KR20170032985A - User authentication method and system performing the same - Google Patents

User authentication method and system performing the same Download PDF

Info

Publication number
KR20170032985A
KR20170032985A KR1020150130726A KR20150130726A KR20170032985A KR 20170032985 A KR20170032985 A KR 20170032985A KR 1020150130726 A KR1020150130726 A KR 1020150130726A KR 20150130726 A KR20150130726 A KR 20150130726A KR 20170032985 A KR20170032985 A KR 20170032985A
Authority
KR
South Korea
Prior art keywords
authentication
server
user
user terminal
disposable
Prior art date
Application number
KR1020150130726A
Other languages
Korean (ko)
Other versions
KR101725939B1 (en
Inventor
김귀열
Original Assignee
주식회사 일체
김귀열
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 일체, 김귀열 filed Critical 주식회사 일체
Priority to KR1020150130726A priority Critical patent/KR101725939B1/en
Publication of KR20170032985A publication Critical patent/KR20170032985A/en
Application granted granted Critical
Publication of KR101725939B1 publication Critical patent/KR101725939B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords

Abstract

The authentication server combines the one-time authentication number generated using the initial value initially generated by the user terminal in the authentication server and the generated outgoing phone number to exclude the outgoing phone number out of the numbers combined when the call is connected to the user, And provides the authentication server with the authentication server through the authentication request server so that the authentication server can authenticate the user according to whether the one-way authentication number inputted through the terminal is identical or not, and a system for executing the same .
The user authentication method includes receiving the user authentication request message from the authentication request server by the authentication server, connecting the call to the user terminal by using the telephone number included in the user authentication request message, Combining the disposable authentication number generated using the initially generated initial value with a pre-generated originating phone number and displaying the combination on the user terminal; Extracting a previously generated disposable authentication number from the displayed combined number, excluding the outgoing telephone number, and providing the disposable authentication number to the authentication request server when the call connection between the authentication server and the user terminal is terminated; The authentication request server providing the disposable authentication number to the authentication server, and authenticating the user based on whether the disposable authentication number matches the previously generated disposable authentication number.

Description

[0001] USER AUTHENTICATION METHOD AND SYSTEM PERFORMING THE SAME [0002]

Embodiments of the present invention relate to a user authentication method and a system for implementing the same.

User authentication verifies that the user performing the action is a legitimate user. The conventional user authentication technology verifies whether the user is correct based on information only the user knows or information only the user has.

That is, in a conventional user authentication technology, if a server requests information such as a password, an OTP number, and a mobile phone authentication number, the authentication is performed by providing the input information to the PC or the smart phone in one direction.

However, such conventional user authentication techniques are vulnerable to fraud, which is a method of deceiving a user or extorting information during the authentication procedure, because authentication is performed based on information that the user knows or perceives.

In other words, an example of online phishing, which has recently come to the fore, will be described. A website www.wwbank.co.kr is opened similar to a site that the user always visits (e.g., www.wbank.co.kr) Screen and the like to induce the user's access, and the user can acquire the number required by the user only for authentication, or the number recognized by the user, such as the SMS authentication number, There is a problem in that it can be easily authenticated to the actual site (www.wbank.co.kr) using information as if it is a normal user.

The authentication server combines the one-time authentication number generated using the initial value initially generated by the user terminal in the authentication server and the generated outgoing phone number to exclude the outgoing phone number out of the numbers combined when the call is connected to the user, And provides the authentication server with the authentication server through the authentication request server so that the authentication server can authenticate the user according to whether the one-way authentication number inputted through the terminal is identical or not, and a system for executing the same .

Further, according to the present invention, when an authentication server connects to a user terminal, a predetermined message is output to the user terminal, and a response message is input to the telephone according to the user's request, thereby generating a charge in the communication company so as to increase the profit of the communication company And a system for executing the method.

In addition, the present invention excludes the originating telephone number from the combined number of the user terminal, automatically extracts the previously generated one-time authentication number, and then provides the encrypted data to the authentication request server by encrypting it, The user can not know the decryption password required for decryption even when the user is hacked, thereby preventing malicious use in advance, and a system for executing the method.

