Nothing Special   »   [go: up one dir, main page]

KR20170077459A - System and method for providing financial system - Google Patents

System and method for providing financial system Download PDF

Info

Publication number
KR20170077459A
KR20170077459A KR1020150187359A KR20150187359A KR20170077459A KR 20170077459 A KR20170077459 A KR 20170077459A KR 1020150187359 A KR1020150187359 A KR 1020150187359A KR 20150187359 A KR20150187359 A KR 20150187359A KR 20170077459 A KR20170077459 A KR 20170077459A
Authority
KR
South Korea
Prior art keywords
authentication
terminal
interworking
authenticator
financial
Prior art date
Application number
KR1020150187359A
Other languages
Korean (ko)
Inventor
채종학
Original Assignee
주식회사 하나은행
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 하나은행 filed Critical 주식회사 하나은행
Priority to KR1020150187359A priority Critical patent/KR20170077459A/en
Publication of KR20170077459A publication Critical patent/KR20170077459A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • General Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Tourism & Hospitality (AREA)
  • Technology Law (AREA)
  • Signal Processing (AREA)
  • Development Economics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Human Resources & Organizations (AREA)
  • Primary Health Care (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A financial service providing system according to the present invention includes a registering unit for receiving and registering an interworking authentication service application from a user terminal, a receiving unit for receiving a financial service request from the user terminal, a user authentication processing unit for requesting user authentication of the user terminal, And an interworking authentication processing unit for requesting the authenticator terminal for interworking authentication.

Description

TECHNICAL FIELD [0001] The present invention relates to a financial service providing system and a financial service providing method,

The present invention relates to a financial service providing system and a financial service providing method.

Recently, electronic finance accidents have been diversified according to the circumstances of handling offline financial transactions and online transactions. Electronic financial accidents are caused by making an urgent environment through telephone, etc., which may cause the judgment to be blurred or misleading, making it impossible to judge and transfer money by oneself. In addition, electronic financial accidents have a form of phishing that leads to access to websites similar to financial institutions, thereby extracting financial information and personal information. Pharming is a method of inserting malicious code into a video file, And if a customer downloads the corresponding video or the like, the phishing site address is changed to a phishing site address having a legitimate bank site address stored in the PC. In addition, an electronic financial accident can be made by visiting a financial institution to send money from a financial automation device (ATM) or the like to the criminal.

Various types of electronic financial accidents are present in various forms, but all of the user's usage information and authentication information are exposed or exploited, and in many cases, the user's own information is exposed as the instantaneous judgment power becomes blurred. Therefore, it is necessary to create an environment in which the user himself or herself can recover his / her judgment by delaying the time when various financial accidents occur. In addition, there is a need for measures to prevent the user from taking information such as pharming or phishing. Also, there is a need for a system that can prevent cash accidents that occur through automated financial machines.

SUMMARY OF THE INVENTION The present invention has been made in view of the above problems, and it is an object of the present invention to provide a supplementary authentication system,

A financial service providing system according to an embodiment of the present invention includes a registration unit for receiving and registering an interworking authentication service application from a user terminal, a receiving unit for receiving a financial service request from the user terminal, An authentication processing unit, and an interworking authentication processing unit for requesting interworking authentication to the authenticator terminal.

The authenticator terminal may be a terminal used by a third-party interoperable authenticator designated by the user terminal.

The registration unit may receive at least one of the interworking authenticator information, the authenticator terminal information, and the interworking authentication condition from the user terminal.

The receiving unit may determine whether the financial service requires interworking authentication according to a condition set by the user terminal.

The interworking authentication processing unit may request interworking authentication information from the authenticator terminal and receive the interworking authentication information from the interceptor terminal to determine the validity.

And a financial transaction processing unit for processing the financial transaction when the interlocking authentication is successful.

The receiving unit may receive the financial service request from the financial automatic machine according to the user's selection.

The registering unit may transmit to the authenticator terminal whether or not to accept the interworking authentication, and process the registration in response to the response.

According to another aspect of the present invention, there is provided a method of providing a financial service, the method comprising: receiving and registering an interworking authentication service application from a user terminal; receiving a request for a financial service from the user terminal; Processing the authentication of the user through the user terminal, processing the authentication through the authenticator terminal, and processing the financial service if the authentication of the authentication is successful.

The authenticator terminal may be a terminal used by a third-party interoperable authenticator designated by the user terminal.

The registering step may include receiving at least one of the interworking authenticator information, the authenticator terminal information, and the interworking authentication condition from the user terminal.

The registering step may further include transmitting to the authenticator terminal whether or not to accept interworking authentication, and receiving the acceptance from the authenticator terminal.

The method may further include, after the step of receiving, determining whether the financial service requires interworking authentication according to a condition set by the user terminal.

