KR102437970B1 - System for processing offline payment, method of processing offline payment based on secondary authentication using motion pattern and apparatus for the same - Google Patents

Abstract

An offline payment processing system, a second authentication-based offline payment processing method using a motion pattern, and an apparatus using the same are disclosed. Obtain check-in information corresponding to the store entered by the user, receive primary authentication information for primary authentication corresponding to pre-approval for purchase corresponding to the store from the mobile terminal, and 1 when primary authentication is valid For secondary authentication dependent on secondary authentication, secondary authentication information is generated in a form corresponding to the motion pattern for the mobile terminal and transmitted to at least one of the POS corresponding to the mobile terminal and the store, and 2 using the secondary authentication information Offline payment at the store can be performed based on the car authentication result.

Description

Offline payment processing system, second authentication-based offline payment processing method using motion pattern, and device using the same

The present invention relates to an offline payment technology based on secondary authentication using a motion pattern. In particular, an offline payment processing system that can conveniently perform payment using secondary authentication information generated by shaking a user's mobile terminal, a motion pattern It relates to an offline payment processing method based on secondary authentication using the .

As mobile terminals become more common, the need for payment using mobile terminals is continuously increasing both online and offline. An important theme in such mobile terminal-based payment is security and convenience such as user authentication. That is, when performing a payment, it is necessary to prevent an illegal payment from occurring by efficiently detecting an abnormal payment while requiring a minimum procedure or operation from the user.

Conventionally, there is a technology for the convenience of performing payment through a mobile terminal before a user arrives at a store, and then receiving a prepaid product when the user arrives at the store. However, in this technology, the user selects a product through a mobile terminal before visiting the store and performs payment. The user directly visits the store and decides which product to purchase, and then pays it through a simpler process at the store's POS. There is a difference between it and the technique.

In addition, even in such a simple payment process, it is difficult to find a security technique for blocking the possibility of fraudulent payment by checking whether a purchaser who receives the goods and a payer performing the payment match.

Therefore, in the present invention, the user visits a store and first performs pre-authentication for final payment in the mobile terminal, and then performs secondary authentication by simply shaking the mobile terminal near the POS, which is safe and convenient with two-channel authentication. We would like to introduce a new offline payment technology that allows you to purchase goods conveniently.

Korean Registered Patent No. 10-1352710, registered on January 10, 2014 (Name: Credit card simulation payment system and simulated payment method in the payment system and device therefor)

An object of the present invention is to provide stability and convenience of offline payment by performing authentication using a motion pattern of a mobile terminal when a user performs offline payment using a mobile terminal.

In addition, an object of the present invention is to prevent a security risk that may occur in the purchase process after primary authentication is completed by performing secondary authentication based on primary authentication.

In addition, an object of the present invention is to perform offline payment safely and conveniently only with a mobile terminal without taking out a separate wallet or card by processing payment based on pre-authentication.

An offline payment processing apparatus according to the present invention for achieving the above object includes: a check-in information acquisition unit for acquiring check-in information corresponding to a store entered by a user; a primary authentication unit for receiving primary authentication information for primary authentication corresponding to pre-approval for a purchase corresponding to the store from the mobile terminal; For secondary authentication dependent on the primary authentication when the primary authentication is valid, secondary authentication information is generated in a form corresponding to the motion pattern for the mobile terminal to correspond to the mobile terminal and the store. a secondary authentication unit for transmitting at least one of POS; and a payment processing unit for performing offline payment in the store based on a result of secondary authentication using the secondary authentication information.

At this time, the secondary authentication determines whether the mobile terminal exists in a preset payment area based on the POS, when the payment amount of the product corresponding to the purchase is input to the POS, and the mobile terminal enters the payment area It may be performed by comparing whether the motion pattern generated by the user shaking the mobile terminal by shaking the mobile terminal matches the registered motion pattern registered in advance by the user.

In this case, the secondary authentication may be performed according to the secondary authentication level adjusted according to the monitoring result of the mobile terminal until the product corresponding to the purchase is submitted to the POS.

In this case, the secondary authentication unit further considers at least one of a moving direction, a moving speed, a moving distance, and a size of the payment area when shaking the mobile terminal when the secondary authentication level is improved, and the secondary authentication information can create

In this case, the secondary authentication unit determines that the moving distance of the mobile terminal after the primary authentication is determined when the time from the first authentication to the time the product is submitted to the POS exceeds a preset reference purchase time. The second authentication level can be adjusted to improve when it corresponds to at least one of a case in which a preset reference movement distance is exceeded and a case in which the movement speed of the mobile terminal exceeds a preset reference movement speed after the first authentication .

In this case, the primary authentication corresponds to the release conditional authentication, and when the primary authentication is released, the secondary authentication information may be invalidated.

In this case, the primary authentication may be performed according to the primary authentication level adjusted according to the monitoring result of the mobile terminal acquired based on the check-in information.

In this case, the first authentication unit determines that the number of times of mobile fraudulent payments occurring in the store is preset when the monitoring result exceeds a preset reference authentication time before the first authentication is performed after obtaining the check-in information. The first authentication level may be adjusted to improve when it corresponds to at least one of the cases in which the reference number is exceeded.

In addition, the mobile terminal according to the present invention includes a check-in information collecting unit for obtaining check-in information corresponding to a store entered by the user; a primary authentication performing unit for performing primary authentication corresponding to pre-approval for a purchase corresponding to the store by inputting primary authentication information; a secondary authentication performing unit generating secondary authentication information corresponding to a motion pattern for secondary authentication dependent on the primary authentication when the primary authentication is valid; and a payment execution unit configured to transmit the secondary authentication information to one of a server and a POS corresponding to the store to perform offline payment in the store, and receive a result of the offline payment.

In addition, the offline payment processing method according to the present invention comprises the steps of: obtaining check-in information corresponding to a store entered by the user; receiving, from a mobile terminal, primary authentication information for primary authentication corresponding to pre-approval for a purchase corresponding to the store; For secondary authentication dependent on the primary authentication when the primary authentication is valid, secondary authentication information is generated in a form corresponding to the motion pattern for the mobile terminal to correspond to the mobile terminal and the store. transmitting to at least one of the POS; and performing offline payment at the store based on a result of secondary authentication using the secondary authentication information.

At this time, the secondary authentication determines whether the mobile terminal exists in a preset payment area based on the POS, when the payment amount of the product corresponding to the purchase is input to the POS, and the mobile terminal enters the payment area It may be performed by comparing whether the motion pattern generated by the user shaking the mobile terminal by shaking the mobile terminal matches the registered motion pattern registered in advance by the user.

In this case, the secondary authentication may be performed according to the secondary authentication level adjusted according to the monitoring result of the mobile terminal until the product corresponding to the purchase is submitted to the POS.

In this case, the transmitting step further considers at least one condition of a moving direction, a moving speed, a moving distance, and a size of the payment area when shaking the mobile terminal when the second authentication level is improved. can create

At this time, in the transmitting step, if the time from the first authentication to the time the product is submitted to the POS exceeds a preset reference purchase time, the moving distance of the mobile terminal after the first authentication is The second authentication level can be adjusted to improve when it corresponds to at least one of a case in which a preset reference movement distance is exceeded and a case in which the movement speed of the mobile terminal exceeds a preset reference movement speed after the first authentication .

In this case, the primary authentication corresponds to the release conditional authentication, and when the primary authentication is released, the secondary authentication information may be invalidated.

In this case, the primary authentication may be performed according to the primary authentication level adjusted according to the monitoring result of the mobile terminal acquired based on the check-in information.

In this case, the step of receiving the primary authentication information is performed when the monitoring result exceeds a preset reference authentication time before the primary authentication is performed after obtaining the check-in information and mobile fraud occurring in the store When the number of payments corresponds to at least one of the cases in which the number of payments exceeds a preset reference number, the first authentication level may be adjusted to be improved.

In addition, as another means for solving the problems of the present invention, a computer program stored in a medium for executing the above-described method is provided.

According to the present invention, when a user performs an offline payment using a mobile terminal, it is possible to provide stability and convenience of an offline payment by performing authentication using a motion pattern of the mobile terminal.

In addition, the present invention can prevent a security risk that may occur in the purchase process after the primary authentication is completed by performing the secondary authentication based on the primary authentication.

In addition, the present invention can safely and conveniently perform offline payment only with a mobile terminal without taking out a separate wallet or card by processing payment based on pre-authentication.

