KR100942608B1 - Method for Processing Wireless One-time Authentication Mobile Phone Loss - Google Patents

Abstract

The present invention relates to a loss processing method and system for a wireless disposable authentication mobile phone and a recording medium therefor. The loss processing method for a wireless disposable authentication mobile phone according to the present invention is performed by a customer through a carrier server (or a loss report server). In the case of the loss report, the step of confirming the loss report information-lost cell phone information and lost date and time information for the mobile phone reported lost in connection with the communication company server (or loss report server) in the information checking means, the lost report information Upon confirming, confirming whether the lost mobile phone is provided with a function for processing a one-time authentication key-based wireless security authentication based on the lost report information in the terminal checking means and the one-time authentication key-based wireless on the reported mobile phone. If a security authentication function is provided, the transmission means from the wireless communication network to the mobile phone Transmitting the one-time authentication disabling code (or command) to process the one-time authentication function to be disabled.

Wireless authentication, cell phone lost, lost

Description

Method for Processing Wireless One-time Authentication Mobile Phone Loss}

1 is a view showing the configuration of a one-time authentication key-based wireless security authentication processing system according to an embodiment of the present invention.

2 is a diagram illustrating a program providing system configuration for remotely downloading a one-time authentication program to a wireless terminal according to an embodiment of the present invention.

3 is a diagram illustrating a configuration of wireless terminal information having a one-time authentication program according to an embodiment of the present invention.

4 is a diagram illustrating one-time authentication management information provided to a wireless terminal according to an embodiment of the present invention.

5 is a diagram illustrating one-time authentication management information provided to a wireless terminal according to another embodiment of the present invention.

6 is a diagram illustrating a process of remotely downloading and downloading the one-time authentication program to a wireless terminal according to an embodiment of the present invention.

7 is a diagram illustrating a wireless terminal function configuration having a one-time authentication key based wireless security authentication processing function according to an embodiment of the present invention.

8 is a diagram illustrating a configuration of a one-time authentication key-based wireless security authentication processing system according to an embodiment of the present invention.

9 is a diagram illustrating a one-time authentication function disabling process of a wireless terminal according to an embodiment of the present invention.

10 is a diagram illustrating a one-time authentication area output and one-time authentication key-based wireless security authentication validation process for wireless security authentication processing according to an embodiment of the present invention.

11 is a diagram illustrating a one-time authentication area output and one-time authentication key-based wireless security authentication validation process according to another embodiment of the present invention.

12 is a diagram illustrating a one-time authentication area output and one-time authentication key-based wireless security authentication validation process according to another embodiment of the present invention.

13 is a view illustrating a one-time authentication key-based wireless security authentication validation process through other areas other than the one-time authentication area output and the one-time authentication area output for wireless security authentication processing according to an embodiment of the present invention.

14 is a diagram illustrating a one-time authentication key-based wireless security authentication validation process through another area other than the one-time authentication area output and the one-time authentication area output for wireless security authentication processing according to another embodiment of the present invention.

15 is a diagram illustrating a one-time authentication key-based wireless security authentication validation process through another area other than the one-time authentication area output and the one-time authentication area output for wireless security authentication processing according to another embodiment of the present invention.

16 is a diagram illustrating a disabling process of disabling a one-time authentication function according to an embodiment of the present invention.

17 is a diagram illustrating a process of generating a time synchronization-based one-time authentication key for wireless security authentication processing according to an embodiment of the present invention.

18 is a diagram illustrating a process of generating a challenge-response based one-time authentication key for wireless security authentication processing according to an embodiment of the present invention.

19 is a diagram illustrating a process of inputting and transmitting a one-time authentication key according to an embodiment of the present invention.

20 is a diagram illustrating a process of inputting and transmitting a one-time authentication key according to another embodiment of the present invention.

21 is a diagram illustrating a one-time authentication key-based wireless security authentication process according to an embodiment of the present invention.

22 is a diagram illustrating a one-time authentication key-based wireless security authentication process according to an embodiment of the present invention.

<Description of main parts of drawing>

100: wireless terminal 105: network management system

110: management server 115: financial system

120: ledger D / B 125: program providing server

130: authentication server 135: financial server

140: payment server 145: wireless web server

150: wireless server

The present invention, when the customer reports the loss of the mobile phone through the carrier server (or lost report server), the loss report information for the lost-reported mobile phone in connection with the carrier server (or lost report server) in the information checking means Confirming the mobile phone information and the lost date and time information; and upon confirming the lost report information, the terminal checking means has a function of processing a one-time authentication key-based wireless security authentication based on the lost report information. And confirming that the mobile phone has a one-time authentication key-based wireless security authentication function, and transmitting the one-time authentication disabling code (or command) from the transmission means to the mobile phone through a wireless communication network. Lost processing room of a wireless disposable authentication mobile phone comprising the step of processing it to be disabled It's about the law.

As the rapid development of information and communication technology is applied to the financial industry, most of the financial transactions (or payments) and various service industries that have been conventionally face-to-face have been made online through non-face-to-face financial transactions (or payments) and online services. Developed into an industry.

As the non-face-to-face financial transactions (or payments) and online service industries are gradually activated, cases of security problems such as online anonymity and security shortcomings in communication protocols are increasing rapidly. The non-face-to-face financial transactions (or payments) and online services are based on a method of using an encryption / decryption-based security protocol to solve anonymity, compensate for shortcomings in communication protocols through real name verification.

Recently, various non-face-to-face financial transactions (or payments) and online services that have been activated online have been transferred to the wireless field using the wireless network due to the opening of the wireless network and the expansion of the wireless communication infrastructure. Most wireless terminals are not only more constrained to MMI (Man Machine Interface) than the wired terminals used online, but also have low computing power, and the communication speed of the wireless network is lower than on-line. Due to different security shortcomings, it includes a problem that is difficult to apply the security function applied online as it is, the security function applied to the wireless field minimizes user input, and refrains from advanced encryption / decryption operations. It is preferable that it is made into the form to do.

On the other hand, as a means for solving the online security problem, a one-time authentication key method called a one-time password (OTP) is commercially available, so-called OTP generator for the security function of the one-time authentication key method Although a module called a wireless terminal is used recently, an example of using the wireless terminal as an OTP generator for an online security function (for example, inputting an OTP generated by a wireless terminal to an online wired terminal) has been commercialized. In order to apply the OTP commercially available online to transactions (or payments) and wireless services, a national policy (eg, a two-factor policy in which the OTP generator must be logically separated from the communication terminal), or security This includes problems on elements (eg, lost wireless terminals, or changes in wireless carriers, etc.).

An object of the present invention for solving the above problems, the function of processing a wireless security authentication based on the one-time authentication key on the mobile phone reported lost in connection with the carrier server (or loss report server) that receives and processes the customer's mobile phone lost report If the mobile terminal is provided with a one-time authentication key-based wireless security authentication function for checking whether the terminal and the mobile device have been reported to be lost, the one-time authentication is disabled by transmitting a one-time authentication disable code (or command) to the mobile phone through a wireless communication network. The present invention provides a loss processing system for a wireless disposable authentication mobile phone having a transmission means for processing a function to be disabled.

Loss processing method of the wireless one-time authentication mobile phone according to the present invention, when the customer reports the loss of the mobile phone through the communication company server (or loss reporting server), the information check means in connection with the communication company server (or loss reporting server) the loss Confirming the lost report information on the reported mobile phone-lost mobile phone information and lost date and time information; and upon confirming the lost report information, a terminal verification means uses a one-time authentication for the lost reported mobile phone based on the lost report information Checking whether a function for processing a key-based wireless security authentication is provided; and if the lost-reported mobile phone is equipped with a one-time authentication key-based wireless security authentication function, a one-time authentication disable code from the transmission means to the mobile phone through a wireless communication network. (Or command) to process the one-time authentication function to be disabled It characterized by comprising.

In the loss processing method of the wireless one-time authentication mobile phone according to the present invention, the one-time authentication disable code (or command), the one-time authentication key generation screen on the one-time authentication area processing the one-time authentication key-based wireless security authentication in the mobile phone (Or an interface), or processing to prevent the one-time authentication key input interface from being output, or preventing a one-time authentication key for processing the one-time authentication key based wireless security authentication from the mobile phone or generating the one-time authentication key in the mobile phone. Create a one-time authentication key provided to process the one-time authentication key for processing the wireless security authentication based on the communication network or to generate a one-time authentication key for processing the one-time authentication key-based wireless security authentication in the mobile phone Change (or delete) information It is characterized in that the processing to be disabled.

On the other hand, it includes a recording medium recording a program for executing the above-described loss processing method of the wireless one-time authentication mobile phone.

On the other hand, the loss processing system of the wireless disposable authentication mobile phone according to the present invention, the one-time authentication key-based wireless security authentication to the mobile phone reported lost in connection with the communication company server (or lost report server) that receives and processes the customer's mobile phone lost report If the terminal confirmation means and the one-time authentication key-based wireless security authentication function is provided in the mobile phone has been reported that the loss function is provided, by sending a one-time authentication disable code (or command) to the mobile phone through a wireless communication network Characterized in that the transmission means for processing so that the one-time authentication function is disabled.

Hereinafter, with reference to the accompanying drawings and description will be described in detail the operating principle of the preferred embodiment of the present invention. However, the drawings and the following description shown below are for the preferred method among various methods for effectively explaining the features of the present invention, the present invention is not limited only to the drawings and description below. In addition, in the following description of the present invention, if it is determined that a detailed description of a related known function or configuration may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted. In addition, terms to be described below are terms defined in consideration of functions in the present invention, which may vary according to a user's or operator's intention or custom. Therefore, the definition should be made based on the contents throughout the present invention.

In addition, preferred embodiments of the present invention to be carried out below are provided in each system functional configuration to efficiently describe the technical components constituting the present invention, or system functions that are commonly provided in the technical field to which the present invention belongs. The configuration will be omitted, and described mainly on the functional configuration to be additionally provided for the present invention. If those skilled in the art to which the present invention pertains, it will be able to easily understand the function of the components that are conventionally used among the omitted functional configuration not shown below, and also the configuration omitted as described above The relationship between the elements and the components added for the present invention will also be clearly understood.

In addition, the following examples will be used to appropriately modify, integrate, or separate the terminology so that those skilled in the art to which the present invention pertains may clearly understand the present invention. The present invention is by no means limited thereto. That is, each means described above is a server (or terminal) provided on the system shown in the following embodiments, or is a predetermined functional configuration provided in at least one or more servers (or terminals), or at least one or more servers. (Or a terminal) may be an association of at least two or more functional components. In addition, the server (or terminal) shown in the following embodiment is shown to include at least two or more functional components for achieving the technical features of the present invention for convenience, the functional component shown in the server (or terminal) Matched with the above-described means may be provided in two or more different servers (or terminals) according to the role and function of each functional component and the corresponding server (or terminal) operator (or operator), whereby the present invention is not limited No.

As a result, the technical spirit of the present invention is determined by the claims, and the following examples are one means for efficiently explaining the technical spirit of the present invention to those skilled in the art to which the present invention pertains. It is only.

1 is a diagram showing the configuration of a one-time authentication key-based wireless security authentication processing system according to an embodiment of the present invention.

In more detail, FIG. 1 illustrates a state in which a terminal screen including at least one of a desktop, a content using screen, a web access screen, a financial transaction screen, and a payment screen is output on a screen of a wireless terminal 100 used by a customer. When the one-time authentication key-based wireless security authentication processing through the wireless terminal 100 is required, a one-time authentication area including a one-time authentication screen for processing the one-time authentication key-based wireless security authentication is output on the screen of the wireless terminal 100. After processing so as to, and the system configuration for processing the wireless security authentication based on one-time authentication key through the one-time authentication area, those of ordinary skill in the art to which the present invention belongs, refer to and / or Figure 1 It can be inferred by various implementation methods for the system configuration to handle the one-time authentication key-based wireless security authentication by transforming And, the invention is made, including any exemplary way in which the inference, to which the technical feature that is not limited to the exemplary method shown in the figure 1.

Referring to FIG. 1, the one-time authentication key-based wireless security authentication processing system includes a program providing server 125 that provides the one-time authentication program to at least one or more wireless terminals 100 through a wireless communication network, and a wireless communication network. One-time authentication for accessing the program providing server 125 to download the one-time authentication program and recording it on a recording medium, and then processing the one-time authentication key based wireless security authentication on the screen of the wireless terminal 100 through the one-time authentication program. After processing to output the one-time authentication area including the screen, the wireless terminal 100 to process the one-time authentication key-based wireless security authentication through the one-time authentication area, and the one-time authentication generated by the wireless terminal 100 Authentication server 130 for processing the one-time authentication key based wireless security authentication by checking the validity of the key ), A management server 110 for remotely disabling / activating the one-time authentication program provided in the wireless terminal 100 on a communication network, and various financial transactions (or payment) based on a result of validating the one-time authentication key. To at least one or more wireless servers 150 to provide authentication-based additional services.

Here, the one-time authentication program is characterized in that it is basically provided with a one-time authentication function for processing the one-time authentication key-based wireless security authentication, additionally receiving a one-time authentication disable code (or command) from the management server 110 If so, characterized in that the one-time authentication function based on the one-time authentication key-based wireless security authentication is made to have a function for processing to be disabled, according to the intention of those skilled in the art from the management server 110 one-time authentication activation code (or command ) Is received, it is preferable that the one-time authentication key-based wireless security authentication further comprises a function of processing to activate the one-time authentication function for processing.

In addition, the wireless server 150 has a financial server 135 having at least one financial transaction function based on the one-time authentication key-based wireless security authentication, and at least one payment settlement according to the one-time authentication key-based wireless security authentication. Payment server 140 having a function, and a wireless web server 145 having various member authentication / service authentication / terminal authentication function according to the one-time authentication key-based wireless security authentication, etc. are preferably included. Do.

In addition, the wireless communication network includes at least one base station, a control station for controlling the base station and at least one server (or device) for controlling and operating a wireless communication network including the base station and the control station ( 105).

2 is a diagram illustrating a program providing system configuration for downloading and remotely mounting a one-time authentication program to a wireless terminal according to an embodiment of the present invention.

In more detail, Figure 2 is a one-time authentication key-based wireless security authentication processing for the one-time authentication key-based wireless security authentication processing through the wireless terminal 100 used by the customer through the wireless communication network in the wireless security authentication processing system is required, the After processing to output a one-time authentication area including a one-time authentication screen for processing a one-time authentication key-based wireless security authentication on the screen of the wireless terminal 100, processing a one-time authentication key based wireless security authentication through the one-time authentication area. As a configuration of a system for downloading a one-time authentication program to the wireless terminal 100 and remotely mounting it, a person having ordinary knowledge in the technical field to which the present invention pertains refers to and / or modified the wireless terminal 100 with reference to FIG. Various implementation methods for downloading and remote mounting the one-time authentication program to 100 Would be able to infer, the present invention includes all the embodiments in which the inference method, not limited by the exemplary method shown in the figure 2.

For example, the one-time authentication program is downloaded to a wired terminal (for example, a wired terminal used by a customer, or a wired terminal used by a window employee) through a wired communication network in the program providing system, and then the wired terminal and the wireless terminal 100. It is possible to be mounted on the wireless terminal 100 through a cable communication connecting), or it is possible to manufacture so that the one-time authentication program is mounted on the wireless terminal 100 from the manufacturer of the wireless terminal 100, The present invention is characterized in that it comprises all the possible inference methods.

Hereinafter, the components on the wireless security authentication processing system for downloading and remotely mounting the one-time authentication program to the wireless terminal 100 in FIG. 2 are referred to as "program providing server 125" for convenience, and the program providing server 125 ) Is implemented in the form of a server (or device) provided on the wireless security authentication processing system as shown in Figure 2, or to download the one-time authentication program to the wireless terminal 100 to remotely mount It is possible to be implemented in the form of functional components provided in the authentication server 130 on the wireless security authentication processing system, whereby it will be apparent that the present invention is not limited.

Referring to FIG. 2 according to an embodiment of the present invention, the program providing system is connected to the program providing server 125 via a wireless communication network to download the one-time authentication program and record it on a recording medium. And a program providing server 125 connected to the wireless terminal 100 through a wireless communication network to provide the one-time authentication program to the wireless terminal 100, and provided to the wireless terminal 100. It characterized in that it further comprises an authentication server 130 provided in the wireless security authentication processing system, including at least one or more functional configuration for the one-time authentication key-based wireless security authentication processing through an authentication program.

The wireless terminal 100 is a mobile communication terminal connected to a code division multiple access (CDMA) / Wide-CDMA (WCDMA) based mobile communication network, a wireless communication terminal connected to an HSDPA based wireless communication network, or an IEEE 802.16x based communication. At least one wireless terminal 100 including at least one or more portable Internet terminal connected to the high-speed wireless Internet, characterized in that the wireless terminal 100 is at least provided by the program providing server 125 A function for outputting one or more program providing interface screens, inputting (or selecting) program request information for downloading and remotely mounting the one-time authentication program through the program providing interface screen, and transmitting the program request information to the program providing server 125. Configuration (e.g., browser program and communication functions) It is good.

Those skilled in the art to which the present invention pertains, since the characteristics of the wireless terminal 100 can be easily inferred, the detailed description thereof will be omitted for convenience.

According to an embodiment of the present invention, the wireless communication network to which the wireless terminal 100 accesses preferably includes at least one of the CDMA based mobile communication network, the HSDPA based wireless communication network, or the IEEE 802.16x based high speed wireless Internet. Do.

The wireless communication network to which the wireless terminal 100 connects includes at least one or more base stations, a control station for controlling the base station, and at least one server (or apparatus) for controlling and operating a wireless communication network including the base station and the control station. It characterized in that it comprises a network operation system 105 including a).

The base station is located at an end of the wireless communication network connecting a wireless section with at least one wireless terminal 100 located in a cell (eg, frequency reach) according to a wireless communication protocol defined in the wireless communication network. As a component, it is characterized in that the network operation system 105 to control and operate the radio terminal 100 through the control station.

According to an embodiment of the present invention, when the wireless communication network is a CDMA / WCDMA / GSM-based wireless communication network, the base station connects a wireless section with at least one wireless terminal 100 based on the CDMA / WCDMA / GSM wireless protocol stack. It is desirable to.

According to another exemplary embodiment of the present invention, when the wireless communication network is an HSDPA-based wireless communication network, the base station preferably connects a wireless section with at least one wireless terminal 100 based on the HSDPA wireless protocol stack.

According to another embodiment of the present invention, when the wireless communication network is an IEEE 802.16x based wireless communication network, the base station includes at least one based on a wireless physical (PHY) layer and a media access control (MAC) layer of the IEEE 802.16x protocol. It is preferable to connect the wireless terminal 100 and the wireless section.

The control station is a component on a wireless communication network that controls at least one base station and connects the base station and the network management system 105 in a wired section. When the wireless communication network is a CDMA / WCDMA / GSM-based wireless communication network, Preferably, the control station includes a base station controller (BSC). When the wireless communication network is an IEEE 802.16x based wireless communication network, the control station includes a packet access router (PAR). It is preferable.

The network operation system 105 controls at least one or more radio terminals 100 connectable to the radio communication network through at least one or more base stations in association with the control station, and at least one other radio with the radio terminal 100. It is characterized by connecting a communication channel (or a call channel) with a server on the terminal 100 or a communication network, and calculating various communication charges and additional service use charges corresponding to the communication plan subscribed to by the wireless terminal 100. .

According to an embodiment of the present invention, when the wireless communication network is a CDMA / WCDMA / GSM-based wireless communication network, the network operation system 105 may include a mobile switching center (MSC) and an HLR (Mobile Switching Center) for processing circuit switching. Interworking function that provides circuit data service and / or packet data service for wireless data communication and connection with other networks in the network infrastructure for voice call and home location register (VLR). IWF), various message centers (e.g., short message center (SMC), multimedia message center (MMC), etc.) and various additional service server farms, and SGSN for processing packet exchange. (Serving GPRS Support Node), GGSN (Gateway GPRS Support Node) and RNC (Radio Network Controller) are preferably included.

