WO2008004750A1 - The preliminary verification system which has a authentication by phone on the internet environment - Google Patents
The preliminary verification system which has a authentication by phone on the internet environment Download PDFInfo
- Publication number
- WO2008004750A1 WO2008004750A1 PCT/KR2007/001973 KR2007001973W WO2008004750A1 WO 2008004750 A1 WO2008004750 A1 WO 2008004750A1 KR 2007001973 W KR2007001973 W KR 2007001973W WO 2008004750 A1 WO2008004750 A1 WO 2008004750A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- server
- authentication
- terminal
- call
- transaction
- Prior art date
Links
- 238000012795 verification Methods 0.000 title claims abstract description 68
- 238000000034 method Methods 0.000 claims abstract description 58
- 230000008569 process Effects 0.000 claims abstract description 28
- 238000004891 communication Methods 0.000 claims description 22
- 238000012545 processing Methods 0.000 claims description 9
- 230000010354 integration Effects 0.000 claims description 7
- 230000015572 biosynthetic process Effects 0.000 claims description 2
- 238000012546 transfer Methods 0.000 description 21
- 238000010586 diagram Methods 0.000 description 20
- 230000004044 response Effects 0.000 description 8
- 230000005540 biological transmission Effects 0.000 description 7
- 230000002457 bidirectional effect Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 2
- 230000002265 prevention Effects 0.000 description 2
- 230000003014 reinforcing effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000005274 electronic transitions Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 201000002266 mite infestation Diseases 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
- G06Q20/425—Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
Definitions
- the present invention relates to a preliminary verification system under an Internet environment using a phone authentication service; and, more particularly, to a preliminary verification system under an Internet environment using a phone authentication service, which guarantees safety and integrity of authentication in case that a system enables an authenticated user to access to an electronic financial transaction such as Internet banking or various documents issued to the authenticated user.
- Background Art
- SMS short message service
- a conventional Internet banking may be applied to a large and small amount of money due to a strong authentication function, but since a payment gateway has a weak authentication function, the payment gateway is applied to a small amount of money payment. Accordingly, a stronger authentication device is needed.
- IP Internet Protocol
- an object of the present invention is provide to a preliminary verification system under an Internet environment using a phone authentication service, which improves integrity of authentication and electronic commerce in view of security.
- a preliminary verification system under an Internet environment using a phone authentication service including: a first terminal connected to the Internet; a web server for interfacing the first terminal to be accessible for a site which needs a transaction access for authentication; an authentication server for performing the authentication for an electronic transaction requested from the first terminal via the web server; a host server connected to the authentication server for processing the electronic transaction requested from the first terminal; and a call server implemented by a computer and telephony integration (CTI) and an advanced record system (ARS) which are called through telephone network for accessing to a second terminal of a user of the first terminal which the electronic transaction is requested, receiving approval of the electronic transaction, receiving and verifying an authentication number according to the approval of the electronic transaction, and performing a phone authentication which provides authentication completion information according to the verification to the host server, wherein the host server performs the electronic transaction process according to the authentication completion information provided from the call server.
- CTI computer and telephony integration
- ARS advanced record system
- the authentication server is an Internet banking server or a verification server.
- the host server is at least one of a financial agency server, a government and public offices server, an educational matters server, a medical information management server, and an administration information management server.
- the authentication server requests a phone authentication of the second terminal to the call server and transmits a phone authentication request status to the host server according to the phone authentication request if the user authentication of the first terminal is completed.
- the second terminal is called from the call server through a mobile wireless communication network (MWCN) or a public switched telephone network (PSTN), and is registered by the use which is previously contracted with a phone number service providing agency.
- MWCN mobile wireless communication network
- PSTN public switched telephone network
- the call server checks position information of the second terminal through a communication server, and further provides the position information to the host server.
- the host server performs the electronic transaction process in case that the host s erver exists on an approval position after analyzing a transaction position pattern from the position information of the second terminal provided from the call server.
- the second terminal has a one time password (OTP) device which automatically generates and transmits an OTP number in case of a phone for a corporate banking.
- OTP one time password
- the call server generates an authentication call which requests an OTP number to the second terminal, receives the OTP number corresponding to the generated authentication call from the second terminal, and generates an OTP number by the same scheme with an OTP device if it is determined that the second terminal includes a phone number for the corporate banking, and wherein the call server transmits the authentication completion information to the host server if the generated OTP number is the same with the received OTP number.