1 is a block diagram illustrating an offline payment system using application pay according to an embodiment of the present invention.
2 is a block diagram illustrating an offline payment processing apparatus according to an embodiment of the present invention.
3 is a block diagram illustrating a mobile terminal according to an embodiment of the present invention.
4 to 8 are diagrams showing a payment progress screen in the case of an application member in the payment method through BLE PUSH according to an embodiment of the present invention.
9 to 15 are diagrams illustrating member registration screens in the case of a non-member of the application in the payment method through BLE PUSH according to an embodiment of the present invention.
16 is a diagram illustrating an example of a screen for registering a registered motion pattern according to the present invention.
17 is a flowchart illustrating an offline payment processing method according to an embodiment of the present invention in terms of an offline payment processing apparatus.
18 is a flowchart illustrating an offline payment processing method from the perspective of a mobile terminal according to an embodiment of the present invention.
19 is a diagram illustrating in detail a process of improving the secondary authentication level of secondary authentication among the offline payment processing methods shown in FIG. 17 .
FIG. 20 is a diagram illustrating in detail a process of improving the primary authentication level of primary authentication among the offline payment processing methods shown in FIG. 17 .

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. However, detailed descriptions of well-known functions or configurations that may obscure the gist of the present invention in the following description and accompanying drawings will be omitted. In addition, it should be noted that throughout the drawings, the same components are denoted by the same reference numerals as much as possible. The embodiments of the present invention are provided in order to more completely explain the present invention to those of ordinary skill in the art. Accordingly, the shapes and sizes of elements in the drawings may be exaggerated for clearer description.

The terms or words used in the present specification and claims described below should not be construed as being limited to their ordinary or dictionary meanings, and the inventor is appropriate as a concept of terms for describing his invention in the best way. It should be interpreted as meaning and concept consistent with the technical idea of the present invention based on the principle that it can be defined in Therefore, the embodiments described in this specification and the configurations shown in the drawings are only the most preferred embodiment of the present invention, and do not represent all of the technical spirit of the present invention. It should be understood that there may be equivalents and variations. Also, terms such as first and second are used to describe various components, and are used only for the purpose of distinguishing one component from other components, and are not used to limit the components.

1 is a block diagram illustrating an offline payment system using application pay according to an embodiment of the present invention.

Referring to FIG. 1 , the payment system using Application Pay according to an embodiment of the present invention includes an application server 110 , a terminal 120 , a POS device 130 , a BLE server 140 , and a BLE device 150 . include

The payment system according to an embodiment of the present invention may correspond to a system for performing a payment using an application pay based on an application installed in a user's mobile terminal when purchasing a product in an offline store.

The application server 110 may be a server that performs a procedure related to payment by providing an application 111 for performing payment together with information related to payment to the user's terminal 120 . In this case, the application server 110 may transmit/receive data through the network.

In this case, the application server 110 may be an offline payment processing device according to an embodiment of the present invention. In addition, the application server 110 may include an offline payment processing apparatus according to an embodiment of the present invention.

In this case, the network provides a path for transferring data between the application server 110 and the terminal 120 , and is a concept that encompasses both an existing network and a network that can be developed in the future. For example, a network is a wired/wireless local area network that provides communication of various information devices within a limited area, a mobile communication network that provides communication between and between mobile devices and between a mobile device and the outside of the mobile device, and a satellite that provides communication between an earth station and an earth station using satellites. It may be either a satellite communication network or a wired/wireless communication network, or a combination of two or more. Meanwhile, the transmission method standard of the network is not limited to the existing transmission method standard, and may include all transmission method standards to be developed in the future. In addition, in FIG. 1 , the network used between the application server 110 and the terminal 120 is different from the network used between the application server 120 and the POS device 130 and the BLE server 140 and the terminal 120 . may be or may be the same.

The terminal 120 receives information corresponding to product payment from the application server 110 using an application and provides it to the user.

At this time, the terminal 120 is a device that is connected to the communication network and can execute applications, such as a mobile phone, a Portable Multimedia Played (PMP), a Mobile Internet Device (MID), a smartphone (Smart Phone), a tablet computer (Tablet PC), It may be a mobile terminal having various mobile communication specifications, such as a notebook (Notebook), a netbook (Net Book), a personal digital assistant (PDA), and an information communication device.

In addition, the terminal 120 may receive various information such as number and character information, and transmit signals input in connection with setting various functions and controlling the functions of the terminal 120 to the controller through the input unit. In addition, the input unit of the terminal 120 may be configured to include at least one of a keypad and a touchpad that generate an input signal according to a user's touch or manipulation. In this case, the input unit of the terminal 120 may be configured in the form of a single touch panel (or touch screen) together with the display unit of the terminal 120 to simultaneously perform input and display functions. In addition, as the input unit of the terminal 120 , all types of input means that may be developed in the future may be used in addition to input devices such as a keyboard, a keypad, a mouse, a joystick, and the like. In particular, the input unit of the terminal 120 according to the present invention may transmit an input signal for selecting a card or performing payment to the control unit of the terminal 120 based on the optimal card recommendation system.

In addition, the display unit of the terminal 120 may display information about a series of operation states and operation results that occur while the function of the terminal 120 is performed. Also, the display unit of the terminal 120 may display a menu of the terminal 120 and user data input by the user. Here, the display unit of the terminal 120 includes a liquid crystal display (LCD), an ultra-thin liquid crystal display (TFT-LCD, Thin Film Transistor LCD), a light emitting diode (LED, Light Emitting Diode), and an organic light emitting diode (OLED). , Organic LED), an active organic light emitting diode (AMOLED, Active Matrix OLED), a Retina Display, a flexible display, and a three-dimensional (3 Dimension) display. In this case, when the display unit of the terminal 120 is configured in the form of a touch screen, the display unit of the terminal 120 may perform some or all of the functions of the input unit of the terminal 120 . In particular, the display unit of the terminal 120 according to the present invention may display the optimal recommended card provided based on the optimal card recommendation system and information related to payment on the screen.

In addition, the storage unit of the terminal 120 is a device for storing data, including a main storage device and an auxiliary storage device, and may store an application program necessary for the functional operation of the terminal 120 . The storage unit of the terminal 120 may largely include a program area and a data area. Here, when each function is activated in response to a user's request, the terminal 120 executes corresponding application programs under the control of the controller to provide each function. In particular, the storage unit of the terminal 120 according to the present invention may store an operating system for booting the terminal 120 and a program for recommending a card or performing a payment based on an optimal card recommendation system. In addition, the storage unit of the terminal 120 may store a content DB for storing a plurality of contents and information of the terminal 120 . In this case, the content DB may include execution data for executing the content and attribute information on the content, and content usage information according to the content execution may be stored. And, the information of the terminal 120 may include terminal specification information.

In addition, the communication unit of the terminal 120 may perform a function for transmitting and receiving data through the application server 110 and the network. Here, the communication unit of the terminal 120 may include an RF transmitting unit for up-converting and amplifying the frequency of the transmitted signal, and an RF receiving unit for low-noise amplifying the received signal and down-converting the frequency. The communication unit of the terminal 120 may include at least one of a wireless communication module and a wired communication module. In addition, the wireless communication module is a configuration for transmitting and receiving data according to a wireless communication method, and when the terminal 120 uses wireless communication, using any one of a wireless network communication module, a wireless LAN communication module, and a wireless fan communication module Data may be transmitted/received to and from the application server 110 . In addition, the wired communication module is for transmitting and receiving data by wire. The wired communication module may connect to a network through a wire and transmit/receive data to and from the application server 110 . That is, the terminal 120 may access a network using a wireless communication module or a wired communication module, and may transmit/receive data to and from the application server 110 through the network. In particular, in the network according to the present invention, the terminal 120, the application server 110, and the BLE server 140 communicate to transmit/receive data necessary for recommending an optimal card based on the optimal card recommendation system.

In addition, the control unit of the terminal 120 may be a process device for driving an operating system (OS, Operation System) and each component. For example, the control unit may control the overall process of accessing the application server 110 . When accessing the application server 110 through a separate service application, the entire process of executing the service application can be controlled according to the user's request, and a service use request is made to the application server 110 simultaneously with execution. It can be controlled to be transmitted, and at this time, information of the terminal 120 required for user authentication can be controlled to be transmitted together.

Also, the controller of the terminal 120 may execute specific content stored in the storage of the terminal 120 according to a user's request. In this case, the controller may store the content use history according to the content execution as content use information.

In addition, the user's terminal 120 has an application for the application pay service installed, and may correspond to the user's terminal 120 subscribed to the application pay service.

The POS device 130 is a device for performing payment for a product in the store 160 , and may correspond to a device capable of performing an application pay service based on communication with the application server 110 .

