KR101678102B1 - Method for controlling an access using an ic card reader and computer readable recording media storing program for executing method thereof - Google Patents

Method for controlling an access using an ic card reader and computer readable recording media storing program for executing method thereof Download PDF

Info

Publication number
KR101678102B1
KR101678102B1 KR1020150162252A KR20150162252A KR101678102B1 KR 101678102 B1 KR101678102 B1 KR 101678102B1 KR 1020150162252 A KR1020150162252 A KR 1020150162252A KR 20150162252 A KR20150162252 A KR 20150162252A KR 101678102 B1 KR101678102 B1 KR 101678102B1
Authority
KR
South Korea
Prior art keywords
card
card reader
reader
relay server
issuer
Prior art date
Application number
KR1020150162252A
Other languages
Korean (ko)
Inventor
문명관
김윤규
Original Assignee
주식회사 아나스타시스
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 아나스타시스 filed Critical 주식회사 아나스타시스
Priority to KR1020150162252A priority Critical patent/KR101678102B1/en
Application granted granted Critical
Publication of KR101678102B1 publication Critical patent/KR101678102B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Technology Law (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Development Economics (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention can provide a method of authenticating a legitimate user by recording a non-duplicated ID in an IC card reader to identify the IC card reader, and by comprising the ID of the IC card reader with information stored in the issuing organization of the IC card reader when the IC card reader is connected to the user terminal, and a personal authentication service by comparing the ID of the IC card reader and the card information of the IC card read out through the IC card reader with information stored in an issuing authority which issues the IC card. So, using a service provided by the issuing authority without permission can be prevented.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention [0001] The present invention relates to an access control method using an IC card reader, and a computer readable recording medium storing a program for performing the method.

The present invention relates to a method of controlling access to a server for using a specific service using an IC card reader having an ID that is not duplicated, and authentication of the user using the method. More particularly, the present invention relates to a method and system for identifying and authenticating an IC card reader and a personalization agent issuing the IC card reader using a non-overlapping ID (a random number) embedded in an IC card reader, And a computer readable recording medium on which a program for performing the method is recorded.

When using online services (online banking, personal authentication, etc.), public certificates, security cards (OTP), etc. are being used in Korea for the purpose of personal authentication. Certified certificates have been enforced by law and have been obsolete recently, but they are still used in most online services.

Plug-in is required for web browser (Internet explorer, chrome, etc.) in order to use official certificate on PC. A plug-in is an extension that helps a web browser to execute certain functions contained in a web page. The function of importing the public certificate stored in the PC and the encrypted private key, the function for digital signature, and the keyboard security function required when inputting the public certificate password (correctly, the password for decrypting the encrypted private key) You need plugins because they are functions you can not do.

  However, most web browser developers (Microsoft, Google, etc.) do not allow plug-ins (ActiveX, NPAPI, etc.) to be excluded from web browser functions due to security problems such as vulnerabilities of plug- . Such plug-ins or certificates are very inconvenient for users. Whenever a plug-in is first installed or updated, the web browser often moves to the previous screen or exits. Sometimes you even need to reboot your PC. Certified certificates are required to go to the off-line point to receive issuance, and the renewal or re-issuance process is very complicated. I need to renew my certificate every year, but I miss this period often. Then you have to go to the off-line spot again. Therefore, online services (online banking, personal authentication, etc.) that do not require a plug-in and a means to replace public certificates that require the use of plug-ins are very necessary.

  On the other hand, in order to revitalize the Fin-Tech business, the government will promote the development and expansion of online financial services, such as the abolition of the above-mentioned obligations to use official certificates, the establishment of the open platform for PINTECH, And is implementing policies for In addition, non-face-to-face blindness is allowed, and legal grounds for the establishment of an Internet professional bank that operates purely online without an off-line point have been established. Non-face-to-face blindness verification refers to identifying a user's identity online. For online banking, in order to get an official certificate and a secure card (OTP), I had to go to an off-line branch and check my face-to-face name. However, if an Internet bank is established, the blindness must also be confronted. Therefore, non-face-to-face blindness verification is essential for convenient online service.

From the viewpoint of internet use, the use of the Internet through mobile (Android, iOS, etc.) is more and more increasing than the Internet using PC (Windows, Linux, MacOS, etc.). Mobile banking and payment users are on the rise. The proportion of mobile banking users in the third quarter of 2015 is steadily increasing to 62.3% of all online banking users while PC Internet banking users are decreasing. In the case of home shopping, the proportion of mobile home shopping is also increasing compared to TV home shopping. Therefore, online service should be a service considering both mobile and PC environment.

When you use online services, you are subscribing to multiple sites, and you must register individual passwords for each site. However, since password standards are different for each site, it is common to have three or more passwords. New words such as password syndrome (stress for loss of password) and digital dementia (frequent forgetting of password) were born. Therefore, it is very important for users to use the online service with their usual password.

Online services require security features to protect sensitive information (eg passwords) transmitted online. End to end encryption in which information is transmitted encrypted from a user terminal to an institution server, and network encryption (SSL (Secure Socket Layer), etc.) in which all network communication sections are encrypted. For secure online services, these security features should be utilized.

Online, offline The most common means of banking is the card. Most financial dealers have a cash card (a card with a cash card function). Two types of cards are used: a magnetic stripe card and an integrated circuit card. Usually IC cards also contain magnetic. The magnetic card applied the principle of the magnetic tape which was widely used as the storage medium of the computer to the card. A magnetic tape is attached to one side of the card and data is recorded in a manner that changes the characteristics of the magnetic material on the surface of the tape.

However, magnetic cards have security problems that are easily duplicated. IC card is the one that came to supplement this. An IC card is a card literally equipped with an IC chip. The IC chip is easily regarded as a microcomputer. There is a processor with computation capability and a memory that can store data. Therefore, the IC card has not only the encryption operation inside, but also the ability to store the security key. In addition, since it is a hardware type, it is not duplicated like a magnetic card, so it is excellent in security. Therefore, most of today's cards are mostly IC cards equipped with IC chips.

IC cards are classified into contact type and non-contact type depending on the communication type with the reader. The contact type is a form in which a card reader and an IC chip are in contact with each other, and a non-contact type is a form in which communication is possible through wireless communication (for example, RF, NFC, etc.). There is also a hybrid (or combination) card with both contact and non-contact forms.

To use an IC card, an IC card reader is required. Various types of IC card readers exist depending on the type. It can be used as a tabletop in a store, an integrated form on a keyboard, or a USB form. The interface also has various interfaces such as USB (micro USB) interface, Lightning interface, and audio jack interface.

In view of these circumstances, there has been a way of authenticating the user or the user using an IC card which can not be duplicated with current technology, and using a financial service or a login service. However, an IC card reader is indispensable to use the IC card for user or personal authentication, but there is no system that identifies such an IC card reader and confirms that the user is a party user. Therefore, if there is only an IC card, that is, even if an IC card is illegally acquired, there is no separate security measure, and a solution is needed.

SUMMARY OF THE INVENTION The present invention has been conceived to solve the problems as described above, and it is an object of the present invention to provide an IC card reader capable of recording an ID that is not duplicated in an IC card reader so that the IC card reader can be identified, And an object of the present invention is to provide a method of authenticating whether or not a user is a legitimate user by comparing the ID of the card reader with the information stored in the personal ID of the IC card reader. That is, if the IC card reader which is not properly distributed from the personalization agent can be used without permission, it is very important to identify the IC card reader because the service provided by the personalization agent can be used without restriction.

An object of the present invention is to provide a personal authentication service by comparing the ID of the IC card reader and the card information of the IC card read out through the IC card reader with the information stored in the IC card issuer.

It is another object of the present invention to provide a recording medium on which a program capable of implementing the above-described method is stored.

Other objects, particular advantages and novel features of the present invention will become more apparent from the following detailed description and preferred embodiments, taken in conjunction with the accompanying drawings.

According to another aspect of the present invention, there is provided an access control method for an IC card which is combined with a user terminal, an IC card issuer server, and a service relay server and is read through an IC card reader connected to the user terminal Wherein the IC card is authenticated by the owner of the IC card from the card information and is thus a method for controlling access from the user terminal to the service relay server in a system for providing an IC card service, Receiving an ID of the IC card reader from a card reader; Transmitting the ID to an IC card issuer server identified by the ID of the IC card reader, wherein the IC card issuer server compares the reader user information stored in the IC card issuer server with the ID, Transmitting an authentication result of the card reader to the service relay server; The service relay server receiving an authentication result of the IC card reader from the IC card issuer server; And controlling access of the user terminal by the service relay server according to an authentication result of the IC card reader.

According to another aspect of the present invention, an ID of an IC card reader is uniquely assigned to each device and is stored unchangeably in the IC card reader, and information associated with the ID is stored in a database of the IC card issuer .

According to another aspect of the present invention, there is provided a method for controlling an IC card, the method comprising: receiving an IC card service; authenticating the IC card service; receiving the card information of the IC card read by the service relay server through an IC card reader connected to the user terminal; Wherein the service relay server transmits card information of the IC card to the issuer of the IC card, wherein the IC card issuer server authenticates the owner of the IC card from the card information of the IC card, Sent to the server; And the service relay server further performing authentication of the owner of the IC card according to the authentication result.

According to another aspect of the present invention, the step of the service relay server transmitting the card information of the IC card to the IC card issuer further includes transmitting the password information of the IC card.

According to another aspect of the present invention, there is provided a computer-readable recording medium storing a program that causes a computer processor to perform the access control method.

According to the present invention, when the IC card reader is connected to the user terminal, the ID of the IC card reader is recorded in the IC card reader so that the IC card reader can be identified, It is possible to identify the IC card reader by comparing it with the information stored in the personalization institution of the IC card reader, and further authenticate whether or not the user is a legitimate user.

In addition, by comparing the ID of the IC card reader and the card information of the IC card read out through the IC card reader with the information stored in the IC card issuer, it is possible to provide a personal authentication service which is simple and highly secure. .

1 is a system configuration diagram for implementing an access control method to a service relay server according to a preferred embodiment of the present invention,
2 is a diagram illustrating an ID structure of an IC card reader according to an embodiment of the present invention,
3 is a diagram showing a method of identifying an IC card reader according to an embodiment of the present invention,
4 is a diagram showing a method of authenticating an IC card reader according to an embodiment of the present invention,
5 is a diagram illustrating a method for implementing a personal authentication service according to an embodiment of the present invention.

Hereinafter, a preferred embodiment of a method of access control to a service relay server according to the present invention will be described in detail with reference to the accompanying drawings.

1 is a system configuration diagram for implementing an access control method to a service relay server according to a preferred embodiment of the present invention.

First, in order to implement a method of access control to a service relay server according to the present invention, a user must obtain an IC card and / or an IC card reader from an IC card issuer. When the IC card issuer issues an IC card and an IC card reader, information related to the IC card issuer is stored in a database in association with the ID of the IC card reader, such as a user name, a resident registration number and a direct debit account number.

2 illustrates the ID structure of the IC card reader. In one embodiment, the ID of the IC card reader may be a manufacturer code - an institution code - a random number. Here, the authority code means the issuing authority issuing the IC card reader. In this embodiment, since the IC card issuer issues the IC card issuer, the issuer of the IC card will be the issuer of the IC card reader. However, it should be understood that the IC card issuer and the issuer issuing the IC card reader may be different from each other. As described above, the length or the format of the ID of the IC card reader is sufficient to identify the issuing organization of the IC card reader, and the third party can determine the ID within a meaningful time. The ID of such an IC card reader is stored at the time of manufacture of the reader and can not be changed after manufacture, and is unique to each IC card reader.

Thereafter, when the IC card reader 2 is connected to the user terminal 10, the service relay server 20 transmits the ID of the IC card reader 2 connected to the user terminal 10 to the IC card issuer server 30, . The IC card issuer server 30 compares the information stored at the time of issuing the IC card reader with the ID and transmits the authentication result of the IC card reader 2 to the service relay server 20, The server 20 restricts or permits access to the service relay server of the user terminal according to the authentication result. Access control to the service relay server may be a login service to the service relay server.

Hereinafter, the process of authenticating the IC card reader and authenticating the user will be described in detail with reference to FIGS. 3 and 5. FIG.

3 and 5, since the service relay server 20 can be viewed in the form of a program (app) downloaded to a user terminal (which may be a PC or a smart phone) in the user's viewpoint, It should be noted that the service relay server is shown as a PC program (app). It should also be noted that the user terminals are not shown in Figures 3 and 4 for immediate understanding.

Fig. 3 shows an embodiment of a method for identifying an IC card reader.

The user executes an application (PC program) that uses an IC card reader and connects the IC card reader to a smart phone (PC) that has executed an application (PC program). The user clicks the button to read the reader ID from the application (PC program), and the application (PC program) reads the reader ID stored in the IC card reader. However, there is no button to read the reader ID according to the application (PC program) purpose, and the reader ID can be read automatically when the IC card reader is connected.

Fig. 4 shows an embodiment of a method for authenticating an IC card reader.

The user reads the reader ID from the application (PC program) through the method shown in Fig. If the reader ID does not exist, or if the reader ID format does not match, it is assumed that the reader (PC program) fails to authenticate the reader. The application (PC program) interprets the reader ID and identifies the issuer of the IC card reader. As can be seen from the reader ID structure shown in Fig. 2, since the ID includes the authority code, the issuing authority of the IC card reader can be identified through the authority code. As described above, in this embodiment, since the IC card reader issuing organization and the IC card issuing company are the same, the following description is referred to as an IC card issuing party. The application (PC program) transmits the reader ID to the identified IC card issuer server. The IC card issuer server retrieves the reader ID transmitted from the application (PC program) in the reader user information database and transmits the reader authentication result to the application (PC program). The application (PC program) communicates with the reader if the authentication result received from the IC card issuer server is successful, and does not communicate with the reader if the authentication result is not successful. If the IC card reader is not authenticated, it means that the user can not use the application (PC program), which is similar to the login function of the application (PC program). That is, if the IC card reader is not authenticated, the user will not be able to use a service such as a personal authentication provided by the above-mentioned application (PC program).

By authenticating that the IC card reader is a legitimately issued reader from the institution and using the application (program) according to the result of the authentication, it is possible to authenticate a legitimate user without a separate ID and password, Service can be provided.

According to the present embodiment, it is authenticated that the reader is a legitimately issued reader by using the unique ID stored in the IC card reader, and the application (program) can be used according to the result of the authentication. However, In the case of a telephone, the reader can be authenticated by using the telephone number of the portable telephone in conjunction with the reader ID of the IC card reader. In this case, when the IC card issuer issues the IC card and the IC card reader, the telephone number of the portable telephone of the user must be stored in a database in association with the ID of the IC card reader.

FIG. 5 shows an embodiment of a method for using a personal authentication service after authentication of an IC card reader is completed.

When the IC card reader is authenticated, the application (PC program) receives the financial institution code and the account number of the cash card inserted in the reader, checks whether the IC card issuer identified from the reader ID matches the financial institution code read from the cash card Compare. If they do not match, your identity is no longer valid and your identity can not be verified. The user enters a cash card password, usually four digits of the password. The application (PC program) transmits the account number read from the cash card and the hash value of the encrypted account to the IC card issuer server, and the IC card issuer server transmits the account number read from the application (PC program) Verifies the account password hash value, and transmits the result to the app (PC program). This verification result is the result of the authentication of the user. Further, when the user is authenticated, additional financial services can be used.

Such authentication services can be utilized in various fields and at various stages. For example, when authentication is required at the time of subscription to a specific site, the user performs authentication of the user through the IC card issuer at the service relay server with the IC card and the IC card reader, and provides the result to the specific site, Can be used. These services can be efficiently used in various fields as well as finance.

Meanwhile, an access control method according to the present invention includes a computer-readable medium including program instructions for performing a computer-implemented operation. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The media may be program instructions that are specially designed and constructed for the present invention or may be available to those skilled in the art of computer software.

Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape; optical media such as CD-ROMs and DVDs; magnetic media such as floppy disks; Magneto-optical media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. The medium may be a transmission medium such as an optical or metal line, a wave guide, or the like, including a carrier wave for transmitting a signal designating a program command, a data structure, or the like. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like.

The embodiments of the present invention described above and shown in the drawings should not be construed as limiting the technical idea of the present invention. The scope of protection of the present invention is limited only by the matters described in the claims, and those skilled in the art will be able to modify the technical idea of the present invention in various forms. Accordingly, such improvements and modifications will fall within the scope of the present invention as long as they are obvious to those skilled in the art.

According to the present invention as described above, the non-duplicated ID is recorded in the IC card reader so as to identify the IC card reader, so that when the IC card reader is connected to the user terminal, the ID of the IC card reader is issued The ID of the IC card reader and the card information of the IC card read out through the IC card reader are transmitted to the IC card reader through the IC card reader, Card authentication service by providing the authentication service compared with the information stored in the card issuer, it is possible to effectively apply the authentication service to a variety of online services because it can provide a simple and highly secure authentication service.

Claims (4)

