KR20010081122A - A Interface system which produce user centification and security function in on-line cache check system using mobile phone - Google Patents

Abstract

Mobile phones, which are already popularized, are being used as various products in everyday life in communication devices that provided voice calls in the early days. For example, in electronic commerce, it is used as a substitute for credit and debit cards, which are user authentication devices for purchasing small items. In addition, it is used as a terminal of the public transportation fare payment system in the form of an electronic wallet offline, and is used as a vending machine fare payment system by linking a communication company and a vending machine management company. In particular, in the online micropayment system using a mobile phone, the problem of personal identity theft and credit card number theft is solved by reinforcing the user's authentication process online. In addition, by eliminating the user's inconvenience in accordance with the postpaid concept in prepayment of debit cards and electronic cards (smart cards), related companies are rapidly promoting the introduction of payment systems using mobile phones.

However, when looking at the structure of the online micropayment system using a mobile phone, it includes the following problems and inconveniences. First, it can be used as the same certified product according to cell phone duplication. Secondly, in the authentication process used in the existing system, the user has to inconvenience the need to directly input the security code transmitted to the mobile phone online. Third, data entry is quite inconvenient due to the implicit keypad structure of a mobile phone when using electronic commerce via wireless Internet. Therefore, the present invention is to solve the three problems described above, and to develop a variety of functions to develop an interface system for providing user authentication and security functions in the online micropayment system using a mobile phone on the wired and wireless Internet.

The main features of the present invention are first, using a USB port, using a power supply (5V, 500mA) provided by the computer, and performs data communication with the PC application program to be developed. Second, when the personal mobile phone is connected to the device, it is automatically recognized as the authentication system of the online micropayment system, and the user information necessary for payment is transmitted to the PC application. Third, in order to reinforce user security, a separate security key is stored in a specific memory of a mobile phone when installing a PC application, and hacking is prevented by duplicating the mobile phone during online payment. Fourth, in order to increase the usability of the device in daily life, the PC application program provides data management, text input support, and shortcut keys through a regular keyboard when accessing the mobile Internet. In addition to these various functions, the present invention is intended to be utilized as an interface system for linking a mobile phone and a computer and an additional device for a mobile phone user in an online micropayment system using a mobile phone.

Description

Interface system which produces user centification and security function in on-line cache check system using mobile phone}

The present invention relates to a user interface system that compensates for the disadvantages arising from a series of information delivery processes, such as user authentication and security code delivery of an online micropayment system using a mobile phone. In addition, it provides an easy function to access the Internet by providing a shortcut key function when the user accesses the wired or wireless Internet using a mobile phone.

The mobile phone goes through the IS-95A and IS-95B service steps to provide IS-95C services. The mobile phone of the existing IS-95A is simply used as a means of voice communication, but it is being used as a wireless Internet from the IS-95B to text service functions and data communication. In addition, the importance of electronic commerce has begun to emerge in wired Internet systems that have been popularized since 1996. In particular, the market for electronic commerce through the Internet is growing exponentially. In the early days of e-commerce, online shopping malls had significant problems such as user authentication, credit card number theft, and expensive credit card fees. In response, the security of user authentication and data transfer has emerged, and various solutions have been developed. The specific example of the authentication process and payment payment system implemented in e-commerce so far is as follows.

In the user authentication method, a method using user login information (ID, password), an operation of an encryption program installed on a computer, an encryption key provided by a service company, a method using a smart card, and a user using a fingerprint reader as a biometric authentication system There is an authentication method. First of all, the biggest problem with the first user login information is that others can use it due to the leakage of user information. This has been pointed out as a problem through the domestic and foreign media, but most e-commerce providers use this method. Secondly, the use of encryption programs and encryption keys provided by service providers are widely used in the current Internet banking, which implies spatial constraints in the application of e-commerce. This is a space limitation because the installation system is installed in the user's computer. The third method, using a smart card, is very secure in user authentication, and there is no space limitation, but there is a problem in spreading devices. It is still in the form of a pilot project, and there is no standardization work among vendors, so much time is required for public use. The fourth method, which uses a biometric authentication system, basically uses a user's biometrics, and thus, theft and duplication are impossible. However, there is a disadvantage in that the hardware price of the biometric authentication system is expensive and there is no additional usability (additional function) other than the authentication system.

