KR101875257B1 - Mobile authentication and/or moile payment method using near wireless communication with host computer - Google Patents

Mobile authentication and/or moile payment method using near wireless communication with host computer Download PDF

Info

Publication number
KR101875257B1
KR101875257B1 KR1020150116491A KR20150116491A KR101875257B1 KR 101875257 B1 KR101875257 B1 KR 101875257B1 KR 1020150116491 A KR1020150116491 A KR 1020150116491A KR 20150116491 A KR20150116491 A KR 20150116491A KR 101875257 B1 KR101875257 B1 KR 101875257B1
Authority
KR
South Korea
Prior art keywords
authentication
server
biometric
host computer
smartphone
Prior art date
Application number
KR1020150116491A
Other languages
Korean (ko)
Other versions
KR20170022039A (en
Inventor
고하준
고성석
Original Assignee
고하준
고성석
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 고하준, 고성석 filed Critical 고하준
Priority to KR1020150116491A priority Critical patent/KR101875257B1/en
Priority to US15/006,280 priority patent/US20170055146A1/en
Publication of KR20170022039A publication Critical patent/KR20170022039A/en
Application granted granted Critical
Publication of KR101875257B1 publication Critical patent/KR101875257B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices

Abstract

The present invention relates to a method for mobile authentication and / or mobile payment through short-range wireless communication between a computer device and a smartphone.
The method of the present invention is structurally separated between a service process performed between the computer device 100 and the service server 300 and an authentication process performed between the smartphone 200 and the authentication server 400. [ The service process and the authentication process are connected through a short-range wireless communication between the computer device 100 and the smartphone 200. If the authentication result obtained between the smartphone 200 and the authentication server 400 is successful, the authentication server 400 notifies the service server 300, and the service server 300 transmits the result back to the screen of the computer device Lt; / RTI >

Description

TECHNICAL FIELD [0001] The present invention relates to a biometric information authentication method and a biometric information authentication method,

The present invention relates to a biometric authentication technique. And more particularly to application of security authentication using biometric authentication technology.

Today, people use the Internet to conduct various e-commerce and authentication activities. It primarily runs a web browser through a personal computer to access the target website. Then, the target web site performs a series of authentication procedures. The biggest problem here is security issues caused by malicious hacking. Unique personal information such as credit card number as well as unique information about the individual can be hacked. Several attempts have been made to prevent this. One of the most widely used methods is to install software on a personal computer that blocks hacking and enhances security.

However, this causes severe inconvenience to the user. Users are required to update their software because they need to constantly improve their security vulnerabilities because they are accessing various websites and doing authentication activities, and there are a lot of software to install. In addition, malicious codes are used to mimic or exploit security software And that it can be done. This is because the authentication information is stored in the personal computer.

If so, you might consider not storing your authentication information on your personal computer. This is how it is stored on the server of the certification authority. The server can acquire at least the identification information that can identify the user from the personal computer and use the authentication information stored in the database of the server based on the identification information. The identification information includes an ID, a password, and a cookie. The authentication information will be representative of the card information. For example, Amazon's one-click technology is typical. A server system related to Amazon One-Click Technology is disclosed in U.S. Patents US 5,960,411 and US 8341036.

This technique is very convenient to the user. This is because it is not necessary to install the security program on the personal computer, and the authentication and settlement can be performed simultaneously by inputting the simple identifier without going through the complicated process. However, the more convenient the user, the greater the burden on the service provider. Security issues have become more sensitive. The server system should be protected against malicious attacks. Because there is always the risk of a catastrophic security incident, the service provider must make a wonderful effort and constantly improve security technology. On the other hand, the user must input information such as card information at least once and provide it to the server. You should also keep track of the identifier information. That is, user convenience was not completely guaranteed.

The inventors of the present invention have long studied and pondered to solve the authentication problem in the above personal computer. Storing authentication information on a personal computer has the problem of installing complicated security software as described above. Storing and authenticating authentication information in a server system should place a tremendous security burden on service providers. In addition, the user must provide his / her personal information to the server system, and it is also inconvenient to have to remember the identifier information. We have come to the conclusion that we have to make a completely new attempt to solve these problems.

The inventors have explored mobile devices and biometric information technologies. While authentication activities in the Internet environment have become commonplace through personal computers (including notebooks), authentication methods in new environments have become widespread. Mobile authentication technology. You can store your credit card information on your mobile device and use it to make payments. You can also store biometric information, such as fingerprints, on your mobile device. The key point of the biometric information technology is that biometric information unique to each person can be acquired and easily recognized by recognizing the biometric information. Biometric information is unique to humans and can not be separated, so it can not be lost. Such biometric information can include face, voice, and signature, but fingerprints, finger veins, and irregularities are mainly studied. In view of the development of technology, the installation and configuration of the equipment, and the ease of recognition, it is preferable to use the finger of a user. Biometric technology using fingerprint or finger vein is typical. But how do you use it?

It is an object of the present invention to propose an authentication technique using biometric information, and to propose a new method of performing authentication by using short-range communication between heterogeneous devices.

Another object of the present invention is to provide a new biometric information authentication method which can completely prevent the risk of security incidents such as malicious access to a server or a device or hacking.

It is still another object of the present invention to provide a methodology for effectively authenticating biometric information even if the server does not have biometric information.

On the other hand, other unspecified purposes of the present invention will be further considered within the scope of the following detailed description and easily deduced from the effects thereof.

In order to achieve the above object, according to a first aspect of the present invention, there is provided a mobile authentication method for interworking with a host computer in short-

(a) connecting a host computer device to a service server;

(b) the host computer device requesting mobile authentication by executing an authentication event in communication with the service server;

(c) receiving a certification event information of the host computer device in a short-range wireless communication with a smartphone having a built-in short-range wireless communication chip close to a short-range wireless communication device built in the host computer device;

(d) performing the security authentication of the predetermined procedure through the wireless communication with the authentication server by the smartphone;

(e) the authentication server notifying the service server of the mobile authentication result; And

(f) the service server displaying authentication approval through a screen of the host computer device.

