KR101699167B1 - Otp authentication system, apparatus and method - Google Patents

Otp authentication system, apparatus and method Download PDF

Info

Publication number
KR101699167B1
KR101699167B1 KR1020150103506A KR20150103506A KR101699167B1 KR 101699167 B1 KR101699167 B1 KR 101699167B1 KR 1020150103506 A KR1020150103506 A KR 1020150103506A KR 20150103506 A KR20150103506 A KR 20150103506A KR 101699167 B1 KR101699167 B1 KR 101699167B1
Authority
KR
South Korea
Prior art keywords
otp
password
terminal
user
authentication
Prior art date
Application number
KR1020150103506A
Other languages
Korean (ko)
Inventor
공만혁
Original Assignee
중소기업은행
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 중소기업은행 filed Critical 중소기업은행
Priority to KR1020150103506A priority Critical patent/KR101699167B1/en
Application granted granted Critical
Publication of KR101699167B1 publication Critical patent/KR101699167B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Abstract

At least some embodiments of the present invention relate to an OTP authentication system using an OTP terminal, a terminal, and an authentication method using the terminal, wherein the host terminal using the OTP terminal includes an interface for transmitting and receiving information from the OTP terminal storing the OTP program A communication unit for transmitting and receiving information in order to receive a service by accessing a service providing apparatus; and a communication unit for receiving a compound password pattern from the service providing apparatus, receiving a password of one or more digits corresponding to a user- And a control unit for requesting service provision by transmitting the compound password generated by automatically inputting the OTP generated by the OTP terminal according to the compound password pattern to the service providing apparatus.

Description

[0001] OTP AUTHENTICATION SYSTEM, APPARATUS AND METHOD [0002]

At least some embodiments of the present invention relate to an OTP authentication system using an OTP terminal, a terminal, and an authentication method using the same.

Generally, OTP is an abbreviation of One Time Password and refers to authentication method using one-time password.

The OTP system includes an OTP terminal to be carried by a user (consumer), a PC as a means for a user to connect to an OTP authentication server through an Internet network or a wire / wireless telephone network, an OTP terminal And an OTP authentication server that performs authentication processing when a server authentication number generated by the authentication server matches the authentication number based on the current time.

In the conventional OTP terminal and the OTP authentication process using the OTP terminal, when the user accesses the OTP authentication server through the PC 20 and requests authentication, the OTP terminal authenticates the OTP terminal owned by the user corresponding to the current time And generates a disposable password. If the password input by the user matches the password generated by the OTP authentication server, the authentication processing is performed.

The OTP authentication server stores the user ID, the serial number of the OTP terminal owned by the user, the password generation key value, the last transaction date of the user, and the like stored in the user information stored in the database (not shown) When the authentication server is requested to be authenticated, a password corresponding to the current time is generated depending on the password generation key value of the OTP terminal owned by the user.

The conventional technology has a problem that when a user connects to the OTP authentication server, normal authentication processing is performed when the password of the OTP terminal input to the OTP authentication server is normal regardless of whether the OTP terminal is owned or not.

On the other hand, prior to providing security services such as financial transactions, authentication is required prior to OTP use. Therefore, the customer has a problem in that the user must have a medium storing an official certificate, an OTP terminal, and the like at the time of financial transaction, which is inconvenient.

An object of the present invention is to provide an authentication system and a method using an OTP which improves security by storing a public certificate and an OTP program in a single medium.

The OTP authentication system according to an exemplary embodiment of the present invention includes an OTP terminal storing an official certificate and an OTP program, and an OTP server, when the OTP terminal is connected and user authentication is normally performed using preset user authentication information, And provides a mixed password pattern in which a host terminal receiving a service and a host terminal logged in are mixed with an OTP and a user set password to provide a service, and when a compound password is received from the host terminal, And a service providing device for performing authentication by applying the OTP and the pre-stored user setting password to the compound password pattern, wherein the host terminal transmits a password of one or more digits corresponding to the user setting password of the received compound password pattern four And the OTP generated by the OTP terminal is automatically input in accordance with the composite password pattern, and the generated composite password is transmitted to the service providing apparatus.