According to another exemplary embodiment of the present invention, when the wireless communication network is an IEEE 802.16x based wireless communication network, the network operation system 105 may include a home agent (HA) for mobility of IP with respect to the wireless terminal 100, AAA (Authentication, Authorization and Accounting) server for authentication of the user, a network management server 110 (Network Management System), a FA (Foreign Agent) interworking with the wireless communication network and at least one external wireless network, and It is preferable to include a Dynamic Host Configuration Protocol (DHCP) server and DNS for allocating and registering Mobile IP (MIP) to the wireless terminal 100.

According to the present invention, the program providing server 125 connects and manages a communication channel with the wireless terminal 100 through the wireless communication network to provide a web interface corresponding to the wireless terminal 100 and a wireless communication network. It characterized in that it comprises an interface unit 200, whereby the program providing server 125 has a function of a web server that is connected to the wireless terminal 100 and a communication via a wireless communication network.

According to an embodiment of the present invention, when the wireless terminal 100 is a mobile communication terminal to which a communication channel is connected through a CDMA / WCDMA-based wireless communication network, the interface unit 200 is connected to the wireless terminal 100 and the WAP. (Wireless Markup Language) or WML (Wireless Markup Language) or the like to connect a communication channel based on (Wireless Application Protocol) or ME (Mobile Explorer) protocol (or full-browsing-based wireless Internet-based), and through the communication channel to the wireless terminal 100 It is preferable to perform a function of transmitting and outputting a program providing interface screen in the form of an HTML compatible document and receiving and processing program request information corresponding to the program providing interface screen from the wireless terminal 100.

According to an embodiment of the present invention, when the wireless terminal 100 is a wireless communication terminal to which a communication channel is connected through an HSDPA-based wireless communication network, the interface unit 200 is connected to the wireless terminal 100 and the HSDPA. A communication channel is connected based on a corresponding wireless protocol, and the program providing interface screen in the form of an HTML compatible document is transmitted to the wireless terminal 100 through the communication channel and outputted, and the program is provided from the wireless terminal 100. It is preferable to perform a function of receiving and processing program request information corresponding to an interface screen.

According to another exemplary embodiment of the present invention, when the wireless terminal 100 is a wireless terminal 100 through which a communication channel is connected through an IEEE 802.16x based wireless communication network, the interface unit 200 may include the wireless terminal ( 100) is connected to a communication channel based on a wireless protocol corresponding to the IEEE 802.16 standard, and transmits and outputs a program providing interface screen to the wireless terminal 100 through the communication channel, and outputs from the wireless terminal 100. It is preferable to perform a function of receiving and processing predetermined program request information corresponding to the program providing interface screen.

According to the present invention, the program providing server 125 when the wireless terminal 100 is connected to the program providing server 125 via the interface unit 200, in conjunction with the interface unit 200, the wireless terminal And an interface providing unit 205 for generating (or extracting) a program providing interface screen for inputting (or selecting) and transmitting program request information at 100.

The interface providing unit 205 is provided in the wireless terminal 100 when the wireless terminal 100 is connected to the program providing server 125 (or a one-time authentication program providing request) through the interface unit 200. A program providing interface screen for inputting (or selecting) program request information corresponding to a function configuration (for example, a browser program provided in the wireless terminal 100) and transmitting the program request information to the program providing server 125 through the wireless communication network. Or extracting from a database (not shown) and providing the generated (or extracted) program providing interface screen to the wireless terminal 100 through the wireless communication network in association with the interface unit 200. It features.

Thereafter, the wireless terminal 100 inputs (or selects) program request information on the basis of the program providing interface screen, and transmits the input (or selected) program request information to the program providing server 125 through the wireless communication network. To send).

Here, the program request information is customer information (eg, customer member information including the member ID information and password information of the customer, or the name of the customer, requesting to provide the one-time authentication program to the wireless terminal 100). Customer personal information including at least one social security number, address, contact information, etc.) and operating system (or platform) information provided in the wireless terminal 100 on which the one-time authentication program is mounted. , At least one mobile identification number (MIN), a serial number (Electronic Serial Number; ESN), USIM (Universal Subscriber Identity Module (USIM) information, etc.) and carrier information and terminal model information, etc. It is preferable to include information.

According to the present invention, the program providing server 125 is a program D / B 230 for storing at least one or more program sources or program files corresponding to the one-time authentication program to be provided to the wireless terminal 100, and the wireless When the program request information is received from the terminal 100, the one-time authentication program corresponding to the program request information is extracted or dynamically generated from the program D / B 230 and the wireless terminal through the interface unit 200. It characterized in that it comprises a program providing unit 210 provided to (100).

According to one embodiment of the invention, the program D / B 230 is characterized in that for storing a one-time authentication program file that can be operated in the operating system (or terminal platform) provided in the wireless terminal 100 When the program request information is received from the wireless terminal 100, the program providing unit 210 extracts a one-time authentication program file matching the program request information from the program D / B 230. It is done.

According to another exemplary embodiment of the present invention, the program D / B 230 stores a one-time authentication program source capable of operating in an operating system (or terminal platform) provided in the wireless terminal 100. When the program request information is received from the wireless terminal 100, the program providing unit 210 extracts a one-time authentication program source matching the program request information from the program D / B 230, and Compile the extracted one-time authentication program source (Compile), characterized in that for dynamically generating a one-time authentication program to be provided to the wireless terminal (100).

Thereafter, the program providing unit 210 provides the extracted (or dynamically generated) one-time authentication program through the wireless communication network to the wireless terminal 100 through the interface unit 200 and remotely mounts the present invention. Those skilled in the art will be familiar with the method of remotely mounting the one-time authentication program (for example, the method of remotely mounting the wireless terminal 100 by attaching a program provider certificate). Detailed description thereof will be omitted for convenience.

The one-time authentication program provided to the wireless terminal 100 by the program providing unit 210 has a function of checking whether a one-time authentication key-based security authentication using the wireless terminal 100 is processed, and when checking the security authentication. And a function of outputting a one-time authentication area for processing the one-time authentication key-based wireless security authentication in a predetermined area (or entire area) on the screen of the wireless terminal 100, and the one-time authentication area is generated through the one-time authentication area. And a one-time authentication function comprising at least one function of processing the wireless security authentication based on an authentication key, and when a one-time authentication disable code (or command) is received from the management server 110. In order to disable the one-time authentication function for processing the wireless authentication based on the one-time authentication key Characterized in that it has a function to process, if one-time authentication activation code (or command) is received from the management server 110 according to the intention of those skilled in the art, one-time authentication function for processing the wireless authentication based on one-time authentication key It is preferable to further comprise a function of processing to be activated.

When the one-time authentication program is downloaded and remotely mounted to the wireless terminal 100 through the program providing unit 210, the wireless terminal 100 first executes the one-time authentication program to validate the one-time authentication program. Initiate the program diagnostic mode for authenticating, for this purpose, the program providing server 125 is connected to the one-time authentication program provided in the wireless terminal 100 to diagnose the validity of the one-time authentication program ( 215) characterized by comprising.

According to an exemplary embodiment of the present invention, the program diagnostic mode generates and transmits a one-time authentication key according to a one-time authentication key-based wireless security authentication procedure in the one-time authentication program provided in the wireless terminal 100. It is desirable to include verifying that the key is valid.

Here, the one-time authentication key-based wireless security authentication, it is preferable that at least one or more of the one-time authentication key generation method of the time-sync (Challenge-Response) method (Time-Synchoronous).

According to the present invention, the program providing server 125 is downloaded to the wireless terminal 100 and the one-time authentication management information corresponding to the remote-mounted one-time authentication program and the one-time authentication program request the wireless terminal 100 Characterized in that it comprises an information storage unit 220 for storing the information stored in the one-time authentication management D / B (225) by processing the customer information and the wireless terminal 100 information requested to be mounted on.

According to the method of the present invention, the information storage unit 220 is downloaded to the wireless terminal 100 and remotely mounted the one-time authentication when the validity of the one-time authentication program is confirmed as a result of the diagnosis of the diagnosis unit 215 Preferably, the management information, the customer information corresponding to the customer who has transmitted the program request information, and the wireless terminal 100 information are cooperatively processed and stored in a cooperative process with a predetermined one-time authentication management D / B 225. The one-time authentication management information, the customer information and the wireless terminal 100 information stored in the one-time authentication management D / B 225 is used for the one-time authentication key-based wireless security authentication processing in a wireless security authentication processing system. do.

3 is a diagram showing the configuration of wireless terminal information with a one-time authentication program according to the embodiment of the present invention.

In more detail, FIG. 3 illustrates that the wireless terminal 100 illustrated in the program providing system illustrated in FIG. 2 is a mobile communication terminal. Regarding the configuration of the wireless terminal 100 information provided in the one-time authentication management D / B 225, those skilled in the art to which the present invention pertains, the present invention is referred to and / or modified by the present figure 3 Various implementation methods for the configuration of the information of the wireless terminal 100 having the authentication program may be inferred, but the present invention includes all the implementation methods inferred above, and the technical description is given only by the implementation method shown in FIG. Features are not limited.

For example, those of ordinary skill in the art to which the present invention pertains may refer to and / or modify this drawing 3 so that the wireless terminal 100 is an HSDPA-based wireless communication terminal in addition to the mobile communication terminal, or IEEE 802.16.x. In the case of a portable Internet terminal, it is possible to infer the configuration of the one-time authentication management information stored in the one-time authentication management D / B 225, and also omitted for convenience in the configuration of the wireless terminal 100 shown in FIG. Inferred information items will be inferred, and it will be apparent that the present invention includes all such inferred methods of implementation.

Referring to FIG. 3, the wireless terminal information includes at least one wireless terminal 100 of a telephone number (MIN), a serial number (ESN), and USIM information (USIM) of the wireless terminal 100 equipped with the one-time authentication program. Characterized by including the unique information, and may further include the platform information, the carrier information and the terminal model information for the wireless terminal 100.

4 is a diagram illustrating one-time authentication management information provided to a wireless terminal according to an embodiment of the present invention.

In more detail, Figure 4 is a mobile terminal 100 shown in the program providing system shown in Figure 2 is a mobile communication terminal, a one-time authentication key in a time-synchronous (Time-Synchoronous) method to the wireless terminal 100; When providing and mounting a one-time authentication program to generate, showing the configuration of the one-time authentication management information stored in the one-time authentication management D / B 225 shown in the program providing system shown in Figure 2, the present invention Those skilled in the art will be able to infer various implementation methods for constructing the one-time authentication management information provided to the wireless terminal 100 by referring to and / or modifying the present invention. It is made to include all the implementation methods inferred, the technical features are not limited only to the implementation method shown in FIG.

For example, those of ordinary skill in the art to which the present invention pertains may refer to and / or modify the drawing 4 so that the wireless terminal 100 is an HSDPA-based wireless communication terminal in addition to the mobile communication terminal, or IEEE 802.16.x. In the case of the portable Internet terminal, it is possible to infer the configuration of the one-time authentication management information stored in the one-time authentication management D / B 225, and also the information omitted for convenience in the one-time authentication management information configuration shown in FIG. It will be apparent that the items will be inferred and the present invention includes all such inferred methods of implementation.

According to the present invention, the one-time authentication program mounted on the wireless terminal 100 through the program providing system shown in FIG. 2 is mounted on the wireless terminal 100 owned by the customer to generate a one-time authentication key. By this, the one-time authentication program is characterized in that it comprises a program code that can be driven or operated in the customer wireless terminal 100 platform. For example, if the wireless terminal 100 is equipped with a WIPI (Wireless Internet Platform for Interoperability) platform, the one-time authentication program includes a program code operating on a WIPI basis, and other platforms (eg, GVM / SK- If VM / BREW is installed), it includes program code that runs on the platform.

In FIG. 4, the one-time authentication program is provided in the program D / B 230 shown in FIG. 2 in the form of a precompiled program, or the program shown in FIG. 2 in the form of source code to be compiled. It is characterized in that stored in the D / B (230).

According to an embodiment of the present invention, when the one-time authentication program is provided in the program D / B 230 in the form of a pre-compiled program, the wireless terminal 100 through the wireless communication network in the program providing server 125 At the time of providing and mounting the one-time authentication program, at least one or more one-time authentication key generation information corresponding to the one-time authentication program (eg, a secret key value corresponding to a number randomly generated by the program providing server 125) ) Together with the wireless terminal 100 to be stored in a storage device (eg, a memory unit of the wireless terminal 100, or a chip memory unit provided in an IC chip mounted on or detached from the wireless terminal 100). Preferably, the disposable authentication program mounted on the wireless terminal 100 generates a one-time authentication key. The authentication program extracts at least one piece of one-time authentication key generation information from the storage device, and generates a one-time authentication key based on the one-time authentication key generation information.

According to another embodiment of the present invention, when the one-time authentication program is stored in the program D / B 230 in the form of source code to be compiled, the program providing server 125 sends the wireless terminal 100 to the wireless terminal 100. At the time of providing the one-time authentication program, the one-time use of at least one or more one-time authentication key generation information corresponding to the one-time authentication program (for example, a secret key value corresponding to a number randomly generated by the program providing server 125) It is assigned to the one-time authentication key generation information variable included in the authentication program source code, and the one-time authentication program is compiled by compiling the one-time authentication program source code in which at least one or more one-time authentication key generation information is assigned to the one-time authentication key generation information variable. A one-time authentication program generated dynamically as described above. Preferably, a RAM is provided to the wireless terminal 100 through a wireless communication network and mounted thereon. Then, when the one-time authentication program mounted on the wireless terminal 100 generates the one-time authentication key, the one-time authentication program is It is preferable to generate a one-time authentication key based on the one-time authentication key generation information substituted in the one-time authentication program internal variable.

According to another exemplary embodiment of the present invention, even when at least one or more one-time authentication key generation information is substituted into the one-time authentication program as described above, the dynamically generated one-time authentication program to the wireless terminal 100 according to the intention of a person skilled in the art. At the time of providing and mounting, at least one or more other disposable authentication key generation information is provided together with the wireless terminal 100 and stored in a storage device, and then the one-time authentication program mounted on the wireless terminal 100 is disposable. At the time of generating the authentication key, it is possible to generate a one-time authentication key using both the one-time authentication key generation information provided in the one-time authentication program and the one-time authentication key generation information provided in the storage device, thereby The present invention is not limited.

Referring to FIG. 4, the one-time authentication management information provided to the wireless terminal 100 through the program providing system shown in FIG. 2 is an operating system (or platform) for the wireless terminal 100 on which the one-time authentication program is mounted. Information), a version of the one-time authentication program, an authentication key generation algorithm, at least one or more one-time authentication key generation information, or a one-time authentication key update period. It may be further included, but the present invention is not limited by the information item.

The operating system (or platform) information included in the one-time authentication management information includes a type of operating system (or platform) included in the wireless terminal 100 equipped with the one-time authentication program through the program providing system illustrated in FIG. 2. Preferably, the operating system (or platform) information is used to identify an operating system (or platform) of the one-time authentication program to be provided to the wireless terminal 100 when the one-time authentication program is upgraded.

The version included in the one-time authentication management information includes version information of the one-time authentication program for each platform to be provided to the wireless terminal 100.

According to the embodiment of the present invention, even if the same type of one-time authentication program (for example, one-time authentication program operating on the same platform), the type or version of the authentication key generation algorithm applied according to the version of the one-time authentication program may be different. As a result, since the one-time authentication key generated by the one-time authentication program will also vary, the version information provides information for accurately determining the one-time authentication program mounted on the wireless terminal 100. By the version information of the one-time authentication key agent program it is possible to minimize the one-time authentication key authentication error that may occur in the process of authenticating the one-time authentication key generated in the wireless terminal 100.

The authentication key generation algorithm included in the one-time authentication management information includes hashing algorithm information applied to the one-time authentication program or detailed attribute information of the hashing algorithm. Currently, the most commonly used hashing algorithms for generating authentication keys are MD4, MD5, SHA, and the like, and a hashing algorithm modified from the hashing algorithm according to an application field (for example, SHA-1 hashing algorithm modified from SHA). Is being used.

The one-time authentication key generation information included in the one-time authentication management information is information for generating a one-time authentication key of the time synchronization method, referring to FIG. 4, the one-time authentication key generation information is a time when the one-time authentication key is generated ( Or time) as the first generation information, and is unique to the wireless terminal 100 on which the secret key value corresponding to the value randomly generated by the program providing server 125 or the one-time authentication program is mounted according to the implementation method. It is preferable to use the given MIN / ESN as the second generation information or the third generation information.

Referring to an embodiment of the present invention, when the one-time authentication program uses the MIN / ESN of the wireless terminal 100 as the one-time authentication key generation information for generating the one-time authentication key, the MIN / ESN is a one-time authentication as it is. The MIN / ESN may be used as key generation information, and the MIN / ESN has an excessively large value to prevent the one-time authentication program from overflowing in the process of generating the one-time authentication key. It is possible to convert the data to a value within a certain size by applying a hash function to the device, which is determined according to the intention of a person skilled in the art or the computing power of the wireless platform.

The one-time authentication key update period of the one-time authentication management information is a time interval in which the one-time authentication key generated by the one-time authentication program is volatilized and invalidated in time when the authentication key generation algorithm follows the time synchronization scheme. In the process of transmitting the one-time authentication key to the authentication server 130 at 100, when it is difficult to transmit the time (or time) information of the one-time authentication key together with the one-time authentication key, the wireless terminal ( It is used to synchronize the one-time authentication key generation time (or time) information between the 100 and the authentication server 130 for a predetermined time. That is, the one-time authentication key generated by the one-time authentication program is transmitted to the authentication server 130 within the one-time authentication key update period, the authentication server 130 has a one-time authentication key authentication code corresponding to the one-time authentication key Should be created. That is, after the one-time authentication key is generated in the one-time authentication program provided in the wireless terminal 100, when the one-time authentication key authentication code is generated within the one-time authentication key update cycle in the authentication server 130, the one-time authentication The validity of the key is authenticated. Therefore, the one-time authentication key update period is a time required to provide the one-time authentication key generated in the wireless terminal 100 to the wireless terminal 100, and to transmit the one-time authentication key to the authentication server 130 It is desirable to determine in consideration of the time required and the time required to generate a one-time authentication key authentication code in the authentication server (130).

According to another exemplary embodiment of the present invention, the authentication key generation algorithm follows a time synchronization scheme and transmits time (or time) information on which the one-time authentication key is generated in the one-time authentication program to the authentication server 130. If it is easy, the one-time authentication key update period may be omitted, or may be set at very short time intervals.

5 is a diagram illustrating one-time authentication management information provided to a wireless terminal according to another embodiment of the present invention.

In more detail, Figure 5 is a wireless terminal 100 shown in the program providing system shown in Figure 2 is a mobile communication terminal, a one-time authentication key in the challenge-response (Challenge-Response) method to the wireless terminal 100 When providing and equipped with a one-time authentication program for generating a, showing the configuration of the one-time authentication management information stored in the one-time authentication management D / B 225 shown in the program providing system shown in Figure 2, the present invention Those skilled in the art may infer various implementation methods for constructing the one-time authentication management information provided to the wireless terminal 100 by referring to and / or modifying the drawing 5. Is made including all the inferred implementation method, the technical features are not limited only to the implementation method shown in FIG.

For example, those of ordinary skill in the art to which the present invention pertains may refer to and / or modify this drawing 5 so that the wireless terminal 100 is an HSDPA-based wireless communication terminal in addition to the mobile communication terminal, or IEEE 802.16.x. In the case of the portable Internet terminal, it is possible to infer the one-time authentication management information configuration stored in the one-time authentication management D / B 225, and also the information omitted for convenience in the one-time authentication management information configuration shown in FIG. It will be apparent that the items will be inferred and the present invention includes all such inferred methods of implementation.

According to the present invention, the one-time authentication program mounted on the wireless terminal 100 through the program providing system shown in FIG. 2 is mounted on the wireless terminal 100 owned by the customer to generate a one-time authentication key. By doing so, the one-time authentication program is characterized in that it comprises a program code that can be driven or operated in the customer wireless terminal 100 platform. For example, if the wireless terminal 100 is equipped with a WIPI (Wireless Internet Platform for Interoperability) platform, the one-time authentication program includes a program code operating on a WIPI basis, and other platforms (eg, GVM / SK- If VM / BREW is installed), it includes program code that runs on the platform.