Payment methods for electronic commerce include payment methods based on unpaid payment, payment methods based on the transfer of a user's credit card number online, methods using smart cards and debit cards, and payment methods through mobile phones. First of all, there is no problem with the user information leakage, but the payment method according to the deposit of the passbook is disadvantageous in that the payment method for the purchase of the goods is performed offline. Of course, there is a method using the Internet banking, but this also has the above-described disadvantages, so a detailed description thereof will be omitted. The second payment method using a credit card is the most widely used method. The purchase of goods through the user login information is a method of informing the user's credit card number and password. However, this method has the problem of hacking the user's information and making it easy for others to steal the credit card number and password. In addition, adolescents who cannot possess a credit card have an institutional problem in order to use e-commerce. In addition, the industry pointed out that even a general user has a lower level of intention to purchase a product through a complicated process such as authentication process, card number and password entry. Using a third card has a problem in expanding the user base. Fourth, the payment method using a mobile phone has been recently implemented, and related companies are showing much interest. In particular, the security code that is transmitted as a text message of the mobile phone is known to solve the user authentication problem in electronic commerce. In addition, fee payment comes with the mobile phone usage fee, which is evaluated as a payment system for the youth. However, in the technical aspect, this also poses a security problem. For example, the ESN code and user's phone number in a cell phone can be duplicated, which can be used with the same cell phone. In addition, when the security code arrives, the user has to check the security code and enter it online again.

The present invention seeks to invent an interface system for providing a more convenient function in a user authentication procedure and a micropayment system when the user uses an e-commerce using a mobile phone by supplementing the above-described disadvantages. To this end, the present invention has the following technical contents to increase the usability of the online micropayment system and the present system using a mobile phone.

First, it has a device structure that can be connected to a computer's USB port and supports its own communication protocol.

Second, the power supply (5V, 500mA) supported by the computer's USB port eliminates the need for a separate power supply and provides mobile phone charging.

Third, when the PC application is installed, the present invention automatically reads the basic authentication key (ESN Code, terminal model, user's phone number) value from the user's mobile phone and supports the function of storing it in the PC as an encrypted data structure. In addition, the security code supported by the present invention supports the function of storing the user's mobile phone specific memory address.

Fourth, when a user's mobile phone is connected to the present invention, it basically provides a communication function interworking with a PC application program, and provides a function of automatically accessing the homepage of an e-commerce company defined by the user at the time of connection.

Fifth, in the above function, when the e-commerce company automatically accesses, the user login information is compared with the security code stored in the mobile phone and the PC to confirm that the same person and deliver the user login information to the server.

Sixth, if a company adopts a micro payment system using a mobile phone, a text message delivered by a service provider for user authentication automatically reads the security code value that arrives at the user's mobile phone and feeds it back to the service company. To provide.

Seventh, after a series of e-commerce processes are processed, the processing results are stored in the processing result list DB of the user's mobile phone and user computer, and are provided as useful functions in case of future disputes.

Eighth, the user can easily and conveniently use various data stored in the user's mobile phone through the user's computer. Typically, the mobile phone main screen editor and the existing data list (telephone book) when the user's mobile phone is changed Regardless of the same support.

1 is a block diagram showing the internal configuration of the present invention system.

2 is a flow chart showing the operation of the present invention.

3 is a view showing the security code generation itself provided by the present invention.

4 is a diagram showing the configuration of the online micropayment system using a mobile phone currently being serviced and pointed out problems.

FIG. 5 is a diagram representing a problem to be solved by using the present invention in the problems pointed out in the system of FIG.

<Explanation of Signs of Major Parts of Drawings>

100: block diagram of invention

101: USB Port

102: power stabilization module with a system protection circuit

103: Mobile Phone Charging Module

104: hands free module

105: mobile phone connection cable (removable)

106: microphone

107: Speaker

110: microprocessor unit of the invention (operation processing and program execution)

Hereinafter, with reference to the accompanying drawings for the configuration and operation of the embodiment of the present invention in order to achieve the object of the present invention will be described in detail.

1 shows a hardware block diagram of the present invention. Hardware 100 of the present invention is composed of a computer 130, a mobile phone (120). The connection between the present invention and the computer is connected to the input / output device of the computer by means of a cable through the USB input / output port 101 attached to the invention. At this time, four cables are connected to the computer, and each of the two power lines (VCC, GND), one data line, and one clock line. The power supply of the present invention and the keyboard uses a DC 5V, 500mA from the computer. The power stabilization module 102 is adopted within the present invention for the stability of each system.