A terminal according to an embodiment of the present invention includes an interface unit for enabling information to be transmitted and received from an OTP terminal storing an OTP program, a communication unit for transmitting and receiving information to be connected to the service providing apparatus and receiving the service, Receives a compound password pattern from the device, receives a password of one or more digits corresponding to the user set password of the received compound password pattern from the user, automatically inputs the OTP generated by the OTP terminal according to the compound password pattern And a control unit for requesting a service provision by transmitting a composite password to the service providing apparatus.

The authentication method using the OTP according to an embodiment of the present invention includes the steps of performing user authentication using preset user authentication information when the host terminal is connected to the OTP terminal, A step of providing a composite password pattern for providing a service to a host terminal in which the service providing apparatus has been logged in by using the service providing apparatus; And transmitting the OTP generated by the OTP terminal to the service providing apparatus by automatically inputting the OTP generated by the OTP terminal according to the compound password pattern, From the terminal, And performing complex password authentication by applying the OTP received from the OTP authentication server and the pre-stored user set password to the compound password pattern upon receipt thereof.

The authentication method using an OTP of a host terminal that performs authentication to receive a service provided by a service providing apparatus by using information stored in an OTP terminal connected to an OTP terminal according to an embodiment of the present invention, A step of receiving from the user a password of one or more digits corresponding to a user set password of the received compound password pattern; and a step of receiving the OTP generated by the OTP terminal from the compound password pattern And transmitting the combined password generated by automatically inputting the password to the service providing apparatus, thereby requesting service provision.

According to one embodiment of the present invention, the public certificate and the OTP program can be stored in one medium to provide convenience and improve security.

According to an embodiment of the present invention, even when the input number is exposed by hacking the keyboard input information, the user password may not be exposed.

According to the embodiment of the present invention, even if the generated OTP is exposed to a third party for a certain period of time, the OTP can be prevented from being used by illegal users.

FIG. 1 is a view for schematically explaining a configuration of an OTP authentication system according to an embodiment of the present invention.
2 is a diagram illustrating a structure of a USB type OTP terminal according to an embodiment of the present invention.
3 is a schematic diagram for explaining a configuration of a host terminal of an OTP authentication system according to an embodiment of the present invention.
4 is a flowchart illustrating an authentication method of an OTP authentication system according to an embodiment of the present invention.
5 is a flowchart illustrating an authentication method for a service providing apparatus of a host terminal according to an embodiment of the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings. The configuration of the present invention and the operation and effect thereof will be clearly understood through the following detailed description. Before describing the present invention in detail, the same components are denoted by the same reference symbols as possible even if they are displayed on different drawings. In the case where it is judged that the gist of the present invention may be blurred to a known configuration, do.

FIG. 1 is a view for schematically explaining a configuration of an OTP authentication system according to an embodiment of the present invention.

The OTP authentication system according to an embodiment of the present invention is a system for providing a service including a financial service using an OTP generation program stored in an OTP terminal and public authentication, and a highly secure authentication system.

As shown in FIG. 1, the OTP authentication system may include an OTP terminal 100, a host terminal 200, a service providing apparatus 300, and an OTP authentication server 400.

The OTP terminal 100 is connected to an external device (not shown) to transmit and receive information, and has an interface including, for example, a USB connector or a Bluetooth transceiver. The OTP terminal 100 stores an OTP generation program, and can further store an authorized certificate and user authentication information. The user authentication information may be set by the user as information necessary for user authentication in order to install the OTP terminal 100 in the external device and read the information stored in the OTP terminal 100. That is, the user can read the information of the OTP terminal 100 connected to the USB port or execute the execution program of the OTP terminal 100 only when the user authentication is normally performed.

The host terminal 200 includes a USB port or a Bluetooth transceiver so that the host terminal 200 can access the OTP terminal 100. The host terminal 200 is a terminal for performing an arbitrary procedure for accessing a service providing apparatus through a wired / wireless network to receive a service. Examples of terminals include a PC, a notebook, a laptop, and the like.

The service providing apparatus 300 is a device that performs authentication and provides a service to a terminal connected to the host terminal 200 by wire or wireless according to an arbitrary procedure. Here, the service can be applied not only to financial services such as financial institutions, financial institutions or insurance companies but also to public period and general company services that require security when providing Internet services.

The service providing apparatus 300 performs authentication before providing the service to the host terminal 200 that is logged in. Multiple passwords may be used for authentication.

The compound password is a combination of a user preset password set by the user and the OTP generated by the OTP program according to an arbitrary pattern. The pattern used at this time is called the compound password pattern.