- a preliminary verification system under an Internet environment using a phone authentication service including: a first terminal connected to the Internet; a web server for interfacing the first terminal to be accessible for a site which needs a transaction access for authentication; an authentication server for performing the authentication for an electronic transaction requested from the first terminal via the web server; a host server connected to the authentication server for processing the electronic transaction requested from the first terminal; and a call server implemented by a computer and telephony integration (CTI) and an advanced record system (ARS) which are called through telephone network for accessing to a second terminal of a user of the first terminal which the electronic transaction is requested, receiving approval of the electronic transaction, receiving and verifying an authentication number according to the approval of the electronic transaction, acquiring position information of the second terminal through a communication server, and providing the acquired position information and authentication completion information according to the verification to the host server, wherein the host server, after analyzing a transaction position pattern from the position information of the second terminal, performs the electronic transaction process if
- a preliminary verification system under an Internet environment using a phone authentication service including: a first terminal connected to the Internet; a second terminal having a one time password (OTP) device which automatically generates and transmits an OTP number; a web server for interfacing the first terminal to be accessible for a site which needs a transaction access for authentication; an authentication server for performing the authentication for an electronic transaction requested from the first terminal via the web server; a host server connected to the authentication server for processing the electronic transaction requested from the first terminal; and a call server implemented by a computer and telephony integration (CTI) and an advanced record system (ARS) which are called through telephone network for generating an authentication call to a second terminal of a user of the first terminal which the electronic transaction is requested, receiving an OTP number corresponding to the authentication call from the second terminal, generating an OTP number by the same scheme with an OTP device, transmitting authentication completion information to the host server if the generated OTP number is the same with the received OTP number
- CTI computer and telephony integration
- ARS advanced record
- a preliminary verification method under an Internet environment using a phone authentication service in a system including a first terminal, a web server, an authentication server, a host server, a call server and a second terminal, the method including the steps of: providing a preliminary transaction request generated from the first terminal to the authentication server through the web server; at the authentication server, transmitting the preliminary transaction request information to the host server, and providing preliminary transaction result information corresponding to the preliminary transaction request information from the host server to the first terminal; at the authentication server, in case of receiving a real transaction request generated from the first terminal, receiving and verifying the authentication information from the first terminal according to the electronic transaction approval, and requesting a phone authentication for the second terminal of the user of the authenticated first terminal to the call server; at the call server, receiving approval of the transaction from the second terminal, receiving and verifying an authentication number according to the approval, and providing the authentication completion information to the host server according to the verification; and at the host server, performing the electronic transaction process according to the authentication completion information
- the authentication server informs the phone authentication request status of the host server according to the phone authentication request after requesting the phone authentication for the second terminal to the call server.
- the preliminary verification method under an Internet environment using a phone authentication service further includes the steps of: at the authentication server, requesting position information for the second terminal to the call server; at the call server, checking position information of the second terminal through a communication server and providing the position information to the host server; and at the host server, after analyzing a transaction position pattern from the position information of the second terminal provided from the call server, performing the electronic transaction process in case that the transaction position pattern exists on an approval position.
- the preliminary verification method under an Internet environment using a phone authentication service includes the steps of: at the call server, generating an authentication call to the second terminal which requests a one time password (OTP) number in case that the second terminal includes a phone number for a corporate banking; at the call server, receiving the OTP number corresponding to the authentication call from the second terminal; and at the call server, generating an OTP number by the same scheme with an OTP device, and transmitting the authentication completion information to the host server if the generated OTP number is the same with the received OTP number.
- OTP one time password
- a preliminary verification method under an Internet environment using a phone authentication service in a system including a first terminal, a web server, an authentication server, a host server, a call server and a second terminal, the method including the steps of: providing a preliminary transaction request generated from the first terminal to the authentication server through the web server; at the authentication server, transmitting the preliminary transaction request information to the host server, and providing preliminary transaction result information corresponding to the preliminary transaction request information from the host server to the first terminal; at the authentication server, in case of receiving a real transaction request generated from the first terminal, receiving and verifying the authentication information from the first terminal according to the electronic transaction approval, and requesting a phone authentication for the second terminal of the user of the authenticated first terminal to the call server; at the call server, receiving approval of the transaction from the second terminal, receiving and verifying an authentication number according to the approval, acquiring the position information of the second terminal from a communication server, and providing the acquired position information and authentication completion information according to the verification to the host
- a preliminary verification method under an Internet environment using a phone authentication service in a system including a first terminal, a web server, an authentication server, a host server, a call server and a second terminal, the method including the steps of: providing a preliminary transaction request generated from the first terminal to the authentication server through the web server; at the authentication server, transmitting the preliminary transaction request information to the host server, and providing preliminary transaction result information corresponding to the preliminary transaction request information from the host server to the first terminal; at the authentication server, in case of receiving a real transaction request generated from the first terminal, receiving and verifying the authentication information from the first terminal according to the electronic transaction approval, and requesting a phone authentication for the second terminal of the user of the authenticated first terminal to the call server; at the call server, generating an authentication call to the second terminal, receiving a one time password (OTP) number corresponding to the authentication call from the second terminal, generating an OTP number by the same number of an OTP device, and transmitting authentication completion information
- OTP one time password
- FIG. 1 is a block diagram illustrating a preliminary verification system under an
- FIG. 2 is a flowchart illustrating a preliminary verification method under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention
- FIG. 3 is a flowchart illustrating a preliminary verification method under an Internet environment using a phone authentication service in accordance with another embodiment of the present invention
- FIG. 4 is a flowchart illustrating a preliminary verification method under an Internet environment using a phone authentication service in accordance with another embodiment of the present invention
- FIG. 5 is a block diagram illustrating a method for post-informing a transaction list through an SMS in accordance with a conventional technology
- Fig. 6 is a block diagram illustrating a preliminary verification method under an
- FIG. 7 is a flow chart illustrating an operation of an authentication server in accordance with an embodiment of the present invention.