The BLE server 140 may be a server for identifying the location of the terminal 120 and providing information by utilizing Bluetooth low energy.

In this case, the Bluetooth low energy technology is a short-range wireless communication technology that periodically transmits information of an object based on Bluetooth 4.0 within a certain radius of the surrounding area. That is, even if the user of the terminal 120 does not take a separate action, the user's location may be automatically identified and a signal for the payment service may be provided.

At this time, beacon is a short-distance data communication technology using BLE (Bluetooth Low Energy), and various application services such as object and situation recognition, content push, indoor positioning, automatic check-in, and geofencing based on proximity positioning can enable Compared to the previous similar technology, it can be provided more conveniently and at a lower cost, so it can serve as a catalyst for the formation of a new service market. In this case, the beacon may refer to any device that periodically transmits a signal to notify it. For example, the BLE device 150 shown in FIG. 1 may correspond to a beacon.

Such a beacon may be divided into a sound-based low-frequency beacon, an LED beacon, a Wi-Fi beacon, a Bluetooth beacon, and the like according to a signal transmission method. In addition, the beacon can transmit a periodic signal in a small packet equivalent to approximately 21 bytes, does not require pairing separately from the target receiving the signal, and operates with low power, but the ID value of the beacon transmitter and the received signal strength up to 50 meters It is possible to transmit a signal corresponding to In addition, since it is inexpensive and can be easily attached anywhere due to its small size, it can be freely used anywhere even in the case of offline stores.

For example, when a beacon is installed in a specific place in the store 160 and a user and a customer holding the terminal 120 enter within the area of the BLE beacon, the terminal 120 can be detected and a signal including information can be transmitted. .

The store 160 may correspond to an offline store where payment is performed, and may correspond to an application pay service affiliate store in which the application pay agent and the BLE device 150 are installed.

Hereinafter, a payment system according to an embodiment of the present invention will be described according to a service flow.

First, a user may enter the store 160 with the terminal 120 .

In this case, it is possible to detect that the user has entered the store 160 using a beacon, which is a BLE-based short-distance data communication technology.

That is, according to the present invention, the BLE signal transmitted from the BLE device 150 , which is a beacon located in the store 160 , may be received by the Bluetooth-activated terminal 120 using the BLE SDK 141 . At this time, the BLE signal may be received through the application 111 installed based on the BLE SDK 141 . Thereafter, when the terminal 120 transmits information included in the BLE signal to the BLE server 140 , the BLE server 140 may provide information related to the BLE benefit corresponding to the BLE signal to the terminal 120 . .

Thereafter, the terminal 120 may access the application server 110 based on the BLE benefit information received from the BLE server 140 through the application.

In this case, the application server 110 may include at least one module for performing payment.

For example, the application server 110 may include a membership providing module capable of providing membership information based on user information of the terminal 120 and store information corresponding to the store 160 . In this case, the membership providing module may include a separate database capable of storing membership information for each user and store information for each store.

As another example, the application server 110 may include an application pay payment module for performing payment through application pay. In this case, the application pay payment module may include credit card information or bank information for performing payment through application pay. For example, when a user pays an application pay through a credit card to purchase a product in the store 160 , the application pay payment module and the credit card application may transmit and receive data for performing real-time payment.

In this case, the application pay payment module may include an optimal card recommendation device for recommending an optimal card in consideration of discount benefits, store benefits, and accumulation of credit cards owned by the user based on credit card information. For example, by combining the benefit information provided when the target performance for the previous month is achieved by type of credit card and the benefit information provided through the membership card, the optimal card may be recommended according to the discount rate or the accumulation rate. In addition, the optimal card recommendation device may be configured independently of the application pay payment module.

For another example, the application server 110 provides benefit information for coupons or gifticons that can be used by a user in the store 160 together with membership information through the membership providing module, or event and marketing information in progress in the store 160 , etc. It may include a store information providing module that can provide. For example, the store information providing module provides the application server 110 by inquiring about the gifticon or coupon that the user can use in the store 160 through the application, so that the user can use the gifticon or coupon through the application installed in the terminal 120 . You can use coupons. In addition, the store information providing module provides the application server 110 with event information and marketing information corresponding to a plurality of stores that provide a service according to the payment system according to an embodiment of the present invention, thereby providing a store visited by the user. In step 160 , information on ongoing events and marketing may be provided to the user's terminal 120 .

Thereafter, a user who accesses the application server 110 through the terminal 120 may perform pre-authentication in the application pay service to purchase a product in the store 160 . For example, a step for pre-authentication may be entered by receiving a purchase-related push message through the BLE device 150 and clicking a purchase button included in the push message. In this case, various methods such as PIN number input, picture image gesture, and touch gesture may be used as a means of pre-authentication for purchase, that is, primary authentication.

At this time, the offline payment processing device included in the application server 110 or corresponding to the application server 110 receives the corresponding primary authentication information of the primary authentication performed in the terminal 120 to determine whether to authenticate. can judge

Thereafter, the user moves to the POS device 130 with the product to be purchased at the store 160 , and the clerk of the store 160 expresses his/her intention to pay through the application pay, and performs secondary authentication for product purchase and payment can do.

In this case, the secondary authentication may be authentication dependent on the primary authentication, and the secondary authentication may be performed while the primary authentication is valid.

For example, as the secondary authentication method, the user has the terminal 120 and is located in the payment zone near the POS device 130 , and inputs a movement gesture pattern using the terminal 120 in the payment zone. method, a method of inputting a touch pattern to the sign pad included in the POS device 130, a method of generating an intersection on the sign pad, a question answering method, and the like.

Also, in the secondary authentication, after the clerk of the store 160 scans the purchased product, the POS device 130 confirms the user who uses the application pay service, and then the payment can be made.

Thereafter, when the second authentication is completed, the application server 110 may transmit a message indicating whether payment through Application Pay has been successfully performed to at least one of the user's terminal 120 or the POS device 130 .

By using such a payment system using an application pay, it is safer and more convenient for a user to pay for a product using an optimal card simply by performing primary authentication at the store 160 and performing simple secondary authentication. It is possible.

2 is a block diagram illustrating an offline payment processing apparatus according to an embodiment of the present invention.

Referring to FIG. 2 , an offline payment processing apparatus according to an embodiment of the present invention includes a communication unit 210 , a check-in information acquisition unit 220 , a primary authentication unit 230 , a secondary authentication unit 240 , and a payment processing unit. 250 and a storage unit 260 .

The communication unit 210 serves to transmit and receive information necessary for offline payment processing with a user's mobile terminal through a communication network such as a network. In particular, the communication unit 210 according to an embodiment of the present invention may receive information for performing check-in, primary authentication, and secondary authentication from a mobile terminal, and provide information corresponding to offline payment processing to the mobile terminal. have.

At this time, information for performing offline payment processing may be received from a separate application server or a POS installed in a store.

The check-in information acquisition unit 220 acquires check-in information corresponding to a store entered by the user.

In this case, the check-in information may be obtained using a Bluetooth low energy (BLE) technology or a technology such as WiFi and GPS. For example, a device such as a BLE beacon may be installed at the entrance of a store, and when a user's mobile terminal enters the area of the BLE beacon, the corresponding terminal may be detected and a signal including store information may be transmitted. At this time, the mobile terminal receiving the signal may acquire information on the store included in the signal through the application, and transmit the information to the offline payment processing device as check-in information.

In this case, any technology capable of detecting that the user's mobile terminal has visited a store may be used as a technology for acquiring check-in information without being limited to any technology.

The primary authentication unit 230 receives primary authentication information for primary authentication corresponding to pre-approval for a purchase corresponding to a store from the mobile terminal.

In this case, the primary authentication may correspond to a pre-payment authentication performed before a product to be purchased or an amount to be paid is confirmed during offline payment.

In this case, the primary authentication may correspond to inputting a PIN number to the mobile terminal. That is, the primary authentication may be performed in the mobile terminal. For example, when a PIN number is input to perform the primary authentication in the mobile terminal, the primary approval may be achieved by recognizing the PIN number input in the mobile terminal as primary authentication information and transmitting it to the offline payment processing device. .

In addition, the primary authentication may be performed through various methods such as fingerprint recognition, face recognition, and voice recognition that are possible through the mobile terminal.

In this case, the primary authentication corresponds to the release conditional authentication, and when the primary authentication is released, the secondary authentication information may be invalidated. That is, the primary authentication may correspond to authentication accompanied by a spatial or temporal release condition.

