment of the present invention; FIG. 6 shows an operation between components of the electronic commerce authentication system according to a third preferred embodiment of the present invention;
FIGs. 7(a) and 7(b) each show an operation of the electronic commerce authentication system according to the third preferred embodiment of the present invention;
FIG. 8 shows an operation between components of the electronic commerce authentication system according to a fourth preferred embodiment of the present invention;
FIGs. 9(a) and 9(b) each show an operation of the electronic commerce authentication system according to the fourth preferred embodiment of the present invention;
FIG. 1 0 shows an operation between components of the electronic commerce authentication system according to a fifth preferred embodiment of the present invention; and
FIGs. 1 1 (a) and 1 1 (b) each show an operation of the electronic commerce authentication system according to the fifth preferred embodiment of the present invention;
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS In the following detailed description, only the preferred embodiment of the invention has been shown and described, simply by way of illustration of the best mode contemplated by the inventor(s) of carrying out the invention. As will be realized, the invention is capable of modification in various obvious respects, all without departing from the invention. Accordingly, the drawings and description are to be regarded as illustrative in nature, and not restrictive.
FIG. 1 shows a configuration of an electronic commerce authentication system according to a preferred embodiment of the present invention.
As shown, the electronic commerce authentication system comprises an authentication processor 40 connected to a plurality of clients 20 and shopping mall servers 30 via the Internet 10, and further optionally comprises a card billing processor 50 connected to the authentication processor 40 via a proprietary line, an electronic gift certificate processor 60, a cooperation banking processor 70, and an electronic purse processor 80.
The shopping mall server 30 can be connected to the card billing processor 50 via a payment gate 90, and the electronic purse processor 80 to an additional banking processor 1 00 for processing banking jobs related to an electronic purse.
The client 10 can access the authentication processor 40 via the network such as the Internet 1 0, and a communication device that can read recording medium provided by the present invention is used as the client 1 0. The recording media include optical recording media such as compact discs (CD) or digital video discs (DVD) , magnetic recording media such as hard disks or floppy discs, or recording media such as flash memories.
In the preferred embodiments of the present invention, the CD is used as the recording medium , and accordingly, the client 20 has a built-in CD driver to read the CD. For ease of explanation, the recording medium on which authentication information is stored will be hereinafter referred to as a " CD card."
The CD card 1 1 0 stores authentication information related to billing information of the banking agencies (e.g. , credit card companies, banks, electronic purse releasing companies and electronic gift certificate releasing companies) , and the authentication information includes a CD code which is an ID of the corresponding CD card, and a CD number which relates to billing information of the banking agencies.
The CD card 1 1 0 can be used as a credit card for authentication of billing the electronic commerce in connection with a billing process using ordinary credit card, and besides, can be used as the electronic purse or the electronic gift certificate. Therefore, the billing information of the banking agencies includes a credit card number for a credit card billing service, an account number of a bank account transfer service, an electronic purse account number for an electronic purse billing service, and a price of a gift certificate for an electronic gift certificate billing service. This billing information is selected depending on what billing agencies the CD card will cooperate with so as to execute the electronic commerce authentication. Description on this selection of the billing information will be provided in respective following preferred embodiments. Since the CD card 1 1 0 has a built-in function for automatically accessing a site of the authentication processor 40 which performs the commerce authentication according to the present invention, the user can easily access the authentication processor using an access function included in the CD card without driving an additional web browser. The client 20 can comprise a reading unit 21 which reads the CD code and
CD number from the CD card 1 10 and transmits the same to the authentication processor 40. The reading unit 21 can be downloaded from the authentication processor 40 as a plug-in method and then installed in the client 20, can be provided every time when the client 20 accesses the authentication processor 40 according to the Java applet method, or can be provided according to the ActiveX method or further various methods.
The shopping mall servers 30 can be shopping mall servers that cooperate with the authentication processor 40 on the electronic commerce authentication services, or other shopping mall servers which do not cooperate with the authentication processor 40. The shopping mall servers 30 sell products to the client 20 who accesses the site via the Internet 10.
The authentication processor 40 for executing the authentication on transactions between the client 20 and the shopping mall servers 30 comprises a management information database 41 , a CD information database 42, an adjustment information database 43, a management server 44, and an authentication server 45.
The management information database 41 stores various sorts of information, required for managing the sites of the authentication processor 40, such as data on homepages and various information-providing pages, and addresses of the shopping mall sites cooperated with respect to the commerce authentication jobs.
The management server 44 provides web services for a plurality of the clients 20 to access the sites on the Internet 1 0, and provides information on the cooperated shopping malls to the clients 20 using information stored in the management information database 41 , and when the client 20 selects a desired shopping mall, links the client 20 to the corresponding shopping mall server.
The CD information database 42 stores the CD codes and CD numbers of the CD cards released by the authentication processor 40 or the banking agencies which are cooperated with the authentication processor 40 on the commerce authentication jobs, and also stores passwords, for checking whether or not the CD card is a registered one, in correspondence with the CD codes.
The authentication server 45 compares the CD code and password transmitted by the client 20 with the CD codes and passwords stored in the CD information database 42 so as to check whether the CD card 1 1 0 of the client 20 is the registered one, and stores billing process results performed using the authenticated CD card in the adjustment information database 43. The adjustment information database 43 stores information such as billed price, states of authentication, and banking agencies that executed the billing process with respect to the CD codes in order of the requested authentication.
When the CD card is authenticated to be the registered one by the authentication server 45, the card billing processor 50 executes a credit card billing process, the electronic gift certificate processor 60 executes a gift certificate billing process, the cooperation banking processor 70 executes an account transfer process, and the electronic purse processor 80 executes an electronic purse billing process by using the CD number of the corresponding CD card. Configurations and operations of the respective devices 50 to 80 will be described in the respective preferred embodiments of the present invention.
In the preferred embodiments of the present invention, the commerce authentication includes a process for checking whether the CD card is a registered one, and a process for billing the products (including goods and services) the user wants to buy by using the authentication information recorded on the CD card. An electronic commerce authentication system and its method according to a first preferred embodiment of the present invention will now be described .
