KR20120100342A - Security token device and rf module and method of authentication usable in smartphone and pc - Google Patents
Security token device and rf module and method of authentication usable in smartphone and pc Download PDFInfo
- Publication number
- KR20120100342A KR20120100342A KR1020110019173A KR20110019173A KR20120100342A KR 20120100342 A KR20120100342 A KR 20120100342A KR 1020110019173 A KR1020110019173 A KR 1020110019173A KR 20110019173 A KR20110019173 A KR 20110019173A KR 20120100342 A KR20120100342 A KR 20120100342A
- Authority
- KR
- South Korea
- Prior art keywords
- security token
- smartphone
- external device
- device interface
- wireless module
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3223—Realising banking transactions through M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/02—Banking, e.g. interest calculation or account maintenance
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Theoretical Computer Science (AREA)
- Strategic Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Development Economics (AREA)
- Technology Law (AREA)
- Marketing (AREA)
- Economics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Telephone Function (AREA)
Abstract
Description
The present invention relates to a security token device, a wireless module, and an authentication method that can be used in a smart phone and a PC.
Recently, with the rapid increase of smartphones, mobile financial transactions using smartphones are attracting attention. At the same time, interest in security measures for mobile financial transactions using smartphones is increasing.
Mobile financial transactions using smart phones have the advantage that they can conveniently carry out financial transactions anytime, anywhere. It is also observed that mobile financial transactions (smartphone banking) using smartphones will outpace financial transactions on existing PCs.
Although regulations on mandatory use of accredited certificates have been eased in online financial transactions (Internet banking) recently, accredited certificates will continue to be used as an important user authentication method in domestic online financial transactions.
Smartphones can be downloaded and installed freely as the user wants the application program like a normal PC. As a result, there is a security risk that can be hacked by programs that contain malicious code like general PCs. Internet banking on existing PCs also have serious security problems that can be copied and leaked at any time. Due to these problems, the Ministry of Public Administration and Security is planning to prohibit the storing of accredited certificates on hard disks from 2013 and to implement the policy of storing accredited certificates in secure security tokens.
A security token is a hardware device that can safely store and store secret information such as an electronic signature key, and is a hardware device that can not be leaked outside of the secret information.It has a process and cryptographic operation device that can generate an electronic signature key, generate and verify an electronic signature, etc. It is a hardware device. If the certificate is stored and used in the security token, the leakage of the electronic signature key can be blocked at the source to prevent financial security accidents caused by the leak of the certificate.
For security of smartphone banking, there are limitations in applying various security programs such as antivirus program, keyboard security program, anti-phishing program, firewall program applied to internet banking in existing PC to smartphone. In the case of smartphones, unlike general PCs with an open platform (operating system and hardware environment), the platform is independent and diverse for each smartphone manufacturer, making it difficult or fundamentally difficult to convert the various security programs applied to existing PCs for smartphones. It is often impossible to apply. In addition, it is impossible to completely prevent hacking even when the various security programs are applied to a smartphone. Unlike PCs, running multiple security programs on a smartphone with limited hardware performance has a problem of slowing down speed and greatly reducing the utility of smartphone banking. In addition, the public certificate stored in the smart phone, like the public certificate stored in the hard disk of the general PC, there is a risk that the public certificate can be leaked.
As mentioned above, due to the problem of leakage of the certificate that may occur when the Internet banking on the smart phone has become an obstacle to the spread of smart phone banking.
Storing the public certificate in the security token has the effect of preventing the leak of the public certificate. However, if the security token is only able to communicate with a smartphone and cannot communicate with a PC, laptop, tablet PC, etc., when Internet banking is performed on a PC, laptop, tablet PC, etc., the certificate stored in the security token must be copied to the outside. Since it is impossible, there is an inconvenience of having to reissue the certificate every time.
In order to solve the above-mentioned problems, the present invention connects a security token that securely stores a public certificate to a smartphone and prevents a security accident such as leaking a public certificate by using a public certificate stored in the security token when the smartphone is banked. For the purpose of
More specifically, the smart phone external device interface unit such as a microSD connector or a portable digital media interface (PDMI) connector of the smart phone that can be supplied to the outside is supplied with power required to drive a security token, and the smart phone external device interface unit Send and receive data between smartphone and security token. In addition, a smartphone banking application is installed on the smartphone and the user uses the certificate stored in the security token through the smartphone banking application when the smartphone banking. This aims to provide a security token device and authentication method that prevents the leakage of the public certificate that may occur during smartphone banking.