In FIG. 5, the one-time authentication program is provided in the program D / B 230 shown in FIG. 2 in the form of a precompiled program, or in the form of source code to be compiled. It is characterized in that stored in the D / B (230).

According to an embodiment of the present invention, the one-time authentication program is provided in the program D / B 230 in the form of a pre-compiled program, and the one-time authentication program is used to generate the one-time authentication key from the authentication server 130. And a challenge value as one-time authentication key generation information. The program providing server 125 may provide the one-time authentication program to the customer wireless terminal 100 through a wireless communication network, and then mount the one-time authentication key. At the time when the one-time authentication program mounted on the wireless terminal 100 generates the one-time authentication key, the one-time authentication program generates the one-time authentication key based on the challenge value received from the authentication server 130. Do.

According to another embodiment of the present invention, when the one-time authentication program is provided in the program D / B 230 in the form of a precompiled program, the wireless terminal 100 through the wireless communication network in the program providing server 125 At the time when the one-time authentication program is provided and mounted, at least one one-time authentication key generation information corresponding to the one-time authentication program (eg, a secret key corresponding to a random number generated by the program providing server 125) Value) together with the wireless terminal 100 to a storage device (e.g., a memory unit of the wireless terminal 100, or a chip memory unit provided in an IC chip mounted or detached from the wireless terminal 100). Preferably, the one-time authentication program mounted on the wireless terminal 100 generates a one-time authentication key. Extracts the challenge value received from the authentication server 130 and at least one or more one-time authentication key generation information from the storage device, and generates a one-time authentication key based on the one-time authentication key generation information.

According to another embodiment of the present invention, when the one-time authentication program is stored in the one-time authentication management D / B 225 in the form of source code to be compiled, the wireless terminal 100 in the program providing server 125. At the time of providing the one-time authentication program with a), at least one or more one-time authentication key generation information corresponding to the one-time authentication program (for example, a secret key value corresponding to a number randomly generated by the program providing server 125) Is substituted into the one-time authentication key generation information variable included in the one-time authentication program source code, and the one-time authentication program source code in which at least one or more one-time authentication key generation information is substituted into the one-time authentication key generation information variable Create a one-time authentication program, dynamically generated one-time as described above It is preferable to provide an authentication program to the wireless terminal 100 through a wireless communication network, and to mount the authentication program. Then, when the one-time authentication program mounted on the wireless terminal 100 generates a one-time authentication key, the one-time authentication program The program may generate a one-time authentication key based on the challenge value received from the authentication server 130 and the one-time authentication key generation information substituted in the one-time authentication program internal variable.

According to another exemplary embodiment of the present invention, even when at least one or more one-time authentication key generation information is substituted into the one-time authentication program as described above, the dynamically generated one-time authentication program to the wireless terminal 100 according to the intention of a person skilled in the art. At the time of providing and mounting, at least one or more other one-time authentication key generation information is provided to the wireless terminal 100 and stored in a storage device, and the one-time authentication program mounted on the wireless terminal 100 is a one-time authentication. At the time of generating the key, the one-time authentication program is a challenge value received from the authentication server 130, the one-time authentication key generation information provided in the one-time authentication program and the one-time authentication key generation information provided in the storage device It is possible to generate a one-time authentication key, etc., whereby the present invention It does not specified.

Referring to FIG. 5, the one-time authentication management information provided to the wireless terminal 100 through the program providing system illustrated in FIG. 2 is an operating system (or platform) for the wireless terminal 100 on which the one-time authentication program is mounted. Information, a version of the one-time authentication program, an authentication key generation algorithm, and at least one or more one-time authentication key generation information, which may further include at least one or more information items according to the intention of a person skilled in the art. The present invention is in no way limited by the terms.

The operating system (or platform) information included in the one-time authentication management information includes a type of operating system (or platform) included in the wireless terminal 100 equipped with the one-time authentication program through the program providing system illustrated in FIG. 2. Preferably, the operating system (or platform) information is used to identify an operating system (or platform) of the one-time authentication program to be provided to the wireless terminal 100 when the one-time authentication program is upgraded.

The version included in the one-time authentication management information includes version information of the one-time authentication program for each platform to be provided to the wireless terminal 100.

According to the embodiment of the present invention, even if the same type of one-time authentication program (for example, one-time authentication program operating on the same platform), the type or version of the authentication key generation algorithm applied according to the version of the one-time authentication program may be different. As a result, since the one-time authentication key generated by the one-time authentication program will also vary, the version information provides information for accurately determining the one-time authentication program mounted on the wireless terminal 100. By the version information of the one-time authentication key agent program it is possible to minimize the one-time authentication key authentication error that can occur in the process of authenticating the one-time authentication key generated in the wireless terminal 100.

The authentication key generation algorithm included in the one-time authentication management information includes hashing algorithm information applied to the one-time authentication program or detailed attribute information of the hashing algorithm. Currently, the most commonly used hashing algorithms for generating authentication keys are MD4, MD5, SHA, and the like, and a hashing algorithm modified from the hashing algorithm according to an application field (for example, SHA-1 hashing algorithm modified from SHA). Is being used.

The one-time authentication key generation information included in the one-time authentication management information is information for generating a one-time authentication key of the time synchronization method, referring to FIG. 5, the one-time authentication key generation information is provided in the wireless terminal 100. At the time when the one-time authentication program generates the one-time authentication key, the challenge value provided to the wireless terminal 100 through the authentication server 130 as first generation information, and the program providing server 125 according to the implementation method. Secret key value corresponding to the randomly generated value) or MIN / ESN uniquely assigned to the wireless terminal 100 on which the one-time authentication program is mounted, is used as the second generation information or the third generation information. Do.

According to the exemplary embodiment of the present invention, the challenge value is an arbitrary value randomly generated by the authentication server 130 at the time when the one-time authentication program provided to the wireless terminal 100 generates the one-time authentication key. The challenge server 130 transmits the challenge to the wireless terminal 100 until a one-time authentication key (for example, a response corresponding to the challenge) generated based on the challenge value is received from the wireless terminal 100. It is preferable to maintain a value, and when the one-time authentication key is received, it is preferable to generate the one-time authentication key authentication code based on the challenge value to authenticate the received one-time authentication key.

Referring to an embodiment of the present invention, when the one-time authentication program uses the MIN / ESN of the wireless terminal 100 as the one-time authentication key generation information for generating the one-time authentication key, the MIN / ESN is a one-time authentication as it is. The MIN / ESN may be used as key generation information, and the MIN / ESN has an excessively large value to prevent the one-time authentication program from overflowing in the process of generating the one-time authentication key. It is possible to convert the data to a value within a certain size by applying a hash function to the device.

6 is a diagram illustrating a process of remotely downloading and downloading the one-time authentication program to a wireless terminal according to an embodiment of the present invention.

In more detail, Figure 6 relates to a process of downloading and remotely mounting the one-time authentication program from the program providing server 125 to the wireless terminal 100 through the program providing system shown in Figure 2, the present invention Those skilled in the art will be able to infer various implementation methods for downloading and remotely mounting the one-time authentication program to the wireless terminal 100 by referring to and / or modifying the drawing 6, The present invention includes all the inferred implementation methods, and is not limited by the implementation method shown in FIG.

Hereinafter, in FIG. 6, the wireless terminal 100 shown in FIG. 2 is referred to as a "terminal" for convenience, and the program providing server 125 shown in FIG. 2 is referred to as a "server" for convenience.

Referring to FIG. 6, the terminal accesses the server through a wireless communication network, requests the server to download and remotely mount the one-time authentication program (600), and correspondingly, the server sends the one-time authentication program to the server. A program providing interface screen for providing to the wireless terminal 100 is extracted (or generated) and provided to the terminal (605).

Thereafter, the terminal inputs (or selects) program request information through the program providing interface screen (610), and transmits the input (or selected) program request information to the server through the wireless communication network (615). In response, the server extracts (or dynamically generates) a one-time authentication program matching the program request information from the program D / B 230 (620), and extracts the one-time authentication program (or dynamically generated). It is provided to the terminal via the wireless communication network to be mounted remotely (625).

If the one-time authentication program is remotely mounted to the terminal (630), the terminal executes the one-time authentication program to initiate a diagnostic mode for the one-time authentication program (635), and the terminal correspondingly the one-time authentication Generate a validity diagnostic information through a program and transmit it to the server through the wireless communication network (640), the server receives and read the received validity diagnostic information to confirm the validity of the one-time authentication program (645)

According to an embodiment of the present invention, if the diagnostic mode for the one-time authentication program is generated and transmitted according to the one-time authentication key-based wireless security authentication procedure in the one-time authentication program provided in the wireless terminal 100, It is preferable that the one-time authentication key comprises a check that is valid.

If the validity of the one-time authentication program is not confirmed (650), the server generates program diagnostic error information and transmits the terminal to the terminal through the wireless communication network (655), and then the program providing interface screen to the terminal. And receiving program request information, and extracting (or dynamically generating) a one-time authentication program corresponding to the received program request information and remotely mounting the terminal to the terminal.

On the other hand, if the validity of the one-time authentication program is confirmed (650), the server is a one-time authentication management information corresponding to the one-time authentication program mounted on the terminal, and the customer information and wireless corresponding to the customer who transmitted the program request information The terminal 100 is linked to the information stored in the one-time authentication management D / B 225 (660), and then the one-time authentication management information and the customer information and the wireless terminal stored in the one-time authentication management D / B (225) ( 100) the information may be used for the one-time authentication key-based wireless security authentication processing in a wireless security authentication processing system.

7 is a diagram illustrating a wireless terminal function configuration having a one-time authentication key based wireless security authentication processing function according to an embodiment of the present invention.

In more detail, in FIG. 7, when the wireless terminal 100 illustrated in the program providing system illustrated in FIG. 2 is a mobile communication terminal, a desktop, a content using screen, and a web connection are displayed on a wireless terminal 100 used by a customer. When a one-time authentication key-based wireless security authentication processing is required in a state in which a terminal-side screen including at least one screen, a financial transaction screen, a payment screen, and the like is output in advance, the one-time authentication key-based wireless is displayed on the screen of the wireless terminal 100. After processing to output a one-time authentication area including a one-time authentication screen for processing security authentication, the wireless terminal 100 function configuration with a one-time authentication program for processing a one-time authentication key-based wireless security authentication through the one-time authentication area As shown in the drawings, those of ordinary skill in the art to which the present invention pertains may refer to and / or modify this drawing. Various implementation methods for the function configuration of the wireless terminal 100 having the one-time authentication key-based wireless security authentication processing function can be inferred, but the present invention includes all the inferred implementation methods, and this figure 7 The technical features are not limited only to the implementation method shown in FIG.

For example, those of ordinary skill in the art to which the present invention pertains may refer to and / or modify this drawing 3 so that the wireless terminal 100 is an HSDPA-based wireless communication terminal in addition to the mobile communication terminal, or IEEE 802.16.x. In the case of the portable Internet terminal, it is possible to infer the configuration of the wireless terminal 100 having the one-time authentication key-based wireless security authentication processing function, and the present invention is apparent that the present invention includes all possible inference methods. Two are.

The wireless terminal 100 providing a mobile communication service according to an embodiment of the present invention, in terms of hardware, an external body, a speaker, a microphone, a keypad, a liquid crystal display (LCD), an antenna, and a battery 791. And a predetermined modem chip (e.g., Qualcomm USA) with functions such as a code division multiple access (CDMA) modem, a central processing unit / micro processing unit (CPU / MPU), a vocoder, and the like. (Qualcomm's MSM series modem chip), a variety of memory elements, a duplexer filter that separates transmission and reception signals from one antenna, a power amplifier that amplifies a transmission signal, a high power amplifier (HPA), and a high output transmission signal. On the other hand, the isolator prevents the return phenomenon, the RF / IF SAW filter to remove the unwanted out-of-band unwanted signal, the frequency up circuit of the transmission path, and the frequency down the reception path. Including a circuit circuit, a Voltage Controlled Temperature Compensated X-tal Oscillator (VCTCXO) corresponding to a reference clock source, a UHF frequency synthesizer used as a local signal for frequency up-down conversion, and a codec chip for converting an analog voice signal into a digital signal. The internal components are gradually integrated in the modem chip, and the modem chip provides various multimedia services and / or additional services in addition to the core components for the mobile communication service. Various functions are being integrated together.

Referring to FIG. 7, the wireless terminal 100 having the one-time authentication key based wireless security authentication processing function structurally outputs a control unit 720 corresponding to the modem chip and a screen corresponding to an LCD (Liquid Crystal Display). Corresponding to the unit 700, a sound processing unit 705 corresponding to a microphone / speaker, a key input unit 710 corresponding to a keypad, a wireless processing unit 785 corresponding to an antenna and various RF modules, and a nonvolatile memory Memory unit 790, and a battery 791 for supplying a predetermined power.

In addition, the wireless terminal 100 is an IC chip (eg, USIM (Universal Subscriber Identity) mounted or detached from the wireless terminal 100 to provide various financial (or payment) services and / or various additional services corresponding thereto. Module, or a financial IC chip, etc.) and an IC chip reader 715 for reading / writing at least one or more information (or data) on the IC chip.

In addition, the wireless terminal 100 further includes a camera unit (not shown) that reads predetermined image information for providing various multimedia services and / or various additional services corresponding thereto, and / or a predetermined short range device. And a near field communication unit (not shown) for connecting a near field communication channel with each other.

The controller 720 includes a processor and an execution memory including a CPU / MPU provided in the modem chip in hardware, and provides a predetermined program routine for providing a function specific to the wireless terminal 100 from a predetermined memory device. (Routine) and / or a bus (BUS) for inputting and outputting program data and a predetermined electronic circuit (or integrated circuit) provided for this, characterized in that the memory unit 790 and / or in software A generic term for program routines and / or program data loaded from the memory device (or chipset) into the execution memory and processed by the processor to perform a specific function (hence, the one-time authentication key based wireless security authentication processing function. For convenience, a predetermined program routine recorded on the recording medium of the wireless terminal 100 is provided in the controller 720 for convenience. The program routine included in the controller 720 is basically an operating system routine (not shown) and at least one system management routine (eg, a power management routine, a channel (forward / reverse) management). Routine, handoff routine, etc.), and various functional configurations intended to be implemented in the wireless terminal 100 by the controller 720 are realized.

According to the exemplary embodiment of the present invention, after power is supplied to the wireless terminal 100, the operating system routine (not shown), at least one system management routine (not shown), and various system variables corresponding thereto are stored in the control unit ( By loading into the execution memory included in the 720 and arithmetic processing by the processor, the wireless terminal 100 converts the detailed system setting state, the pilot channel acquisition detail state, the synchronization channel acquisition detail state, and timing according to a predetermined booting procedure. The operation mode corresponding to the "mobile station initialization state" including the detailed state is set.

After performing the booting procedure, the operating system routine (not shown), at least one system management routine (not shown), and various system variables corresponding thereto are loaded into the execution memory included in the controller 720 and loaded into the processor. By the arithmetic processing, the wireless terminal 100 is set to an operation mode corresponding to a "mobile station call waiting state", "system access state", or "call channel state", and so on. Call Processing) procedure.

The screen output unit 700 is a function configuration unit for checking the operation mode operation and the operation state corresponding to the operation mode of the wireless terminal 100, at least one including an LCD provided in the wireless terminal 100 And a screen output device and a driver for driving the screen output device, and outputs at least one key data input through the key input unit 710 in connection with the control unit 720, and / Or output a menu screen, a function processing screen, and a function processing result screen corresponding to at least one or more functions (or programs) included in the wireless terminal 100, and / or are provided (or At least one content (eg, text content, image content, multimedia content) to be downloaded is output.

According to the exemplary embodiment of the present invention, the screen output unit 700 performs a function of screen output means for outputting various function processing screens corresponding to the one-time authentication key-based wireless security authentication processing function and a function processing result screen. desirable.

The sound processor 705 is a functional component that processes input and output of sound in each operation mode of the wireless terminal 100. The sound processor 705 decodes at least one or more encoded sound data and is provided in the wireless terminal 100. And a vocoder and a codec for encoding and encoding a sound signal inputted through a microphone provided in the wireless speaker 100 and / or the microphone provided in the wireless terminal 100. .

According to an exemplary embodiment of the present invention, the sound processor 705 may include a sound corresponding to a predetermined ring back tone through the speaker in an operation mode corresponding to the “system access state” among the operation modes of the wireless terminal 100. It is preferable to decode and output data, and / or to encode and input a predetermined voice signal through a microphone in an operation mode corresponding to the "call channel state", or to decode and output a predetermined voice signal through a speaker. .

In addition, the sound processing unit 705 plays at least one sound content and / or multimedia content provided (or downloaded) by the wireless terminal 100 in at least one operation mode including the "mobile station call waiting state." In this case, it is preferable to decode and output sound data corresponding to the reproduced content.

According to an embodiment of the present invention, the sound processor 705 preferably performs a function of sound output means for decoding and outputting sound data corresponding to the one-time authentication key based wireless security authentication processing function.

The key input unit 710 is provided with at least one key button including a predetermined number key and / or a character key and / or a function key. And a driver for driving the key input device, thereby detecting at least one key input signal generated by clicking (or entering) the key button in the key input device. It is characterized by.

According to the present invention, when a predetermined key input signal is detected from a predetermined key button provided in the key input device in a predetermined input mode and / or at least one or more operation modes controlled by the controller 720, the key. The input unit 710 generates a predetermined key event (eg, MH_KEY_PRESSEVENT, MH_KEY_REPEATEVENT, MH_KEY_RELEASEEVENT) corresponding to the detected key input signal, and provides the generated key event to the controller 720. The controller 720 reads predetermined key data corresponding to the key event in the current input mode and / or operation mode of the wireless terminal 100 (eg, a specific key event in each input mode and / or operation mode). Read key data from the key table that stores (manages) at least one key data corresponding to the key event; and / or And a command for executing a predetermined function matched with the vent.

According to the exemplary embodiment of the present invention, the key input unit 710 inputs a predetermined telephone number in an operation mode corresponding to the "mobile station call waiting state" of each operation mode of the wireless terminal 100, and inputs a predetermined " By inputting a "call" button, it is preferable to change the operation mode of the wireless terminal 100 to an operation mode corresponding to the "system access state".

In addition, the key input unit 710 inputs a predetermined function key (for example, a menu key) in an operation mode corresponding to the "mobile station call waiting state" in each operation mode of the wireless terminal 100, thereby providing the wireless terminal. It is desirable to execute various functions provided in 100.

According to an embodiment of the present invention, the key input unit 710 may perform a function of key input means for inputting at least one or more key data corresponding to the one-time authentication key based wireless security authentication processing function.

The wireless processor 785 is a functional component that connects a wireless channel with a base station on a mobile communication network in which the wireless terminal 100 operates based on CDMA / WCDMA, and includes a CDMA modem and various RF modules (eg, duplexer filter, power). Amplifiers, High Power Amplifiers (HPAs), Isolators, RF / IF SAW Filters, Frequency Up-Circuits, Frequency Down-Conversion Circuits, VCTCXOs, UHF Frequency Synthesizers, etc. for Reference Clock Sources) and Antennas And a location registration and / or slot mode and / or power control corresponding to each operation mode of the wireless terminal 100 in connection with the control unit 720. Control and / or hand-off and / or call processing procedures.

According to the exemplary embodiment of the present invention, the wireless processing unit 785 is a radio frequency signal transmission / reception function corresponding to the one-time authentication key based wireless security authentication processing function (eg, antenna control, modulation, synthesis, amplification and / or radio frequency signal). Or performing filtering or the like).

In particular, the wireless processing unit 785 processes or processes information or signals transmitted from the wireless terminal 100 to the base station for the one-time authentication key-based wireless security authentication process, or a CDMA stack received from the base station. It is preferable to include a function for reading a predetermined information or signal from the.

The IC chip reader unit 715 is an IC chip (eg, financial IC chip, mounted or detached from the wireless terminal 100 through an IC chip standard including ISO / IEC 7816 and / or ISO / IEC 14443). Or a functional component for exchanging at least one information (or data, or command) with a contact IC card reader corresponding to the ISO / IEC 7816 standard, and / or the ISO / IEC 14443 standard. And a contactless IC card reader, wherein the IC card reader exchanges at least one information (or data or command) with the IC chip through an APDU (Application Protocol Data Unit). .

Referring to the standards including ISO / IEC 7816 and / or ISO / IEC 14443, an IC chip mounted or detached from a customer wireless terminal may include a power supply (VCC), a reset signal (RST), and a clock signal (CLK). Input / output interface 792 that communicates with the IC chip reader 715 (eg, exchanges commands or data) via contact points such as ground (GND), programming power supply (VPP), and / or input / output (I / O), and the like. ), A processor unit 793 including at least one computing element including a central process unit (CPU), a micro process unit (MPU), and / or a coprocessor, a read only memory (ROM), It consists of a chip memory unit 794 made of at least one or more memory elements including random access memory (RAM), electrically erasable and programmable read only memory (EEPROM), flash memory (FM), and the like. To one or more memory devices (eg, ROM) A chip operating system (COS) for managing and operating an IC card internal resource is stored, and predetermined power is supplied from the IC chip reader unit 715 through a power supply (VCC) contact point of the input / output interface 792. When supplied, the COS stored in the chip memory unit 794 is loaded into a predetermined execution memory to control the overall operation of the IC chip, and the clock frequency of the contact point of the clock signal CLK (for example, 3.57 MHz or 4.9 MHz). Control information or data exchange between the IC chip and the IC chip reader unit 715 through an APDU (Application Protocol Data Unit).

According to the present invention, at least one IC chip storage information 795 corresponding to a card application for providing the USIM function (or financial IC chip function) is stored in the chip memory unit 794 of the IC chip. The IC chip storage information 795 may include a storage unit 797 for storing a data set corresponding to predetermined information or data that is read and / or used by a processor included in a customer wireless terminal; A program routine (for example, Javacard in the case of Javacard) that is driven or executed by the operation function of the processor unit 793 and the instruction set provided by the COS, and used by the processor included in the customer wireless terminal. An applet (JAVA Applet), which includes an instruction call code that interacts with the instruction set of the COS and execution code that is processed by the processor unit 793. Jean being provided with a processing unit (796) for the application.

Here, in particular, the processing unit 796 reads an instruction provided from the processor provided in the customer wireless terminal via the input / output interface 792 through an APDU, and reads the instruction from the processor 797 on the basis of the read command. Read or record at least one or more information or data stored, and provide the result or read information or data to the processor provided in the customer wireless terminal via the input and output interface 792 through an APDU. do.

According to an embodiment of the present invention, the storage unit 797 stores at least one unique information of the wireless terminal 100 for the one-time authentication key based wireless security authentication processing function, wherein the storage unit ( The unique information of the wireless terminal 100 stored in the 797 is at least one of a wireless terminal 100, a USIM information, IC chip unique information, a dynamic (or fixed) IP address, etc. assigned to the wireless terminal 100. It is preferable to comprise as mentioned above.

According to a preferred embodiment of the present invention, the chip memory unit 794 of the IC chip includes a security structure based on ISO / IEC 10202. Accordingly, the chip memory unit 794 may include a CSN (Chip Serial Number). IC chip for the present invention comprising a protection area for storing secret information such as the &quot;), a COS control area, a user application area, a read / write access area, an application program area, and a FAT (File Allocation Table) management area The storage information 795 is preferably stored in an area except the protection area and the COS control area.

In addition, according to ISO / IEC 7816 and / or ISO / IEC 14443 ICC standards, the chip memory unit 794 may include one master file (MF) corresponding to a root file, and the master file. ATR (Answer To Reset) including function information on at least one stored information at a lower portion, at least one dedicated file (DF) corresponding to each ICC stored information, and disposed below the dedicated file. And a file structure consisting of an element file (EF) including substantial information and / or data for a smart card service. The IC chip storage information 795 for the present invention also includes the file structure described above. It is made to include.

According to an embodiment of the present invention, if the IC chip is a financial IC chip (or USIM with financial information), the IC chip storage information 795 is a financial account including an electronic bankbook and a financial common network. (Or financial products) means, and / or credit card payment method, debit card payment method, check card payment method, prepaid card Preferably, the payment means comprises at least one electronic wallet (Electronic Wallet) payment means.

The memory unit 790 corresponds to a storage medium that stores at least one or more information (or data) in the wireless terminal 100, and / or a recording medium that records program codes corresponding to at least one or more program routines. General term for nonvolatile memory, including read only memory (ROM) corresponding to the read only memory, flash memory (FM), electrically erasable and programmable read only memory (EEPROM), and the like. Characterized in that made.

According to an embodiment of the present invention, the ROM information of the nonvolatile memory is not to be stored, and the flash memory is provided through an operating system routine, a call processing program routine, and / or the wireless terminal 100. Various application program routines and information or data for the same are stored, and the EEPROM is extracted and / or generated during the execution of the application included in the terminal registration related parameters and phone number (eg, address book) or the wireless terminal 100. Preferably at least one or more information (or data) is stored.

According to an embodiment of the present invention, the memory unit 790 stores at least one unique information of the wireless terminal 100 for the one-time authentication key based wireless security authentication processing function, and the wireless terminal 100 The unique information may include at least one or more of a radio number 100, an electronic serial number (ESN), a dynamic (or fixed) IP address, etc. assigned to the radio terminal 100.

Referring to FIG. 7, the wireless terminal 100 includes a terminal side screen including at least one of a desktop screen, a content usage screen, a web access screen, a financial transaction screen, and a payment screen on the screen of the wireless terminal 100. And a terminal-side screen processing unit 725 corresponding to various programs to be output. The terminal-side screen processing unit 725 is connected to the screen output unit 700 on the screen of the wireless terminal 100. A background screen processing unit corresponding to a background program outputting a background screen, a content screen processing unit corresponding to a content using program outputting a content use screen on the screen of the wireless terminal 100 in association with the screen output unit 700; A browser processing unit (not shown) corresponding to a browser program for outputting a web access screen to the screen of the wireless terminal 100 in association with the screen output unit 700; A financial transaction screen processing unit (not shown) corresponding to a financial transaction program (or a browser program) for outputting a financial transaction screen on the screen of the wireless terminal 100 in association with the screen output unit 700; and the screen output unit. In connection with 700, preferably, at least one payment screen processing unit (not shown) corresponding to a payment program (or a browser program) for outputting a payment screen on the screen of the wireless terminal 100 is included.

Those skilled in the art to which the present invention pertains will be familiar with the technical features of the various programs corresponding to the terminal screen processing unit 725 and the functional components corresponding to the programs. Detailed description thereof will be omitted for convenience.

Referring to FIG. 7, for the one-time authentication key-based wireless security authentication processing, the wireless terminal 100, the one-time authentication processing unit 730 corresponding to the one-time authentication program provided through the program providing system shown in FIG. And a one-time authentication processing unit 730, a security authentication confirmation unit 750 for confirming whether the one-time authentication key-based wireless security authentication using the wireless terminal 100 is processed, and the security. When authentication is confirmed, the wireless terminal 100 processes the one-time authentication area including the one-time authentication screen for processing the wireless security authentication based on the one-time authentication key, and then outputs the one-time authentication key-based wireless through the one-time authentication area. And an output processor 755 for processing security authentication.

According to one embodiment of the invention, the one-time authentication processing unit 730 is preferably driven (or activated) in conjunction with the key input unit 710.

For example, when the wireless terminal 100 is provided with a key button for driving (or activating) the one-time authentication unit 730, the one-time authentication unit 730 is driven (or activated) by the key button input. It is preferable.

Alternatively, the one-time authentication processor 730 is driven on a terminal screen including at least one of a desktop screen, a content usage screen, a web access screen, a financial transaction screen, and a payment screen output on the screen of the wireless terminal 100. When the menu is provided (or activated), it is preferable that the one-time authentication processor 730 is driven (or activated) by menu selection through the key input unit 710.

According to another embodiment of the present invention, the terminal screen displayed on the screen of the wireless terminal 100 may include a content use screen, a web access screen, and a financial transaction in the form of a wireless web document including at least one tag string (or script). At least one screen, a payment screen, and the like, and when the tag string (or script) includes a tag string (or script) for driving (or activating) the one-time authentication processor 730, the disposable The authentication processor 730 is preferably driven (or activated) by the tag string (or script).

For example, when a terminal (or a script) for automatically driving (or activating) the one-time authentication program is included in the terminal-side screen output on the screen of the wireless terminal 100, the one-time authentication processing unit 730 is the tag string ( Or a script).

Alternatively, when a terminal (or a script) corresponding to a user interface for driving the one-time authentication program is included in the terminal-side screen output on the screen of the wireless terminal 100, the one-time authentication processing unit 730 is the tag string ( Or via a user interface and a key input unit 710 corresponding to a script).

According to another exemplary embodiment of the present invention, program driving information corresponding to the one-time authentication program is received through a wireless communication network, or a desktop, a content using screen, a web access screen, and a financial transaction are displayed on the screen of the wireless terminal 100. When the program operation information corresponding to the one-time authentication program is included in the terminal-side screen processing unit 725 corresponding to various programs for outputting a terminal-side screen including at least one screen, a payment screen, and the like, the one-time authentication processor ( 730 is preferably driven (or activated) by the program driving information.

According to one embodiment of the invention, when the one-time authentication processing unit 730 is driven (or activated), the security authentication confirmation unit 750 is the one-time authentication processing unit 730 in response to the driving (or activation) The wireless terminal 100 is characterized in that the one-time authentication key-based wireless security authentication confirms that the processing is requested.

According to another exemplary embodiment of the present invention, after the one-time authentication processing unit 730 is driven (or activated), the desktop, content use screen, web access screen, financial transaction screen, and payment are displayed on the screen of the wireless terminal 100. The terminal-side screen processing unit 725 corresponding to various programs for outputting a terminal-side screen including at least one screen or the like provides wireless for content use, web access, financial transaction, or payment processing corresponding to the terminal-side screen. When requesting a security authentication, the security authentication check unit 750 is characterized in that the wireless terminal 100 confirms that the one-time authentication key-based wireless security authentication processing is requested.

According to another exemplary embodiment of the present invention, after the one-time authentication processing unit 730 is driven (or activated), the content input corresponding to the terminal-side screen is used, the web access, and the financial transaction through the key input unit 710. , Or when an authentication command (or key data) for wireless security authentication for payment processing is input, the security authentication verification unit 750 requests the one-time authentication key-based wireless security authentication processing from the wireless terminal 100. Characterized in that it is confirmed.

When confirming the one-time authentication key-based wireless security authentication using the wireless terminal 100 through the security authentication confirmation unit 750, the output processing unit 755, a predetermined area (or entire area) on the screen of the wireless terminal 100 After processing to output a one-time authentication area including a one-time authentication screen for processing a one-time authentication key-based wireless security authentication, characterized in that for processing the one-time authentication key based wireless security authentication through the one-time authentication area, When the one-time authentication area is processed to be output to a certain area on the screen of the wireless terminal 100, it is preferable that a terminal side output area for outputting the terminal side screen is output to the remaining area.

According to the method of the present invention, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the output processing unit 755 is output to the entire area of the screen of the wireless terminal 100 Preferably, the terminal-side screen area is reduced in a predetermined direction to set the terminal-side output area, and the disposable authentication area is set in the reduced remaining area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (X, Y) in the range (0,0), the output processing unit 755 sets the terminal side screen area at (0,0). Setting the terminal-side output area by reducing to (Xx, Yy) and setting the one-time authentication area at the coordinates of (X, Y) in the reduced and remaining (X-x + 1, Y-y + 1) desirable.

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the output processing unit 755 is within the terminal side screen area that is output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area by inserting a one-time authentication screen.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (X, Y) in (0,0), the output processing unit 755 in (Xx, Yy) of the terminal side screen area. It is preferable to set the one-time authentication area by inserting the one-time authentication screen into the terminal-side screen area corresponding to the coordinate of (X, Y).

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the output processing unit 755 is a schedule on the terminal screen area that is output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area in an overlap method (or pop-up method) in the area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (X, Y) in (0,0), the output processing unit 755 in (Xx, Yy) of the terminal side screen area. It is preferable to set a one-time authentication area including the one-time authentication screen in an overlap method (or a pop-up method) in a terminal-side screen area upper layer (Layer) corresponding to the coordinate of (X, Y).

According to another embodiment of the present invention, the output processing unit 755 processing the one-time authentication screen for the one-time authentication key-based wireless security authentication processing to be output on the screen of the wireless terminal 100 is the one-time authentication processing unit 730 It is apparent that the present invention is not limited thereto, and may be provided in a program manager (not shown) associated with the one-time authentication program in the wireless terminal 100.

Referring to FIG. 7, for the one-time authentication key-based wireless security authentication processing, the one-time authentication processing unit 730 provided in the wireless terminal 100 may include the memory unit 790 (or a chip provided in the IC chip). The memory unit 794 confirms at least one or more one-time authentication key generation information required for generating the one-time authentication key and the one-time use using an authentication key generation algorithm based on the one-time authentication key generation information. And a generation unit 770 for generating a one-time authentication key for authentication key-based wireless security authentication. When the authentication key generation method includes a challenge-response method, the wireless processing unit 785 and And a communication processor 780 for receiving the one-time authentication key generation information corresponding to the challenge.

When the one-time authentication area is output on the screen of the wireless terminal 100 by the output processor 755 and a one-time authentication key generation for the one-time authentication key based wireless security authentication processing using the wireless terminal 100 is requested. The identification unit 775 confirms at least one or more one-time authentication key generation information necessary for generating the one-time authentication key from the memory unit 790 (or the chip memory unit 794 included in the IC chip). do.

When the authentication key generation method includes a challenge-response method according to an embodiment of the present invention, the communication processing unit 780 is a single-use corresponding to the challenge to the authentication server 130 in association with the wireless processing unit 785. The method may further include requesting authentication key generation information and receiving at least one or more one-time authentication key generation information required for generating the one-time authentication key from the authentication server 130.

When generating a one-time authentication key of the time synchronization method according to an embodiment of the present invention, the confirmation unit 775 is the disposable from the memory unit 790 (or chip memory unit 794 provided in the IC chip) It is preferable to check at least one piece of one-time authentication key generation information necessary for generating an authentication key, and to check time information for generating the one-time authentication key from a timer provided in the wireless terminal 100.

In the case of generating a challenge-response type disposable authentication key according to another exemplary embodiment of the present invention, the verification unit 775 is provided from the memory unit 790 (or the chip memory unit 794 of the IC chip). Confirm at least one or more disposable authentication key generation information required for generating the one-time authentication key, and obtain at least one or more disposable authentication key generation information required for generating the one-time authentication key from the authentication server 130 in association with the communication processing unit 780. It is desirable to receive.

When at least one or more one-time authentication key generation information required for generating the one-time authentication key is confirmed as described above, the generation unit 770 uses the authentication key generation algorithm based on the at least one or more one-time authentication key generation information. Characterized by generating a one-time authentication key for the one-time authentication key-based wireless security authentication process, wherein the one-time authentication key preferably comprises a data block of a predetermined length.

Those skilled in the art to which the present invention pertains, one-time corresponding to the time synchronization method (or challenge-response method) using an authentication key generation algorithm based on the at least one or more disposable authentication key generation information identified. Since you will be familiar with the technical features for generating the authentication key, a detailed description thereof will be omitted for convenience.

Referring to FIG. 7, for the one-time authentication key-based wireless security authentication process, the one-time authentication processing unit 730 included in the wireless terminal 100 outputs a predetermined area on the one-time authentication area when the one-time authentication area is output. Outputting a one-time authentication start screen (or interface) to the device, and when one-time authentication is started through the one-time authentication start screen (or interface), validity of the one-time authentication key based wireless security authentication process on a predetermined area on the one-time authentication area. Outputting a password input interface for inputting a password for authentication, and if the one-time authentication function is disabled, input customer authentication information including at least one financial information combination for the one-time authentication customer in a predetermined area on the one-time authentication area. Outputting the authentication information input interface to When the validity of the wireless security authentication processing through the call is authenticated, a one-time authentication key generation screen (or interface) is output to a predetermined area on the one-time authentication area, and one-time authentication is performed through the one-time authentication key generation screen (or interface). When a key generation is requested and the requested one-time authentication key is generated through the generation unit 770 and is output to a predetermined area on the one-time authentication area, the one-time authentication key input interface through which the customer inputs a one-time authentication key is used. An interface output unit 760 for outputting to a predetermined area on an authentication area and outputting a one-time authentication key end screen (or an interface) to a predetermined area on the one-time authentication area when the one-time authentication key-based wireless security authentication is processed; When a password is entered through the password input interface, the password Authenticating the wireless security authentication process based on the one-time authentication key, and if the requested one-time authentication key is generated through the generation unit 770, outputting the one-time authentication key to a predetermined area on the one-time authentication area, When the generated one-time authentication key is input through the one-time authentication key input interface, characterized in that it comprises an authentication key processing unit 765 for generating security authentication request information including the one-time authentication key, the management server on the communication network When the one-time authentication disable code (or command) is received from 110, the disable authentication unit 740 automatically blocks and disables the one-time authentication function.

Here, the one-time authentication disable code (or command) is received from the management server 110 through the program corresponding to the message receiving unit (not shown) or the terminal screen processing unit 725 provided in the wireless terminal 100. Preferably, when the one-time authentication program is executed, it is preferably received through the communication processing unit 780.

According to the present invention, the communication processing unit 780 transmits the customer authentication information input through the authentication information input interface to the authentication server 130 (or the financial server 135) on the communication network to process the authentication, and the authentication The one-time authentication activation code (or command) is received from the server 130 (or the financial server 135).

Referring to FIG. 7, the one-time authentication processing unit 730 is provided with a disable releasing unit 745 for activating the disabled one-time authentication function upon receiving the one-time authentication activation code (or command). .

When the one-time authentication region is output on the screen of the wireless terminal 100 through the output processor 755, the interface output unit 760 processes the one-time authentication key based wireless security authentication on a predetermined region on the one-time authentication region. Characterized in that the password input interface for inputting a password for validating the authentication.

When a password is input through the password input interface, the authentication key processing unit 765 is characterized by authenticating the validity of the one-time authentication key-based wireless security authentication processing through the password.

When password authentication information (not shown) matching the password is stored in the memory unit 790 according to an exemplary embodiment of the present invention, the authentication key processing unit 765 compares the input password with the password authentication information. It is preferable to check the validity of the one-time authentication key-based wireless security authentication.

According to another embodiment of the present invention, when the password includes a series of number systems, the authentication key processing unit 765 performs the one-time authentication key through number system analysis (or hash code generation) of the input password. It is desirable to check the validity of the base wireless security authentication.

When the one-time authentication disable code (or command) is received from the management server 110 on the communication network, the disable processing unit 740 is characterized in that the one-time authentication function automatically cut off and disabled.

Here, the disabling processing unit 740 automatically blocks and disables the one-time authentication function, so that the interface output unit 760 displays the one-time authentication start screen (or interface or password input screen (or Interface) or the one-time authentication key generation screen (or interface), or the one-time authentication key input interface is output without forcing the authentication information input interface, or the generation unit 770 performs the one-time authentication. Processing not to generate a key (or generating an unauthenticated error-inducing authentication key) or processing the communication processing unit 780 not to transmit the generated one-time authentication key to the authentication server 130. It is preferable to include one or more.

Alternatively, the disabling processing unit 740 automatically blocks and disables the one-time authentication function by changing (or deleting) the one-time authentication key generation information stored in the memory unit 790 to generate the one-time authentication key. It is preferable to include processing to be neutralized.

According to another exemplary embodiment of the present invention, when the password error occurs more than a predetermined number of times through the password input interface, it is possible to automatically disable and disable the one-time authentication function. The invention is not limited.

When the one-time authentication function is disabled by the disable processing unit 740, the interface output unit 760 includes at least one financial information combination for the one-time authentication customer in a predetermined area on the one-time authentication area. Characterized in that it outputs the authentication information input interface for inputting, and when the customer authentication information including at least one financial information combination for the one-time authentication customer is input through the authentication information input interface, the communication processing unit 780 ) Processes the input customer authentication information to be authenticated by transmitting it to the authentication server 130 (or the financial server 135) on the communication network, and the one-time authentication from the authentication server 130 (or the financial server 135). Receiving an activation code (or command).