FIG. 2 shows an operation between components of the electronic commerce authentication system according to a first preferred embodiment of the present invention. As shown , the electronic commerce authentication system uses the CD card , on which the CD number is recorded and which relates to the existing credit card num ber, so as to perform the electronic commerce authentication, and accordingly, the authentication processor 40 cooperates with the card billing processor 50 on the commerce authentication jobs so as to perform authentication on the transactions between the client 20 and the shopping mall server 30.
In the first preferred embodiment of the present invention, the card billing processor 50 is managed by the existing credit card company, and as shown in FIG. 1 , comprises a card information database 51 which stores credit card numbers corresponding to the CD numbers of the released CD cards; an approval information database 52 which stores users' identity information (e.g. , expiration periods, money limits, arrears) for respective credit card numbers, -and billed results; and a billing server 53 which performs card billing processes using information stored in the card information database 51 and the approval information database 52. The card billing processor 50 transmits and receives information via the exclusive line connected to the authentication processor 40. FIGs. 3(a) and 3(b) each show an operation of the electronic commerce authentication system according to the first preferred embodiment of the present invention.
As shown in FIG. 3(a) , when the user inserts a CD card 1 10 into a CD drive (not illustrated) of the client 20 and executes the same, the client 20 is automatically accessed to the authentication processor 40 via the Internet 10 by an operation of an automatic accessing program installed on the CD card 1 1 0 in steps S10 and S20.
When the client 20 accesses the authentication processor 40, the management server 44 of the authentication processor 40 reads a homepage from the management information database 41 , and accordingly, the homepage of the authentication processor 40 is displayed on a screen of the client 20, and homepage displays various menus such as a " Guide to the CD Card Usage" and a " Guide to the Shopping Malls."
When the user clicks the " Guide to the Shopping Malls" , the management server 44 provides information on a plurality of cooperated shopping malls, and when the user selects a specific shopping mall, the management server 44 connects the client 20 to the shopping mall server in steps S30 to S50.
When the client 20 accesses the shopping mall server 30 via the authentication processor 40, the shopping mall server 30 provides information on various products to the client 20 in step S60, and when a buying message is transmitted to the shopping mall server 30 by the client 20, the shopping mall server 30 selects a billing method on the products the client 20 wants to buy in step S70.
Here, when a CD-card-using billing method is selected, the shopping mall server 30 generates a transaction number, and transmits the transaction number and a billing price to the authentication processor 40 so as to request a transaction approval in step S80. At this time, when the user clicks a billing button, the client 20 is connected to the authentication processor 40, and a billing window is called by the authentication processor 40 and then provided to the client 20.
The shopping mall server 30 installs a connection program to the authentication server 45, and transmits the transaction numbers and the billing price via socket communication, and besides, encrypts the transaction numbers and the billing price with an open key method, and transmits the encrypted data, and thereby, enhancing security. Communication and encryption methods are not restricted to the above-noted description. When the transaction number and the billing price are transmitted from the cooperated shopping mall server 30, the authentication server 45 of the authentication processor 40 transmits the reading unit 21 to the client 20 which has a transaction with the shopping mall server 30 in step S90.
When the reading unit 21 is transmitted to the client 20 in step S100, the reading unit 21 displays a password input window for authentication of the CD card on the client' s screen, reads the CD code and the CD number from the CD card 110 inserted into the CD drive of the client 20, converts the password, the CD code and the CD number to fit the Internet protocol, and then transmits the converted data to the authentication processor 40 in step S110 and S120. At this time, for information security, the CD code, the CD number and the password are encrypted using the open key method, and then transmitted.
The authentication server 45 searches the CD information database 42 based on the CD code transmitted from the client 20, and when the transmitted
CD code is stored in the CD information database 42, compares the password corresponding to the CD code with the transmitted password, and when they are identical, determines that the CD card 110 inserted into the client 20 is a registered one for commerce authentication in step S130.
When the CD card 1 10 inserted into the client 20 is checked to be the registered one, the authentication server 45 transmits the CD number of the corresponding CD card and the billing price to the. cooperated card billing processor 50 and requests a billing approval in step S1 40, and the billing server 53 of the card billing processor 50 searches the card information database 51 and finds a credit card number corresponding to the CD number transmitted from the authentication server 45 in step S1 50.
The billing server 53 processes a card billing approval on the billed price by using the information on the user' s identity corresponding to the credit card number read from the approval information database 52, and transmits approval results to the authentication server 45 in steps S160 and S1 70. At this time, when the card billing is approved, the billing server 53 creates an approval number and transmits the same to the authentication server 45, and when the card billing is not approved (e.g. , because of expiration date, limit excess, or arrears) , the billing server 53 transmits an approval failure message to the authentication server 45.
The authentication server 45 transmits the approval results transmitted from the card billing processor 50 to the shopping mall server 30 which requests the transaction approval, and stores the approval results (such as the billed price and states of the approval) in the adjustment information database 43 in order of the CD numbers in step S1 80.
The shopping mall server 30 checks whether the product transaction is billed according to the approval results transmitted from the authentication server 45, and when the authentication number is transmitted according to the card billing approval, transmits a billing approval message to the client 20 to notify that the transaction on the corresponding product is concluded in step S190. When the card billing is not approved, the shopping mall server 30 transmits a billing failure message to the client 20 to notify that the user' s using of the CD card is not authenticated, and requests another billing method to the user. Hence, the user can check the states of the billing on the desired products when watching the billed results displayed on the screen of the client 20, and the shopping mall server 30 then delivers the product to the user via a delivery system in steps S200 and S210.
In the first preferred embodiment of the present invention, when the user does not additionally enter information (such as the credit card number) for a card billing process, the authentication information recorded on the CD card is automatically transmitted to the authentication processor and the card billing process on the bought product is executed, and therefore, safe transactions can be executed with leakage of information on private identity.
As described in the first preferred embodiment of the present invention, when the transaction approval request provided by the shopping mall server 30 cooperated with the authentication processor 40 is performed, CD card using transactions can be authenticated, and furthermore, even when the client 20 wishes to buy a product from non-cooperated shopping mall servers, the CD card using transactions can be authenticated. A second preferred embodiment of the present invention for authenticating the transactions between the client with a built-in CD card and the non-cooperated shopping mall servers will now be described.
FIG. 4 shows an operation between components of the electronic commerce authentication system according to the second preferred embodiment of the present invention.
As shown, the authentication processor 40 performs the credit card billing processes using the card billing processor 50 and the CD number identically with the first preferred embodiment, and performs authentications and billing processes executed between the client 20 and the non-cooperated shopping mall server 31 according to a transaction authentication request generated by the client 20 with a built-in CD card 110 differently from the first preferred embodiment.