The step of processing the interworking authentication may include requesting interworking authentication information to the authenticator terminal, receiving the interworking authentication information from the authenticator terminal, and determining the validity of the interworking authentication information .

The request for the interworking authentication information may be transmitted to the interworking mobile terminal as a push message.

The financial service may include at least one of transfer, withdrawal, deposit, and participation in a financial product.

According to the present invention, in an authentication system added to a financial service, a designated person other than the principal himself or herself must perform interlinked authentication, so that a financial transaction can be safely performed, and various types of financial accidents can be prevented from occurring.

1 is a block diagram of an environment in which a financial service providing system according to an embodiment of the present invention operates.
2 is a block diagram of a financial service providing system according to an embodiment of the present invention.
3 is a flowchart of a method of providing a financial service according to an embodiment of the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art can easily carry out the present invention. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.

Throughout the specification, when an element is referred to as "comprising ", it means that it can include other elements as well, without excluding other elements unless specifically stated otherwise. Also, the terms " part, "" module," and " module ", etc. in the specification mean a unit for processing at least one function or operation and may be implemented by hardware or software or a combination of hardware and software have.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS A financial service providing system and a financial service providing method according to an embodiment of the present invention will be described in detail with reference to the drawings.

1 is a block diagram of an environment in which a financial service providing system according to an embodiment of the present invention operates.

Referring to FIG. 1, a financial service providing system 100 is a server for providing financial services to a customer, and may be operated by a financial institution that provides various financial services such as registration, transfer, and settlement of financial products. To this end, the financial service providing system 100 provides an Internet banking site, which is a web page for providing financial services online. At this time, the financial service providing system 100 generates a web address of an Internet banking site to which the user terminal 200 accesses and provides the generated web address to the user terminal 200 at the request of the user terminal 200. Also, the financial service providing system 100 may operate an automated teller machine (ATM) to provide various financial services such as deposit, withdrawal, and transfer through a financial automatic machine.

The user terminal 200 is a device for a customer of a financial institution to access and communicate with the financial service providing system 100 through a network. The user terminal 200 may be any of various communication devices such as, for example, various computers including a tab and a notebook, a personal digital assistant (PDA), a mobile communication terminal including a smart phone, and a television Can be used. The user terminal 200 may be installed with a financial application operating in conjunction with the financial service providing system 100.

The interworking authenticator terminal 300 is an apparatus that connects and communicates with the financial service providing system 100 by the interworking authenticator specified by the application of the user terminal 200. [ The interworking authenticator terminal 300 may also be various communication devices such as various computers including a tab and a notebook, a personal digital assistant, a mobile communication terminal including a smart phone, and a television, and the financial service providing system 100 ) Can be installed.

The financial service providing system will now be described in detail with reference to FIG.

2 is a block diagram of a financial service providing system according to an embodiment of the present invention.

2, the financial service providing system 100 includes a registration unit 110, a receiving unit 120, a personal authentication processing unit 130, an interlocking authentication processing unit 140, and a financial service processing unit 150.

The registration unit 110 receives the service application for the interworking authentication service from the user terminal 200 and registers the service application. That is, the registration unit 110 receives information about a third party determined by the user from the user terminal 200 and stores the received information, thereby registering it as an interlocking authenticator for the financial service requested by the user terminal 200. At this time, the user terminal 200 can selectively designate the type and condition for the financial service requiring the interworking authentication. For example, you can register an interlocked authenticator only for transfers of over one million won.

The receiving unit 120 receives a request for financial transaction processing from the user terminal 200. [ Financial services include the purchase, transfer and settlement of financial products. Meanwhile, the receiving unit 120 may receive a request for financial transaction processing from the financial automation device according to the user's selection. That is, the user requests a financial transaction for a withdrawal, a deposit, a transfer, and the like to the financial automation device, and the financial automation device can transmit the request to the reception unit 120.

The receiving unit 120 may determine whether interworking authentication is required according to the conditions registered in the registering unit 110 with respect to the received financial service.

The authentication processing unit 130 processes authentication of the user of the user terminal 200. In other words, the identity authentication processing unit 130 requests authentication information from the user terminal 200, receives the authentication information from the user terminal 200, determines the validity of the authentication information, and processes the authentication.

The interworking authentication processing unit 140 requests authentication information from the authenticator terminal 300 used by the interworking authenticator registered in the registration unit 110 when the financial service received by the receiving unit 120 determines that the interworking authentication is necessary. At this time, the authentication information request may be transmitted as a push message of the authenticator terminal 200. Then, the authentication information is received from the authenticator terminal 300 to determine the validity of the authentication information, thereby processing the interlocking authentication.

