KR20070048815A - System and method for the one-time password authentication by using a smart card and/or a mobile phone including a smart-card chip - Google Patents

System and method for the one-time password authentication by using a smart card and/or a mobile phone including a smart-card chip Download PDF

Info

Publication number
KR20070048815A
KR20070048815A KR1020050105762A KR20050105762A KR20070048815A KR 20070048815 A KR20070048815 A KR 20070048815A KR 1020050105762 A KR1020050105762 A KR 1020050105762A KR 20050105762 A KR20050105762 A KR 20050105762A KR 20070048815 A KR20070048815 A KR 20070048815A
Authority
KR
South Korea
Prior art keywords
smart card
time password
authentication
chip
user
Prior art date
Application number
KR1020050105762A
Other languages
Korean (ko)
Inventor
김종률
민문기
장석호
Original Assignee
주식회사 아이캐시
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 아이캐시 filed Critical 주식회사 아이캐시
Priority to KR1020050105762A priority Critical patent/KR20070048815A/en
Publication of KR20070048815A publication Critical patent/KR20070048815A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Abstract

The present invention is a one-time password authentication method and system using a smart card or a mobile phone with a smart card chip embedded therein, wherein the user is online through a server for service such as internet banking, internet shopping, intranet, and wired / wireless networks. Present the authentication conditions from the service server by accessing the user authentication screen for identity verification or payment on the client system, such as a connected PC, laptop, PDA, kiosk, cash dispenser, unmanned vending machine, and various payment terminals. In addition, the smart card reading device in the client system that is required to input the one-time password (OTP, One-Time Password) and is equipped with a contact or proximity smart card reader and a smart card driving program. In contact with or in proximity to a smart card chip (ICC, Integrated Circ If you select the corresponding one-time password menu by operating a mobile phone with a built-in uit chip, the smart card driving program in the client system or the mobile phone is executed by recognizing the IC chip of the smart card or the mobile phone, and the smart card driving program is executed. The reader reads the authentication information unique to each user such as a serial number, an encryption key value, and personal security information inside the IC chip, and executes the one-time password generation program of the client system or the mobile phone. The one-time password is generated based on the authentication information and the authentication conditions presented by the server, and the user inputs the generated one-time password from the client system to the server, and the service server analyzes the received one-time password. Applicable User Properties and Presented The present invention relates to a one-time password authentication method and system using a mobile phone with a smart card or a smart card chip, which includes verifying that the conditions are met and verifying a user according to the result and executing a user identification or payment. .
According to the present invention, a contact system is connected to a client system such as a PC, a laptop, a PDA, a kiosk, an ATM, an automatic vending machine, and various payment terminals connected online through a service server and a wired or wireless network. In addition to providing a smart card reader and a smart card driving program, the smart card may be connected with a smart card or a user may use a mobile phone with an IC chip and a smart card driving program. Implement one-time password for user authentication.
 The present invention generates a one-time password (OTP) using a smart card drive program and a one-time password generation program included in a client system or a mobile phone, so the server operator for the service is issued by a bank in the form of a hardware or random number table such as a separate OTP generator. There is no need to provide each user with a real card such as a security card to save money and time, and unique authentication information such as chip unique number, encryption key value, and personal security information required for one-time password generation. Since it is recorded and issued on the IC Chip, it is impossible to forge, forgery or illegal copying, so security is enhanced and it is easy to distribute to users. In addition, since the user generates a one-time password using a smart card or a mobile phone that is always carried, the user does not have to carry and manage the OTP generator separately.
In addition, by using the one-time password authentication method and system using a smart card or a smart phone with a built-in smart card chip according to the present invention, a strict card payment is made on the payment screen of a client system connected online such as an internet shopping mall. One-time password authentication method without the need to enter a secure click (ISP) payment password that does not authenticate the user or enter a payment verification code sent to SMS (SMS) that incurs an additional cost when making a mobile phone payment. You can make card payment or mobile phone payment more securely and easily.
One time password, smart card, mobile phone, user authentication

Description

System and Method for the One-Time Password Authentication by using a Smart Card and / or a Mobile Phone including a Smart-Card Chip}

1 is a simplified block diagram of the implementation of the present invention.

2 is a simple flowchart of a user authentication process in which the present invention is implemented.

3 is a simple flowchart of the micropayment process in which the present invention is implemented.

<Description of main parts of drawing>

100: mobile phone 200: smart card

300: client system 310: smart card reader

400: smart card drive program

500: One time password generation program

600: server for service

With the development and spread of information technology and the Internet, various application services have been created online.As a method for authenticating a legitimate client or user in a plurality of service servers, a complex encryption scheme can be obtained from a method of setting ID and password for each user. Branches vary greatly in how they authenticate users by providing certificates and private keys. Simple user authentication methods such as usernames and passwords are very insecure. Complex authentication methods such as certificates and private keys incur separate system construction and operation costs.

Among them, the user authentication method using one-time password (OTP) has been used in the field of electronic banking in financial institutions such as banks to provide a relatively high security user authentication method. The OTP method generates a one-time password to authenticate the user with a completely different password for each transaction. Therefore, this one-time password method has an advantage that a third party can arbitrarily intercept, duplicate, or memorize an authentication password to secure the system from malicious attempts to obtain the same user authentication. In addition, even if a one-time password is not stored in the relevant server, only a procedure for verifying a new one or a one-time password value received from a client exists whenever necessary. Information related to the desired user authentication cannot be obtained.

However, in order to implement a one-time password, a service provider may create a one-time password (OTP) generator hardware in the form of a calculator, for example, and issue it with a unique key value for every user, or to reduce the cost. Although the last name is considerably lower, dozens of pre-calculated authentication values, such as random numbers printed on the card, have been issued for each user and used for user authentication. The method of producing and issuing an OTP generator to a user takes considerable cost and time, and there is inconvenience and hassle for the user to safely carry and manage it. The security card has a security problem that a third party copies and leaks or is limited to about 30 to 40 cases of the authentication value, so that the authentication value once used is reused within a relatively short period of time. Therefore, it saves the cost and time of producing separate hardware, eliminates the inconvenience and hassle that users have to carry and manage, and provides one-time security level that is impossible for forgery, tampering or piracy, and provides a relatively high level of security. There is an urgent need for inventions to implement passwords.

In addition, in the internet shopping that is becoming more common day by day, as a means for online payment, card payment and mobile phone payment are widely used. When making a payment online, the cardholder accesses the card company's Internet site and enters a pre-set secure click or secure payment (ISP) payment password on the payment screen. Due to lack of authentication, the recent online card theft by third parties is a frequent situation is a social problem. On the other hand, when you make a mobile phone payment online, you receive a one-time payment verification number from a payment agency via SMS and enter it on the payment screen. have. Such current online card payment or mobile phone payment problems can be solved to be more secure and simple using the one-time password authentication method.

One-time password authentication method and system using a smart card or a mobile phone with a smart card chip according to the present invention for solving the above problems, the user is a server for services such as Internet banking, Internet shopping, Intranet (Intranet) Access to user authentication screens for identity verification or payment on client systems such as PCs, laptops, PDAs, kiosks, cash dispensers, unmanned vending machines and various payment terminals connected online via wired and wireless networks. Receive a request for a one-time password (OTP) input with the presentation of the authentication conditions from the service server, the client system is further provided with a contact or proximity smart card reader and smart card drive program If the user touches or approaches the smart card B) Select one-time password menu by operating the mobile phone with integrated smart card chip and smart card driving program, and recognize smart card or IC chip of mobile phone to recognize smart card in client system or mobile phone. The driving program is executed, and the smart card driving program reads authentication information unique to each user such as the unique number of the chip, the encryption key value, and the personal security information through the reader, and the one-time password of the client system or the mobile phone. A generation program is executed to generate a one-time password based on the read authentication information and the authentication conditions presented by the server, and the user inputs the generated one-time password from a client system and transmits the generated one-time password to a server. Analyze the received one-time password By verifying that the user's registration information and the presented authentication conditions are met, and verifying the user according to the result, and performing identity verification or payment, the server operator for the service uses the same hardware or security card as the OTP generator. There is no need to make and provide to each user separately, and the user-specific authentication information required for the one-time password generation is recorded and issued on the IC chip, so that forgery, alteration or illegal copying is impossible, so security is enhanced and it is easy to distribute to users. Safe and simple online payment with one-time password authentication method without having to enter secure click or secure payment password when making online payment or enter verification code received by SMS when making mobile phone payment. Smart card or smart card chip that allows Saved to provide a one-time password authentication method and system using the cellular phone.

Other objects and advantages of the present invention can be understood by the following description, and will be more clearly understood by the embodiments of the present invention. Also, it will be readily appreciated that the objects and advantages of the present invention may be realized by the means and combinations thereof indicated in the claims.

In order to achieve the above object, the present invention is a one-time password authentication system using a smart phone or a mobile phone with a smart card chip, a service server for user authentication, such as Internet banking, Internet shopping, intranet (Intranet) ; PC, laptop, PDA, kiosk, cash dispenser, unmanned vending machine and various payments, which are connected online through the service server and wired / wireless network and have a contact or proximity smart card reader. Client systems such as payment terminals; A smart card chip (IC Chip) having unique authentication information recorded for each user, such as a chip unique number, an encryption key value, and personal security information, and having a built-in CPU, thereby enabling its own encryption operation; A contact or proximity smart card on which the smart card chip is mounted; And a mobile phone in which the smart card chip is mounted.

The client system and the mobile phone have a one-time password based on a smart card driving program that reads user-specific authentication information inside the IC chip through a smart card reader, and the authentication information presented by the read authentication information and the server for service. Provided is a one-time password authentication system using a mobile phone having a smart card or a smart card chip having or including a one-time password generation program for generating (OTP).

In the one-time password authentication system using a smart card or a mobile phone with a smart card chip according to the present invention, the mobile phone is a PCS (Personal Communication System), GSM (Global System for Mobile communications), PDC (Personal Digital Cellular) It includes all handheld based wireless terminals, including personal handyphone system (PHS), personal digital assistant (PDA), international mobile telecommunication (IMT) -2000 terminal, and smart phone.

In addition, in the one-time password authentication system using a smart phone or a smart phone with a built-in smart card chip according to the present invention, the service server is a service provider, such as Internet banking, Internet shopping, intranet (Intranet), each of its own OTP authentication It is desirable to be able to operate the service, to cooperate with several service providers to share and operate the OTP authentication service, or to contract and operate the OTP authentication service to a third party by contract.

In addition, in the one-time password authentication system using a smart phone or a smart phone with a built-in smart card chip according to the present invention, the authentication conditions presented together when the service server requests the input of the OTP to the user authentication screen of the client system, It is preferable that the server is a random number generated in accordance with a preset method between the server and the client, or at the current standard time.

In another aspect, the present invention provides a one-time password authentication method using a smart card or a mobile phone with a smart card chip, comprising: (1) accessing a user authentication screen on a client system connected to a service server online; (2) receiving an input of a one-time password (OTP) from the service server together with the presentation of authentication conditions; (3) a user selecting a corresponding one-time password menu by contacting or approaching a smart card to a smart card reader in a client system or by operating a mobile phone having an IC chip embedded therein; (4) recognizing the IC chip of the smart card or the mobile phone and executing a smart card driving program in the client system or the mobile phone; (5) a smart card driving program reading authentication information unique to each user such as a chip unique number, an encryption key value, and personal security information in the IC chip through a reading device; (6) executing a one-time password generation program of the client system or the mobile phone to generate a one-time password based on the read authentication information and the authentication condition presented by the server; (7) a user inputting the generated one-time password in a client system and transmitting the same to a server; (8) analyzing the one-time password received by the service server and verifying whether the corresponding user registration information and the presented authentication conditions are met; And (9) provides a one-time password authentication method using a mobile phone with a smart card or smart card chip comprising the step of authenticating the user according to the verification result and performing the identity verification or payment.

In the one-time password authentication method using a smart card or a mobile phone with a smart card chip according to the present invention, when the smart card driving program in step (5) reads the unique authentication information for each user in the IC Chip, Instead of reading the encryption key value and the personal security information itself from the IC chip, it is desirable to read information not directly related to system security such as the chip unique number, encryption key number, and personal identification number.

In addition, in the one-time password authentication method using a mobile phone with a smart card or smart card chip according to the present invention, in step (6), the one-time password generation program of the client system or the mobile phone is executed to generate the one-time password. When the authentication condition presented by the server is a random number generated by the server, (6-1-1) the client system automatically inputs a random number value using a one-time password generation program, and the mobile phone user inputs a random number value to the mobile phone. (6-1-2) The client system automatically inputs the standard time of the server using the one time password generation program and the one time password is generated by the mobile phone when the authentication condition presented by the server is the current standard time. Program to determine the standard time of the phone itself. It is preferable to further include the step of inputting the same.

In addition, in the one-time password authentication method using a mobile phone with a smart card or smart card chip according to the present invention, in step (6), the one-time password generation program of the client system or the mobile phone is executed to generate the one-time password. (6-2) the one-time password generation program presenting the input data combining the user-specific authentication information read in the step (5) and the authentication conditions presented by the server with an encryption operation command with an IC chip; (6-3) performing an encryption operation on the CPU based on the input data presented by the IC chip and the chip unique number, encryption key value, and personal security information recorded in the IC chip; and (6-4) Preferably, the method further includes the step of transferring the one-time password value that is the result of executing the encryption operation of the IC chip to the one-time password generation program. It is right.

In addition, in the one-time password authentication method using a mobile phone with a smart card or smart card chip according to the present invention, the one-time password received by the service server in the step (8) is analyzed by the corresponding user registration information and presented The step of verifying that the authentication conditions are satisfied, (8-1) performs encryption operation on its own based on the input data combining the authentication information for each user registered in the service server and the authentication conditions stored in the server before presenting it to the client. And (8-2) comparing the execution result of the encryption operation of the service server with the one-time password received from the client to determine whether the two values match.

The above objects, features and advantages will become more apparent from the following detailed description taken in conjunction with the accompanying drawings, whereby those skilled in the art may easily implement the technical idea of the present invention. There will be. In addition, in describing the present invention, when it is determined that the detailed description of the known technology related to the present invention may unnecessarily obscure the gist of the present invention, the detailed description thereof will be omitted.

In addition, in order to be more faithful to the present invention, it is noted that changes or modifications can be made by those skilled in the art without departing from the spirit of the present invention. Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 shows a schematic configuration of a one-time password authentication system using a smart card or a mobile phone in which a smart card chip is embedded as an embodiment of the present invention. The mobile phone 100 and the smart card 200 are equipped with a smart card chip (IC Chip). Smart card chip has its own unique authentication information such as Chip unique number, encryption key value, and personal security information. In order to perform the general purpose one-time password function in the server 600 for various services requiring user authentication such as Internet banking, internet shopping, intranet, etc., the IC chip must have a unique data structure. In each application service example, the service provider and the user must be identified first, and the user must apply to use the one-time password. After the procedure of registering the use of the one-time password for each application service example, the user can use the one-time password service on the service server.

PC, notebook, PDA, kiosk, cash dispenser, which is connected online with the service server 600 through a wired or wireless network, and has a contact or proximity smart card reader 310, In the client system 300 and the mobile phone 100, such as an unmanned vending machine, various payment terminals, and the like, a smart card driving program 400 for reading user-specific authentication information inside the IC chip through a smart card reader and the reading Based on the authentication information and the authentication conditions presented by the server for the service, the one-time password generation program 500 for generating the one-time password (OTP) is mounted to generate an OTP that meets the authentication conditions of each application service example, and the client system. Through the verification process by transmitting to the server for the service through, the user authentication is obtained accordingly.

The service server 600 may operate its own OTP authentication service service provider, or several service providers may cooperate to share the OTP authentication service to each other, or to provide OTP authentication service to a third party by contract. It may be commissioned and operated. As such, the IC chip for general purpose OTP authentication uses a PIN (Personal Identification Number) stored by the user as a security means for self-identification, and the internal OTP data structure supports a plurality of application service examples. It is. That is, the encryption key value or seed value provided by the service provider according to each application service example is stored separately. When user authentication is required for the application service example "A", an OTP is generated using a seed value corresponding to the application service example "A" in the IC chip. The encryption key or seed of each application service example is issued / registered on the IC chip at the time of registering or distributing the unique authentication information for each user on the chip when issuing the IC chip or registering the use of OTP for each service provider. Reissued and registered when needed.

In order to register the use of OTP, the user needs to be connected to the server 600 for the service of the service provider and receive a seed value. The user should store this seed value assigned to his ID in the IC chip mounted in the mobile phone 100 or the smart card 200. The user may directly store the seed value in the input window provided by the one-time password generation program 500 provided in the client system 300 or the mobile phone, and may connect to the Internet (TCP / IP), text message (SMS), and wireless socket. Received through various communication methods such as using the smart card drive program 400 and stored in the IC Chip.

2 is a simple flowchart of a user authentication process in which the present invention is implemented. The user inputs a PIN from the IC chip mounted on the smart card or mobile phone and sends the corresponding OTP to the server according to the corresponding seed value when the user authentication is required. User authentication can be obtained.

 When the user accesses the user authentication screen on the client system connected online with the service server (S100), the service server generates and presents a random number as an authentication condition and requests input of the OTP (S110). Accordingly, the random number is automatically input to the one-time password generation program, and when the user contacts or approaches the smart card reader provided in the client system (S120), the smart card driving program in the client system is executed and the IC chip inside The authentication information of is read (S130).

When the one-time password generation program presents the input data combining the user-specific authentication information and the random number presented by the server as the IC chip together with the encryption operation command (S140), the IC chip enters the input data and the chip's unique number and encryption key value ( Or, based on the seed value), personal security information, etc., an encryption operation is executed on its own CPU to generate a one-time password (OTP) value (S150) and transfer it to a program outside the IC chip. When the user inputs the generated OTP from the client system and transmits the generated OTP to the server (S160), the server analyzes the received OTP (S170), authenticates the user according to the verification result, and executes identity verification (S180).

3 is a simple flowchart of the micropayment process in which the present invention is implemented. In the case of an application service that requires a small payment in an internet site such as an online shopping mall or a game site, such as a mobile phone payment, it is possible to add a payment fee to the user's communication fee if the OTP user authentication is performed using a mobile phone. That is, like the current mobile payment method, the user does not need to authenticate the user through a method of sending an authentication number from the server to the mobile phone through a text message (SMS) and receiving it again on the payment screen of the client system.

When the user accesses the payment screen on the client system connected online with the service server (S200), the service server requests input of a phone number and an OTP (S210). Certification conditions use the current standard time. Accordingly, when the user selects the one-time password menu of the mobile phone (S220), the smart card driving program is executed to read the authentication information inside the IC chip (S230).

When the one-time password generation program presents the input data combining the user-specific authentication information and the current standard time of the mobile phone itself with the encryption operation command as an IC chip (S240), the IC chip enters the input data and the chip unique number and password recorded therein. Based on the key value (or seed value), personal security information, etc., an encryption operation is executed on its own CPU to generate a one-time password (OTP) value (S250) and display on the screen of the cellular phone. When the user inputs the generated OTP together with the phone number on the payment screen of the client system (S260), the server analyzes the received phone number and the OTP (S270) and executes payment according to the verification result (S280).

As mentioned above, although this invention was demonstrated by the limited embodiment and drawing, this invention is not limited by this, The person of ordinary skill in the art to which this invention belongs, Of course, various modifications and variations are possible within the scope of equivalent claims.

According to the present invention, the server operator for the service does not need to provide a separate OTP generator hardware, such as a calculator, or a real card such as a security card issued by a bank in the form of a random number to each user, thereby reducing costs and time. In addition, the IC chip records authentication information unique to each user, such as the chip unique number, encryption key value, and personal security information, which are necessary for generating one-time passwords. Easy to deploy In addition, from the user's point of view, since OTP is always generated using a smart card or a mobile phone, the user does not have to carry and manage the OTP generator separately.

On the other hand, in online shopping, card payment and mobile phone payment are widely used as an online payment method.On the other hand, when you make a payment online, a secure click (ISP) payment password that does not have strict user authentication is displayed. No need to enter the payment verification number received in SMS (SMS), which is an additional cost when entering into or making a mobile phone payment, one-time password authentication method according to the present invention more secure and simple online card payment or mobile phone payment The advantage is that you can.

Claims (11)

  1. One-time password authentication system using a smart card or a mobile phone with a smart card chip,
    A server for a service for presenting an authentication condition to the client and authenticating the user with the one-time password inputted by the client;
    A client system including at least one PC, a laptop, a PDA, a kiosk, a cash dispenser, an unmanned vending machine, and various payment terminals connected online through the service server and a wired or wireless network;
    A unique authentication information is recorded for each user, and a smart card chip (IC Chip) having a built-in CPU and capable of performing its own encryption operation;
    A contact or proximity smart card on which the smart card chip is mounted; And
    A mobile phone in which the smart card chip is mounted
    One-time password authentication system using a smart phone or a smart phone containing a smart card chip.
  2. The method of claim 1,
    The client system,
    Contact reading,
    Infra Red communication interface,
    Bluetooth communication interface,
    Wifi communication interface,
    Wireless LAN (LAN) communication interface,
    RF (Radio Frequency) communication interface, and
    Near Field Communication (NFC) communication interface
    Smart Card Reader Supporting Proximity Reading Using At least One Of Near Field Communication Interfaces
    One time password authentication system using a smart phone or a smart phone with a built-in smart card chip comprising more.
  3. The method of claim 1,
    The mobile phone,
    Personal communication system (PCS),
    Global System for Mobile communications (GSM),
    Personal Digital Cellular (PDC),
    Personal Handyphone System (PHS),
    Personal digital assistant (PDA),
    International Mobile Telecommunication (IMT) -2000 terminal, and
    Smartphone (Smart Phone)
    One time password authentication system using a smart phone or a mobile phone with a built-in smart card comprising at least one handheld (Handheld) based wireless terminal, including.
  4. The method of claim 1,
    The client system and the mobile phone,
    Smart card driving program for reading the user-specific authentication information inside the IC chip through the smart card reader,
    One time password generation program for generating a one time password based on the read authentication information and the authentication conditions presented by the service server
    One time password authentication system using a smart phone or a smart phone with a built-in smart card chip comprising more.
  5. The method of claim 1,
    The service server,
    Service providers such as internet banking, internet shopping, intranet, etc. may each operate their own one-time password authentication services, or multiple service providers may cooperate to operate one-time password authentication services in a mutually shared manner. Be able to operate server for service by consigning one-time password authentication service to third party
    One-time password authentication system using a smart card or a mobile phone with a smart card chip.
  6. The method of claim 1,
    The authentication condition that the service server presents to the client is
    According to the preset way between the server and the client
    The random number generated by the server for user authentication, or
    The current standard time
    One time password authentication system using a smart phone or a smart phone with a built-in smart card chip comprising more.
  7. One-time password authentication method using a smart card or a mobile phone with a smart card chip,
    (1) a user accessing a user authentication screen on a client system connected online with a service server;
    (2) receiving a request for inputting a one-time password with the presentation of authentication conditions from the service server;
    (3) a user selecting a corresponding one-time password menu by contacting or approaching a smart card to a smart card reader in a client system or by operating a mobile phone having an IC chip embedded therein;
    (4) recognizing the IC chip of the smart card or the mobile phone and executing a smart card driving program in the client system or the mobile phone;
    (5) a smart card driving program reading authentication information unique to each user such as a chip unique number, an encryption key value, and personal security information in the IC chip through a reading device;
    (6) executing a one-time password generation program of the client system or the mobile phone to generate a one-time password based on the read authentication information and the authentication condition presented by the server;
    (7) a user inputting the generated one-time password in a client system and transmitting the same to a server;
    (8) analyzing the one-time password received by the service server and verifying whether the corresponding user registration information and the presented authentication conditions are met; And
    (9) performing user authentication according to the verification result and performing identity verification or payment
    One time password authentication method using a smart card or a smart phone containing a smart phone chip.
  8. The method of claim 7, wherein
    The step (5),
    When the smart card operation program reads the unique authentication information for each user inside the IC chip, it does not read the encryption key value and the personal security information itself from the IC chip, but rather the system security and chip security code such as the chip unique number, encryption key number, and personal identification number. Reading information that is not directly relevant
    One-time password authentication method using a mobile phone with a smart card or smart card chip further comprising a.
  9. The method of claim 7, wherein
    The step (6),
    If the authentication condition presented by the server is a random number generated by the server,
    (6-1-1) a client system automatically inputs a random number using a one-time password generation program, and a user enters a random number into a mobile phone,
    If the authentication condition presented by the server is the current standard time,
    (6-1-2) The client system automatically inputs the standard time of the server with the one-time password generation program, and the mobile phone automatically inputs the standard time of the mobile phone itself with the one-time password generation program.
    One time password authentication method using a smart card or a smart phone with a built-in smart phone chip further comprising.
  10. The method of claim 7, wherein
    The step (6),
    (6-2) the one-time password generation program presenting the input data combining the user-specific authentication information read in the step (5) and the authentication conditions presented by the server with an encryption operation command with an IC chip;
    (6-3) performing an encryption operation on its own CPU based on the input data presented by the IC chip and the chip unique number, encryption key value, and personal security information recorded in the IC chip;
    (6-4) transferring the one-time password value that is the execution result of the IC chip encryption operation to the one-time password generation program
    One time password authentication method using a smart card or a smart phone with a built-in smart phone chip further comprising.
  11. The method of claim 7, wherein
    The step (8),
    (8-1) performing encryption operation on its own based on the user-specific authentication information registered in the service server and the input data combining the authentication conditions stored in the server before presenting to the client;
    (8-2) comparing the execution result of the encryption operation of the service server with the one-time password received from the client to determine whether the two values match
    One time password authentication method using a smart card or a smart phone with a built-in smart phone chip further comprising.
KR1020050105762A 2005-11-07 2005-11-07 System and method for the one-time password authentication by using a smart card and/or a mobile phone including a smart-card chip KR20070048815A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020050105762A KR20070048815A (en) 2005-11-07 2005-11-07 System and method for the one-time password authentication by using a smart card and/or a mobile phone including a smart-card chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020050105762A KR20070048815A (en) 2005-11-07 2005-11-07 System and method for the one-time password authentication by using a smart card and/or a mobile phone including a smart-card chip

Publications (1)

Publication Number Publication Date
KR20070048815A true KR20070048815A (en) 2007-05-10

Family

ID=38273033

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020050105762A KR20070048815A (en) 2005-11-07 2005-11-07 System and method for the one-time password authentication by using a smart card and/or a mobile phone including a smart-card chip

Country Status (1)

Country Link
KR (1) KR20070048815A (en)

Cited By (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100815148B1 (en) * 2007-10-01 2008-03-19 주식회사 스마트카드연구소 System and method for settlement security using nfc
KR100889250B1 (en) * 2007-07-18 2009-03-17 기웅정보통신 주식회사 An apparatus for recognizing otp automatically
KR20100136051A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for managing otp by multiple authentication mode, mobile phone and recording medium
KR20100136342A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for mobile payment by using otp authentication by network of seed combination mode for customer's media and recording medium
KR20100136357A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for settling mobile phone by multiple code creation network otp authentication with biometrics and recording medium
KR20100136343A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for mobile payment by using otp authentication by network of multiple code creation mode for customer's media and recording medium
KR20100136344A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for mobile payment by using otp authentication by network of multiple code creation mode for customer's media and recording medium
KR20100136335A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for mobile payment by using otp authentication otp by seed combination mode for customer's media and recording medium
KR20100136371A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for settling mobile phone by seed combination mode's otp authentication and recording medium
KR20100136356A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for settling mobile phone by seed combination mode network otp authentication with biometrics and recording medium
KR20100136370A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for settling mobile phone by otp authentication and recording medium
KR20100136058A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for displaying otp by multiple authentication mode, mobile phone and recording medium
KR20100136340A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for mobile payment by using otp authentication by network for customer's media and recording medium
KR101219528B1 (en) * 2012-06-25 2013-01-16 주식회사 씽크풀 Secure digital system using near field communication, pair system making a pair with the secure digital system, and providing method thereof
KR101226611B1 (en) * 2012-11-14 2013-02-05 주식회사 미래테크놀로지 Security card device
KR101243307B1 (en) * 2011-06-28 2013-03-13 주식회사 하나은행 System for management of banking, terminal for management of banking, device for generating one time password and method of banking thereof
KR101250164B1 (en) * 2011-05-20 2013-04-09 사단법인 금융결제원 Method for Transferring Value of Electronic Cash by using Near Field Communication, Handheld Device and Automatic Teller Machine
KR101250091B1 (en) * 2011-05-20 2013-04-09 사단법인 금융결제원 Method for Processing Transaction of Electronic Cash by using Near Field Communication, Handheld Device and Automatic Teller Machine
KR101298216B1 (en) * 2011-09-07 2013-08-22 주식회사 엔에스에이치씨 Authentication system and method using multiple category
KR20140037167A (en) * 2014-02-10 2014-03-26 주식회사 비즈모델라인 Method for registering one time password medium by user's handhold phone
KR101386363B1 (en) * 2013-11-04 2014-04-29 유한회사 실릭스 One-time passwords generator for generating one-time passwords in trusted execution environment of mobile device and method thereof
KR101402660B1 (en) * 2013-09-17 2014-06-03 주식회사 에스씨테크원 Wireless authentication system for one time password using mobile communication terminal comprising near field communication, and method thereof
KR20140134763A (en) * 2013-05-13 2014-11-25 주식회사 비즈모델라인 Method for Multi Authentication by using One Time Division Code
KR101465434B1 (en) * 2013-04-18 2014-12-11 (주)브라이니클 Method for providing shopping information and user interface
KR20150040828A (en) * 2015-03-26 2015-04-15 (주)아이비허브 Electronic Device for Selling Articles Automatically and System for Selling Articles Automatically Using the Same
KR20150088987A (en) * 2015-07-20 2015-08-04 주식회사 비즈모델라인 Method for Providing Service by using Installed Program at Handheld Phone
KR20150088986A (en) * 2015-07-20 2015-08-04 주식회사 비즈모델라인 Method for Realizing Service by using Installed Program at Handheld Phone
KR20150090879A (en) * 2015-07-20 2015-08-06 주식회사 비즈모델라인 Method for Processing Payment by using installed Program at Handheld Phone
KR20150092731A (en) * 2015-07-20 2015-08-13 주식회사 비즈모델라인 Method for providing service by using user's handheld phone
KR20150092729A (en) * 2015-07-20 2015-08-13 주식회사 비즈모델라인 Method for Registering information

Cited By (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100889250B1 (en) * 2007-07-18 2009-03-17 기웅정보통신 주식회사 An apparatus for recognizing otp automatically
KR100815148B1 (en) * 2007-10-01 2008-03-19 주식회사 스마트카드연구소 System and method for settlement security using nfc
KR20100136335A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for mobile payment by using otp authentication otp by seed combination mode for customer's media and recording medium
KR20100136342A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for mobile payment by using otp authentication by network of seed combination mode for customer's media and recording medium
KR20100136357A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for settling mobile phone by multiple code creation network otp authentication with biometrics and recording medium
KR20100136343A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for mobile payment by using otp authentication by network of multiple code creation mode for customer's media and recording medium
KR20100136344A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for mobile payment by using otp authentication by network of multiple code creation mode for customer's media and recording medium
KR20100136051A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for managing otp by multiple authentication mode, mobile phone and recording medium
KR20100136371A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for settling mobile phone by seed combination mode's otp authentication and recording medium
KR20100136356A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for settling mobile phone by seed combination mode network otp authentication with biometrics and recording medium
KR20100136370A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for settling mobile phone by otp authentication and recording medium
KR20100136058A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for displaying otp by multiple authentication mode, mobile phone and recording medium
KR20100136340A (en) * 2009-06-18 2010-12-28 주식회사 비즈모델라인 System and method for mobile payment by using otp authentication by network for customer's media and recording medium
KR101250091B1 (en) * 2011-05-20 2013-04-09 사단법인 금융결제원 Method for Processing Transaction of Electronic Cash by using Near Field Communication, Handheld Device and Automatic Teller Machine
KR101250164B1 (en) * 2011-05-20 2013-04-09 사단법인 금융결제원 Method for Transferring Value of Electronic Cash by using Near Field Communication, Handheld Device and Automatic Teller Machine
KR101243307B1 (en) * 2011-06-28 2013-03-13 주식회사 하나은행 System for management of banking, terminal for management of banking, device for generating one time password and method of banking thereof
KR101298216B1 (en) * 2011-09-07 2013-08-22 주식회사 엔에스에이치씨 Authentication system and method using multiple category
KR101219528B1 (en) * 2012-06-25 2013-01-16 주식회사 씽크풀 Secure digital system using near field communication, pair system making a pair with the secure digital system, and providing method thereof
WO2014003292A1 (en) * 2012-06-25 2014-01-03 주식회사 씽크풀 Nfc secure digital system, pair system constituting pair therewith, and method for providing same
KR101226611B1 (en) * 2012-11-14 2013-02-05 주식회사 미래테크놀로지 Security card device
KR101465434B1 (en) * 2013-04-18 2014-12-11 (주)브라이니클 Method for providing shopping information and user interface
KR20140134763A (en) * 2013-05-13 2014-11-25 주식회사 비즈모델라인 Method for Multi Authentication by using One Time Division Code
KR101402660B1 (en) * 2013-09-17 2014-06-03 주식회사 에스씨테크원 Wireless authentication system for one time password using mobile communication terminal comprising near field communication, and method thereof
KR101386363B1 (en) * 2013-11-04 2014-04-29 유한회사 실릭스 One-time passwords generator for generating one-time passwords in trusted execution environment of mobile device and method thereof
KR20140037167A (en) * 2014-02-10 2014-03-26 주식회사 비즈모델라인 Method for registering one time password medium by user's handhold phone
KR20150040828A (en) * 2015-03-26 2015-04-15 (주)아이비허브 Electronic Device for Selling Articles Automatically and System for Selling Articles Automatically Using the Same
KR20150088987A (en) * 2015-07-20 2015-08-04 주식회사 비즈모델라인 Method for Providing Service by using Installed Program at Handheld Phone
KR20150088986A (en) * 2015-07-20 2015-08-04 주식회사 비즈모델라인 Method for Realizing Service by using Installed Program at Handheld Phone
KR20150090879A (en) * 2015-07-20 2015-08-06 주식회사 비즈모델라인 Method for Processing Payment by using installed Program at Handheld Phone
KR20150092731A (en) * 2015-07-20 2015-08-13 주식회사 비즈모델라인 Method for providing service by using user's handheld phone
KR20150092729A (en) * 2015-07-20 2015-08-13 주식회사 비즈모델라인 Method for Registering information

Similar Documents

Publication Publication Date Title
US20200294026A1 (en) Trusted remote attestation agent (traa)
JP6648110B2 (en) System and method for authenticating a client to a device
US9467292B2 (en) Hardware-based zero-knowledge strong authentication (H0KSA)
US10120993B2 (en) Secure identity binding (SIB)
US10108963B2 (en) System and method for secure transaction process via mobile device
US9301140B1 (en) Behavioral authentication system using a secure element, a behaviometric server and cryptographic servers to authenticate users
US9741033B2 (en) System and method for point of sale payment data credentials management using out-of-band authentication
EP2648163B1 (en) A personalized biometric identification and non-repudiation system
US9300665B2 (en) Credential authentication methods and systems
US8881977B1 (en) Point-of-sale and automated teller machine transactions using trusted mobile access device
US10586229B2 (en) Anytime validation tokens
US8739266B2 (en) Universal authentication token
CN103259667B (en) The method and system of eID authentication on mobile terminal
TWI667585B (en) Method and device for safety authentication based on biological characteristics
FI125071B (en) Payment System
US9098850B2 (en) System and method for transaction security responsive to a signed authentication
EP2701416B1 (en) Mobile Electronic Device And Use Thereof For Electronic Transactions
ES2741632T3 (en) Network and device authentication procedure for implementation
US20160314462A1 (en) System and method for authentication using quick response code
EP1922632B1 (en) Extended one-time password method and apparatus
US20150365404A1 (en) System and Method for Binding a Smartcard and a Smartcard Reader
KR101621254B1 (en) Payment method, computer readable recording medium and system using virtual number based on otp
US8843757B2 (en) One time PIN generation
AU2012303620B2 (en) System and method for secure transaction process via mobile device
RU2523304C2 (en) Trusted integrity manager (tim)

Legal Events

Date Code Title Description
N231 Notification of change of applicant
WITN Withdrawal due to no request for examination