- FIG. 8 is a flow chart illustrating an operation of a call server in accordance with an embodiment of the present invention.
- FIG. 9 is a flow chart illustrating an operation of a call server in accordance with another embodiment of the present invention.
- FIG. 10 is a block diagram illustrating a preliminary transaction flow in a preliminary verification system under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention
- FIG. 11 is a block diagram illustrating a real transaction flow in a preliminary verification system under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention
- FIG. 12 is a block diagram illustrating a real approval flow in a preliminary verification system under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention
- FIG. 13 is a block diagram illustrating a real transaction result notification flow in a preliminary verification system under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention
- FIGs. 14 to 17 are diagrams illustrating preliminary transaction request screens of an implemented GUI display in accordance with an embodiment of the present invention.
- FIGs. 18 to 21 are diagrams illustrating preliminary transaction request screens of an implemented GUI display in accordance with another embodiment of the present invention.
- FIG. 22 is a block diagram illustrating a user database of a host server in accordance with an embodiment of the present invention. Best Mode for Carrying Out the Invention
- FIG. 1 is a block diagram illustrating a preliminary verification system under an
- a preliminary verification system under an Internet environment using a phone authentication service includes a first terminal 100, a web server 200, an authentication server 300, a host server 400, a call server 500 and a second terminal 600.
- the first terminal 100 as a user terminal is capable of being connected to the Internet, and includes a personal computer (PC), a notebook, a personal digital assistant (PDA) and an international protocol television (IPTV).
- the web server 200 performs an interfacing function which enables the first terminal to be accessible to an electronic transaction site requested from the first terminal 100, that is, a credibility transaction site, various certificate providing sites of government and public offices, or a site which needs a transaction access for authentication.
- the authentication server 300 performs the authentication for an electronic transaction requested from the first terminal 100 and is Internet banking as a representative example.
- the host server 400 connected to the authentication server 300, processes the electronic transaction requested from the first terminal 100, and may be classified into a financial agency server and a government and public offices server according to a sort of the electronic transaction. That is, the host server 400 may be a server of a financial agency for a general financial transaction or a server of an agency which manages personal affairs/carrier information such as educational matters information, medical information and administration information.
- the call server 500 is implemented by a computer and telephony integration (CTI) authentication and an advanced record system (ARS) authentication which are called through telephone network, and accesses to the second terminal 600 corresponding to user information of the first terminal which the electronic transaction is requested.
- CTI computer and telephony integration
- ARS advanced record system
- the call server 500 receives approval of the electronic transaction, receives and verifies an authentication number according to the approval.
- the call server 500 traces and provides a position of the second terminal 600 to the host server 400.
- the second terminal 600 is called from a call server 500 through a mobile wireless communication network (MWCN) or a public switched telephone network (PSTN), and is corresponding to a number which is registered when a user, who requests the use of service of the present invention, previously contracts with the service providing agency on off-line.
- MWCN mobile wireless communication network
- PSTN public switched telephone network
- FIG. 2 is a flowchart illustrating a preliminary verification method under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention.
- the first terminal 100 connected to the Internet is access to a web site of a financial agency which a transaction is wanted through the web server 200 and requests a preliminary transaction based on the preliminary transaction information inputted from the user at steps SlOl and S 102.
- the web server 200 performs an interface function between the first terminal
- the authentication server 300 transmits corresponding preliminary transaction request information to the host server 400 at step S 103, and after the host server 400 inquires a deposit account number from the transmitted preliminary transaction request information at step S 104, the host server 400 transmits the preliminary transaction result information including user information corresponding to the inquired deposit account number to the authentication server 300 at step S 105.
- the authentication server 300 re-transmits the preliminary transaction result information transmitted from the host server 400 to the first terminal 100 at step S 106 and receives a real transaction request, which is generated by a user who checks the preliminary transaction result information, from the first terminal at step S 107.
- the authentication server 300 requests authentication information for user authentication to the first termi nal 100 at step S 108 and receives the authentication information, which inputted by the user, from the first terminal at step S 109.