The user terminal, the IC card issuer server, and the service relay server are combined to authenticate the owner of the IC card from the card information of the IC card read out through the IC card reader connected to the user terminal, A method for controlling access from a user terminal to a service relay server in a system for providing an access control method,
Receiving an ID of the IC card reader from the IC card reader in the service relay server;
Transmitting the ID to an IC card issuer server identified by the ID of the IC card reader, wherein the IC card issuer server compares the reader user information stored in the IC card issuer server with the ID, Transmitting an authentication result of the card reader to the service relay server;
The service relay server receiving an authentication result of the IC card reader from the IC card issuer server; And
And controlling access of the user terminal by the service relay server according to an authentication result of the IC card reader,
Wherein the ID of the IC card reader is uniquely assigned to each device and is unchangeably stored in the IC card reader, the information associated with the ID is stored in a database of the IC card issuer,
And the IC card issuer can be identified by the ID of the IC card reader. The method according to claim 1,
The IC card service is an identity authentication,
Receiving the card information of the IC card read by the service relay server through an IC card reader connected to the user terminal;
Wherein the service relay server transmits card information of the IC card to the issuer of the IC card, wherein the IC card issuer server authenticates the owner of the IC card from the card information of the IC card, Sent to the server; And
And the service relay server further performs authentication of the owner of the IC card according to the authentication result. 3. The method of claim 2,
Wherein the step of transmitting the card information of the IC card to the IC card issuer by the service relay server further comprises transmitting the password information of the IC card. A computer readable medium having stored thereon a program for causing a computer processor to perform the method of any one of claims 1 to 3.
KR1020150162252A 2015-11-19 2015-11-19 Method for controlling an access using an ic card reader and computer readable recording media storing program for executing method thereof KR101678102B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150162252A KR101678102B1 (en) 2015-11-19 2015-11-19 Method for controlling an access using an ic card reader and computer readable recording media storing program for executing method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150162252A KR101678102B1 (en) 2015-11-19 2015-11-19 Method for controlling an access using an ic card reader and computer readable recording media storing program for executing method thereof

Publications (1)

Publication Number Publication Date
KR101678102B1 true KR101678102B1 (en) 2016-11-23

Family

ID=57541327

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150162252A KR101678102B1 (en) 2015-11-19 2015-11-19 Method for controlling an access using an ic card reader and computer readable recording media storing program for executing method thereof

Country Status (1)

Country Link
KR (1) KR101678102B1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006235731A (en) * 2005-02-22 2006-09-07 Ricoh Co Ltd Authentication system
KR101393720B1 (en) * 2011-08-30 2014-05-13 주식회사 티비허브 Smart payment system and method of non-facing transaction using terminal identification
KR20150077379A (en) * 2014-12-30 2015-07-07 주식회사 씽크풀 Method for authentication using user apparatus, digital system, and authentication system thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006235731A (en) * 2005-02-22 2006-09-07 Ricoh Co Ltd Authentication system
KR101393720B1 (en) * 2011-08-30 2014-05-13 주식회사 티비허브 Smart payment system and method of non-facing transaction using terminal identification
KR20150077379A (en) * 2014-12-30 2015-07-07 주식회사 씽크풀 Method for authentication using user apparatus, digital system, and authentication system thereof

Similar Documents

Publication Publication Date Title
US12022282B2 (en) Anonymous authentication and remote wireless token access
US11218480B2 (en) Authenticator centralization and protection based on authenticator type and authentication policy
US20210226798A1 (en) Authentication in ubiquitous environment
CN110249586B (en) Method for securely storing sensitive data on a smart card and smart card
US10432620B2 (en) Biometric authentication
US20150199673A1 (en) Method and system for secure password entry
US20160155123A1 (en) System and method for user authentication by using a physical financial card and mobile communication terminal
KR101724401B1 (en) Certification System for Using Biometrics and Certification Method for Using Key Sharing and Recording medium Storing a Program to Implement the Method
KR101125088B1 (en) System and Method for Authenticating User, Server for Authenticating User and Recording Medium
CN101714216B (en) Semiconductor element, biometric authentication method, biometric authentication system and mobile terminal
KR20170133307A (en) Online financial transactions, identity authentication system and method using real cards
KR101607935B1 (en) System for paying mobile using finger scan and method therefor
Alhothaily et al. A novel verification method for payment card systems
Yu et al. Security issues of in-store mobile payment
KR101550825B1 (en) Method for credit card payment using mobile
CN106156549B (en) application program authorization processing method and device
KR102348823B1 (en) System and Method for Identification Based on Finanace Card Possessed by User
KR102122555B1 (en) System and Method for Identification Based on Finanace Card Possessed by User
WO2015107346A1 (en) Authentication method and system
KR101678102B1 (en) Method for controlling an access using an ic card reader and computer readable recording media storing program for executing method thereof
Huizinga et al. Using NFC enabled Android devices to attack RFID systems
KR20150142773A (en) One time password certifacation system and method
KR20200103615A (en) System and Method for Identification Based on Finanace Card Possessed by User
KR20180041481A (en) Method for Identification and Certification using Electronic Identification

Legal Events

Date Code Title Description
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20191115

Year of fee payment: 4