The service providing apparatus 300 generates the compound password pattern at every authentication and provides the compound password pattern to the host terminal 200. Thereafter, the service providing apparatus 300 performs authentication when the compound password is received from the host terminal 200. [ In another modification, the service providing apparatus 300 may generate and use a compound password pattern at an arbitrary period.

2 is a diagram illustrating a structure of a USB type OTP terminal according to an embodiment of the present invention.

2, the USB type OTP terminal 100 includes a USB connector 110, a controller 120, a data storage 130, an OTP generation program storage 140, and a power supply 150 .

The USB connector unit 110 is connected to a USB port (interface) provided in an external device (the host terminal 200 in FIG. 1).

 The control unit 120 may transmit information stored in advance according to a signal received from the external device, or may operate the OTP generation program.

The control unit 120 outputs a signal for controlling the data stored in the data storage unit 130 to be deleted or the data transmitted and received through the USB connector unit 110 to be stored in the data storage unit 130.

When the operation of the OTP terminal is requested, the controller 120 requests the user authentication information previously set by the user to the external device, and compares the received user authentication information with the user authentication information stored in the data storage 130 And outputs a signal for controlling the ON / OFF operation of the OTP terminal according to the result. In another modification, user authentication information may be received from a key input unit (not shown) provided in a part of the OTP terminal 100. [

The data storage unit 130 may include an OTP generation program that allows the OTP terminal 100 to perform the OTP function and an OTP generation program that enables the OTP terminal 100 to perform other functions (for example, an MP3 player, a portable storage device, etc.) And the data to be transmitted and received through the USB connector unit 110 are stored and the data is stored or deleted according to a control signal output through the controller 120. The flash memory is preferably composed of a flash memory.

The data storage unit 130 additionally stores the user authentication information set by the user of the OTP terminal.

The user authentication information may include at least one of a password including a number or character set by the user, user biometrics information, and an OTP terminal authentication number.

The OTP generation program storage unit 140 stores an OTP generation program. When a signal for instructing an OTP generation operation is received from the control unit 120, an OTP random number is generated by operating a predetermined encryption program. As in the present embodiment, the OTP program for OTP generation may be stored in the OTP generation program storage unit 140 separate from the general data storage unit 130 so that the OTP program is not erased by the user's mistake.

The power supply unit 150 supplies power necessary for operating each component of the OTP terminal.

In the embodiment of the present invention, the USB type OTP terminal is taken as an example. In another modification, the OTP terminal may be an OTP terminal using a short distance communication. In this case, a short distance communication unit may be required instead of the USB type connector. In addition, a start end button capable of inputting the communication start signal and the end signal of the short-range communication may be required.

3 is a schematic diagram for explaining a configuration of a host terminal of an OTP authentication system according to an embodiment of the present invention.

3, the host terminal 200 may include a USB interface unit 210, a control unit 220, a communication unit 230, and a storage unit 240.

The USB interface unit 210 enables information to be transmitted and received from an OTP terminal storing an OTP program. In the embodiment of the present invention, the USB type interface has been described as an example, but the present invention is not limited thereto.

The control unit 220 controls the operation of each component for authentication and service provisioning of the host terminal 200.

The control unit 220 receives the compound password pattern from the service providing apparatus and displays the compound password pattern on the display unit (not shown). Here, the password pattern includes a user-set password and an arbitrary rule for combining some or all of the OTP.

The control unit 220 controls the display unit to display the place where the user setting password is input and the place where the OTP is inputted.

When the control unit 220 receives one or more passwords corresponding to the user set password of the compound password pattern from the user, the controller 220 automatically inputs the OTP generated by the OTP terminal according to the compound password pattern to generate a compound password. The control unit 220 delivers the generated compound password to the service providing apparatus.

The control unit 220 may receive a password of one or more digits corresponding to the user set password of the compound password pattern from the user, and then may transmit a command to the OTP terminal and the OTP authentication server to instruct the OTP terminal to generate the OTP.

The communication unit 230 is connected to the service providing apparatus and transmits / receives information to receive a service.

The storage unit 240 stores programs and information necessary for the authentication and service provision of the host terminal 200.

The control unit 220 may control the OTP terminal to perform a login procedure using a public certificate stored in the OTP terminal at the request of the service providing apparatus.