In addition, in the mobile authentication method of interworking with a host computer according to a preferred embodiment of the present invention in a short distance communication, the smartphone includes application software supporting a security authentication procedure with the authentication server,

The step (c) may be configured so that the smartphone is close to the NFC device of the host computer device after executing the application software.

In the mobile authentication method of interworking with a host computer according to another preferred embodiment of the present invention in a short distance communication, the smartphone includes application software supporting the security authentication procedure with the authentication server,

The step (c) may be configured to automatically execute the application software when the smartphone is close to the NFC device of the host computer device.

Further, in the mobile authentication method of interworking with a host computer according to a preferred embodiment of the present invention in a short distance communication, the short range wireless communication device may be an NFC device.

Further, in a mobile authentication method for interworking with a host computer according to a preferred embodiment of the present invention in a short distance communication, the authentication event may include authentication for performing a predetermined subsequent process, authentication for authenticating an already- It is preferable that the event is an event for requesting mobile authentication regarding any one or more of the personal authentication for approving the payment.

In addition, in the mobile authentication method interworking with the host computer according to the preferred embodiment of the present invention in the short distance communication, the step (d) further includes the biometric authentication using the biometric image data of the bio object .

In addition, in the mobile authentication method of interworking with a host computer according to a preferred embodiment of the present invention in a short distance communication, the biometric authentication may be performed by a crypto- hash data.

According to another aspect of the present invention, there is provided a mobile authentication method for interworking with a host computer in a short distance communication, the biometric authentication method comprising the steps of: receiving a server authentication value encrypted and stored in the smartphone using the biometric image data; Decrypting the authentication event information, and transmitting the decrypted server authentication value together with the authentication event information to the authentication server.

Further, in the mobile authentication method of interworking with a host computer according to a preferred embodiment of the present invention in a short distance communication, the biometric object used in the biometric authentication may be any one of a fingerprint, finger vein, have.

A second aspect of the present invention is a mobile payment method interworking with a host computer in a short distance communication,

(a) the host computer device requesting an online commodity payment to a service server;

(b) receiving a certification event information of the host computer device from a smartphone having a built-in short-range wireless communication chip close to a short-range wireless communication device built in the host computer device;

(c) the smartphone performs security authentication of a predetermined procedure through wireless communication with an authentication server and executes mobile payment;

(d) the authentication server notifying the service server of the mobile payment result; And

(e) displaying the completion of payment through the screen of the host computer device by the service server.

In the preferred mobile payment method of the present invention, the step (c) may include a step of performing settlement using credit card information stored in advance in the smartphone or the authentication server.

A third aspect of the present invention is a mobile authentication method for interworking with a host computer in a short distance communication,

 (a) requesting a host computer device to purchase an online product from a service server;

(b) the host computer device executes an authentication event in communication with the service server to request a mobile authentication

(c) transmitting a smart phone information to the service server through the host computer device, the smart phone having a built-in short-range wireless communication chip close to a short-range wireless communication device built in the host computer device; And

(d) the service server displaying authentication approval through a screen of the host computer device.

In addition, in the mobile authentication method of interworking with a host computer according to a preferred embodiment of the present invention by local communication,

The authentication event may be an event for requesting a mobile authentication regarding a personal authentication for approving a payment.

According to the present invention, there is an advantage that the service process and the authentication process are completely separated systematically. This has the advantage that the service provider can configure the system optimized for the service and manage the resources. Since the service providing system does not have the information necessary for authentication or settlement, there is no object of security accident caused by malicious attack. This brings great benefits to users. It is not necessary to install various security programs on the user's device when accessing the system of the service provider, and there is no need for the user to provide sensitive personal information such as credit card information to the service provider.

According to a preferred embodiment of the present invention, all processes can be completed automatically by pressing a button for requesting mobile authentication or mobile payment. In short, it has the advantage of providing users with the most convenient payment methods.

In addition, according to a preferred embodiment of the present invention, there is an advantage that more secure self-certification is possible from an attack of a malicious third party. Although the authentication process uses the smartphone biometric authentication method in the authentication process, since the biometric information is not stored in the device or the server, even if the user loses the device, the authentication server loses or hacks the DB information even if the third party maliciously hacks it. The biometrics information inherent to the user can be intrinsically blocked.

The present invention provides a complete and secure authentication method for all commercial or administrative procedures requiring authentication.

On the other hand, even if the effects are not explicitly mentioned here, the effect described in the following specification, which is expected by the technical features of the present invention, and its potential effects are treated as described in the specification of the present invention.

1 is a diagram showing a system configuration according to a preferred embodiment of the present invention.
2 is a conceptual diagram showing the relationship and configuration between heterogeneous devices performing near field wireless communication according to the present invention.
3 is a diagram illustrating various forms of examples of the host computer device 100 of the present invention.
4 is a diagram showing an example of various bio-objects performed in the smart phone 200 of the present invention.
5 to 8 are diagrams showing various scenarios to which the technical idea of the present invention is applied.
* The accompanying drawings illustrate examples of the present invention in order to facilitate understanding of the technical idea of the present invention, and thus the scope of the present invention is not limited thereto.

Hereinafter, the structure and various embodiments of the present invention will be described in detail with reference to the drawings. In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may obscure the subject matter of the present invention.

1 shows a system configuration according to a preferred embodiment of the present invention. A preferred system of the present invention comprises four elements. A host computer device 100, a service server 300, a smart phone 200, and an authentication server 400. A user of the host computer device 100 utilizes a service provided by the service server 300. [ The service at this time may be a web service provided through the Internet site 310. In another preferred embodiment of the present disclosure, it may be a platform service that connects and executes specific application software. In order for the user to fully utilize the service provided by the service server 300, the user authentication process may be required. The technical idea of the present invention is disclosed at this point.

In this case, in the prior art, it was common to authenticate through the security program and the authentication software installed in the host computer device 100. There has been a case where hardware existing separately from the host computer device 100 is used, and the first method uses an OTP (One Time Password) terminal. The second method is to transmit a specific code to the user's mobile phone through the mobile communication network. Both of these methods require the user to enter the OTP or enter the code number received from the user screen of the host computer device. Whether in any way, whether using separate hardware or not, the service server 300 had to keep a database of the customer's unique data for security issues and accurate authentication. He was vulnerable to malicious attacks. To compensate for this vulnerability, the service server 300 has forced the user to install various security software on his / her device. This deteriorates the user environment in the host computer device 100.

In the context of the present invention, the security and / or authentication software installed in the host computer device 100 is minimally installed or not required. Likewise, the service server 300 may be structurally minimal or non-existent with hardware / software means for security and / or authentication. This is because the service process and the authentication process are structurally separated.

 The service process is performed through communication between the host computer device 100 and the service server 300. On the other hand, the authentication process is performed through wireless communication between the smartphone 200 and the authentication server 400. It may be a mobile communication network and may be a wireless Internet network such as Wifi. The communication route between the service process and the authentication process is completely different. Also, communication subjects are completely different from each other. Therefore, in the system of the present invention, a malicious attack using the communication network and equipment of the service process is fundamentally blocked.

This is the link between the service process and the authentication process. First, on the user side, a near field communication (NFC) device 110 built in the host computer device 100 and a NFC device 210 built in the smartphone 200 are connected via short-range wireless communication. In addition, on the server side, it is performed through wired or wireless communication between the service server 300 and the authentication server 400. The authentication process is started on the user side and the authentication process is terminated on the server side.

The smartphone 200 receives authentication event information generated in the service process through short-range wireless communication with the host computer device 100. For example, a session token between the host computer device 100 and the service server 200 may be received by the smartphone 200 from the computer device 100 via local area wireless communication. At this time, the smartphone 200 acquires, from the host computer device 100 via the NFC communication, the identifier data capable of specifying the service process to be authenticated between the service server and the host computer device.

Then, real-time authentication is performed between the smartphone 200 and the authentication server 400 in a completely security-controlled manner. Most preferably, authentication is performed using biometric information of the user. This is because the system of the present invention is configured on the assumption that the user of the host computer device 100 and the user of the smartphone 200 are the same. Therefore, it should be ensured that the user of the smartphone 200 is obviously a person and that authentication of the authentication server 400 is not affected by theft or malicious attack. The best solution is to use biometric information. This will be described again below.

On the other hand, since the service process and the authentication process are separated, as described above, the service server 300 providing the service does not make a security request to the host computer device 100 in connection with communication with the host computer device 100 You do not need to. Also, the service server 300 does not need to establish a database for authentication. This guarantees that you can provide optimal service without using system tools that make users uncomfortable.

The service server 300 has hardware / software equipment for providing services and can have databases 301 and 303 necessary for service provision. These databases 301 and 303 do not need to be at least an authentication database used in direct communication with the user terminal. On the other hand, at least one of the databases 401 and 403 built in the authentication server 400 must be a database necessary for user authentication.

Now, the configuration and relationship of the user side device, which is the starting point at which the service process and the authentication process are connected, will be described. 2 shows a heterogeneous device used by a user.

The host computer device 100 connects to the service server and performs a series of network behaviors such as requesting, using, or purchasing a service. The host computer device 100 includes a processor 101 and an NFC device 110. Of course, although not shown, other electronic configurations capable of network communication and functioning as a computer electronic device are of course included.

The host application 150 installed in the host computer device 100 is executed to connect to the service server, and the processor 101 processes a series of services on the user side through the user screen. In particular, in the present invention, the authentication user interface 155 is displayed on the user screen of the host computer device 100. When the authentication event is executed in the authentication user interface 155, the processor 101 calls and controls the NFC device 110 so as to perform short-range wireless communication with the smartphone 200. Preferably, software is provided on the host computer device 110 to assist in driving the NFC device 110 and controlling the processor 101.

Although the authentication user interface 155 is shown in the drawing as being stored in the host computer device 100, this is for illustrative purposes only. The normal authentication user interface 155 is stored in the service server and can be provided only through the device screen of the user in real time communication.

In some preferred embodiments of the present invention, the host application 150 may be a web browser. The user can access the Internet site provided by the service server by executing a web browser. For example, a user may purchase a product through an Internet site of a service server. In that case, the service server must determine whether the purchase request is a true user action and execute the payment procedure accordingly. The user will first execute the authentication event via the authentication user interface 155. [

In another preferred embodiment of the present invention, the host application 150 may be application software installed by the user or embedded in the device. It can be displayed as a widget or icon on the user's device and can be executed when the user selects it as an input means and can access the service server through the communication network.

The host computer device 100 of the present invention is not limited by its kind and specification. The host computer device 100 has a function of accessing a service server through a communication network; the NFC device 110 is embedded; when the service server requests authentication from the NFC device 110 in communication with the service server, 110 to provide an identifier of the service process by performing short-range wireless communication with the smartphone 200, and a computer apparatus satisfying these three technical requirements suffices.

FIG. 3 illustrates various types of host computer device 100. 3 (a) is a desktop computer 103. Fig. NFC device 110 is built in. 3 (b) is a notebook computer 104. Fig. 3 (c) shows an embodiment in which the NFC device 110 is embedded in the TV device 105. FIG. 3 (d) shows a case where the tablet PC 106 functions as a host computer device. For example, the smartphone 200 owned by the user can be used for the authentication operation required for payment while the Internet is shopping on the tablet PC 106.

3 (e) shows a case where the Internet of Things (IOT) device is the host computer device of the present invention. For example, if an electronic device installed in a vehicle, various electronic devices in a home, a public space (e.g., a subway platform, etc.) can communicate with the Internet, and an NFC device 110 is built in, The host computer device 100 may be capable of functioning as a host computer device 100 to which the present invention may be applied.

Referring back to FIG. 2, the smartphone 200 of the present invention also includes an NFC device 210 in a chip form. Particularly, in the present invention, since the smartphone 200 is the main body of the authentication process, it is necessary to install application software which can clearly certify that the smartphone 200 is the principal. Preferably, the mobile application software 250 is provided with a biometric authentication module 255. In the present invention, the communication between the host computer device 100 and the service server 300 may have no security and authentication configuration. In this case, the security and authentication configuration through the smart phone 200 should be enhanced. The biometric authentication module 255 assures this.

In some preferred embodiments of the present invention, after the smartphone executes the mobile application software 250, the smartphone 200 is brought close to the NFC device 110 of the host computer device 100, can do.

In another preferred embodiment of the present invention, when the smartphone initiates an authentication event at the host computer device 100 and thus initiates NFC communication between the disparate devices in proximity to the NFC device 110, Can be executed automatically.

The mobile application software 250 of the present invention may include an environment setting tool of a mobile application, a user interface, a database module, and the like. In particular, the mobile application software 250 may include functions for supporting NFC communication, A function for performing a procedure for authentication of the principal, and a function for wirelessly communicating with the authentication server.

In addition, since the configuration of an application processor, an input / output device, a memory, a wireless communication modem, a battery, and a power supply device of a smart phone supports the technical features of the present invention and ensures the implementation of the present invention, detailed description thereof is omitted here . Such components may employ conventional techniques, and future improved techniques may be freely applied to the technical idea of the present invention.

As described above, in the preferred embodiment of the present invention, enhanced mobile authentication can be ensured by using biometric information of a bio-object (i.e., human body). In this embodiment, the mobile application software 250 supports biometric authentication using biometric image data. As shown in Fig. 4, the bio-object may be a fingerprint, an iris, or a finger. The biometric image data in any preferred embodiment of the present invention may be the fingerprint image 203 of the biometric object, as shown in Fig. 4 (a). In addition, the biometric image data in another preferred embodiment of the present invention may be the iris image 205 of the biometric object, as shown in Fig. 4 (b). Further, the biometric image data in another embodiment of the present invention may be the finger vein image 27 of the finger, as shown in Fig. 4 (c).

Hereinafter, how the biometric image data of the bio object is processed by the smart phone 200 at the time of mobile authentication will be described as a preferable example.

This is the first biometric authentication method. The authentication server may have a database of the user's biometric information. Preferably, the authentication server does not have the original biometric image of the user, but has a hash value corresponding to the biometric image data. It can also hold a reference value that modifies the biometric source data to a specific rule. If the authentication server has the biometric image data or the biometric original data, there are legal problems related to personal information protection and malicious attacks such as hacking.

The authentication server can construct a database of vector sets as hash values related to the user ID and the user biometric characteristic. The smart phone can scan the biometric image data to transmit the feature vector set, and compare it with the vector set of the authentication server to authenticate. Communication between the authentication server and the smartphone can be performed through a dynamic communication encryption key. Hereinafter, the first biometric authentication method will be described.

The biometric information database of the authentication server previously stores a user ID and a biometric feature vector set decrypted by the user. The user ID can be used to specify the user. The feature vector set of the biometric image decrypted using the cryptographic hash function is referred to as a first feature vector set for convenience. This first feature vector set can be used to determine whether biometric authentication is successful or unsuccessful. Thus, in order to attempt authentication using the authentication server, the user must register his ID and his or her hashed biometric feature vector set in the authentication server in advance.

This feature can be set in the form of a direct password, for example, by the person who secretly hides the vector. Also, it is a secret that only the user knows is unknown to the authentication server to be secreted. The user scans his or her biometric information with a smartphone, and then extracts feature vectors from the biometric image data. The feature vector set at this time is expressed as a second feature vector set. Then, they can be hashed using the secret sharing method registered in the authentication server, and then transmitted to the authentication server.

The authentication server compares the first feature vector set and the second feature vector set, and determines that authentication is successful when a predetermined number or more of hash values are matched with the feature vector values. This is because biometric information causes a slight error in each measurement.

The smartphone application software can control to delete the second set of feature vectors used once, the biometric image data, and the secret key. By deleting both the biometric image, the hashed second feature vector, and the secret key in the smartphone, it is possible to prevent the biometric information from being stolen by using the smart phone.

The basic framework of the authentication process is to compare the biometric information scanned by the smartphone and the biometric information held by the authentication server with the encrypted feature vectors. In addition to this, it is possible to add mobile payment by using information related to the credit card built in the smart phone, adding a protocol for authentication between the authentication server and the smart phone, or employing various biometric authentication algorithms.

This is the second biometric authentication method. Unlike the first biometric authentication method, a hash value related to biometric information or a user's unique secret information required for mobile authentication or mobile settlement is encrypted using a biometric value as an encryption key without storing the modified reference value of the biometric information in the server, It can be stored on the phone (re-encryption of the password value). When the heterogeneous device moves from the service process to the authentication process through short-range wireless communication between the heterogeneous devices, the user can communicate with the authentication server by decrypting the unique information necessary for the authentication using the biometric information of the user as a key.

Let us explain the second biometric authentication method in more detail. And stores user-specific information for authentication such as various secret data of the user in the data store of the smart phone, for example, information relating to a password and a credit card. However, this means that biometric data such as biometric data such as fingerprint, finger vein, iris, and the like is used as a cryptographic key to be stored in an encrypted state. In short, in this embodiment, the encryption key of the user-specific information for authentication can be generated by the user's biometric data. For example, a fuzzy extraction algorithm may be used. The fuzzy extraction algorithm is based on a symmetric key having the same encryption key and decryption key for each data. For example, the user's secret data d is encrypted using the user's biometric data value k as an encryption key, . When decoding the corresponding data e, e is decoded using the biometric data value k 'obtained by scanning the biometric data of the user who has requested decryption. When k' is similar to k within a predefined approximation range, decoding k ' Key to decode e to d exactly. To measure the success or failure of the decryption, e and h (d) are stored in the smartphone's storage, where h (d) is a value obtained by encrypting the user data source. Therefore, when d is obtained by attempting to decode e by k ', decryption succeeds when the value of h (d') is equal to h (d), and decryption failure is determined when it is not. Therefore, only the value of each user secret data d (e, h (d)) is stored in the user database. Therefore, even if the database is attacked or the smartphone is stolen, the user's biometric information and original secret data are safely protected .

If you use this method, you can encrypt the authentication secret value for authenticating the server to the server as above. Therefore, when a smartphone user logs in to the service server or purchases goods by authenticating himself / herself, his / her biometric value is input to his / her smartphone to decrypt the encrypted identity authentication secret value, It is possible. In this way, you can authenticate yourself without having to store your biometric hash value (or template) on the server.

As described above, the basic skeleton of the authentication process of the present embodiment is that the user extracts the encrypted user-specific information stored in the smartphone using his / her biometric information as a key key, and then authenticates the authentication server and the smartphone Communication is performed. The biometric image data scanned on the smart phone is deleted after being used as a key key for authentication user information. If a virus is already hidden in your smartphone to steal biometric information, your smartphone may scan your biometrics and delete it from memory before it is used to intercept or steal biometric data There is a possibility. To prevent this, a security program can be installed that restricts programs that scan the user's biometric information from being controlled by other programs, including viruses, in the smartphone.

This is the third biometric authentication method. Information such as the user's biometric data, credit card information, and server authentication value are stored in a hardware-specific security module such as a software and / or hardware attack-resistant module, such as a crypto-processor or a hardware security module . In this case, the user's smartphone assumes that the module is mounted. In the smartphone, only one or a plurality of specific programs whose security has been verified can communicate with the module, and the program scans the biometric information of the user.

When the third biometric authentication method is used, the user scans his or her biometric information with a program that scans the biometric information provided in the smartphone. The program transmits the biometric information of the user to the program communicable with the security module or directly transmits the biometric information of the user to the security module when the program itself is the program. The security module determines the similarity between the scanned biometric information of the user and the stored biometric information, and then determines authentication success and failure. If it is successful, the stored secret information of the user is transmitted to the program, and the program transmits the information directly to the authentication server or to the process / program in the smart phone responsible for communication with the authentication server. The secret information of the user of the programs is then deleted in the smartphone. However, the user biometric data and secret information stored in the security module are not deleted.

Both the first biometric authentication method and the second biometric authentication method do not store the biometric information by the device. Therefore, even if you lose your smartphone or have a malicious hacking attack, you can rest assured. Even in the case of the third biometric authentication method, a special hardware security module is used, so that it can be relieved from an external attack.

5 to 8 illustrate scenarios of various forms and contents using the authentication method of the present invention. First, FIG. 5 shows an example of a procedural configuration of a scenario relating to authentication of authentication between the host computer device 100 and the service server 300, in which an authentication event executes a predetermined subsequent process or a login to a service server.

First, the host computer device 100 accesses the service server 300 (S10). For example, the user can access the Internet site of the service server 300 through a web browser.

In this embodiment, the service server 300 can request a login through authentication (S20). Through the user screen of the host computer device, the user inputs the normal ID and password and logs in. It may log in using the certificate stored in the memory of the computer device 100. [ From time to time, national governments or financial settlements may request enhanced logins. In such a case, ID and password alone may be unstable, and certificates stored in memory are very vulnerable to hacking. In that case, the advantages of the present invention shine.

Preferably, there will be a < mobile authentication > button on the user screen, and an authentication event is generated by selecting it. Then, the NFC device built in the host computer device 100 enters a standby state for short-range wireless communication, and a short-range wireless communication is performed by approaching a smartphone having an embedded NFC chip (S30). Through this step, the service process transitions to the authentication process.

The authentication process is executed between the smartphone 200 and the authentication server 400 that received the event information requesting the mobile authentication (S40). The authentication process can be executed using the biometric authentication as described above. According to the first biometric authentication method, the smart phone receives the session token of the service process in the NFC, and then scans the user's biometric object to obtain the biometric image data. Then, the biometric image data is decrypted and tries to connect to the authentication server. All the data packets encrypted and transmitted between the authentication server 400 and the smartphone 200 can use the PKI (Public Key Infrastructure) of the SSL / TLS / DTLS protocol. The authentication server 400 performs biometric authentication using a hash value (or a modulated reference value of biometric information, hereinafter) of the biometric information received from the smart phone, and transmits the biometric authentication result to the service server 300 using the session token. . Meanwhile, the user's biometric information and hash value are deleted from the memory of the smart phone.

This is true if the second biometric authentication method is used. After the smartphone receives the session token of the service process with NFC, it scans the user's biometric object to obtain the biometric image data. And decrypts the encrypted server authentication value stored in the device using the biometric image data. And connects to the server using the decrypted data. The authentication server 400 receives the server authentication value and the session token decrypted from the smartphone. The authentication server 400 authenticates with the server authentication value and informs the service server 300 of the biometric authentication result using the session token. On the other hand, the biometric information / decryption key / decrypted server authentication value of the user is deleted from the memory of the smart phone.

This is the case if the third biometric authentication method is used. After the smartphone receives the session token of the service process with NFC, it scans the user's biometric object to obtain the biometric image data. Then, the server authentication value stored in the security module in the device is read using the biometric image data. Connect to the server using this data. The authentication server 400 receives the server authentication value and the session token decrypted from the smartphone. The authentication server 400 authenticates with the server authentication value and informs the service server 300 of the biometric authentication result using the session token. Meanwhile, the biometric information / server authentication value of the user is deleted from the memory of the smart phone.

If the mobile authentication is successful in this procedure, the authentication server 400 notifies the service server 300 that the authentication is successful (S50). Then, the service server 300 notifies the user of the host computer device 100 of the successful authentication (S60). This results in a successful login. Then, the host computer device 100 uses the service provided by the service server 200. [

The scenario of FIG. 6 relates to a scenario in which the host computer device 100 connects to the service server 200 to perform a series of actions, and then approves and validates the actions. Can be carried out together with the scenario of Fig. In the case of handling important business, for example, when using the service of a financial institution or an administrative institution, the user is required to authenticate himself or herself when logging in, and even when accepting a certain application legitimately. For example, the scenario shown in FIG. 5 is performed when the user logs in to the bank, and the scenario shown in FIG. 6 is performed when the user requests the account transfer from the bank site.

First, a series of services is performed through communication between the host computer device 100 and the service server 300 (S100). For example, assume that a user accesses an Internet site of the service server 300 through a web browser of his / her computer device, and then performs an <application> task while using the service provided by the service server 300.

An approval procedure to approve the work is required (S110). Preferably, there will be a < Mobile Authentication > button on the user screen, and an authentication event can be generated by selecting it. Then, the NFC device built in the host computer device 100 enters a standby state for short-range wireless communication, and a short-range wireless communication is performed by approaching a smartphone having an NFC chip installed therein (S120). Through this step, the service process transitions to the authentication process.

The authentication process is executed between the smartphone 200 and the authentication server 400 that received the event information requesting the mobile authentication (S130). The authentication process can be executed using the biometric authentication as described above. According to the first biometric authentication method, the smart phone receives the session token of the service process in the NFC, and then scans the user's biometric object to obtain the biometric image data. Then, the biometric image data is decrypted and tries to connect to the authentication server. All the data packets encrypted and transmitted between the authentication server 400 and the smartphone 200 can use the PKI of the SSL / TLS / DTLS protocol. The authentication server 400 performs biometric authentication using the hash value of the biometric information received from the smartphone, and informs the service server 300 of the biometric authentication result using the session token. Meanwhile, the user's biometric information and hash value are deleted from the memory of the smart phone.

This is true if the second biometric authentication method is used. After the smartphone receives the session token of the service process with NFC, it scans the user's biometric object to obtain the biometric image data. And decrypts the encrypted server authentication value stored in the device using the biometric image data. And connects to the server using the decrypted data. The authentication server 400 receives the server authentication value and the session token decrypted from the smartphone. The authentication server 400 authenticates with the server authentication value and informs the service server 300 of the biometric authentication result using the session token. On the other hand, the biometric information / decryption key / decrypted server authentication value of the user is deleted from the memory of the smart phone.

This is the case if the third biometric authentication method is used. After the smartphone receives the session token of the service process with NFC, it scans the user's biometric object to obtain the biometric image data. Then, the server authentication value stored in the security module in the device is read using the biometric image data. Connect to the server using this data. The authentication server 400 receives the server authentication value and the session token decrypted from the smartphone. The authentication server 400 authenticates with the server authentication value and informs the service server 300 of the biometric authentication result using the session token. Meanwhile, the biometric information / server authentication value of the user is deleted from the memory of the smart phone.

If the mobile authentication is successful in this procedure, the authentication server 400 notifies the service server 300 that the authentication is successful (S140). Then, the service server 300 notifies the user of the success of the authentication through the user screen of the host computer device 100 (S150). The <request> task requested by the user to the service server 300 has been approved. For example, the bank accepts applications for wire transfer. The administrative agency issues the proof of family relationship.

Fig. 7 is an application example of Fig. When a user purchases a product at an Internet shopping mall, mobile payment can be performed using the method of the present invention. Unlike the scenario of Fig. 6, there are few cases where it is implemented together with Fig.

First, a series of shopping services are performed through communication between the host computer device 100 and the service server 300 (S200). The shopping service provided by the service server 300 may be an Internet shopping mall connected by executing a web browser of the host computer device 100. [ Also, the shopping service may be an online shopping mall connected through a dedicated application installed in the device 100. The user will select the merchandise he / she intends to purchase and then make a payment.

The payment user screen provided by the service server 300 preferably has a < mobile payment > button, and a payment event may occur by the user selecting it. Then, the NFC device embedded in the host computer device 100 is activated, and a smart phone having an NFC chip is accessed to perform near field wireless communication (S220). Through this step, the shopping service process transitions to the mobile payment process.

The mobile payment process is executed between the smartphone 200 and the authentication server 400 that received the event information requesting the mobile authentication (S230). The authentication process can be executed using the biometric authentication as described above. According to the first biometric authentication method, the smart phone receives the session token of the service process in the NFC, and then scans the user's biometric object to obtain the biometric image data. Then, the biometric image data is decrypted and tries to connect to the authentication server. All the data packets encrypted and transmitted between the authentication server 400 and the smartphone 200 can use the PKI of the SSL / TLS / DTLS protocol. The authentication server 400 performs biometric authentication using the hash value of the biometric information received from the smart phone. Credit card information for payment is stored in the smartphone 100 and / or the authentication server 400. The biometrics authentication is successful and the payment can be made using the credit card information registered in advance. In another embodiment, the biometrics authentication is successful and real-time account transfer is possible. Of course, the mobile application software installed in the user device must have a corresponding payment module. Also, the authentication server 400 informs the service server 300 of the payment result using the session token. Meanwhile, the user's biometric information and hash value are deleted from the memory of the smart phone.

This is true if the second biometric authentication method is used. After the smartphone receives the session token of the service process with NFC, it scans the user's biometric object to obtain the biometric image data. And decrypts the encrypted server authentication value stored in the device using the biometric image data. And connects to the server using the decrypted data. The authentication server 400 receives the server authentication value and the session token decrypted from the smartphone. The authentication server 400 authenticates with the server authentication value. Like the first biometric authentication method, the smartphone 100 and / or the authentication server 400 stores the payment credit card information. The biometrics authentication is successful and the payment can be made using the credit card information registered in advance. In another embodiment, the biometrics authentication is successful and real-time account transfer is possible. Of course, the mobile application software installed in the user device must have a corresponding payment module. The authentication server 400 informs the service server 300 of the payment result using the session token received from the smartphone. On the other hand, the biometric information / decryption key / decrypted server authentication value of the user is deleted from the memory of the smart phone.

This is the case if the third biometric authentication method is used. After the smartphone receives the session token of the service process with NFC, it scans the user's biometric object to obtain the biometric image data. Then, the server authentication value stored in the security module in the device is read using the biometric image data. Connect to the server using this data. The authentication server 400 receives the server authentication value and the session token decrypted from the smartphone. The authentication server 400 authenticates with the server authentication value. Like the first biometric authentication method, the smartphone 100 and / or the authentication server 400 stores the payment credit card information. The biometrics authentication is successful and the payment can be made using the credit card information registered in advance. In another embodiment, the biometrics authentication is successful and real-time account transfer is possible. Of course, the mobile application software installed in the user device must have a corresponding payment module. The authentication server 400 informs the service server 300 of the payment result using the session token received from the smartphone. Meanwhile, the biometric information / server authentication value of the user is deleted from the memory of the smart phone.

If the mobile payment is successful in this procedure, the authentication server 400 notifies the service server 300 that the payment procedure is successful (S240). Then, the service server 300 notifies the user of the success of settlement through the user screen of the host computer device 100 (S250). The user's purchase of the product is completed.

If the mobile payment method of the present invention is used, payment by the computer can be ended simply by clicking the < mobile payment > button. It is also possible to perform a simple settlement in a state in which perfect security is ensured. There is no need to input a card number in a conventional method, that is, to enter a card number on a computer screen, to make a payment by calling a certificate having weak security, or to use an OTP device. You only need to authenticate using your favorite smartphone. The rest of the communication is done by a set procedure.

All FinTech technologies require infrastructure changes. This is the biggest barrier to implementing the new PinTech technology. FIG. 8 shows a scenario in which the existing infrastructure is used as it is but the characteristics of the present invention can be exhibited.

Online shopping (S300, S310) performed through communication between the host computer device 100 and the service server 300 can use the conventional payment method. The certificate program stored in the device 100 may be used or the credit card information held by the server 300 may be used or the user may input the credit card number. Once you have performed the payment procedure in step S310, it is finally necessary to add the identity of the user who is indeed the true user's payment. This conventional authentication method is a method in which a user inputs a mobile phone number, transmits an authentication code to the mobile phone number, and allows the user to input the authentication code again. The embodiment of Fig. 8 improves such authentication.

The payment user screen provided by the service server 300 preferably has a &quot; mobile authentication &quot; button, and the user can select it. Then, the NFC device built in the host computer device 100 is activated, and a smart phone having an NFC chip is accessed to perform near field wireless communication (S320).

The smartphone 200 receiving the authentication event information transmits the smartphone information to the host computer device 100 through the NFC communication (S330). This smart phone information refers to device information that can identify a user. For example, the telephone number of the subscriber. In other embodiments, it may be a telephone number and a name. In another embodiment, it may be a telephone number, a name, and a biometric result.

The host computer device 100 can receive the smartphone information by NFC communication and transmit it to the service server 200 (S340). At this time, the user information transmitted by the smartphone is encrypted with the encryption key shared between the smart phone and the service server 200, so that the host computer device 100 can not read the user information. The service server 200 can compare the user information registered in advance with the smartphone information, and if the user authentication is successful, the service server 200 can approve the payment in step S310 (S350).

The service server 200 may request the notification server 500 to transmit a message to the smartphone through the communication network 360 and the notification server 500 may transmit a notification message indicating that the payment has been approved to the smartphone at step S370, . In another preferred embodiment, the step S350 may be performed after the step S370.

For reference, the mobile authentication method according to various preferred embodiments of the present invention may be implemented in the form of a program command that can be executed through various computer means and recorded in a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions recorded on the medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape, optical recording media such as CD-ROMs, DVDs, magneto-optical media such as floptical disks, A hard disk drive, a flash memory, and the like. Examples of program instructions include high-level language code that can be executed by a computer using an interpreter, as well as machine accords such as those produced by a compiler. A hardware device may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

The authentication event using the technical idea of the present invention may have various modifications. There is a personal authentication for executing a predetermined subsequent process. This also includes identity verification for logging in to the service server. In addition, there is a personal authentication for approving a process that has already been done. Such is the service provided by financial institutions and administrative agencies. There is also a self-certification to approve payment. The outstanding advantages of the present invention are, for example, such. I shopped on the desktop, but the payment method does not use the desktop, it can just be done by pressing a button on the screen. This is because the service (e.g., shopping) process and the authentication (including billing) process are completely separate. It has the advantage that there are far fewer systematic efforts to "prevent" malicious attacks. This advantage will be even more pronounced when the user's computer device is a matter Internet device with an embedded NFC chip. You can use your smartphone anytime and anywhere to authenticate yourself and make mobile payments.

In addition, the above embodiments of the present invention have proposed a method using an NFC module embedded in a heterogeneous device. However, it goes without saying that other types of devices and communication technologies can be employed as long as the module supports short-range wireless communication.

In implementing the method of the present invention, it is most likely if a user is a member of both a service server and an authentication server. Because the user's unique identifier is available, the authentication process is easy to identify the service process (and vice versa). However, if the authentication session generated on the user screen of the service server can be specified through the NFC communication between the same user's computer and the smartphone, the user does not always have to be subscribed to the service server.

The scope of protection of the present invention is not limited to the description and the expression of the embodiments explicitly described in the foregoing. It is again to be understood that the present invention is not limited by the modifications or substitutions that are obvious to those skilled in the art.

Claims (19)

A mobile authentication method in which the service process provided by the service server and the authentication process provided by the authentication server are structurally separated,
(a) connecting a host computer device to a service server;
(b) the host computer device requesting mobile authentication by executing an authentication event in communication with the service server;
(c) receiving a certification event information of the host computer device in a short-range wireless communication with a smartphone having a built-in short-range wireless communication chip close to a short-range wireless communication device built in the host computer device;
(d) the smart phone acquires biometric image data from a bio-object for an authentication process, and then performs security authentication of a predetermined procedure through wireless communication with an authentication server Wherein the biometric authentication is performed using the biometric image data without using the biometric image data. The security authentication is performed between the smartphone and the authentication server in a completely security-controlled manner, Does not provide data to the service server);
(e) the authentication server notifying the service server of the mobile authentication result; And
(f) displaying the authentication approval on the screen of the host computer device by the service server. The method according to claim 1,
The smartphone includes application software supporting a security authentication procedure with the authentication server in advance,
Wherein the step (c) is performed in a short distance communication with a host computer, wherein the smartphone is close to an NFC device of the host computer device after executing the application software. The method according to claim 1,
The smartphone includes application software supporting a security authentication procedure with the authentication server in advance,
Wherein the step (c) is performed automatically when the smartphone is close to the NFC device of the host computer device. The method according to claim 1,
Wherein the short-range wireless communication device is an NFC device and cooperates with a host computer in short-range communication. The method according to claim 1,
Wherein the authentication event is an event for requesting a mobile authentication regarding at least one of authentication of a user to perform a predetermined subsequent process, authentication of a user to approve a process already performed, and authentication of a user to approve a payment, And a mobile authentication method linked with a short distance communication. delete The method according to claim 1,
Wherein the biometric authentication transmits the authentication event information and the decrypted data of the biometric image data to the authentication server. The method according to claim 1,
Wherein the biometric authentication device decrypts the server authentication value encrypted and stored in the smartphone using the biometric image data and transmits the decrypted server authentication value together with the authentication event information to the authentication server. Mobile authentication method that works with computer and local communication. The method according to claim 1,
Wherein the bio-object used in the biometric authentication is one of a fingerprint, a finger vein, and a body of an iris. A mobile payment method in which the service process provided by the service server and the authentication process provided by the authentication server are structurally separated:
(a) the host computer device requesting an online commodity payment to a service server;
(b) receiving a certification event information of the host computer device from a smartphone having a built-in short-range wireless communication chip close to a short-range wireless communication device built in the host computer device;
(c) after the smart phone acquires biometric image data from a bio object for an authentication process, performs security authentication of a predetermined procedure through wireless communication with an authentication server and executes mobile payment Wherein the biometric authentication is performed using the biometric image data without using the device information of the phone. The security authentication is performed between the smartphone and the authentication server in a completely security-controlled manner, The biometric image data being used is not provided to the service server);
(d) the authentication server notifying the service server of the mobile payment result; And
(e) displaying the completion of payment through the screen of the host computer device by the service server. 11. The method of claim 10,
Wherein the short-range wireless communication device is an NFC device and cooperates with a host computer in short-range communication. 11. The method of claim 10,
Wherein the step (c) includes executing settlement using credit card information stored in advance in the smartphone or the authentication server. delete 11. The method of claim 10,
Wherein the biometric authentication transmits data encrypted with the biometric image data together with the authentication event information to the authentication server. 11. The method of claim 10,
Wherein the biometric authentication device decrypts the server authentication value encrypted and stored in the smartphone using the biometric image data and transmits the decrypted server authentication value together with the authentication event information to the authentication server. A mobile payment method that works with a computer and local area network. 11. The method of claim 10,
Wherein the bio-object used in the biometric authentication is one of a fingerprint, a finger vein, and an irregular body, and is linked with the host computer by close-range communication. delete delete delete
KR1020150116491A 2015-08-19 2015-08-19 Mobile authentication and/or moile payment method using near wireless communication with host computer KR101875257B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
KR1020150116491A KR101875257B1 (en) 2015-08-19 2015-08-19 Mobile authentication and/or moile payment method using near wireless communication with host computer
US15/006,280 US20170055146A1 (en) 2015-08-19 2016-01-26 User authentication and/or online payment using near wireless communication with a host computer

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150116491A KR101875257B1 (en) 2015-08-19 2015-08-19 Mobile authentication and/or moile payment method using near wireless communication with host computer

Publications (2)

Publication Number Publication Date
KR20170022039A KR20170022039A (en) 2017-03-02
KR101875257B1 true KR101875257B1 (en) 2018-07-05

Family

ID=58427260

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150116491A KR101875257B1 (en) 2015-08-19 2015-08-19 Mobile authentication and/or moile payment method using near wireless communication with host computer

Country Status (1)

Country Link
KR (1) KR101875257B1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102213219B1 (en) * 2020-07-15 2021-02-05 주식회사 고스트패스 System and method for ordering and payment using biometric information of user

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101459283B1 (en) * 2013-09-17 2014-11-07 주식회사 아이넵 2 Channel authentication device and method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101459283B1 (en) * 2013-09-17 2014-11-07 주식회사 아이넵 2 Channel authentication device and method

Also Published As

Publication number Publication date
KR20170022039A (en) 2017-03-02

Similar Documents

Publication Publication Date Title
US11663578B2 (en) Login using QR code
US11223948B2 (en) Anonymous authentication and remote wireless token access
US9741033B2 (en) System and method for point of sale payment data credentials management using out-of-band authentication
CN106575326B (en) System and method for implementing one-time passwords using asymmetric encryption
EP3138265B1 (en) Enhanced security for registration of authentication devices
US11132694B2 (en) Authentication of mobile device for secure transaction
US9800562B2 (en) Credential recovery
US20220122088A1 (en) Unified login biometric authentication support
US20170055146A1 (en) User authentication and/or online payment using near wireless communication with a host computer
CN113474774A (en) System and method for approving a new validator
WO2019226115A1 (en) Method and apparatus for user authentication
EP3662430B1 (en) System and method for authenticating a transaction
KR20220167366A (en) Cross authentication method and system between online service server and client
KR101835718B1 (en) Mobile authentication method using near field communication technology
KR101875257B1 (en) Mobile authentication and/or moile payment method using near wireless communication with host computer
Kreshan THREE-FACTOR AUTHENTICATION USING SMART PHONE
KR101603683B1 (en) Method for authentication using user apparatus, digital system, user apparatus, and authentication system thereof
KR20150089569A (en) Method for authentication using user apparatus, digital system, user apparatus, and authentication system thereof

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right