- the authentication information is a password of an authentication means which is issued by the authentication server 300 and may be a password of a certificate representatively.
- the authentication server 300 requests the phone authentication to the call server 500 at step Sl 10 and informs the corresponding phone authentication request status of the host server 400 at step Si l l.
- the call server 500 requests an approval selection of the transaction to the second terminal 600 which is registered when the user corresponding to the first terminal 100 previously contracts the use of the phone authentication service with a service providing agency on off-line at step Sl 12.
- the call server 500 enables the second terminal 600 to select the approval, refusal or holding of the transaction.
- the call server 500 requests the authentication number for the user authentication at step Sl 14.
- the call server 500 informs the authentication result failure information of the host server 400 if the number of re-requests are two or more, and the call server 500 re-requests the phone approval selection after holding for a predetermined time if the number of the re-requests are less than two.
- the call server 500 informs the authentication result failure information of the host server 400 if the number of re-requests are two or more, and the call server 500 requests the phone approval selection after holding for a predetermined time if the number of re-requests are less than two.
- the second terminal 600 receives the request of the authentication number from the call server 500 transmits the authentication number inputted from the user to the call server 500 at step 115.
- the call server 500 compares the transmitted authentication number with the authentication stored to be corresponding to the second terminal 600, and transmits the authentication completion information for the second terminal 600 to the host server 400 at step Sl 16.
- the host server400 transmits the processed real transaction completion information to the authentication server 300 at step Sl 18.
- the authentication server 300 re-transmits the transmitted real transaction completion information to the first terminal 100 or the previously registered transaction completion message transmission terminal at step S 119.
- FIG. 3 is a flowchart illustrating a preliminary verification method under an Internet environment using a phone authentication service in accordance with another embodiment of the present invention.
- the first terminal 100 connected to the Internet is access to a web site of a financial agency which a transaction is wanted through the web server 200 and requests a preliminary transaction based on the preliminary transaction information inputted from the user at steps S201 and S202.
- the authentication server 300 transmits corresponding preliminary transaction request in- formation to the host server 400 at step S203, and after the host server 400 inquires a deposit account number from the transmitted preliminary transaction request information at step S204, the host server 400 transmits the preliminary transaction result information including user information corresponding to the inquired deposit account number to the authentication server 300 at step S205.
- the authentication server 300 re-transmits the preliminary transaction result information transmitted from the host server 400 to the first terminal 100 at step S206 and receives a real transaction request, which is generated by a user who checks the preliminary transaction result information, from the first terminal at step S207.
- the authentication server 300 requests authentication information for user authentication to the first terminal 100 at step S208 and receives the authentication information, which inputted by the user, from the first terminal at step S209.
- the authentication server 300 If the authentication information provided from the first terminal 100 is the same with the authentication information which is previously issued, the authentication server 300 requests the phone authentication and a position check to the call server 500 at step S210 and informs the corresponding phone authentication and position check request status of the host server 400 at step S211.
- the call server 500 requests the approval selection of the transaction via a communication server, which is accessed through a mobile wireless communication network (MWCN) or a public switched telephone network (PSTN), to the second terminal 600 of which phone number is registered when the user corresponding to the first terminal 100 previously contracts the use of the phone authentication service with a service providing agency on off-line at step S212.
- MWCN mobile wireless communication network
- PSTN public switched telephone network
- the call server 500 requests the current position of the second terminal 600 to the communication server 700, and receives the position information of the corresponding second terminal 600 from the communication server 700 at step S214.
- the call server 500 receives the approval information corresponding to the transaction approval selection request from the second terminal 600 at step 215.
- the 500 requests the authentication number for the user authentication to the second terminal 600 at step S216.
- the second terminal 600 transmits the authentication number inputted from the user to the call server 500 at step S217.
- the call server 500 compares the transmitted authentication number with the authentication stored to be corresponding to the second terminal 600, and transmits the authentication completion information for the second terminal and the position information of the second terminal 600 to the host server 400 at step S218.
- the host server 400 analyzes a transaction position pattern of the second terminal based on the transmitted position information of the second terminal at step S219, and processes the real transaction according as the second terminal 600 exists on an approval position at step S220.
- the host server 400 may reject the approval if the position of the user is out of range to be moved within 30 minutes by the current traffic means.
- the user position is traced according to the approval information of the user, and the transaction approval is processed if the user exists within the indicated position range.
- the host server 400 determines the approval for the transaction request based on the approval information of the user and transaction trace pattern analysis data.
- the host server 400 After processing the real transaction, the host server 400 transmits the processed real transaction completion information to the authentication server 300 at step S221.
- the authentication server 300 re-transmits the transmitted real transaction completion information to the first terminal 100 or the previously registered transaction completion message transmission terminal at step S222.