Here, the non-cooperated shopping mall server 31 can be connected to the card billing processor 50 via the payment gate 90. Since the configurations of the authentication processor 40 and the card billing processor 50 are identical with those of the first preferred embodiment, further description will not be described.
FIGs. 5(a) and 5(b) each show an operation of the electronic commerce authentication system according to the second preferred embodiment of the present invention.
As shown in FIG. 5(a), when a user starts a web browser to access the
Internet 1 0 via the client 20, accesses the non-cooperated shopping mall server 31 , buys desired products and selects a credit card billing process to pay the product in steps S300 to S320, the shopping mall server 30 provides a credit card number inputting window to the client 20, and the client 20 requests a temporary card number to the authentication processor 40 in step S330.
The user drives the CD card 1 1 0 inserted into the client 20 so as to automatically request the temporary card number to the authentication processor
40, or accesses the authentication processor 40 via the web browser to request the temporary card number.
When a transmission of the temporary card number is requested from the client 20, the authentication server 45 of the authentication server 40 transmits the reading unit 21 to the client 20, and the reading unit 21 displays a password inputting window, encrypts the password provided via the password inputting window, the CD code and the CD number read from the CD card 1 10, converts the encrypted data to fit the Internet protocol, and transmits the converted data to the authentication processor 40 in steps S340 to S370. Identically with the first preferred embodiment, the authentication server 45 searches the CD information database 42 using the CD code and the password transmitted by the client 20, and checks whether the CD card 1 1 0 inserted into the client 20 is the registered one, and when the CD card 1 1 0 is the registered one, the authentication server 45 generates a temporary card number and transmits the same to the client 20 and the card billing processor 50 especially together with the
CD number of the CD card corresponding to the temporary card number in steps
S380 and S390.
The billing server 53 of the card billing processor 50 stores the temporary card number in the card information database 51 corresponding to the CD number transmitted from the authentication processor 40 in step S400. The temporary card number is displayed on the screen of the client 20, and the user enters the temporary card number transmitted from the authentication processor 40 in a credit card number inputting window requested by the non-cooperated shopping mall server 31 .
The non-cooperated shopping mall server 31 recognizes the temporary card number provided by the client 20 through the window as a credit card number, and transmits the temporary card number and the billed price to the payment gate
90, and the payment gate 90 transmits the temporary card number and the billed price to the card billing processor 50 via the value added network (VAN) in steps
S420 and S430. ' As shown in FIG. 2(b), when the temporary card number and the billed price are transmitted to the card billing processor 50 via the payment gate 90, the
card billing processor 50 searches the card information database 51 using the temporary card number to find the CD number and the credit card number corresponding to the temporary card number, and as in the same manner of the first preferred embodiment, processes the card billing approval on the billed price according to information on the user' s identity corresponding to the credit card number in steps S440 and S450. The card billing processor 50 generates an approval number according to the card billing approval and transmits the same to the payment gate 90, and the payment gate 90 transmits the approval number to the non-cooperated shopping mall server 31 in steps S460 and S470.
When receiving the approval number with respect to the temporary card number input from the client via the payment gate 90, the non-cooperated shopping mall server 31 generates a message that the transaction is concluded to the client 20 in order' for the user to check the message in steps S480 and S490, and then delivers the billed product to the corresponding user in step S495.
The card billing processor 50 transmits the approval results on the card billing with respect to the temporary card number to the authentication processor
40, and the authentication server 45 stores the approval results by the temporary card number in the adjustment information database 43 so as to use the same in paying fees caused by cooperation with the card billing processor.
In the second preferred embodiment, since the user can pay the product using the CD card when he buys the product at the non-cooperated shopping mall, information on the user' s identity is not leaked and safe transactions are possible.
In the first and second preferred embodiments, a CD card that stores authentication information relating to the credit card numbers is used to get transaction approvals (i.e. , billing approval of the credit card), and furthermore, transaction approvals using electronic purse billing processes can be executed by recording authentication information relating to electronic purse account numbers on the CD card. An electronic commerce authenticating system using the electronic purse billing according to a third preferred embodiment of the present invention will now be described.
FIG. 6 shows an operation between components of the electronic commerce authentication system according to the third preferred embodiment of the present invention.
The electronic commerce authentication system issues the CD card 110 as an electronic purse by which the user buys desired products freely within the amount of money that the user deposited in his electronic purse account.
Electronic purse companies open electronic purse accounts corresponding to the CD numbers of the CD cards. The electronic purse accounts are advance payment accounts that can be either representative accounts of the electronic purse companies or Internet-only accounts for individuals.
Therefore in the third preferred embodiment of the present invention, the authentication processor 40 performs the electronic-purse-using commerce authenticating processes together with the electronic purse processor 80 managed by the electronic purse companies. As shown in FIG. 1 , the electronic purse processor 80 comprises an electronic purse account database 81 which stores an electronic purse account number corresponding to the CD number of the CD card; and a processing server 82 which checks the electronic purse account number of the CD number provided by the authentication processor 40 by using the information stored in the electronic purse account database 81 and then requests billed price transfers from the electronic purse account to a selling adjustment account to cooperated banks. The electronic purse processor 80 is connected to the banking processor 1 00 of the cooperated banks via the proprietary line. The banking processor 100 comprises -an account information database 101 which stores information on the balances for the respective account numbers; and a transfer processing server 102 which transfers the billed price from the corresponding electronic purse account to the selling adjustment account according to the account transfer requests generated by the electronic purse processor 80. Here, the money for paying the products to the shopping mall that cooperates with the electronic purse companies is deposited in the selling adjustment account, and by using the money deposited in the selling adjustment account, the price of the bought products are paid according to selling histories of the respective shopping malls by using the electronic purse processor. Furthermore, the billed price can be individually transferred from the electronic purse account corresponding to the user' s CD card to the shopping mall account opened by the shopping mall.
Operations identical with those of the first preferred embodiment will not be provided hereinafter. FIGs. 7(a) and 7(b) each show an operation of the electronic commerce authentication system according to the third preferred embodiment of the present invention.