Among the functions of the present invention, a separate charging module 103 is supported for charging a mobile phone. A dedicated chip (SC1565) capable of voltage regulation is used inside the charging module, and the microprocessor 110 directly controls the charging operation according to the state of charge and current consumption according to the use of the system. At this time, stop charging the mobile phone to measure the state of charge, and use the A / D converter to measure the voltage from the charger.

In order to support the hands-free function, the present invention employs the hands-free dedicated module 104. At this time, the connection method between the mobile phone and the present invention is connected to the audio input / output terminal provided on the left side of the mobile phone using a three-wire cable, and the function of each line is input to one audio signal line output from the mobile phone and the mobile phone. It consists of one microphone line to be connected and the GND line provided by the mobile phone. The voice output of the cellular phone is input to the voice amplification dedicated IC KA2206B of the hands free module 104, and the amplified signal is output through the small speakers 1W and 8Ω. The voice input of the mobile phone user is transmitted to the mobile phone through the small microphone 106 through a simple filtering circuit.

In order to deliver a function supported by the present invention, a connection cable 105 is used for connection with a mobile phone. The connection cable provides pin specifications suitable for each mobile phone, and the basic pin connection has a general connection supported by existing mobile phone data cables such as one line of mobile phone charging, two lines of data transmission (RX and TX) and two lines of mobile phone power.

The text input support module 111 supports a function of converting data transmitted through communication with a computer into data recognizable by a mobile phone. On the contrary, the present invention also includes a function of transferring the data inputted by the present invention by controlling the mobile phone to the PC. For example, the PC processes the ESN code value of the mobile phone and the security code value inside the mobile phone and transfers it to the PC. The technology in this regard is described in detail in FIG.

2 illustrates the software embedded in the one-chip microprocessor of the present invention, which describes a series of processes related to data transmission through communication with a computer and a process of transmitting initial authentication key values to a user's mobile phone. For reference, the software regarding the hands-free function and the charging function operated in the system will be omitted. First of all, the present invention is installed in a USB port of a computer, and a PC application program for controlling the same satisfies the precondition that it is installed. When the user's mobile phone 120 is connected to the mobile phone connection cable 105 of the present invention 100, the process of checking the mobile phone connection state of FIG. . The present invention 100 checks the user's mobile phone type, and reads the user information embedded in the mobile phone through the serial communication with the mobile phone. If the user information is a registered cellular phone, the process proceeds to step 212, and if the cellular phone is not registered, a process 202 for reading more detailed information from the cellular phone is performed. In this process, the present invention receives the magnetic number embedded in the user's mobile phone and transmits it to the application program of the computer (203). The application installed in the computer 130 analyzes the user data delivered by the present invention to determine whether there is no preprocessed content (user search already installed), and if there is no problem, the present invention 100 to continue the user registration procedure. To pass on. If the invention has been notified of the processing result, the processing proceeds to step 205 and if authentication is not allowed, the process moves to step 211 and transmits a non-registration message to the user, and terminates the system. In contrast, the process proceeds to step 206 to continue the authentication process, requesting detailed data related to the ESN code, other mobile phone versions, and forwarding the data to the user's computer when the corresponding data arrives from the mobile phone (207). Do this. The computer receiving the detailed user information performs a step 208 of granting a separate authentication key using the user's information. The authentication key generation method is described in FIG. When the step 208 of receiving the authentication result processed by the computer is performed, the invention 100 stores the authentication key value in a user's mobile phone specific memory, and stores the stored data as the same as the authentication key stored in the computer through the present invention. The process 210 of determining is performed.

The process described so far describes the process in which the user's mobile phone is initially registered in the PC application program of the present invention. If the mobile phone is registered in the processing step 201, the ESN code, magnetic number, internal mobile phone of the mobile phone to which the present invention is connected A step 212 of receiving a version, authentication key value is performed. In operation 213, when the invention 100 delivers the data received from the mobile phone to the computer 130, the computer performs a step 214 of transferring the result to the invention through a user confirmation procedure. If the received result is an unauthorized user, the operation 215 performs the disabling display step 211 and ends. In contrast, if an authorized user, the present invention and the mobile phone enter the standby state, and the user computer performs an automatic connection to a defined shopping mall or a specific site as in step 216. After such a series of processes, if there is no separate authentication request operation in step 217, the present invention performs the above-described additional functions (phone data management, text input support, etc.). At this time, when another authentication procedure is required, the process starts again at step 201.