Here, the customer authentication information including at least one financial information combination for the one-time authentication customer includes the resident registration number (or customer number) of the customer, the account number and account password (or security card number combination) of the customer It is preferable to include at least one or more.

When the one-time authentication activation code (or command) is received through the communication processor 780, the disable releasing unit 745 may activate the disabled one-time authentication function.

Here, the disabling release unit 745 to activate the one-time authentication function, the interface output unit 760 is the one-time authentication start screen (or interface, or password input screen (or interface) on the one-time authentication area) Or outputting the one-time authentication key generation screen (or interface) or the one-time authentication key input interface, or processing the generation unit 770 to generate the one-time authentication key normally, or the communication processing unit ( 780 preferably comprises at least one process of processing the generated one-time authentication key to the authentication server 130 to be transmitted normally.

If the one-time authentication key generation information stored in the memory unit 790 is changed (or deleted) by the disable processing unit 740, the one-time authentication activation code (or command) further adds the new one-time authentication key generation information. Preferably, the disable release unit 745 preferably stores the new one-time authentication key generation information in the memory unit 790 to activate the disabled one-time authentication function.

When the one-time authentication start screen (or interface) is output to a certain area on the one-time authentication area, and one-time authentication is started through the one-time authentication start screen (or interface), the interface output unit 760 is on the one-time authentication area. Outputting a one-time authentication key generation screen (or an interface) to a predetermined region, and checking whether a one-time authentication key is requested to be generated through the one-time authentication key generation screen (or interface). When the one-time authentication key for the one-time authentication key-based wireless security authentication process is generated, the authentication key processing unit 765 is characterized in that for outputting the one-time authentication key in a predetermined area on the one-time authentication area.

In addition, the interface output unit 760 is characterized in that the customer outputs a one-time authentication key input interface for inputting the generated one-time authentication key for a wireless security authentication process to a predetermined area on the one-time authentication area.

When the one-time authentication key is input through the one-time authentication key input interface, the authentication key processing unit 765 generates security authentication request information including the one-time authentication key, and the communication processing unit 780 ) Process the security authentication request information including the one-time authentication key to be transmitted to the authentication server 130 on the communication network so that the one-time authentication key-based wireless security authentication is processed.

If the one-time authentication key-based wireless security authentication is processed, the interface output unit 760 is characterized in that for outputting a one-time authentication key end screen (or interface) in a predetermined area on the one-time authentication area, the one-time authentication key When the one-time authentication key-based wireless security authentication is finished through an end screen (or an interface), the output processor 755 deletes the one-time authentication area on the screen of the wireless terminal 100, and displays the terminal-side output area. The wireless terminal 100 may return to the entire area of the screen.

Referring to FIG. 7, for the one-time authentication key-based wireless security authentication processing, the one-time authentication processing unit 730 provided in the wireless terminal 100 is connected to the key input unit 710 and the wireless terminal 100. And a caret processor 735 for processing a caret between the terminal output area and the disposable authentication area on the screen to move.

According to the present invention, when the password input interface or the one-time authentication key input interface is output to another area (eg, the terminal side output area) other than the one-time authentication area, the caret processing unit 735 is assigned to the one-time authentication area. Characterized in that the caret is moved to an area (eg, a terminal-side output area) to which the password input interface or the single-use authentication key input interface is output and is allocated.

At this time, if at least one number (or code) for the wireless security authentication process is input through the password input interface or the one-time authentication key input interface output to the other area (eg, the terminal side output area), the The caret processing unit 735 moves the caret to be allocated to the one-time authentication area.

8 is a diagram showing the configuration of a one-time authentication key-based wireless security authentication processing system according to an embodiment of the present invention.

In more detail, Figure 8 processes the one-time authentication key-based wireless security authentication through the wireless terminal 100 having a functional configuration corresponding to the one-time authentication program shown in Figure 7 through the program providing system shown in Figure 2 As a system configuration, in detail, when the wireless terminal 100 shown in FIG. 7 generates a one-time authentication key for wireless security authentication processing and transmits it to the authentication server 130 through a wireless communication network, the authentication server ( By generating a one-time authentication key authentication code matching the one-time authentication key at 130) and comparing with the one-time authentication key, wireless security authentication using the one-time authentication key is processed, but the one-time authentication is disabled from the management server 110 on the communication network. When a code (or command) is received, the one-time authentication function for processing the one-time authentication key based wireless security authentication is disabled. And a function for processing a one-time authentication function for processing the one-time authentication key-based wireless security authentication when the one-time authentication activation code (or command) is received from the management server 110. It is a figure which shows a structure.

Those skilled in the art to which the present invention pertains may refer to and / or modify this drawing 8 to infer various implementation methods for the one-time authentication key based wireless security authentication processing system configuration, but the present invention. Is made including all the inferred implementation method, the technical features are not limited only to the implementation method shown in FIG.

For example, when a one-time authentication disable code (or command) is received from the management server 110 on a communication network, a function of processing a one-time authentication function for processing the one-time authentication key-based wireless security authentication is disabled, and the management server 110. When a one-time authentication activation code (or command) is received from the function to process the one-time authentication function for processing the one-time authentication key-based wireless security authentication is activated, in addition to the management server 110 financial server 135 (or banking) Server) or through a telecommunications company server, whereby the present invention is not limited thereto.

Referring to FIG. 8, the one-time authentication key-based wireless security authentication system includes at least one wireless terminal 100 having a functional configuration corresponding to the one-time authentication program shown in FIG. 7, and the wireless terminal 100. And at least one base station connecting the wireless section, and a control station controlling the base station and at least one server (or device) controlling and operating a wireless communication network including the base station and the control station. It characterized in that it comprises a 105, in connection with the network management system 105 receives the one-time authentication key information generated and transmitted in the wireless terminal 100, one-time authentication matching the one-time authentication key By generating a key authentication code and comparing with the one-time authentication key, wireless security authentication using the one-time authentication key is processed. By having the authentication server 130, a management server 110 to remotely disable / enable a one-time authentication program provided on the wireless terminal 100 over the communications network it is characterized in that formed.

In addition, the one-time authentication key-based wireless security authentication processing system, in connection with the authentication server 130 processes at least one or more financial transactions (or payment) in accordance with the one-time authentication key-based wireless security authentication, or the one-time use Characterized in that it comprises at least one or more wireless server 150 to perform a variety of member authentication / service authentication / terminal authentication according to the wireless security authentication, wherein the wireless server 150 is the one-time authentication key A financial server 135 having at least one financial transaction function based on a wireless security authentication, a payment server 140 having at least one payment function based on the one-time wireless security authentication, and the disposable Wireless web server with various member authentication / service authentication / terminal authentication functions based on authentication key based wireless security authentication An preferably comprises at least one.

In FIG. 8 according to an embodiment of the present invention, in order to effectively explain the technical features for the one-time authentication key-based wireless security authentication process to those skilled in the art, the one-time authentication key for convenience. Although the authentication server 130 for processing the wireless security authentication based on, and the wireless server 150 providing various additional services based on the one-time authentication key-based wireless security authentication as a separate server, the present invention is not limited by this. No, the one-time authentication key-based wireless security authentication function provided in the authentication server 130 according to the intention of the person skilled in the art (for example, the information receiving unit 825, information checking unit 830, extraction unit and authentication unit 845 shown below) )) Is provided in the wireless server 150, or it is apparent that the authentication server 130 and the wireless server 150 can be implemented as one server. Bayida.

The wireless terminal 100 is a mobile communication terminal connected to a code division multiple access (CDMA) / Wide-CDMA (WCDMA) based mobile communication network, a wireless communication terminal connected to an HSDPA based wireless communication network, or an IEEE 802.16x based communication. At least one wireless terminal 100 including at least one or more portable Internet terminal connected to the high-speed wireless Internet, characterized in that the wireless terminal 100 is a wireless terminal 100 shown in FIG. It is characterized by comprising a functional configuration.

Those skilled in the art to which the present invention pertains can easily infer the technical features of the wireless terminal 100 including the functional configuration of the wireless terminal 100 shown in FIG. Detailed description is omitted for convenience.

According to an embodiment of the present invention, the wireless communication network to which the wireless terminal 100 accesses preferably includes at least one of the CDMA based mobile communication network, the HSDPA based wireless communication network, or the IEEE 802.16x based high speed wireless Internet. Do.

The wireless communication network to which the wireless terminal 100 connects includes at least one or more base stations, a control station for controlling the base station, and at least one server (or apparatus) for controlling and operating a wireless communication network including the base station and the control station. It characterized in that it comprises a network operation system 105 including a).

The base station is located at an end of the wireless communication network connecting a wireless section with at least one wireless terminal 100 located in a cell (eg, frequency reach) according to a wireless communication protocol defined in the wireless communication network. As a component, it is characterized in that the network operation system 105 to control and operate the radio terminal 100 through the control station.

According to an embodiment of the present invention, when the wireless communication network is a CDMA / WCDMA / GSM-based wireless communication network, the base station connects a wireless section with at least one wireless terminal 100 based on the CDMA / WCDMA / GSM wireless protocol stack. It is desirable to.

According to another exemplary embodiment of the present invention, when the wireless communication network is an HSDPA-based wireless communication network, the base station preferably connects a wireless section with at least one wireless terminal 100 based on the HSDPA wireless protocol stack.

According to another embodiment of the present invention, when the wireless communication network is an IEEE 802.16x based wireless communication network, the base station includes at least one based on a wireless physical (PHY) layer and a media access control (MAC) layer of the IEEE 802.16x protocol. It is preferable to connect the wireless terminal 100 and the wireless section.

The control station is a component on a wireless communication network that controls at least one base station and connects the base station and the network management system 105 in a wired section. When the wireless communication network is a CDMA / WCDMA / GSM-based wireless communication network, Preferably, the control station includes a base station controller (BSC). When the wireless communication network is an IEEE 802.16x based wireless communication network, the control station includes a packet access router (PAR). desirable.

The network operation system 105 controls at least one or more radio terminals 100 connectable to the radio communication network through at least one or more base stations in association with the control station, and at least one other radio with the radio terminal 100. Connecting a communication channel (or a communication channel) with a server on the terminal 100 or a communication network, and calculating various communication charges and additional service use charges corresponding to the communication plan subscribed to by the wireless terminal 100; do.

According to an embodiment of the present invention, when the wireless communication network is a CDMA / WCDMA / GSM-based wireless communication network, the network operation system 105 may include a mobile switching center (MSC) and an HLR (Mobile Switching Center) for processing circuit switching. Interworking function that provides circuit data service and / or packet data service for wireless data communication and connection with other networks in the network infrastructure for voice call and home location register (VLR). IWF), various message centers (e.g., short message center (SMC), multimedia message center (MMC), etc.) and various additional service server farms, and SGSN for processing packet exchange. (Serving GPRS Support Node), GGSN (Gateway GPRS Support Node) and RNC (Radio Network Controller) are preferably included.

According to another exemplary embodiment of the present invention, when the wireless communication network is an IEEE 802.16x based wireless communication network, the network operation system 105 may include a home agent (HA) for mobility of IP with respect to the wireless terminal 100, AAA (Authentication, Authorization and Accounting) server for authentication of the user, a network management server 110 (Network Management System), a FA (Foreign Agent) interworking with the wireless communication network and at least one external wireless network, and Preferably, the wireless terminal 100 includes a Dynamic Host Configuration Protocol (DHCP) server and DNS for allocating and registering Mobile IP (MIP).

Referring to FIG. 8, the authentication server 130 may include an interface unit 820 connecting at least one wireless terminal 100 and a one-time authentication key-based secure communication channel for a one-time authentication-based wireless security authentication process. An information receiving unit 825 for receiving security authentication request information including a one-time authentication key for the one-time authentication key-based wireless security authentication process from the wireless terminal 100 through the wireless communication network in association with the interface unit 820; And an information checking unit 830 for confirming information of the wireless terminal 100 transmitting the one-time authentication key through the wireless communication network (or a wireless communication protocol), and the wireless terminal from the one-time authentication management D / B 850. Extraction unit for extracting the one-time authentication program information associated with the information, and the one-time provided to the wireless terminal 100 based on the extracted one-time authentication program information The authentication program generates a one-time authentication key authentication code using the same authentication key generation conditions (eg, the same one-time authentication key generation information and authentication key generation algorithm) that generated the one-time authentication key, and the security received from the wireless terminal 100 The authentication unit 845 for authenticating the validity of the received one-time authentication key by comparing the one-time authentication key included in the authentication request information with the generated one-time authentication key authentication code, and in connection with the interface unit 820 And a transmitting unit 840 for transmitting the security authentication result information including the validity authentication result for the one-time authentication key to the wireless terminal 100 through a wireless communication network. When the authentication server 130 is provided outside the wireless server 150 as in the implementation method, the transmission unit 840 is the one-time authentication key To characterized in that the transmission by sharing a validity authentication result by the at least one wireless server 150 that require the one-time authentication key based wireless security authentication process.

The interface unit 820 connects at least one wireless terminal 100 and a communication channel for the one-time authentication key-based wireless security authentication process through a wireless communication network, wherein the communication channel is the security authentication request information. It is desirable to include an encryption / decryption-based secure communication channel for.

The information receiving unit 825 receives the security authentication request information transmitted from the wireless terminal 100 through the interface unit 820, and the information checking unit 830 receives the security authentication request information. In the receiving process, characterized in that to confirm the information of the wireless terminal 100 transmitting the one-time authentication key through the wireless communication network (or wireless communication protocol).

According to the exemplary embodiment of the present invention, the security authentication request information is received through the information receiving unit through a separate one-time authentication key exchange protocol defined between the one-time authentication program provided in the wireless terminal 100 and the interface unit 820. 825).

According to another exemplary embodiment of the present invention, the security authentication request information is transmitted to the information receiving unit 825 through an encryption / decryption protocol based on a data communication protocol defined in a wireless communication network to which the wireless terminal 100 is connected. Is preferably received.

The extracting unit extracts one-time authentication program information associated with the wireless terminal 100 information from the one-time authentication management D / B 850 based on the confirmed wireless terminal 100 information, and sends the extracted authentication program information to the authentication unit 845. It is characterized by providing.

The authentication unit 845 generates the same one-time authentication key generation information and the authentication key generation algorithm used to generate the one-time authentication key in the one-time authentication program included in the wireless terminal 100 based on the extracted one-time authentication program information. By generating a one-time authentication key authentication code, and comparing the one-time authentication key included in the security authentication request information received from the wireless terminal 100 with the generated one-time authentication key authentication code, for the received one-time authentication key Characterizing authenticity.

Here, the validity of the one-time authentication key is authenticated by the authentication unit 845 is confidentiality, authentication, integrity and disclaimer for the one-time authentication-based wireless security authentication processing. Nonrepudiation).

When the validity of the one-time authentication key is authenticated through the authentication unit 845, the transmission unit 840 is connected with the interface unit 820 to obtain a result of validity authentication of the one-time authentication key through the wireless communication network. Characterized by generating a security authentication result information, characterized in that for transmitting to the wireless terminal (100).

As shown in FIG. 8, when the authentication server 130 is provided outside the wireless server 150, the transmission unit 810 transmits the result of validity authentication for the one-time authentication key to the one-time authentication key. It is characterized in that the transmission to the at least one or more wireless server 150 that needs to be based on the wireless security authentication processing, and correspondingly, the wireless server 150 at least based on the validity authentication result for the one-time authentication key It is characterized by processing one or more financial transactions (or payments), or processing various member authentication / service authentication / terminal authentication.

According to another embodiment of the present invention, when the wireless security authentication function of the authentication server 130 is provided in the wireless server 150, the transmission unit 810 is different from the validity authentication result for the one-time authentication key. The function of sharing and transmitting to the wireless server 150 may be omitted, whereby the present invention is not limited.

Referring to FIG. 8, the management server 110 is the network management system 105 (for example, a server (not shown) for connecting a lost report from a telecommunication company, or subscriber D / B for storing information according to the lost report received). (Not shown), or an information confirmation unit 815 (or information checking means) for confirming lost report information for the wireless terminal 100 used by the customer in connection with the lost report reception server (not shown); Upon confirming the loss report information, the disposable notification management D / B 850 storing the one-time authentication management information for the one-time authentication program included in the wireless terminal 100 is disposable. Terminal confirmation unit (or terminal confirmation means) for confirming whether the one-time authentication function for processing the authentication key-based wireless security authentication is provided, and if the one-time authentication function is provided in the wireless terminal 100 reported loss, through a communication networkCharacterized by comprising a group formed by the wireless terminal transmitting unit 810 that handles such that 100 is the one-time authentication transmission function disabled by disabling the disposable authentication code (or commands) to the (or transfer means).

The information checking unit 815 is a network management system 105 on the wireless communication network connected to the wireless terminal 100 used by the customer (for example, a server (not shown) for connecting a lost report from a communication company, or a lost report reception). In connection with the subscriber D / B (not shown), etc., the information is stored, it is characterized in that whether the loss report is received for the wireless terminal 100 used by the customer.

Alternatively, the information checking unit 815 is connected to the loss report reception server (not shown) provided on the communication network to check whether the loss report is received for the wireless terminal 100 used by the customer, characterized in that According to the intention of the information verification unit 815 may be implemented in the form of the loss report receiving server (not shown), thereby the present invention is not limited.

According to another exemplary embodiment of the present invention, the information checking unit 815 may check the stop request information of the wireless terminal 100 due to various stop reasons, in addition to the report of the loss. It is not limited.

According to the implementation method of the present invention, it is preferable that the loss report information (or suspension request information) includes the radio terminal 100 information.

When the loss report information of the wireless terminal 100 used by the customer is confirmed by the information confirming unit 815, the terminal confirming unit is based on the information of the wireless terminal 100 that has been reported as lost. In connection with 850, it is characterized in that the one-time authentication function for processing the wireless security authentication based on the one-time authentication key is provided in the reported wireless terminal 100.

According to an embodiment of the present invention, when the one-time authentication management information associated with the lost-reported wireless terminal 100 information is stored in the one-time authentication management D / B 850, the terminal confirming unit is the reported wireless loss. The terminal 100 confirms that the one-time authentication function for processing the wireless security authentication based on the one-time authentication key is provided.

As a result of the check, when the loss-proven wireless terminal 100 has a one-time authentication function for processing a wireless authentication based on one-time authentication key, the transmission unit 810 is a one-time authentication with the wireless terminal 100 through a communication network. The disabling code (or command) may be transmitted to process the one-time authentication function to be disabled.

Here, the disabling processing unit automatically blocks and disables the one-time authentication function, wherein the interface output unit displays the one-time authentication start screen (or interface, or password input screen (or interface), or one-time authentication key on the one-time authentication area). Error to not output the generation screen (or interface) or the one-time authentication key input interface, forcibly output the authentication information input interface, or to prevent the generation unit to generate the one-time authentication key (or not authenticated) Or at least one processing of the communication processing unit not to transmit the generated one-time authentication key to the authentication server 130.

Alternatively, disabling the disabling processing unit by automatically blocking the one-time authentication function may include processing to disable (or delete) the one-time authentication key generation information stored in the memory unit in order to generate the one-time authentication key. It is preferable to comprise.

In connection with the one-time authentication management D / B (850) for storing the one-time authentication management information for the one-time authentication program provided in the wireless terminal 100 to the one-time authentication key-based wireless security authentication to the reported wireless terminal 100 To ensure that it has a one-time authentication function

Referring to FIG. 8, the management server 110 receives, from the wireless terminal 100, an information receiver 800 that receives customer authentication information including at least one financial information combination for a one-time authentication customer, and the wireless terminal ( When the customer authentication information including at least one financial information combination for the one-time authentication customer is received from 100), the ledger D / B 120 on the financial system 115 corresponding to the financial information included in the customer authentication information and Validation unit 825 for confirming the validity of the customer authentication information in association with, and the one-time authentication activation code (or command) for activating the one-time authentication function provided in the wireless terminal 100 during the validation; Transmitting to the wireless terminal 100 is characterized in that it comprises a processing unit 805 for processing so that the one-time authentication function is activated.