4 is a flowchart illustrating an authentication method of an OTP authentication system according to an embodiment of the present invention.

The host terminal 200 is connected to the OTP terminal (S10).

When the host terminal 200 receives the user authentication information from the user (S20) and transfers the user authentication information to the OTP terminal 100 (S30), the OTP terminal performs user authentication using the stored user authentication information (S40).

If authentication is normally performed, the lock is released (S50). Releasing the lock means putting the function of the OTP terminal into a state in which it can perform normally. For example, the information stored in the storage unit of the OTP terminal can be read or the execution program stored in the OTP terminal can be executed. On the other hand, when the authentication is not normally performed, the information stored in the storage unit of the OTP terminal can not be read and the execution program can not be executed.

Next, the host terminal 200 accesses the service providing apparatus 300 to receive the service (S100).

Before the service is provided, the service providing apparatus 300 may request the host terminal 200 for login information. For example, the host terminal 200 can perform login (S120) by transmitting the authentication information stored in the OTP terminal 100, for example, to the service providing apparatus (S110).

The service providing apparatus 300 can perform secure authentication before providing a service or before providing security information such as personnel information.

To this end, in one embodiment of the present invention, the service providing apparatus 300 generates a complex password pattern (S130) and transmits it to the host terminal 200 (S140).

Upon receiving the compound password pattern from the service providing apparatus 300, the host terminal 200 displays the compound password pattern (S150).

The compound password pattern may be a pattern including some or all of the user-set password set by the user and the one-time password generated by the OTP.

In the compound password pattern, the user set number is displayed as 0, and the disposable password generated by the OTP can be indicated by *.

The host terminal 200 receives a character corresponding to the user-set password of the compound password pattern from the user (S160).

When the user set number is input, the host terminal 200 can transmit an OTP generation command to the OTP terminal 100 and the OTP authentication server 400.

The OTP terminal 100 generates an OTP based on the time when the OTP generation command is received, and transmits the generated OTP to the host terminal 200 (S190).

When the OTP generation command is received, the OTP authentication server 400 generates an OTP based on the time at which the generation command is received (S185), and transmits the generated OTP to the host terminal 200 (S195).

The host terminal 200 generates the compound password by applying the user set password input from the user and the OTP received from the OTP terminal to the compound password pattern (S200).

The service providing apparatus 300 also generates a control complex password by applying the stored user set password and the OTP delivered by the OTP authentication server 400 to the complex password pattern (S205). For example, it is assumed that the user setting password is '6329', the OTP generation number is '112233', the compound password pattern is O * O * O *, where 0 is the user setting password and * If the password is a one-time password generated by the user, the compound password is '213243'.

As another example, if the user password is '223344', the OTP generation number is '112233', and the compound password pattern is 000 ***, the compound password is '223233'.

In another modification, the arithmetic information may be added to the compound password pattern. For example, the compound password pattern of 000 *** + 2 means that the final compound password is generated by adding 2 to the generated compound password by adding the arithmetic information of '+2' to the pattern of '000 ***'.

 Here, the arithmetic information can be set in various ways such as +, -, 2, and 5.

The host terminal 200 transmits the generated compound password to the service providing apparatus 300 at step S210 and the service providing apparatus 300 collates the compound password received from the host terminal 200 against the reference compound password, (S220).

The service providing apparatus 300 provides a service according to the authentication result (S230).

5 is a flowchart illustrating an authentication method for a service providing apparatus of a host terminal according to an embodiment of the present invention.

The host terminal receives the compound password pattern for authentication from the service providing apparatus (S510).

A user-set password position and an OTP input position of the compound password pattern are distinguishably displayed (S520).

A password of one or more digits corresponding to the user set password of the received complex password pattern is input from the user (S530).

And transmits a command to the OTP terminal and the OTP authentication server to the OTP authentication server (S540).

The OTP generated by the OTP terminal is automatically input according to the composite password pattern (S550).

And transmits the combined password to the service providing apparatus to request service provision (S560).