In this case, a timeout time corresponding to a time during which the primary authentication is valid may be set as one of the cancellation conditions of the primary authentication. That is, when a preset timeout time is exceeded after performing the primary authentication, the primary authentication may be automatically released.

In this case, the timeout time may be set differently depending on the type of store. For example, a store such as a supermarket may set a timeout period of 30 minutes to 1 hour to suit the shopping time. In addition, in a store such as a restaurant, the time-out time can be set from 2 to 3 hours to suit the meal time.

In this case, if the first authentication is released because the timeout time has expired, payment through the mobile terminal may not be performed regardless of the validity of the secondary authentication. Accordingly, in order to perform a payment through the mobile terminal after the primary authentication is released, the payment may be processed by performing the secondary authentication after performing the primary authentication again.

In addition, when the mobile terminal is more than a certain distance away from the store, the primary authentication may be released. For example, if the location of the mobile terminal is determined using a short-range wireless communication device installed at the entrance of a store and several places inside the store, and it is determined that the mobile terminal is separated from the store by a certain distance or more, the primary authentication is canceled can be

In this case, the primary authentication may be performed according to the primary authentication level adjusted according to the monitoring result of the mobile terminal acquired based on the check-in information. That is, if an abnormality is found in the monitoring result, security can be strengthened depending on the situation by improving the primary authentication level for more secure authentication.

At this time, the monitoring result may correspond to the situation before performing the first authentication.

At this time, the monitoring result is at least one of the cases where the number of mobile fraudulent payments occurring in the store exceeds the preset reference number of times when the time exceeds the preset standard authentication time after the check-in information is obtained and before the first authentication is performed In a case corresponding to , it can be adjusted to improve the primary authentication level. In other words, if it takes an abnormally long time before the first authentication is performed after a user with a mobile terminal enters the store, or if the store the user enters is a store where mobile fraudulent payments occur frequently The primary authentication level for primary authentication can be improved for secure payment.

In this case, the primary authentication may be adjusted to add a procedure for inputting a PIN number when the primary authentication level is improved. For example, if the primary authentication level is increased, the keyboard of the mobile terminal may be changed every time a PIN is input instead of a simple PIN input. In addition, after inputting a PIN, a color pattern may also be input, or a method of increasing the length of the PIN using a dummy number may be used. In addition, when the PIN is input, if earphones or headphones are connected to the audio jack of the mobile terminal and listening to music, as the primary authentication level is improved, a method of inputting the PIN through audio feedback may be used.

In this case, the primary authentication level may be improved by changing conditions that can be additionally considered during the primary authentication according to the primary authentication method. For example, if it is assumed that the primary authentication method corresponds to fingerprint recognition, as the primary authentication level is improved, a fingerprint recognition of another finger may be additionally requested. Also, in the case of face recognition, the left or right side of the face may be recognized in addition to recognizing the front of the face.

The secondary authentication unit 240 examines whether the primary authentication is valid, and when the primary authentication is valid, for secondary authentication dependent on the primary authentication, 2 in a form corresponding to the motion pattern for the mobile terminal Car authentication information is generated and transmitted to at least one of the mobile terminal and the POS corresponding to the store. For example, after the first authentication, the product or service that the user wants to purchase at the store may be confirmed and delivered to the POS of the store. In this case, in the POS, secondary authentication may be performed in a state in which the payment amount of the product to be purchased is input, and authentication may be performed using at least one of the user's mobile terminal and the POS. Accordingly, in a state in which the final payment amount is confirmed, secondary authentication information for secondary authentication may be generated and transmitted to at least one of the mobile terminal and the POS.

At this time, the secondary authentication determines whether the mobile terminal exists in the payment area preset based on the POS when the payment amount of the product corresponding to the purchase is input in the POS, and when the mobile terminal is in the payment area It may be performed by comparing whether a motion pattern generated by the user shaking the mobile terminal matches a registered motion pattern registered in advance by the user.

In this case, the motion pattern and the registered motion pattern may be generated by detecting a movement when the user shakes the mobile terminal. For example, when the user shakes the mobile terminal in the order of left-right-left-right, a motion sensor inside the mobile terminal may detect it and generate a motion pattern. That is, the registered motion pattern may correspond to a motion pattern registered in advance using the mobile terminal in order to use the application pay service according to the present invention. Accordingly, the user may perform the secondary authentication by shaking the mobile terminal so that the same motion pattern as the previously registered motion pattern is generated.

In this case, it may be determined whether the user's mobile terminal exists in the payment area through a separate device. For example, a speaker that outputs a high frequency of a specific frequency is installed around the POS in a specific direction, and the user's mobile terminal detects the high frequency only within the payment area, thereby determining whether to enter the payment area.

Therefore, if the user leaves the payment area with the mobile terminal after the payment amount is confirmed by delivering the product to be purchased to the POS, this may be detected and secondary authentication may not be performed. For example, it may be assumed that the user leaves the payment area to purchase additional products after a payment amount is input by delivering the product to be purchased to the POS. At this time, even if a motion pattern is generated by accidentally shaking the mobile terminal outside the payment area, the payment may not proceed because the secondary authentication is not performed.

Also, even if the motion pattern registered in advance by the user based on the application does not match the motion pattern, the second authentication is not performed, and thus the payment may not proceed.

In this case, the secondary authentication may be performed according to the secondary authentication level adjusted according to the monitoring result of the mobile terminal until the product corresponding to the purchase is submitted to the POS. That is, the secondary authentication level may be determined in consideration of a situation from when the primary authentication is performed until the secondary authentication is performed.

At this time, when the monitoring result shows that the time from the first authentication until the product is submitted to the POS exceeds the preset standard purchase time, when the moving distance of the mobile terminal after the first authentication exceeds the preset standard moving distance; When the moving speed of the mobile terminal exceeds a preset reference moving speed after the first authentication, the secondary authentication level may be adjusted to be improved when it corresponds to at least one of the cases.

In this case, the preset reference purchase time may correspond to a time less than the timeout time satisfying the release condition of the first authentication.

In this case, when the secondary authentication level is improved, the secondary authentication information may be generated by further considering at least one of the moving direction, moving speed, moving distance, and size of the payment area when shaking the mobile terminal. For example, if a motion pattern is requested to be generated using only the left and right directions, if the second authentication level is improved, the motion pattern may be requested to be generated using the up and down directions as well.

Also, it is possible to request the mobile terminal to register a corresponding registered motion pattern for each level of the secondary authentication level in advance, and to generate the same motion pattern as the corresponding registered motion pattern whenever the secondary authentication level is adjusted. For example, when the secondary authentication level is the highest level, the direction, speed, and distance in which the mobile terminal moves is checked, and the size of the payment area may also be relatively narrowed based on the POS. Accordingly, the registered motion pattern can also be registered in advance in consideration of the moving direction, speed, and distance in case the secondary authentication level is adjusted to the highest level.

In this case, the secondary authentication may have a lower authentication level than the primary authentication. In other words, since the purchase intention of the user who wants to purchase the product is confirmed through the primary authentication through the mobile terminal, if the primary authentication is not canceled because the release condition of the primary authentication is satisfied, the purchase can be made only with a lower level secondary authentication Even if it is confirmed, the possibility of fraudulent settlement may be lowered. Accordingly, the secondary authentication may be an authentication method that maximizes user convenience although the authentication level is lower than that of the primary authentication.

In addition, the secondary authentication may correspond to authentication dependent on the primary authentication. That is, based on the primary authentication using the mobile terminal, secondary authentication information for secondary authentication is provided to the POS of the store, and the POS performs secondary authentication for users who want to purchase goods using the supplied secondary authentication information. can be done For example, in the secondary authentication, the photo or phone number of the user who wants to purchase the product, that is, the payer through the mobile terminal is displayed on the POS, and the store clerk provides the face or phone number to the user who approaches the POS to purchase the product. It may be a method of performing secondary authentication by checking.

The payment processing unit 250 performs offline payment in the store based on the result of the secondary authentication using the secondary authentication information. That is, when the second authentication is completed, the payment for the product or service that the user wants to purchase can be completed.

The storage unit 260 stores various information generated during the offline payment processing service according to an embodiment of the present invention as described above.

According to an embodiment, the storage unit 260 may be configured independently of the offline payment processing device to support a function for the offline payment processing service. In this case, the storage unit 260 may operate as a separate mass storage and may include a control function for performing an operation.

On the other hand, the offline payment processing device may be equipped with a memory to store information in the device. For one implementation, the memory is a computer-readable medium. In one implementation, the memory may be a volatile memory unit, and in another implementation, the memory may be a non-volatile memory unit. In one embodiment, the storage device is a computer-readable medium. In various different implementations, the storage device may include, for example, a hard disk device, an optical disk device, or some other mass storage device.

