KR101364972B1 - Authenticating method using user's telephone terminal and authenticating system thereof - Google Patents

Abstract

The present invention relates to a method and system for performing authentication of a user connected to a web using a user's telephone terminal, such as a smartphone, and specifically, to an automatic answering telephone number included in authentication information transmitted to a user's telephone terminal. A method for receiving authentication, the method comprising: receiving a request for authentication information for authentication by a server authentication system receiving a connection from a user authentication system installed in a user's telephone terminal; Performing primary authentication by the server authentication system using first authentication information previously provided to the user authentication system; Providing, by the server authentication system, authentication information to the user authentication system in which the first authentication is performed; And acquiring, by the server authentication system, call information requested to be connected to the auto answering number included in the authentication information from a telephone terminal on which the user authentication system is installed, and performing authentication using the call information. It relates to an authentication method and an authentication system using a user's telephone terminal.
According to the present invention, authentication is performed using the user's telephone terminal, but the user does not need to check the authentication number or input a phone number, etc., so that the user inconvenience in the authentication process is minimized.

Description

Authenticating method using user's telephone terminal and authenticating system

The present invention relates to an authentication method and system, and more particularly, to a method and system for performing authentication of a user connected on the web using a user's telephone terminal such as a smartphone.

In order to access a website, authenticate membership, and adult status, there are many methods such as entering an ID and password registered on the site, or entering identification information such as a social security number. It is used.

However, since the above methods perform authentication using only one channel, there are problems that they can be easily stolen by hacking by others.

In particular, if the process of certifying whether the payment holder is a legitimate payment authority, such as playing a paid game or purchasing an object or service through the Internet, is not carried out correctly, a more accurate authentication method may be used. As it is required, research on this is being actively conducted.

Among these methods, a two-channel authentication method for performing authentication once again using equipment owned by a user such as a mobile phone or a wired telephone is particularly studied and used.

This two-channel authentication method has the advantage that it is not easy for others to steal because it uses a plurality of channels.

An exemplary method used as such an authentication method is an authentication method using SMS. In this method, when a user registers his / her mobile phone number on a web page, the system sends an authentication number to a registered mobile phone in the form of an SMS message and authenticates the user by re-entering the authentication number received on the web. It is a way.

Alternatively, if a user registers his or her phone number on a web page, the system dials the user's phone number and the user prints his or her password or authentication number on the web page according to the system's ARS instructions. There is a way to authenticate by typing.

Alternatively, if the user registers his or her phone number on a web page, this time the user calls using the phone of the phone number and the user follows his system's ARS instructions to enter his or her password or web page. There is a method of authenticating by inputting the authentication number output to the.

As another method, as registered in Korean Patent Laid-Open No. 2011-46989, if a telephone number of his mobile terminal is registered, a text message is transmitted to the terminal and the user authenticates when he / she makes a call using the telephone number reply function. There is a method in which the server performs authentication by checking the user.

Since the authentication method can be authenticated only by using a device such as a mobile phone possessed by the user, it is not easy for others to perform authentication unless the user is stolen. There is an advantage.

However, in order to perform authentication as described above, a user must make an action such as making or receiving a call, or perform an action such as inputting an authentication number after checking a text message. There are many disadvantages that the user may feel uncomfortable.

KR 2011-0046989 A May 6, 2011 Summary, FIG. 2

In order to solve the above problems, an object of the present invention is to provide an authentication system and method capable of minimizing user inconvenience while performing authentication using equipment owned by a user.

In order to solve the above problems, the present invention provides a computer-readable recording medium on which a program for realizing the above-described method is recorded.

In order to achieve the above object, the present invention is a method for performing authentication by receiving a call to an automatic answering phone number included in the authentication information sent to the user's telephone terminal, the server authentication system is installed on the user's telephone terminal user Receiving a request from the authentication system for authentication and receiving authentication information for authentication; Performing primary authentication by the server authentication system using first authentication information previously provided to the user authentication system; Providing, by the server authentication system, authentication information to the user authentication system in which the first authentication is performed; And the server authentication system obtains telephone number information and the automatic answering telephone number of the telephone terminal from the call information requested to be connected to the automatic answering number included in the authentication information from the telephone terminal on which the user authentication system is installed. And performing authentication using the telephone number information of the telephone terminal obtained from the call information and the answering machine telephone number.

In addition, in order to achieve the above object, the present invention is a system for performing authentication by receiving a call to an automatic answering phone number included in the authentication information sent to the user's telephone terminal, authentication for the user installed in the user's telephone terminal An authentication information provider for receiving the authentication information from the system and performing the first authentication using the first authentication information previously provided to the user authentication system, and providing the authentication information; An authentication information receiver for obtaining telephone number information of the telephone terminal and the automatic answering telephone number from call information requested to be connected to an automatic answering number included in the authentication information from a telephone terminal equipped with the user authentication system; And an authenticator configured to perform authentication by using the telephone number information of the telephone terminal and the automatic answering telephone number obtained from the received call information. .

The authentication information providing unit may include a plurality of auto answering phone numbers, and the newly selected auto answering phone number may be included in the authentication information every time authentication information is provided among the plurality of auto answering phone numbers.

In addition, the first authentication information is any one of the automatic answering phone number provided to the user authentication system, the authentication information providing unit any one of the automatic answering phone number previously provided to the user authentication system It is preferable to perform the first authentication by designating the request, determining whether the auto answering phone number transmitted from the user authentication system matches the requested auto answering phone number.

In addition, the authentication information receiving unit receives the authentication number included in the authentication information from a telephone terminal in which the user authentication system is installed, and the authentication unit preferably further authenticates using the received authentication number.