At this point, it will be appreciated that the combinations of blocks and flowchart illustrations in the process flow diagrams may be performed by computer program instructions. These computer program instructions may be loaded into a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, so that those instructions, which are executed through a processor of a computer or other programmable data processing apparatus, Thereby creating means for performing functions. These computer program instructions may also be stored in a computer usable or computer readable memory capable of directing a computer or other programmable data processing apparatus to implement the functionality in a particular manner so that the computer usable or computer readable memory The instructions stored in the block diagram (s) are also capable of producing manufacturing items containing instruction means for performing the functions described in the flowchart block (s). Computer program instructions may also be stored on a computer or other programmable data processing equipment so that a series of operating steps may be performed on a computer or other programmable data processing equipment to create a computer- It is also possible for the instructions to perform the processing equipment to provide steps for executing the functions described in the flowchart block (s).

In addition, each block may represent a module, segment, or portion of code that includes one or more executable instructions for executing the specified logical function (s). It should also be noted that in some alternative implementations, the functions mentioned in the blocks may occur out of order. For example, two blocks shown in succession may actually be executed substantially concurrently, or the blocks may sometimes be performed in reverse order according to the corresponding function.

Herein, the term " part " used in the present embodiment means a hardware component such as software or an FPGA or an ASIC, and 'part' performs certain roles. However, 'part' is not meant to be limited to software or hardware. &Quot; to " may be configured to reside on an addressable storage medium and may be configured to play one or more processors. Thus, by way of example, 'parts' may refer to components such as software components, object-oriented software components, class components and task components, and processes, functions, , Subroutines, segments of program code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays, and variables. The functions provided in the components and components may be further combined with a smaller number of components and components or further components and components. In addition, the components and components may be implemented to play back one or more CPUs in a device or a secure multimedia card.

It will be understood by those skilled in the art that the present specification may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. The scope of the present specification is defined by the appended claims rather than the foregoing detailed description, and all changes or modifications derived from the meaning and scope of the claims and their equivalents are included in the scope of the present specification Should be interpreted.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, It is not intended to limit the scope of the specification. It will be apparent to those skilled in the art that other modifications based on the technical idea of the present invention are possible in addition to the embodiments disclosed herein.

100: OTP terminal
110: USB connector portion
120:
130: Data storage unit
140: OTP generation program storage unit
150: Power supply
200: Host terminal
210: USB interface unit 210,
220:
230:
240:
300: Service providing device
400: OTP authentication server

Claims (12)

An OTP terminal storing a public certificate and an OTP (One Time Password) program;
A host terminal connected to the OTP terminal through a USB connector to log into the service providing apparatus through the authorized certificate and to receive a service when user authentication is normally performed using preset user authentication information; And
The OTP and the user setting password are mixed to provide the service to the host terminal, and when the compound password is received from the host terminal, the OTP received from the OTP authentication server and the pre- A service providing apparatus that performs authentication by applying the pattern
, ≪ / RTI &
The service providing apparatus generates and provides the compound password pattern at every authentication or at arbitrary intervals,
The host terminal When receiving a password of one or more digits corresponding to the user set password of the received complex password pattern from the user, transmits a command instructing to generate OTP to the connected OTP terminal and the OTP authentication server, and transmits the OTP generated by the OTP terminal Generates a compound password according to the compound password pattern using the password received from the user, transmits the compound password to the service providing apparatus,
The compound password pattern may include some or all of the user-set passwords and any rules for combining some or all of the OTPs,
Wherein the host terminal controls so that a place where a user setting password is input and a place where an OTP is inputted are displayed so as to be distinguishable. delete delete delete delete The method according to claim 1,
Wherein the host terminal performs login using a public certificate stored in the OTP terminal when the host terminal accesses the service providing apparatus. The method according to claim 6,
Wherein the host terminal performs user authentication with the OTP terminal using preset user authentication information when the host terminal accesses the OTP terminal, and receives the OTP or the authorized certificate from the OTP terminal when the authentication is normally performed. Performing a user authentication using a predetermined user authentication information when the host terminal is connected to an OTP (One Time Password) terminal;
The host terminal logging in to the service providing apparatus using a public certificate stored in the OTP terminal;
Providing a compound password pattern for providing a service to a host terminal in which the service providing apparatus has been logged;
When receiving a password of one or more digits corresponding to a user setting password of the complex password pattern received by the host terminal from the user, transmits a command for generating an OTP to the OTP terminal and the OTP authentication server, Generating a compound password according to the compound password pattern using the received OTP and the password received from the user, and transmitting the compound password to the service providing apparatus; And
When the service providing apparatus receives the compound password from the host terminal, performs a compound password authentication by applying the OTP received from the OTP authentication server and the pre-stored user set password to the compound password pattern
Lt; / RTI >
The service providing apparatus generates and provides the compound password pattern at every authentication or at arbitrary intervals,
The compound password pattern may include some or all of the user-set passwords and any rules for combining some or all of the OTPs,
Wherein when the host terminal receives the compound password pattern, the user password field and the OTP input field of the compound password pattern are displayed in a distinguishable manner.
delete delete delete delete
KR1020150103506A 2015-07-22 2015-07-22 Otp authentication system, apparatus and method KR101699167B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150103506A KR101699167B1 (en) 2015-07-22 2015-07-22 Otp authentication system, apparatus and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150103506A KR101699167B1 (en) 2015-07-22 2015-07-22 Otp authentication system, apparatus and method