By using such an offline payment processing apparatus, when a user performs offline payment using a mobile terminal, authentication using a motion pattern of the mobile terminal is performed, thereby providing stability and convenience of offline payment.

In addition, by performing secondary authentication based on primary authentication, a security risk that may occur in the purchase process after primary authentication is completed can be prevented.

In addition, by processing payment based on pre-authentication, it is possible to safely and conveniently perform offline payment only with a mobile terminal without taking out a separate wallet or card.

3 is a block diagram illustrating a mobile terminal according to an embodiment of the present invention.

Referring to FIG. 3 , another mobile terminal according to an embodiment of the present invention includes a check-in information collecting unit 310 , a primary authentication performing unit 320 , a secondary authentication performing unit 330 , and a payment performing unit 340 . include

The check-in information collection unit 310 obtains check-in information corresponding to a store entered by the user.

In this case, the check-in information may be obtained using a Bluetooth low energy (BLE) technology or a technology such as WiFi and GPS. For example, when a user enters a store with a mobile terminal, the mobile terminal may receive a beacon signal from a BLE beacon device installed at the entrance of the store. In this case, the beacon signal may include check-in information including information on the corresponding store.

The primary authentication performing unit 320 performs primary authentication corresponding to pre-approval for a purchase corresponding to a store. For example, upon receiving a PIN input window corresponding to the primary authentication from a server corresponding to an application installed in the mobile terminal and an offline payment processing device, the primary authentication may be performed by inputting the PIN using the mobile terminal. Thereafter, the server and the offline payment processing apparatus may process the primary authentication by determining the PIN input through the mobile terminal.

In this case, the primary authentication may correspond to a pre-payment authentication performed before a product to be purchased or an amount to be paid is confirmed during offline payment.

In addition, the primary authentication may be performed through various methods such as fingerprint recognition, face recognition, and voice recognition that are possible through the mobile terminal.

In this case, the primary authentication corresponds to the release conditional authentication, and when the primary authentication is released, the secondary authentication information may be invalidated. That is, the primary authentication may correspond to authentication accompanied by a spatial or temporal release condition.

When the primary authentication is valid, the secondary authentication performing unit 330 generates secondary authentication information corresponding to a motion pattern for secondary authentication dependent on the primary authentication. In this case, the secondary authentication information may correspond to a motion pattern generated by shaking the mobile terminal.

For example, if the registered motion pattern is registered corresponding to the motion pattern generated by shaking the mobile terminal up/down once and left/right three times, when registering the registered motion pattern to perform secondary authentication even at payment Similarly, by shaking the mobile terminal up/down once and left/right 3 times, secondary authentication information corresponding to the motion pattern may be generated.

The payment execution unit 340 transmits the secondary authentication information to any one of a server and a POS corresponding to the store to perform offline payment in the store, and receives the result of the offline payment. For example, when the offline payment is successful, a payment success message including the name of a store corresponding to the offline payment, a payment method, and a payment amount may be received. In addition, when the offline payment fails, a payment failure message may be received briefly including the contents of the payment failure.

4 to 8 are diagrams showing a payment progress screen in the case of an application member in the payment method through BLE PUSH according to an embodiment of the present invention.

4 to 8, in the payment method through BLE PUSH according to an embodiment of the present invention, when a user subscribed to the application pay service enters an offline store, as shown in FIG. A benefit screen 410 is output to the user.

At this time, the BLE signal transmitted by the beacon installed in the store is recognized through the application installed in the mobile terminal, and the product benefit screen 410 including discount information and coupon information in the store included in the BLE signal is exposed to the mobile terminal. can That is, the mobile terminal may acquire discount information and coupon information by acquiring check-in information corresponding to the store through the store beacon. In addition, the mobile terminal may provide check-in information to the offline payment processing device through the application.

In this case, the product benefit screen 410 may output discount information and coupon information together with a payment button on the lockscreen 412 of the mobile terminal when the mobile terminal is locked.

Also, the product benefit screen 410 may output discount information and coupon information together with a payment button on the BLE Noti 411 of the mobile terminal.

At this time, if the user selects a body area indicating discount information and coupon information on the product benefit screen 410 , the detailed screen 510 of the store corresponding to the product benefit screen 410 is displayed through the application as shown in FIG. 5 . It can be output to the terminal.

In this case, more detailed discount and coupon information may be output together with the store information on the detailed store screen 510 . In addition, the payment button may be output together so that the user can proceed with the payment procedure at any time.

At this time, when the user selects a payment button that is output on the detailed screen 510 or product benefit screen 410 of the store, the payment PIN input window ( 610) can be output. That is, based on the offline payment processing device linked through the application, a window for primary authentication corresponding to pre-approval in the corresponding store may be output to the mobile terminal.

In this case, the primary authentication may use a picture image gesture authentication method, a touch gesture authentication method, fingerprint recognition, face recognition, and voice recognition in addition to the PIN number input authentication method.

At this time, if the user inputs a PIN, the corresponding PIN may be transmitted to the offline payment processing device to complete the first authentication. In addition, when the first authentication is completed, the offline payment processing device stores information such as the buyer's photo or phone number corresponding to the secondary authentication information for the secondary authentication, or the registered motion pattern registered by the user in advance through the application. It can be sent by POS.

Thereafter, as shown in FIG. 7 , information corresponding to a user who has completed primary authentication, that is, a purchaser who has completed primary authentication, may be displayed on the payment screen 710 on the POS device installed in the store as shown in FIG. 7 .

For example, when the user delivers a product to be purchased to the POS device as shown in FIG. 7 , the payment amount of the product is input and the amount is confirmed, and thereafter, the user may be requested to perform secondary authentication for application pay payment. .

At this time, according to the present invention, the user may shake the mobile terminal within a preset payment area near the POS device to generate the same motion pattern as the pre-registered registered motion pattern to perform secondary authentication.

Thereafter, when the second authentication is completed and payment using the application pay is successful, a payment success message 811 may be transmitted to the user's mobile terminal as shown in FIG. 8 .

In this case, the payment success message 811 may display the name of the store where the payment has been made, the payment method, and the payment amount.

Also, when the payment fails, a payment failure message 812 may be transmitted to the user's mobile terminal, and a payment screen 813 may be outputted to the mobile terminal to perform payment again.

At this time, a payment button may be output on the payment again screen 813 or a barcode for application pay payment may be output.

9 to 15 are diagrams illustrating member registration screens in the case of a non-member of the application in the payment method through BLE PUSH according to an embodiment of the present invention.

9 to 15 , in the payment method through BLE PUSH according to an embodiment of the present invention, when a user who is a non-member of the application pay service enters an offline store, as shown in FIG. 9 , a product through an application installed in the mobile terminal A benefit screen 910 is output to the user.

At this time, the BLE signal transmitted by the beacon installed in the store is recognized through the application installed in the mobile terminal, and the product benefit screen 910 including the discount information and coupon information in the store included in the BLE signal is exposed to the mobile terminal. can

At this time, the product benefit screen 910 outputs discount information and coupon information to the lockscreen 912 of the terminal when the mobile terminal is locked, but the payment button may not be output because the user is a non-member of the application pay service. .

Also, the product benefit screen 910 may output discount information and coupon information to the BLE Noti 911 of the mobile terminal.

At this time, if the user selects a body region indicating discount information and coupon information on the product benefit screen 910 , the store detailed screen 1010 corresponding to the product benefit screen 910 as shown in FIG. 10 is displayed on the mobile terminal. can be printed out.

In this case, more detailed discount and coupon information may be output together with the store information on the detailed store screen 1010 . In addition, by outputting a pay app sign-up button for subscribing to the application pay service, the user can sign up for a service for payment at any time.

At this time, when the user selects the pay app subscription button, as shown in FIG. 11 , the agreement agreement screen 1110 necessary for subscribing to the application pay service based on the offline payment processing system may be output to the user's mobile terminal.

After that, if the user agrees to the terms and conditions, as shown in FIG. 12 , the user authentication screen 1210 may be output to the mobile terminal to perform the user's own authentication.

In this case, the user authentication may be performed by inputting the user's name, resident registration number, communication company and mobile phone number, and the like, and inputting the authentication number.

Thereafter, when user authentication is completed, a payment PIN registration screen 1310 may be output to the mobile terminal to register a payment PIN number to be used for primary authentication in the application pay service as shown in FIG. 13 .