In addition, the present invention uses the originated telephone number except for the combined number-of-day use authentication number when encrypting or decrypting the one-time authentication number so that the authentication server and the user terminal additionally store an encryption key or a decryption key for encryption or decryption And it is an object of the present invention to provide a user authentication method and a system for executing the same.

In the present invention as described above, the one-time authentication number generated using the initial value created by the user terminal is automatically extracted from the user terminal through the separate secure phone call connection, the one-time authentication number excluding the telephone number, Server and transmits a disposable authentication number to another direction through a connected call. Thus, it is possible to simulate a normal user or to disguise a terminal to prevent a threat from being authenticated.

The problems to be solved by the present invention are not limited to the above-mentioned problem (s), and another problem (s) not mentioned can be clearly understood by those skilled in the art from the following description.

Among the embodiments, the user authentication method includes a step of the authentication server receiving the user authentication request message from the authentication requesting server, the authentication server making a call connection to the user terminal using the telephone number included in the user authentication request message Combining the disposable authentication number generated using the initial value initially generated by the user terminal with a previously generated outgoing telephone number and displaying the combination on the user terminal; Extracting a previously generated disposable authentication number from the displayed combined number, excluding the outgoing telephone number, and providing the disposable authentication number to the authentication request server when the call connection between the authentication server and the user terminal is terminated; The authentication request server providing the disposable authentication number to the authentication server, and authenticating the user based on whether the disposable authentication number matches the previously generated disposable authentication number.

Among the embodiments, the user authentication system including the authentication request server, the user terminal, and the authentication server receives the user authentication request message from the authentication request server, and transmits the user authentication request message to the user terminal using the phone number included in the user authentication request message A disconnection authentication number generated using the initial value generated first by the user terminal and a pre-generated outgoing phone number are combined and displayed on the user terminal, and the disposable authentication number received from the authentication request server is generated in advance An authentication server for authenticating the user according to whether the one-time authentication number coincides with the one-time authentication number, and extracting a previously generated one-time authentication number excluding the outgoing phone number out of the displayed combined numbers when the call connection between the authentication server and the user terminal is terminated A user terminal providing the authentication request to the authentication request server, And an authentication requesting server provided to the authentication server upon receiving the disposable authentication number from the user terminal.

The details of other embodiments are included in the detailed description and the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS The advantages and / or features of the present invention, and how to accomplish them, will become apparent with reference to the embodiments described in detail below with reference to the accompanying drawings. It should be understood, however, that the invention is not limited to the disclosed embodiments, but is capable of many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, To fully disclose the scope of the invention to those skilled in the art, and the invention is only defined by the scope of the claims. Like reference numerals refer to like elements throughout the specification.

According to the present invention, an authentication server combines a one-time authentication number generated using an initial value initially generated in a user terminal and a previously generated outgoing authentication number to exclude the outgoing telephone number from the combined number when a call is connected to the user, The authentication server extracts the authentication number and provides the authentication number to the authentication server through the authentication request server, so that the authentication server can authenticate the user according to whether the one-way authentication number inputted through the terminal matches the one-time authentication number.

Also, according to the present invention, when the authentication server connects to the user terminal, a predetermined message is output to the user terminal and the response message is input to the telephone according to the user's request, thereby generating a charge in the communication company, .

In addition, according to the present invention, since the user terminal extracts the previously generated one-time authentication number except for the outgoing telephone number out of the displayed combined numbers, and then provides the encrypted data to the authentication request server, the user terminal encrypts the data encrypted by the malicious user Even if it is hacked, it is not possible to know the decryption password required for decryption, and malicious use can be prevented in advance.

According to the present invention, when the disposable authentication number is encrypted or decrypted, the disposable authentication number is excluded from the outgoing authentication number to use the telephone number, so that the authentication server and the user terminal additionally store an encryption key or a decryption key for encryption or decryption There is an advantage that it is not necessary.

1 is a network configuration diagram for explaining a user authentication system according to an embodiment of the present invention.
2 is a flowchart illustrating an embodiment of a user authentication method according to the present invention.
3 is a reference diagram for explaining a user authentication process according to the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

As used herein, the term " one-time authentication number " means a number arbitrarily generated by an authentication server for use in generating an originating telephone number, and may be a number between 4 and 8 digits.