Publications (1)

Publication Number Publication Date
KR101699167B1 true KR101699167B1 (en) 2017-01-23

Family

ID=57989723

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150103506A KR101699167B1 (en) 2015-07-22 2015-07-22 Otp authentication system, apparatus and method

Country Status (1)

Country Link
KR (1) KR101699167B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108667762A (en) * 2017-03-27 2018-10-16 深圳兆日科技股份有限公司 Authenticating operation method and apparatus

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070174904A1 (en) * 2006-01-24 2007-07-26 Samsung Electronics Co., Ltd. One-time password service system using mobile phone and authentication method using the same
KR20070104025A (en) * 2006-04-21 2007-10-25 주식회사 프럼나우 Method and system for implementing financial transactions using otp
KR101434447B1 (en) * 2013-09-13 2014-08-27 제이슨 준 이 Apparatus and method for authenticating users using dynamic combinational password

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070174904A1 (en) * 2006-01-24 2007-07-26 Samsung Electronics Co., Ltd. One-time password service system using mobile phone and authentication method using the same
KR20070104025A (en) * 2006-04-21 2007-10-25 주식회사 프럼나우 Method and system for implementing financial transactions using otp
KR101434447B1 (en) * 2013-09-13 2014-08-27 제이슨 준 이 Apparatus and method for authenticating users using dynamic combinational password

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108667762A (en) * 2017-03-27 2018-10-16 深圳兆日科技股份有限公司 Authenticating operation method and apparatus
CN108667762B (en) * 2017-03-27 2021-07-02 深圳兆日科技股份有限公司 Operation authentication method and device

Similar Documents

Publication Publication Date Title
US10284547B2 (en) Facilitating users to obfuscate user credentials in credential responses for user authentication
US9306954B2 (en) Apparatus, systems and method for virtual desktop access and management
EP3070632B1 (en) Binding to a user device
EP1557741B1 (en) Information storage device, security system, access permission method, network access method and security process execution permission method
RU2684584C1 (en) Device for storing information and operation method thereof
CN113711211A (en) First-factor contactless card authentication system and method
RU2632122C2 (en) Method and password verification device for inspecting input password and computer system containing password verification device
US20140230017A1 (en) Programmable security token
US8701174B1 (en) Controlling access to a protected resource using a virtual desktop and ongoing authentication
CN108595943A (en) Utilize the certification of two level ratifier
CN102685202A (en) Sharing user ID between operating system and application
US7581111B2 (en) System, method and apparatus for transparently granting access to a selected device using an automatically generated credential
CN110781468A (en) Identity authentication processing method and device, electronic equipment and storage medium
CN103929306A (en) Intelligent secret key device and information management method of intelligent secret key device
US11165780B2 (en) Systems and methods to secure publicly-hosted cloud applications to run only within the context of a trusted client application
SG188688A1 (en) Method and system for remote access to data stored on a host system
US20160330195A1 (en) System and method for securing offline usage of a certificate by otp system
KR101699167B1 (en) Otp authentication system, apparatus and method
EP3363215B1 (en) Method of managing an application
KR101733318B1 (en) Otp authentication system and method
KR101378810B1 (en) Certificate saving method
US20230379324A1 (en) Systems and methods for multi-stage, biometric-based, digital authentication
US20230379321A1 (en) Systems and methods for multi-stage, identity-based, digital authentication
TWI623851B (en) Password verification method
JP2019087172A (en) Terminal authentication system

Legal Events

Date Code Title Description
AMND Amendment
E601 Decision to refuse application
AMND Amendment
X701 Decision to grant (after re-examination)
GRNT Written decision to grant