KR101740574B1 - Certification method using autograph of confirmor and fintech system - Google Patents

Certification method using autograph of confirmor and fintech system Download PDF

Info

Publication number
KR101740574B1
KR101740574B1 KR1020160017955A KR20160017955A KR101740574B1 KR 101740574 B1 KR101740574 B1 KR 101740574B1 KR 1020160017955 A KR1020160017955 A KR 1020160017955A KR 20160017955 A KR20160017955 A KR 20160017955A KR 101740574 B1 KR101740574 B1 KR 101740574B1
Authority
KR
South Korea
Prior art keywords
terminal
signature
authentication
resolver
requestor
Prior art date
Application number
KR1020160017955A
Other languages
Korean (ko)
Inventor
김우섭
Original Assignee
주식회사 피노텍
김우섭
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 피노텍, 김우섭 filed Critical 주식회사 피노텍
Priority to KR1020160017955A priority Critical patent/KR101740574B1/en
Application granted granted Critical
Publication of KR101740574B1 publication Critical patent/KR101740574B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/40User authentication by quorum, i.e. whereby two or more security principals are required
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/313User authentication using a call-back technique via a telephone network
    • G06K9/00154
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/16Communication-related supplementary services, e.g. call-transfer or call-hold

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Collating Specific Patterns (AREA)

Abstract

A personal authentication method and system using a handwritten signature of an authenticator are disclosed. A personal authentication method performed by a signature authentication server according to an aspect of the present invention includes: receiving a personal authentication request including an input handwritten signature from a requestor terminal; Performing a first authentication by comparing an input handwritten signature with a previously stored registered handwritten signature; Requesting an authenticator signature for the second authentication to the resolver terminal corresponding to the requestor terminal if the first authentication is successful; Receiving an identifier signature according to a handwritten signature from a verifier terminal that has received a handwritten signature of the user; And performing a second authentication using the resolver signature.

Description

[0001] The present invention relates to a personal authentication method using a handwritten signature of a verifier,

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to personal authentication, and more particularly, to a personal authentication method using a handwritten signature by a handwritten person at the time of personal authentication using a mobile and a pin tech system utilizing the same.

Financial institutions are performing personal authentication procedures in order to manage individual assets safely. Especially, financial transactions using online are being activated, and online certification is becoming more important. There are a variety of authentication methods that have been proposed so far. In the simplest case, there is an authentication method using a preset password. In recent years, authentication methods using biometrics have also been attempted to enhance security in financial institutions and the like.

In biometrics, fingerprint recognition is an authentication method that extracts different fingerprint information for each individual and informs them. Face recognition analyzes the symmetrical composition of face, appearance, color of eyes, movement of facial muscles, The iris recognition is a technique of recognizing a person by using iris information of the eye having the characteristic unique to each person. The vein recognition is a technique of recognizing a person using the blood vessel pattern of the palm, the hand, Is a recognition technique that identifies the user.

Biometric technology is a technology that identifies the identity of a body part such as fingerprint, face, iris, and fingerprint, and verifies whether or not the person is a biometrics technology. The voices, handwriting, body shape, gait, .

Biometrics technology is used in a wide range of fields, from automotive, telecommunications, security and healthcare to corporate marketing and the public sector. The utilization in the financial industry was relatively low. However, recently, many problems related to the official certificate and Active-X have been raised in Korea, and interest in utilization of biometric technology such as handwritten signature It is a situation.

However, in the financial industry, it is still necessary for the minors or persons with disabilities to have a financial transaction restriction only by the personal handwritten signature, and the verification procedure by the verifier is necessary.

Korean Patent Publication No. 10-2005-0041132 (public date May 4, 2005) - System and method for identification using biometric information

SUMMARY OF THE INVENTION Accordingly, the present invention has been made keeping in mind the above problems occurring in the prior art, and it is an object of the present invention to provide a personal authentication method and system using an autograph of a verifier together for authentication processing for an individual requiring identification of the verifier such as a minor or a disabled person will be.

