KR101750165B1 - USIM Simple Authentication Method and System using SMS and USAT Applet - Google Patents

USIM Simple Authentication Method and System using SMS and USAT Applet Download PDF

Info

Publication number
KR101750165B1
KR101750165B1 KR1020150113638A KR20150113638A KR101750165B1 KR 101750165 B1 KR101750165 B1 KR 101750165B1 KR 1020150113638 A KR1020150113638 A KR 1020150113638A KR 20150113638 A KR20150113638 A KR 20150113638A KR 101750165 B1 KR101750165 B1 KR 101750165B1
Authority
KR
South Korea
Prior art keywords
authentication
mobile terminal
information
server
usim
Prior art date
Application number
KR1020150113638A
Other languages
Korean (ko)
Other versions
KR20170019610A (en
Inventor
강경구
Original Assignee
에스케이 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 에스케이 주식회사 filed Critical 에스케이 주식회사
Priority to KR1020150113638A priority Critical patent/KR101750165B1/en
Publication of KR20170019610A publication Critical patent/KR20170019610A/en
Application granted granted Critical
Publication of KR101750165B1 publication Critical patent/KR101750165B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data

Abstract

USIM simple authentication method and system using SMS and USAT applet are provided. The authentication module according to the embodiment of the present invention transmits the authentication information inputted through the mobile terminal as an applet to the authentication server. As a result, it is possible to easily and securely authenticate the user with the USIM-based authentication, and the existing authentication methods based on the mobile terminal (ARS authentication, SMS authentication and the like) can solve the security problems caused by using the mobile terminal do.

Figure R1020150113638

Description

USIM Simple Authentication Method and System using SMS and USAT Applet USIM Simple Authentication Method and System using SMS and USAT Applet [

The present invention relates to a method of authenticating a user, and more particularly, to a method of authenticating a user in an electronic financial transaction or a payment step of an electronic commerce, and a system to which the method is applied.

In the electronic financial transaction or the settlement phase of electronic commerce, it is necessary to certify that the person who is currently providing the service is the applicant. There are ARS (Automatic Response Service) authentication and SMS (Short Message Service) authentication which are widely used as authentication.

However, in case of ARS authentication, there is a possibility of a hacking accident due to call forwarding by malicious code. In other words, the authentication telephone has been limited to the point that it can take the authentication number by forwarding the authentication telephone to the mobile terminal of the hacker

Further, in the case of SMS authentication, there is a problem that a hacker installs SMS spyware on a user's mobile terminal, hacking stored SMS by using the SMS spyware, and then, the authentication information is leaked.

SUMMARY OF THE INVENTION The present invention has been made to solve the above problems, and it is an object of the present invention to solve the security problem that may occur due to the use of a mobile terminal in authentication, And to provide a method and system for authenticating the user with safety.

According to an aspect of the present invention, there is provided an authentication module including: an interface communicatively coupled to a mobile terminal; And a processor for executing an applet for transmitting the authentication information input through the mobile terminal to an authentication server.

The applet may receive the authentication information through the mobile terminal without interworking with the application of the mobile terminal.

Also, the applet may receive the transaction information from the authentication server and display the transaction information on the mobile terminal without interworking with the application of the mobile terminal.

The transaction information and the authentication information may be information displayed on a terminal used by a user carrying the mobile terminal.

The applet may receive the encrypted transaction information from the authentication server, decrypt it, and display the decrypted transaction information on the mobile terminal.

The applet may verify integrity based on information of the mobile terminal received together with the encrypted transaction information from the authentication server, in cooperation with the mobile terminal.

In addition, the applet and the authentication server can communicate with each other through a first server operating in the mobile communication company without interworking with an application installed in the mobile terminal.

The applet may be installed in the authentication module via a second server operating in the mobile communication company without interlocking with the application installed in the mobile terminal, or may be installed in the authentication module, .

The authentication module may be a Subscriber Identity Module (SIM) or a Universal Subscriber Identity Module (USIM), and the applet may use a SIM (SIM Application Toolkit) function or a USIM Application Toolkit (USAT) And receive the authentication information through the mobile terminal.