On the other hand, the present invention provides a method for performing authentication by dialing an automatic answering phone number to enter the authentication number of the authentication message sent to the user's telephone terminal in order to achieve the above object, installed in the telephone terminal of the user Checking, by the user authentication system, whether there is an input indicating an authentication request from the user; Requesting and receiving authentication information for authentication by accessing a server authentication system for authentication by the user authentication system when there is an input of a user's authentication request indication; And controlling, by the user authentication system, the telephone terminal to perform authentication by dialing an automatically answering telephone number that is included in the authentication information and is newly designated every time the authentication information is provided. It provides an authentication method using a user's telephone terminal.

In addition, the present invention is provided with a telephone terminal of the user in order to achieve the above object, in the system for performing authentication by dialing an automatic answering phone number included in the authentication information transmitted to the user's telephone terminal, An authentication information requesting unit requesting and receiving authentication information for authentication by accessing a server authentication system for authentication when there is an input of a user's authentication request indication; A telephone terminal control unit configured to control the telephone terminal to be included in the authentication information and to perform authentication by dialing a newly designated automatic answering telephone number each time the authentication information is provided; And a controller which checks whether there is an input indicating an authentication request from the user, and controls the authentication information requesting unit and the telephone terminal control unit to be authenticated when there is an input indicating an authentication request. It provides an authentication system using a user's telephone terminal.

Here, the authentication information is preferably transmitted encrypted.

In addition, the control unit receives a selection for allowing the user to proceed with the authentication process before driving at least one of the authentication information requesting unit and the telephone terminal control unit, and only when the user allows the authentication process to proceed. Authentication can be controlled to be performed.

In addition, the authentication information requesting unit receives the authentication information after performing the first authentication by transmitting the first authentication information corresponding to the requested authentication information by receiving the request for transmission of previously provided authentication information from the server authentication system. You can do that.

In addition, the telephone terminal controller may control the telephone terminal to make a call to the automatic answering telephone number included in the authentication information, and then input an authentication number included in the authentication information to perform additional authentication.

In order to achieve the above object, the present invention provides a computer-readable recording medium on which a program for realizing the above-described method is recorded.

According to the present invention, in the case of performing authentication using a telephone terminal such as a mobile phone possessed by the user, the authentication process is performed through the user's telephone terminal, but the user inputs a phone number or confirms the authentication number. Since the authentication process is automated so that authentication can be performed by one-click or a minimum of actions without inputting such as inputs, there is an advantage of minimizing user inconvenience caused by authentication using a mobile phone.

In addition, according to the present invention, since the automatic answering phone number or the authentication number is not exposed, it is also possible to prevent the authentication number from being exposed to others when performing authentication while transmitting the authentication number through a conventional mobile phone. have.

1 is a schematic diagram illustrating the concept of the present invention
2 is a block diagram illustrating a configuration of a system of the present invention.
3 is a flowchart illustrating an authentication method performed in a user authentication system installed in a user telephone terminal in the present invention.
4 is a flowchart illustrating an authentication method performed in the authentication system for a server installed in the authentication server in the present invention.
Figure 5 is a flow chart illustrating an authentication method performed in the user authentication system and server authentication system in the present invention.

The present invention is characterized in that the authentication is performed by using the user's mobile phone, and the invention is characterized in that the user does not have to perform complicated actions in the authentication process.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the drawings.

1 is a schematic view for explaining the present invention.

When the user 10 needs to authenticate to use a service provided by the web server 30 such as a game or a product payment by accessing a website operated by the web server 30 using his terminal 12, The user applies for certification either directly or indirectly (1).

Here, the application directly or indirectly means that a user may apply for certification directly by clicking a button for applying for certification, but may indirectly apply for certification by requesting a service requiring authentication.

The web server 30, which has received the authentication request, requests the authentication server 20 to perform the authentication (2).

Here, the authentication server 20 and the web server 30 may be operated by integrating into a single system, or may be operated as a separate system.

When the authentication server 20 receives an authentication request from the web server 30, the authentication server 20 transmits authentication information necessary for authentication, such as a telephone number of an answering machine, to a telephone terminal of a telephone number previously registered by the user (3).

Such authentication information may be simply an automatic answering phone number of an automatic answering phone system such as an ARS system or an IVR system, or may include information including an authentication number and an automatic answering number.

The user's telephone terminal 11 receiving the above message informs the user that authentication should be performed, and when the user enters a selection to allow it, dials the auto-answering phone number included in the received message to the authentication number. Is inputted or automatically performs the above operation even if there is no special action of the user (4).

The authentication server 20 performs authentication using only the telephone number of the user's telephone terminal 11 together with the automatic answering telephone number dialed by the user, or using the telephone number and authentication number of the user's telephone terminal 11. Then, the authentication result is transmitted to the web server 30 (5).

When the authentication is performed, the user can perform an action to be performed on the web through authentication such as logon, game use, and product purchase.

As described above, the present invention relates to a two-channel authentication method using a telephone network through a user's telephone terminal in addition to authentication through an internet network while using the Internet, and has an advantage of higher security than a conventional one channel authentication method.

In addition, the conventional two-channel authentication method has a disadvantage in that it is inconvenient for the user because the user has to check the authentication number or input the phone number, etc., but the present invention provides authentication using the user's telephone terminal. While performing, the above actions, i.e., the user does not need to check the authentication number or input the phone number, so that the user's inconvenience can be minimized compared to other authentication methods using a mobile phone.

Although the user terminal 12 is illustrated as a personal computer (PC) in FIG.

For example, although the user terminal 12 and the telephone terminal 11 are shown as separate devices in FIG. 1, a mobile phone such as a smart phone supports both a web page access function and a telephone function, and thus is implemented using a single device. This may be possible.