As shown in FIG. 7 (a) , identically with the first preferred embodiment wherein a CD card 1 1 0 (which will be referred as a CD electronic purse in the third preferred embodiment) is inserted into the client 20, the client 20 is automatically accessed to the authentication processor 40 and then to a specific shopping mall server 30 cooperated with the authentication processor 40, and a transaction is executed. When a CD electronic purse billing is set as a billing method in steps S500 to S560, the shopping mall server 30 generates a transaction number according to the transaction and transmits the transaction number and the billed price to the authentication processor 40 to request a transaction approval in step S570. In this case, the shopping mall server 30 can encrypt the transaction number and the billed price by using an open key encryption method, and transmit the same to the authentication processor 40 via a socket communication.
When receiving the transaction number and the billed price from the cooperated shopping mall server 30, the authentication server 45 of the authentication processor 40 transmits the reading unit 21 to the client 20 which has a transaction with the shopping mall server 30 in step S580, and the reading unit 21 encrypts the password input by the user and the CD code and the CD number read from the CD electronic purse 1 1 0 and transmits the encrypted data to the authentication processor 40 in steps S590 and S61 0. The authentication server 45, identically with the first preferred embodiment, checks whether the CD electronic purse is a registered one by using the transmitted CD code and the password in step S620.
When the CD electronic purse 1 10 inserted into the client 20 is a registered one, the authentication server 45 transmits the CD number of the corresponding CD electronic purse 1 1 0 and the billed price to the electronic purse processor 80 to request a billing approval in step S630, and the processing server 82 of the electronic purse processor 80 searches the electronic purse account database 81 by using the CD number transmitted from the authentication server 45 and finds the corresponding electronic purse account number in step S640.
As shown in FIG. 7 (b), the processing server 82 provides the electronic purse account number corresponding to the CD electronic purse and the billed price to the banking processor 1 00 of the cooperated bank and requests a transfer to the selling adjustment account of the electronic purse company in step S650. Accordingly, the transfer processing server 1 02 of the banking processor 1 00 searches the account information database 101 , checks the balances left in an advance payment account corresponding to the electronic purse account number transmitted from the electronic purse processor 80, and determines whether or not the billed price can be transferred, and in the case the transfer is possible, the transfer processing server 1 02 transfers the billed price from the electronic purse account (the advance payment account) to the selling adjustment account in step S660.
The transfer processing server 1 02 provides transfer results to the electronic purse processor 80, and the processing server 82 of the electronic purse processor 80 generates an approval number which represents a billing approval when the transfer is completed, and transmits the approval number to the authentication processor 40 in steps S670 and S680, and the authentication server 45 transmits the approval number to the shopping mall server 30 which requested the approval of the transaction in step S690.
When receiving the approval number according to the electronic purse billing approval from the authentication server 45, the shopping mall server 30 therefore transmits the billing results to the client 20 to notify that the final transaction on the corresponding product is concluded, and then delivers the sold product to the user in steps S700 to S720.
When the balance left in the electronic purse account is smaller than the billed price, the banking processor 100 transmits a transfer failure message to the electronic purse processor 80, and when the electronic purse processor 80 generates and transmits an approval-not-allowed message to the shopping mall server 30 via the authentication server 45, the shopping mall server 30 requests another billing method to the client 20 to notify that the transaction is not executed. In the third preferred embodiment of the present invention, the user can
' charge the electronic purse account by using various methods such as automatic account transfers, depositing without a bankbook, account transfers via the
Internet banking, and account transfers using a credit card' s cash service on the web site of the electronic purse companies. According to the described third preferred embodiment, the electronic purse companies can safely perform the billing jobs with the shopping malls cooperated via the CD electronic purse, and furthermore can maximize the advertisement effects with lower costs using the CD electronic purse.
An electronic commerce authentication system and method for authenticating the billing process using the money deposited in the actual account of a bank by using the CD card according to a fourth preferred embodiment of the present invention will now be described.
FIG. 8 shows an operation between components of the electronic commerce authentication system according to a fourth preferred embodiment of the present invention. In the fourth preferred embodiment differing from the third preferred embodiment, the billing processes of the electronic commerce are performed by using the banking processor managed by the bank and not by the electronic purse companies, and as shown in FIG. 8, the authentication processor 40 is connected to the cooperation banking processor 70 via a proprietary line. As shown by FIG. 1 , the cooperation banking processor 70 according to the fourth preferred embodiment comprises a banking account number database 71 which stores an opened account number corresponding to the CD number of the CD card; an account information database 72 which stores information on the accounts such as the balances for the respective account numbers; and a transfer processing server 73 which transfers the billed price from the banking account corresponding to the account number corresponding to the CD number transmitted from the authentication processor 40 to the selling adjustment account by using the banking account number database 71 and the account information database 72. Here, the banking account represents the Internet banking account and the user' s real account to be used at the bank.
FIGs. 9(a) and 9(b) each show an operation of the electronic commerce authentication system according to the fourth preferred embodiment of the present invention.
As shown in FIG. 9(a), identically with the first preferred embodiment wherein the CD card 110 is inserted into the client 20, the client 20 accesses the specific shopping mall server 30 cooperated with the authentication processor 40 to buy desired products, and selects the CD card as a paying method, and when the shopping mall server 30 transmits a transaction number and the billed price to request a transaction approval in steps S800 to S870, the authentication server 45 of the authentication processor 40 transmits the reading unit 21 to the client 20 which has a transaction with the shopping mall server 30 in step S880. The reading unit 21 encrypts the password, the CD code and -the CD number provided by the user and transmits them to the authentication processor
40 in steps S890 to S910, and the authentication server 45 checks whether the corresponding CD card is the registered one using the CD code and the password transmitted identically with the first preferred embodiment, and when the CD card is a registered one, the authentication server 45 transfers the CD number and the billed price of the corresponding CD card to the cooperation banking processor 70 so as to request an account transfer in steps S920 and S930.
The transfer processing server 73 of the cooperation banking processor 70 searches the banking account number database 71 using the CD number transmitted from the authentication server 45 and finds the corresponding account number in step S940, and as shown in FIG. 9(b), checks the balances left in the account corresponding to the found account number, and determines whether the billed price can be transferred, and in the case the billed price can be transferred, the transfer processing server 73 transfers the billed price from the corresponding account to the selling adjustment account of the bank, and when the transferring process is completed, generates an approval number which indicates a. billing approval and transmits the approval number to the authentication processor 40 in steps S950 and S960. The authentication server 45 transmits the approval number to the shopping mall server 30 which requested a transaction approval in step S9.70, and when receiving the approval number from the authentication server 45 according to the transaction approval of the account transfer, the shopping mall server 30 transmits the billing results to the client 20 to notify .that a final transaction to the corresponding product is concluded in steps S980 and S990, an then delivers the sold product to the user in step S995.