- the authentication using the second terminal 600 illustrated in Figs 2 and 3 in every transaction may be used as a strong authentication means, but in case of corporate finance, e.g., transfer of the salary of hundreds of members, each authentication of the second terminal 600 may be cumbersome a lot.
- the present invention enables an OTP device applicable to a general wire/wireless terminal and a mobile communication terminal to be coupled to the second terminal 600, and enables the second terminal 600 to be selectively connected to the OTP device according to the receiving of the authentication call generated from the call server 500.
- the second terminal 600 discriminates the authentication call from a general phone call, and automatically provides the authentication call to the call server 500 by recognizing the authentication call in case of the authentication call.
- the second terminal 600 operates the OTP device and transmits the OTP number, which is automatically generated from the OTP device, to the call server 500.
- the second terminal 600 performs a phone function in case of receiving a general phone call.
- the OTP device may be a voice OTP which generates the OTP by a voice.
- FIG. 4 is a flowchart illustrating a preliminary verification method under an Internet environment using a phone authentication service in accordance with another embodiment of the present invention.
- the call server 500 checks whether the second terminal, of which number is registered when the user corresponding to the first terminal 100 previously contracts the use with the service providing agency on off-line, is a phone number of the corporate finance. In case that the number of the second terminal is the phone number of the corporate finance at step S312 according to the checked result, the authentication call is generated in the second terminal 600 at step S313.
- the second terminal 600 checks the received authentication call, operates the OTP device at step S314 and transmits the OTP number generated from the OTP device to the call server 500 at step S315.
- the call server 500 compares the OTP number transmitted from the second terminal 600 with the TOP number generated to be corresponding to the second terminal, and transmits the authentication completion information for the second terminal 600 to the host server 400 if the compared OTP numbers are the same with each other at step S316.
- the host server 400 transmits the processed real transaction completion information to the authentication server 300 at step S318.
- the authentication server 300 re-transmits the transmitted real transaction completion information to the first terminal 100 or the previously registered transaction completion message transmission terminal at step S319
- Fig. 5 is a block diagram illustrating a method for post-informing a transaction list through an SMS in accordance with a conventional technology.
- the Fig. 5 is shown to be compared with the block diagram illustrating a preliminary verification method under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention in the Fig. 6.
- a server requests a transfer list check. If the check is completed, a fund transfer of a real transaction is requested by the client, and if the transfer is complete, the transfer result is informed of the client or a phone number having a photograph through a short message service (SMS).
- SMS short message service
- the present invention informs the result of transfer or payment as well as preliminary approval.
- the sent invention further includes steps of informing a transfer request of a client through an MWCN or a PSTN and re- verifying the approval of the transfer by a phone receiver as a deposit owner. If the approval is performed by a receiver having an authority, this transaction is processed, and the transfer result is selectively or separately transmitted to a user of the Internent banking or a receiver who performs the authentication.
- FIG. 7 is a flow chart illustrating an operation of an authentication server in accordance with an embodiment of the present invention.
- the authentication server 300 transmits preliminary transaction request information to the host server 400 at step S402 and receives the preliminary transaction result information corresponding to the preliminary transaction request information from the authentication server 300 at step S403.
- the authentication server 300 re-transmits the preliminary transaction result information transmitted from the host server 400 to the fist terminal 100 at step S404 and receives a real transaction request inputted from the user, who checks the preliminary transaction result information, from the first terminal 100 at step S405.
- the authentication server 300 If the real transaction is requested from the first terminal 100, after the authentication server 300 requests the authentication information for the user authentication to the first terminal 100 at step S406, the authentication server 300 generates a verification flag at step S407 and adds Tto the generated verification flag value at step S408.
- the authentication server 300 compares the authentication information received from the first terminal 100 with the authentication information which is previously issued at step S410, and requests the phone authentication to the call server 500 if the compared authentication information are the same with each other at step S412.
- the authentication server 300 checks the verification flag at step S411, re- requests the authentication information to the first terminal and verifies the au- thentication information received from the first terminal 100 if the verification flag value is less than two at steps S406 to S410.
- the authentication server 300 transmits an authentication failure message to the first terminal 100 at step S413, the authentication server 300 completes all operations.
- the authentication server 300 After the authentication server 300 requests the phone authentication to the call server 500, the authentication server 300 informs the phone authentication request status to the host server 400 at step S414, receives the processed real transaction completion information from the host server 400 at step S415 and transmits the processed real transaction completion information to the first terminal 100 or the previously registered transaction completion message transmission terminal at step S416.
- the authentication server 300 requests the phone authentication and position check to the call server at the step S410 and informs the phone authentication and position check request status to the host server 400 at the step 413.
- Fig. 8 is a flow chart illustrating an operation of a call server in accordance with an embodiment of the present invention.