In addition, the terminal that is easy to be used as the user terminal 11 of the present invention among the terminals that are used a lot will be a smart phone, but it is not necessarily a smart phone, the other phone terminal is also required to implement the function required in the present invention If so, it will be available as a telephone terminal used in the present invention.

In the present invention, the function required for the user's terminal is connected to the authentication server 20 by a simple operation such as one-click of the user to receive authentication information such as a telephone number and an authentication number of an answering machine, and use the authentication information. To dial the automatic answering phone system in the authentication server 20 to perform authentication.

The smart phone can be installed by the user according to the user's convenience, it will be convenient to apply to the present invention using an app that performs the above functions.

However, in the case of a mobile phone or a wired / wireless phone other than a smart phone, if the above functions are provided, the present invention may be used.

Of course, a phone other than a smart phone is generally limited to actions such as installing and deleting an application program as needed by the user, and thus it is not as easy as a smart phone to install a function by a user. Since it is not impossible to implement a specific function, etc., the protection scope of the present invention applies not only to the case of using a smart phone but also to the case of using other telephones.

There may be a variety of information a user uses to authenticate by dialing.

First, the authentication may be performed using the authentication number. In the case of performing authentication using the authentication number, the system installed in the user's telephone terminal 11 authenticates by calling the auto-answering phone number received from the authentication server 20 and then inputting the authentication number. .

 There are a number of ways to enter the authentication number after dialing the automatic answering phone number.

First, the program installed in the user's phone terminal recognizes the auto answering phone number and the authentication number separately, and controls the phone so that the auto answering phone number is first selected so that the call is connected again after a predetermined time after the call is connected. By providing an authentication number in the authentication number may be entered.

Alternatively, the answering machine number and the authentication number may be provided to the phone terminal in the form of a single phone number so that the authentication number may be input immediately after the call is made.

In this case, if a corresponding symbol is inserted to give a predetermined time interval between the input of the automatic answering phone number and the authentication number, and the corresponding symbol is provided to the phone terminal, the authentication number is not entered because the authentication number is entered before the call is connected. You will be able to prevent this.

Depending on the type of telephone and the like, the method of stopping a predetermined interval while the number is automatically input may be different.

For example, if you enter a comma (,) between phone numbers, the phone is set to enter a number after the comma after a few seconds of stopping at the comma. [Auto answering phone number + comma (,) + If the number is provided to the phone terminal in the form of an authentication number], the authentication number may be input after the phone call is connected.

Alternatively, authentication may be performed using only the answering machine telephone number without the authentication number.

In this case, the authentication server 20 designates and provides a new automatic answering phone number every time the user provides the automatic answering phone number for authentication in the state of securing a plurality of automatic answering phone numbers.

The order of providing the automatic answering telephone number may be specified by generating a random number, or may be provided according to a predetermined order, and then extracted by extracting the automatic answering telephone number that can be connected to the call at that time. Various methods may be used, such as allowing an automatic answering phone number to be provided to a user.

When a user authenticates by recognizing the user's telephone number used to make a call by calling a fixed specific telephone number, another person circumvents the authentication method by using a CID operation method. Although this is possible, in the case of using the automatic answering telephone number itself as the authentication information as in the present invention, there is an advantage that it is possible to prevent others from accessing by avoiding the authentication method through this CID operation.

 For more details, look at the authentication server and the authentication system installed in the user's telephone terminal.

2 is a block diagram showing an example of the configuration of the user authentication system 100 installed in the user's telephone terminal and the server authentication system 200 installed in the authentication server in the present invention.

As described above, the authentication server and the web server may be operated by the same provider or may be operated by separate providers.

In addition, even if the authentication server is operated by the same operator, the authentication server and the web server may be implemented through the same single device, or may be implemented through an independent device.

In addition, although the authentication system 200 of the present invention may be configured with only one server, it may be implemented using a plurality of servers according to the internal configuration.

The server authentication system 200 of the present invention includes an authentication request receiver 210, a message transmitter 220, an authentication information provider 230, an authentication information receiver 240, and an authentication unit 250.

On the other hand, the user authentication system 100 of the present invention comprises a control unit 110, the authentication information requesting unit 120 and the telephone terminal control unit 130.

The function of each component is as follows.

First, the authentication request receiver 210 of the server authentication system 200 receives an authentication request for a user.

As described above, the authentication request may be directly requested by the user by clicking a button for requesting authentication on the web screen, but may be indirectly requested by logging in or requesting a service requiring authentication.

When a situation requiring authentication occurs, the web server requests authentication to the authentication system 200 of the authentication server, and the authentication request receiver 210 receives an authentication request from the web server.

When receiving the authentication request, if the user's phone number is registered in the authentication system, only identification information such as ID is transmitted. Otherwise, the user's phone number is received together with the user's identification information or only the user's phone number is received. Will be received.

Whether the user's telephone number is registered in the web server or the authentication server may be determined by the operation of the service or the decision of the operator.

In other words, some operators prefer to store user information on the web server and provide the necessary information to the authentication system of the authentication server whenever authentication is required. If it is a necessary service, some operators prefer to register the necessary information in the authentication server's authentication system from the beginning and transmit only the user's identification information when authentication is required. The case may vary, and accordingly, the type of data received by the authentication request receiver 210 may vary.

In addition, when a web server and an authentication server are operated separately, and one authentication server performs authentication in connection with a plurality of web servers, identification information for identifying a web server such as an address of a website operated by the web server Is received together.

The message transmitting unit 220 serves to inform the user's telephone terminal of the authentication request receiving unit 210 when receiving the authentication request from the web server.

The user authentication system installed in the user's telephone terminal may be arbitrarily executed by the user, but may be executed in the process of receiving a message from the message transmitter 220 and confirming the message.

In particular, this function is convenient to apply when the user's phone terminal is a smartphone, the message transmission unit 220 transmits the message in the form of a push message.

When the message transmission unit 220 transmits a message indicating that the authentication request has been received in the form of a push message, when the user selects confirmation of the message received from the smart phone, an application program (authentication for users) automatically connected with the push message Since the system) is executed, the user can save the trouble of finding and executing an application program separately installed in the telephone terminal.

On the other hand, the message transmitted from the message transmitting unit 220 may simply include the content of the degree that the authentication request has been received, or include information that the user can know the information applied for authentication, such as the address of the web page that has been applied for authentication. can do.

When the authentication information providing unit 230 receives a request for authentication information by accessing a user authentication system installed in a user's telephone terminal, the authentication information providing unit 230 provides corresponding authentication information.

When the authentication information providing unit 230 receives the user's access, using the information received from the authentication request receiving unit 210 and the information received from the user's phone terminal, the authentication information providing unit 230 checks whether the user to be authenticated, When it is confirmed that the user needs to perform authentication, the authentication information is generated and provided.

In this case, it is preferable to use user's own identification information as information for checking whether the user requires authentication, and when using the phone number of the user's telephone terminal, the step of giving identification information may be omitted. It will be convenient.

Information that can be used as the authentication information can be an automatic answering phone number, authentication number, etc. as described above.

In addition, when the automatic answering phone number is used as the authentication information, a fixed automatic answering phone number is not provided to all users, but a plurality of automatic answering phone numbers are provided. As described above, the newly designated answering phone number is provided to the user to provide the designated answering phone number.

In the present invention, the authentication number means information that can be input using a keypad of a telephone terminal, and although expressed as a number, it is not necessarily included only a number, such as #, * etc. to input using a keypad of the telephone terminal. It is a concept that includes all possible information.

On the other hand, when providing the authentication information from the authentication information providing unit 230, it is preferable to encrypt and transmit.

The encryption method may be applied by selecting one of the known encryption methods or an encryption method developed in the future, and may be an encryption method that can be decrypted only by the user authentication system 100 installed in the user terminal. .

On the other hand, when providing the authentication information from the authentication information providing unit 230, it is preferable to perform authentication first to prevent the authentication information from being provided by a person other than a legitimate user.

As an example of such an authentication method, the following method may be used.

If the user provides authentication information by specifying a new automatic answering phone number each time the user requests the authentication information, the authentication information providing unit 230 stores information on the automatic answering phone number previously provided to the user. It will be, so that the authentication information provider 230 may be the first authentication using the information on the automatic answering phone number provided to the user.

That is, upon receiving the access of the authentication system for the user installed in the user's telephone terminal, check whether the authentication information has been provided before, and if the authentication information has been provided, the automatic response provided for authentication to the same user before. Authenticate for the user to specify and answer one of the auto answering phone numbers previously provided to the user, such as the last provided phone number, the second provided from the last, the phone number provided at 0 on 0 0 The authentication information may be provided only when the system requests the system and receives the correct telephone number from the user authentication system.

This method cannot be used in the case of the first authentication in which the connected user's system has never been authenticated and has not provided the authentication information, but has been provided with authentication information once authenticated using the authentication system of the present invention. If there is ever before, authentication can be performed without user's intervention, and since the authentication is possible only by the user's telephone terminal, there is an advantage that the other person without the user's telephone terminal can be prevented from being authenticated.

In the above example, the first authentication is performed using the auto answering phone number. However, if the authentication information previously provided to the user's phone terminal is stored in addition to the auto answering phone number, the authentication information is used. Secondary authentication may be performed.

For example, in the case of providing the authentication number as the authentication information, the first authentication may be performed through the process of confirming the authentication information provided at a specific time from the previously provided authentication information.

When performing the first authentication using the provided authentication information, the authentication information provided for each user (by user authentication system) is stored and used for the next authentication.

The authentication information receiver 240 receives an incoming call from the user's telephone terminal, checks the answering machine telephone number that the user calls, obtains the telephone number of the user's telephone terminal, receives an authentication number, and the like. It performs the function of acquiring the necessary information.

The authentication information receiver 240 typically receives an automatic call, such as an automatic response system (ARS), or has an automatic answering function, such as an interactive voice response (IVR). As a component capable of recognizing a number input through the information, the information obtained by the authentication information receiver 240 may vary depending on what information the authentication unit 250 uses for authentication.

The authentication unit 250 determines whether to be authenticated using the information received from the authentication information receiver 240.

Determination of authentication may be performed by a conventional authentication method, and what data to perform authentication may be determined by a system operator.

For example, authentication may be performed using only the authentication number entered in the simplest method. If the authentication number included in the authentication message transmitted within a predetermined time after the message transmission unit 220 transmits the authentication message, the corresponding user is considered to have been authenticated.

This may be a problem when a plurality of users want to be authenticated at the same time, but when the authentication system 100 receives an authentication message, the system automatically dials and authenticates the authentication message. Since the authentication operation will be performed within a certain time, if there are not many users who want to be authenticated, the message transmission unit 220 may be used if the users do not overlap by adjusting the time interval when transmitting the authentication message.

Another method is to use an automatic answering telephone number used by a user's telephone terminal.

As described above, the authentication information providing unit 230 receives a connection of the user authentication system 100 provided in the user's telephone terminal and provides a new automatic answering phone number whenever providing authentication information. Since the automatic answering phone number used is different for each authentication, it can be used for user verification (authentication).

In the case of performing authentication using only the automatic answering phone number, the authentication information receiving unit 240 preferably receives the authentication information in such a manner as to disconnect the connection immediately after obtaining only the telephone number of the user's telephone terminal included in the call information. .

In this case, there is an advantage that the user does not incur call charges, and because the time to perform authentication is shortened, the capacity that the system can handle simultaneously can be increased, and thus a system for performing authentication of the same capacity is constructed. The cost is reduced.

The authenticator 250 may perform an authentication operation using two or more pieces of data.

In the simplest way, authentication can be performed using the answering machine or authentication number given in the previous example and the telephone number of the user's telephone terminal.

Since the telephone number of the user's telephone terminal receives the caller's telephone number information when the call is connected from the user's telephone terminal, the user's telephone terminal does not need to provide this information separately.

If the authentication is performed using the auto answering phone number and the phone number of the user's telephone terminal, if the call is connected and the call is set to be disconnected before the call is made, no additional phone charges are incurred during the authentication process. desirable.

That is, the information on which automatic answering phone number is dialed from the user's telephone terminal and the telephone number of the user's telephone terminal are already verified during the call connection process, so there is an advantage that the user can check the call without having to go through the call connection process. In the case of a user who does not go to the call connection process, call charges are not incurred. Therefore, there is an advantage that the user does not incur a separate cost in the authentication process.

In addition, authentication may be performed using [authentication number + auto answering phone number where the call was received], or further, [authentication number + user answering phone number + the answering machine number where the call was received]. You can also verify it by verifying it.

If it is confirmed that the authentication unit 250 has been authenticated, it notifies the web server, the user, and the like so that the user can receive the service requested by the user and ends the entire authentication process.

There may be a variety of ways to inform the user that the authentication process has ended.

For example, if the system is set to maintain the connection until the authentication is terminated after the user authentication system accesses the server authentication system to receive authentication information, authentication is performed through the connected wireless Internet network. A message may be sent indicating completion. This has the advantage of minimizing the additional cost to indicate that authentication is complete.

In addition, there may be a method of directly sending a text message, and sending a message notifying that the authentication is completed to the web server of the website used by the user, and sending a text message or the like to the user from the web server or the screen of the website. It is also possible to have the authentication complete message displayed.

The control unit 110 of the user authentication system 100 installed in the user's telephone terminal drives the user authentication system 100, and each component in the user authentication system 100, that is, the authentication information requesting unit 120. ) And the telephone terminal control unit 130 is operated.

There are two main methods for the controller 110 to drive the user authentication system 100.

One checks whether a driving command is input from the user, so that the user authentication system is activated when the user selects an icon for instructing the execution of an application program provided in a telephone terminal such as a smartphone.

Another method is to receive a push message type message from the message transmission unit 220 of the server authentication system and to detect when the user confirms the reception of the message so that the user authentication system 100 is driven.

When the push message is received from the message transmitting unit 220, a button (icon) indicating that the push message has been generated is generated in the user's telephone terminal. When the user selects the button (icon), the controller 110 detects the app and displays the app. The system of the present invention installed in the form of to be executed.

In both cases, the same is true in that the user authentication system 100 is driven based on whether an input indicating a request for authentication by the user is detected.

On the other hand, when the control unit 110 drives the user authentication system 100, the user authentication system 100 is driven only when the correct password is input by inputting the password information such as the password set by the user before You can do that.

In this case, the time for receiving the password information may be when the user authentication system for the first time is started, or when each component constituting the user authentication system is driven.

That is, the controller 110 checks whether the password information set by the user is input before the authentication information requesting unit 120 and / or the telephone terminal control unit 130, which is a component of the user authentication system, is input. Only when the information is inputted, the authentication information requesting unit 120 and / or the telephone terminal controller 130 may be controlled to be executed.

At this time, the input of the encryption information may be set to be required only when any one component is executed, or may be set to be required every time all the components are executed.

In addition, input of cryptographic information may be required before the execution of each component is started, and input of cryptographic information may be required immediately before execution of each component is completed.

By doing so, even if the user's telephone terminal is stolen, another user may not perform authentication using the user's telephone terminal unless the password information set by the user is exposed.

On the other hand, the controller 110 may control the screen so that the progress is shown to the user while the authentication operation is in progress.

However, even at this time, it is preferable that the authentication information is not output on the screen so that the authentication information does not leak even if another person views the user's telephone terminal.

The authentication information requesting unit 120 accesses the server authentication system 200 to apply for authentication information, and receives the authentication information provided by the server authentication system.

As described above, the authentication information may be an automatic answering phone number and / or an authentication number.

Specifically, when the authentication information requesting unit 120 is executed, the authentication information requesting unit 120 is connected to the authentication information providing unit 230 of the server authentication system 200 by using the address information stored in advance, It provides identification information for identifying a user and requests the reception of authentication information corresponding thereto.

In this case, as described above, the telephone number of the telephone terminal may be used as identification information for identifying the user.

In addition, the authentication information received from the authentication information providing unit 230 may be received in an encrypted form, in this case, the authentication information requesting unit 120 decrypts the encrypted information to extract the authentication information.

On the other hand, the first authentication can be performed to receive the authentication information from the authentication information providing unit 230 is the same as described in the authentication information providing unit 230, for this purpose, the authentication information application unit 120 When the authentication information is received from the authentication information providing unit 230, the authentication information is stored in a log file or the like without being discarded after authentication, and then the first authentication is performed to receive authentication information from the authentication information providing unit 230 next time. It can be used when

In the case where the authentication information application unit 120 stores the authentication information, the time when the authentication information is provided along with the authentication information, the time when the authentication is performed using the authentication information, or the authentication received for the second time among the stored authentication information. It is preferable to store information that can be used to specify authentication information, such as information indicating whether the information is information.

Whether to store the provided authentication information until and what information to specify the authentication information may vary depending on the condition for requesting the authentication information from the authentication information providing unit 230.

For example, when the authentication information providing unit 230 always requests confirmation of the last provided authentication information, the authentication information requesting unit 120 may store only the most recently received authentication information, and the last five times. In the case of requesting to specify any one of the provided authentication information, the authentication information requesting unit 120 stores five recently provided authentication information, and among them, necessary authentication according to the request of the authentication information providing unit 230. First authentication may be performed by extracting and transmitting the information.

In addition, even in the case of information for selecting and selecting authentication information, the authentication information providing unit 230 is set to request authentication information based on time (for example, authentication information provided at 0 o'clock on 0/0). When the authentication information is stored, information about the time of receiving the authentication information is provided, and when the authentication information is set to request the authentication information (for example, the authentication information provided second from the last), the information on the order is displayed. To be stored.

The terminal control unit 130 is executed by the control of the control unit 110, receives the authentication information, such as the automatic answering phone number and / or authentication number extracted from the authentication information requesting unit 120, the telephone terminal automatically answer Call the phone number to control authentication.

The method of performing authentication may vary depending on the type of authentication information.

For example, in the case of using only the auto answering phone number as authentication information, the user can dial the received auto answering phone number so that the authentication information receiving unit 240 can obtain the user's phone number and then end the authentication operation. have.

At this time, as long as the call is connected to the phone, the authentication information receiver 240 of the server authentication system 200 can obtain the phone number of the user's telephone terminal, so there is no need to wait until the call, if the user As mentioned above, it does not incur telephone charges and increases the hourly processing capacity of the server authentication system, so that more authentication processing can be performed at the same construction cost.

The operation of disconnecting the call may be performed by the authentication information receiver 240 of the server authentication system, or may be performed by the telephone terminal controller 130 of the user authentication system.

When using only the authentication number as authentication information (when the answering machine number is public or fixed as a single number), or when using the answering machine number and the verification number, call the answering machine number and enter the verification number. There may be several ways to make an input.

First, to control the telephone terminal to enter the automatic answering telephone number, and then enter the call button to make a call to the authentication information receiver 240 of the server authentication system 200, and then control to enter the authentication number. have.

In this case, if the authentication number is input immediately after the call button is input, since the authentication number may be input while the call is not connected, the authentication number is input after a predetermined time after the call button is input. desirable.

Alternatively, it is possible to input the authentication number automatically after the call is made by inputting the call button in the order of [auto answering phone number + symbol indicating a predetermined time stop + authentication number]. have.

Here, the symbol representing the predetermined time stop may be different for each terminal or communication company. For example, if a comma (,) enters the middle of a telephone number, a predetermined time stops at that portion, and the next number is to be entered, the symbol will be a comma (,) in the above manner.

At this time, the amount of time to stop is determined by the number of symbols inserted in the middle, so that the number of symbols corresponding to the set time will be inserted.

Another method is not to enter a telephone number directly, but to register a phone number in the form of [auto answering phone number + sign indicating a predetermined time stop + authentication number] as described above in the phone book of the phone. When the phone number registered in the phone book is selected, the server authentication system 200 may be dialed so that the authentication number is input. Of course, in this case, after the authentication is performed, the process of deleting the telephone number registered in the telephone book should be additionally performed.

In this way, the server can be dialed in to the authentication system for the server so that the authentication number can be entered.

What is common to all methods is that the user dials and authenticates automatically without any intervention, such as calling the user directly or verifying the authentication number.

In the other authentication method using the user's phone, the user directly inputs the authentication number on the web or the phone, so the user must confirm the authentication number. However, the present invention automatically handles everything, so the user checks the authentication number. There is no need for other interventions.

3 is a flowchart illustrating a method of the present invention and illustrates an authentication method performed by the user authentication system 100 installed in a user terminal.

First, the controller 110 checks whether a signal for instructing driving of the user authentication system 100 is input (301).

Whether to instruct the operation of the user authentication system 100 is whether the user selects an icon for instructing the execution of the application program provided in the phone terminal, such as a smart phone and push from the message transmission unit 220 of the server authentication system As described above, when receiving a message type message, it can be known by monitoring whether the user confirms receipt of the message.

When it is confirmed that a signal for instructing the driving of the user authentication system 100 is input, the controller 110 drives the authentication information requesting unit 120 to start the authentication operation.

Specifically, the authentication information requesting unit 120 accesses the server authentication system 200 to apply for authentication information, and receives the authentication information provided by the server authentication system (302).

As described above, the authentication information may be an automatic answering phone number and / or an authentication number.

At this time, before the authentication information requesting unit 120 accesses the server authentication system to apply for the authentication information or receives the authentication information and provides the authentication information to the telephone terminal controller 130, As described above, the operation can be continued only when the password information is input from the user and the password information matches the preset password information.

In addition, when the authentication information is encrypted, the authentication information is extracted through the decryption process as described above.

In addition, the authentication information requesting unit 120 may access the authentication information providing unit 230 and perform the first authentication before receiving the authentication information. In this first authentication, the authentication information providing unit 230 may be used. Authentication is performed by checking the authentication information provided from the.

When the authentication information requesting unit 120 receives the authentication information from the authentication information providing unit 230 for the first authentication, the authentication information is stored in a log file or the like without being discarded after authentication. To receive the authentication information from the study 230 to be used when the first authentication, the authentication information and the time provided with the authentication information, the authentication time using the authentication information, or stored authentication information It is preferable to store together information that can be used to specify the authentication information, such as order information indicating how many times the authentication information is received, and the authentication information specified by the authentication information providing unit 230 to the authentication information providing unit 230. The authentication is performed by transmitting the same to the above).

On the other hand, the telephone terminal control unit 130 receives authentication information such as an automatic answering phone number and / or authentication number extracted from the authentication information requesting unit 120, the telephone terminal dials the automatic answering phone number to perform authentication To control (303).

In this case, the control unit 110 controls the telephone terminal before the telephone terminal control unit 130 receives the authentication information from the authentication information requesting unit 120 or the telephone terminal control unit 130 calls the automatic answering phone number. As described above, the operation can be continued only when the password information is input from the user and the password information matches the preset password information.

The method of performing authentication may vary depending on the type of authentication information. When using only the automatic answering phone number as the authentication information, the authentication information receiver 240 obtains the user's phone number by dialing the received automatic answering phone number. If you use only the authentication number as the authentication information (when the answering machine phone number is open or fixed as a single number), or the answering machine number and authentication number In the case of using, dialing the automatic answering phone number to enter the authentication code, the phone terminal control unit 130 controls the telephone terminal so that the automatic answering phone number is input after the call button is input to the server authentication system ( After making a call to the authentication information receiving unit 240 of the 200, control to input the authentication number after a predetermined time In addition, [auto answering phone number + sign indicating a predetermined time stop + authentication number] in the order to be entered in such a way that the call button is input, so that the authentication number is automatically entered after the call. In the manner that the telephone number of the telephone terminal is registered in the form of [auto answering phone number + sign indicating a certain time stop + authentication number] in the form, and the phone number registered in the phone book is selected when making a call. As described above, the authentication information receiving unit 240 may be executed by various methods such as making the authentication number input by calling the authentication information receiver 240.

On the other hand, Figure 4 is a flow chart illustrating a method of the present invention, showing a method performed in the server authentication system 200.

First, the authentication request receiver 210 receives an authentication request for a user from a web server (401).

When receiving the authentication request, if the user's phone number is registered in the authentication system, only identification information such as ID is transmitted. Otherwise, the user's phone number is received together with the user's identification information, or the user's phone Only numbers can be received as described above.

The message transmission unit 220 notifies the user's telephone terminal of the authentication request reception unit 210 when receiving the authentication request from the web server (402).

This step is necessary for the user to facilitate the process of finding and executing the corresponding application program in his / her telephone terminal, and is not necessary if the user directly executes the corresponding application.

In this case, the format of the message transmitted from the message transmission unit 220 is in the form of a push message, the push message includes the application program information corresponding to the user authentication system 100, the information that the other authentication request has been received As described above, the user may include information such as the address of the webpage to which the application for authentication is applied, such as information that the user knows the content of the application for authentication.

In addition, when the message is sent, the user's telephone number is registered in the message transmission unit 220 in advance, and the telephone number is used. Otherwise, the authentication request receiver 210 receives the authentication request when the web is received. As described above, the message can be transmitted to the received phone number by receiving the user's phone number along with the user's identification information from the server.

On the other hand, the authentication information providing unit 230 of the server authentication system 200 receives the connection of the user authentication system installed in the user's telephone terminal and receives the authentication information, and provides the corresponding authentication information (403)

When the authentication information providing unit 230 receives the user's access, the user who is connected by using the information received from the authentication request receiving unit 210 and the user's telephone number received from the user's telephone terminal should perform authentication. If it is confirmed that the user is a user that needs to perform authentication, the authentication information is generated and provided as described above, and the information that can be used as the authentication information can be an automatic answering phone number or authentication number. Yes, as we have seen earlier.

In addition, when providing the authentication information from the authentication information providing unit 230 can be encrypted and transmitted as described above.

On the other hand, when providing the authentication information from the authentication information providing unit 230 may perform a primary authentication to prevent the authentication information is provided to other people than the legitimate user.

When performing the first authentication, authentication can be performed by confirming previously provided authentication information such as an automatic answering phone number provided previously, and specifying the date and time of providing the authentication information or the order among the provided authentication information. As described above, the authentication can be performed by specifying and requesting any one of the authentication information provided to the user's telephone terminal and confirming whether the received authentication information is correct.

 The authentication information receiver 240 receives a call from the user's telephone terminal and receives an authentication number, or obtains a telephone number of the user's telephone terminal, and performs a function of obtaining information necessary for authentication (404).

The authentication unit 250 determines whether to be authenticated using the information received from the authentication information receiving unit 230 (405).

The data used in determining whether to authenticate or not may be simply an input of an authentication number or an automatic answering phone number. A number + a user's telephone number + a telephone can be used in the form of a received automatic answering phone number] as described above.

If it is confirmed that the authentication unit 250 has been authenticated by notifying the user and the web server so that the user can be provided with the requested service to terminate the entire authentication process (405).

FIG. 5 illustrates the overall method of the server authentication system 200 and the user authentication system 100 according to the present invention, and shows the process of FIGS. 3 and 4 in combination.

Since each step has been described above with reference to FIGS. 3 and 4, a detailed description thereof will be omitted.

The method of the present invention can also be embodied as computer readable code on a computer readable recording medium. A computer-readable recording medium includes all kinds of recording apparatuses in which data that can be read by a computer system is stored. Examples of the computer-readable recording medium include a ROM, a RAM, a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like, and may be implemented in the form of a carrier wave (for example, transmission via the Internet) . The computer readable recording medium can also be distributed over network coupled computer systems so that the computer readable code is stored and executed in a distributed fashion.