In this case, when the balance of the corresponding banking account is smaller than the billed price, the cooperation banking processor 70 transmits a transfer failure to the authentication processor 40 to notify that the account transfer using the corresponding CD card is not executed.
According to the fourth preferred embodiment, when executing a transaction using the bank account transfer, the billed price is transferred from the user' s account according to the authentication information recorded on the CD card even when the user does not provided the account number, and therefore, safe transactions can be executed through the bank account transfer. An electronic commerce authentication system and method according to a fifth preferred embodiment of the present invention will now be described.
FIG. 1 0 shows an operation between components of the electronic commerce authentication system according to a fifth preferred embodiment of the present invention. In electronic commerce authentication system according to the fifth preferred embodiment, the CD card 1 1 0 is released as an electronic gift certificate which the user uses for paying the products in the cyber space, and a usable amount of money is set corresponding to the CD number of the CD card that is the electronic gift certificate issued by the electronic gift certificate companies. For this, as shown in FIG. 1 , the electronic gift certificate processor 60 of the electronic certificate gift company comprises a price information database 61 which stores usable money corresponding to the CD number of the CD card that is the released electronic gift certificate; and a gift certificate processing server 62 which performs paying processes on the CD number transmitted from the authentication processor 40 by using information stored in the price information database 61 . Here, the electronic gift certificate processor 60, connected to the authentication processor 40 via a proprietary line, performs transaction authentication jobs such as approving the billing process.
FIGs. 11 (a) and 1 1 (b) each show an operation of the electronic commerce authentication system according to the fifth preferred embodiment of the present invention;
As shown in FIG. 1 1 (a) , with the first preferred embodiment wherein the
CD card 1 1 0 is inserted into the client 20, the client 20 accesses the specific shopping mall server 30 cooperated with the authentication processor 40 to buy desired products, and selects the CD card, that is, the electronic gift certificate as a paying method, and when the shopping mall server 30 transmits a transaction number and the billed price to request a transaction approval in steps S1000 to
S1070, the authentication server 45 of the authentication processor 40 transmits the reading unit 21 to the corresponding client 20. The reading unit 21 encrypts the password, the CD code and the CD number provided by the user and transmits them to the authentication processor 40 in steps S1 080 to S1 1 1 0.
The authentication server 45 checks whether the corresponding CD card is the registered one using the CD code and the password transmitted identically with the first preferred embodiment, and when the CD card is a registered one, the authentication server 45 transfers the CD number and the billed price of the corresponding CD card to the electronic gift certificate processor 60 so as to request a billing approval in steps S1 120 and S1 1 30.
The gift certificate processing server 62 of the electronic gift certificate processor 60 searches the price information database 61 by using the CD number transmitted from the authentication server 45, and checks how much money is corresponded to the CD number, in other words, checks how much the CD card is in step S1 140, and when the corresponding price is bigger or equal to the billed price, the gift certificate processing server 62 subtracts the billed price from the money of the gift certificate in step S1 1 50.
Next, as shown in FIG. 1 1 (b) , when the billing process is executed using the price of the gift certificate, the gift certificate processing server 62 generates an approval number and transmits the approval number to the authentication processor 40 in step S1 1 60, and corresponds the balance of the gift certificate followed by the billing process to the corresponding CD number and stores the balance in the price information database 61 . When receiving the approval number from the authentication server 45, the shopping mall server 30 transmits the billing results to the client 20 to notify that the final transaction on the corresponding product is performed in steps S1 1 70 to S1 190, and then delivers the sold product to the user in step S1200.
When the price corresponding to the CD number is smaller than the billed price, the gift certificate processing server 62 of the electronic gift certificate processor 60 transmits a billing-not-allowed message to the authentication server 45 to notify a failure of the billing approval to the shopping mall server.
Besides, the CD card can store information on the price of the gift certificate, and the price of the gift certificate can be recharged into the respective CD cards. According to the fifth preferred embodiment of the present invention, the
CD card can be easily used as the electronic gift certificate in the transactions. Since the electronic commerce is performed using the CD card without additional inputting of private information and the billing approval is performed within the limit price of the gift certificate, stable and reliable transactions can be executed. The CD card used in the above-noted preferred embodiments includes
CD-ROMs, CD-Rs and CD-RWs. The authentication processor or respective processors of the banking agencies can issue the CD card.
In the above-noted preferred embodiments, the authentication processor is individually cooperated with various banking agencies to perform the authentication processes, and further, the authentication processor can be cooperated with the processors of all the banking agencies so as to globally manage the credit card billing, banking account transferring, electronic purse billing, and electronic gift certificate billing processes.
Further in the above-noted preferred embodiments, the shopping mall server communicated with the authentication processor in the socket communication method, but this communication method can include various communication methods to transmit and receive information to/from the authentication processor. The encryption method is not restricted to the open key encryption method, but can include various encryption methods, and the encryption of information is selectively performed.
Further in the above-noted preferred embodiments, registration states of the CD card is determined by using the CD code, and furthermore, the registration states can be checked by determining whether the passwords are identical by use of the CD number, or the CD card can be determined to be the registered one only when the identification code, identification number and password transmitted from the client are identical with the identification code, identification number and password stored in the CD information database.
While this invention has been described in connection with what is presently considered to be the most practical and preferred embodiment, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.
As described above, since the electronic commerce authentication process is executed using a recording medium , on which authentication information which is inserted into the user' s terminal and is related to the billing information of the various banking agencies, is recorded, the authentication is performed without the user' s additional providing the credit information or banking information in the on¬ line state.
Hence, the user' s credit information or banking information is nor revealed, and risks caused by the conventional credit card of form inputting method or leakage of private credits or banking information the Internet banking are totally blocked. Since the authentication information stored in a recording medium is used, the processes become simpler.
Further, various billing methods such as the credit card billing, billing via the bank account transfer, electronic purse billing, and the electronic gift certificate billing can be easily selected using the above-noted recording medium .
Since the electronic commerce authentication system according to the preferred embodiments uses the password after registering the password, other persons cannot use the password.

Claims

WHAT IS CLAIMED IS:
1 . In a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers, an electronic commerce authentication system , comprising: an authentication processor which includes: a recording media database that stores identification codes of the recording media; and an authentication server that authenticates the recording medium as a registered medium when the identification code transmitted from the client is stored in the recording media database; and a card billing processor which includes: a card information database that stores credit card numbers corresponding to the identification numbers of the recording media; and a billing server that searches the card information database based on the identification numbers of the recording media inserted into the client, finds the corresponding credit card numbers, performs a billing approval on a transaction executed between the client and the shopping mall server, and provides approval results to the authentication processor, the authentication processor transmitting the approval results provided by the card billing processor to the shopping mall server so as to finally perform a transaction between the client and the shopping mall server.
2. The system of claim 1 , wherein the authentication server transmits a reading unit to the client when receiving information on a transaction number of a transaction executed with the client and a billed price from the shopping mall server, and the reading unit reads the identification number and the identification code from the recording medium inserted into the client and then transmits the same to the authentication server.
3. The system of claim 2, wherein the authentication server performs an authentication process on the recording medium by using the identification code transmitted from the reading unit, and when the recording medium is authenticated as a registered one, the authentication server transmits the identification number of the recording medium and the billed price provided by the shopping mall server to the card billing processor, and the card billing processor performs a card billing approval on the billed the price by using the credit card number corresponding to the identification number transmitted from the authentication server, and when the price is approved, the card billing processor generates an approval number and transmits the approval number to the authentication processor.
4. In a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers connected to a payment gate, an electronic commerce authentication system , comprising: an authentication processor which includes: a recording media database that stores identification codes of the recording media; and an authentication server that authenticates the recording medium as a registered medium when the identification code transmitted from the client is stored in the recording media database, and generates a temporary card number corresponding to the identification number and provides the temporary card number to the client when the recording medium is authenticated to be a registered one; and a card billing processor which includes: a card information database that stores credit card numbers corresponding to the identification numbers of . the recording medium and the temporary card number; and a billing server that searches the card information database based on the temporary card number of the recording medium transmitted from the payment gate, finds a corresponding credit card number, performs a card billing approval on the billed price transmitted from the payment gate by using the credit card number, and transmits approval results to the shopping mall server via the payment gate, the authentication server providing the temporary card number to the card billing processor together with the identification number of the recording medium , and the billing server storing the temporary card number in the card information database in correspondence with the corresponding identification number.
5. The system of claim 4, wherein the authentication server transmits a reading unit to the client when receiving a request for a recording medium authentication, and the reading unit reads the identification number and the identification code from the recording medium inserted into the client and then transmits the same to the authentication server.
6. In a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers, an electronic commerce authentication system , comprising: an authentication processor which includes: a recording media database that stores identification codes of the recording media; and an authentication server that authenticates the recording medium as a registered medium when the identification code transmitted from the client is stored in the recording media database; an electronic purse processor which includes: an electronic purse
■ account database that stores electronic purse account numbers corresponding to the identification numbers of the recording media; and a processing server that searches the electronic purse account number by using the identification number of the recording medium inserted into the client; and a banking processor which transfers accounts between an advance payment account corresponding to the electronic purse account number and a selling account so as to bill the transaction executed between the client and the shopping mall server.
7. The system of claim 6, wherein the authentication server transmits a reading unit to the client when receiving information on a transaction number of a transaction executed with the client and a billed price from the shopping mall server, and the reading unit reads the identification number and the identification code from the recording medium inserted into the client and then transmits the same to the authentication server.
8. The system of claim 7, wherein the authentication server performs an authentication process on the recording medium by using the identification code transmitted from the reading unit, and when the recording medium is authenticated as a registered one, the authentication server transmits the identification number of the recording medium and the billed price provided by the shopping mall server to the electronic purse processor, and the processing server finds the electronic purse account number corresponding to the identification number transmitted from the authentication server and provides the same to the banking processor so as to request a transfer of the billed price from the account corresponding to the electronic purse account number to the selling account.
9. In a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers, an electronic commerce authentication system , comprising: an authentication processor which includes: a recording media database that stores identification codes of the recording media; and an authentication server that authenticates the recording medium as a registered medium when the identification code transmitted from the client is stored in the recording media database; and a banking processor which includes: a banking account number database that stores account numbers corresponding to the identification numbers of the recording media; an account information database that stores balances for the respective account numbers; and a transfer processing server that searches the account number database by using the identification number of the recording medium inserted into the client and performs a transfer process between the account corresponding to the account number and the selling account according to the account information corresponding to the account number so as to process a billing process executed between the client and the shopping mall server.
1 0. The system of claim 9, wherein the authentication server transmits a reading unit to the client when receiving information on a transaction number of the transaction executed with the client and the billed price, and the reading unit reads the identification number and the identification code from the recording medium inserted into the client and transmits the same to the authentication server.
11 . The system of claim 10, wherein the authentication server performs an authentication process on the recording medium by using the identification code transmitted from the reading unit, and when the recording medium is authenticated to be a registered one, transmits the identification number of the recording medium and the billed price provided by the shopping mall server to the banking processor, and the transfer processing server searches the account number corresponding to the identification number transmitted from the authentication server and then transfers the billed price from the banking account corresponding to the account number to the selling account.