The financial transaction processing unit 150 processes the financial transaction requested by the user terminal 200 after the authentication process of the principal authentication processing unit 130 and the interlocking authentication processing unit 140 is successfully completed. For example, if the user terminal 200 requests another user for a transfer of 2,000,000 won, and the authentication of the user authentication and the interlock authenticator is successful, the financial transaction processing unit 150 performs a transfer of 2,000,000 won to another person.

Now, a method of providing a financial service according to an embodiment of the present invention will be described in detail with reference to FIG.

3 is a flowchart of a method of providing a financial service according to an embodiment of the present invention.

Referring to FIG. 3, the user terminal 200 transmits a registration application for the interworking authentication service according to an embodiment of the present invention to the financial service providing system 100 (S310). At this time, the service application may include information on the interworking authenticator, information on the authenticator terminal, and conditions such as the type and amount of the financial service for the interworking authentication.

Then, the financial service providing system 100 performs a registration process by registering the user terminal 200 as a user of the interworking authentication service, storing the information on the interworking authenticator, interworking authentication conditions, etc. S320). Meanwhile, at this time, the interlocking authenticator may be inquired as to whether or not the interlocking authentication is acceptable and may be registered as an interlocking authenticator according to the result. On the other hand, the validity of the interlocking authentication may take effect after a certain period of time after registration for safety.

Subsequently, the user terminal 200 requests the financial service providing system 100 for a financial service desired by the user terminal 200 (S330). For example, the user terminal 200 may request that Mr. A transfer 2 million won. Alternatively, the user can request a withdrawal of 2 million won through the automated teller machine according to the user's selection, and the automated teller machine can request such a financial service to the financial service providing system 100.

Then, the financial service providing system 100 determines whether interworking authentication is required according to the condition registered by the user, and requests the user terminal 200 to perform the interworking authentication if the interworking authentication is necessary (S340).

The user terminal 200 transmits the authentication information to the financial service providing system 100 (S350), and the financial service providing system 100 processes the authentication by checking whether the received authentication information is correct (S360).

Subsequently, the financial service providing system 100 requests interworking authentication information from the registered authenticator terminal 300 (S370). Then, the authenticator terminal 200 transmits the interworking authentication information to the financial service providing system 100 (S380), and the financial service providing system 100 processes the authentication by checking whether the interworking authentication information is correct (S390).

When the interworking authentication has been successfully completed, the financial service providing system 100 processes the financial service requested by the user terminal 100 (S391). In other words, he transfers 3 million won to Mr. A or withdraws 3 million won through financial automation equipment.

On the other hand, if the authentication of the user is successful in step S360, the financial service may be performed, that is, recorded in the transfer standby database, and the financial service performed after successful authentication of the interlocking authentication in step S390 may be executed.

If the financial service requested by the user terminal 200 is not in the case of requiring interworking authentication, the financial service providing system 10 requests the user terminal 100 only for the authentication information, Can be processed.

In this way, when a user performs a financial business desired by the user, not only the user's authentication but also a third party designated by the user is further subjected to interlocking authentication, thereby allowing time for re-reviewing the requested financial business in a blurred state And the third party's authentication confirmation can provide a safer financial transaction processing. In addition, the user can freely set the authenticator and the authentication condition for the interworking authentication service, thereby providing the authentication service matching the user's financial life pattern.

The embodiments of the present invention described above are not implemented only by the apparatus and method, but may be implemented through a program for realizing the function corresponding to the configuration of the embodiment of the present invention or a recording medium on which the program is recorded. Such a recording medium can be executed not only on a server but also on a user terminal.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, It belongs to the scope of right.

Claims (16)