1 is a network configuration diagram for explaining a user authentication system according to an embodiment of the present invention.

Referring to FIG. 1, the user authentication system includes an authentication request server 100, a user terminal 200, and an authentication server 300.

The authentication request server 100 is a server located in a company (for example, a financial company) that provides a user authentication request message to the authentication server 300 and requests user authentication. For example, the authentication request server 100 recognizes that authentication of a corresponding user is required when a user transfers funds, and may provide a user authentication request message to the authentication server 300. [

The authentication request server 100 searches the customer information for the telephone number of the user to be authenticated and provides the user authentication request message including the telephone number of the user to the authentication server 300.

The user terminal 200 displays the telephone number of the calling party upon receiving the call connection request signal from the authentication server 300, and is connected to the authentication server 300 according to the user's operation. When the user terminal 200 is connected to the authentication server 300, the user terminal 200 receives and outputs a predetermined message from the authentication server 300. When the user's opinion is collected, the call connection with the authentication server 300 is terminated. At this time, the user's opinion may be an acceptance message or a rejection message as a response message to a predetermined message.

When the acceptance message is received as a response message to a predetermined message, the user terminal 200 extracts a previously generated disposable authentication number from the telephone number of the displayed sender, excluding the actual origination telephone number, and provides it to the authentication request server 100 do.

More specifically, the user terminal 200 extracts the remaining number, excluding the number corresponding to the number of digits of the preset telephone number, from the total digits of the telephone number of the displayed sender, into the one-time authentication number, . For example, if the originating telephone number is 010-0000-7777123456, the remaining number 123456 excluding the number 010-0000-7777 corresponding to 11 digits of the preset telephone number is extracted as the one-time authentication number, and the authentication request server 100 ).

At this time, the user terminal 200 can encrypt the disposable authentication number to generate encrypted data, and provide the encrypted data to the authentication request server 100. [ The user terminal 200 performs encryption of the disposable authentication number by using some of the numbers displayed when performing the encryption for the disposable authentication number.

That is, the user terminal 200 encrypts the one-time authentication number by using the remaining number, excluding the one-time authentication number from the displayed number, and provides the encrypted data to the authentication request server 100. For example, if the originating telephone number is 010-0000-7777123456, the user terminal 200 can perform encryption for the one-time authentication number using the remaining number 010-0000-7777, except for the one-time authentication number 123456. [

In this way, the user terminal 200 generates the encrypted data by encrypting the one-time authentication number by using the telephone number, excluding the one-time authentication number among the displayed numbers, so that in the process of transmitting the encrypted data to the authentication server 300 If the malicious user is hacked by a malicious user, the malicious user can block the malicious use because he can not know the decryption password required when decrypting the encrypted data.

The encrypted data is provided to the authentication server 300 through the authentication request server 100. Since the number displayed at the time of call connection with the user terminal 200 is already stored in the authentication server 300, It is possible to decrypt the encrypted data using the remaining numbers except for the authentication number. Hereinafter, the authentication server 300 will be described in more detail.

When the authentication server 300 receives the user authentication request message from the authentication request server 100, the authentication server 300 attempts to connect the call to the user terminal 200 using the telephone number of the user included in the user authentication request message. As described above, when the authentication server 300 attempts to connect to the user terminal 200, the number is displayed on the user terminal 200.

The number displayed on the user terminal 200 is generated by the authentication server 300, and a process of generating the display number by the authentication server 300 will be described in more detail below.

When the authentication server 300 receives the user authentication request message from the authentication request server 100, the authentication server 300 generates an originating phone number, generates a one-time authentication number, and transmits the generated phone number to any one of the plurality of phone numbers provided by the communication company, . Then, the authentication server 300 connects the call to the user terminal 200, displays the connection number on the user terminal 200, and connects the authentication server 300 and the user terminal 200 according to the user's operation .

The authentication server 300 outputs a predetermined message to the user terminal 200 when the authentication server 300 and the user terminal 200 are connected to each other. For example, the authentication server 300 may output to the user terminal 200 a message of "approval for transaction confirmation, press 1 for rejection". For another example, the authentication server 300 may output to the user terminal 200 a message "Please enter 2 (or 1) digits after the calling number for the transaction confirmation into the telephone". As another example, the authentication server 300 may output to the user terminal 200 a message that "input two digits displayed on the screen for transaction confirmation to the telephone ". Then, the user terminal 200 receives an acceptance message or rejection message from the user and terminates the call connection.