In this case, according to the primary authentication method, not only the payment PIN registration screen 1310 but also the registration screens of various authentication means such as a fingerprint registration screen and a voice registration screen may be output.

Thereafter, in order to register a card to be used in the application pay service, a card information registration screen 1410 may be output to the mobile terminal as shown in FIG. 14 .

Thereafter, after inputting all the information, a subscription confirmation screen 1510 is finally output as shown in FIG. 15 , and when the user selects confirmation, the subscription can be completed.

Thereafter, an application pay service may be provided after performing primary authentication through a PIN number by outputting a payment button to the user's mobile terminal.

16 is a diagram illustrating an example of a screen for registering a registered motion pattern according to the present invention.

Referring to FIG. 16 , in order to use an application pay service, a user may register a registered motion pattern using a mobile terminal in advance before using the service.

For example, in the process of subscribing to the application pay service, a registered motion pattern for secondary authentication may be registered through the registered motion pattern registration screen 1610 as shown in FIG. 16 .

In this case, the registered motion pattern may be registered by shaking the mobile terminal as shown in FIG. 16 . For example, a user's moving direction, moving speed, and moving distance of the mobile terminal may be detected through a motion sensor built into the mobile terminal, and a registered motion pattern may be generated using the detected data.

In this case, according to the level of the secondary authentication level, a registration motion pattern suitable for each level may be registered.

For example, it may be assumed that the secondary authentication level exists from basic level 1 to level 3 in the order of increasing security.

In this case, when the secondary authentication level corresponds to the first level, the registered motion pattern may be generated in consideration of only the moving direction of the mobile terminal.

In addition, when the secondary authentication level corresponds to the second level, a registered motion pattern may be generated in consideration of the moving direction as well as the moving speed of the mobile terminal. That is, if it is assumed that the registered motion pattern generated in level 1 is (left, right, left), it can be generated in level 2 (fast left, fast right, slow left).

Finally, when the secondary authentication level corresponds to the third level, a registered motion pattern may be generated in consideration of the moving direction, moving speed, and moving distance of the mobile terminal. That is, a registered motion pattern can be created by adding the moving distance to the registered motion pattern created in Level 2 (short fast left, long fast right, long slow left).

17 is a flowchart illustrating an offline payment processing method according to an embodiment of the present invention in terms of an offline payment processing apparatus.

Referring to FIG. 17 , the offline payment processing method according to an embodiment of the present invention acquires check-in information corresponding to a store entered by the user (S1710).

In this case, the check-in information may be obtained using a Bluetooth low energy (BLE) technology or a technology such as WiFi and GPS. For example, a device such as a BLE beacon may be installed at the entrance of a store, and when a user's mobile terminal enters the area of the BLE beacon, the corresponding terminal may be detected and a signal including store information may be transmitted. At this time, the mobile terminal receiving the signal may acquire information on the store included in the signal through the application, and transmit the information to the offline payment processing device as check-in information.

In this case, any technology capable of detecting that the user's mobile terminal has visited a store may be used as a technology for acquiring check-in information without being limited to any technology.

In addition, the offline payment processing method according to an embodiment of the present invention receives primary authentication information for primary authentication corresponding to pre-approval for a purchase corresponding to a store from a mobile terminal (S1720)

In this case, the primary authentication may correspond to a pre-payment authentication performed before a product to be purchased or an amount to be paid is confirmed during offline payment.

In this case, the primary authentication may correspond to inputting a PIN number to the mobile terminal. That is, the primary authentication may be performed in the mobile terminal. For example, when a PIN number is input to perform the primary authentication in the mobile terminal, the primary approval may be achieved by recognizing the PIN number input in the mobile terminal as primary authentication information and transmitting it to the offline payment processing device. .

In addition, the primary authentication may be performed through various methods such as fingerprint recognition, face recognition, and voice recognition that are possible through the mobile terminal.

In this case, the primary authentication corresponds to the release conditional authentication, and when the primary authentication is released, the secondary authentication information may be invalidated. That is, the primary authentication may correspond to authentication accompanied by a spatial or temporal release condition.

In this case, a timeout time corresponding to a time during which the primary authentication is valid may be set as one of the cancellation conditions of the primary authentication. That is, when a preset timeout time is exceeded after performing the primary authentication, the primary authentication may be automatically released.

In this case, the timeout time may be set differently depending on the type of store. For example, a store such as a supermarket may set a timeout period of 30 minutes to 1 hour to suit the shopping time. In addition, in a store such as a restaurant, the time-out time can be set from 2 to 3 hours to suit the meal time.

In this case, if the first authentication is released because the timeout time has expired, payment through the mobile terminal may not be performed regardless of the validity of the secondary authentication. Accordingly, in order to perform a payment through the mobile terminal after the primary authentication is released, the payment may be processed by performing the secondary authentication after performing the primary authentication again.

In addition, when the mobile terminal is more than a certain distance away from the store, the primary authentication may be released. For example, if the location of the mobile terminal is determined using a short-range wireless communication device installed at the entrance of a store and several places inside the store, and it is determined that the mobile terminal is separated from the store by a certain distance or more, the primary authentication is canceled can be

In this case, the primary authentication may be performed according to the primary authentication level adjusted according to the monitoring result of the mobile terminal acquired based on the check-in information. That is, if an abnormality is found in the monitoring result, security can be strengthened depending on the situation by improving the primary authentication level for more secure authentication.

At this time, the monitoring result may correspond to the situation before performing the first authentication.

At this time, the monitoring result is at least one of the cases where the number of mobile fraudulent payments occurring in the store exceeds the preset reference number of times when the time exceeds the preset standard authentication time after the check-in information is obtained and before the first authentication is performed In a case corresponding to , it can be adjusted to improve the primary authentication level. In other words, if it takes an abnormally long time before the first authentication is performed after a user with a mobile terminal enters the store, or if the store the user enters is a store where mobile fraudulent payments occur frequently The primary authentication level for primary authentication can be improved for secure payment.

In this case, the primary authentication may be adjusted to add a procedure for inputting a PIN number when the primary authentication level is improved. For example, if the primary authentication level is increased, the keyboard of the mobile terminal may be changed every time a PIN is input instead of a simple PIN input. In addition, after inputting a PIN, a color pattern may also be input, or a method of increasing the length of the PIN using a dummy number may be used. In addition, when the PIN is input, if earphones or headphones are connected to the audio jack of the mobile terminal and listening to music, as the primary authentication level is improved, a method of inputting the PIN through audio feedback may be used.

In this case, the primary authentication level may be improved by changing conditions that can be additionally considered during the primary authentication according to the primary authentication method. For example, if it is assumed that the primary authentication method corresponds to fingerprint recognition, as the primary authentication level is improved, a fingerprint recognition of another finger may be additionally requested. Also, in the case of face recognition, the left or right side of the face may be recognized in addition to recognizing the front of the face.

In addition, the offline payment processing method according to an embodiment of the present invention determines whether the primary authentication is valid (S1725).

After that, if the first authentication is valid as a result of the determination in step S1725, the offline payment processing method according to an embodiment of the present invention is for secondary authentication dependent on the primary authentication, and is based on the motion pattern for the mobile terminal. Secondary authentication information is generated in a corresponding form and transmitted to at least one of the POS corresponding to the mobile terminal and the store (S1730). For example, after the first authentication, the product or service that the user wants to purchase at the store may be confirmed and delivered to the POS of the store. In this case, in the POS, secondary authentication may be performed in a state in which the payment amount of the product to be purchased is input, and authentication may be performed using at least one of the user's mobile terminal and the POS. Accordingly, in a state in which the final payment amount is confirmed, secondary authentication information for secondary authentication may be generated and transmitted to at least one of the mobile terminal and the POS.

At this time, the secondary authentication determines whether the mobile terminal exists in the payment area preset based on the POS when the payment amount of the product corresponding to the purchase is input in the POS, and when the mobile terminal is in the payment area It may be performed by comparing whether a motion pattern generated by the user shaking the mobile terminal matches a registered motion pattern registered in advance by the user.

In this case, the motion pattern and the registered motion pattern may be generated by detecting a movement when the user shakes the mobile terminal. For example, when the user shakes the mobile terminal in the order of left-right-left-right, a motion sensor inside the mobile terminal may detect it and generate a motion pattern. That is, the registered motion pattern may correspond to a motion pattern registered in advance using the mobile terminal in order to use the application pay service according to the present invention. Accordingly, the user may perform the secondary authentication by shaking the mobile terminal so that the same motion pattern as the previously registered motion pattern is generated.