A registration unit for receiving and registering an interworking authentication service application from a user terminal,
A receiving unit for receiving a financial service request from the user terminal,
A personal authentication processing unit for requesting the user terminal to authenticate the user,
An interworking authentication processing unit for requesting interworking authentication to the authenticator terminal
And a financial service providing system.
The method of claim 1,
The authenticator terminal may be a terminal used by a third party authenticated authenticator designated by the user terminal
Financial service delivery system.
3. The method of claim 2,
Wherein the registration unit receives at least one of the interworking authenticator information, the authenticator terminal information, and the interworking authentication condition from the user terminal
Financial service delivery system.
4. The method of claim 3,
The receiver may further comprise:
The financial service determines whether interworking authentication is required according to a condition set by the user terminal
Financial service delivery system.
The method of claim 1,
The interlocking authentication processing unit,
Requests interoperable authentication information from the authenticator terminal, receives the interworking authentication information from the authenticator terminal, and determines validity
Financial service delivery system
The method of claim 1,
If the interlocking authentication is successful, the financial transaction processing unit
The financial service providing system further comprising:
The method of claim 1,
The receiver may further comprise:
Receiving the financial service request from the financial automatic machine in accordance with the user's selection
Financial service delivery system.
The method of claim 1,
Wherein the registration unit comprises:
It transmits to the authenticator terminal whether or not it has accepted the interworking authentication and processes the registration in response to the response
Financial service delivery system.
A method of providing a financial service by a financial service providing system,
Receiving and registering an interworking authentication service application from a user terminal,
Receiving a request for financial services from the user terminal,
Processing the user identity authentication through the user terminal,
Processing the interworking authentication through the authenticator terminal, and
If the interlocking authentication is successful, processing the financial service
The method comprising the steps of:
The method of claim 9,
Wherein the authenticator terminal is a terminal used by a third party authenticated authenticator designated by the user terminal
How to provide financial services.
11. The method of claim 10,
Wherein the registering step comprises:
Receiving at least one of the interworking authenticator information, the authenticator terminal information, and the interworking authentication condition from the user terminal
The method comprising the steps of:
12. The method of claim 11,
Wherein the registering step comprises:
Transmitting to the authenticator terminal whether or not to accept interworking authentication, and
Receiving the acceptance from the authenticator terminal
Further comprising the steps of:
The method of claim 9,
After the receiving step,
Determining whether interworking authentication is required according to a condition determined by the user terminal
Further comprising the steps of:
The method of claim 13,
Wherein the step of processing the interworking authentication comprises:
Requesting the authenticator terminal for interworking authentication information,
Receiving the interworking authentication information from the authenticator terminal, and
Determining validity of the interworking authentication information
The method comprising the steps of:
The method of claim 14,
The request for the interworking authentication information is transmitted to the interworking mobile terminal as a push message
How to provide financial services.
The method of claim 9,
The financial service,
Including at least one of transfer, withdrawal, depositing and subscribing to a financial instrument
How to provide financial services.
KR1020150187359A 2015-12-28 2015-12-28 System and method for providing financial system KR20170077459A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150187359A KR20170077459A (en) 2015-12-28 2015-12-28 System and method for providing financial system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150187359A KR20170077459A (en) 2015-12-28 2015-12-28 System and method for providing financial system

Publications (1)

Publication Number Publication Date
KR20170077459A true KR20170077459A (en) 2017-07-06

Family

ID=59354436

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150187359A KR20170077459A (en) 2015-12-28 2015-12-28 System and method for providing financial system

Country Status (1)

Country Link
KR (1) KR20170077459A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102201083B1 (en) * 2019-10-21 2021-01-08 윤성민 Financial transaction system and method thereof
KR20210047238A (en) * 2019-10-21 2021-04-29 윤성민 Financial transaction system and method thereof

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102201083B1 (en) * 2019-10-21 2021-01-08 윤성민 Financial transaction system and method thereof
WO2021080261A1 (en) * 2019-10-21 2021-04-29 윤성민 Financial transaction system and method thereof
KR20210047238A (en) * 2019-10-21 2021-04-29 윤성민 Financial transaction system and method thereof

Similar Documents

Publication Publication Date Title
CN111357025B (en) Secure QR code service
CN106127017B (en) Method and system for handling encoded information
AU2010306566B2 (en) Anti-phishing system and method including list with user data
AU2011342282B2 (en) Authenticating transactions using a mobile device identifier
US20140067683A1 (en) System and method for generating a dynamic card value
US20110103586A1 (en) System, Method and Device To Authenticate Relationships By Electronic Means
EP2043036B1 (en) System, method and device for enabling interaction with dynamic security
KR20170039672A (en) System and method for authenticating a client to a device
US11403633B2 (en) Method for sending digital information
WO2010140876A1 (en) Method, system and secure server for multi-factor transaction authentication
US20130046689A1 (en) System and Method for Facilitating Transactions
WO2015000365A1 (en) Quick payment method and system based on location information
US20210166237A1 (en) Enriching transaction request data for improving fraud prevention systems on a data communication network with user controls injected to back-end transaction approval requests in real-time with transactions
US20130212020A1 (en) Authentication platform for pin debit issuers
JP2011204169A (en) Authentication system, authentication device, authentication method and authentication program
KR20120046913A (en) Method of paying with unique key value and apparatus thereof
JP7202500B1 (en) Information processing device, information processing method, and program
JP2015111329A (en) Network service providing system, network service providing method, and program
KR20070097874A (en) Service system for instant payment utilizing a wireless telecommunication device
KR20170141930A (en) System for providing financial service and method for transfer thereof
KR20140047782A (en) Agent system and method for payment
US20150332269A1 (en) Systems and methods for debit card account confirmation
KR20080009242A (en) Service system for instant payment utilizing a wireless telecommunication device
KR20170077459A (en) System and method for providing financial system
JP2010237741A (en) Authentication system and authentication method