Then, the user terminal 200 extracts some of the displayed combined numbers as a one-time authentication number and provides the same to the authentication request server 100. The authentication request server 100 provides the one-time authentication number to the authentication server 300 , The authentication server 300 confirms whether the disposable authentication number received from the authentication request server 100 matches the previously generated disposable authentication number and authenticates the user.

Since the disposable authentication number received from the authentication request server 100 by the authentication server 300 is encrypted, the authentication server 300 decrypts the encrypted data.

When the encrypted data is encrypted by the user terminal 200, the encrypted data is generated by encrypting the remaining number, i.e., the telephone number, except for the one-time authentication number among the numbers determined by the authentication server 300. Therefore, Lt; / RTI > can decrypt the encrypted data using the telephone number used to determine the displayed combined number.

For example, if the displayed combination number is 010-0000-7777123456, the authentication server 300 can decrypt the disposable authentication number using the remaining number 010-0000-7777 except for the one-time authentication number 123456. [

The authentication server 300 performs authentication for the user according to whether the decrypted disposable authentication number matches with the previously generated disposable authentication number. That is, the authentication server 300 provides an authentication completion message to the authentication request server 100 if the decrypted disposable authentication number matches the generated one-time authentication number. If the decrypted disposable authentication number does not match the previously generated disposable authentication number, the authentication server 300 provides the authentication request server 100 with an authentication failure message for the user.

2 is a flowchart illustrating an embodiment of a user authentication method according to the present invention.

2, the authentication requesting server 100 searches the telephone number of the user to be authenticated among the customer information (S210), and provides a user authentication request message including the telephone number of the user to the authentication server 300 S211). Upon receiving the user authentication request message from the authentication requesting server 100, the authentication server 300 selects any one of a plurality of telephone numbers provided by the communication company (step S211), and generates a disposable authentication number ( Step S212). The authentication server 300 combines any one of the plurality of telephone numbers provided by the communication company and the disposable authentication number (step S220).

The authentication server 300 generates a call connection to the user terminal 200 using the user's telephone number included in the user authentication request message received from the authentication request server 100, The disposable authentication number and the previously generated outgoing phone number are combined and displayed on the user terminal 200 (step S221). When the authentication server 300 makes a call to the user terminal 200, the authentication server 300 outputs a predetermined message to the user terminal (step S222).

The user terminal 200 receives a response message for a predetermined message from the user (step S223). Upon completion of the call connection with the authentication server 300, the user terminal 200 extracts a previously generated disposable authentication number from the displayed combined numbers, excluding the actual telephone number, according to the response message (step S224). The user terminal 200 encrypts the disposable authentication number to generate encrypted data (step S225).

The user terminal 200 provides the encrypted data to the authentication request server 100 (step S230), and the authentication request server 100 provides the encrypted data to the authentication server 300 (step S240). The authentication server 300 decrypts the encrypted data received from the authentication request server 100 to extract the disposable authentication number (step S250). The authentication server 300 authenticates the user according to whether the one-time authentication number matches the previously generated one-time authentication number (step S251). The authentication server 300 provides an authentication result message to the authentication request server 100 (step S252).

While the present invention has been described in connection with what is presently considered to be practical exemplary embodiments, it is to be understood that the invention is not limited to the disclosed embodiments. Therefore, the scope of the present invention should not be limited to the described embodiments, but should be determined by the scope of the appended claims and equivalents thereof.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, Modification is possible. Accordingly, the spirit of the present invention should be understood only by the appended claims, and all equivalent or equivalent variations thereof are included in the scope of the present invention.

100: authentication request server
200: user terminal
300: authentication server

Claims (14)

The authentication server receiving a user authentication request message from an authentication requesting server;
The authentication server combines the disposable authentication number generated using the initial value initially generated in the user terminal by making a call connection to the user terminal using the telephone number included in the user authentication request message and the outgoing telephone number generated in advance And displaying it on a user terminal;
Extracting a previously generated disposable authentication number from the displayed combined number, excluding the outgoing telephone number, and providing the disposable authentication number to the authentication request server when the call connection between the authentication server and the user terminal is terminated;
The authentication request server providing the disposable authentication number to the authentication server; And
Authenticating the user according to whether the disposable authentication number matches the previously generated disposable authentication number
User authentication method.
The method according to claim 1,
Selecting one of the plurality of telephone numbers provided by the authentication server by the communication company;
The authentication server generating a disposable authentication number; And
Further comprising the step of the authentication server generating the combination number using any one of the telephone number and the disposable authentication number
User authentication method.
The method according to claim 1,
The step of the user terminal extracting a previously generated disposable authentication number from the displayed combination numbers excluding the originating telephone number and providing the same to the authentication request server
And extracting the remaining number as a one-time authentication number except for the number corresponding to the number of digits of the preset telephone number among the total digits of the displayed combined number, and providing the same to the authentication requesting server doing
User authentication method.
The method according to claim 1,
The step of the user terminal extracting a previously generated disposable authentication number from the displayed combination numbers excluding the originating telephone number and providing the same to the authentication request server
And the user terminal encrypting the disposable authentication number and providing the encrypted data to the authentication request server
User authentication method.
5. The method of claim 4,
Wherein the step of the user terminal encrypting the disposable authentication number and providing the encrypted data to the authentication request server
And encrypting the disposable authentication number using the remaining number, except for the one-time authentication number among the displayed combined numbers, and providing the encrypted data to the authentication request server
User authentication method.
6. The method of claim 5,
The step of authenticating the user according to whether the disposable authentication number matches the previously generated disposable authentication number
When the authentication server receives the encrypted data from the authentication requesting server, extracting the disposable authentication number by decrypting the encrypted data using the telephone number used to generate the combination number, doing
User authentication method.
The method according to claim 1,
Wherein the user terminal extracts a previously generated disposable authentication number except for the telephone number among the displayed combined numbers and provides the extracted disposable authentication number to the authentication request server
When the authentication server and the user terminal make a call connection, the authentication server outputs a predetermined message to the user terminal, and the user terminal receives a response message for the predetermined message from the user;
Wherein the user terminal extracts a previously generated disposable authentication number from the displayed combination number in accordance with the response message when the call connection with the authentication server is completed, and provides the extracted authentication number to the authentication request server
User authentication method.
A user authentication system including an authentication request server, a user terminal, and an authentication server,
Upon receiving the user authentication request message from the authentication requesting server, the call connection is made to the user terminal using the telephone number included in the user authentication request message, and the disposable authentication number generated using the initial value, An authentication server which combines a previously generated outgoing telephone number and displays it on a user terminal and authenticates the user according to whether the disposable authentication number received from the authentication request server agrees with a previously generated disposable authentication number;
A user terminal for extracting a previously generated disposable authentication number from the displayed combined number, excluding a telephone number, when the call connection between the authentication server and the user terminal is completed, and providing the disposable authentication number to the authentication request server; And
When receiving the disposable authentication number from the user terminal, includes an authentication request server provided to the authentication server
User authentication system.
9. The method of claim 8,
The authentication server
Characterized in that the telephone number of any one of the plurality of telephone numbers provided by the communication company is selected and a disposable authentication number is generated and the combination number is generated using any one of the telephone number and the disposable authentication number
User authentication system.
9. The method of claim 8,
The user terminal
And extracts the remaining number as a one-time authentication number excluding the number corresponding to the number of digits of the preset telephone number among the total digits of the outgoing telephone number, and provides the extracted authentication number to the authentication request server
User authentication system.
9. The method of claim 8,
The user terminal
And encrypts the disposable authentication number to provide the encrypted data to the authentication request server
User authentication system.
12. The method of claim 11,
The user terminal
Encrypts the disposable authentication number by using the remaining numbers except for the one-time authentication number generated in advance among the outgoing telephone numbers, and provides the encrypted data to the authentication request server
User authentication system.
13. The method of claim 12,
The authentication server
When receiving the encrypted data from the authentication requesting server, extracts the disposable authentication number by decrypting the encrypted data using the telephone number used to generate the originated telephone number
User authentication system.
9. The method of claim 8,
The authentication server
Outputting a predetermined message to the user terminal when the authentication server and the user terminal are connected to each other,
The user terminal
Wherein the mobile terminal receives a response message for the predetermined message from the user, and when the connection of the call between the authentication server and the user terminal is terminated, the telephone number of the displayed combined number is excluded according to the response message, And provides it to the authentication requesting server
User authentication system.
KR1020150130726A 2015-09-16 2015-09-16 User authentication method and system performing the same KR101725939B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150130726A KR101725939B1 (en) 2015-09-16 2015-09-16 User authentication method and system performing the same

