diff --git a/shop/inicis/INIStdPayReturn.php b/shop/inicis/INIStdPayReturn.php
index 983081041..c3a3252a7 100644
--- a/shop/inicis/INIStdPayReturn.php
+++ b/shop/inicis/INIStdPayReturn.php
@@ -85,6 +85,16 @@ try {
             $tid = $resultMap['tid'];
             $oid = $resultMap['MOID'];
 
+            /*************************  결제보안 추가 2016-05-18 START ****************************/
+            $secureMap['mid']       = $mid;                         //mid
+            $secureMap['tstamp']    = $timestamp;                   //timestemp
+            $secureMap['MOID']      = $resultMap['MOID'];           //MOID
+            $secureMap['TotPrice']  = $resultMap['TotPrice'];       //TotPrice
+
+            // signature 데이터 생성
+            $secureSignature = $util->makeSignatureAuth($secureMap);
+            /*************************  결제보안 추가 2016-05-18 END ****************************/
+
             $sql = " select * from {$g5['g5_shop_order_data_table']} where od_id = '$oid' ";
             $row = sql_fetch($sql);
 
@@ -100,7 +110,7 @@ try {
                     $page_return_url .= '?sw_direct=1';
             }
 
-            if (strcmp('0000', $resultMap['resultCode']) == 0) {
+            if ((strcmp('0000', $resultMap['resultCode']) == 0) && (strcmp($secureSignature, $resultMap['authSignature']) == 0) ) { //결제보안 추가 2016-05-18
                 /*                         * ***************************************************************************
                  * 여기에 가맹점 내부 DB에 결제 결과를 반영하는 관련 프로그램 코드를 구현한다.
 
diff --git a/shop/inicis/libs/INIStdPayUtil.php b/shop/inicis/libs/INIStdPayUtil.php
index c53a46a04..d5f0dfc48 100644
--- a/shop/inicis/libs/INIStdPayUtil.php
+++ b/shop/inicis/libs/INIStdPayUtil.php
@@ -1,5 +1,3 @@
-
-
 <?php
 
 class INIStdPayUtil {
@@ -69,6 +67,59 @@ class INIStdPayUtil {
         $ret = hash($alg, $data);
         return $ret;
     }
+	
+	//
+	function makeSignatureAuth($parameters) {
+
+		if ($parameters == null || sizeof($parameters) == 0) {
+			throw new Exception("<p>Parameters can not be empty.</P>");
+		}
+
+		$stringToSign = "";															//반환용 text
+		$mid          = $parameters["mid"];                                                //mid
+		$tstamp       = $parameters["tstamp"];												//auth timestamp
+		$MOID         = $parameters["MOID"];												//OID
+		$TotPrice     = $parameters["TotPrice"];											//total price
+		$tstampKey    = substr($parameters["tstamp"], strlen($parameters["tstamp"]) - 1);	// timestamp 마지막 자리 1자리 숫자
+		
+		switch (intval($tstampKey)){
+		case 1 :
+			$stringToSign = "MOID=" . $MOID . "&mid=" . $mid . "&tstamp=" . $tstamp ;
+			break;
+		case 2 :
+			$stringToSign = "MOID=" . $MOID . "&tstamp=" . $tstamp . "&mid=" . $mid ;
+			break;
+		case 3 :
+			$stringToSign = "mid=" . $mid . "&MOID=" . $MOID . "&tstamp=" . $tstamp ;
+			break;
+		case 4 :
+			$stringToSign = "mid=" . $mid . "&tstamp=" . $tstamp . "&MOID=" . $MOID ;
+			break;
+		case 5 :
+			$stringToSign = "tstamp=" . $tstamp . "&mid=" . $mid . "&MOID=" . $MOID ;
+			break;
+		case 6 :
+			$stringToSign = "tstamp=" . $tstamp . "&MOID=" . $MOID . "&mid=" . $mid ;
+			break;
+		case 7 :
+			$stringToSign = "TotPrice=" . $TotPrice . "&mid=" . $mid . "&tstamp=" . $tstamp ;
+			break;
+		case 8 :
+			$stringToSign = "TotPrice=" . $TotPrice . "&tstamp=" . $tstamp . "&mid=" . $mid ;
+			break;
+		case 9 :
+			$stringToSign = "TotPrice=" . $TotPrice . "&MOID=" . $MOID . "&tstamp=" . $tstamp ;
+			break;
+		case 0 :
+			$stringToSign = "TotPrice=" . $TotPrice . "&tstamp=" . $tstamp . "&MOID=" . $MOID ;
+			break;
+		}
+
+		$signature = hash("sha256", $stringToSign);            				// sha256 처리하여 hash 암호화
+		//$signature = $this->makeHash($stringToSign, "sha256");            // sha256 처리하여 hash 암호화
+
+		return $signature;
+	}
 
 }
 ?>
\ No newline at end of file