12. In a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers, an electronic commerce authentication system , comprising: an authentication processor which includes: a recording media database that stores identification codes of the recording media; and an authentication server that authenticates the recording medium as a registered medium when the identification code transmitted from the client is stored in the recording media database; and an electronic gift certificate processor which includes: a. price information database that stores electronic gift certificate price information corresponding to the identification number of the recording media; and a gift certificate processing server that searches the price information database by using the identification number of the recording media inserted into the client, checks the corresponding electronic gift certificate price, and performs a billing process on the transaction executed between the client and the shopping mall server within the money limit of the electronic gift certificate.
13. The system of claim 12, wherein the authentication server transmits a reading unit to the client when receiving information on a transaction number of the transaction executed with the client and the billed price, and the reading unit reads the identification number and the identification code from the recording medium inserted into the client and transmits the same to the authentication server.
14. The system of claim 1 3, wherein the authentication server performs an authentication process on the recording medium by using the identification code transmitted from the reading unit, and when the recording medium is authenticated to be a registered one, transmits the identification number of the recording medium and the billed price provided by the shopping mall server to the electronic gift certificate processor, and the gift certificate processing server searches the price of the electronic gift certificate corresponding to the identification number transmitted from the authentication server and then subtracts the billed price from the price of the electronic gift certificate so as to bill the transaction.
1 5. The system of claims 1 , 6, 9 or 12, wherein the client is automatically accessed to the authentication processor via the recording medium , and the authentication processor further comprises a management server which provides information on cooperated shopping mall servers to the client and when the client selects a single shopping mall server, links the client to the corresponding shopping mall server.
16. In an authentication method of a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers, an electronic commerce authentication method, comprising steps of: transmitting a reading unit to the client when receiving information including an electronic transaction number and a billed price from the shopping mall server; checking whether the recording medium is a registered one by using an identification code or an identification number when receiving the identification code and the identification number of the recording medium inserted into the client from the reading unit; performing a card billing approval on the billed price by using a credit card number corresponding to the identification number when the recording medium is authenticated to be the registered one; and transmitting approval results of the card billing to the shopping mall server so as to finally execute the electronic transaction between the client and the shopping mall server.
1 7. In an authentication method of a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers connected to a payment gate, an electronic commerce authentication method, comprising steps of. transmitting a reading unit to the client when receiving a request for authenticating the recording medium from the client; checking whether the recording medium is a registered one by using an identification code or an identification number when receiving the identification code and the identification number of the recording medium inserted into the client from the reading unit; generating a temporary card number and transmitting the same to the client corresponding to the identification number when the recording medium is authenticated to be the registered one, and storing the temporary card number corresponding to the identification number and a credit card number; performing a card billing approval on the billed price by using the credit card number corresponded to the temporary card number when receiving information including the temporary card number and the billed price from the payment gate connected to the shopping mall server; and transmitting approval results of the card billing to the shopping mall server via the payment gate so as to finally execute the electronic transaction between the client and the shopping mall server.
18. In an authentication method of a system connected via a network to a client into which a recording medium, on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers, an electronic commerce authentication method, comprising steps of: transmitting a reading unit to the client when receiving a request for authenticating the recording medium from the client; checking whether the recording medium is a registered one by using an identification code or an identification number when receiving the identification code and the identification number of the recording medium inserted into the client from the reading unit; searching an electronic purse account number corresponding to the identification number when the recording medium is authenticated to be the registered one; transferring the billed price from the account corresponding to the electronic purse account number to a selling account; and transmitting transfer results to the shopping mall server so as to finally execute the electronic transaction between the client and the shopping mall server.
19. In an authentication method of a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers, an electronic commerce authentication method, comprising steps of: transmitting a reading unit to the client when receiving a request for authenticating the recording medium from the client; checking whether the recording medium is a registered one by using an identification code or an identification number when receiving the identification code and the identification number of the recording medium inserted into the client from the reading unit; transferring the billed price from the banking account corresponding to the account number corresponding to the identification number to a selling account when the recording medium is authenticated to be the registered one; and transmitting transfer results to the shopping mall server so as to finally execute the electronic transaction between the client and the shopping mall server.
20. In an authentication method of a system connected via a network to a client into which a recording medium , on which authentication information including an identification number and an identification number for electronic commerce authentications, is inserted, and performing electronic commerce authentications between the client and shopping mall servers, an electronic commerce authentication method, comprising steps of: transmitting a reading unit to the client when receiving a request for authenticating the recording medium from the client; checking whether the recording medium is a registered one by using an identification code or an identification number when receiving the identification code and the identification number of the recording medium inserted into the client from the reading unit; searching information on the price of an electronic gift certificate corresponding to the identification number when the recording medium is authenticated to be the registered one; subtracting the billed price from the price of the electronic gift certificate so as to perform a billing process on the transaction executed between the client and the shopping mall server; and transmitting billing results to the shopping mall server so as to finally execute the electronic transaction between the client and the shopping mall server.
21 . The method of claims 1 6 to 20, wherein, in the step of authenticating the recording medium , when a password input by a user is transmitted together with the identification number and the identification code of the recording medium from the reading unit, the recording medium is authenticated to be the registered one in the case a password corresponding to the identification code or the identification code is identical with the password transmitted from the reading unit.
PCT/KR2001/001341 2000-08-11 2001-08-06 System and method for autorizing e-commerce WO2002014975A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001278802A AU2001278802A1 (en) 2000-08-11 2001-08-06 System and method for autorizing e-commerce