In this case, it may be determined whether the user's mobile terminal exists in the payment area through a separate device. For example, a speaker that outputs a high frequency of a specific frequency is installed around the POS in a specific direction, and the user's mobile terminal detects the high frequency only within the payment area, thereby determining whether to enter the payment area.

Therefore, if the user leaves the payment area with the mobile terminal after the payment amount is confirmed by delivering the product to be purchased to the POS, this may be detected and secondary authentication may not be performed. For example, it may be assumed that the user leaves the payment area to purchase additional products after a payment amount is input by delivering the product to be purchased to the POS. At this time, even if a motion pattern is generated by accidentally shaking the mobile terminal outside the payment area, the payment may not proceed because the secondary authentication is not performed.

Also, even if the motion pattern registered in advance by the user based on the application does not match the motion pattern, the second authentication is not performed, and thus the payment may not proceed.

In this case, the secondary authentication may be performed according to the secondary authentication level adjusted according to the monitoring result of the mobile terminal until the product corresponding to the purchase is submitted to the POS. That is, the secondary authentication level may be determined in consideration of a situation from when the primary authentication is performed until the secondary authentication is performed.

At this time, when the monitoring result shows that the time from the first authentication until the product is submitted to the POS exceeds the preset standard purchase time, when the moving distance of the mobile terminal after the first authentication exceeds the preset standard moving distance; When the moving speed of the mobile terminal exceeds a preset reference moving speed after the first authentication, the secondary authentication level may be adjusted to be improved when it corresponds to at least one of the cases.

In this case, the preset reference purchase time may correspond to a time less than the timeout time satisfying the release condition of the first authentication.

In this case, when the secondary authentication level is improved, the secondary authentication information may be generated by further considering at least one of the moving direction, moving speed, moving distance, and size of the payment area when shaking the mobile terminal. For example, if a motion pattern is requested to be generated using only the left and right directions, if the second authentication level is improved, the motion pattern may be requested to be generated using the up and down directions as well.

Also, it is possible to request the mobile terminal to register a corresponding registered motion pattern for each level of the secondary authentication level in advance, and to generate the same motion pattern as the corresponding registered motion pattern whenever the secondary authentication level is adjusted. For example, when the secondary authentication level is the highest level, the direction, speed, and distance in which the mobile terminal moves is checked, and the size of the payment area may also be relatively narrowed based on the POS. Accordingly, the registered motion pattern can also be registered in advance in consideration of the moving direction, speed, and distance in case the secondary authentication level is adjusted to the highest level.

In this case, the secondary authentication may have a lower authentication level than the primary authentication. In other words, since the purchase intention of the user who wants to purchase the product is confirmed through the primary authentication through the mobile terminal, if the primary authentication is not canceled because the release condition of the primary authentication is satisfied, the purchase can be made only with a lower level secondary authentication Even if it is confirmed, the possibility of fraudulent settlement may be lowered. Accordingly, the secondary authentication may be an authentication method that maximizes user convenience although the authentication level is lower than that of the primary authentication.

In addition, the secondary authentication may correspond to authentication dependent on the primary authentication. That is, based on the primary authentication using the mobile terminal, secondary authentication information for secondary authentication is provided to the POS of the store, and the POS performs secondary authentication for users who want to purchase goods using the supplied secondary authentication information. can be done For example, in the secondary authentication, the photo or phone number of the user who wants to purchase the product, that is, the payer through the mobile terminal is displayed on the POS, and the store clerk provides the face or phone number to the user who approaches the POS to purchase the product. It may be a method of performing secondary authentication by checking.

In addition, if it is determined in step S1725 that the primary authentication is not valid, primary authentication information may be received to perform primary authentication again.

In addition, the offline payment processing method according to an embodiment of the present invention performs an offline payment in a store based on the secondary authentication result using the secondary authentication information (S1740). That is, when the second authentication is completed, the payment for the product or service that the user wants to purchase can be completed.

In addition, although not shown in FIG. 17, the offline payment processing method according to an embodiment of the present invention transmits and receives information necessary for offline payment processing with a user's mobile terminal through a communication network such as a network. In particular, information for performing check-in, primary authentication, and secondary authentication may be received from the mobile terminal, and information corresponding to offline payment processing may be provided to the mobile terminal.

At this time, information for performing offline payment processing may be received from a separate application server or a POS installed in a store.

In addition, although not shown in FIG. 17, the offline payment processing method according to an embodiment of the present invention stores various information generated during the offline payment processing service process according to an embodiment of the present invention as described above.

According to an embodiment, the storage module for storing information may be configured independently of the offline payment processing device to support a function for the offline payment processing service. In this case, the storage module may operate as a separate mass storage and may include a control function for performing the operation.

Through such an offline payment processing method, when a user performs an offline payment using a mobile terminal, authentication using a motion pattern of the mobile terminal can be performed to provide stability and convenience of offline payment.

In addition, by performing secondary authentication based on primary authentication, a security risk that may occur in the purchase process after primary authentication is completed can be prevented.

In addition, by processing payment based on pre-authentication, it is possible to safely and conveniently perform offline payment only with a mobile terminal without taking out a separate wallet or card.

18 is a flowchart illustrating an offline payment processing method from the perspective of a mobile terminal according to an embodiment of the present invention.

Referring to FIG. 18 , the offline payment processing method according to an embodiment of the present invention acquires check-in information corresponding to a store entered by the user (S1810).

In this case, the check-in information may be obtained using a Bluetooth low energy (BLE) technology or a technology such as WiFi and GPS. For example, when a user enters a store with a mobile terminal, the mobile terminal may receive a beacon signal from a BLE beacon device installed at the entrance of the store. In this case, the beacon signal may include check-in information including information on the corresponding store.

In addition, the offline payment processing method according to an embodiment of the present invention performs the primary authentication corresponding to the pre-approval for the purchase corresponding to the store (S1820). For example, upon receiving a PIN input window corresponding to the primary authentication from a server corresponding to an application installed in the mobile terminal and an offline payment processing device, the primary authentication may be performed by inputting the PIN using the mobile terminal. Thereafter, the server and the offline payment processing apparatus may process the primary authentication by determining the PIN input through the mobile terminal.

In this case, the primary authentication may correspond to a pre-payment authentication performed before a product to be purchased or an amount to be paid is confirmed during offline payment.

In addition, the offline payment processing method according to an embodiment of the present invention determines whether the primary authentication is valid (S1825).

In addition, the primary authentication may be performed through various methods such as fingerprint recognition, face recognition, and voice recognition that are possible through the mobile terminal.

In this case, the primary authentication corresponds to the release conditional authentication, and when the primary authentication is released, the secondary authentication information may be invalidated. That is, the primary authentication may correspond to authentication accompanied by a spatial or temporal release condition.

If it is determined in step S1825 that the primary authentication is not valid, the primary authentication may be performed.

In addition, if the primary authentication is valid as a result of the determination in step S1825, the offline payment processing method according to an embodiment of the present invention provides secondary authentication information corresponding to the motion pattern for secondary authentication dependent on primary authentication. create In this case, the secondary authentication information may correspond to a motion pattern generated by shaking the mobile terminal (S1830).

For example, if the registered motion pattern is registered corresponding to the motion pattern generated by shaking the mobile terminal up/down once and left/right three times, when registering the registered motion pattern to perform secondary authentication even at payment Similarly, by shaking the mobile terminal up/down once and left/right 3 times, secondary authentication information corresponding to the motion pattern may be generated.

In addition, the offline payment processing method according to an embodiment of the present invention transmits the secondary authentication information to any one of a server and a POS corresponding to the store in order to perform an offline payment in the store, and receives the result of the offline payment do (S1840). For example, when the offline payment is successful, a payment success message including the name of a store corresponding to the offline payment, a payment method, and a payment amount may be received. In addition, when the offline payment fails, a payment failure message may be received briefly including the contents of the payment failure.

19 is a diagram illustrating in detail a process of improving the secondary authentication level of secondary authentication among the offline payment processing methods shown in FIG. 17 .

Referring to FIG. 19 , in the process of improving the secondary authentication level of secondary authentication among the offline payment processing methods shown in FIG. 17 , a monitoring result for the mobile terminal is acquired before the product is submitted to the POS ( S1910 ). That is, the secondary authentication level may be determined in consideration of a situation from when the primary authentication is performed until the secondary authentication is performed.

Thereafter, it is determined whether the monitoring result satisfies the condition for improving the secondary authentication level (S1915).

At this time, when the monitoring result shows that the time from the first authentication until the product is submitted to the POS exceeds the preset standard purchase time, when the moving distance of the mobile terminal after the first authentication exceeds the preset standard moving distance; When the movement speed of the mobile terminal exceeds the preset reference movement speed after the first authentication, it may be determined that the second authentication level improvement condition is satisfied when it corresponds to at least one of the cases.

In this case, the preset reference purchase time may correspond to a time less than the timeout time satisfying the release condition of the first authentication.

If the monitoring result of step S1915 satisfies the condition for improving the secondary authentication level, at least one of the moving direction, moving speed, moving distance, and size of the payment area is further considered when generating a motion pattern through the mobile terminal. Secondary authentication information with enhanced security is generated (S1920). That is, the secondary authentication level can be improved by generating secondary authentication information with enhanced security and performing secondary authentication.

Thereafter, the generated secondary authentication information is transmitted to at least one of the mobile terminal and the POS to perform secondary authentication with an improved secondary authentication level (S1940).

Also, if the monitoring result of the determination in step S1915 does not satisfy the condition for improving the secondary authentication level, the secondary authentication may be performed without improving the secondary authentication level (S1930).

FIG. 20 is a diagram illustrating in detail a process of improving the primary authentication level of primary authentication among the offline payment processing methods shown in FIG. 17 .

Referring to FIG. 20 , in the process of improving the primary authentication level of primary authentication among the offline payment processing methods shown in FIG. 17 , first, a monitoring result for the mobile terminal is acquired based on check-in information ( S2010 ). That is, if an abnormality is found in the monitoring result, security can be strengthened depending on the situation by improving the primary authentication level for more secure authentication.

At this time, the monitoring result may correspond to the situation before performing the first authentication.

Thereafter, it is determined whether the monitoring result satisfies the first authentication level improvement condition (S2015).

At this time, the monitoring result is at least one of the cases where the number of mobile fraudulent payments occurring in the store exceeds the preset reference number of times when the time exceeds the preset standard authentication time after the check-in information is obtained and before the first authentication is performed In the case corresponding to , it may be determined that the condition for improving the first authentication level is satisfied. In other words, if it takes an abnormally long time before the first authentication is performed after a user with a mobile terminal enters the store, or if the store the user enters is a store where mobile fraudulent payments occur frequently The primary authentication level for primary authentication can be improved for secure payment.

If the monitoring result of the determination result of step S2015 satisfies the condition for improving the primary authentication level, the primary authentication level is improved by adding factors to be considered during the primary authentication according to the primary authentication method (S2020). For example, if it is assumed that the primary authentication method is PIN input, when the primary authentication level is increased, the keyboard of the mobile terminal may be changed every time a PIN is input instead of a simple PIN input. In addition, after inputting the PIN, a color pattern may also be input, or a method of increasing the length of the PIN using a dummy number may be used. In addition, when a PIN is input, if earphones or headphones are connected to the audio jack of the mobile terminal and listening to music, a method of inputting a PIN through audio feedback may be used as the primary authentication level is improved.

In addition, if the monitoring result of the determination result of step S2015 does not satisfy the condition for improving the primary authentication level, the primary authentication may be performed without improving the primary authentication level.

The offline payment processing method according to the present invention may be implemented in the form of a program command that can be executed through various computer means and recorded in a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, etc. alone or in combination. The program instructions recorded on the medium may be specially designed and configured for the present invention, or may be known and available to those skilled in the art of computer software. Examples of the computer-readable recording medium include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic such as floppy disks. - Includes magneto-optical media, and any form of hardware device specially configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. Examples of program instructions may include high-level language codes that can be executed by a computer using an interpreter or the like as well as machine language codes such as those generated by a compiler. Such hardware devices may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

As described above, the offline payment processing system according to the present invention, the second authentication-based offline payment processing method using a motion pattern, and the apparatus using the same can be limitedly applicable to the configuration and method of the embodiments described above as described above. Rather, the above embodiments may be configured by selectively combining all or part of each of the embodiments so that various modifications can be made.

According to the present invention, the user obtains check-in information corresponding to the store entered by the user, receives the primary authentication information for the primary authentication corresponding to pre-approval for the purchase corresponding to the store from the mobile terminal, and the primary authentication is performed. When valid, for secondary authentication dependent on primary authentication, secondary authentication information is generated in a form corresponding to the motion pattern for the mobile terminal and transmitted to at least one of the POS corresponding to the mobile terminal and the store, and the secondary authentication information is generated. Offline payment at the store can be performed based on the result of the secondary authentication using the authentication information. Furthermore, it is possible to provide a stable offline payment service while maximizing convenience to users.

110: application server 111: application
120: terminal 130: POS
140: BLE Server 141: BLE SDK
150: BLE device 160: store
210: communication unit 220: check-in information acquisition unit
230: primary authentication unit 240: secondary authentication unit
250: payment processing unit 260: storage unit
310: check-in information collection unit 320: first authentication execution unit
330: second authentication performing unit 340: payment performing unit
410, 910: Product benefit screen 411, 911: BLE Noti
412, 912: Lockscreen 510, 1010: Store detail screen
610: payment PIN input window 710: payment screen
811: Payment success message 812: Payment failure message
813: Payment again screen 1110: Terms and conditions agreement screen
1210: User authentication screen 1310: Payment PIN registration screen
1410: Card information registration screen 1510: Registration confirmation screen
1610: Registration motion pattern registration screen

Claims (10)

a check-in information acquisition unit that acquires check-in information corresponding to a store entered by the user;
a primary authentication unit for receiving primary authentication information for primary authentication corresponding to pre-approval for a purchase corresponding to the store from the mobile terminal;
For secondary authentication dependent on the primary authentication when the primary authentication is valid, secondary authentication information is generated in a form corresponding to the motion pattern for the mobile terminal to correspond to the mobile terminal and the store. a secondary authentication unit for transmitting at least one of POS; and
A payment processing unit that performs offline payment in the store based on the secondary authentication result using the secondary authentication information
includes,
The second authentication unit,
According to the monitoring result of the mobile terminal until the product corresponding to the purchase is submitted to the POS, the time from the first authentication of the monitoring result until the product is submitted to the POS is a preset reference purchase time. When exceeding, at least one of a case in which the moving distance of the mobile terminal after the first authentication exceeds a preset reference moving distance and a case in which the moving speed of the mobile terminal exceeds a preset reference moving speed after the first authentication Adjust to improve the secondary authentication level in a case corresponding to, and when the secondary authentication level is improved, the improved secondary authentication level among the moving direction, moving speed, moving distance, and size of the payment area when shaking the mobile terminal to generate the secondary authentication information by further considering at least one condition not considered in the existing secondary authentication level before upgrading to
The second authentication is
Offline payment processing apparatus, characterized in that performed according to the secondary authentication level adjusted according to the monitoring result. ◈Claim 2 was abandoned when paying the registration fee.◈ The method according to claim 1,
The second authentication is
When the payment amount of the product corresponding to the purchase is input into the POS, it is determined whether the mobile terminal exists within a preset payment area based on the POS, and when the mobile terminal is within the payment area, the user Offline payment processing apparatus, characterized in that the motion pattern generated by shaking the mobile terminal is performed by comparing whether the motion pattern registered in advance by the user is matched. delete delete delete delete delete delete delete obtaining, by the offline payment processing device, check-in information corresponding to a store entered by the user;
receiving, by the offline payment processing device, primary authentication information for primary authentication corresponding to pre-approval for a purchase corresponding to the store from a mobile terminal;
The offline payment processing device is for secondary authentication dependent on the primary authentication when the primary authentication is valid, and generates secondary authentication information in a form corresponding to a motion pattern for the mobile terminal to generate secondary authentication information for the mobile terminal. transmitting to at least one of a terminal and a POS corresponding to the store; and
performing, by the offline payment processing device, an offline payment in the store based on a secondary authentication result using the secondary authentication information
includes,
The transmitting step is
The offline payment processing device, according to the monitoring result of the mobile terminal until the product corresponding to the purchase is submitted to the POS, the time from the first authentication of the monitoring result until the product is submitted to the POS When the preset reference purchase time is exceeded, when the movement distance of the mobile terminal after the first authentication exceeds a preset reference movement distance, and after the first authentication, the movement speed of the mobile terminal is a preset reference movement speed The second authentication level is adjusted to improve when corresponding to at least one of the cases exceeding Further comprising the step of generating the secondary authentication information by further considering at least one condition not considered in the existing secondary authentication level prior to upgrading to the improved secondary authentication level,
The second authentication is
Offline payment processing method, characterized in that performed according to the secondary authentication level adjusted according to the monitoring result.

Images