Other objects of the present invention will become more apparent through the following preferred embodiments.

According to an aspect of the present invention, there is provided a personal authentication method performed by a signature authentication server, comprising: receiving a personal authentication request including an input handwritten signature from a requestor terminal; Performing a first authentication by comparing the input handwritten signature with a previously stored registered handwritten signature; Requesting an authenticator signature for the second authentication to the resolver terminal corresponding to the requestor terminal if the first authentication is successful; Receiving an identifier signature according to the handwritten signature from the resolver terminal that has received the handwritten signature of the user; And performing a second authentication using the signature of the resolver. The personal authentication method using the handwritten signature of the verifier is provided.

Here, when requesting the resolver signature, the caller can mediate a telephone call connection between the resolver terminal and the requestor terminal.

In addition, the confirmation terminal provides the authentication object information performed by the requestor terminal to the resolver terminal, and the resolver terminal can output the authentication object information by replacing the ringback tone upon connection of the call between the requestor terminals.

Also, if the first authentication is successful, the request information may be provided to the requestor terminal, and the password information may be used when performing the second authentication.

Also, the resolver terminal may receive the resolver signature in a state where the encryption information is used as an encryption key, decrypt the signature of the resolver using the encryption information as a decryption key, and use the decrypted signature for the second authentication.

In addition, a message requesting the resolver signature may be encrypted with the encryption information so that the resolver terminal outputs an interface for receiving the handwritten signature only when the encryption information is input, and may transmit the message to the resolver terminal.

According to another aspect of the present invention, there is provided a requestor terminal for generating an input handwritten signature using a handwritten signature of an input user; An analyzer terminal corresponding to the requestor terminal and generating an identifier signature using the handwritten signature of the input user; And a second authentication step of performing a first authentication by comparing the input handwritten signature with a previously stored registered handwritten signature from the requestor terminal, receiving the identifier signature from the resolver terminal when the first authentication is successful, There is provided a personal authentication system using a handwritten signature of an authenticator including a signature authentication server for performing a signature authentication.

Here, when the signature authentication server requests the resolver's signature to the resolver's terminal, the sign authenticating server can mediate a telephone call connection between the resolver's terminal and the requestor's terminal.

In addition, the signature authentication server may provide the encryption information to the requestor terminal if the first authentication is successful, and use the encryption information when performing the second authentication.

Also, the requestor terminal may be a terminal device of a minor or a disabled member, and the resolver terminal may be a terminal device of the minor or a guardian of a disabled person.

Also, the requestor terminal and the resolver terminal may be terminal devices of an enterprise member managed by the signature authentication server, the requestor terminal may be a terminal of a staff member, and the resolver terminal may be a terminal of a binding member.

According to the present invention, by verifying the handwritten signature of the verifier through the mobile, it is possible to perform the personal authentication through the handwritten signature even for the person who needs confirmation of the verifier such as the minor or the disabled person.

Brief Description of the Drawings Fig. 1 is a block diagram showing a personal authentication system using a handwritten signature of a verifier according to an embodiment of the present invention; Fig.
FIG. 2 is a flowchart illustrating a personal authentication service registration procedure performed by a signature authentication server according to an embodiment of the present invention; FIG.
3 is a flowchart illustrating a personal authentication process performed by a signature authentication server according to an exemplary embodiment of the present invention.
4 is a flowchart illustrating a personal authentication process using cryptographic information performed in a signature authentication server according to an embodiment of the present invention.
5 is a diagram illustrating a configuration of comparison modules included in an authentication unit of a signature authentication server;
6 is a diagram showing an example of a comparison item and a determination result;

While the invention is susceptible to various modifications and alternative forms, specific embodiments thereof are shown by way of example in the drawings and will herein be described in detail. It is to be understood, however, that the invention is not to be limited to the specific embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention.

It is to be understood that when an element is referred to as being "connected" or "connected" to another element, it may be directly connected or connected to the other element, . On the other hand, when an element is referred to as being "directly connected" or "directly connected" to another element, it should be understood that there are no other elements in between.

