Official Certificate Using Method By Using Management Company Server to improve Security and Official Certificate Using System

摘要

A method for securely using an authorized certificate through a service provider server for improving the security of the present invention is a method in which a user PC downloads and executes a financial related program from a financial institution server and then receives and executes a certificate management program, A step in which the user PC requests the financial institution server to sign a mobile SIM certificate; and the financial institution server encrypts the data required for signing using the set financial institution key, and transmits the encrypted data to the service provider server A step of decrypting the encrypted data received by the service provider server, encrypting the decrypted data with a preset communication key key, and transmitting the encrypted data to the communication company server together with a command for requesting the signature of the encrypted data; From a financial institution server Transmitting the received data to a communication SIM for signing with a certificate stored in a certificate applet module of the internal communication SIM; Decrypting the received data with a preset communication key; signing the decrypted data of the communication module of the communication SIM to generate a signature value and encrypting the generated signature value with a preset communication key; The application module transmitting the encrypted signature value to the certificate management application module of the mobile device, the certificate management application module transmitting the encrypted signature value to the communication company server, and the communication company server transmitting the encrypted signature value again To a service provider server, Encrypting the encrypted signature value with a communication company key using an encryption / decryption module, encrypting the re-decrypted signature value with a financial institution key using a financial institution encryption / decryption module, The method comprising: transmitting a signature value encrypted with a financial institution key to a financial institution server; decrypting the encrypted signature value received by the financial institution server with a predetermined financial institution key and processing the received signature value; And transmitting to the certificate management company server and checking whether the signed data is a normal signature value.