Claims (21)

In the method of receiving a call to the automatic answering phone number included in the authentication information sent to the user's telephone terminal for authentication,
A server authentication system receiving access from a user authentication system installed in the user's telephone terminal and requesting authentication information for authentication;
Performing primary authentication by the server authentication system using first authentication information previously provided to the user authentication system;
Providing, by the server authentication system, authentication information to the user authentication system in which the first authentication is performed; And
The server authentication system obtains the telephone number information of the telephone terminal and the automatic answering telephone number from the call information requested to connect to the automatic answering telephone number included in the authentication information from the telephone terminal on which the user authentication system is installed. And authenticating by using the telephone number information of the telephone terminal and the answering machine telephone number obtained from the call information. The method of claim 1, wherein the auto answering phone number included in the authentication information is selected from one of a plurality of auto answering phone numbers, and the providing of the authentication information is performed every time the authentication information is provided among the plurality of auto answering phone numbers. Authentication method using a user's telephone terminal, characterized in that the selected automatic answering telephone number is included in the authentication information. The method of claim 1, wherein the first authentication information is any one of an automatic answering phone numbers previously provided to the user authentication system.
The step of performing the first authentication designates and requests any one of the auto answering phone numbers previously provided to the user authentication system, and the auto answering phone number transmitted from the user authentication system is the requested auto answering phone. Authentication method using a user's telephone terminal, characterized in that determining whether the number matches. The method of claim 1, wherein the authentication method
And receiving, by the server authentication system, an authentication number included in the authentication information from a telephone terminal in which the user authentication system is installed, and performing authentication. In the method for performing authentication by dialing and entering the authentication number of the authentication message sent to the user's telephone terminal to the answering machine telephone number,
Confirming, by the user authentication system installed in the user's telephone terminal, that there is an input indicating an authentication request from the user;
Requesting and receiving authentication information for authentication by accessing a server authentication system for authentication by the user authentication system when there is an input of a user's authentication request indication;
And controlling, by the user authentication system, the telephone terminal to make an authentication call by being included in the authentication information and making a call to a newly designated automatic answering phone number whenever the authentication information is provided. Authentication method using a user's telephone terminal. The method of claim 5, wherein the authentication information is encrypted and transmitted. The method of claim 5, wherein the authentication method
Receiving a selection to allow the user to proceed with the authentication process before performing at least one of each of the above steps;
And the authentication method is performed only when the user allows the authentication process to proceed. The method of claim 5, wherein the requesting and receiving of the authentication information comprises:
Receiving, by the user authentication system, a request for transmission of authentication information previously provided from the server authentication system;
Transmitting, by the user authentication system, first authentication information corresponding to the requested authentication information to the server authentication system; And
And when the first authentication information transmitted matches the requested authentication information, receiving, by the user authentication system, the authentication information from the server authentication system. Way. The method of claim 8, wherein the first authentication information is any one of an auto answering phone numbers previously provided to the user authentication system. The method of claim 5, wherein the authentication method
And controlling the telephone terminal to make a call to an automatic answering telephone number included in the authentication information, and to input the authentication number included in the authentication information. Authentication method using the user's telephone terminal. In the system for receiving a call to the automatic answering phone number included in the authentication information sent to the user's telephone terminal for authentication,
When receiving a request from the user authentication system installed in the user's telephone terminal to receive authentication information for authentication, after performing the first authentication using the first authentication information previously provided to the user authentication system, Authentication information provider for providing authentication information;
An authentication information receiver for obtaining telephone number information of the telephone terminal and the automatic answering telephone number from call information requested to be connected to an automatic answering telephone number included in the authentication information from a telephone terminal equipped with the user authentication system; And
And an authentication unit configured to perform authentication by using the telephone number information of the telephone terminal and the answering machine telephone number obtained from the connection request call information. 12. The method of claim 11, wherein the authentication information providing unit includes a plurality of automatic answering telephone numbers, and each time the authentication information is provided among the plurality of automatic answering telephone numbers, the newly selected automatic answering telephone number is included in the authentication information. Authentication system using the user's telephone terminal. The method according to claim 11, wherein the first authentication information is any one of an auto answering phone numbers previously provided to the user authentication system.
The authentication information providing unit specifies and requests any one of the auto answering phone numbers previously provided to the user authentication system, and confirms whether the auto answering phone number transmitted from the user authentication system matches the requested auto answering phone number. Authentication system using a user's telephone terminal, characterized in that for performing the first authentication. 12. The method of claim 11,
The authentication information receiver receives an authentication number included in the authentication information from a telephone terminal in which the user authentication system is installed,
The authentication unit authentication system using a user's telephone terminal, characterized in that for further authentication using the received authentication number. In the system that is provided in the user's telephone terminal, and dials the automatic answering phone number included in the authentication information sent to the user's telephone terminal to perform authentication,
An authentication information requesting unit requesting and receiving authentication information for authentication by accessing a server authentication system for authentication when there is an input of an authentication request indication of the user;
A telephone terminal control unit configured to control the telephone terminal to be included in the authentication information and to perform authentication by dialing a newly designated automatic answering telephone number each time the authentication information is provided; And
And a controller which checks whether there is an input indicating an authentication request from the user, and controls the authentication information requesting unit and the telephone terminal control unit to be authenticated when there is an input indicating an authentication request. Authentication system using a user's telephone terminal. The system of claim 15, wherein the authentication information is encrypted and transmitted. The method of claim 15, wherein the controller receives a selection for allowing the user to proceed with the authentication process before driving at least one of the authentication information requesting unit and the telephone terminal control unit, and permits the user to proceed with the authentication process. Authentication system using a user's telephone terminal, characterized in that the control to perform only one case. The method of claim 15, wherein the authentication information application unit
The user receives the authentication information after performing the first authentication by transmitting the first authentication information corresponding to the requested authentication information by requesting the transmission of the authentication information previously provided from the server authentication system. Authentication system using a telephone terminal. 19. The method of claim 18, wherein the first authentication information is provided in the telephone terminal of the user, characterized in that the automatic answering telephone number of any one of the automatic answering telephone number previously provided to the authentication system using the user's telephone terminal. Authentication system using the user's telephone terminal. The telephone terminal control unit according to claim 15, wherein the telephone terminal control unit
And controlling the telephone terminal to dial an automatic answering telephone number included in the authentication information, and to input the authentication number included in the authentication information. A computer-readable recording medium having recorded thereon a program for realizing the method according to any one of claims 1 to 10.

Images