4 is a diagram showing the configuration of an online micropayment system using a mobile phone, and FIG. 5 is a representation of an improvement in using the present invention with respect to the problem of the system of FIG. 4. A description will now be given of the technology currently being serviced in detail with reference to FIG. 4.

Step 1: When a user accesses an online shopping mall company and performs a user login operation, and if the login operation is successfully performed, the user selects an item to purchase and sets the payment method using a mobile phone.

Step 2: The online shopping mall company requests the authentication process of the user to the authentication service organization for user verification.

Step 3: The authentication service agency sends the security code to the wireless communication service provider after the user verification process is sent to the mobile phone of the user who requested the authentication.

Step 4: The wireless service provider sends data to the user's mobile phone through its wireless repeater.

Step 5: The user checks the security code sent to the mobile phone and re-enters the security code to the online shopping mall company to purchase the item.

Step 6: Payment for the purchase of the goods is delivered to the user along with the bill.

In the course of going through these steps, the present inventors propose one major problem. As shown in FIG. 4, it will be pointed out that in the process of authenticating a user's mobile phone, it is possible to steal another person due to the mobile phone duplication. More technically speaking, it is technically possible for a user B's mobile phone to be copied to the same number as B. This can be seen from the fact that the technology of replicating the same number before the popularization of mobile phones was successful. Next, the cumbersome process of checking and re-entering the security code sent to the mobile phone is no different from the conventional credit card number input method.

In order to improve these problems and inconveniences, a system like FIG. 5 using the present invention is proposed. 5 is described in the same manner as described above.

Step 1: When the present invention is installed on the user's computer and the user accesses the mobile phone to the present invention, the user authentication process is automatically performed by the method described above, and the automatic login operation is performed on a specific online shopping mall.

Step 2: If login is successful, select the item you want to purchase and set the payment method to mobile phone.

Step 3: The online shopping mall company requests the user's procedure to the authentication service organization for user verification.

Step 4: The certification service organization sends a security code to the user's mobile phone after requesting verification from the wireless service provider.

Step 5: The wireless service provider sends data to the user's mobile phone through its wireless repeater.

Step 6: The present invention checks the security code sent to the mobile phone automatically handles the task of retransmitting the security code to the online shopping mall company, and purchases the goods.

Step 6: Payment for the purchase of the goods is delivered to the user along with the bill.

The present invention has the advantage of increasing the usability of the mobile phone in daily life by providing a shortcut function through a common keyboard when managing data stored in the mobile phone, character input support, mobile Internet access using a PC application program. In addition, it is recognized as an authentication system of the online micropayment system, and has a feature of supporting more stable e-commerce by linking user information necessary for payment with a PC application program.

These functions provide more convenient interface system and security from the user's point of view, making it possible to take advantage of the online micropayment system using a mobile phone. The service provider side will bring more sales because it can accommodate more users and prevent consumers from lowering their purchasing motivation through easy purchasing procedures.

Claims (8)

The present invention relates to a user interface system that secures shortcomings caused by a series of information transmission processes such as user authentication and security code delivery of an online micropayment system using a mobile phone. According to claim 1, the present invention supports the function of automatically reading the basic authentication key (ESN Code, terminal model, user phone number) value from the user's mobile phone to the PC in an encrypted data structure, and separately from the present invention It includes a PC application that supports the function to save the security code supported by to a specific memory address of the user's mobile phone. The method of claim 1, when the user's mobile phone is connected to the present invention, it basically provides a communication function interworking with a PC application program, and provides a function of automatically accessing a homepage of an e-commerce company defined by the user at the time of connection. According to claim 3, when the e-commerce company automatically accesses the user login information compared to the security code stored in the mobile phone and PC to confirm that the same person to automatically transfer the user login information to the server company. The method of claim 1, wherein the processing result is stored in the processing result list DB of the user's mobile phone and the user's computer after the series of electronic commerce processes are processed. The invention of claim 1 has a device structure accessible to a USB port and supports its own protocol. The power supply of the USB port of the computer does not require a separate power supply, and also provides a charging function of the mobile phone. According to claim 1, the configuration of the present invention is a central processing unit (110) consisting of a microprocessor, hands-free module (104) for performing hands-free function, power stabilization module (102) for protecting the system from power, charging of the terminal The charging module 103 provides a function, a USB port 101 for data communication with a PC, and a mobile phone connection cable 105 serving as an interface between the mobile phone 120 and the central processing unit.