The applet may transmit the authentication information to the authentication server using an SMS (Short Message Service) message.

According to another aspect of the present invention, there is provided an authentication method including: receiving authentication information from a user through a mobile terminal; And transmitting, by the authentication module, the input authentication information to the authentication server.

According to another aspect of the present invention, there is provided an authentication method including: receiving an authentication request including transaction information; Transmitting the transaction information to an authentication module of a mobile terminal; Receiving authentication information input through the mobile terminal from the authentication module; And transmitting the received authentication information together with the transaction information in response to the authentication request.

The authentication module may receive the transaction information, display the transaction information on the mobile terminal, and receive the authentication information through the mobile terminal, in cooperation with the application of the mobile terminal.

The transaction information and the authentication information may be information displayed on a terminal used by a user carrying the mobile terminal.

The transmitting step may transmit the transaction information to the authentication module through a server operating in a mobile communication company, and the receiving step may receive the authentication information through a server operating in a mobile communication company.

According to another aspect of the present invention, there is provided an authentication server including: a communication unit for receiving an authentication request including transaction information from a service server; And transmitting the transaction information to the authentication module of the mobile terminal, receiving the authentication information input through the mobile terminal from the authentication module, and transmitting the authentication information together with the transaction information to the communication unit in response to the authentication request. To the service server via the Internet.

As described above, according to the embodiments of the present invention, it is possible to easily and securely authenticate the user by using the SMS and the USAT applet. The authentication method according to embodiments of the present invention can solve the security problems that have been caused by the use of the mobile terminal in the conventional authentication methods (ARS authentication, SMS authentication, etc.) based on the mobile terminal by the USIM-based authentication.

In particular, according to embodiments of the present invention, it is impossible to send an SMS message from a mobile terminal since the SMS message is directly transmitted to the USAT applet of the USIM rather than the mobile terminal.

In addition, according to the embodiments of the present invention, since the information exchanged between the authentication server and the USAT applet is recorded in the SMS message in the encrypted state and transmitted, the information can not be recognized even if it is transmitted to the USIM of the hacker, Do.

Furthermore, according to the embodiments of the present invention, even if a hacker decrypts and recognizes information, it is not only authentication information but transaction information, and illegal / illegal transactions are impossible.

1 is a diagram showing a USIM simple authentication system to which the present invention is applicable,
2 and 3 are flow charts provided in the description of the USIM simple authentication method according to an embodiment of the present invention,
4 is a diagram illustrating a result of pop-up of a simple authentication window in which a transaction number and an authentication number are displayed on a user PC,
FIG. 5 is a diagram provided in a detailed description of the USAT function screen generated by the USIM simple authentication applet,
FIG. 6 is a block diagram of the USIM simple authentication server shown in FIG. 1,
7 is a block diagram of the USIM shown in FIG.

Hereinafter, the present invention will be described in detail with reference to the drawings.

One. USIM ( Universal Subscriber Identity Module ) Easy authentication system

1 is a diagram showing a USIM simple authentication system to which the present invention is applicable. The USIM simple authentication system to which the present invention is applicable is a system for securely and easily performing the identity authentication without substantial intervention of the mobile terminal 40 at risk of hacking.

1, a simple authentication system to which the present invention can be applied includes a user PC 10, a financial / payment server 20, a USIM simple authentication server 100, a Short Message Service Center A server 30, a USIM 200, and a mobile terminal 40.

The financial / settlement server 20 is a server for providing an electronic financial transaction service and a settlement service for electronic commerce to the user through the user PC 10. For use in authentication, the financial / payment server 20 generates a transaction number and an authentication number.

In order to securely and easily authenticate the user without substantial intervention of the mobile terminal 40, the USIM simple authentication server 100 performs authentication using an SMS (Short Message Service) and an USAT Application Toolkit Applet Service).