- the call server 500 if the call server 500 receives the phone authentication request from the authentication server 300 at step S501, the call server 500 requests the approval selection of an electronic transaction for a second terminal, which is registered when the user corresponding to the first terminal 100 contacts previously the use with the phone number service providing agency on off-line, which is requested by the first terminal via the communication server 700 connected through the MWCN or PSTN at step S502.
- the call server 500 If the call server 500 receives a response of the electronic transaction approval at step S503, the call server 500 requests the authentication number for the user authentication to the second terminal at step S504, and receives the authentication number corresponding to the authentication number request from the second terminal 600 at step S505.
- a transaction holding is transmitted from the second terminal 600 in response to the requested electronic transaction approval selection at step S506, after the call server 500 adds T to a transaction holding value at step S507, the call server 500 re-requests the electronic transaction approval selection to the second terminal according to a predetermined period at step S502 if the added transaction holding value is less than a predetermined value, e.g., two at step S508.
- a predetermined value e.g., two at step S508.
- the call server 500 performs repeatedly the re-request step of the transaction holding value addition and the electronic transaction approval selection. If the transaction holding value is two or more at step S508, after the call server 500 transmits the authentication failure message to the authentication server 300 or the host server 400 at step S509, the call server 500 completes the authentication processes.
- the call server 500 receives the authentication number from the second terminal 600 at step S515, the call server 500 compares the received authentication number with the authentication number stored to corresponding to the second terminal 600 at step S516 and transmits the authentication completion information for the second terminal 600 to the host server 400 if the compared authentication numbers are the same with each other at step S518.
- the call serer 500 checks the verification flag at step S517. In case that the verification flag value is less than two, the call serer re-requests the authentication number for the second terminal 600 and performs the steps of verifying the authentication information at steps S513 to S516.
- the call server 500 transmits the authentication failure message to the authentication server 300 or the host server 400 at step of S519 and completes all operations.
- the call server 500 further includes the steps of requesting the position check to the communication server 700, receives the position information of the second terminal 600 from the communication server 700 and transmits the position information to the call server 500 in addition to the authentication processes as mentioned in Fig. 8.
- FIG. 9 is a flow chart illustrating an operation of a call server in accordance with another embodiment of the present invention.
- the call server 500 receives the phone authentication from the authentication server 300 at step S601, in case that the second terminal 600, of which number is registered when the user corresponding to the first terminal 100 previously contracts the use with the service providing agency on off-line, is a number for a corporate finance at step S602, the call server 500 generates an authentication call to the second terminal at step S603.
- the call server 500 counts a predetermined time at step S604, and if the OTP number is transmitted from the second terminal 600 during a count at step S605, the call server generates an OTP number by the same scheme with the OTP generation scheme of the second terminal 600 at step S606.
- the call server 500 compares the generated OTP number with the OTP number transmitted from the second terminal 600 at step S607. If the compared OTP numbers are the same with each other, the call server 500 transmits the authentication completion information for the second terminal to the host server 400 at step S608, and if the compared OTP numbers are not the same, the call server 500 transmits the authentication failure message to the authentication server 300 or the host server 400 at step S609.
- the call server 500 generates and transmits the authentication failure message to the authentication server 300 or the host server 400 at step S610.
- Fig. 10 is a block diagram illustrating a preliminary transaction flow in a preliminary verification system under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention.
- Fig. 11 is a block diagram illustrating a real transaction flow in a preliminary verification system under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention.
- Fig. 12 is a block diagram illustrating a real approval flow in a preliminary verification system under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention.
- Fig. 13 is a block diagram illustrating a real transaction result notification flow in a preliminary verification system under an Internet environment using a phone authentication service in accordance with an embodiment of the present invention. [122] As shown in Figs.
- transaction information e.g., an account PIN number, a deposit account number, a deposit money and a receiver
- a transfer commander e.g., a fist terminal
- a transfer preliminary transaction is performed with one -bank host server 400.
- an information exchange and transaction information between the one-bank host server 400 and another-bank host server 400 are checked, and a signal which requests a transfer list (e.g., deposit/withdraw account number, deposit money and receiver) may be re-transmitted to the transfer commander.
- a transfer list e.g., deposit/withdraw account number, deposit money and receiver
- FIGs. 14 to 17 are diagrams illustrating preliminary transaction request screens of an implemented GUI display in accordance with an embodiment of the present invention.
- Fig. 14 illustrates a graphic user interface (GUI) displayed on a display screen of the first terminal 100 in a transfer transaction. After each user input information in each input field, if a transfer button is clicked, an event corresponding to the click occurs, and the corresponding information is transmitted to the authentication server 300.
- Fig. 15 illustrates a GUI of a preliminary transaction response. Response information is transmitted from the host server 400 according to the transmitted preliminary transaction request information.
- GUI graphic user interface
- Fig. 16 illustrates a GUI of a real transaction response
- Fig. 17 illustrates a GUI of a transaction result inquiry GUIS and enables a user to check and mange the result on a graphic screen.