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150130726A KR101725939B1 (en) 2015-09-16 2015-09-16 User authentication method and system performing the same

Publications (2)

Publication Number Publication Date
KR20170032985A true KR20170032985A (en) 2017-03-24
KR101725939B1 KR101725939B1 (en) 2017-04-13

Family

ID=58500538

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150130726A KR101725939B1 (en) 2015-09-16 2015-09-16 User authentication method and system performing the same

Country Status (1)

Country Link
KR (1) KR101725939B1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20230138213A (en) 2022-03-23 2023-10-05 박지윤 Authentication method and system based on call connection of user

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20110112089A (en) * 2010-04-06 2011-10-12 서울신용평가정보 주식회사 Method and apparatus for user verifing process with enhanced security
KR20120024300A (en) * 2010-09-06 2012-03-14 브이피 주식회사 Method and system of secure payment using onetime authentication information
KR20130010522A (en) * 2011-07-18 2013-01-29 순천향대학교 산학협력단 An authentication method for preventing damages from lost and stolen smart phones
KR101379711B1 (en) * 2013-11-14 2014-04-01 (주)지란지교소프트 Method for file encryption and decryption using telephone number

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20110112089A (en) * 2010-04-06 2011-10-12 서울신용평가정보 주식회사 Method and apparatus for user verifing process with enhanced security
KR20120024300A (en) * 2010-09-06 2012-03-14 브이피 주식회사 Method and system of secure payment using onetime authentication information
KR20130010522A (en) * 2011-07-18 2013-01-29 순천향대학교 산학협력단 An authentication method for preventing damages from lost and stolen smart phones
KR101379711B1 (en) * 2013-11-14 2014-04-01 (주)지란지교소프트 Method for file encryption and decryption using telephone number

Also Published As

Publication number Publication date
KR101725939B1 (en) 2017-04-13

Similar Documents

Publication Publication Date Title
US9838205B2 (en) Network authentication method for secure electronic transactions
US9231925B1 (en) Network authentication method for secure electronic transactions
US9800562B2 (en) Credential recovery
US9137223B2 (en) Apparatus and method for transmitting data, and recording medium storing program for executing method of the same in computer
US11501294B2 (en) Method and device for providing and obtaining graphic code information, and terminal
JP6399382B2 (en) Authentication system
KR102456959B1 (en) System and Method for Enabling Secure Authentication
CN105634737B (en) Data transmission method, terminal and system
EP3662430B1 (en) System and method for authenticating a transaction
CN105719131A (en) Server, client and paying-for-another method of e-payment
EP2840735A1 (en) Electronic cipher generation method, apparatus and device, and electronic cipher authentication system
US11652640B2 (en) Systems and methods for out-of-band authenticity verification of mobile applications
KR20170124953A (en) Method and system for automating user authentication with decrypting encrypted OTP using fingerprint in mobile phone
US20190251249A1 (en) Methods and Systems for Securing and Recovering a User Passphrase
KR101358375B1 (en) Prevention security system and method for smishing
KR101799517B1 (en) A authentication server and method thereof
KR101856530B1 (en) Encryption system providing user cognition-based encryption protocol and method for processing on-line settlement, security apparatus and transaction approval server using thereof
KR101725939B1 (en) User authentication method and system performing the same
KR101443849B1 (en) Security management method for authentication message
CN111491064B (en) Voice service identity authentication method and system
KR101891733B1 (en) User authentication method and system performing the same
TWM583082U (en) User identity verification system for safety transaction environment
KR101298216B1 (en) Authentication system and method using multiple category
KR101663694B1 (en) Method for Providing Service by using User’s Handheld Phone

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment
X701 Decision to grant (after re-examination)
GRNT Written decision to grant