For the USIM simple authentication service, the USIM 200 requires that the USIM simple authentication applet 250 be installed. Since the USIM simple authentication server 100 can not directly access the USIM 200, a USIM Card Management System (UCMS) server (not shown) operated by a mobile communication company that can directly access the USIM 200 is used.

That is, the USIM simple authentication server 100 installs the USIM simple authentication applet 250 in the USIM 200 through the UCMS server. Since the UCMS server of the mobile communication company can directly access the USIM 200 without the application of the mobile terminal 40, interworking with the application installed in the mobile terminal 40 in the process of installing the USIM simple authentication applet 250 is unnecessary.

On the other hand, when the USIM 200 is produced or distributed to a user, the applet 250 may be installed.

The USIM simple authentication applet 250 receives the transaction number generated by the financial / payment server 20 through the USIM simple authentication server 100. The SMSC server 30 operating in a mobile communication company that has direct access to the USIM simple authentication applet 250 is used to directly transmit the transaction number from the USIM simple authentication server 100 to the USIM simple authentication applet 250. [

The SMSC server 30 can send an SMS message directly to the USIM 200 rather than the mobile terminal 40. [ The SMSC server 30 can directly access the USIM 200 without the application of the mobile terminal 40. The SMSC server 30 can thus directly access the USIM 200 when the application is installed in the mobile terminal 40 in the process of transmitting the SMS message to the USIM simple authentication applet 250. [ Interworking is unnecessary.

Thus, the SMS message is not received by the mobile terminal 40, but is received by the USIM simple authentication applet 250. Accordingly, since the SMS message containing the transaction number is stored in the mobile terminal 40 and is not displayed in the character receiving box, it is technically impossible for the malicious program to be leaked.

Meanwhile, in order to specify the USIM simple authentication applet 250 as a destination of the SMS message, the USIM simple authentication server 100 transmits a USIM simple authentication applet (USIM 200) installed in the USIM 200 in addition to a telephone number capable of specifying the USIM 200 250) that can identify the TAR (Toolkit Application Reference).

The USIM simple authentication applet 250 displays the transaction number received in the SMS message and displays it to the user, receives the authentication number from the user, and transmits the authentication number to the USIM simple authentication server 100.

The USIM simple authentication applet 250 is an applet of the USAT type, and interfaces with the user with the USAT function. That is, the USIM simple authentication applet 250 displays the transaction number on the screen 41 of the mobile terminal 40 with the USAT function.

The screen 41 is implemented by a display such as a touch screen or an LCD (Liquid Crystal Display). The USIM simple authentication applet 250 receives an authentication number through a screen touch or a button input.

In this process, the USIM simple authentication applet 250 is interlocked only with the OS kernel 42 of the mobile terminal 40 supporting the USAT function, but not with the application of the mobile terminal 40. Therefore, it is technically impossible for the authentication number inputted by the user to be leaked by the malicious program of the mobile terminal 40. [

The authentication number entered by the user is stored in the SMS message and is transmitted from the USIM simple authentication applet 250 to the USIM simple authentication server 100 via the SMSC server 30. [

The transaction number and the authentication number transmitted in the SMS message through the SMSC server 30 are encrypted between the USIM simple authentication server 100 and the USIM simple authentication applet 250. For this purpose, the USIM simple authentication server 100, Authentication applet 250 shares a key.

2. USIM  Easy Authentication Method

2 and 3 are flowcharts provided in the explanation of the USIM simple authentication method by the system shown in FIG.

2, when the user accesses the financial / payment server 20 through the user PC 10 and performs a procedure such as electronic financial transaction or electronic commerce settlement (S300) The user PC 10 transmits the input telephone number to the financial / settlement server 20 (S310).

In step S310, the telephone number input / transmitted is a telephone number of the user's mobile terminal 40. If the telephone number is registered in the financial / payment server 20 (for example, registered as user account information) Can be omitted.

The financial / payment server 20 generates a transaction number and an authentication number as information necessary for simple authentication, and transmits the generated transaction number and authentication number to the user PC 10 (S320). The user PC 10 displays the transaction number and the authentication number received in step S320 on the screen (S330).

The result of the pop-up of the simple authentication window showing the transaction number and the authentication number in the user PC 10 in step S330 is illustrated in FIG.

Meanwhile, the financial / payment server 20 requests the USIM simple authentication server 100 for simple authentication (S340). The simple authentication request transmitted from the financial / payment server 20 to the USIM simple authentication server 100 in step S340 includes a telephone number received (or registered) from the user PC 10 in step S310, A transaction number is included, but the authentication number generated in step S320 is not included. That is, the USIM simple authentication server 100 does not leak out the authentication number.

The USIM simple authentication server 100 searches for a TAR mapped to the telephone number received in step S340 (S350), and encrypts the received transaction number (S360).

Next, the USIM simple authentication server 100 requests the SMSC server 30 to transmit an SMS for simple authentication (S370). The simple authentication SMS transmission request transmitted from the USIM simple authentication server 100 to the SMSC server 30 in step S370 includes the telephone number received from the financial / payment server 20 in step S340, the TAR retrieved in step S350, And the encrypted transaction number [E (transaction number)] is included in the step.

In response to the request in step S370, the SMSC server 30 sends an SMS message to the USIM 200 (S380). In step S380, the SMS message transmitted from the SMSC server 30 to the USIM 200 includes the TAR transmitted in step S370 and the encrypted transaction number.

Through the TAR contained in the SMS message received in step S380, the USIM 200 recognizes that the final destination of the SMS message is the USIM simple authentication applet 250, invokes / executes the USIM simple authentication applet 250, Transmits the encrypted transaction number included.

Accordingly, the USIM simple authentication applet 250 verifies the integrity of the encrypted transaction number and decrypts it (S390).

3, the USIM simple authentication applet 250 generates a USAT screen for simple authentication and transmits it to the OS kernel 42 of the mobile terminal 40 and displays it on the screen 41 (S400 ). Step S400 is performed through the USAT function of the USIM simple authentication applet 250. [

The result of popping up the simple authentication USAT screen including the transaction number on the screen 41 of the mobile terminal 40 by the USAT function of the USIM simple authentication applet 250 is illustrated in the left side of FIG. 5 in step S400.

As shown on the left side of FIG. 5, in the pop-up simplified authentication USAT screen, an authentication number input box is displayed together with the transaction number. The authentication number input box is a box for receiving the authentication number displayed on the user PC 10 from the user in step S330 of FIG.

When the user inputs the authentication number on the simple authentication USAT function screen displayed on the screen 41 of the mobile terminal 40 in step S420, the authentication number is transferred to the USIM simple authentication applet 250 through the OS kernel 42 S430).

Then, the USIM simple authentication applet 250 encrypts the authentication number (S440) and sends an SMS message to the SMSC server 30 (S450). In step S450, the SMS message sent from the USIM simple authentication applet 250 to the SMSC server 30 includes the telephone number and the encrypted authentication number [E (authentication number)].

The SMSC server 30 delivers the simple authentication information to the USIM simple authentication server 100 (S460). In step S460, the simple authentication information transmitted from the SMSC server 30 to the USIM simple authentication server 100 includes the telephone number and the encrypted authentication information.

The USIM simple authentication server 100 verifies the integrity of the encrypted authentication information received in step S460 and decrypts the encrypted authentication information (S470). Then, the USIM simple authentication server 100 transmits the decrypted authentication number to the financial / settlement server 20 in response to the request in step S340, together with the transaction number received in step S340 of FIG. 2 (S480).

The financial / payment server 20 performs the identity authentication by checking whether the authentication number received in step S480 matches the authentication number generated and stored in step S320 of FIG. 2, (S490).

So far, the USIM simple authentication process has been described in detail. It is assumed that the USIM 200 is identified by the International Mobile Subscriber Identity (IMSI) or the ICCID (Integrated Circuit Card ID), which is a unique number of the USIM 200. However, It is possible to do.

The integrity verification in step S390 of FIG. 2 and step S470 of FIG. 3 may use a shared key between the digital signature or the USIM simple authentication applet 250 and the USIM simple authentication server 100, It is also possible to use International Mobile Equipment Identity (IMEI) which is a unique number of the mobile terminal 40.

To this end, the IMEI of the mobile terminal 40 is transferred to the "USIM simple authentication server 100 → SMSC server 30 → USIM simple authentication applet 250", and the USIM simple authentication applet 250 is transferred to the OS kernel 42 ).

The IMEI of the mobile terminal 40 is transmitted to the "USIM simple authentication applet 250 → the SMSC server 30 → the USIM simple authentication server 100" .

3. USIM  Easy Authentication Server

6 is a block diagram of the USIM simple authentication server 100 shown in FIG. As shown in FIG. 6, the USIM simple authentication server 100 includes a communication unit 110, a processor 120, and a DB 130.

The communication unit 110 communicates with the financial / settlement server 20 and the SMSC server 30 via a network to provide a communication interface between the USIM simple authentication server 100 and the financial / payment server 20 and the SMSC server 30.

The processor 120 performs the procedures performed by the USIM simple authentication server 100 among the USIM simple authentication procedures shown in FIGS.

Specifically, the processor 120 encrypts the transaction number received from the financial / payment server 20 and transmits it to the SMSC server 30 together with the telephone number of the mobile terminal 40 and the TAR of the USIM simple authentication applet 250 , And requests the USIM simple authentication applet 250 to transmit the SMS.

In addition, the processor 120 decrypts the encrypted authentication number received from the USIM simple authentication applet 250 through the SMSC server 30 and transmits the decrypted authentication number to the financial / payment server 20. If the IMEI is received with the encrypted authentication number, the processor 120 performs additional terminal occupancy authentication using the IMEI.

The telephone number of the mobile terminal 40, the IMSI or ICCID of the USIM 200, and the TAR of the USIM simple authentication applet 250 are mapped and stored in the DB 130.

4. USIM

7 is a block diagram of the USIM 200 shown in FIG. As shown in FIG. 7, the USIM 200 includes a terminal interface 210, a USIM processor 220, and a USIM memory 230.

The terminal interface 110 is a physical interface for communicating with the mobile terminal 40.

The USIM processor 220 executes the USIM simple authentication applet 250 to allow the simple authentication procedure to be performed in the USIM 200. [

The USIM simple authentication applet 250 is a USAT function that decrypts and displays the transaction number received from the USIM simple authentication server 100 through the SMSC server 30 and receives an authentication number from the user.

On the other hand, when the IMEI is received together with the encrypted transaction number, the USIM simple authentication applet 250 checks whether the IMEI is coincident with the OS kernel 42 to perform additional terminal occupancy authentication.

The USIM simple authentication applet 250 encrypts the input authentication number and transmits it to the USIM simple authentication applet 250 through the SMSC server 30.

The USIM memory 230 is a storage medium that stores data necessary for the USIM 200 and provides a storage space necessary for the USIM simple authentication applet 250 to perform the authentication procedure.

5. Variation example

So far, preferred embodiments of the USIM simple authentication method, the server and the system have been described in detail.

The USIM 200 mentioned in the above embodiment corresponds to an example referred to as an authentication module. This can be replaced by a SIM (Subscriber Identity Module), in which case the SIM (SIM Application Toolkit) function displays the transaction number and receives the authorization number.

Furthermore, any device that can function as an authentication module can replace the USIM 200. [ For example, even if another type of SE (Secure Element) such as embedded-SE or SD (Secure Digital) card functions as an authentication module, the technical idea of the present invention can be applied.

Although the USIM simple authentication server 100 is implemented separately from the financial / settlement server 20 in the above embodiment, the USIM simple authentication server 100 may be incorporated into the financial / payment server 20.

It goes without saying that the technical idea of the present invention can also be applied to a computer-readable recording medium having a computer program for performing the functions of the apparatus and method according to the present embodiment. In addition, the technical idea according to various embodiments of the present invention may be embodied in computer-readable code form recorded on a computer-readable recording medium. The computer-readable recording medium is any data storage device that can be read by a computer and can store data. For example, the computer-readable recording medium may be a ROM, a RAM, a CD-ROM, a magnetic tape, a floppy disk, an optical disk, a hard disk drive, or the like. In addition, the computer readable code or program stored in the computer readable recording medium may be transmitted through a network connected between the computers.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, It will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the present invention.

10: user PC 20: financial / payment server
30: SMSC server 40: mobile terminal
100: USIM Simple Authentication Server
200: USIM 250: USIM Simple Authentication Applet

Claims (16)

An interface communicatively coupled to the mobile terminal; And
And a processor for executing an applet for transmitting authentication information input through the mobile terminal to an authentication server,
The applet includes:
Receiving the transaction information from the authentication server in cooperation with the OS kernel of the mobile terminal without interworking with the application of the mobile terminal,
Wherein the authentication information is input through the mobile terminal in cooperation with the OS kernel of the mobile terminal without interworking with the application of the mobile terminal.
delete delete The method according to claim 1,
Wherein the transaction information and the authentication information,
Wherein the authentication module is information displayed on a terminal used by a user carrying the mobile terminal.
The method according to claim 1,
The applet includes:
Receives the encrypted transaction information from the authentication server, decrypts the decrypted transaction information, and displays the decrypted transaction information on the mobile terminal.
The method of claim 5,
The applet includes:
And verifies integrity by interworking with the mobile terminal based on information of the mobile terminal received together with the encrypted transaction information from the authentication server.
The method according to claim 1,
Wherein the applet and the authentication server,
And communicate with each other through a first server operating in a mobile communication company without interworking with an application installed in the mobile terminal.
The method of claim 7,
The applet includes:
The authentication server may be installed in the authentication module through a second server operating in the mobile communication company without interworking with an application installed in the mobile terminal,
Wherein the authentication module is installed in the authentication module at the time of manufacturing or distributing the authentication module.
The method according to claim 1,
The authentication module includes:
A SIM (Subscriber Identity Module) or a USIM (Universal Subscriber Identity Module)
The applet includes:
Wherein the authentication information is received through the mobile terminal using a SIM (SIM Application Toolkit) function or a USAT (USIM Application Toolkit) function supported by the mobile terminal.
The method of claim 9,
The applet includes:
And transmits the authentication information to the authentication server in an SMS (Short Message Service) message.
Receiving the transaction information from the authentication server and displaying the received transaction information on the mobile terminal in cooperation with the OS kernel of the mobile terminal without interworking with the application of the mobile terminal;
Receiving, by the authentication module, authentication information from a user through a mobile terminal, in cooperation with an OS kernel of the mobile terminal, in cooperation with an application of the mobile terminal; And
And the authentication module transmitting the input authentication information to the authentication server.
Receiving an authentication request including transaction information;
Transmitting the transaction information to an authentication module of a mobile terminal;
Receiving authentication information input through the mobile terminal from the authentication module; And
And transmitting the received authentication information together with the transaction information in response to the authentication request,
The authentication module includes:
Wherein the transaction information is received and displayed on the mobile terminal, and the authentication information is received through the mobile terminal, in cooperation with the OS kernel of the mobile terminal, not linked to the application of the mobile terminal.
delete The method of claim 12,
Wherein the transaction information and the authentication information,
Wherein the authentication information is information displayed on a terminal used by a user carrying the mobile terminal.
The method of claim 12,
Wherein the transmitting comprises:
Transmitting the transaction information to the authentication module through a server operated by a mobile communication company,
Wherein the receiving comprises:
And the authentication information is received through a server operating in the mobile communication company.
A communication unit for receiving an authentication request including transaction information from a service server; And
The mobile terminal transmits the transaction information to the authentication module of the mobile terminal, receives the authentication information input through the mobile terminal from the authentication module, and transmits the authentication information together with the transaction information through the communication unit in response to the authentication request To the service server,
The authentication module includes:
Wherein the authentication server receives the transaction information, displays the transaction information on the mobile terminal, and receives the authentication information through the mobile terminal, in cooperation with the OS kernel of the mobile terminal, in cooperation with the application of the mobile terminal.
KR1020150113638A 2015-08-12 2015-08-12 USIM Simple Authentication Method and System using SMS and USAT Applet KR101750165B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150113638A KR101750165B1 (en) 2015-08-12 2015-08-12 USIM Simple Authentication Method and System using SMS and USAT Applet