- Figs 18 to 21 are diagrams illustrating preliminary transaction request screens of an implemented GUI display in accordance with another embodiment of the present invention.
- Fig. 18 to 21 illustrate a GUI of a information request of the second terminal 600 which is performed before or after an initial preliminary transaction information is input so that the service of the present invention is provided in case that he number of the second terminal 600 is not input when a user previously contacts the use with the service providing agency on off-line.
- Figs. 18 and 19 are GUIs which the number of the second terminal
- Fig. 20 is a GUI which is displayed on a screen display of the first terminal 100 from the authentication server 300, and enables a user to check the authentication number which is requested for the phone authentication.
- the Fig. 21 shows a GUI of a transaction information input GUI displayed on the display screen of the first terminal 100 after the authentication number is issued.
- Fig. 22 is a block diagram illustrating a user database of a host server in accordance with an embodiment of the present invention.
- the host server 400 analyzes a transaction position pattern of the second terminal 600 through a database as shown in Fig. 22 and processes the real transaction after checking the second terminal exists on an approval position.
- the preliminary verification system under an Internet environment using a phone authentication service is designed so that the preliminary verification system transmits the result to the authentication server, informs the result of the client, and request a continuous performance of the transfer.
- the process may be simplified by transferring directly the verification result of the one-bank host server without the Internet banking server.
- the preliminary verification system under an Internet environment using a phone authentication service in accordance with the present invention is a bidirectional transaction system which improves security and integrity of the authentication by performing a preliminary check, authentication and approval through the ARS after inputting information requested in an electronic financial transaction.
- the present invention complements a limitation point and a weak point caused by a conventional single direction transaction system, which performs a process if approval is requested simply after authentication information is inputted.
- the present invention prevents a financial accident perfectly by previously checking, authenticating and approving an occurrence of the banking accident caused by a hacking or prevents transaction rejection by pointing out the limitation of duty and authority of a service provider and a service user.
- This bidirectional correlation authentication provides perfect accident prevention, a transaction list preliminary verification and a security authentication service and activates the Internet banking and phone banking of future.
- the preliminary verification system under an Internet environment using a phone authentication service in accordance with the present invention protects personal information by reinforcing a security in an electronic transaction work which authenticates various check and issuance to an authorized user through the verification.
- the present invention re-checks willing of a user by reinforcing the authentication in the use of registration of various services.
- the present invention defines the duty and authority of the service provider and the service user by previously performing authentication of a specific authorized person in case that the authority of the user is limited.
- an efficiency of the work may be improved according to the limitation of an illegal use of other's name or an illegal forgery/alteration and an issue abuse by indicating an owner of the real estate or a person having a specific authority and by checking and approving a proper approval authority based on a preliminary authentication through the ARS.
- the present invention supports a safe and flawless service by indicating a person having an approval authority or a specific authority and by checking and approving a proper approval authority based on a preliminary authentication through the ARS.
- the present invention supports a safe and flawless service by indicating a person having an approval authority or a specific authority and by checking and approving a proper approval authority based on a preliminary authentication through the ARS.
- IPTV Internet Protocol TV
- the present invention supports a safe and flawless service by indicating a person having an approval authority or a specific authority and by checking and approving a proper approval authority based on a preliminary authentication through the ARS.
- DMB Digital Multimedia Broadcasting
- the present invention supports a safe and flawless service by indicating a person having an approval authority or a specific authority and by checking and approving a proper approval authority based on a preliminary authentication through the ARS.
- the present invention supports a safe and flawless service by indicating a person having an approval authority or a specific authority and by checking and approving a proper approval authority based on a preliminary authentication through the ARS.