In addition, when internet banking on a PC, laptop, or tablet PC (hereinafter referred to as PC banking), a wireless module (Bluetooth module) is connected to a device interface such as a USB port or a serial port of a PC, laptop, or tablet PC. Wirelessly communicate with each other by Bluetooth, the smartphone and the security token communicates via the smartphone external device interface (microSD or PDMI interface), and when the PC banking, the authentication certificate stored in the security token connected to the smartphone Use Through this, it aims to provide a security token device and an authentication method that prevents the leakage of a public certificate that may occur during PC banking.
It also aims to provide a secure token device, a wireless module, and an authentication method that can be used in both smartphone banking and PC banking as a single certificate.
In order to achieve the above object, the present invention is supplied to the power supply through the security token external device interface unit, connected to the smart phone through the security token control unit to transmit and receive data, the security token password registered in the internal storage, authentication Smart card IC that stores certificate and public certificate digital signature key, has encryption function, digital signature key generation function, digital signature function, electronic financial transaction function, and performs user authentication function. A security token control unit that is connected to the smart card and receives power from the smart phone, transmits and receives data to and from the smart phone, is connected to the smart card IC, and connects the smart card IC to the smart phone through a secure token external device interface unit to transmit and receive data; Connect smartphone and security token control unit and supply power from smartphone A security token configured to receive and transmit / receive data; It is installed and operated on the smart phone operating system, and provides smart phone users with a user interface for making online financial transactions using the security token, and smart data transmitting and receiving security token and data through the smart phone operating system and the external device interface of the smart phone Phone banking applications; A wireless module wireless communication unit connected to a wireless module control unit and wirelessly connected to a smartphone to transmit and receive data; A wireless module control unit connected to a wireless module wireless communication unit and a wireless module external device interface unit to transmit and receive data to each other to enable data transmission and reception between a smartphone and a PC; Provides a security token device and a wireless module that can be used in a smartphone and a PC, characterized in that it comprises a wireless module that is connected to the external device interface of the PC to receive power and transmit and receive data. do.
In addition, the present invention comprises the steps of connecting the security token to the smartphone external device interface; Receiving security power from a smart phone IC and a security token control unit, when power is supplied to the security token; Executing a smartphone banking application for a user to access (log in) a bank site; Selecting a security token menu from a user interface provided by the smartphone banking application; When the security token is selected in the user interface of the smartphone banking application, the smartphone banking application sends a connection request signal to the security token controller through the smartphone operating system and the smartphone external device interface unit; The security token control unit sends a connection completion response signal for the connection request signal to the smartphone operating system through the security token external device interface unit; Sending a connection completion signal to the smartphone banking application when the smartphone operating system receives the connection completion response signal; When the smartphone banking application receives the connection completion signal, the smartphone and the security token are connected to be in a data transmission / reception state; The smart phone banking application comprises: sending a request signal for reading authentication certificate information to the security token control unit through the smart phone operating system, the smart phone external device interface unit, and the secure token external device interface unit; The security token control unit reads the authentication certificate information stored in the smart card IC and sends it to the smartphone banking application through the security token external device interface unit when receiving the request for reading the authentication certificate information; The smart phone banking application comprises the steps of outputting the certificate information received through the smart phone external device interface and the smart phone operating system to the user interface; When the user selects the public certificate output on the user interface, a security token password input window appears and the user inputs the security token password in the security token password input window; When the user enters the security token password in the user interface security token password input window of the smartphone banking application, the security token password is transmitted to the security token controller through the smartphone operating system, the smartphone external device interface unit, and the security token external device interface unit. ; The security token control unit transmits the password to the smart card IC, and the smart card IC compares the password registered in the smart card IC internal storage with the password input from the user. Transmitting an authentication failure signal to the security token control unit if the comparison result does not match; The security token control unit transmits the received authentication success or authentication failure signal to the smartphone banking application through the security token external device interface unit, the smartphone external device interface unit, and the smartphone operating system; When the smartphone banking application receives the authentication success signal, it sends a digital signature request to the smart card IC through the smartphone application system, the smartphone external device interface unit, the security token external device interface unit, and the security token control unit, and receives the authentication failure signal to the user. Notifying the security token user authentication failure message and blocking access (login) to the bank site; When the smart card IC receives an electronic signature request from the smartphone banking application, the smart card IC uses the electronic signature key stored in the electronic signature to electronically sign the security token controller, the security token external device interface unit, the smartphone external device interface unit, and the smartphone application system. Delivering the digital signature value to the banking application; The smart phone banking application provides an authentication method using a security token device that can be used in a smart phone, characterized in that the smart card IC receives an electronic signature value and accesses (logs in) a bank site.
In another aspect, the present invention comprises the steps of connecting the security token to the smart phone external device interface and the wireless module to the PC external device interface; When the power is supplied from the smart phone IC and the security token control unit, the security token operates. When the power is supplied from the PC, the wireless module operates when the power is supplied to the wireless module control unit and the wireless module wireless communication unit. ; A user executing a PC banking application to access (log in) a bank site; The user selecting a security token menu in a user interface provided by the PC banking application; When the security token is selected in the user interface of the PC banking application, the PC banking application sends a connection request signal to the wireless module through the PC operating system and the PC external device interface unit, and the wireless module controller transmits the connection request signal through the wireless module external device interface unit. Receives and passes through the wireless module wireless communication unit (hereinafter referred to as wireless module section) to the wireless communication unit of the smartphone , security token via the operating system of the smartphone and the smartphone external device interface (hereinafter referred to as smartphone section) and the security token external device interface. Transmitting the connection request signal to a controller; The security token control unit sends a connection completion response signal for the connection request signal to the PC operating system via the PC external device interface through the smart device section and the wireless module section through the security token external device interface; Sending a connection completion signal to the PC banking application when the PC operating system receives the connection completion response signal; When the PC banking application receives the connection completion signal, the PC and the security token are connected via the wireless module and the smart phone to enable data transmission and reception; The PC banking application comprises: sending a request signal for reading the certificate information to the security token control unit through the security token external device interface unit through the PC operating system, the PC external device interface unit, the smartphone section, and the wireless module section; The security token control unit reads the authentication certificate information stored in the smart card IC upon receiving a request for reading the authentication certificate information and sends it to the PC banking application via the security token external device interface unit, the smartphone section and the wireless module section, and the PC operating system; PC banking application step of outputting the received authentication certificate information to the user interface; When the user selects the public certificate output on the user interface, a security token password input window appears and the user inputs the security token password in the security token password input window; When the user enters the security token password into the user interface security token password input window of the PC banking application, the security token is transferred to the security token controller via the PC operating system, the PC external device interface unit, the wireless module section, the smartphone section, and the security token external device interface. Passing a password; The security token control unit transmits the password to the smart card IC. The smart card IC compares the password registered in the smart card IC internal storage space with the password input from the user. Transmitting the authentication failure signal to the security token control unit if the comparison result does not match; The security token control unit transmits the received authentication success or authentication failure signal to the PC banking application through the security token external device interface unit, the smartphone section and the wireless module section, the PC external device interface unit, and the PC operating system; When the PC banking application receives the authentication success signal, it makes an electronic signature request to the smart card IC through the PC operating system, PC external device interface unit, wireless module section, smartphone section, security token external device interface section, security token control section, and authentication failure. Notifying the user of the security token user authentication failure message upon receiving the signal and blocking access to the bank site (login); When the smart card IC receives an electronic signature request from a smartphone banking application, the electronic signature key is stored in the electronic signature key, and the electronic signature key is used to secure the security token control unit, the security token external device interface unit, the smartphone section, the wireless module section, the PC external device interface unit, and the PC. Passing the electronic signature value to the PC banking application via the operating system; The PC banking application receives an electronic signature value from a smart card IC and accesses (logs in) a bank site. The authentication method uses a security token device and a wireless module that can be used in a smartphone and a PC. to provide.
According to the present invention, smart phone banking or PC banking or PC banking because it uses a certificate stored securely in a security token without using a certificate stored in the hard disk of a smartphone or PC that risks leaking the certificate It is effective to prevent damage to the public certificate that may occur during PC banking.
In addition, the power required to drive the security token is supplied through a smartphone external device interface such as a microSD memory connector and a PDMI connector built in the smartphone, and data is transferred between the smartphone and the security token through the smartphone external device interface. Send and receive When banking a smartphone, a smartphone banking application is installed on the smartphone to communicate with the security token through it. Smartphone banking application is a smartphone application program that runs on a smartphone operating system, so it is not dependent on different smartphone platforms (smartphone operating system and hardware) by manufacturer, and can be implemented on various smartphone platforms. This makes it possible to use security tokens independently when banking smartphones regardless of different smartphone platforms.
In addition, when Internet banking of a PC, a wireless module (Bluetooth module, etc.) is connected to the device interface of the PC, and a smartphone and a PC or a notebook communicate wirelessly (Bluetooth, etc.), and a smartphone and a security token are the external devices of the smartphone. Communicate through the interface unit. Through this, even when banking the PC, it is possible to use the public certificate stored in the security token and prevent the leakage of the public certificate. In addition, there is an effect that can be used in both smartphone banking and PC banking using one official certificate stored in the security token.
1 is a block diagram of a security token device and a wireless module that can be used in a smartphone and a PC of a preferred embodiment of the present invention.
2 and 3 is a flow chart illustrating an authentication method utilizing a security token device that can be used in the smart phone of the preferred embodiment of the present invention.
4 and 5 are flowcharts illustrating an authentication method using a security token device and a wireless module that can be used in a smartphone and a PC according to an exemplary embodiment of the present invention.
6 is a view showing a user interface and a security token password input window while a smartphone banking application is executed on a smartphone screen of a preferred embodiment of the present invention.
7 is a view showing a user interface and a security token password input window while a PC banking application on a PC monitor screen of the preferred embodiment of the present invention is executed.
Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.
1 is a block diagram of a security token device and a wireless module that can be used in a smartphone and a PC of a preferred embodiment of the present invention.
The block diagram is largely divided into a
The
The
The security
The secure token external
The smartphone
The
The
The smartphone
The
The wireless
The wireless
The wireless module external
The PC external
The
2 and 3 is a flow chart illustrating an authentication method utilizing a security token device that can be used in the smart phone of the preferred embodiment of the present invention.
The certification stage is largely divided into three stages. First step of connecting the
Connect the security token to the smartphone external device interface unit (S301).
When the power is supplied to the smart card IC and the security token control unit by receiving power from the smartphone, the security token operates. (S302)
The user executes a smartphone banking application to access (log in) the bank site (S303).
The user selects a security token menu from a user interface provided by the smartphone banking application (S304).
When the security token is selected in the user interface of the smartphone banking application, the smartphone banking application sends a connection request signal to the security token controller through the smartphone operating system and the smartphone external device interface unit (S305).
The security token control unit sends a connection completion response signal for the connection request signal to the smart phone operating system through the security token external device interface unit (S306).
When the smartphone operating system receives the connection completion response signal, and sends a connection completion signal to the smartphone banking application (S307).
When the smartphone banking application receives the connection completion signal, the smartphone and the security token are connected and the data can be transmitted and received (S308).
The smartphone banking application sends a request signal for reading the certificate information to the security token control unit through the smartphone operating system, the smartphone external device interface unit, and the security token external device interface unit (S309).
The security token control unit reads the authentication certificate information stored in the smart card IC upon receiving a request for reading the certificate information and sends it to the smartphone banking application through the secure token external device interface unit (S310).
The smartphone banking application outputs the certificate information received through the smartphone external device interface and the smartphone operating system to the user interface (S311).
When the user selects the public certificate output on the user interface, a security token password input window appears and the user inputs a security token password in the security token password input window (S312).
When the user enters the security token password in the user interface security token password input window of the smartphone banking application, the security token password is transmitted to the security token controller through the smartphone operating system, the smartphone external device interface unit, and the security token external device interface unit. (S313)
The security token control unit transmits the password to the smart card IC, and the smart card IC compares the password registered in the smart card IC internal storage with the password input from the user. If the comparison result does not match, the authentication failure signal is transmitted to the security token control unit (S314).
The security token control unit transmits the received authentication success or authentication failure signal to the smartphone banking application through the security token external device interface unit, the smartphone external device interface unit, and the smartphone operating system (S315).
When the smartphone banking application receives the authentication success signal, it sends a digital signature request to the smart card IC through the smartphone application system, the smartphone external device interface unit, the security token external device interface unit, and the security token control unit, and receives the authentication failure signal to the user. Notify the security token user authentication failure message and block access (login) to the bank site (S316).
When the smart card IC receives an electronic signature request from the smartphone banking application, the smart card IC uses the electronic signature key stored in the electronic signature to electronically sign the security token controller, the security token external device interface unit, the smartphone external device interface unit, and the smartphone application system. The electronic signature value is transmitted to the banking application (S317).
The smartphone banking application receives the electronic signature value from the smart card IC and accesses (logs in) a bank site (S318).
In addition to a smartphone, it is possible to apply the security token and authentication method of the present invention to a tablet PC.
4 and 5 are flowcharts illustrating an authentication method using a security token device and a wireless module that can be used in a smartphone and a PC according to an exemplary embodiment of the present invention.
Connect the security token to the smartphone external device interface and the wireless module to the PC external device interface (S401).
When the power is supplied from the smart card IC and the security token control unit, the security token operates. When the power is supplied from the PC, the wireless module operates when the power is supplied to the wireless module control unit and the wireless module wireless communication unit. (S402)
The user runs a PC banking application to access (log in) the bank site (S403).
The user selects a security token menu in the user interface provided by the PC banking application (S404).
When the security token is selected in the user interface of the PC banking application, the PC banking application sends a connection request signal to the wireless module through the PC operating system and the PC external device interface unit, and the wireless module controller transmits the connection request signal through the wireless module external device interface unit. Receives and passes through the wireless module wireless communication unit (hereinafter referred to as wireless module section) to the wireless communication unit of the smartphone , security token via the operating system of the smartphone and the smartphone external device interface (hereinafter referred to as smartphone section) and the security token external device interface. The connection request signal is transmitted to a control unit (S405).
The security token control unit sends the connection completion response signal for the connection request signal to the PC operating system via the PC external device interface unit via the smart phone section and the wireless module section through the security token external device interface unit (S406).
When the PC operating system receives the connection completion response signal, it sends a connection completion signal to the PC banking application (S407).
When the PC banking application receives the connection completion signal, the PC and the security token are connected via the wireless module and the smart phone to be in a state capable of transmitting and receiving data (S408).
The PC banking application sends a request signal for reading the certificate information to the security token control unit through the security token external device interface unit via the PC operating system, the PC external device interface unit, the smartphone section and the wireless module section. (S409)
The security token control unit reads the authentication certificate information stored in the smart card IC when the request for reading the certificate information is read and sends it to the PC banking application via the security token external device interface unit, the smartphone section and the wireless module section, and the PC operating system (S410).
The PC banking application outputs the received accredited certificate information to the user interface (S411).
When the user selects the public certificate output on the user interface, a security token password input window appears and the user inputs a security token password in the security token password input window (S412).
When the user enters the security token password into the user interface security token password input window of the PC banking application, the security token is transferred to the security token controller via the PC operating system, the PC external device interface unit, the wireless module section, the smartphone section, and the security token external device interface. Password is passed (S413).
The security token control unit transmits the password to the smart card IC. The smart card IC compares the password registered in the smart card IC internal storage space with the password input from the user. If the comparison result does not match, and transmits the authentication failure signal to the security token control unit (S414).
The security token control unit transmits the received authentication success or authentication failure signal to the PC banking application through the security token external device interface unit, the smartphone section and the wireless module section, the PC external device interface unit, and the PC operating system.
When the PC banking application receives the authentication success signal, it makes an electronic signature request to the smart card IC through the PC operating system, PC external device interface unit, wireless module section, smartphone section, security token external device interface section, security token control section, and authentication failure. Upon receiving the signal, the user notifies the user of the security token user authentication failure message and blocks access to the bank site (login) (S416).
When the smart card IC receives an electronic signature request from a smartphone banking application, the electronic signature key is stored in the electronic signature key, and the electronic signature key is used to secure the security token control unit, the security token external device interface unit, the smartphone section, the wireless module section, the PC external device interface unit, and the PC. The electronic signature value is transmitted to the PC banking application through the operating system (S417).
The PC banking application receives the digital signature value from the smart card IC and accesses (logs in) the bank site (S418).
FIG. 6 is a diagram illustrating a
7 is a diagram illustrating a
The present invention has been described above with reference to the accompanying drawings, but the present invention is not limited thereto, and various changes, modifications, and equivalents may be used. Therefore, the present invention can be applied by appropriately modifying the above embodiments, it will be natural that such applications also fall within the scope of the present invention based on the technical idea described in the claims.
The present invention relates to a security token device, a wireless module, and an authentication method that can be used in a smartphone and a PC, and can be widely used in industrial fields where security and convenience are important, such as smartphone banking or PC banking.
100: Security Token
110: security token external device interface unit 120: security token control unit
130: smart card IC
200: Smartphone
210: smart phone external device interface unit 220: smart phone banking application
221: user interface 222: security token password input window
230: smartphone operating system 240: smartphone wireless communication unit
300: wireless module
310: wireless module control unit 320: wireless module wireless communication unit
330: wireless module external device interface unit
400: PC
410: PC banking application 420: PC operating system
411: user interface 412: security token password input window
430: PC external device interface unit
Claims (3)
Secure token is supplied with power through the external device interface, connected to the smartphone through the secure token control unit to send and receive data, and stores the security token password, public certificate and digital certificate key registered in the internal storage space, Smart card IC which has encryption function, digital signature key generation function, digital signature function, electronic financial transaction function and performs user authentication function,
It is connected to the smartphone through the secure token external device interface, receives power from the smartphone, sends and receives data to and from the smartphone, connects to the smart card IC, and connects the smart card IC to the smartphone through the secure token external device interface. Security token control unit for transmitting and receiving data,
Secure token external device interface unit for connecting the smartphone and the security token control unit, receiving power from the smartphone and transmitting and receiving data,
Security token consisting of;
It is installed and operated on the smart phone operating system, and provides smart phone users with a user interface for making online financial transactions using the security token, and smart data transmitting and receiving security token and data through the smart phone operating system and the external device interface of the smart phone Phone banking applications;
A wireless module wireless communication unit connected to a wireless module control unit and wirelessly connected to a smartphone to transmit and receive data;
A wireless module control unit connected to a wireless module wireless communication unit and a wireless module external device interface unit to transmit and receive data to each other to enable data transmission and reception between a smartphone and a PC;
A wireless module external device interface unit connected to an external device interface unit of the PC to receive power and to transmit and receive data;
Wireless module consisting of;
Security token device and wireless module that can be used in smartphones and PCs comprising a.
Connecting the security token to the smartphone external device interface;
Receiving security power from a smart phone IC and a security token control unit, when power is supplied to the security token;
Executing a smartphone banking application for a user to access (log in) a bank site;
Selecting a security token menu from a user interface provided by the smartphone banking application;
When the security token is selected in the user interface of the smartphone banking application, the smartphone banking application sends a connection request signal to the security token controller through the smartphone operating system and the smartphone external device interface unit;
The security token control unit sends a connection completion response signal for the connection request signal to the smartphone operating system through the security token external device interface unit;
Sending a connection completion signal to the smartphone banking application when the smartphone operating system receives the connection completion response signal;
When the smartphone banking application receives the connection completion signal, the smartphone and the security token are connected to be in a data transmission / reception state;
The smart phone banking application comprises: sending a request signal for reading authentication certificate information to the security token control unit through the smart phone operating system, the smart phone external device interface unit, and the secure token external device interface unit;
The security token control unit reads the authentication certificate information stored in the smart card IC and sends it to the smartphone banking application through the security token external device interface unit when receiving the request for reading the authentication certificate information;
The smart phone banking application comprises the steps of outputting the certificate information received through the smart phone external device interface and the smart phone operating system to the user interface;
When the user selects the public certificate output on the user interface, a security token password input window appears and the user inputs the security token password in the security token password input window;
When the user enters the security token password in the user interface security token password input window of the smartphone banking application, the security token password is transmitted to the security token controller through the smartphone operating system, the smartphone external device interface unit, and the security token external device interface unit. ;
The security token control unit transmits the password to the smart card IC, and the smart card IC compares the password registered in the smart card IC internal storage with the password input from the user. Transmitting an authentication failure signal to the security token control unit if the comparison result does not match;
The security token control unit transmits the received authentication success or authentication failure signal to the smartphone banking application through the security token external device interface unit, the smartphone external device interface unit, and the smartphone operating system;
When the smartphone banking application receives the authentication success signal, it sends a digital signature request to the smart card IC through the smartphone application system, the smartphone external device interface unit, the security token external device interface unit, and the security token control unit, and receives the authentication failure signal to the user. Notifying the security token user authentication failure message and blocking access (login) to the bank site;
When the smart card IC receives an electronic signature request from the smartphone banking application, the smart card IC uses the electronic signature key stored in the electronic signature to electronically sign the security token controller, the security token external device interface unit, the smartphone external device interface unit, and the smartphone application system. Delivering the digital signature value to the banking application;
The smartphone banking application receives the electronic signature value from the smart card IC and accesses (logs in) a bank site;
Security token chapter that can be used in the smartphone, characterized in that including
Authentication method using the software.
Connecting a security token to a smartphone external device interface and a wireless module to a PC external device interface;
When the power is supplied from the smart phone IC and the security token control unit, the security token operates. When the power is supplied from the PC, the wireless module operates when the power is supplied to the wireless module control unit and the wireless module wireless communication unit. ;
A user executing a PC banking application to access (log in) a bank site;
The user selecting a security token menu in a user interface provided by the PC banking application;
The security token is selected from the user interface of the PC banking application, PC banking application radio sends a connection request signal to the radio module via the PC operating system and a PC external device interface unit module control unit via the connection request signal parts of the radio module an external device interface Receives and passes through the wireless module wireless communication unit (hereinafter referred to as wireless module section) to the wireless communication unit of the smartphone , security token via the operating system of the smartphone and the smartphone external device interface (hereinafter referred to as smartphone section) and the security token external device interface. Transmitting the connection request signal to a controller;
The security token control unit sends a connection completion response signal for the connection request signal to the PC operating system via the PC external device interface through the smart device section and the wireless module section through the security token external device interface;
Sending a connection completion signal to the PC banking application when the PC operating system receives the connection completion response signal;
When the PC banking application receives the connection completion signal, the PC and the security token are connected via the wireless module and the smart phone to enable data transmission and reception;
The PC banking application comprises: sending a request signal for reading the certificate information to the security token control unit through the security token external device interface unit through the PC operating system, the PC external device interface unit, the smartphone section, and the wireless module section;
The security token control unit reads the authentication certificate information stored in the smart card IC upon receiving a request for reading the authentication certificate information and sends it to the PC banking application via the security token external device interface unit, the smartphone section and the wireless module section, and the PC operating system;
PC banking application step of outputting the received authentication certificate information to the user interface;
When the user selects the public certificate output on the user interface, a security token password input window appears and the user inputs the security token password in the security token password input window;
When the user enters the security token password into the user interface security token password input window of the PC banking application, the security token is transferred to the security token controller via the PC operating system, the PC external device interface unit, the wireless module section, the smartphone section, and the security token external device interface. Passing a password;
The security token control unit transmits the password to the smart card IC. The smart card IC compares the password registered in the smart card IC internal storage space with the password input from the user. Transmitting the authentication failure signal to the security token control unit if the comparison result does not match;
The security token control unit transmits the received authentication success or authentication failure signal to the PC banking application through the security token external device interface unit, the smartphone section and the wireless module section, the PC external device interface unit, and the PC operating system;
When the PC banking application receives the authentication success signal, it makes an electronic signature request to the smart card IC through the PC operating system, PC external device interface unit, wireless module section, smartphone section, security token external device interface section, security token control section, and authentication failure. Notifying the user of the security token user authentication failure message upon receiving the signal and blocking access to the bank site (login);
When the smart card IC receives an electronic signature request from a smartphone banking application, the electronic signature key is stored in the electronic signature key, and the electronic signature key is used to secure the security token control unit, the security token external device interface unit, the smartphone section, the wireless module section, the PC external device interface unit, and the PC. Passing the electronic signature value to the PC banking application via the operating system;
The PC banking application receives the digital signature value from the smart card IC and access (log in) to the bank site;
Authentication method using a security token device and a wireless module that can be used in a smartphone and a PC comprising a.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020110019173A KR20120100342A (en) | 2011-03-03 | 2011-03-03 | Security token device and rf module and method of authentication usable in smartphone and pc |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020110019173A KR20120100342A (en) | 2011-03-03 | 2011-03-03 | Security token device and rf module and method of authentication usable in smartphone and pc |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20120100342A true KR20120100342A (en) | 2012-09-12 |
Family
ID=47110088
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020110019173A KR20120100342A (en) | 2011-03-03 | 2011-03-03 | Security token device and rf module and method of authentication usable in smartphone and pc |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20120100342A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101314183B1 (en) * | 2013-04-01 | 2013-10-14 | 주식회사 티모넷 | System for sharing hsm(hardware security module) of mobile unit using nfc |
WO2015108307A1 (en) * | 2014-01-14 | 2015-07-23 | 주식회사 씽크풀 | User authentication method using user device, and digital system and authentication system therefor |
KR20170029483A (en) | 2017-03-09 | 2017-03-15 | 홍승은 | Mobile cross-authentication system and method |
US11966907B2 (en) | 2014-10-25 | 2024-04-23 | Yoongnet Inc. | System and method for mobile cross-authentication |
-
2011
- 2011-03-03 KR KR1020110019173A patent/KR20120100342A/en not_active Application Discontinuation
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101314183B1 (en) * | 2013-04-01 | 2013-10-14 | 주식회사 티모넷 | System for sharing hsm(hardware security module) of mobile unit using nfc |
WO2015108307A1 (en) * | 2014-01-14 | 2015-07-23 | 주식회사 씽크풀 | User authentication method using user device, and digital system and authentication system therefor |
US11966907B2 (en) | 2014-10-25 | 2024-04-23 | Yoongnet Inc. | System and method for mobile cross-authentication |
KR20170029483A (en) | 2017-03-09 | 2017-03-15 | 홍승은 | Mobile cross-authentication system and method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105684009B (en) | Using biometric authentication for NFC-based payments | |
TWI664591B (en) | Method of disabling financial transactions between apayment network and an electronic device and management device | |
US9918226B2 (en) | Spoofing protection for secure-element identifiers | |
KR102485830B1 (en) | Processing for secure information | |
US8700908B2 (en) | System and method for managing secure information within a hybrid portable computing device | |
JP6552714B2 (en) | Data processing method and system, and wearable electronic device | |
KR20190018506A (en) | System-on-Chip and Terminal | |
KR101109000B1 (en) | Security module, System and Method for securing electronic banking using the same | |
CN101888442A (en) | Security management method for mobile terminal and mobile terminal | |
EP2338244B1 (en) | Use of a secure element for writing to and reading from machine readable credentials | |
US11520859B2 (en) | Display of protected content using trusted execution environment | |
KR20120100342A (en) | Security token device and rf module and method of authentication usable in smartphone and pc | |
CN103596175A (en) | Mobile intelligent terminal certification system and method based on near field communication technology | |
KR20110030515A (en) | Security token device and method of authentication usable in smartphone | |
KR20170009541A (en) | Display driver integrated circuit for certifying application processor and mobile apparatus having the same | |
JP2014057283A (en) | Exchange method of confidential information and computer | |
CN206788918U (en) | Encrypted card | |
Morgner et al. | Mobile smart card reader using NFC-enabled smartphones | |
KR101628615B1 (en) | Method for Providing Safety Electronic Signature by using Secure Operating System | |
GB2531255A (en) | Secure authentication token | |
Toegl | Tagging the turtle: local attestation for kiosk computing | |
TWI651624B (en) | Smart hardware safety carrier | |
KR20160124336A (en) | Method for Providing Electronic Signature by using Secure Operating System | |
KR101628614B1 (en) | Method for Processing Electronic Signature by using Secure Operating System | |
KR101314183B1 (en) | System for sharing hsm(hardware security module) of mobile unit using nfc |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WITN | Withdrawal due to no request for examination |