KR20140033529A - System, method and computer readable recording medium for providing a log in using one time password - Google Patents

Abstract

The present invention relates to a login system using an one time identification number to be able to log in to another terminal by using an application which is being logged in, which comprises: a first terminal that is being logged in a service server; the service server generating the one time authentication number by receiving the request of the onetime authentication number for logging in to a second terminal from the first terminal and then transferring the generated one time authentication to the first terminal; and the second terminal transferring the one time authentication number to the service server by receiving the input of the one time authentication number received from the first terminal and logging in by the service server in a response to the transmission. [Reference numerals] (100) First terminal(Smartphone); (110) Second terminal(TV or PC); (130) Service server; (310) Request receiver; (320) Effectiveness determination unit; (330) OTP generation unit; (340) OTP transmission unit; (350) OTP reception unit; (360) Authentication unit; (370) Login processing unit; (381) Login information D/B; (382) OTP information D/B; (AA,BB) Login information

Description

TECHNICAL FIELD [0001] The present invention relates to a login system, a method, and a computer readable recording medium using a disposable authentication number. BACKGROUND OF THE INVENTION [0001]

The present invention relates to a system for providing a login to an application or a web site, and more particularly, to a login system, a method, and a computer readable using a disposable authentication number capable of logging in from another terminal using an application in a logged-in state The present invention relates to a recording medium.

Recently, display devices of various sizes and types are being released due to the desire of various consumers. In addition, with the popularization of smart phones, various hand-held personal devices are emerging. For example, devices having display means of various sizes such as a smart phone, a pad type terminal, a 7 inch tablet PC, and a 10 inch tablet PC are being released.

On the other hand, apart from the function of displaying only the received airwave or cable broadcasting signal, the interactive function with the user and various additional services using the Internet are provided on the TV. For example, smart TVs that support interworking with smart phones have recently appeared, including IPTV, which interacts with a PC or a server via an Internet connection. Examples of the above-mentioned smart TV include Apple TV and Google TV, and a conventional TV has a bidirectional communication function with the user and various additional functions using the Internet.

In addition, a device called a set top box (STB) is additionally required not only for TV but also for receiving digital broadcasting. The term "set-top box" refers to a device that is connected to a TV, receives signals from the outside, appropriately converts the signals, and displays the contents on a TV. A set-top box is a home communication terminal required to use a next-generation interactive multimedia communication service (video on demand (VOD), home shopping, network game, etc.) Also called a subscriber signal converter. It is connected to a network such as an interactive TV, a telephone, or a company's video transmission service (for example, a video dial tone provided by a US regional telephone company).

The set-top box communicates with a video server installed in a telephone company or a general cable broadcasting (CATV) station, and has a function of receiving and converting video signals with basic functions. In addition, various standards, such as having a telephone interface or a connection interface with a personal computer (PC), are also being examined so that data communication services such as telephone and PC communication can be simultaneously used. Accordingly, in order to preoccupy the interactive TV market, telecommunications, computer, and home appliance manufacturers are competing for the production and sale of set-top boxes.

The set-top box does not necessarily have a built-in tuner. An external signal may include an Ethernet cable, a satellite reception or terrestrial reception antenna, a coaxial cable, a telephone line, an analog Very High Frequency (VHF) UHF (Ultra High Frequency) antenna. The contents that can be obtained through this can be video, voice, internet web page, game, and the like.

As described above, the TV can provide not only broadcast information but also various information services through a set-top box interfaced with the Internet, and it is possible to select and control services through bidirectional communication with a user. In order to facilitate the inputting of a user's selection signal, there is a need for various functions of a remote controller to be expanded and a need for a convenient interface is required.

In addition, smart TVs with built-in functions of the set-top box can be connected to the Internet as well as watching terrestrial broadcasts, enabling computer functions such as video-on-demand (VoD), game, video call and application utilization. On the other hand, considering the fact that smart TV function can be utilized through the above-mentioned set-top box connection with a general TV, and a long replacement period of TV, smart TV and set-top box market coexist.

At this time, when a user wants to log in an application installed in the smart TV, unlike a PC, there is no proper input means for login. Also, it is very inconvenient to input the ID and the password which are combined with the letters, numbers, etc. through the TV remote controller or the like. Accordingly, there is a demand for a method of easily logging in a special terminal (e.g., a TV or the like) that is not easy to input characters while maintaining high security.

In addition, there is a problem that the ID and password used at the time of login are very likely to be leaked or hacked in a terminal installed in a public place where security may be weak.

On the other hand, Korean Patent Registration No. 10-1025807 entitled " Authentication method and authentication server (Pak Sang-Gu) "(Document 1) discloses a method for authenticating a client terminal using a separate user terminal, A method for authenticating an authentication key by scanning an image authentication key such as a QR code via a separate authentication terminal without inputting the authentication key is disclosed.

However, although the above method is convenient for authentication even without using an ID and a password, it requires complicated procedures such as scanning an image authentication key, and is also vulnerable to exposure of an authentication key.

Therefore, there is a need for a login method that is excellent in security and easy to input even in a terminal where the input environment is not easy or a terminal installed in a public place where security is weak.

[Patent Document 1] Korean Registered Patent No. 10-1025807 Authentication method and authentication server (Sang-Gu Park) 2011.03.23

It is an object of the present invention to provide a login system, a method, and a computer-readable recording medium using a disposable authentication number that can be logged in from another terminal using a disposable authentication number issued through an application in a logged-in state.

Another object of the present invention is to provide a login system, a method, and a computer-readable recording medium using a disposable authentication number that can be easily logged in from a TV or a PC using a disposable authentication number issued through an application in a logged-in state .

It is still another object of the present invention to provide a login system and method using a disposable authentication number that can be easily logged in at other terminals by using a disposable authentication number issued through an application in a login state and location information of the terminal, And a recording medium.

It is another object of the present invention to provide a log-in system and method using a disposable authentication number that can be easily logged in at other terminals by using a disposable authentication number and ID information issued through an application in a login state, .

In order to achieve the above-described object of the present invention and to achieve the specific effects of the present invention described below, the characteristic structure of the present invention is as follows.

According to an aspect of the present invention, a login system using a disposable authentication number includes a first terminal that is logged in to a service server; A service server for receiving a request for providing a disposable authentication number for login to the second terminal from the first terminal to generate a disposable authentication number and providing the generated disposable authentication number to the first terminal; And a second terminal for receiving the disposable authentication number received through the first terminal and transmitting the disposable authentication number to the service server and log-in by the service server in response thereto.