- the present invention performs a bidirectional correlation preliminary verification above the limitation of the single direction approval of a conventional certificate authentication by performing a preliminary authentication process through the ARS by additionally user or a specific authorized person in case of being requested according to the present invention.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/307,258 US8191118B2 (en) | 2006-07-03 | 2007-04-23 | Preliminary verification system which has a authentication by phone on the internet environment |
JP2009517955A JP5290968B2 (en) | 2006-07-03 | 2007-04-23 | Internet-based pre-verification system using telephone authentication service |
Applications Claiming Priority (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR20060062121 | 2006-07-03 | ||
KR10-2006-0062121 | 2006-07-03 | ||
KR10-2007-0012304 | 2007-02-06 | ||
KR20070012304 | 2007-02-06 | ||
KR1020070022197A KR100914548B1 (en) | 2006-07-03 | 2007-03-06 | The Preliminary Verification System which has a Authentication by Phone on the Internet Environment |
KR10-2007-0022197 | 2007-03-06 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2008004750A1 true WO2008004750A1 (en) | 2008-01-10 |
Family
ID=38894692
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2007/001973 WO2008004750A1 (en) | 2006-07-03 | 2007-04-23 | The preliminary verification system which has a authentication by phone on the internet environment |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2008004750A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014082346A1 (en) * | 2012-11-30 | 2014-06-05 | Wu Weifeng | Implementation method of secure internet bank |
EP2897094A4 (en) * | 2012-09-14 | 2016-05-04 | Thinkat Co Ltd | Method for phone authentication in e-business transactions and computer-readable recording medium having program for phone authentication in e-business transactions recorded thereon |
CN107148011A (en) * | 2017-05-12 | 2017-09-08 | 腾讯科技(深圳)有限公司 | A kind of methods, devices and systems of performance objective business |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5987232A (en) * | 1995-09-08 | 1999-11-16 | Cadix Inc. | Verification server for use in authentication on networks |
US20020059146A1 (en) * | 2000-09-07 | 2002-05-16 | Swivel Technologies Limited | Systems and methods for identity verification for secure transactions |
WO2005015422A1 (en) * | 2003-08-11 | 2005-02-17 | Sony Corporation | Authentication method, authentication system, and authentication server |
KR20060060529A (en) * | 2004-11-30 | 2006-06-05 | 김경희 | Electronic payment method and system |
-
2007
- 2007-04-23 WO PCT/KR2007/001973 patent/WO2008004750A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5987232A (en) * | 1995-09-08 | 1999-11-16 | Cadix Inc. | Verification server for use in authentication on networks |
US20020059146A1 (en) * | 2000-09-07 | 2002-05-16 | Swivel Technologies Limited | Systems and methods for identity verification for secure transactions |
WO2005015422A1 (en) * | 2003-08-11 | 2005-02-17 | Sony Corporation | Authentication method, authentication system, and authentication server |
KR20060060529A (en) * | 2004-11-30 | 2006-06-05 | 김경희 | Electronic payment method and system |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2897094A4 (en) * | 2012-09-14 | 2016-05-04 | Thinkat Co Ltd | Method for phone authentication in e-business transactions and computer-readable recording medium having program for phone authentication in e-business transactions recorded thereon |
WO2014082346A1 (en) * | 2012-11-30 | 2014-06-05 | Wu Weifeng | Implementation method of secure internet bank |
CN107148011A (en) * | 2017-05-12 | 2017-09-08 | 腾讯科技(深圳)有限公司 | A kind of methods, devices and systems of performance objective business |
CN107148011B (en) * | 2017-05-12 | 2021-02-26 | 腾讯科技(深圳)有限公司 | Method, device and system for executing target service |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8191118B2 (en) | Preliminary verification system which has a authentication by phone on the internet environment | |
CN101919219B (en) | Method and apparatus for preventing phishing attacks | |
US20070261114A1 (en) | Method and system for secure sharing of personal information | |
US20070055732A1 (en) | Location information for avoiding unwanted communications systems and methods | |
US10579996B2 (en) | Presenting a document to a remote user to obtain authorization from the user | |
CA2884416C (en) | Obtaining a signature from a remote user | |
KR20160064061A (en) | Payment system and payment method, additional service, url-nfc payable card and server | |
US11658962B2 (en) | Systems and methods of push-based verification of a transaction | |
EP3522061A1 (en) | System for managing jointly accessible data | |
EP2400709B1 (en) | Anti-hacking system through telephone authentication | |
JP2007293598A (en) | Financial transaction service method and system using potable terminal | |
US20200320538A1 (en) | Authorizing transactions using negative pin messages | |
WO2008004750A1 (en) | The preliminary verification system which has a authentication by phone on the internet environment | |
KR100563544B1 (en) | Method for authenticating a user with one-time password | |
KR20140125299A (en) | Method for providing direct debit service through electronic signature authentication based by mobile messaging | |
KR20090019278A (en) | Authentication system for electonic service using telephone network | |
KR101559203B1 (en) | Biometric information authentication system and method | |
KR102209881B1 (en) | Method for authentication using mobile originated service | |
KR100387935B1 (en) | Method of Identity Confirmation by Online Used Resident Registration Number | |
CN110933954A (en) | Credit guarantee system | |
KR101631661B1 (en) | Method of providing card transaction service using social network and server performing the same | |
JP2005148984A (en) | Method and system for controlling password by purpose | |
KR20020072006A (en) | On-line Credit Management System and Methods for Providing Credit Information of Alliance and User Using the Same | |
WO2015031129A1 (en) | Presenting a document to a remote user to obtain authorization from the user | |
KR100564009B1 (en) | Pre-protection system for appropriation of the credit information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07746135 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 12307258 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2009517955 Country of ref document: JP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
NENP | Non-entry into the national phase |
Ref country code: RU |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 07746135 Country of ref document: EP Kind code of ref document: A1 |