The information receiver 800 receives and receives the customer authentication information through the communication network when the wireless terminal 100 inputs and transmits customer authentication information including at least one financial information combination for the one-time authentication customer. It features.

When the customer authentication information including at least one financial information combination for the one-time authentication customer is received from the wireless terminal 100 through the information receiving unit 800, the validity checking unit 825 is included in the customer authentication information. Check the information (eg, social security number or customer number) that matches the one-time certified customer ledger among the financial information, and from the ledger D / B 120 on the financial system 115 through the information matched with the customer ledger. Request and receive information matching the account ledger among the financial information included in the customer authentication information, and compare the information matching the account ledger with the financial information included in the customer authentication information to validate the validity of the customer authentication information. It is desirable to confirm.

According to another exemplary embodiment of the present invention, the validity confirming unit 825 transmits the customer authentication information to the financial system 115, and the financial information and the ledger included in the customer authentication information from the financial system 115. By receiving the validity result information comparing the information stored in the D / B 120, it is possible to confirm the validity of the customer authentication information, whereby the present invention is not limited.

When validating the customer authentication information through the validity verification unit 825, the processing unit 805 may provide a one-time authentication activation code (or command) for activating the one-time authentication function provided in the wireless terminal 100. Transmitting to the wireless terminal 100, characterized in that for processing to enable the one-time authentication function.

9 is a diagram illustrating a one-time authentication function disabling process of a wireless terminal according to an embodiment of the present invention.

In more detail, Figure 9 confirms the loss report information for the at least one or more wireless terminals 100 in the management server 110 shown in Figure 8, and in conjunction with the one-time authentication management D / B (850) After confirming that the one-time authentication function is provided in the wireless terminal 100 which has been reported as lost, the process for disabling the one-time authentication function of the wireless terminal 100 in which the loss is reported, is commonly known in the art. If the person having the present invention can be inferred from various embodiments of the method for disabling the one-time authentication function of the wireless terminal 100 by referring to and / or modifying the drawing 9, the present invention includes all the inferred implementation methods. It is made, the technical features are not limited only to the implementation method shown in FIG.

Referring to FIG. 9, the management server 110 is the network management system 105 (for example, a server (not shown) for accessing a lost report from a telecommunication company, or subscriber D / B for storing information according to a lost report received). (Not shown), or in connection with the lost report receiving server (not shown), the loss report information for the wireless terminal 100 used by the customer is confirmed (900).

According to another exemplary embodiment of the present invention, the management server 110 may check the stop request information of the wireless terminal 100 due to various stop reasons, in addition to the loss report, thereby limiting the present invention. Not.

If the loss report information for the wireless terminal 100 is confirmed (905), the management server 110 is a one-time authentication management D for storing the one-time authentication management information for the one-time authentication program provided in the wireless terminal 100 Check in step 910 that the one-time authentication function for processing the one-time authentication key-based wireless security authentication is provided in the lost and reported wireless terminal 100 in association with / B (850).

According to the implementation method of the present invention, when the one-time authentication management information associated with the lost-reported wireless terminal 100 information is stored in the one-time authentication management D / B 850, the management server 110 reports the loss. Confirmed that the one-time authentication function for processing the wireless security authentication based on the one-time authentication key on the wireless terminal 100.

If the check result is that the loss-reported wireless terminal 100 is equipped with a one-time authentication function for processing the wireless security authentication based on one-time authentication key (915), one-time use to the wireless terminal 100 through the management network number The authentication disable code (or command) is transmitted (925), and correspondingly, the wireless terminal (100) processes the one-time authentication function to be disabled (925).

Here, the disabling processing unit automatically disables the one-time authentication function and disables the one-time authentication start screen (or interface or password input screen (or interface)) on the one-time authentication area in the wireless terminal 100, or Do not output the one-time authentication key generation screen (or interface) or the one-time authentication key input interface, forcibly output the authentication information input interface, or do not generate the one-time authentication key in the wireless terminal 100. At least one or more processes (not to generate an unauthenticated error-induced authentication key) or not to transmit the generated one-time authentication key to the authentication server 130 at the wireless terminal 100. It is preferable to make.

Alternatively, disabling the disabling processing unit by automatically blocking the one-time authentication function may include changing (or deleting) the one-time authentication key generation information stored in the memory unit to generate the one-time authentication key in the wireless terminal 100. It is preferable that the process comprises processing so as to be disabled.

10 is a diagram illustrating a one-time authentication area output and one-time authentication key-based wireless security authentication validation process for wireless security authentication processing according to an embodiment of the present invention.

In more detail, FIG. 10 illustrates a terminal screen including at least one of a desktop screen, a content usage screen, a web access screen, a financial transaction screen, and a payment screen on a screen of the wireless terminal 100 shown in FIG. When the one-time authentication key-based wireless security authentication function is driven through the key input means provided in the wireless terminal 100 in the state, the wireless terminal 100 to process the one-time authentication key-based wireless security authentication on the screen After processing to output the one-time authentication area included in the one-time authentication screen, and outputs a password input interface on the one-time authentication area to illustrate the terminal-side validation process for the one-time authentication key-based wireless security authentication, but for convenience The process of outputting the one-time authentication start screen (or interface) will be omitted.

For example, although FIG. 10 illustrates the output of the one-time authentication area on the screen of the wireless terminal 100 and then outputs the password input interface on the one-time authentication area, the present invention is limited thereto. By no means, the password input interface may be output to other areas other than the one-time authentication area, the present invention is characterized in that it comprises all the analogous implementation method.

Referring to FIG. 10, a terminal-side screen including at least one of a desktop screen, a content usage screen, a web access screen, a financial transaction screen, and a payment screen is displayed on the entire area of the screen of the wireless terminal 100 shown in FIG. 7. And a key input (or a one-time authentication key-based wireless security authentication related user interface included in the terminal-side screen) through a key input unit provided in the wireless terminal 100 while outputting the terminal-side screen. When the one-time authentication program is driven through the associated key input (1005), the wireless terminal 100 checks whether or not the wireless security authentication process by generating the one-time authentication key through the one-time authentication program (1010).

According to an embodiment of the present invention, when the one-time authentication program is driven (or activated), the one-time authentication program is a one-time authentication key based wireless security authentication in the wireless terminal 100 in response to the program driving (or activation). It is desirable to confirm that this processing is requested.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), a screen, a content use screen, a web access screen, a financial transaction screen, a payment screen, and the like are displayed on the screen of the wireless terminal 100. When the terminal side screen processing unit corresponding to various programs outputting at least one terminal screen including at least one request for wireless security authentication for content use, web access, financial transaction, or payment processing corresponding to the terminal screen, The one-time authentication program preferably confirms that the wireless terminal 100 is a one-time authentication key-based wireless security authentication processing is requested.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), the content input, web access, financial transaction, or payment processing corresponding to the terminal screen is performed through the key input means. When an authentication command (or key data) for wireless security authentication is input, the one-time authentication program preferably confirms that the one-time authentication key-based wireless security authentication processing is requested in the wireless terminal 100.

If the one-time authentication key-based wireless security authentication process is confirmed as a result of the checking (1015), the wireless terminal 100 has a one-time authentication area for outputting a one-time authentication screen for the wireless security authentication process through the one-time authentication program. The wireless terminal 100 processes the output on the screen (1020).

According to the method of the present invention, when the one-time authentication area is output in a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is output to the entire area of the screen of the wireless terminal 100 Preferably, the terminal-side screen area is reduced in a predetermined direction to set the terminal-side output area, and the disposable authentication area is set in the reduced remaining area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (10, Y), the wireless terminal 100 sets the terminal side screen area at (0,0). Set the terminal-side output area by reducing to (10-x, Yy), and setting the one-time authentication area at the coordinates of (10, Y) in the reduced and remaining (10-x + 1, Y-y + 1) It is desirable to.

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is within the terminal side screen area that is output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area by inserting a one-time authentication screen.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (10, Y), the wireless terminal 100 is (10-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area by inserting the one-time authentication screen into the terminal side screen area corresponding to the coordinate of (10, Y).

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is a schedule on the terminal screen area output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area in an overlap method (or pop-up method) in the area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (10, Y), the wireless terminal 100 is (10-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area including the one-time authentication screen in an overlap method (or a pop-up method) in the terminal layer screen area upper layer (Layer) corresponding to the coordinate of (10, Y).

Thereafter, the wireless terminal 100 checks whether the one-time authentication function is disabled (1025).

According to an embodiment of the present invention, the one-time authentication start screen (or interface, or password input screen (or interface), or one-time authentication key generation screen (or interface), or the one-time authentication key input interface on the one-time authentication area. Is processed to forcibly output the authentication information input interface, or not to generate a one-time authentication key in the wireless terminal 100 (or to generate an unauthenticated error-induced authentication key). Alternatively, when the generated one-time authentication key is processed not to be transmitted to the authentication server 130, the wireless terminal 100 preferably confirms that the one-time authentication function is disabled.

If the one time authentication function is disabled (1030), the wireless terminal 100 performs the disable release process shown in FIG.

On the other hand, if the one-time authentication function is not disabled (1030), the wireless terminal 100 inputs a password for validating authentication for the one-time authentication key based wireless security authentication processing in a predetermined area on the one-time authentication area. Output the interface (1035).

If the password is input through the password input interface (1040), the wireless terminal 100 checks the validity of the one-time authentication key based wireless security authentication through the input password (1045).

When password authentication information (not shown) matching the password is stored in the memory unit according to an exemplary embodiment of the present invention, the wireless terminal 100 compares the input password with the password authentication information to perform the one-time authentication. It is desirable to verify the validity of key-based wireless security certificates.

According to another embodiment of the present invention, when the password includes a series of number systems, the wireless terminal 100 is based on the one-time authentication key through number system analysis (or hash code generation) of the input password. It is desirable to verify the validity of the wireless security certificate.

If the validity of the one-time authentication key-based wireless security authentication is not confirmed through the input password (1050), the wireless terminal 100 checks whether the validity error is repeatedly generated more than a predetermined number of times (1055). .

If the validity error has not repeatedly occurred more than a predetermined number of times (1060), the wireless terminal 100 repeats the process of inputting the password by outputting the password input interface to a predetermined area on the one-time authentication area.

On the other hand, if the validity error has not repeatedly occurred more than a predetermined number of times (1065), the wireless terminal 100 automatically disables and disables the one-time authentication function (1065), and performs the disable release process shown in FIG. do.

On the other hand, if the validity of the one-time authentication key-based wireless security authentication is confirmed through the input password (1050), the wireless terminal 100 processes the one-time authentication key-based wireless security authentication.

11 is a diagram illustrating a one-time authentication area output and one-time authentication key-based wireless security authentication validation process according to another embodiment of the present invention.

In more detail, FIG. 11 illustrates a screen for using a content in the form of a wireless web document, a web access screen, in which a terminal screen output to the wireless terminal 100 shown in FIG. 7 includes at least one tag string (or script). Including at least one or more financial transaction screen, payment screen, etc., when the one-time authentication key-based wireless security authentication processing function is driven through the tag string (or script), the key input provided in the wireless terminal 100 When the one-time authentication key-based wireless security authentication processing function is driven through the means, the one-time authentication area including the one-time authentication screen for processing the one-time authentication key-based wireless security authentication is processed on the screen of the wireless terminal 100. After, outputting a password input interface on the one-time authentication area terminal for wireless security authentication based on one-time authentication key Although the side validation process is illustrated and described, the process of outputting the one-time authentication start screen (or interface) will be omitted for convenience.

For example, although FIG. 11 illustrates the output of the one-time authentication area on the screen of the wireless terminal 100 and then outputs the password input interface on the one-time authentication area, the present invention is limited thereto. By no means, the password input interface may be output to other areas other than the one-time authentication area, the present invention is characterized in that it comprises all the analogous implementation method.

Referring to FIG. 11, a one-time wireless web document including a tag string (or a script) for driving a one-time authentication program is received by the wireless terminal 100 shown in FIG. 7, and the contents corresponding to the wireless web document are used. When the terminal-side screen including at least one screen, a web access screen, a financial transaction screen, a payment screen, etc. is output (1100), the one-time authentication is performed by a program driving related tag string (or script) included in the wireless web document. The program is driven (1105).

For example, when the terminal-side screen output on the screen of the wireless terminal 100 includes a string (or script) for automatically driving (or activating) the one-time authentication program, the one-time authentication program is the tag string (or script). It is preferred to be driven (or activated) by.

Alternatively, when the terminal-side screen output on the screen of the wireless terminal 100 includes a string (or script) corresponding to the user interface for driving the one-time authentication program, the one-time authentication program is the tag string (or script). It is preferable to be driven (or activated) through key input through a user interface corresponding to the key input means.

Thereafter, the wireless terminal 100 checks whether the wireless security authentication process is performed by generating a one-time authentication key through the one-time authentication program (1110).

According to an embodiment of the present invention, when the one-time authentication program is driven (or activated), the one-time authentication program is a one-time authentication key based wireless security authentication in the wireless terminal 100 in response to the program driving (or activation). It is desirable to confirm that this processing is requested.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), a screen, a content use screen, a web access screen, a financial transaction screen, a payment screen, and the like are displayed on the screen of the wireless terminal 100. When the terminal side screen processing unit corresponding to various programs outputting at least one terminal screen including at least one request for wireless security authentication for content use, web access, financial transaction, or payment processing corresponding to the terminal screen, The one-time authentication program preferably confirms that the one-time authentication key-based wireless security authentication processing is requested in the wireless terminal 100.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), the content input, web access, financial transaction, or payment processing corresponding to the terminal screen is performed through the key input means. When an authentication command (or key data) for wireless security authentication is input, the one-time authentication program preferably confirms that the one-time authentication key-based wireless security authentication processing is requested in the wireless terminal 100.

If the one-time authentication key-based wireless security authentication process is confirmed as a result of the checking (1115), the wireless terminal 100 has a one-time authentication area for outputting a one-time authentication screen for the wireless security authentication process through the one-time authentication program. The wireless terminal 100 processes the output on the screen (1120).

According to the method of the present invention, when the one-time authentication area is output in a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is output to the entire area of the screen of the wireless terminal 100 Preferably, the terminal-side screen area is reduced in a predetermined direction to set the terminal-side output area, and the disposable authentication area is set in the reduced remaining area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (11, Y), the wireless terminal 100 changes the terminal screen area from (0,0). Set the terminal-side output area by reducing to (11-x, Yy), and set the one-time authentication area to the coordinates of (11, Y) in the reduced and remaining (11-x + 1, Y-y + 1) It is desirable to.

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is within the terminal side screen area that is output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area by inserting a one-time authentication screen.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (11, Y), the wireless terminal 100 is (11-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area by inserting the one-time authentication screen into the terminal-side screen area corresponding to the coordinate of (11, Y).

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is a schedule on the terminal screen area output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area in an overlap method (or pop-up method) in the area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (11, Y), the wireless terminal 100 is (11-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area including the one-time authentication screen in an overlap method (or a pop-up method) in the terminal layer screen area upper layer (Layer) corresponding to the coordinate of (11, Y).

Thereafter, the wireless terminal 100 checks whether the one-time authentication function is disabled (1125).

According to an embodiment of the present invention, the one-time authentication start screen (or interface, or password input screen (or interface), or one-time authentication key generation screen (or interface), or the one-time authentication key input interface on the one-time authentication area. Is processed to forcibly output the authentication information input interface, or not to generate a one-time authentication key in the wireless terminal 100 (or to generate an unauthenticated error-induced authentication key). Alternatively, when the generated one-time authentication key is processed not to be transmitted to the authentication server 130, the wireless terminal 100 preferably confirms that the one-time authentication function is disabled.

If the one time authentication function is disabled (1130), the wireless terminal 100 performs the disable release process shown in FIG.

On the other hand, if the one-time authentication function is not disabled (1130), the wireless terminal 100 inputs a password for validating authentication for the one-time authentication key based wireless security authentication processing in a predetermined area on the one-time authentication area. Output the interface (1135).

If the password is input through the password input interface (1140), the wireless terminal 100 confirms the validity of the one-time authentication key based wireless security authentication through the input password (1145).

When password authentication information (not shown) matching the password is stored in the memory unit according to an exemplary embodiment of the present invention, the wireless terminal 100 compares the input password with the password authentication information to perform the one-time authentication. It is desirable to verify the validity of key-based wireless security certificates.

According to another embodiment of the present invention, when the password includes a series of number systems, the wireless terminal 100 is based on the one-time authentication key through number system analysis (or hash code generation) of the input password. It is desirable to verify the validity of the wireless security certificate.

If the validity of the one-time authentication key based wireless security authentication is not confirmed through the input password (1150), the wireless terminal 100 checks whether the validity error is repeatedly generated more than a predetermined number of times (1155). .

If the validity error does not occur repeatedly over a predetermined number of times (1160), the wireless terminal 100 repeats the process of inputting the password by outputting the password input interface to a predetermined area on the one-time authentication area.

On the other hand, if the validity error does not occur repeatedly over a predetermined number of times (1165), the wireless terminal 100 automatically disables and disables the one-time authentication function (1165), and performs the disable release process shown in FIG. do.

On the other hand, if the validity of the one-time authentication key-based wireless security authentication is confirmed through the input password (1150), the wireless terminal 100 processes the one-time authentication key-based wireless security authentication.

12 is a diagram illustrating a one-time authentication area output and one-time authentication key-based wireless security authentication validation process according to another embodiment of the present invention.

In more detail, in FIG. 12, program driving information for the one-time authentication program is received through a wireless communication network through the wireless terminal 100 shown in FIG. 7, and the one-time authentication key-based wireless security authentication process is performed through the program driving information. When the function is driven, the one-time authentication key based wireless security authentication processing through the key input means provided in the wireless terminal 100, the one-time authentication key based wireless security authentication on the screen of the wireless terminal 100 After processing to output the one-time authentication area including the one-time authentication screen for processing the output, and outputs the password input interface on the one-time authentication area to illustrate the terminal side validation process for the wireless security authentication based on the one-time authentication key For convenience, the process of outputting the one-time authentication start screen (or interface) is omitted The.

For example, although FIG. 12 illustrates the output of the one-time authentication area on the screen of the wireless terminal 100 and then outputs the password input interface on the one-time authentication area, the present invention is limited thereto. By no means, the password input interface may be output to other areas other than the one-time authentication area, the present invention is characterized in that it comprises all the analogous implementation method.

Referring to FIG. 12, a terminal side screen including at least one of a desktop screen, a content usage screen, a web access screen, a financial transaction screen, and a payment screen is displayed on the entire area of the screen of the wireless terminal 100 shown in FIG. 7. During output, if program driving information for the one-time authentication program is received through a wireless communication network (1200), the wireless terminal 100 drives the one-time authentication program through the program driving information (1205).

Thereafter, the wireless terminal 100 confirms whether or not the wireless security authentication processing by generating a one-time authentication key through the one-time authentication program (1210).

According to an embodiment of the present invention, when the one-time authentication program is driven (or activated), the one-time authentication program is a one-time authentication key based wireless security authentication in the wireless terminal 100 in response to the program driving (or activation). It is desirable to confirm that this processing is requested.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), a screen, a content use screen, a web access screen, a financial transaction screen, a payment screen, and the like are displayed on the screen of the wireless terminal 100. When the terminal side screen processing unit corresponding to various programs outputting at least one terminal screen including at least one request for wireless security authentication for content use, web access, financial transaction, or payment processing corresponding to the terminal screen, The one-time authentication program preferably confirms that the one-time authentication key-based wireless security authentication processing is requested in the wireless terminal 100.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), the content input, web access, financial transaction, or payment processing corresponding to the terminal screen is performed through the key input means. When an authentication command (or key data) for wireless security authentication is input, the one-time authentication program preferably confirms that the one-time authentication key-based wireless security authentication processing is requested in the wireless terminal 100.

If the one-time authentication key-based wireless security authentication process is confirmed as a result of the checking (1215), the wireless terminal 100 has a one-time authentication area for outputting a one-time authentication screen for the wireless security authentication process through the one-time authentication program. The wireless terminal 100 processes the output on the screen (1220).