Preferably, the second terminal is a PC or a TV.

Preferably, the disposable authentication number is a Universal Unique Identifier (UUID).

Preferably, the disposable authentication number is automatically discarded when a preset time elapses after the disposable authentication number is generated.

Preferably, the disposable authentication number is composed of a plurality of numbers, and the number of the disposable authentication numbers is set considering the degree of security.

Preferably, the service server collects location information of the first terminal and the second terminal, and when the location information of the first terminal and the location information of the second terminal are within the same or predetermined range, And performs login processing for the second terminal.

Preferably, the service server further receives the ID information input from the second terminal, and when the provided ID information matches the login ID information of the first terminal, the service server performs login processing .

According to another aspect of the present invention, there is provided a service server for providing a login service using a one-time authentication number, the service server comprising: a request receiving unit for receiving a request for providing a disposable authentication number for login to a second terminal from a first terminal, ; A validity determining unit for determining the validity of login of the first terminal from the login information for the first terminal according to the request; An OTP (One Time Password) generator for generating a one-time authentication number when the first terminal is normally a logged-in terminal as a result of the validity determination; An OTP transmitter for transmitting the generated disposable authentication number to the first terminal; An OTP receiver for receiving the disposable authentication number transmitted from the second terminal to the first terminal; An authentication confirmation unit for comparing the disposable authentication number received through the OTP receiver with the disposable authentication number generated through the OTP generation unit to perform authentication; And a login processing unit for performing login processing of the second terminal when the one-time authentication number matches the comparison result of the authentication confirmation unit.

According to another aspect of the present invention, there is provided a login method using a disposable authentication number, wherein each step performed in a service server comprises: a step of, in a request receiving unit, transmitting, from a first terminal, Receiving a request for providing a disposable authentication number for the user; Determining, by the validity determination unit, the login validity of the first terminal from the login information for the first terminal according to the request; Generating a one-time authentication number in the OTP (One Time Password) generation unit if the first terminal is a terminal that is normally logged in as a result of the validity determination unit; Transmitting the generated disposable authentication number to the first terminal in an OTP transmission unit; Receiving, at the OTP receiving unit, the disposable authentication number transmitted to the first terminal from the second terminal; Performing authentication by comparing the disposable authentication number received through the OTP receiver with a disposable authentication number generated through the OTP generator in the authentication confirmation unit; And login processing the second terminal when the disposable authentication number matches the comparison result of the authentication confirmation unit in the login processing unit.

Preferably, the second terminal is a PC or a TV.

Preferably, the disposable authentication number is a Universal Unique Identifier (UUID).

Preferably, the disposable authentication number is automatically discarded when a preset time elapses after the disposable authentication number is generated.

Preferably, the disposable authentication number is composed of a plurality of numbers, and the number of the disposable authentication numbers is set considering the degree of security.

Preferably, the method further comprises the steps of: collecting location information of the first terminal in a location storage and storing the information in a database; Confirming whether the location information of the first terminal and the location information of the second terminal are within the same or predetermined range, in the location confirmation unit; And performing login processing for the second terminal when the login processing unit determines that the location information of the location confirmation unit is the same or is within a preset range.

Preferably, the method further comprises: receiving, in the ID verification unit, the ID information input from the second terminal and confirming whether the provided ID information matches the login ID information of the first terminal; And performing login processing for the second terminal when the ID information of the ID verification unit matches the ID information of the second terminal in the login processing unit.

Meanwhile, the information for providing the login method using the disposable authentication number may be stored in a recording medium readable by the server computer. Such a recording medium includes all kinds of recording media in which programs and data are stored so that they can be read by a computer system. Examples include ROMs (Read Only Memory), Random Access Memory, CD (Compact Disk), DVD (Digital Video Disk) -ROM, magnetic tape, floppy disk, optical data storage device, (For example, transmission over the Internet). Such a recording medium may also be distributed over a networked computer system so that computer readable code in a distributed manner can be stored and executed.

As described above, according to the present invention, there is an advantage that a highly secure log-in can be performed without inputting a separate ID or password by logging in from a smart TV or a PC using a disposable authentication number issued through an application in a logged-in state have.

In addition, when the authentication number is composed only of numerals, there is an advantage that it is possible to log in easily even in a device which is inconvenient to input English or special characters as in a smart TV. In other words, there is an advantage that inputting convenience is high because there is no need to input an ID.

In addition, according to the present invention, since the disposable authentication number used for log-in is issued and used once, it is advantageous in security because it can not be reused even if the disposable authentication number is exposed.

For example, in the case of a PC in a public place such as a PC room or a salon, it is not safe from a malicious code or the like, so there is a high possibility that an ID or a password is leaked. Therefore, according to the present invention, it is possible to log in without using an ID and a password, so that it is possible to log in with high security in a public place.

1 is a view showing a concept of a login system using a disposable authentication number according to an embodiment of the present invention.
2 is a diagram illustrating a login system using a disposable authentication number according to an embodiment of the present invention.
3 is a diagram illustrating a detailed configuration of a service server in a login system using a disposable authentication number according to a first embodiment of the present invention.
4 is a flowchart illustrating a detailed procedure of a service server in a login system using a disposable authentication number according to the first embodiment of the present invention.
5A and 5B are views showing an example in which log-in using a disposable authentication number according to the first embodiment of the present invention is actually applied to a smart TV.
6A and 6B are views showing an example in which a login using a disposable authentication number according to the first embodiment of the present invention is actually applied to a PC.
7 is a diagram illustrating a detailed configuration of a service server in a login system using a disposable authentication number according to a second embodiment of the present invention.
8 is a flowchart illustrating a detailed procedure of a service server in a login system using a disposable authentication number according to a second embodiment of the present invention.
9A and 9B are views showing an example in which log-in using a disposable authentication number according to the second embodiment of the present invention is actually applied to a smart TV.
10A and 10B are views showing an example in which the positions of the terminals are different in the login using the disposable authentication number according to the second embodiment of the present invention.
11 is a view showing a detailed configuration of a service server in a login system using a disposable authentication number according to a third embodiment of the present invention.
12 is a flowchart illustrating a detailed procedure of a service server in a login system using a disposable authentication number according to a third embodiment of the present invention.
13 is a diagram showing an example in which log-in using a disposable authentication number according to the third embodiment of the present invention is actually applied to a PC.