The terms first, second, etc. may be used to describe various components, but the components should not be limited by the terms. The terms are used only for the purpose of distinguishing one component from another. For example, terms such as a first threshold value, a second threshold value, and the like which will be described later may be previously designated with threshold values that are substantially different from each other or some of which are the same value, Because there is room, the terms such as the first and the second are to be mentioned for convenience of division.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise. In this specification, the terms "comprises" or "having" and the like refer to the presence of stated features, integers, steps, operations, elements, components, or combinations thereof, But do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, or combinations thereof.

It is to be understood that the components of the embodiments described with reference to the drawings are not limited to the embodiments and may be embodied in other embodiments without departing from the spirit of the invention. It is to be understood that although the description is omitted, multiple embodiments may be implemented again in one integrated embodiment.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Reference will now be made in detail to the preferred embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like reference numerals refer to the like elements throughout. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the following description, well-known functions or constructions are not described in detail since they would obscure the invention in unnecessary detail.

1 is a block diagram illustrating a personal authentication system using a handwritten signature of a verifier according to an embodiment of the present invention.

The personal authentication system according to the present embodiment is a system for performing personal authentication by using a handwritten signature as authentication information capable of replacing biometric information, and can be used in fields of access, security, authentication, payment, and the like.

Referring to FIG. 1, the personal authentication system according to the present embodiment includes a signature authentication server 100, a requestor terminal 200, and a resolver terminal 300.

The signature authentication server 100 receives and registers a handwritten signature for authentication from a user requesting authentication (hereinafter referred to as a requestor), and then transmits the handwritten signature to the signature authentication server 100 via the terminal (the requestor terminal 200 or the verifier terminal 300) If entered, the authentication is performed according to the degree of similarity compared with the registered handwritten signature.

The requestor terminal 200 is a person for requesting authentication by himself or herself for attaining a predetermined purpose (for example, entrance or exit to a specified place, login to a web site, financial transaction (including payment), etc.) It is a terminal which can confirm.

The resolver terminal 300 performs authentication using the handwritten signature to the signature authentication server 100 as a terminal for confirmation of the verifier when performing the personal authentication of the supplicant (i.e., the user of the supplicant terminal 200).

The requestor terminal 200 and the resolver terminal 300 according to the present invention are used in various forms. According to an example, in some cases such as a minor or a disabled person, the consent or confirmation of the guardian is required in financial transactions, A minor or disabled person is the requestor, and the same guardian as the parent is identified. In other words, the requestor terminal 200 is a terminal device of a minor or a disabled member, and the resolver terminal 300 is a terminal device used by the minor or guardian of the disabled.

According to another example, when a company performs a financial transaction or the like, the accounting person can become the requester, and the person having the actual accounting right, such as the CEO, can become the verifier. Accordingly, the accounting person requests the authentication for the financial transaction or the like by using the requestor terminal, and the verifier performs the verification process according to the authentication using the verifier terminal 300. In other words, the requestor terminal 200 and the resolver terminal 300 are terminal devices of an enterprise member managed by the signature authentication server 100, the requestor terminal 200 is a terminal of an employee member (for example, a salesperson) The resolver terminal 300 is a terminal of a resolver member (for example, a representative director, etc.).

The authentication procedure performed at the requestor terminal and the verifier terminal will be described in more detail below.

The requestor terminal 200 and the resolver terminal 300 are provided with signature input units 210 and 310 for receiving a signature by handwriting and a handwritten signature generator 220 for generating an electronic signature , And a communication unit (230, 330) for communicating with the signature authentication server (100) and transmitting a handwritten signature.

The handwritten signature generators 220 and 320 may use their own images according to the handwritten signature as the handwritten signature, but may use the feature information of the signature extracted from the image itself for security enhancement. Time information on which a signature is input, and thickness information of the handwriting may be used as information on the handwritten signature. This will be described later with reference to the related drawings (Figs. 5 and 6).