According to the method of the present invention, when the one-time authentication area is output in a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is output to the entire area of the screen of the wireless terminal 100 Preferably, the terminal-side screen area is reduced in a predetermined direction to set the terminal-side output area, and the disposable authentication area is set in the reduced remaining area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (12, Y), the wireless terminal 100 changes the terminal screen area to (0,0). Set the terminal-side output area by reducing to (12-x, Yy), and set the one-time authentication area to the coordinates of (12, Y) in the reduced and remaining (12-x + 1, Y-y + 1) It is desirable to.

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is within the terminal side screen area that is output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area by inserting a one-time authentication screen.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (12, Y), the wireless terminal 100 is (12-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area by inserting the one-time authentication screen into the terminal side screen area corresponding to the coordinate of (12, Y).

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is a schedule on the terminal screen area output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area in an overlap method (or pop-up method) in the area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (12, Y), the wireless terminal 100 is (12-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area including the one-time authentication screen in an overlap method (or a pop-up method) in the terminal layer screen area upper layer (Layer) corresponding to the coordinate of (12, Y).

Thereafter, the wireless terminal 100 checks whether the one-time authentication function is disabled (1225).

According to an embodiment of the present invention, the one-time authentication start screen (or interface, or password input screen (or interface), or one-time authentication key generation screen (or interface), or the one-time authentication key input interface on the one-time authentication area. Is processed to forcibly output the authentication information input interface, or not to generate a one-time authentication key in the wireless terminal 100 (or to generate an unauthenticated error-induced authentication key). Alternatively, when the generated one-time authentication key is processed not to be transmitted to the authentication server 130, the wireless terminal 100 preferably confirms that the one-time authentication function is disabled.

If the one-time authentication function is disabled (1230), the wireless terminal 100 performs the disable release process shown in FIG.

On the other hand, if the one-time authentication function is not disabled (1230), the wireless terminal 100 inputs a password for validating authentication for the one-time authentication key based wireless security authentication processing in a predetermined area on the one-time authentication area. Output the interface (1235).

If the password is input through the password input interface (1240), the wireless terminal 100 checks the validity of the one-time authentication key based wireless security authentication through the input password (1245).

When password authentication information (not shown) matching the password is stored in the memory unit according to an exemplary embodiment of the present invention, the wireless terminal 100 compares the input password with the password authentication information to perform the one-time authentication. It is desirable to verify the validity of key-based wireless security certificates.

According to another embodiment of the present invention, when the password includes a series of number systems, the wireless terminal 100 is based on the one-time authentication key through number system analysis (or hash code generation) of the input password. It is desirable to verify the validity of the wireless security certificate.

If the validity of the one-time authentication key-based wireless security authentication is not confirmed through the input password (1250), the wireless terminal 100 checks whether the validity error is repeatedly generated more than a predetermined number of times (1255). .

If the validity error does not occur repeatedly over a predetermined number of times (1260), the wireless terminal 100 repeats the process of inputting the password by outputting the password input interface to a predetermined area on the one-time authentication area.

On the other hand, if the validity error has not repeatedly occurred more than a predetermined number of times (1265), the wireless terminal 100 automatically disables and disables the one-time authentication function (1265), and performs the disable release process shown in FIG. do.

On the other hand, if the validity of the one-time authentication key-based wireless security authentication is confirmed through the input password (1250), the wireless terminal 100 processes the one-time authentication key-based wireless security authentication.

FIG. 13 is a diagram illustrating a one-time authentication key based wireless security authentication validation process through areas other than the one-time authentication area output and the one-time authentication area output for wireless security authentication processing according to an embodiment of the present invention.

In detail, FIG. 13 shows a terminal screen including at least one of a desktop screen, a content usage screen, a web access screen, a financial transaction screen, and a payment screen on a screen of the wireless terminal 100 shown in FIG. When the one-time authentication key-based wireless security authentication function is driven through the key input means provided in the wireless terminal 100 in the state, the wireless terminal 100 to process the one-time authentication key-based wireless security authentication on the screen After processing to output the one-time authentication area included in the one-time authentication screen, the terminal side validation process for the one-time authentication key-based wireless security authentication through the password input interface output to the terminal side output area in addition to the one-time authentication area For convenience, the process of outputting the one-time authentication start screen (or interface) will be omitted for convenience.

For example, although FIG. 13 illustrates that the password input interface is output to the terminal output area output on the screen of the wireless terminal 100 in addition to the one-time authentication area, the present invention is not limited thereto. The password input interface may be output to any area on the screen of the wireless terminal 100, whereby the present invention is not limited thereto.

Referring to FIG. 13, a terminal-side screen including at least one of a desktop screen, a content usage screen, a web access screen, a financial transaction screen, and a payment screen is displayed on the entire screen in the wireless terminal 100 shown in FIG. 7. Outputting (1300) and outputting the terminal-side screen, a key input (or a one-time authentication key-based wireless security authentication-related user interface included in the terminal-side screen) through a key input means provided in the wireless terminal 100; When the one-time authentication program is driven through the associated key input (1305), the wireless terminal 100 checks whether the wireless security authentication process is performed by generating the one-time authentication key through the one-time authentication program (1310).

According to one embodiment of the invention, when the one-time authentication program is driven (or activated), the one-time authentication program is a one-time authentication key based wireless security authentication in the wireless terminal 100 in response to the program driving (or activation). It is desirable to confirm that this processing is requested.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), a screen, a content use screen, a web access screen, a financial transaction screen, a payment screen, and the like are displayed on the screen of the wireless terminal 100. When the terminal side screen processing unit corresponding to various programs outputting at least one terminal screen including at least one request for wireless security authentication for content use, web access, financial transaction, or payment processing corresponding to the terminal screen, The one-time authentication program preferably confirms that the one-time authentication key-based wireless security authentication processing is requested in the wireless terminal 100.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), the content input, web access, financial transaction, or payment processing corresponding to the terminal screen is performed through the key input means. When an authentication command (or key data) for wireless security authentication is input, the one-time authentication program preferably confirms that the one-time authentication key-based wireless security authentication processing is requested in the wireless terminal 100.

If the one-time authentication key-based wireless security authentication process is confirmed as a result of the checking (1315), the wireless terminal 100 is a one-time authentication area for outputting a one-time authentication screen for the wireless security authentication process through the one-time authentication program. The wireless terminal 100 processes the output on the screen (1320).

According to the method of the present invention, when the one-time authentication area is output in a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is output to the entire area of the screen of the wireless terminal 100 Preferably, the terminal-side screen area is reduced in a predetermined direction to set the terminal-side output area, and the disposable authentication area is set in the reduced remaining area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (13, Y), the wireless terminal 100 changes the terminal screen area to (0,0). Set the terminal-side output area by reducing to (13-x, Yy), and set the one-time authentication area to the coordinates of (13, Y) in the reduced and remaining (13-x + 1, Y-y + 1) It is desirable to.

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is within the terminal side screen area that is output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area by inserting a one-time authentication screen.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (13, Y), the wireless terminal 100 is (13-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area by inserting the one-time authentication screen into the terminal side screen area corresponding to the coordinate of (13, Y).

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is a schedule on the terminal screen area output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area in an overlap method (or pop-up method) in the area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (13, Y), the wireless terminal 100 is (13-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area including the one-time authentication screen in an overlap method (or a pop-up method) in a terminal-side screen area upper layer (Layer) corresponding to the coordinate of (13, Y).

Thereafter, the wireless terminal 100 checks whether the one-time authentication function is disabled (1325).

According to an embodiment of the present invention, the one-time authentication start screen (or interface, or password input screen (or interface), or one-time authentication key generation screen (or interface), or the one-time authentication key input interface on the one-time authentication area. Is processed to forcibly output the authentication information input interface, or not to generate a one-time authentication key in the wireless terminal 100 (or to generate an unauthenticated error-induced authentication key). Alternatively, when the generated one-time authentication key is processed not to be transmitted to the authentication server 130, the wireless terminal 100 preferably confirms that the one-time authentication function is disabled.

If the one-time authentication function is disabled (1330), the wireless terminal 100 performs the disable releasing process shown in FIG. 16.

On the other hand, if the one-time authentication function is not disabled (1330), the wireless terminal 100 assigns a caret to a password input interface allocated to the terminal-side output area (1335).

If the password is input through the password input interface (1340), the wireless terminal 100 checks the validity of the one-time authentication key based wireless security authentication through the input password (1345).

When password authentication information (not shown) matching the password is stored in the memory unit according to an exemplary embodiment of the present invention, the wireless terminal 100 compares the input password with the password authentication information to perform the one-time authentication. It is desirable to verify the validity of key-based wireless security certificates.

According to another embodiment of the present invention, when the password includes a series of number systems, the wireless terminal 100 is based on the one-time authentication key through number system analysis (or hash code generation) of the input password. It is desirable to verify the validity of the wireless security certificate.

If the validity of the one-time authentication key-based wireless security authentication is not confirmed through the input password (1350), the wireless terminal 100 checks whether the validity error occurs repeatedly a predetermined number or more (1355). .

If the validity error does not occur repeatedly over a predetermined number of times (1360), the wireless terminal 100 repeats the process of inputting the password by outputting the password input interface to a predetermined area on the one-time authentication area.

On the other hand, if the validity error has not repeatedly occurred more than a predetermined number of times (1365), the wireless terminal 100 automatically disables and disables the one-time authentication function (1365), and performs the disable release process shown in FIG. do.

On the other hand, if the validity of the one-time authentication key-based wireless security authentication is confirmed through the input password (1350), the wireless terminal 100 processes the one-time authentication key-based wireless security authentication.

14 is a view illustrating a one-time authentication key-based wireless security authentication validation process through other areas other than the one-time authentication area output and the one-time authentication area output for wireless security authentication processing according to another embodiment of the present invention.

In more detail, FIG. 14 illustrates a screen for using a content in the form of a wireless web document, a web access screen, in which a terminal screen output to the wireless terminal 100 illustrated in FIG. 7 includes at least one tag string (or script). Including at least one or more financial transaction screen, payment screen, etc., when the one-time authentication key-based wireless security authentication processing function is driven through the tag string (or script), the key input provided in the wireless terminal 100 When the one-time authentication key-based wireless security authentication processing function is driven through the means, the one-time authentication area including the one-time authentication screen for processing the one-time authentication key-based wireless security authentication is processed on the screen of the wireless terminal 100. Then, based on the one-time authentication key through the password input interface output to the terminal output area in addition to the one-time authentication area But explained by showing a terminal side validity authentication process for the security certificate line, Chung and for outputting the sake of convenience the disposable authentication start screen (or interface) will be omitted.

For example, although FIG. 14 illustrates that the password input interface is output to the terminal output area output on the screen of the wireless terminal 100 in addition to the one-time authentication area, the present invention is not limited thereto. The password input interface may be output to any area on the screen of the wireless terminal 100, whereby the present invention is not limited thereto.

Referring to FIG. 14, a one-time wireless web document including a tag string (or a script) for driving a one-time authentication program is received by the wireless terminal 100 shown in FIG. 7, and the contents corresponding to the wireless web document are used. When a terminal side screen including at least one screen, a web access screen, a financial transaction screen, a payment screen, and the like is output (1400), the one-time authentication is performed by a program driving related tag string (or script) included in the wireless web document. The program is run (1405).

For example, when the terminal-side screen output on the screen of the wireless terminal 100 includes a string (or script) for automatically driving (or activating) the one-time authentication program, the one-time authentication program is the tag string (or script). It is preferred to be driven (or activated) by.

Alternatively, when the terminal-side screen output on the screen of the wireless terminal 100 includes a string (or script) corresponding to the user interface for driving the one-time authentication program, the one-time authentication program is the tag string (or script). It is preferable to be driven (or activated) through key input through a user interface corresponding to the key input means.

Thereafter, the wireless terminal 100 checks whether the wireless security authentication process is performed by generating a one-time authentication key through the one-time authentication program (1410).

According to an embodiment of the present invention, when the one-time authentication program is driven (or activated), the one-time authentication program is a one-time authentication key based wireless security authentication in the wireless terminal 100 in response to the program driving (or activation). It is desirable to confirm that this processing is requested.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), a screen, a content use screen, a web access screen, a financial transaction screen, a payment screen, and the like are displayed on the screen of the wireless terminal 100. When the terminal side screen processing unit corresponding to various programs outputting at least one terminal screen including at least one request for wireless security authentication for content use, web access, financial transaction, or payment processing corresponding to the terminal screen, The one-time authentication program preferably confirms that the wireless terminal 100 is a one-time authentication key-based wireless security authentication processing is requested.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), the content input, web access, financial transaction, or payment processing corresponding to the terminal screen is performed through the key input means. When an authentication command (or key data) for wireless security authentication is input, the one-time authentication program preferably confirms that the one-time authentication key-based wireless security authentication processing is requested in the wireless terminal 100.

If it is confirmed that the one-time authentication key-based wireless security authentication process is confirmed (1415), the wireless terminal 100 has a one-time authentication area for outputting a one-time authentication screen for the wireless security authentication process through the one-time authentication program. The wireless terminal 100 processes the output on the screen (1420).

According to the method of the present invention, when the one-time authentication area is output in a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is output to the entire area of the screen of the wireless terminal 100 Preferably, the terminal-side screen area is reduced in a predetermined direction to set the terminal-side output area, and the disposable authentication area is set in the reduced remaining area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (14, Y), the wireless terminal 100 changes the terminal screen area from (0,0). Set the terminal-side output area by reducing to (14-x, Yy), and set the one-time authentication area to the coordinates of (14, Y) in the reduced and remaining (14-x + 1, Y-y + 1) It is desirable to.

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is within the terminal side screen area that is output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area by inserting a one-time authentication screen.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (14, Y), the wireless terminal 100 is (14-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area by inserting the one-time authentication screen into the terminal side screen area corresponding to the coordinate of (14, Y).

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is a schedule on the terminal screen area output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area in an overlap method (or pop-up method) in the area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (14, Y), the wireless terminal 100 is (14-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area including the one-time authentication screen in an overlap method (or a pop-up method) in the terminal layer screen area upper layer (Layer) corresponding to the coordinate of (14, Y).

Thereafter, the wireless terminal 100 checks whether the one-time authentication function is disabled (1425).

According to an embodiment of the present invention, the one-time authentication start screen (or interface, or password input screen (or interface), or one-time authentication key generation screen (or interface), or the one-time authentication key input interface on the one-time authentication area. Is processed to forcibly output the authentication information input interface, or not to generate a one-time authentication key in the wireless terminal 100 (or to generate an unauthenticated error-induced authentication key). Alternatively, when the generated one-time authentication key is processed not to be transmitted to the authentication server 130, the wireless terminal 100 preferably confirms that the one-time authentication function is disabled.

If the one-time authentication function is disabled (1430), the wireless terminal 100 performs the disable release process illustrated in FIG. 16.

On the other hand, if the one-time authentication function is not disabled (1430), the wireless terminal 100 assigns a caret to a password input interface allocated to the terminal-side output area (1435).

If the password is input through the password input interface (1440), the wireless terminal 100 checks the validity of the one-time authentication key based wireless security authentication through the input password (1445).

When password authentication information (not shown) matching the password is stored in the memory unit according to an exemplary embodiment of the present invention, the wireless terminal 100 compares the input password with the password authentication information to perform the one-time authentication. It is desirable to verify the validity of key-based wireless security certificates.

According to another embodiment of the present invention, when the password includes a series of number systems, the wireless terminal 100 is based on the one-time authentication key through number system analysis (or hash code generation) of the input password. It is desirable to verify the validity of the wireless security certificate.

If the validity of the one-time authentication key based wireless security authentication is not confirmed through the input password (1450), the wireless terminal 100 checks whether the validity error is repeatedly generated more than a predetermined number of times (1455). .

If the validity error does not occur repeatedly over a predetermined number of times (1460), the wireless terminal 100 repeats the process of inputting the password by outputting the password input interface to a predetermined area on the one-time authentication area.

On the other hand, if the validity error has not repeatedly occurred more than a predetermined number of times (1465), the wireless terminal 100 automatically disables and disables the one-time authentication function (1465), and performs the disable release process shown in FIG. do.

On the other hand, if the validity of the one-time authentication key-based wireless security authentication is confirmed through the input password (1450), the wireless terminal 100 processes the one-time authentication key-based wireless security authentication.

15 is a diagram illustrating a one-time authentication key-based wireless security authentication validation process through another area other than the one-time authentication area output and the one-time authentication area output for wireless security authentication processing according to another embodiment of the present invention.

In more detail, in FIG. 15, program driving information for the one-time authentication program is received through a wireless communication network through the wireless terminal 100 shown in FIG. 7, and the one-time authentication key-based wireless security authentication process is performed through the program driving information. When the function is driven, the one-time authentication key based wireless security authentication processing through the key input means provided in the wireless terminal 100, the one-time authentication key based wireless security authentication on the screen of the wireless terminal 100 After processing to output a one-time authentication area including a one-time authentication screen for processing the terminal, the terminal-side validation process for the one-time authentication key-based wireless security authentication through a password input interface output to the terminal output area in addition to the one-time authentication area To illustrate, but for convenience, the one-time authentication start screen (or interface) is outputted The process of will be omitted.

For example, although FIG. 15 illustrates that the password input interface is output to the terminal side output area output on the screen of the wireless terminal 100 in addition to the one-time authentication area, the present invention is not limited thereto. The password input interface may be output to any area on the screen of the wireless terminal 100, whereby the present invention is not limited thereto.

Referring to FIG. 15, a terminal-side screen including at least one of a desktop screen, a content usage screen, a web access screen, a financial transaction screen, and a payment screen is displayed on the entire area of the screen of the wireless terminal 100 shown in FIG. 7. During output, if program driving information for the one-time authentication program is received through a wireless communication network (1500), the wireless terminal 100 drives the one-time authentication program through the program driving information (1505).

Thereafter, the wireless terminal 100 checks whether or not the wireless security authentication process by generating a one-time authentication key through the one-time authentication program (1510).

According to an embodiment of the present invention, when the one-time authentication program is driven (or activated), the one-time authentication program is a one-time authentication key based wireless security authentication in the wireless terminal 100 in response to the program driving (or activation). It is desirable to confirm that this processing is requested.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), a screen, a content use screen, a web access screen, a financial transaction screen, a payment screen, and the like are displayed on the screen of the wireless terminal 100. When the terminal side screen processing unit corresponding to various programs outputting at least one terminal screen including at least one request for wireless security authentication for content use, web access, financial transaction, or payment processing corresponding to the terminal screen, The one-time authentication program preferably confirms that the one-time authentication key-based wireless security authentication processing is requested in the wireless terminal 100.

According to another exemplary embodiment of the present invention, after the one-time authentication program is driven (or activated), the content input, web access, financial transaction, or payment processing corresponding to the terminal screen is performed through the key input means. When an authentication command (or key data) for wireless security authentication is input for the one-time authentication program, it is preferable that the one-time authentication key-based wireless security authentication is requested to be processed in the wireless terminal 100.

If it is confirmed that the one-time authentication key-based wireless security authentication process is confirmed (1515), the wireless terminal 100 has a one-time authentication area for outputting a one-time authentication screen for the wireless security authentication process through the one-time authentication program. The wireless terminal 100 processes the output on the screen (1520).

According to the method of the present invention, when the one-time authentication area is output in a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is output to the entire area of the screen of the wireless terminal 100 Preferably, the terminal-side screen area is reduced in a predetermined direction to set the terminal-side output area, and the disposable authentication area is set in the reduced remaining area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (15, Y), the wireless terminal 100 sets the terminal side screen area at (0,0). Set the terminal-side output area by reducing it to (15-x, Yy) and setting the one-time authentication area at the coordinates of (15, Y) in the reduced and remaining (15-x + 1, Y-y + 1) It is desirable to.

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is within the terminal side screen area that is output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area by inserting a one-time authentication screen.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (15, Y), the wireless terminal 100 is (15-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area by inserting the one-time authentication screen into the terminal screen area corresponding to the coordinate of (15, Y).

Alternatively, when the one-time authentication area is output to a certain area on the screen of the wireless terminal 100, the wireless terminal 100 is a schedule on the terminal screen area output to the entire area of the screen of the wireless terminal 100. It is preferable to set the one-time authentication area in an overlap method (or pop-up method) in the area.

For example, if the entire area of the screen of the wireless terminal 100 includes coordinates of (0,0) to (15, Y), the wireless terminal 100 is (15-x, Yy) of the terminal-side screen area. It is preferable to set the one-time authentication area including the one-time authentication screen in an overlap method (or a pop-up method) in the terminal layer screen area upper layer (Layer) corresponding to the coordinate of (15, Y).

Thereafter, the wireless terminal 100 checks whether the one-time authentication function is disabled (1525).

According to an embodiment of the present invention, the one-time authentication start screen (or interface, or password input screen (or interface), or one-time authentication key generation screen (or interface), or the one-time authentication key input interface on the one-time authentication area. Is processed to forcibly output the authentication information input interface, or not to generate a one-time authentication key in the wireless terminal 100 (or to generate an unauthenticated error-induced authentication key). Alternatively, when the generated one-time authentication key is processed not to be transmitted to the authentication server 130, the wireless terminal 100 preferably confirms that the one-time authentication function is disabled.

If the one-time authentication function is disabled (1530), the wireless terminal 100 performs the disable release process shown in FIG.

On the other hand, if the one-time authentication function is not disabled (1530), the wireless terminal 100 assigns a caret to a password input interface allocated to the terminal-side output area (1535).

If the password is input through the password input interface (1540), the wireless terminal 100 checks the validity of the one-time authentication key based wireless security authentication through the input password (1545).

When password authentication information (not shown) matching the password is stored in the memory unit according to an exemplary embodiment of the present invention, the wireless terminal 100 compares the input password with the password authentication information to perform the one-time authentication. It is desirable to verify the validity of key-based wireless security certificates.

According to another embodiment of the present invention, when the password includes a series of number systems, the wireless terminal 100 is based on the one-time authentication key through number system analysis (or hash code generation) of the input password. It is desirable to verify the validity of the wireless security certificate.

If the validity of the one-time authentication key based wireless security authentication is not confirmed through the input password (1550), the wireless terminal 100 checks whether the validity error is repeatedly generated a predetermined number or more (1555). .

If the validity error does not occur repeatedly over a predetermined number of times (1560), the wireless terminal 100 repeats the process of inputting the password by outputting the password input interface to a predetermined area on the one-time authentication area.

On the other hand, if the validity error has not repeatedly occurred more than a predetermined number of times (1565), the wireless terminal 100 automatically disables and disables the one-time authentication function (1565), and performs the disable release process shown in FIG. do.

On the other hand, if the validity of the one-time authentication key-based wireless security authentication is confirmed through the input password (1550), the wireless terminal 100 processes the one-time authentication key-based wireless security authentication.

16 is a diagram illustrating a disabling process of disabling a one-time authentication function according to an embodiment of the present invention.

In more detail, FIG. 16 shows that the one-time authentication function is disabled through the process shown in FIG. 10 or 11 or 12 or 13 or 14 or 15 in the wireless terminal 100 shown in FIG. The process of activating the disabled one-time authentication function through customer authentication information including at least one financial information combination for the one-time authentication customer.

Referring to FIG. 16, when the one-time authentication function is disabled through the process shown in FIG. 10 or 11 or 12 or 13 or 14 or 15 in the wireless terminal 100 shown in FIG. The wireless terminal 100 outputs an authentication information input interface for inputting customer authentication information including at least one financial information combination for the one time authentication customer to a predetermined area on the one time authentication area.

If the customer authentication information is input through the authentication information input interface (1605), the wireless terminal 100 transmits the input customer authentication information to the authentication server 130 (or the financial server 135) on the communication network. Process to be authenticated (1610).

Here, the customer authentication information including at least one financial information combination for the one-time authentication customer includes the resident registration number (or customer number) of the customer, the account number and account password (or security card number combination) of the customer It is preferable to include at least one or more.

Thereafter, the authentication server 130 confirms at least one or more customer financial information by receiving the customer authentication information (1615), and the customer in connection with a financial system 115 having a ledger for storing the customer financial information. The validity of the financial information is verified (1620).

If the validity of the customer financial information is not confirmed (1625), the wireless terminal 100 transmits the one-time authentication activation error information to the wireless terminal 100 (1630), and correspondingly the wireless terminal ( 100) maintains the one-time authentication disable state.

On the other hand, if the validity of the customer financial information is confirmed (1625), the wireless terminal 100 transmits a one-time authentication activation code (or command) to the wireless terminal 100 (1635), and correspondingly the wireless terminal The 100 receives and reads the one-time authentication activation code (or command) to process the disabled one-time authentication function to be activated (1640), and generates a password for validity authentication for the one-time authentication key-based wireless security authentication processing. Perform the input again.

17 is a diagram illustrating a process of generating a time synchronization-based one-time authentication key for wireless security authentication processing according to an embodiment of the present invention.

In more detail, FIG. 17 is a one-time authentication key-based wireless security through the process shown in FIG. 10 or 11 or 12 or 13 or 14 or 15 in the wireless terminal 100 shown in FIG. When the authentication validity is confirmed, it shows the process of generating a one-time authentication key in a time synchronization method based on the validation result.

Referring to Figure 17, the wireless terminal 100 shown in Figure 7 through the process shown in Figure 10 or Figure 11 or Figure 12 or Figure 13 or Figure 14 or Figure 15 the validity of the wireless security authentication based on one-time authentication key If this is confirmed, the wireless terminal 100 outputs a one-time authentication key generation screen (or interface) including a request (or command) to generate a one-time authentication key in a predetermined area on the one-time authentication area (1700), and The caret allocated to the terminal-side output area is moved to the one-time authentication area and processed to be allocated (1705).

When the caret is assigned to the one-time authentication area, the wireless terminal 100 uses the one-time authentication key through the one-time authentication key generation screen (or interface) outputted to the one-time authentication area based on the caret moved to the one-time authentication area. Verify that creation is requested (or commanded) (1710).

If the one-time authentication key generation request (or command) is not confirmed through the one-time authentication key generation screen (or interface) (1715), the wireless terminal 100 is a caret assigned to the one-time authentication area through a key input. Reassigns to the terminal-side output area, and processes various key inputs through the terminal-side screen based on the reassigned caret, thereby using the caret assigned to the terminal-side output area Various services (or information processing) are performed (1720).

Thereafter, the wireless terminal 100 checks whether the caret assigned to the terminal output region moves to the one-time authentication region through a key input (1725).

If the caret allocated to the terminal-side output area does not move back to the one-time authentication area (1730), the wireless terminal 100 uses various care-based screen-based services (or Information processing) (1735), and the terminal-based screen-based various services (or information processing) using the caret are repeated until the caret moves to the one-time authentication area.

On the contrary, when the caret assigned to the terminal output area is moved back to the one time authentication area (1730), the wireless terminal 100 outputs the one time authentication key output to the one time authentication area based on the caret moved to the one time authentication area. It is checked whether a one-time authentication key generation is requested (or commanded) through the generation screen (or interface) (1710).

If the one-time authentication key generation request (or command) is confirmed through the one-time authentication key generation screen (or interface) (1715), the wireless terminal 100 is a memory unit (or a chip memory unit provided in the IC chip) Checking the one-time authentication key generation information of the time synchronization method through the timer and (1740).

If the one-time authentication key generation information of the time synchronization method is confirmed (1745), the wireless terminal 100 performs the wireless security authentication process by substituting the identified at least one or more one-time authentication key generation information into an authentication key generation algorithm. Generate a one-time authentication key for (1750).

18 is a diagram illustrating a process of generating a challenge-response based one-time authentication key for wireless security authentication processing according to an embodiment of the present invention.

More specifically, Figure 18 is a one-time authentication key-based wireless security authentication through the process shown in Figure 10 or Figure 11 or Figure 12 or Figure 13 or Figure 14 or Figure 15 in the wireless terminal 100 shown in Figure 7 When the validity is confirmed, a process of generating a one-time authentication key in a challenge-response method based on the validation result is illustrated.

Referring to FIG. 18, the wireless terminal 100 shown in FIG. 7 is effective for one-time authentication key based wireless security authentication through the process shown in FIG. 10 or 11 or 12 or 13 or 14 or 15. If confirmed, the wireless terminal 100 outputs a one-time authentication key generation screen (or interface) including requesting (or commanding) to generate a one-time authentication key in a predetermined area on the one-time authentication area (1800), and the terminal. The caret assigned to the side output area is moved to the one-time authentication area and processed to be allocated (1805).

When the caret is assigned to the one-time authentication area, the wireless terminal 100 uses the one-time authentication key through the one-time authentication key generation screen (or interface) outputted to the one-time authentication area based on the caret moved to the one-time authentication area. Verify that generation is requested (or commanded) (1810).

If the one-time authentication key generation request (or command) is not confirmed through the one-time authentication key generation screen (or interface) (1815), the wireless terminal 100 is a caret assigned to the one-time authentication area through a key input. Relocates to the terminal-side output area and allocates and processes various key inputs through the terminal-side screen based on the reassigned caret, thereby using the terminal-side screen based on the caret assigned to the terminal-side output area. Various services (or information processing) are performed (1820).

Thereafter, the wireless terminal 100 determines whether the caret assigned to the terminal output region moves to the one-time authentication region through a key input (1825).

If the caret allocated to the terminal-side output area does not move back to the one-time authentication area (1830), the wireless terminal 100 uses various care-based screen-based services (or Information processing) (1835), and the terminal-based screen-based various services (or information processing) using the caret are repeated until the caret moves to the one-time authentication area.

On the contrary, when the caret assigned to the terminal output area is moved back to the one time authentication area (1830), the wireless terminal 100 outputs the one time authentication key output to the one time authentication area based on the caret moved to the one time authentication area. In operation 1810, it is checked whether a one-time authentication key generation is requested (or commanded) through the generation screen (or interface).

If the one-time authentication key generation request (or command) is confirmed through the one-time authentication key generation screen (or interface) (1815), the wireless terminal 100 to the challenge server 130 through the wireless communication network to the challenge- Requesting and receiving first one-time authentication key generation information corresponding to the response challenge (1840), and N-th corresponding to the challenge-response method through the memory unit (or the chip memory unit provided in the IC chip). = 2,3, ...) Confirm the one-time authentication key generation information (1845).

If the challenge-response disposable authentication key generation information is confirmed (1850), the wireless terminal 100 substitutes the at least one or more disposable authentication key generation information to the authentication key generation algorithm to process the wireless security authentication. Generate a one-time authentication key for (1855).

19 is a diagram illustrating a process of inputting and transmitting a one-time authentication key according to an embodiment of the present invention.

In more detail, FIG. 19 shows the one-time authentication key generated by the one-time authentication key generation process shown in FIG. 17 or 18 in the wireless terminal 100 shown in FIG. 7 on the screen of the wireless terminal 100. The process of inputting through the one-time authentication area and transmitting to the authentication server 130 shown in FIG. 8, and those skilled in the art to which the present invention pertains, refer to and / or modify the present invention. It will be able to infer various implementation methods for the process of inputting and transmitting the one-time authentication key, but the present invention includes all the implementation methods inferred, the technical features only by the implementation method shown in FIG. This is not limited.

Referring to FIG. 19, the wireless terminal 100 shown in FIG. 7 uses at least one-time authentication key generation information and an authentication key generation algorithm through the one-time authentication key generation process shown in FIG. 17 or FIG. 18. Check whether a one-time authentication key for processing the wireless security authentication is generated (1900).

If the one-time authentication key for the wireless security authentication process is generated (1905), the wireless terminal 100 outputs the generated one-time authentication key in a predetermined area on the one-time authentication area on the screen of the wireless terminal 100 and In operation 1915, the one-time authentication key input screen (or interface) is output to a predetermined area on the one-time authentication area.

Thereafter, the wireless terminal 100 checks whether the one-time authentication key is input through a one-time authentication key input screen (or an interface) output to the one-time authentication area through a key input (1920).

If the one-time authentication key is input through the one-time authentication key input screen (or interface) output to the one-time authentication area (1925), the wireless terminal 100 is input through the one-time authentication key input screen (or interface). Generates security authentication request information including the one-time authentication key (1930), and transmits the security authentication request information including the one-time authentication key to the authentication server 130 shown in FIG. 8 through the wireless communication network. (1935).

According to another embodiment of the present invention, when the security authentication request and the financial transaction (or payment) are made together, the one-time authentication key may be included in the financial transaction request information (or payment request information) and transmitted. This makes it clear that the present invention is not limited.

20 is a diagram illustrating a process of inputting and transmitting a one-time authentication key according to another embodiment of the present invention.

In more detail, FIG. 20 shows the one-time authentication key generated by the one-time authentication key generation process shown in FIG. 17 or 18 in the wireless terminal 100 shown in FIG. 7 on the screen of the wireless terminal 100. This is a process for inputting through the terminal-side output area and transmitting to the authentication server 130 shown in FIG. 8, and a person having ordinary knowledge in the art to which the present invention pertains refers to and / or this figure 20. It will be able to infer various implementation methods for the process of transforming by inputting and sending the one-time authentication key, but the present invention comprises all the implementation methods inferred, the technical only by the implementation method shown in FIG. Features are not limited.

Referring to FIG. 20, the wireless terminal 100 shown in FIG. 7 uses at least one-time authentication key generation information and an authentication key generation algorithm through the one-time authentication key generation process shown in FIG. 17 or FIG. 18. It is checked whether a one-time authentication key for processing wireless security authentication is generated (2000).

If the one-time authentication key for the wireless security authentication process is generated (2005), the wireless terminal 100 outputs the generated one-time authentication key in a predetermined area on the one-time authentication area on the screen of the wireless terminal 100 and (2010), the caret is allocated to the one-time authentication key input screen (or interface) included in the terminal output area (2015).

Thereafter, the wireless terminal 100 determines whether the one-time authentication key is input through a one-time authentication key input screen (or an interface) included in the terminal-side output area through key input (2020).

If the one-time authentication key is input through the one-time authentication key input screen (or interface) output to the terminal-side output area (2025), the wireless terminal 100 is via the one-time authentication key input screen (or interface). Generate security authentication request information including the one-time authentication key input (2030), and transmits security authentication request information including the one-time authentication key to the authentication server 130 shown in FIG. 8 through the wireless communication network. (2035).

According to another embodiment of the present invention, when the security authentication request and the financial transaction (or payment) are made together, the one-time authentication key may be included in the financial transaction request information (or payment request information) and transmitted. This makes it clear that the present invention is not limited.

21 is a diagram illustrating a one-time authentication key-based wireless security authentication process according to an embodiment of the present invention.

More specifically, Figure 21 is the one-time authentication from the wireless terminal 100 shown in Figure 7 to the authentication server 130 shown in Figure 8 through the process of transmitting the one-time authentication key shown in Figure 19 or Figure 20 The present invention relates to a process of processing the one-time authentication key-based wireless security authentication by validating the one-time authentication key in the authentication server 130 when transmitting the security authentication request information including a key. Those skilled in the art will be able to infer various implementation methods for the one-time authentication key-based wireless security authentication process by referring to and / or modifying the drawing 21, but the present invention provides all the implementation methods inferred above. It is made, including, and the technical features are not limited only to the implementation method shown in FIG.

Referring to FIG. 21, the one-time authentication key from the wireless terminal 100 shown in FIG. 7 to the authentication server 130 shown in FIG. 8 through the process of transmitting the one-time authentication key shown in FIG. 19 or 20. When transmitting the security authentication request information including the, the authentication server 130 receives the security authentication request information including the one-time authentication key via a wireless communication network (2100), the wireless communication network (for example, a network on a wireless communication network) Operating system 105, or reads a protocol for receiving the security authentication request information and checks information of the wireless terminal 100 transmitting the security authentication request information (2105).

If the information on the wireless terminal 100 that transmits the security authentication request information is confirmed (2110), the authentication server 130 is connected to the one-time authentication management D / B 850 shown in FIG. 8 to the wireless terminal. The one-time authentication key generation information and the authentication key generation algorithm corresponding to the one-time authentication key are checked from the one-time authentication key management information associated with the information (2115).

If the one-time authentication key generation information and authentication key generation algorithm corresponding to the one-time authentication key is confirmed (2120), the authentication server 130 is the one-time authentication through the verified one-time authentication key generation information and authentication key generation algorithm. Generate a one-time authentication key authentication code corresponding to the key (2125), and compares the one-time authentication key included in the security authentication request information with the generated one-time authentication key authentication code to check the validity of the one-time authentication key ( 2130).

If the validity of the one-time authentication key is confirmed (2135), the authentication server 130 generates security authentication result information including the one-time authentication key validation result via the wireless communication network to the wireless terminal 100 And the one-time authentication key to the wireless server 150 (eg, the financial server 135, the payment server 140, the wireless web server 145, etc.) requesting the wireless security authentication based on the one-time authentication key. Sharing the validity results (2145) and correspondingly, the wireless server 150 corresponding to at least one or more financial transactions, payments and authentication based on the one-time authentication key validity results to the wireless terminal 100 Provide additional services.

22 is a diagram illustrating a one-time authentication key based wireless security authentication process according to an embodiment of the present invention.

More specifically, FIG. 22 illustrates the one-time authentication in the authentication server 130 shown in FIG. 8 through the one-time authentication key based wireless security authentication process shown in FIG. 21 in the authentication server 130 shown in FIG. After generating security authentication result information including a key validation result and transmitting the result to the wireless terminal 100 shown in FIG. 7, the wireless terminal 100 processes the wireless security authentication using the security authentication result information. As for the person skilled in the art to which the present invention pertains, various implementation methods for the one-time authentication key based wireless security authentication process may be inferred by referring to and / or modifying the present invention. The present invention includes all the inferred implementation methods, and the technical features are not limited to the implementation method illustrated in FIG.

Referring to FIG. 22, the one-time authentication key in the authentication server 130 shown in FIG. 8 through the one-time authentication key based wireless security authentication process shown in FIG. 21 in the authentication server 130 shown in FIG. After generating security authentication result information including a validity result and transmitting it to the wireless terminal 100 shown in FIG. 7, the wireless terminal 100 validates the one-time authentication key from the authentication server 130 through a wireless communication network. In operation 2200, it is checked whether security authentication result information including the verification result (eg, validity approval or validity error) is received.

If the security authentication result information is received (2205), the wireless terminal 100 extracts the one-time validation result from the security authentication result information and outputs it to a predetermined area on the one-time authentication area (2210). The one-time authentication key end screen (or interface) is output to a predetermined area on the authentication area (2215).

Thereafter, the wireless security authentication process using the one-time authentication key is terminated through the one-time authentication key end screen (or an interface) output on the one-time authentication area (2220).

If the wireless security authentication process using the one-time authentication key is terminated through the one-time authentication key end screen (or interface) (2225), the wireless terminal 100 displays the one-time authentication area on the screen of the wireless terminal 100. In operation 2230, the terminal-side output area is output to the entire area of the screen of the wireless terminal 100.

According to the present invention, if a loss report of a wireless terminal having a wireless security authentication function based on a one-time authentication key is confirmed, by remotely disabling the one-time authentication key-based wireless security authentication function provided in the wireless terminal, the one-time authentication key There is an advantage to improve the security of the base wireless security authentication.

Claims (4)

When a customer reports a loss of a mobile phone through a communication company server (or a loss report server), confirming whether a one-time authentication function for generating / outputting a one-time authentication key is provided in the mobile phone in which the loss is reported by a terminal checking means; And And a command for changing (or deleting) the one-time authentication key generation information provided for generating the one-time authentication key to the mobile phone through a wireless communication network in the case where the lost mobile phone is provided with the one-time authentication function. Sending a one-time authentication disabling command to the; Loss processing method of a wireless one-time authentication mobile phone comprising a. The method of claim 1, wherein the one-time authentication disabling command is: A command to process the one-time authentication key generation screen (or interface) or a one-time authentication key input interface to not be output on the one-time authentication area in the mobile phone, a command to prevent the one-time authentication key from being generated in the mobile phone, and the Loss processing method of a wireless one-time authentication mobile phone, characterized in that it further comprises one or more of the instructions for processing so that the one-time authentication key is not transmitted to the authentication server on the communication network. delete delete

Images