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020000046706A KR20020013621A (en) 2000-08-11 2000-08-11 system and method for authorizating E-cormmerce
KR2000/46706 2000-08-11

Publications (2)

Publication Number Publication Date
WO2002014975A2 true WO2002014975A2 (en) 2002-02-21
WO2002014975A3 WO2002014975A3 (en) 2002-05-02

Family

ID=19682913

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2001/001341 WO2002014975A2 (en) 2000-08-11 2001-08-06 System and method for autorizing e-commerce

Country Status (3)

Country Link
KR (1) KR20020013621A (en)
AU (1) AU2001278802A1 (en)
WO (1) WO2002014975A2 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20020016949A (en) * 2000-08-28 2002-03-07 권혁인 System and method of guarantees for distribution channel and original goods using internet
KR20010025762A (en) * 2001-01-31 2001-04-06 임공호 e-CD/Tel
KR100803760B1 (en) * 2006-02-23 2008-02-15 주식회사 지에스홈쇼핑 A method and system for settling the credit card on the home shopping broadcasting
US9292850B2 (en) * 2007-09-10 2016-03-22 Visa U.S.A. Inc. Host capture
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
KR100966295B1 (en) * 2009-06-16 2010-06-28 주식회사 퍼스트포켓 Method for Providing Electronic Wallet Service by Using Universal Subscriber Identity Module Card and Electronic Wallet Apparatus
KR102595350B1 (en) * 2020-06-29 2023-10-27 주식회사 케이티앤지 Aerosol generating device and operation method thereof

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4786790A (en) * 1987-03-04 1988-11-22 Siemens Aktiengesellschaft Data exchange system with authentication code comparator
EP0921487A2 (en) * 1997-12-08 1999-06-09 Nippon Telegraph and Telephone Corporation Method and system for billing on the internet
KR20000017690A (en) * 1999-05-26 2000-04-06 문형식 Electronic Commercial Transaction System using a Compact Disc and method for paying thereof

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000076336A (en) * 1998-08-31 2000-03-14 Fujitsu Ltd Electronic settlement authentication system and electronic commerce service provider device
KR20000030170A (en) * 2000-01-07 2000-06-05 임공진 Money exchange method for electronic settlement using tele-communication network and hybrid card
KR100339823B1 (en) * 2000-04-19 2002-06-07 이승동 User identifying method and system and card via a communications network and a medium for recording that method
KR20010097114A (en) * 2000-04-20 2001-11-08 문지환 The record media having electronic money function, the cd electronic money automatic manufacturer and the electronic settlement commerce system using cd electronic money
KR100405629B1 (en) * 2000-06-01 2003-11-20 (주)이프 컴 Electronic Commercial Transaction Method Using an Optical Media Including Special Purposed Contents
KR20020006398A (en) * 2000-07-12 2002-01-19 유평래 The Operating System of Processing for contacted a Cyber-money, Credit-card with User-certification to use auxiliary storage of a electronic commercial transaction on internet networks

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4786790A (en) * 1987-03-04 1988-11-22 Siemens Aktiengesellschaft Data exchange system with authentication code comparator
EP0921487A2 (en) * 1997-12-08 1999-06-09 Nippon Telegraph and Telephone Corporation Method and system for billing on the internet
KR20000017690A (en) * 1999-05-26 2000-04-06 문형식 Electronic Commercial Transaction System using a Compact Disc and method for paying thereof

Also Published As

Publication number Publication date
KR20020013621A (en) 2002-02-21
WO2002014975A3 (en) 2002-05-02
AU2001278802A1 (en) 2002-02-25

Similar Documents

Publication Publication Date Title
US10373141B1 (en) Method and system for controlling certificate based open payment transactions
KR101015341B1 (en) Online payer authentication service
US8244636B2 (en) Payment system
US6941285B2 (en) Method and system for a virtual safe
AU2005201681B2 (en) Method and apparatus for conducting commerce between individuals
US20010007983A1 (en) Method and system for transaction of electronic money with a mobile communication unit as an electronic wallet
WO2001035304A1 (en) On-line payment system
KR20030019560A (en) System and method for verifying a financial instrument
AU2001248198A1 (en) A method and system for a virtual safe
JP2005525831A (en) System and method for secure entry and authentication of consumer-centric information
CZ20004781A3 (en) Verified payment system
US20040139002A1 (en) Micropayment system
WO2002014975A2 (en) System and method for autorizing e-commerce
WO2000067178A2 (en) Anonymous on-line payment system and method
US20020073022A1 (en) System and method for on-line payment transactions
KR20020094165A (en) System and Method for exchange of electronic currency and electronic securities
JP2000339366A (en) System and method for authentication utilizing cd
KR20010097697A (en) Payment system using a optic recording medium with a certification function and method thereof
KR20040072537A (en) System for Exchange of Electronic Currency and Electronic Securities
KR100700128B1 (en) Method and System for Selling Means of Electronic Payment by Using PC-Room
KR100439162B1 (en) integrated settlement system and method thereof
KR20030096189A (en) System and Method for Exchange of Electronic Currency and Electronic Securities
KR20050005727A (en) integrated settlement system and method thereof
MXPA00009080A (en) A method for using a telephone calling card for business transactions

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: COMMUNICATION UNDER RULE 69 EPC (EPO FORM 1205A OF 11.07.2003)

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP