KR101595099B1 - Method for providing security code service - Google Patents
Method for providing security code service Download PDFInfo
- Publication number
- KR101595099B1 KR101595099B1 KR1020150055232A KR20150055232A KR101595099B1 KR 101595099 B1 KR101595099 B1 KR 101595099B1 KR 1020150055232 A KR1020150055232 A KR 1020150055232A KR 20150055232 A KR20150055232 A KR 20150055232A KR 101595099 B1 KR101595099 B1 KR 101595099B1
- Authority
- KR
- South Korea
- Prior art keywords
- user
- terminal
- authentication
- code
- security code
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
Abstract
A method for providing a security code service, the method comprising: transmitting and storing an encrypted user authentication code to a user terminal; storing user data of the user terminal and a user authentication code Generating a primary security code and transmitting the primary security code to the user terminal when the authentication is completed and receiving an event requesting the primary security code from the secure authentication terminal; And if it is received, re-authenticating the user terminal and transmitting the re-authentication result to the security authentication terminal.
Description
The present invention relates to a security code service providing method.
Recently, as users of smartphones and smart pads have surged, a method of authenticating a user is also performed by transmitting an authentication code composed of text including numerals and characters using the message function of a smart phone in addition to the identification card, The method of authenticating a user according to whether or not the user is authenticated is often used.
At this time, a method of authenticating a user is performed by using an image authentication code. In this regard, Korean Unexamined Patent Publication No. 2012-0104455 (published on Sep. 22, 2012) provides a code image to a user, and when recognition data recognizing a code image is received from a smart terminal, a key mapped to recognition data And then transmits the account information linked to the key value to the smart phone so as to enable inter-personal remittance processing.
However, in the case of authentication and remittance processing by merely receiving the image code from the smart terminal, it is impossible to confirm whether or not the image code is received from the smart terminal, so there is no way to confirm whether the image user is a party user. There is a possibility that an accident will occur when a remittance process is performed, and only a online authentication occurring in a smart terminal is possible, and there is a problem that a flow of a process of accessing a user from another device or granting access can not proceed at all.
One embodiment of the present invention is to prevent the risk of hacking or unauthorized copying by using a code imaged from a text code having vulnerability of an open type security, A security code service providing method capable of minimizing the risk of a security incident by applying a security code and re-authenticating after user identification and authentication are performed with a user authentication code can be provided. It should be understood, however, that the technical scope of the present invention is not limited to the above-described technical problems, and other technical problems may exist.
According to an aspect of the present invention, there is provided a method of transmitting an encrypted user authentication code to a user terminal, the method comprising: Generating a primary security code and transmitting the primary security code to the user terminal upon receiving an event requesting the primary security code from the secure authentication terminal after the authentication is completed; And transmitting the re-authentication result to the secure authentication terminal by re-authenticating the user terminal when the transmitted primary security code is received from the user terminal.
According to any one of the above-mentioned objects, the use of the image authentication code minimizes the risk of duplication and hacking and the risk of leakage of the code when disclosed, It can be used not only on-line but also when users are offline, and can be utilized even more intuitively.
1 is a block diagram illustrating a security code service providing system according to an embodiment of the present invention.
2 is a block diagram illustrating the security code service providing server shown in FIG.
3 is a diagram illustrating an embodiment of a security code service executed in the security code service providing system shown in FIG.
4 is a diagram illustrating another embodiment of a security code service executed in the security code service providing system shown in FIG.
5 is a diagram illustrating a process in which data is transmitted and received between the respective components included in the security code service providing system of FIG. 1 according to an embodiment of the present invention.
6 is a flowchart illustrating a method of providing a security code service according to an embodiment of the present invention.
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings, which will be readily apparent to those skilled in the art. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.
Throughout the specification, when a part is referred to as being "connected" to another part, it includes not only "directly connected" but also "electrically connected" with another part in between . Also, when an element is referred to as "including" an element, it is to be understood that the element may include other elements as well as other elements, And does not preclude the presence or addition of one or more other features, integers, steps, operations, components, parts, or combinations thereof.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.
1 is a block diagram illustrating a security code service providing system according to an embodiment of the present invention. 1, the security code service providing system 1 may include a
At this time, the respective components of FIG. 1 are generally connected through a
Here, the
The
The secure code
The
The user
FIG. 2 is a block diagram illustrating the security code service providing server shown in FIG. 1, FIG. 3 is a diagram illustrating an embodiment of a security code service executed in the security code service providing system shown in FIG. 1, 4 is a diagram illustrating another embodiment of a security code service executed in the security code service providing system shown in FIG.
2, a security code
A security code
At this time, the
The
The
Upon receiving the event requesting the primary security code from the
When the transmitted primary security code is received from the
The
When the transmitted primary security code is received from the
Meanwhile, the security code
In this case, the
An embodiment of the security code service providing method of the security code
3 and 4, (a) the
The security code service providing method of FIGS. 2 to 4 will not be described. It can be easily deduced from the same or a description of the security code service providing method described above with reference to FIG. 1, Omit it.
5 is a diagram illustrating a process in which data is transmitted and received between the respective components included in the security code service providing system of FIG. 1 according to an embodiment of the present invention. Hereinafter, an example of a process of transmitting and receiving a signal according to an embodiment of the present invention will be described with reference to FIG. 5. However, the present invention is not limited to such an embodiment, and according to various embodiments described above, It is apparent to those skilled in the art that the process of transmitting and receiving the shown data can be changed.
5, when receiving a request for a user authentication code from the user terminal 100 (S5100), the secure code
At this time, the security code
Then, the security code
If the primary security code is received from the
Then, the
Accordingly, the
Here, the order between the above-described steps S5100 to S5980 is merely an example, but the present invention is not limited thereto. That is, the order between the above-described steps (S5100 to S5980) may be mutually varied, and some of the steps may be executed or deleted at the same time.
6 is a flowchart illustrating a method of providing a security code service according to an embodiment of the present invention. Referring to FIG. 6, the secure code service providing server transmits an encrypted user authentication code to the user terminal and stores the encrypted user authentication code (S6100).
Then, when an event for scanning the user authentication code is generated from the security authentication terminal, the security code service providing server authenticates the user data of the user terminal and the user authentication code (S6200).
When the security code service providing server receives the event requesting the primary security code from the security authentication terminal after the authentication is completed, the security code service providing server generates and transmits the primary security code to the user terminal (S6300).
When the transmitted primary security code is received from the user terminal, the secure code service providing server transmits the re-authentication result to the secure authentication terminal by re-authenticating the user terminal (S6400).
The security code service providing method of FIG. 6, which is not described above, can be easily deduced from the same or described contents of the security code service providing method described above with reference to FIGS. 1 to 5, .
The secure code service providing method according to the embodiment described with reference to FIG. 6 can also be implemented in the form of a recording medium including instructions executable by a computer, such as an application program module executed by a computer or a program module. Computer readable media can be any available media that can be accessed by a computer and includes both volatile and nonvolatile media, removable and non-removable media. In addition, the computer-readable medium can include both computer storage media and communication media. Computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Communication media typically includes any information delivery media, including computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave, or other transport mechanism.
The security code service providing method according to an embodiment of the present invention may be executed by an application installed in a terminal (which may include a program included in a platform or an operating system basically installed in the terminal) (I.e., a program) directly installed on a master terminal by a user via an application providing server such as an application store server, an application, or a web server associated with the service. In this regard, the security code service providing method according to an embodiment of the present invention may be implemented as an application (i.e., a program) installed in a terminal or directly installed by a user, Can be recorded on the medium.
It will be understood by those skilled in the art that the foregoing description of the present invention is for illustrative purposes only and that those of ordinary skill in the art can readily understand that various changes and modifications may be made without departing from the spirit or essential characteristics of the present invention. will be. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. For example, each component described as a single entity may be distributed and implemented, and components described as being distributed may also be implemented in a combined form.
The scope of the present invention is defined by the appended claims rather than the detailed description and all changes or modifications derived from the meaning and scope of the claims and their equivalents are to be construed as being included within the scope of the present invention do.