The signature authentication server 100 includes a terminal registration unit 110, a signature registration unit 120, a password generation unit 130, and an authentication unit 140.

The terminal registration unit 110 registers terminal information for the requestor terminal 200 and the resolver terminal 300. For example, terminal identification information of at least one of a telephone number and a terminal ID may be registered in association with user information .

The signature registration unit 120 registers a handwritten signature to be used by the user. The handwritten signature is generated according to a handwritten signature inputted through the touch screen provided on the screen of the requestor terminal 200 or the resolver terminal 300 It is electronic information.

The signature registration unit 120 not only has a shape of the signature itself but also has a shape such as a line flow, a line shape, a contact count and / or a contact position, an acceleration, a size and a ratio of a signature, a slope, The data relating to the signature attribute such as the touch pressure, the thickness of the line, and the like can be registered together. The authentication method using the information will be described in detail with reference to the related drawings (Figs. 5 and 6).

2 is a flowchart illustrating a personal authentication service registration procedure performed by the signature authentication server 100 according to an embodiment of the present invention.

Referring to FIG. 2, a user who registers a terminal to be used with the handwritten signature basically subscribes to the personal authentication service provided by the signature authentication server 100 (S210).

The terminal registration unit 110 of the signature authentication server 100 registers the terminal information for the requestor terminal 200 and the resolver terminal 300 and the signature registration unit 120 registers the handwritten signature at steps S410 and S420. Basically, personal authentication uses a handwritten signature, and the registered terminal information can be used as information for recognizing who the user is.

1, the cryptographic unit 130 generates cryptographic information for use in the authentication process using the handwritten signature of the verifier received from the resolver terminal 300. The generated cryptographic information is transmitted to the requestor terminal 200, Lt; / RTI > The processing method will be described later in detail with reference to the related drawing (FIG. 4).

When the user inputs a handwritten signature using a terminal for a predetermined purpose (for example, entrance or exit to a specified place, login to a web site, financial transaction (including payment), etc.) It is determined whether or not the signature is identical to a registered handwritten signature registered in advance or similar to a predetermined reference value or more, thereby confirming whether or not the user is a person. Here, the method of determining the degree of similarity between the input handwritten signature and the registered handwritten signature will be described later with reference to related drawings (Figs. 5 and 6).

In particular, the authentication unit 140 performs the first authentication using the handwritten signature from the requestor terminal 200, and performs the second authentication using the handwritten signature from the resolver terminal 300 when the first authentication is successful In addition, after the second authentication is successfully completed, the personal authentication is finally processed.

Hereinafter, a personal authentication processing method using resolver authentication will be described in detail with reference to the drawings.

3 is a flowchart illustrating a personal authentication process performed by the signature authentication server 100 according to an exemplary embodiment of the present invention.

Referring to FIG. 3, when the signature authentication server 100 receives a personal authentication request including an input handwritten signature from the requestor terminal 200 (S310), the signature authentication server 100 compares the received input handwritten signature with the pre- Primary authentication is performed (S320).

That is, the first authentication is performed by receiving a handwritten signature, which is electronic information according to a signature input by handwriting, to a user (i.e., a requester) who has to perform authentication for identity verification, and performs authentication processing.

Upon successful completion of the first authentication, a handwritten signature of an authenticator for the second authentication is requested and acquired by the resolver terminal 300 previously registered so as to correspond to the requestor terminal 200 (S340). At this time, The intermediary of telephone conversation between the terminal 200 and the resolver terminal 300 may be prioritized (S330).

From the perspective of the resolver, it may be necessary to verify that the requestor is actually performing normal personal authentication. For example, when a requester wants to process a financial settlement, the verifier needs to verify that the requestor wants to process the actual financial settlement by telephone. To this end, the signature authentication server 100 identifies the telephone number as the terminal information of the registered requester and the resolver terminal 300, and mediates the telephone conversation between the two terminals. According to an example, when using a telephone network such as a mobile communication network, the signature authentication server 100 transmits an authentication program (a signature authentication process) installed in the terminal in order to make a telephone call from the requestor terminal 200 to the resolver terminal 300 or vice versa, (Which may be a program provided and installed in the server 100) to control the corresponding authentication program so that a telephone call is made to a specific telephone number. According to another example, when the data network provided in the mobile communication network or the Internet network is used, the signature authentication server 100 controls the above-described authentication program installed in each terminal (the requestor terminal 200 and the resolver terminal 300) So that a telephone conversation by data communication between the two terminals can be performed.

According to the present embodiment, the verifier terminal 300 inputs a signature by handwriting to the verifier terminal 300 by verifying the authentication attempt of the requester by performing a telephone call, so that the verifier terminal 300 generates a handwritten signature based on the inputted signature, To the server (100).

According to an example, the signature authentication server 100 can provide the authentication object information, which is related information such as an object for performing a personal authentication, to the resolver terminal 300. For example, when the requester desires to perform financial settlement, the requester terminal 300 is provided with the authentication object information on the payment purpose, the payment destination, and the payment amount, to the resolver terminal 300. In addition, the authentication object information may be provided as sound source information output through a speaker or the like. The authentication target information may be output by replacing the ring back tone output from the resolver terminal 300 when a telephone call is established between the requestor terminal 200 and the resolver terminal 300. [ Therefore, the verifier hears the purpose of the requesting party performing the authentication before the call connection with the requestor.

The signature authentication server 100 performs the second authentication using the signature of the resolver, which is the handwritten signature received from the resolver terminal 300 (S350).

In order to allow more secure authentication even if the signature authentication server 100 mediates a telephone call between the supplicant and the verifier, as described above, according to an example, the signature authentication server 100 uses the cryptographic information to perform the second authentication .

4 is a flowchart illustrating a personal authentication process using encryption information performed in the signature authentication server 100 according to an embodiment of the present invention.

Referring to FIG. 4, if the first authentication is successful, the signature authentication server 100 generates and stores password information and provides password information to the requestor (S410). The password information may be, for example, a password.

The verifier must receive password information from the requester using a text message or telephone call for the second authentication. The resolver terminal 300 receives the handwritten signature from the user (that is, the verifier) and receives the password information transmitted from the requestor. Then, the resolver terminal 300 encrypts the handwritten signature according to the signature of the inputted user and transmits the encrypted signature to the signature authentication server 100, using the encrypted information input as the encryption key when encrypting.

Accordingly, the signature authentication server 100 receives the identifier signature encrypted with the encryption information from the identifier terminal 300 (S420), and decrypts the received identifier signature using the previously stored encryption information as a decryption key (S430). If the password information entered by the verifier is the same as the password information generated in S410, the decryption will succeed. If the signature authentication server 100 succeeds in the demodulation, the signature authentication server 100 performs the second authentication using the decrypted signature of the resolver (S440). Of course, if the decryption is failed because the two pieces of cryptographic information are different from each other, the second authentication can not be performed and the individual authentication of the requestor can also be failed.

According to the present embodiment, since the verifier terminal 300 encrypts the handwritten signature and transmits it to the signature authentication server 100, it is possible to prevent security incidents due to data leakage on the communication, The call between the verifier and the requester must be performed.

In the present embodiment, the cryptographic information is used as a cryptographic key and decryption key according to the encryption of the handwritten signature. However, according to another embodiment, the cryptographic information may be used as information for controlling the interface for inputting the signature of the resolver terminal 300 have.

For example, the resolver terminal 300 outputs an interface capable of inputting a signature by handwriting only when the same information as the encryption information generated in S410 is input. This processing can be performed by the authentication program installed in the resolver terminal 300 by itself. According to another example, the signature authentication server 100 encrypts a message for requesting an identifier signature with the password information and transmits the message to the verifier terminal 300. The verifier terminal 300 normally verifies the message only when the same password information is input And outputs an interface for inputting a signature.

FIG. 5 is a diagram illustrating a configuration of comparison modules included in the authentication unit 140 of the signature authentication server 100, and FIG. 6 is a diagram illustrating an example of a comparison item and a determination result.

The authentication unit 140 of the signature authentication server 100 described above compares the input handwritten signature with the registered handwritten signature to determine the similarity.

The authentication unit 140 may include a flow comparison module 710, a shape comparison module 720, and a shape comparison module 710. The flow comparison module 710 may determine whether the input handwritten signature and the registered handwritten signature are similar to each other, A contact comparison module 730, an acceleration / speed comparison module 740, a horizontal size comparison module 750, a vertical size comparison module 760, a ratio comparison module 770, a slope comparison module 780, (790), and a coordinate comparison module (800).

The authentication unit 140 may add the comparison item according to the development of the hardware and software in order to minimize the error rate of the signature comparison.

The flow comparison module 710 sees the direction of movement of the touching means as a flow of lines contained in the signature when a signature is input and compares the similarity of the flow with respect to the registered handwritten signature and the input handwritten signature.

The shape comparison module 720 segments the input signature into strokes, sees the movement distance of the stroke at the end of the stroke as a line shape, and compares the similarity of shapes with respect to the registered handwritten signature and the input handwritten signature.

The contact comparison module 730 may compare the similarity with information about the number of times and / or the position at which the touch means contacts the touch screen of the terminal while the signature is being input. For example, the number of times the touching means touches (or the number of times of falling from the screen) and the position of contact (coordinates) during the signature are included as the contact information.

When the signature is input, the acceleration / speed comparison module 740 regards the instantaneous movement speed of the touch means as speed information (acceleration or speed) for a predetermined time period, .

The horizontal size comparison module 750 compares the similarity of horizontal size among the total images of each signature with respect to the registered handwritten signature and the input handwritten signature.

The vertical size comparison module 760 compares the vertical size similarity among the entire images of each signature with respect to the registered handwritten signature and the input handwritten signature.

The ratio comparison module 770 compares the similarity of the registered handwritten signature and the input handwritten signature with respect to the ratio of the horizontal and vertical length of the entire image of each signature.

The slope comparison module 780 views the degree of inclination of the signature input section 110 when inputting a signature as a device slope, and compares the slope with respect to the registered homepage signature and the input homepage signature.

The pressure comparison module 790 compares the user's touch pressure measured while the signature is input by the signature input unit 110 with respect to the registered handwritten signature and the input handwritten signature when the signature is input. In this case, the touch pressure may be replaced by the thickness of the line for the signature.

The coordinate comparison module 800 compares the error value of the positional information of the coordinate according to the flow of the line when the signature is input.

Each comparison module makes a pass (PASS) or a non-pass (PASS) decision whether or not the comparison item exceeds a preset similarity level.

The level of similarity may be set the same for each comparison module or may be set differently for each comparison module. For example, the similarity level for each comparison item is set to be equal to 30% in FIG. 3 (a), but this is only one embodiment, and the degree of similarity can be changed together or independently as needed . For example, in order to increase the reliability of identity verification, the level of similarity of individual comparison items may be set high.

The comparison modules operate independently of each other, and the comparison result in any one module does not affect other comparison modules.

The authenticating unit 140 determines authenticity of the signature based on the result of the similarity determination for each comparison item (signature attribute) determined in each comparison module. According to the determination result, whether or not the user who has performed the signature can be determined.

The similarity determination result of the comparison item can be used in parallel when determining whether the signature is true or false. For example, most comparator modules have high similarity. However, when a comparison module has a low similarity lower than that of a comparator module, it may be regarded as having similarity when it is averaged. However, It is determined that they are different from each other based on the parallel processing technique.

For example, as shown in FIG. 3 (b), when a pass determination is made for all comparison items, the authenticity determining unit 130 determines that the input handwritten signature is the same as the registered handwritten signature, . In this case, the user who performed the signature will be verified as correct.

3 (c), when the non-pass determination is made with respect to some comparison items (the "line shape" item in FIG. 3 (c)), the authentication unit 140 determines that the input self- It can be determined that the signature is different from the signature and is not a signature by the true user. In this case, the user who performed the signature will be considered to be not himself.

In determining whether the signature is true or false, only a part of the plurality of comparison modules may be selectively activated and applied. In this case, it is judged that the signature is true only when the pass judgment is made for all the comparison items corresponding to the selected comparison module, and if the non-pass judgment is made even for one item, the signature fails to be authenticated .

According to this embodiment, it is impossible to satisfy the degree of similarity for all of the subdivided comparison items in the process of mimicking the signature by the other person, so that it can have high reliability.

The above-described personal authentication method according to the present invention can be implemented as a computer-readable code on a computer-readable recording medium. The computer-readable recording medium includes all kinds of recording media storing data that can be decoded by a computer system. For example, it may be a ROM (Read Only Memory), a RAM (Random Access Memory), a magnetic tape, a magnetic disk, a flash memory, an optical data storage device, or the like. In addition, the computer-readable recording medium may be distributed and executed in a computer system connected to a computer network, and may be stored and executed as a code readable in a distributed manner.

It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the invention as defined in the appended claims. It will be understood that various modifications and changes may be made.

100: Signature authentication server 110:
120: signature registration unit 130:
140: authentication unit 200: requestor terminal
300: resolver terminal 210, 310: signature input unit
220, 320: a handwritten signature generator 230, 330:

Claims (11)

A personal authentication method performed by a signature authentication server,
Receiving an input autograph signature from a requestor terminal of a requestor requesting authentication;
Performing a first authentication by comparing the input handwritten signature with a previously stored registered handwritten signature;
If the first authentication is successful, providing password information to the requestor terminal and mediating a telephone call between the resolver terminal of the verifier and the requestor terminal set to correspond to the requestor;
Requesting a verifier's handwritten signature for a second authentication to the resolver terminal;
Receiving an identifier signature according to the handwritten signature from the resolver terminal having received the handwritten signature of the identifier; And
And performing a secondary authentication including whether or not the resolver signature is encrypted using the encryption information.
delete The method according to claim 1,
Providing the authentication object information performed by the requestor terminal to the resolver terminal,
Wherein the resolver terminal replaces the ring back tone upon call connection between the requestor terminal and outputs the authentication target information as a sound source.
delete delete The method according to claim 1,
Wherein the verification terminal encrypts a message requesting the verification person's signature with the encryption information so as to output to the verifier's terminal an output of an interface for receiving the written signature only when the verification person's terminal inputs the encryption information, Personal authentication method using signature.
A requestor terminal for generating an input handwritten signature using the handwritten signature input from the requestor;
A resolver terminal for generating a resolver signature using the handwritten signature of the resolver corresponding to the requestor; And
Wherein the authenticator receives the input handwritten signature from the supplicant terminal and compares the input handwritten signature with a previously stored registered handwritten signature to perform first authentication and provides the encryption information to the requestor terminal if the first authentication is successful, And a signature authentication server for performing a second authentication including an authentication of whether the signature of the resolver received from the resolver terminal is encrypted using the encryption information, Personal authentication system.
delete delete 8. The method of claim 7,
Wherein the requestor terminal is a terminal device of a minor or a disabled member, and the resolver terminal is a terminal device of a guardian of the minor or a disabled person.
8. The method of claim 7,
Wherein the requestor terminal and the resolver terminal are terminal devices of an enterprise member managed by the signature authentication server, the requestor terminal is a terminal of a staff member, and the resolver terminal is a terminal of a resolver member. Authentication system.
KR1020160017955A 2016-02-16 2016-02-16 Certification method using autograph of confirmor and fintech system KR101740574B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020160017955A KR101740574B1 (en) 2016-02-16 2016-02-16 Certification method using autograph of confirmor and fintech system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020160017955A KR101740574B1 (en) 2016-02-16 2016-02-16 Certification method using autograph of confirmor and fintech system

Publications (1)

Publication Number Publication Date
KR101740574B1 true KR101740574B1 (en) 2017-05-26

Family

ID=59051765

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020160017955A KR101740574B1 (en) 2016-02-16 2016-02-16 Certification method using autograph of confirmor and fintech system

Country Status (1)

Country Link
KR (1) KR101740574B1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113010924A (en) * 2021-03-16 2021-06-22 侯燕星 Safe anti-counterfeiting system suitable for sensing layer of Internet of things
KR20210118845A (en) * 2019-01-21 2021-10-01 비트데펜더 아이피알 매니지먼트 엘티디 Parental Control Systems and Methods for Detecting Disclosure of Confidential Information
WO2022065792A1 (en) * 2020-09-24 2022-03-31 삼성전자(주) Electronic device and control method thereof

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101229407B1 (en) * 2011-09-14 2013-02-05 (주)이삭랜드코리아 Electronic certification payment method and system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101229407B1 (en) * 2011-09-14 2013-02-05 (주)이삭랜드코리아 Electronic certification payment method and system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20210118845A (en) * 2019-01-21 2021-10-01 비트데펜더 아이피알 매니지먼트 엘티디 Parental Control Systems and Methods for Detecting Disclosure of Confidential Information
KR102413587B1 (en) * 2019-01-21 2022-06-28 비트데펜더 아이피알 매니지먼트 엘티디 Parental Control Systems and Methods for Detecting Disclosure of Confidential Information
WO2022065792A1 (en) * 2020-09-24 2022-03-31 삼성전자(주) Electronic device and control method thereof
US12026246B2 (en) 2020-09-24 2024-07-02 Samsung Electronics Co., Ltd. Electronic apparatus and method of controlling the same
CN113010924A (en) * 2021-03-16 2021-06-22 侯燕星 Safe anti-counterfeiting system suitable for sensing layer of Internet of things

Similar Documents

Publication Publication Date Title
US11310058B2 (en) Methods for digitally signing an electronic file and authentication method
US12113792B2 (en) Authenticator centralization and protection including selection of authenticator type based on authentication policy
US20210409397A1 (en) Systems and methods for managing digital identities associated with mobile devices
US10440019B2 (en) Method, computer program, and system for identifying multiple users based on their behavior
CA2945703C (en) Systems, apparatus and methods for improved authentication
EP3499795A1 (en) Authentication system and method, and user equipment, authentication server, and service server for performing same method
Gupta et al. Demystifying authentication concepts in smartphones: Ways and types to secure access
US9384338B2 (en) Architectures for privacy protection of biometric templates
US9152779B2 (en) Protecting codes, keys and user credentials with identity and patterns
EP2065798A1 (en) Method for performing secure online transactions with a mobile station and a mobile station
JP2006209697A (en) Individual authentication system, and authentication device and individual authentication method used for the individual authentication system
JPWO2007094165A1 (en) Identification system and program, and identification method
US11663306B2 (en) System and method for confirming a person's identity
US20200196143A1 (en) Public key-based service authentication method and system
JP2018205906A5 (en)
US10848309B2 (en) Fido authentication with behavior report to maintain secure data connection
KR101740574B1 (en) Certification method using autograph of confirmor and fintech system
KR101739098B1 (en) Certification system and method using electronic signature in plural terminals
US20170344984A1 (en) Card payment system and method for using body information
KR102284876B1 (en) System and method for federated authentication based on biometrics
Raina Integration of Biometric authentication procedure in customer oriented payment system in trusted mobile devices.
US10771970B2 (en) Method of authenticating communication of an authentication device and at least one authentication server using local factor
US20210136064A1 (en) Secure use of authoritative data within biometry based digital identity authentication and verification
KR102561689B1 (en) Apparatus and method for registering biometric information, apparatus and method for biometric authentication
KR100715651B1 (en) System and method for the third party's authentication by the user's password made from the asymmetric function based on the facial-image

Legal Events

Date Code Title Description
E701 Decision to grant or registration of patent right
GRNT Written decision to grant