DETAILED DESCRIPTION OF THE INVENTION The following detailed description of the invention refers to the accompanying drawings that show, by way of illustration, specific embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the invention in connection with an embodiment. It is also to be understood that the position or arrangement of the individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is to be limited only by the appended claims, along with the full scope of equivalents to which the claims are entitled, if properly explained. In the drawings, like reference numerals refer to the same or similar functions throughout the several views.

The present invention provides a one-time authentication number (for example, OTP (One Time Password)) through an existing application (or an arbitrary medium) and transmits the issued one-time authentication number to another application Disclosed is a login system and method using a disposable authentication number that can be log-in by entering it on a page.

Therefore, in the present invention, a single-use authentication number composed of, for example, a simple number can be input without inputting an ID and a password, so that it is possible to easily log in an apparatus (for example, a TV or the like) In addition, when the one-time authentication number for login is used for login in a terminal in a public place, there is no fear of exposing the ID and password, and even if the one-time authentication number is leaked, the security problem does not occur.

In addition, according to the embodiment of the present invention, the location information may be additionally combined with the disposable authentication number to enhance security, and the disposable authentication number and the ID may be input together according to another embodiment of the present invention. It can also be implemented. All of these embodiments are more secure than conventional login methods and can reduce the inconvenience of password entry.

Meanwhile, in the present invention, 'one-time authentication number' may be composed of various combinations of numbers, letters, symbols, etc., but it may be composed of a predetermined number. In addition, the number of the disposable authentication numbers may be variously set according to the degree of security. In the following description, a disposable authentication number generated in the form of a twelve-digit number or six-digit number or a combination of numbers and letters is exemplified according to each embodiment. The disposable authentication number is a value randomly generated so that it can be used only once, and is automatically discarded and can not be reused when a preset valid time (for example, 1 minute, 1 minute, 30 seconds, etc.) elapses. Therefore, even if the disposable authentication number is leaked, there is no risk of security. Typical disposable authentication number includes OTP which is used as an auxiliary means such as financial settlement. In the following description, the disposable authentication number will be referred to as OTP for convenience of explanation.

In the present invention, 'token' means data provided from the server to the terminal for authentication of the logged-in terminal, and may include authentication data of the user. Therefore, an authentication token is given to the terminal normally logged in, and the terminal can maintain the login state with the authentication token given thereto.

The term " terminal " (e.g., the first terminal, the second terminal, and the like) in the following description includes not only a general desktop computer but also a smart phone, including a mobile communication terminal, a desktop computer, a notebook computer, a digital device having a memory means such as a palmtop computer, a personal digital assistant (PDA), a web pad, etc. and equipped with a microprocessor and capable of computing can be adopted as a terminal according to the present invention . Hereinafter, the first terminal will be described as a smartphone, and the second terminal will be described as a TV (e.g., a smart TV) or a PC.

In the following description, a TV having any type of form and function is applicable to the present invention. In the following description, a smart TV in which a predetermined application is installed and a communication function with the Internet is provided Will be described. Meanwhile, the present invention can be applied to a system in which a set-top box is connected to a general TV rather than a smart TV, and all or a part of the functions implemented in the smart TV according to the present invention can be implemented to function in a set- have. In the following description, the TV is described as a smart TV in order to facilitate the understanding of the invention. However, the present invention is not limited to the smart TV, but may be applied to any type of TV in which a predetermined application is installed and a network communication function is provided This is possible.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings, so that those skilled in the art can easily carry out the present invention.

1 and 2, a concept and a system configuration of a login system using a disposable authentication number according to the present invention will be described. Next, referring to FIG. 3 to FIG. 13, The details of the configuration, procedures, and examples of service implementation will be described in detail.

Login system using disposable authentication number

1 is a view showing a concept of a login system using a disposable authentication number according to an embodiment of the present invention. 1, a login authentication number (that is, a disposable authentication number) is confirmed in an already logged in application of a first terminal (e.g., a smart phone), and the verified login authentication number is transmitted to a second terminal Or TV) or an application on the login page and requests a login, the user can log-in with the corresponding ID.

That is, in general, when the user wants to log in from the second terminal, the user must log in by inputting an ID and a password. In the present invention, it is possible to log in with the corresponding ID without inputting an ID and a password.

For example, as shown in FIG. 1, when a smartphone or the like requests a log-in authentication number issue request or a log-in authentication number provision menu in a state of being logged in for a specific application (for example, a Naver application) A login authentication number is provided. At this time, the login authentication number is a number that can be effectively used only for a preset time (e.g., 1 minute or 1 minute 30 seconds) as the disposable authentication number. Therefore, the validity time may be displayed below the login authentication number as shown. The user must use the login authentication number before the expiration time expires.

When the login authentication number issued through the smart phone is input in the login screen of the web page of the PC or the application installed in the TV according to the embodiment of the present invention as described above, do.

By doing so, it is possible to log in by simply inputting a simple number without inputting a complicated ID and password at the time of login, and there is an advantage that serious security problem does not occur even if it is leaked out because the login authentication number to input is a one-time authentication number.

2 is a diagram illustrating a login system using a disposable authentication number according to an embodiment of the present invention. 2, a system according to the present invention includes a first terminal 100 (e.g., a smartphone), a second terminal 110 (e.g., a TV 110a, a PC 110b, etc.), a communication network 120 , A service server 130, and the like.

First, the first terminal 100 accesses the service server 130 through the communication network 120 and logs into a specific application. In accordance with the present invention, when the first terminal 100 logs in a specific application, (Hereinafter, referred to as 'OTP' for convenience of explanation). On the other hand, if the first terminal 100 is a smart phone, the application may be continuously maintained in the smartphone.

The OTP provided to the first terminal 100 may be automatically generated and provided when the user receives the request from the service server 130 through the logged-in application or selects a specific menu provided by the application.

At this time, the user can log in with the same ID as the ID of the user logged in from the first terminal 100 by inputting the OTP on the login screen of the TV 110a or the PC 110b.

That is, when the OTP is input to the login screen of the second terminal 110, the logged-in OTP is transmitted to the service server 130 through the communication network 120. In the service server 130, And then performs the login process for the second terminal 110 by checking the transmitted OTP.

Meanwhile, the communication network 120 may be configured without discriminating the communication modes such as wired and wireless, and may be a personal area network (PAN), a local area network (LAN), a metropolitan area network (MAN) A metropolitan area network (WAN), and a wide area network (WAN). Also, the communication network 120 may be a known World Wide Web (WWW) and may use a wireless transmission technology used for short-distance communication such as Infrared Data Association (IrDA) or Bluetooth It is possible. Also, the communication network 120 may include a cable broadcasting communication network, a terrestrial broadcasting communication network, a satellite broadcasting communication network, or the like for receiving a broadcasting signal from the TV 110a.

In addition, as described above, the smartphone has been described as an example of the first terminal 100 in FIG. 2, but it is also possible that a user communicates with the service server 130 through the service communication network 120 And includes any function that allows a specific application to be installed and to receive an OTP. For example, a desktop computer, a notebook computer, a workstation, a palmtop computer, a personal digital assistant (PDA), a web pad, and the like may be adopted as the first terminal as well as the mobile communication terminal, But is not limited thereto.

Hereinafter, a login method using the disposable authentication number according to each embodiment of the present invention will be described with reference to FIG. 3 to FIG. First, a login method according to the first embodiment will be described with reference to FIGS. 3 to 6. A login method according to a second embodiment will be described with reference to FIGS. 7 to 10. Referring to FIGS. 11 to 13, The login method according to the third embodiment will be described.

1st Example (One-time authorization number)

3 is a diagram illustrating a detailed configuration of a service server in a login system using a disposable authentication number according to a first embodiment of the present invention. 3, the service server providing log-in using the disposable authentication number according to the first embodiment of the present invention includes a request receiving unit 310, a validity determining unit 320, an OTP generating unit 330, An OTP receiving unit 350, an authentication confirming unit 360, a login processing unit 370, and the like.

First, the first terminal 100 (e.g., a smartphone) is logged into a specific application and stores, for example, an authentication token as a login result as described above. In this case, when requesting the service server 130 to generate a disposable authentication number (OTP) through the application or the like according to the embodiment of the present invention, the pre-stored login information (i.e., authentication token) send.

The request receiving unit 310 of the service server 130 receives the request for generating the disposable authentication number from the first terminal 100 and determines the validity from the login information transmitted together through the validity determination unit 320 . That is, the validity determination unit 320 determines validity of the authentication token by comparing the received authentication token with the login related information stored in the login information database 381 to determine whether the terminal is normally logged in.

If the validity determination unit 320 determines that the first terminal 100 is a normally logged-in terminal, the OTP generator 330 generates a disposable authentication number, i.e., an OTP, according to an embodiment of the present invention. The generated OTP is stored in the OTP information database 382. At this time, since the generated OTP is information that can be effectively used only for a preset predetermined time, it is preferable to store the generated time information together. If the timer is driven and expired, the generated OTP is discarded and used I will not. Also, it is preferable that the OTP is mapped with login information logged in the first terminal 100 and stored.

The generated OTP is transmitted to the first terminal 100 requesting generation of the authentication number through the OTP transmitter 340. The transmitted OTP is displayed on the screen through the application of the first terminal 100.

After confirming the OTP displayed on the first terminal 100, the user inputs the OTP on the login screen of the second terminal 110 (e.g., an OTP login screen or a general login screen). Then, the input OTP is transmitted to the service server 130.

The OTP receiving unit 350 of the service server 130 receives the OTP transmitted from the second terminal 110 and the authentication verifying unit 360 transmits the received OTP to the valid OTP Confirm whether it is.

If it is determined that the received OTP is a valid OTP, the login processing unit 370 checks the login information mapped to the OTP, and log-processes the second terminal 110 with the ID of the corresponding login information . For example, an authentication token is generated and transmitted to the second terminal 110, thereby performing a login process for the second terminal 110.

By doing so, it is possible to easily log in the second terminal 110 without inputting a login ID and a password.

4 is a flowchart illustrating a detailed procedure of a service server in a login system using a disposable authentication number according to the first embodiment of the present invention. 4, the service server 130 first receives a Uniform Resource Locator (URL) and an authentication token from the first terminal 100 and then determines whether the received authentication token is valid S401). If it is determined that the received authentication token is valid, a disposable authentication number (OTP) is generated and stored (S402). At this time, according to the embodiment of the present invention, a UUID (Universal Unique Identifier) can be generated as a disposable authentication number.

The UUID is a 128-bit number used to identify an object or entity on the Internet. It is a nearly uniquely identifiable identifier made up of a combination of space and time, and is used for a variety of purposes ranging from extremely short time objects to permanent object identification. The UUID is a value used for example to facilitate understanding of the present invention, but the present invention is not limited thereto.

The generated UUID is transmitted to the first terminal 100. The user directly inputs the UUID through the second terminal 110 and transmits the UUID to the service server 130 again. The service server 130 receives the UUID from the second terminal 110 and extracts the stored data through the received UUID (S403). If there is data matched with the UUID as a result of the extraction (S404), the login process is performed with reference to the matched data (S405). That is, referring to the login information of the first terminal 100, the second terminal 110 is log-in with the corresponding ID. Accordingly, the second terminal 110 transmits an authentication token for the login of the second terminal 110 to the second terminal 110.

By doing so, the second terminal 110 can input only the UUID and log in without inputting the ID and password.

5A and 5B are views showing an example in which log-in using a disposable authentication number according to the first embodiment of the present invention is actually applied to a smart TV. Referring to FIG. 5A, when a login is required during execution of a specific application on a TV or the like having inconvenient character input, at least one login method as shown can be provided. For example, a general log-in method for logging in by inputting an ID and a password, a QR code log-in method for logging in by scanning a QR code, or an authentication number log-in method for logging in using a disposable authentication number according to an embodiment of the present invention . At this time, if an authentication number login is selected according to the embodiment of the present invention, an input window for inputting a disposable authentication number is provided as shown in the figure.

5B, the user can receive a disposable authentication number from an application installed in a smart phone or the like, and input the provided disposable authentication number into the login window of the TV so that the user can log in without inputting an ID and a password. For example, when the authentication number login item is selected in the application of the smart phone, a one-time authentication number composed of 12 digits is generated as shown in the figure. Also, as described above, since the disposable authentication number is a value that can be effectively used only for a certain period of time, the effective time can be displayed together. Accordingly, the user may input the disposable authentication number into the authentication number input window of the TV before the expiration of the displayed valid time, and request the login.

Therefore, it is possible to log in by inputting the disposable authentication number, which is simply composed of numbers, according to the embodiment of the present invention without inputting the ID or password including various letters, numbers, symbols and the like in the TV, do.

6A and 6B are views showing an example in which a login using a disposable authentication number according to the first embodiment of the present invention is actually applied to a PC. Referring to FIG. 6A, when a login to a specific web site is required in a PC installed in a public place where an ID and a password may be leaked, at least one login method may be provided as shown in the figure. For example, a general log-in method for logging in by inputting an ID and a password, a QR code log-in method for logging in by scanning a QR code, or an authentication number log-in method for logging in using a disposable authentication number according to an embodiment of the present invention . At this time, if an authentication number login is selected according to the embodiment of the present invention, an input window for inputting the disposable authentication number is provided as shown in the figure.

6B, the user can receive a disposable authentication number from an application installed in a smart phone or the like, and input the provided disposable authentication number into the login window of the PC so that the user can log in without inputting an ID and a password. For example, when the authentication number login item is selected in the application of the smart phone, a one-time authentication number composed of 12 digits is generated as shown in the figure. Also, as described above, since the disposable authentication number is a value that can be effectively used only for a certain period of time, the effective time can be displayed together. Accordingly, the user may input the disposable authentication number into the authentication number input window of the PC before the expiration of the displayed valid time, and request the login.

Accordingly, login can be performed by inputting a disposable authentication number, which is simply composed of numerals, according to an embodiment of the present invention without inputting an ID or a password in a PC installed in a public place where an ID and a password may be leaked as shown in the figure. On the other hand, as described above, since the disposable authentication number can be used only for a predetermined period of time (especially, for a short period of time), it can be reused even if it is leaked to a malicious user.

Second Example (Disposable authentication number + location information)

7 is a diagram illustrating a detailed configuration of a service server in a login system using a disposable authentication number according to a second embodiment of the present invention. 7, the service server 130 for providing a login using the disposable authentication number according to the second embodiment of the present invention includes a request receiving unit 710, a validity determining unit 720, a location storage unit 730, An OTP generating unit 740, an OTP transmitting unit 750, an OTP receiving unit 760, an authentication confirming unit 770, a position confirming unit 780, and a login processing unit 790.

First, the first terminal 100 (e.g., a smartphone) is logged into a specific application and stores, for example, an authentication token as a login result as described above. In this case, when requesting the service server 130 to generate a disposable authentication number (OTP) through the application or the like according to the embodiment of the present invention, the pre-stored login information (i.e., authentication token) send. At this time, the location information of the first terminal 100 may be transmitted together according to the second embodiment of the present invention. In addition, according to an embodiment of the present invention, information (e.g., IP information, base station information to which a terminal belongs) to be located can be transmitted to the service server 130, The location information of the first terminal 100 may be collected.

The request receiving unit 710 of the service server 130 receives the request for generating the disposable authentication number from the first terminal 100 and determines validity from the login information transmitted together through the validity determination unit 720 . That is, the validity determination unit 720 compares the received authentication token with the login related information stored in the login information database 381 to determine whether the authentication token is valid or not by checking whether the terminal is normally logged in.

If the validity determination unit 720 determines that the first terminal 100 is a normally logged-in terminal, the first terminal 100 collects the location information of the first terminal 100 according to the second exemplary embodiment of the present invention, (791). The method of collecting the location information may be variously implemented. For example, GPS position information of the first terminal 100 may be provided or local information may be extracted through IP (Internet Protocol) information of the first terminal 100.

The OTP generation unit 740 generates a disposable authentication number, i.e., an OTP, according to an embodiment of the present invention. The generated OTP is stored in the OTP information database 382. At this time, since the generated OTP is information that can be effectively used only for a preset predetermined time, it is preferable to store the generated time information together. If the timer is driven and expired, the generated OTP is discarded and used I will not. Also, it is preferable that the OTP is mapped with login information logged in the first terminal 100 and stored.

The generated OTP is transmitted to the first terminal 100 requesting the generation of the authentication number through the OTP transmission unit 750. The transmitted OTP is displayed on the screen through the application of the first terminal 100.

The user confirms the OTP displayed on the first terminal 100 and then inputs the OTP on the login screen of the second terminal 110. [ Then, the input OTP is transmitted to the service server 130.

The OTP receiving unit 760 of the service server 130 receives the OTP transmitted from the second terminal 110 and the authentication confirmation unit 770 transmits the OTP information to the OTP information database 382 via the OTP information database 382, Confirm whether it is.

If the received OTP is a valid OTP, the location determination unit 780 determines the location of the second terminal 110 according to the second embodiment of the present invention. That is, the location determination unit 780 compares the location information of the first terminal 100 with the location information of the second terminal 110 and processes the same as a normal login request only when the location is the same. If the location of the first terminal 100 and the location of the second terminal 110 are not the same or are separated from each other by a predetermined distance, there is a high possibility that the request is an illicit login request by a malicious user. Therefore, in the second embodiment of the present invention, it is possible to provide a more secure login through authentication of location information as well as authentication using a disposable authentication number.

As an example of a method of comparing the location of the first terminal 100 with the location of the second terminal 110, the IP information of the first terminal 100 stored in the location information database 791 and the IP information of the second terminal 110 ), And the present invention is not limited thereto. That is, if the IP information of the first terminal 100 and the IP information of the second terminal 110 are the same, it can be regarded as the same position. Even if the IP information is not the same, It is possible to judge whether the position is the same or a close position.

If the first terminal 100 and the second terminal 110 are located at the same position or within a predetermined distance within a predetermined distance as a result of the confirmation of the location confirmation unit 780, the login processing unit 790 transmits the OTP- The second terminal 110 is log-in with the ID of the corresponding login information. For example, an authentication token is generated and transmitted to the second terminal 110, thereby performing a login process for the second terminal 110.

By doing so, it is possible to easily log in the second terminal 110 without inputting a login ID and a password.

8 is a flowchart illustrating a detailed procedure of a service server in a login system using a disposable authentication number according to a second embodiment of the present invention. Referring to FIG. 8, the service server 130 first receives a URL (Uniform Resource Locator) requesting a one-time password generation from the first terminal 100 and an authentication token, and then determines whether the received authentication token is valid S801). If it is determined that the received authentication token is valid, the location information of the first terminal 100 is extracted through GPS location information or IP (S802). Then, a disposable authentication number (OTP) is generated and stored in the database together with the extracted location information (S803). At this time, according to the embodiment of the present invention, a UUID can be generated as a disposable authentication number as in the first embodiment.

The generated UUID is transmitted to the first terminal 100. The user directly inputs the UUID through the second terminal 110 and transmits the UUID to the service server 130 again. The service server 130 receives the UUID from the second terminal 110 and extracts the stored data through the received UUID (S804). If there is data matched with the UUID as a result of the extraction (S805), the login process is performed with reference to the matched data (S808).

At this time, it is possible to determine whether the login request is a normal user by comparing the location information of the first terminal 100 extracted in the second embodiment of the present invention with the location information of the second terminal 110. [ For example, it may be determined whether the IP of the first terminal 100 stored in the database matches the IP of the second terminal 110 (S806), and the login process may proceed if the IPs of the two terminals match. If the IPs of the two terminals are different from each other, the location information is extracted from the IP of the requested second terminal 110 (S807), and the location corresponding to the IP of the first terminal 100 stored in the database It is possible to determine whether the extracted login request is a normal login request by checking whether or not the position corresponding to the IP of the extracted second terminal 110 is matched (S809). Whether or not the positions of the two terminals coincide with each other can be determined based on the unit of the administrative area of the location information or the base station, or may be determined to be in the same area if the location is within a specific distance.

Accordingly, when the two terminals match, the service server 130 refers to the login information of the first terminal 100 and logs in the second terminal 110 using the corresponding ID. Accordingly, the second terminal 110 transmits an authentication token for the login of the second terminal 110 to the second terminal 110.

By doing so, the second terminal 110 can input only the UUID and log in without inputting the ID and password.

9A and 9B are views showing an example in which log-in using a disposable authentication number according to the second embodiment of the present invention is actually applied to a smart TV. Referring to FIG. 9A, when a login is required during execution of a specific application on a TV or the like having inconvenient character input, at least one login method as shown can be provided. For example, a general log-in method for logging in by inputting an ID and a password, a QR code log-in method for logging in by scanning a QR code, or an authentication number log-in method for logging in using a disposable authentication number according to an embodiment of the present invention . At this time, if an authentication number login is selected according to the embodiment of the present invention, an input window for inputting the disposable authentication number is provided.

9B, the user can receive a disposable authentication number from an application installed in a smart phone or the like, and input the provided disposable authentication number into the login window of the TV so that the user can log in without inputting an ID and a password. For example, when the authentication number login item is selected in the application of the smart phone, a one-time authentication number composed of 12 digits is generated as shown in the figure. Also, as described above, since the disposable authentication number is a value that can be effectively used only for a certain period of time, the effective time can be displayed together. Accordingly, the user may input the disposable authentication number into the authentication number input window of the TV before the expiration of the displayed valid time, and request the login.

In this case, according to the second embodiment of the present invention, when requesting the disposable authentication number to the service server, the smart phone may provide location information together with the login information as described above. Accordingly, if the authentication number log-in is selected from the menu of the smartphone, a window for asking for a usage agreement on the current location information can be generated as shown in the figure. Accordingly, it is possible to provide a login by selectively comparing the position with the smartphone as shown in the figure. When the login process is performed in combination with the positional information as described above, since the security is enhanced, the length of the disposable authentication number can be set shorter. For example, as shown in the figure, the 12-digit disposable authentication number is used in the first embodiment, but the 6-digit disposable authentication number can be used in the second embodiment.

On the other hand, in the authentication number display window according to the authentication number log-in selection, the position comparison option can be kept on by default.

10A and 10B are views showing an example in which the positions of the terminals are different in the login using the disposable authentication number according to the second embodiment of the present invention. 9A and 9B, when the login fails due to a difference in position between the terminals, the position comparison option is turned off in the authentication number display window shown in FIG. 9B, and the disposable authentication number You can get a reissue. Accordingly, the re-issued one-time authentication number can be entered again by entering the re-issued authentication number into the login window of the second terminal (i.e., TV).

Third Embodiment (Disposable Authentication Number + ID )

11 is a view showing a detailed configuration of a service server in a login system using a disposable authentication number according to a third embodiment of the present invention. 11, a service server 130 for providing a login using a disposable authentication number according to the third embodiment of the present invention includes a request receiving unit 1110, a validity determining unit 1120, an OTP generating unit 1130, An OTP transmission unit 1140, an OTP reception unit 1150, an authentication confirmation unit 1160, an ID verification unit 1170, and a login processing unit 1180.

First, the first terminal 100 (e.g., a smartphone) is logged into a specific application and stores, for example, an authentication token as a login result as described above. In this case, when requesting the service server 130 to generate a disposable authentication number (OTP) through the application or the like according to the embodiment of the present invention, the pre-stored login information (i.e., authentication token) send.

The request receiving unit 1110 of the service server 130 receives the request for generating the disposable authentication number from the first terminal 100 and determines the validity from the login information transmitted together through the validity determination unit 1120 . That is, the validity determination unit 1120 compares the received authentication token with the login related information stored in the login information database 381 to determine whether the authentication token is valid or not by checking whether the terminal is normally logged in.

If the validity determination unit 1120 determines that the first terminal 100 is normally a logged-in terminal, the OTP generation unit 1130 generates a disposable authentication number, i.e., OTP, according to an embodiment of the present invention. The generated OTP is stored in the OTP information database 382. At this time, since the generated OTP is information that can be effectively used only for a preset predetermined time, it is preferable to store the generated time information together. If the timer is driven and expired, the generated OTP is discarded and used I will not. Also, it is preferable that the OTP is mapped with login information logged in the first terminal 100 and stored.

The generated OTP is transmitted to the first terminal 100 requesting generation of the authentication number through the OTP transmitter 1140. The transmitted OTP is displayed on the screen through the application of the first terminal 100.

After confirming the OTP displayed on the first terminal 100, the user inputs an ID to log in on the login screen of the second terminal 110 and the confirmed OTP. Then, the input ID and OTP are transmitted to the service server 130 for processing. At this time, the login screen may be a general login screen for inputting an ID and a password, and a login request can be made by inputting an OTP in a password input field on the general login screen.

The OTP receiving unit 1150 of the service server 130 receives the ID and the OTP transmitted from the second terminal 110 and the authentication confirmation unit 1160 transmits the received OTP through the OTP information database 382 Verify that it is a valid OTP.

If it is determined that the received OTP is a valid OTP, the ID verification unit 1170 checks the login information of the first terminal 100 stored in the login information database 381, 100 < / RTI >

If it is determined that the ID is the same as the ID, the login processing unit 1180 performs login processing of the second terminal 110 with the ID of the corresponding login information. For example, an authentication token is generated and transmitted to the second terminal 110, thereby performing a login process for the second terminal 110.

By doing so, the second terminal 110 can input the OTP instead of the set login password, thereby making it possible to easily log in without leakage of the password.

12 is a flowchart illustrating a detailed procedure of a service server in a login system using a disposable authentication number according to a third embodiment of the present invention. 12, the service server 130 first receives a Uniform Resource Locator (URL) for requesting a one-time password generation from the first terminal 100 and an authentication token, and then determines whether the received authentication token is valid S1201). If it is determined that the received authentication token is valid, a disposable authentication number (OTP) is generated and stored (S1202). At this time, as in the first and second embodiments of the present invention, a UUID can be generated as a disposable authentication number.

The generated UUID is transmitted to the first terminal 100. The user directly inputs the ID and the UUID through the second terminal 110 and transmits the ID and the UUID to the service server 130 again. The service server 130 receives the ID and the UUID from the second terminal 110 and extracts the stored data through the received UUID (S1203). If there is data matched with the UUID as a result of the extraction (S1204), it is checked whether the received ID matches the ID to be logged in accordance with the third embodiment of the present invention (S1205).

If the IDs match, the login process proceeds with the corresponding ID (S1206). That is, the second terminal 110 is log-in with the ID input from the second terminal 110. Accordingly, the second terminal 110 transmits an authentication token for the login of the second terminal 110 to the second terminal 110.

By doing so, the second terminal 110 can log in by inputting a UUID which is simple and has no risk of leakage, instead of inputting the actual password in the login input window.

13 is a diagram showing an example in which log-in using a disposable authentication number according to the third embodiment of the present invention is actually applied to a PC. 13, it is possible to log in by inputting the one-time authentication number generated according to the present invention in place of the actual login password in the general login window of the PC or TV according to the third embodiment of the present invention.

Therefore, in applying the present invention to the third embodiment of the present invention, it is not necessary to implement a separate login creation window. When the service server 130 verifies the password, confirmation of the disposable authentication number is performed together with the existing password By doing so, you can provide a login with a one-time authorization number.

The advantages and features according to the embodiments of the present invention are as follows.

Support target Authentication number form Advantages Remarks First Embodiment Smart TV
PC 12 digits High security Sign-in Safe at 10,000 people Second Embodiment Smart TV 6 digits Input Convenience Comparison of location of TV and smartphone to secure security Third Embodiment PC 6 digits alphabet + number High security
Existing login screen available Improved input convenience on smart TV with QR code login

The various operations and functions as described herein with respect to the various methods may be performed by any of a number of types of functions, such as a particular processing function and / or a processing function implemented therein, and / ≪ / RTI > For example, such functions may be described herein, as well as performing various operations and processes as described herein, or any other operations and functions as described herein, etc., or the like, And may perform such operations, processes, and the like.

In some embodiments, such functions (which may be implemented on the same device or on distinct devices) may be implemented in such a manner and in accordance with various aspects of the present invention, etc., and / Operations and functions, and their equivalents. In some embodiments, such processing is performed together by the first functional portion in the first device and the second functional portion in the second device. In other embodiments, such processing, operations, etc. are performed entirely by the processing units within one particular apparatus. Even in other embodiments, such processing and operations are performed using at least a first functional portion and a second functional portion within a single device.

Also, in the foregoing description, the terms " system, " " device, " and " section " may be a single processing device or a plurality of processing devices. Such a processing device may be a microprocessor, a microcontroller, a digital signal processor, a microcomputer, a central processing unit, a field programmable gate array, a programmable logic device, a state machine, a logic circuit, an analog circuit, a digital circuit, and / (Analog and / or digital) based on hard coding of operational instructions. The processing module, module, processing circuit, and / or processing unit may be implemented as a single memory device, a plurality of memory devices, and / or a combination of the processing modules, the processing circuitry, and / Lt; / RTI > memory and / or an integrated memory element. Such a memory device may be any device that stores read only memory (ROM), random access memory (RAM), volatile memory, non-volatile memory, static memory, dynamic memory, flash memory, cache memory, and / . If the processing module, the module, the processing circuit, and / or the processing unit include one or more processing devices, the processing devices may be centrally located (i.e., directly or indirectly via a wired and / Connected), distributed (e.g., cloud computing via an indirect connection over a local and / or wide area network). If the processing module, module, processing circuit, and / or processing unit implements one or more of those functions through a static machine, analog circuitry, digital circuitry, and / or circuitry, memory and / It should further be noted that the corresponding operating instructions may be internal or external to the circuit including the static machine, analog circuitry, digital circuitry, and / or logic circuitry. The memory element may be stored and the processing module, module, processing circuitry, and / or processing unit may be configured to store a hard-coded and / or hard-coded data item corresponding to at least a portion of the steps and / or functions depicted in one or more of the figures It should be further noted that it carries out operational instructions. Such a memory device or memory element may be included within the components of the manufacture.

The present invention has been described above with the aim of method steps indicative of the performance of certain functions and their relationships. The boundaries and order of these functional components and method steps have been arbitrarily defined herein for convenience of description. Alternative boundaries and sequences may be defined as long as the specific functions and relationships are properly performed. Any such alternative boundaries and sequences are therefore within the scope and spirit of the claimed invention. In addition, the boundaries of these functional components have been arbitrarily defined for ease of illustration. Alternative boundaries can be defined as long as certain important functions are properly performed. Likewise, the flow diagram blocks may also be arbitrarily defined herein to represent any significant functionality. For extended use, the flowchart block boundaries and order may have been defined and still perform some important function. Alternative definitions of both functional components and flowchart blocks and sequences are therefore within the scope and spirit of the claimed invention. Those skilled in the art will also appreciate that the functional components and other illustrated blocks, modules, and components herein may be implemented as illustrated or as separate components, such as semiconductor integrated circuits (ASICs) And the like, or any combination thereof.

The invention may also be described, at least in part, in terms of one or more embodiments. Embodiments of the invention are used herein to describe the invention, aspects thereof, features thereof, concepts thereof, and / or examples thereof. The physical embodiment of an apparatus, article of manufacture, machine, and / or process for implementing the invention may include one or more aspects, features, concepts, examples, etc., described with reference to one or more embodiments described herein . Moreover, in the entire drawing, embodiments may incorporate the same or similarly named functions, steps, modules, etc. that may use the same or different reference numbers, and as such, the functions, The steps, modules, etc. may be the same or similar functions, steps, modules, etc. or others.

Meanwhile, the term "processing unit" is used in the description of various embodiments of the present invention. A module includes a functional block implemented via hardware to perform one or more functions, such as processing one or more input signals to produce one or more output signals. The hardware implementing the functional block may operate directly by combining software and / or firmware. As used herein, a module may include one or more sub-modules that are themselves modules.

While various combinations of features and specific combinations of features of the present invention are explicitly described herein, other combinations of these features and functions are likewise possible. The present invention is not limited to the specific examples disclosed herein, and obviously incorporates these other combinations.

As described above, the present invention has been described by specific embodiments such as specific components and the like. For those skilled in the art, various modifications and variations are possible from these descriptions.

Accordingly, the spirit of the present invention should not be construed as being limited to the embodiments described, and all of the equivalents or equivalents of the claims, as well as the following claims, belong to the scope of the present invention .

100: first terminal (smart phone) 110: second terminal (TV or PC)
120: communication network 130: service server
310: request reception unit 320: validity determination unit
330: OTP generation unit 340: OTP transmission unit
350: OTP receiver 360:
370: a login processing unit 381: a login information database
382: OTP information database 710: Request receiver
720: validity determination unit 730:
740: OTP generation unit 750: OTP transmission unit
760: OTP receiver 770:
780: Position confirming unit 790: Login processing unit
791: Location information database 1110: Request receiver
1120: validity determination unit 1130: OTP generation unit
1140: OTP transmitter 1150: OTP receiver
1160: Authentication verification unit 1170: ID verification unit
1180:

Claims (22)

A first terminal logged in to a service server;
A service server receiving a request for providing a one-time authentication number from the first terminal, generating a one-time authentication number, and providing the generated one-time authentication number to the first terminal; And
And a second terminal receiving the one-time authentication number received through the first terminal and transmitting the received one-time authentication number to the service server, and in response thereto, logging in by the service server.
The method according to claim 1,
And the second terminal is a PC or a TV, using a disposable authentication number.
The method according to claim 1,
Wherein the disposable authentication number is a UUID (Universal Unique Identifier), and the disposable authentication number is a UUID (Universal Unique Identifier).
The method according to claim 1,
Wherein the disposable authentication number is automatically discarded when a predetermined time elapses after the disposable authentication number is generated.
The method according to claim 1,
Wherein the disposable authentication number is composed of a plurality of numbers, and the number of the disposable authentication numbers is set in consideration of the degree of security.
The service providing system according to claim 1,
The first terminal acquires position information of the first terminal and the second terminal and when the position information of the first terminal and the position information of the second terminal are within the same or predetermined range, A login system using a one-time authorization number.
The service providing system according to claim 1,
And the second terminal is further provided with the ID information input from the second terminal and performs login processing for the second terminal when the provided ID information matches the login ID information of the first terminal, Login system.
A request receiver for receiving a request for providing a disposable authentication number from a first terminal that is logged in to a service server;
A validity determining unit for determining the validity of login of the first terminal from the login information for the first terminal according to the request;
An OTP (One Time Password) generator for generating a one-time authentication number when the first terminal is normally a logged-in terminal as a result of the validity determination;
An OTP transmitter for transmitting the generated disposable authentication number to the first terminal;
An OTP receiving unit configured to receive the one-time authentication number from a second terminal receiving the one-time authentication number transmitted to the first terminal;
An authentication confirmation unit for performing authentication by comparing the one-time authentication number received through the OTP receiving unit with the one-time authentication number generated through the OTP generating unit; And
And a login processing unit configured to log-in the second terminal when the one-time authentication number is matched as a result of the comparison of the authentication confirmation unit.
The method according to claim 8,
And the second terminal is a PC or a TV, and provides a login service using a disposable authentication number.
The method according to claim 8,
Wherein the one-time authentication number is a universal unique identifier (UUID), and the service server for providing a login service using the one-time authentication number.
The method according to claim 8,
Wherein the disposable authentication number is automatically discarded when a predetermined time elapses after the disposable authentication number is generated.
The method according to claim 8,
Wherein the disposable authentication number is composed of a plurality of numbers, and the number of the disposable authentication numbers is set in consideration of the degree of security, the service server for providing the login service using the disposable authentication number.
The system according to claim 8,
A location storage unit for collecting location information of the first terminal and storing the collected location information in a database; And
And a location confirmation unit for checking whether the location information of the first terminal and the location information of the second terminal are the same or within a predetermined range,
Wherein the login processing unit performs login processing for the second terminal when the location information of the location confirmation unit is the same or within a predetermined range.
The system according to claim 8,
And an ID checking unit for receiving further ID information input from the second terminal and checking whether the provided ID information matches the login ID information of the first terminal,
Wherein the login processing unit performs login processing for the second terminal when the ID information of the ID verification unit matches the ID information of the second terminal.
A method for providing a login service using a disposable authentication number in a service server, the method comprising the steps of:
Receiving a request for providing a disposable authentication number from a first terminal that is logged in to the service server at a request receiving unit;
Determining, by the validity determination unit, the login validity of the first terminal from the login information for the first terminal according to the request;
Generating a one-time authentication number in the OTP (One Time Password) generation unit if the first terminal is a terminal that is normally logged in as a result of the validity determination unit;
Transmitting the generated disposable authentication number to the first terminal in an OTP transmission unit;
Receiving, by the OTP receiving unit, the one-time authentication number from a second terminal receiving the one-time authentication number transmitted to the first terminal;
In the authentication confirmation unit, performing the authentication by comparing the one-time authentication number received through the OTP receiving unit with the one-time authentication number generated through the OTP generating unit; And
In the login processing unit, if the result of the comparison of the authentication confirmation unit matching the one-time authentication number comprising the step of log-in processing the second terminal, Login service providing method using a one-time authentication number.
16. The method of claim 15,
Wherein the second terminal is a PC or a TV, and the one-time authentication number is used.
16. The method of claim 15,
Wherein the one-time authentication number is a universal unique identifier (UUID).
16. The method of claim 15,
Wherein the disposable authentication number is automatically discarded when a predetermined time elapses after the disposable authentication number is generated.
16. The method of claim 15,
Wherein the disposable authentication number is composed of a plurality of numbers, and the number of the disposable authentication numbers is set considering the degree of security.
The method according to claim 15, wherein the method,
Collecting location information of the first terminal in a location storage unit and storing the collected location information in a database;
Confirming whether the location information of the first terminal and the location information of the second terminal are within the same or predetermined range, in the location confirmation unit; And
Further comprising the step of performing login processing for the second terminal when the login processing unit determines that the location information is the same or within a predetermined range as a result of the confirmation by the location confirmation unit.
The method according to claim 15, wherein the method,
Further comprising: receiving ID information input from the second terminal and confirming whether the provided ID information matches the login ID information of the first terminal; And
Further comprising the step of performing a login process for the second terminal when the ID information of the ID verification unit matches the ID information in the login processing unit.
A computer-readable recording medium having recorded thereon a program for executing the method according to any one of claims 15 to 21.

Images