Claims (10)
Authenticating the user data and the user authentication code of the user terminal when an event occurs to scan the user authentication code from the secure authentication terminal;
Generating the primary security code from the secure authentication terminal after the authentication is completed, and transmitting the generated primary security code to the user terminal; And
Transmitting the re-authentication result to the secure authentication terminal by re-authenticating the user terminal when the transmitted first security code is received from the user terminal; A security code service providing method in a security code service providing server,
The method of claim 1, further comprising: when the transmitted primary security code is received from the user terminal, re-authenticating the user terminal and transmitting the re-authentication result to the secure authentication terminal, Transmitting a secondary security code to a terminal of a user when the authentication is authenticated as a party user;
Analyzing the secondary security code and the user authentication code included in the received event when receiving the event that scanned the secondary security code from the user terminal that scanned the secondary security code;
Transmitting an authentication permission event to the user terminal when the second security code and the user authentication code are authenticated; Further comprising the steps of:
The user peripheral terminal that has received the authentication permission event monitors text and output text input to the user peripheral terminal after receiving the authentication permission event and transmits the monitored text to the security code service providing server,
Wherein the security code service providing server maps the monitoring result into a database by mapping with the user terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150055232A KR101595099B1 (en) | 2015-04-20 | 2015-04-20 | Method for providing security code service |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150055232A KR101595099B1 (en) | 2015-04-20 | 2015-04-20 | Method for providing security code service |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101595099B1 true KR101595099B1 (en) | 2016-02-17 |
Family
ID=55457828
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150055232A KR101595099B1 (en) | 2015-04-20 | 2015-04-20 | Method for providing security code service |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101595099B1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019039865A1 (en) * | 2017-08-23 | 2019-02-28 | 윤태식 | Authentication terminal, authentication device and authentication method and system using authentication terminal and authentication device |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080148376A1 (en) * | 2006-12-19 | 2008-06-19 | Fuji Xerox Co., Ltd. | Computer readable medium, authenticating method, computer data signal, authentication server, and single sign-on authentication system |
KR101051407B1 (en) * | 2011-02-08 | 2011-07-22 | 홍승의 | The system, method and recording medium for interactive security authentication on communication network |
KR20130093793A (en) * | 2011-12-31 | 2013-08-23 | 주식회사 넥스다임 | Recording medium, method and system for log-in confirmation use of image code |
KR101383761B1 (en) * | 2011-12-22 | 2014-04-18 | 주식회사 스마트시스템즈 | User authentication system and method thereof |
-
2015
- 2015-04-20 KR KR1020150055232A patent/KR101595099B1/en active IP Right Grant
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080148376A1 (en) * | 2006-12-19 | 2008-06-19 | Fuji Xerox Co., Ltd. | Computer readable medium, authenticating method, computer data signal, authentication server, and single sign-on authentication system |
KR101051407B1 (en) * | 2011-02-08 | 2011-07-22 | 홍승의 | The system, method and recording medium for interactive security authentication on communication network |
KR101383761B1 (en) * | 2011-12-22 | 2014-04-18 | 주식회사 스마트시스템즈 | User authentication system and method thereof |
KR20130093793A (en) * | 2011-12-31 | 2013-08-23 | 주식회사 넥스다임 | Recording medium, method and system for log-in confirmation use of image code |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019039865A1 (en) * | 2017-08-23 | 2019-02-28 | 윤태식 | Authentication terminal, authentication device and authentication method and system using authentication terminal and authentication device |
US11290279B2 (en) | 2017-08-23 | 2022-03-29 | Tae Sik Yoon | Authentication terminal, authentication device and authentication method and system using authentication terminal and authentication device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11361065B2 (en) | Techniques for authentication via a mobile device | |
KR102358546B1 (en) | System and method for authenticating a client to a device | |
US9098850B2 (en) | System and method for transaction security responsive to a signed authentication | |
JP5231433B2 (en) | System and method for authenticating remote server access | |
US8464324B2 (en) | System and method for identity verification on a computer | |
US9438575B2 (en) | Smart phone login using QR code | |
US10339366B2 (en) | System and method for facial recognition | |
WO2018198036A1 (en) | Authentication system and identity management without password by single-use qr code and related method | |
KR101214839B1 (en) | Authentication method and authentication system | |
US11563740B2 (en) | Methods and systems for blocking malware attacks | |
WO2019226115A1 (en) | Method and apparatus for user authentication | |
US20200196143A1 (en) | Public key-based service authentication method and system | |
JP2022527798A (en) | Systems and methods for efficient challenge response authentication | |
CN110278084B (en) | eID establishing method, related device and system | |
SE542213C2 (en) | Method and system for creating a strong authentication for a user using a portable electronic device | |
JP6462121B2 (en) | Method for accessing services, corresponding first device, second device and system | |
US11601807B2 (en) | Mobile device authentication using different channels | |
KR100858146B1 (en) | Method for personal authentication using mobile and subscriber identify module and device thereof | |
JP7269486B2 (en) | Information processing device, information processing method and information processing program | |
CN116915493A (en) | Secure login method, device, system, computer equipment and storage medium | |
KR101595099B1 (en) | Method for providing security code service | |
KR20130078842A (en) | Recording medium, server for 2-factor authentication use of image code and one time password | |
KR102123405B1 (en) | System and method for providing security membership and login hosting service | |
KR20210011577A (en) | Apparatus and Method for Personal authentication using Sim Toolkit and Applet | |
US20230267463A1 (en) | Authenticating a transaction |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20190710 Year of fee payment: 4 |