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150113638A KR101750165B1 (en) 2015-08-12 2015-08-12 USIM Simple Authentication Method and System using SMS and USAT Applet

Publications (2)

Publication Number Publication Date
KR20170019610A KR20170019610A (en) 2017-02-22
KR101750165B1 true KR101750165B1 (en) 2017-06-22

Family

ID=58314699

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150113638A KR101750165B1 (en) 2015-08-12 2015-08-12 USIM Simple Authentication Method and System using SMS and USAT Applet

Country Status (1)

Country Link
KR (1) KR101750165B1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102052549B1 (en) * 2018-08-31 2019-12-05 주식회사 케이티 Apparatus and method for providing authentication service utilizing USIM toolkit function
KR102261436B1 (en) * 2019-06-03 2021-06-08 주식회사 엘지유플러스 Method, apparatus, and system for micropayment using sim toolkit and private certificate
KR102467562B1 (en) * 2020-08-25 2022-11-16 주식회사 엘지유플러스 Mobile communication server and terminal for vehicle reservation and operation method thereof

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101473471B1 (en) * 2014-08-28 2014-12-24 주식회사 인포바인 Method of signing in to web page using mobile terminal and apparatus for the same

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101473471B1 (en) * 2014-08-28 2014-12-24 주식회사 인포바인 Method of signing in to web page using mobile terminal and apparatus for the same

Also Published As

Publication number Publication date
KR20170019610A (en) 2017-02-22

Similar Documents

Publication Publication Date Title
CN105741112B (en) Network-based authentication payment device, authentication payment method and authentication payment system
KR101895243B1 (en) Integration of payment capability into secure elements of computers
KR102456959B1 (en) System and Method for Enabling Secure Authentication
CN103793815A (en) Mobile intelligent terminal acquirer system and method suitable for bank cards and business cards
US11329824B2 (en) System and method for authenticating a transaction
EP2690840B1 (en) Internet based security information interaction apparatus and method
KR102334894B1 (en) Apparatus for authentication and payment based on web, method for authentication and payment based on web, system for authentication and payment based on web and computer readable medium having computer program recorded thereon
US20190026704A1 (en) Method of registering a membership for an electronic payment, system for same, and apparatus and terminal thereof
CN104618114A (en) Identity card information obtaining method, device and system
KR101750165B1 (en) USIM Simple Authentication Method and System using SMS and USAT Applet
US20220038439A1 (en) Network provisioning and tokenization using a remote terminal
US9871890B2 (en) Network authentication method using a card device
CN108924822B (en) Card-contained secure communication method based on trusted environment and mobile terminal
WO2016138743A1 (en) Secure payment method, mobile terminal, and payment authentication server
KR101799517B1 (en) A authentication server and method thereof
KR101628615B1 (en) Method for Providing Safety Electronic Signature by using Secure Operating System
CN103514540A (en) USBKEY business realization method and system
KR102403759B1 (en) System for providing electronic payment by authenticating patient and using card information, method thereof and non-transitory computer readable medium having computer program recorded thereon
KR20170029940A (en) Payment service providing apparatus and method for assisting in selection of plural limit amount based on web, system and computer readable medium having computer program recorded thereon
CN111491064A (en) Voice service identity authentication method and system
CN104639541A (en) Method, device and system for obtaining identity card information
KR20140114511A (en) Method and apparatus for banking service and method thereof
CN113645239B (en) Application login method and device, user terminal and storage medium
KR102261436B1 (en) Method, apparatus, and system for micropayment using sim toolkit and private certificate
KR102468785B1 (en) Payment service providing apparatus and method for supporting transaction verification based on web, system and computer readable medium having computer program recorded thereon

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant