KR101750165B1 - USIM Simple Authentication Method and System using SMS and USAT Applet - Google Patents
USIM Simple Authentication Method and System using SMS and USAT Applet Download PDFInfo
- Publication number
- KR101750165B1 KR101750165B1 KR1020150113638A KR20150113638A KR101750165B1 KR 101750165 B1 KR101750165 B1 KR 101750165B1 KR 1020150113638 A KR1020150113638 A KR 1020150113638A KR 20150113638 A KR20150113638 A KR 20150113638A KR 101750165 B1 KR101750165 B1 KR 101750165B1
- Authority
- KR
- South Korea
- Prior art keywords
- authentication
- mobile terminal
- information
- server
- usim
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
Abstract
USIM simple authentication method and system using SMS and USAT applet are provided. The authentication module according to the embodiment of the present invention transmits the authentication information inputted through the mobile terminal as an applet to the authentication server. As a result, it is possible to easily and securely authenticate the user with the USIM-based authentication, and the existing authentication methods based on the mobile terminal (ARS authentication, SMS authentication and the like) can solve the security problems caused by using the mobile terminal do.
Description
The present invention relates to a method of authenticating a user, and more particularly, to a method of authenticating a user in an electronic financial transaction or a payment step of an electronic commerce, and a system to which the method is applied.
In the electronic financial transaction or the settlement phase of electronic commerce, it is necessary to certify that the person who is currently providing the service is the applicant. There are ARS (Automatic Response Service) authentication and SMS (Short Message Service) authentication which are widely used as authentication.
However, in case of ARS authentication, there is a possibility of a hacking accident due to call forwarding by malicious code. In other words, the authentication telephone has been limited to the point that it can take the authentication number by forwarding the authentication telephone to the mobile terminal of the hacker
Further, in the case of SMS authentication, there is a problem that a hacker installs SMS spyware on a user's mobile terminal, hacking stored SMS by using the SMS spyware, and then, the authentication information is leaked.
SUMMARY OF THE INVENTION The present invention has been made to solve the above problems, and it is an object of the present invention to solve the security problem that may occur due to the use of a mobile terminal in authentication, And to provide a method and system for authenticating the user with safety.
According to an aspect of the present invention, there is provided an authentication module including: an interface communicatively coupled to a mobile terminal; And a processor for executing an applet for transmitting the authentication information input through the mobile terminal to an authentication server.
The applet may receive the authentication information through the mobile terminal without interworking with the application of the mobile terminal.
Also, the applet may receive the transaction information from the authentication server and display the transaction information on the mobile terminal without interworking with the application of the mobile terminal.
The transaction information and the authentication information may be information displayed on a terminal used by a user carrying the mobile terminal.
The applet may receive the encrypted transaction information from the authentication server, decrypt it, and display the decrypted transaction information on the mobile terminal.
The applet may verify integrity based on information of the mobile terminal received together with the encrypted transaction information from the authentication server, in cooperation with the mobile terminal.
In addition, the applet and the authentication server can communicate with each other through a first server operating in the mobile communication company without interworking with an application installed in the mobile terminal.
The applet may be installed in the authentication module via a second server operating in the mobile communication company without interlocking with the application installed in the mobile terminal, or may be installed in the authentication module, .
The authentication module may be a Subscriber Identity Module (SIM) or a Universal Subscriber Identity Module (USIM), and the applet may use a SIM (SIM Application Toolkit) function or a USIM Application Toolkit (USAT) And receive the authentication information through the mobile terminal.
The applet may transmit the authentication information to the authentication server using an SMS (Short Message Service) message.
According to another aspect of the present invention, there is provided an authentication method including: receiving authentication information from a user through a mobile terminal; And transmitting, by the authentication module, the input authentication information to the authentication server.
According to another aspect of the present invention, there is provided an authentication method including: receiving an authentication request including transaction information; Transmitting the transaction information to an authentication module of a mobile terminal; Receiving authentication information input through the mobile terminal from the authentication module; And transmitting the received authentication information together with the transaction information in response to the authentication request.
The authentication module may receive the transaction information, display the transaction information on the mobile terminal, and receive the authentication information through the mobile terminal, in cooperation with the application of the mobile terminal.
The transaction information and the authentication information may be information displayed on a terminal used by a user carrying the mobile terminal.
The transmitting step may transmit the transaction information to the authentication module through a server operating in a mobile communication company, and the receiving step may receive the authentication information through a server operating in a mobile communication company.
According to another aspect of the present invention, there is provided an authentication server including: a communication unit for receiving an authentication request including transaction information from a service server; And transmitting the transaction information to the authentication module of the mobile terminal, receiving the authentication information input through the mobile terminal from the authentication module, and transmitting the authentication information together with the transaction information to the communication unit in response to the authentication request. To the service server via the Internet.
As described above, according to the embodiments of the present invention, it is possible to easily and securely authenticate the user by using the SMS and the USAT applet. The authentication method according to embodiments of the present invention can solve the security problems that have been caused by the use of the mobile terminal in the conventional authentication methods (ARS authentication, SMS authentication, etc.) based on the mobile terminal by the USIM-based authentication.
In particular, according to embodiments of the present invention, it is impossible to send an SMS message from a mobile terminal since the SMS message is directly transmitted to the USAT applet of the USIM rather than the mobile terminal.
In addition, according to the embodiments of the present invention, since the information exchanged between the authentication server and the USAT applet is recorded in the SMS message in the encrypted state and transmitted, the information can not be recognized even if it is transmitted to the USIM of the hacker, Do.
Furthermore, according to the embodiments of the present invention, even if a hacker decrypts and recognizes information, it is not only authentication information but transaction information, and illegal / illegal transactions are impossible.
1 is a diagram showing a USIM simple authentication system to which the present invention is applicable,
2 and 3 are flow charts provided in the description of the USIM simple authentication method according to an embodiment of the present invention,
4 is a diagram illustrating a result of pop-up of a simple authentication window in which a transaction number and an authentication number are displayed on a user PC,
FIG. 5 is a diagram provided in a detailed description of the USAT function screen generated by the USIM simple authentication applet,
FIG. 6 is a block diagram of the USIM simple authentication server shown in FIG. 1,
7 is a block diagram of the USIM shown in FIG.
Hereinafter, the present invention will be described in detail with reference to the drawings.
One. USIM ( Universal Subscriber Identity Module ) Easy authentication system
1 is a diagram showing a USIM simple authentication system to which the present invention is applicable. The USIM simple authentication system to which the present invention is applicable is a system for securely and easily performing the identity authentication without substantial intervention of the
1, a simple authentication system to which the present invention can be applied includes a
The financial /
In order to securely and easily authenticate the user without substantial intervention of the
For the USIM simple authentication service, the USIM 200 requires that the USIM
That is, the USIM
On the other hand, when the USIM 200 is produced or distributed to a user, the
The USIM
The
Thus, the SMS message is not received by the
Meanwhile, in order to specify the USIM
The USIM
The USIM
The
In this process, the USIM
The authentication number entered by the user is stored in the SMS message and is transmitted from the USIM
The transaction number and the authentication number transmitted in the SMS message through the
2. USIM Easy Authentication Method
2 and 3 are flowcharts provided in the explanation of the USIM simple authentication method by the system shown in FIG.
2, when the user accesses the financial /
In step S310, the telephone number input / transmitted is a telephone number of the user's
The financial /
The result of the pop-up of the simple authentication window showing the transaction number and the authentication number in the
Meanwhile, the financial /
The USIM
Next, the USIM
In response to the request in step S370, the
Through the TAR contained in the SMS message received in step S380, the
Accordingly, the USIM
3, the USIM
The result of popping up the simple authentication USAT screen including the transaction number on the
As shown on the left side of FIG. 5, in the pop-up simplified authentication USAT screen, an authentication number input box is displayed together with the transaction number. The authentication number input box is a box for receiving the authentication number displayed on the
When the user inputs the authentication number on the simple authentication USAT function screen displayed on the
Then, the USIM
The
The USIM
The financial /
So far, the USIM simple authentication process has been described in detail. It is assumed that the
The integrity verification in step S390 of FIG. 2 and step S470 of FIG. 3 may use a shared key between the digital signature or the USIM
To this end, the IMEI of the
The IMEI of the
3. USIM Easy Authentication Server
6 is a block diagram of the USIM
The
The
Specifically, the
In addition, the
The telephone number of the
4. USIM
7 is a block diagram of the
The
The
The USIM
On the other hand, when the IMEI is received together with the encrypted transaction number, the USIM
The USIM
The
5. Variation example
So far, preferred embodiments of the USIM simple authentication method, the server and the system have been described in detail.
The
Furthermore, any device that can function as an authentication module can replace the
Although the USIM
It goes without saying that the technical idea of the present invention can also be applied to a computer-readable recording medium having a computer program for performing the functions of the apparatus and method according to the present embodiment. In addition, the technical idea according to various embodiments of the present invention may be embodied in computer-readable code form recorded on a computer-readable recording medium. The computer-readable recording medium is any data storage device that can be read by a computer and can store data. For example, the computer-readable recording medium may be a ROM, a RAM, a CD-ROM, a magnetic tape, a floppy disk, an optical disk, a hard disk drive, or the like. In addition, the computer readable code or program stored in the computer readable recording medium may be transmitted through a network connected between the computers.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, It will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the present invention.
10: user PC 20: financial / payment server
30: SMSC server 40: mobile terminal
100: USIM Simple Authentication Server
200: USIM 250: USIM Simple Authentication Applet
Claims (16)
And a processor for executing an applet for transmitting authentication information input through the mobile terminal to an authentication server,
The applet includes:
Receiving the transaction information from the authentication server in cooperation with the OS kernel of the mobile terminal without interworking with the application of the mobile terminal,
Wherein the authentication information is input through the mobile terminal in cooperation with the OS kernel of the mobile terminal without interworking with the application of the mobile terminal.
Wherein the transaction information and the authentication information,
Wherein the authentication module is information displayed on a terminal used by a user carrying the mobile terminal.
The applet includes:
Receives the encrypted transaction information from the authentication server, decrypts the decrypted transaction information, and displays the decrypted transaction information on the mobile terminal.
The applet includes:
And verifies integrity by interworking with the mobile terminal based on information of the mobile terminal received together with the encrypted transaction information from the authentication server.
Wherein the applet and the authentication server,
And communicate with each other through a first server operating in a mobile communication company without interworking with an application installed in the mobile terminal.
The applet includes:
The authentication server may be installed in the authentication module through a second server operating in the mobile communication company without interworking with an application installed in the mobile terminal,
Wherein the authentication module is installed in the authentication module at the time of manufacturing or distributing the authentication module.
The authentication module includes:
A SIM (Subscriber Identity Module) or a USIM (Universal Subscriber Identity Module)
The applet includes:
Wherein the authentication information is received through the mobile terminal using a SIM (SIM Application Toolkit) function or a USAT (USIM Application Toolkit) function supported by the mobile terminal.
The applet includes:
And transmits the authentication information to the authentication server in an SMS (Short Message Service) message.
Receiving, by the authentication module, authentication information from a user through a mobile terminal, in cooperation with an OS kernel of the mobile terminal, in cooperation with an application of the mobile terminal; And
And the authentication module transmitting the input authentication information to the authentication server.
Transmitting the transaction information to an authentication module of a mobile terminal;
Receiving authentication information input through the mobile terminal from the authentication module; And
And transmitting the received authentication information together with the transaction information in response to the authentication request,
The authentication module includes:
Wherein the transaction information is received and displayed on the mobile terminal, and the authentication information is received through the mobile terminal, in cooperation with the OS kernel of the mobile terminal, not linked to the application of the mobile terminal.
Wherein the transaction information and the authentication information,
Wherein the authentication information is information displayed on a terminal used by a user carrying the mobile terminal.
Wherein the transmitting comprises:
Transmitting the transaction information to the authentication module through a server operated by a mobile communication company,
Wherein the receiving comprises:
And the authentication information is received through a server operating in the mobile communication company.
The mobile terminal transmits the transaction information to the authentication module of the mobile terminal, receives the authentication information input through the mobile terminal from the authentication module, and transmits the authentication information together with the transaction information through the communication unit in response to the authentication request To the service server,
The authentication module includes:
Wherein the authentication server receives the transaction information, displays the transaction information on the mobile terminal, and receives the authentication information through the mobile terminal, in cooperation with the OS kernel of the mobile terminal, in cooperation with the application of the mobile terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150113638A KR101750165B1 (en) | 2015-08-12 | 2015-08-12 | USIM Simple Authentication Method and System using SMS and USAT Applet |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150113638A KR101750165B1 (en) | 2015-08-12 | 2015-08-12 | USIM Simple Authentication Method and System using SMS and USAT Applet |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20170019610A KR20170019610A (en) | 2017-02-22 |
KR101750165B1 true KR101750165B1 (en) | 2017-06-22 |
Family
ID=58314699
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150113638A KR101750165B1 (en) | 2015-08-12 | 2015-08-12 | USIM Simple Authentication Method and System using SMS and USAT Applet |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101750165B1 (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102052549B1 (en) * | 2018-08-31 | 2019-12-05 | 주식회사 케이티 | Apparatus and method for providing authentication service utilizing USIM toolkit function |
KR102261436B1 (en) * | 2019-06-03 | 2021-06-08 | 주식회사 엘지유플러스 | Method, apparatus, and system for micropayment using sim toolkit and private certificate |
KR102467562B1 (en) * | 2020-08-25 | 2022-11-16 | 주식회사 엘지유플러스 | Mobile communication server and terminal for vehicle reservation and operation method thereof |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101473471B1 (en) * | 2014-08-28 | 2014-12-24 | 주식회사 인포바인 | Method of signing in to web page using mobile terminal and apparatus for the same |
-
2015
- 2015-08-12 KR KR1020150113638A patent/KR101750165B1/en active IP Right Grant
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101473471B1 (en) * | 2014-08-28 | 2014-12-24 | 주식회사 인포바인 | Method of signing in to web page using mobile terminal and apparatus for the same |
Also Published As
Publication number | Publication date |
---|---|
KR20170019610A (en) | 2017-02-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105741112B (en) | Network-based authentication payment device, authentication payment method and authentication payment system | |
KR101895243B1 (en) | Integration of payment capability into secure elements of computers | |
KR102456959B1 (en) | System and Method for Enabling Secure Authentication | |
CN103793815A (en) | Mobile intelligent terminal acquirer system and method suitable for bank cards and business cards | |
US11329824B2 (en) | System and method for authenticating a transaction | |
EP2690840B1 (en) | Internet based security information interaction apparatus and method | |
KR102334894B1 (en) | Apparatus for authentication and payment based on web, method for authentication and payment based on web, system for authentication and payment based on web and computer readable medium having computer program recorded thereon | |
US20190026704A1 (en) | Method of registering a membership for an electronic payment, system for same, and apparatus and terminal thereof | |
CN104618114A (en) | Identity card information obtaining method, device and system | |
KR101750165B1 (en) | USIM Simple Authentication Method and System using SMS and USAT Applet | |
US20220038439A1 (en) | Network provisioning and tokenization using a remote terminal | |
US9871890B2 (en) | Network authentication method using a card device | |
CN108924822B (en) | Card-contained secure communication method based on trusted environment and mobile terminal | |
WO2016138743A1 (en) | Secure payment method, mobile terminal, and payment authentication server | |
KR101799517B1 (en) | A authentication server and method thereof | |
KR101628615B1 (en) | Method for Providing Safety Electronic Signature by using Secure Operating System | |
CN103514540A (en) | USBKEY business realization method and system | |
KR102403759B1 (en) | System for providing electronic payment by authenticating patient and using card information, method thereof and non-transitory computer readable medium having computer program recorded thereon | |
KR20170029940A (en) | Payment service providing apparatus and method for assisting in selection of plural limit amount based on web, system and computer readable medium having computer program recorded thereon | |
CN111491064A (en) | Voice service identity authentication method and system | |
CN104639541A (en) | Method, device and system for obtaining identity card information | |
KR20140114511A (en) | Method and apparatus for banking service and method thereof | |
CN113645239B (en) | Application login method and device, user terminal and storage medium | |
KR102261436B1 (en) | Method, apparatus, and system for micropayment using sim toolkit and private certificate | |
KR102468785B1 (en) | Payment service providing apparatus and method for supporting transaction verification based on web, system and computer readable medium having computer program recorded thereon |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |