KR20150131436A - System and method for verifying certification of user, and nfc tag - Google Patents
System and method for verifying certification of user, and nfc tag Download PDFInfo
- Publication number
- KR20150131436A KR20150131436A KR1020140057790A KR20140057790A KR20150131436A KR 20150131436 A KR20150131436 A KR 20150131436A KR 1020140057790 A KR1020140057790 A KR 1020140057790A KR 20140057790 A KR20140057790 A KR 20140057790A KR 20150131436 A KR20150131436 A KR 20150131436A
- Authority
- KR
- South Korea
- Prior art keywords
- authentication
- user
- terminal
- credential
- mobile terminal
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/067—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
- G06K19/07—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
- G06K19/077—Constructional details, e.g. mounting of circuits in the carrier
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Hardware Design (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Telephonic Communication Services (AREA)
Abstract
The present invention relates to a user authentication system and method, and an NFC tag. According to one embodiment of the present invention, an NFC tag that stores an authentication credential registered with an authentication server; A service for providing the mobile terminal information received together with the user authentication request from the connected user terminal to the authentication server, requesting the user credential authentication, and providing the service according to the authentication result from the authentication server Providing terminal; An authentication server for requesting a credential for authentication from a mobile terminal according to a user credential authentication request, receiving a credential for authentication from a mobile terminal to perform credential authentication, and providing an authentication result to the service providing terminal; And a mobile terminal for receiving a credential for authentication from an NFC tag by NFC communication according to a request of the authentication server and submitting the authentication credential to the authentication server. Also, a user authentication method and an NFC tag are proposed.
Description
The present invention relates to a user authentication system and method, and an NFC tag. More particularly, the present invention relates to a user authentication system and method for performing credential authentication using an NFC tag, and to an NFC tag used in such a user authentication system.
As the communication environment such as the Internet develops, electronic financial transactions or electronic commerce using the Internet are becoming active. However, it is not easy to identify yourself because electronic financial transactions or e-commerce transactions are carried out online. Accordingly, there is a case where the user is authenticated using the ID and password registered by the user confirmed for the user authentication. However, if stored in the terminal device by automatic setting or the like, the ID and the password are exposed There may be security problems.
In order to compensate for the vulnerability of such user authentication, two-channel authentication or multi-factor user authentication is being performed. For example, the two-channel method is a method of inputting an ID and a password in a user terminal and performing authentication through an OTP (One Time Password) of the mobile terminal. Since a plurality of devices are used, However, even in this case, information hacking or backdoor installation may be possible in both the user terminal and the mobile terminal in which the Internet communication is performed. Also, using multiple credentials (authentication factors), such as passwords and public certificates, or passwords, authenticated certificates and OTPs, or passwords and biometric information, rather than using a single credential, such as a password, . In this case, multiple authentication credentials are required, so that any one of them can stop the transaction in case of inconsistency and increase the security strength according to the weight of the authentication factor. However, due to the increase in the number of factories owned by users, it may cause inconveniences such as storage problems. In addition, in the case of a public certificate, a security problem is caused by storing it in a user terminal, or in case of using it in a storage medium such as a USB, it is necessary to connect to a user terminal. Hence, a security problem occurs when a user terminal is hacked or a back door is installed .
SUMMARY OF THE INVENTION The present invention has been made to solve the above-mentioned problems, and it is an object of the present invention to provide an authentication method and an authentication method in which an authentication credential is stored in an NFC tag separate from a device capable of Internet communication, A user authentication system and method with improved portability, and an NFC tag used in a user authentication system.
According to an aspect of the present invention, there is provided an NFC tag storing an authentication credential registered in an authentication server. A service for providing the mobile terminal information received together with the user authentication request from the connected user terminal to the authentication server, requesting the user credential authentication, and providing the service according to the authentication result from the authentication server Providing terminal; An authentication server for requesting a credential for authentication from a mobile terminal according to a user credential authentication request, receiving a credential for authentication from a mobile terminal to perform credential authentication, and providing an authentication result to the service providing terminal; And a mobile terminal for receiving a credential for authentication from an NFC tag by NFC communication according to a request of the authentication server and submitting the authentication credential to the authentication server.
In this case, in one example, the mobile terminal may be a communication terminal that has not undergone ownership confirmation of the user during the authentication process of the user requesting the service.
In addition, in one example, the authentication credentials stored in the NFC tag are encrypted information, and the authentication server can decrypt the encrypted authentication credentials submitted from the mobile terminal to perform authentication.
In another example, the user authentication system may further include a user terminal requesting user authentication to the connected service providing terminal, providing the mobile terminal information upon user authentication request, and receiving a service according to the authentication result from the service providing terminal have.
In yet another example, the mobile terminal may be the same terminal as the user terminal.
In order to solve the above-mentioned problem, according to another aspect of the present invention, there is provided a method of authenticating an authentication method comprising: registering an authentication credential stored in an NFC tag in an authentication server; Receiving, at a service providing terminal, mobile terminal information and a user authentication request from a connected user terminal; Requesting a credential submission to a mobile terminal provided from a service providing terminal according to a request of a service providing terminal at an authentication server; Communicating with an NFC tag in response to a credential submission request, receiving a credential for authentication and submitting a credential for authentication to an authentication server; And a step of providing an authentication result using the authentication credential in the authentication server to provide the authentication result to the service providing terminal and providing the service to the user terminal according to the authentication result in the service providing terminal .
At this time, in one example, the user authentication process for receiving the user authentication request, requesting the credential submission, and submitting the authentication credential may be omitted from the process of confirming the ownership of the authentication requesting user for the mobile terminal.
Also, in one example, the authentication credential stored in the NFC tag is encrypted information. In the course of performing authentication using the authentication credential, the authentication server decrypts the encrypted authentication credential submitted from the mobile terminal Authentication can be performed.
According to another example, the user terminal connected to the service providing terminal may be a terminal separate from the mobile terminal submitting the authentication credential.
In yet another example, the user terminal connected to the service providing terminal may be the same terminal as the mobile terminal submitting the authentication credential.
According to another aspect of the present invention, there is provided an NFC tag used in embodiments of a user authentication system according to an aspect of the present invention, the authentication credential A memory unit for storing the image data; An NFC communication unit for performing NFC communication with a mobile terminal of the user authentication system; And a control unit for controlling the NFC communication unit to provide an authentication credential stored in the memory unit to the NFC communication unit in response to the request for providing the authentication credential from the mobile terminal received through the NFC communication unit.
In this case, in one example, the NFC tag may be a passive tag that receives power from a mobile terminal via a NFC communication unit, together with a request signal for providing a credential for authentication, or may be an active tag that further includes a power supply unit for supplying power. .
According to one embodiment of the present invention, an authentication credential is stored in an NFC tag separate from a device capable of Internet communication, and a credential for authentication stored in an NFC tag is submitted to a mobile terminal, Can be improved.
Further, according to one example, the credentials stored in the NFC tag are not directly stored in the user terminal or the mobile terminal, thereby improving the security.
It is apparent that various effects not directly referred to in accordance with various embodiments of the present invention can be derived by those of ordinary skill in the art from the various configurations according to the embodiments of the present invention.
1 is a schematic diagram showing a user authentication system according to an embodiment of the present invention.
2 is a schematic diagram showing a user authentication system according to another embodiment of the present invention.
3 is a schematic block diagram illustrating an NFC tag according to an embodiment of the present invention.
4 is a flowchart schematically illustrating a user authentication method according to another embodiment of the present invention.
BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is a block diagram showing the configuration of a first embodiment of the present invention; Fig. In the description, the same reference numerals denote the same components, and a detailed description may be omitted for the sake of understanding of the present invention to those skilled in the art.
As used herein, unless an element is referred to as being 'direct' in connection, combination, or placement with other elements, it is to be understood that not only are there forms of being 'directly connected, They may also be present in the form of being connected, bonded or disposed.
It should be noted that, even though a singular expression is described in this specification, it can be used as a concept representing the entire constitution unless it is contrary to, or obviously different from, or inconsistent with the concept of the invention. It is to be understood that the phrases "including", "having", "having", "comprising", etc. in this specification are intended to be additionally or interchangeable with one or more other elements or combinations thereof.
First, a user authentication system according to one aspect of the present invention will be described with reference to the drawings.
FIG. 1 is a schematic diagram showing a user authentication system according to an embodiment of the present invention, and FIG. 2 is a schematic diagram showing a user authentication system according to another embodiment of the present invention.
1 and 2, a user authentication system according to an exemplary embodiment of the present invention includes an
Referring to FIGS. 1 and 2, the NFC
For example, the authentication credentials stored in the
For example, in one example, the NFC
For example, the
Next, the
The
For example, the service provided by the
Next, an
For example, the authentication credential stored in the
Next, the
For example, the
For example, in one example, the
Next, a user authentication system according to another example will be described with reference to FIG. Referring to FIG. 1, the user authentication system further includes a
Another example of the user authentication system will be described with reference to FIG. In this case, in the user authentication system, the
Next, an NFC tag according to another aspect of the present invention will be described with reference to the drawings. At this time, the NFC tag in the embodiments of the user authentication system according to the above-described one aspect and FIGS. 1 and 2 can be referred to, and redundant explanations can be omitted.
3 is a schematic block diagram illustrating an NFC tag according to an embodiment of the present invention.
1 and 2, an
The
For example, the authentication credential stored in the
Referring to FIG. 3, the
Next, referring to FIG. 3, in response to a credential provision request signal received from the
In this case, in one example, the
Or, in other applications, the
For example, the
Next, a user authentication method according to another aspect of the present invention will be described with reference to the drawings. At this time, embodiments of the user authentication system according to the above-described one aspect and FIGS. 1, 2 and 3 can be referred to, and redundant explanations can be omitted.
4 is a flowchart schematically illustrating a user authentication method according to another embodiment of the present invention.
Referring to FIG. 4, the user authentication method according to one example includes a credential registration step S100, a user authentication requesting step S300, a credential submission requesting step S500, an authentication credential submission step S700, Authentication and service providing step (S900). Let's look at each configuration in detail.
4, in the credential registration step S100, the
At this time, the
Referring to FIG. 4, in step S300, the
For example, in one example, the
1, in one example, the
2, in another example, the
4, in the credential submission request step S500, when the
4, in the authentication credential submission step (S700), the
For example, referring to FIG. 1, the
For example, the authentication credential submission step (S700) may not require the user to confirm ownership of the mobile terminal (70, 80).
Referring to FIG. 4, in the authentication and service providing step (S900), the
Also, in the authentication and service providing step S900, the
For example, the service provided in the authentication and service providing step S900 or the service requested from the
Further, in one example, in the user authentication process of receiving a user authentication request, requesting a credential submission, and submitting a credential for authentication, the
The foregoing embodiments and accompanying drawings are not intended to limit the scope of the present invention but to illustrate the present invention in order to facilitate understanding of the present invention by those skilled in the art. Embodiments in accordance with various combinations of the above-described configurations can also be implemented by those skilled in the art from the foregoing detailed description. Accordingly, various embodiments of the present invention may be embodied in various forms without departing from the essential characteristics thereof, and the scope of the present invention should be construed in accordance with the invention as set forth in the appended claims. Alternatives, and equivalents by those skilled in the art.
10: NFC tag 11: NFC communication unit
13: memory unit 15: control unit
20; User terminal 30: Service providing terminal
50: authentication server 70: mobile terminal
80: User terminal and mobile terminal
Claims (12)
The mobile terminal receives the user authentication request from the connected user terminal, provides the mobile terminal information received together with the user authentication request to the authentication server, requests the user credential authentication, and transmits the service according to the authentication result from the authentication server. A service providing terminal provided;
Requesting the authentication credential from the mobile terminal according to the user credential authentication request, receiving the authentication credential from the mobile terminal, performing credential authentication, and providing authentication result to the service providing terminal server; And
And a mobile terminal for receiving the authentication credential from the NFC tag by NFC communication according to a request of the authentication server and submitting the authentication credential to the authentication server.
Wherein the mobile terminal is a communication terminal that has not undergone ownership verification by the user during the authentication process of the user requesting the service.
Wherein the authentication credential stored in the NFC tag is encrypted information,
Wherein the authentication server decrypts the encrypted authentication credentials received from the mobile terminal and performs authentication.
Further comprising a user terminal requesting user authentication to the connected service providing terminal, providing the mobile terminal information upon the user authentication request, and receiving the service from the service providing terminal according to the authentication result. Authentication system.
Wherein the mobile terminal is the same terminal as the user terminal.
Receiving, at a service providing terminal, mobile terminal information and a user authentication request from a connected user terminal;
Requesting a credential submission from the service providing terminal to the mobile terminal provided by the service providing terminal at the request of the service providing terminal;
Communicating with the NFC tag in response to the credential submission request and submitting the authentication credential to the authentication server and submitting the authentication credential to the authentication server;
Performing authentication using the authentication credential in the authentication server to provide an authentication result to the service providing terminal and providing the service to the user terminal in accordance with the authentication result in the service providing terminal User authentication method.
Wherein the user authentication process is not performed in the user authentication process of receiving the user authentication request, requesting the credential submission, and submitting the authentication credential.
Wherein the authentication credential stored in the NFC tag is encrypted information,
Wherein the authentication server decrypts the encrypted authentication credential received from the mobile terminal and performs authentication in the course of performing the authentication using the authentication credential.
Wherein the user terminal connected to the service providing terminal is a terminal separate from the mobile terminal that submits the authentication credential.
Wherein the user terminal connected to the service providing terminal is the same terminal as the mobile terminal that submits the authentication credential.
A memory unit for storing authentication credentials;
An NFC communication unit for performing NFC communication with the mobile terminal of the user authentication system; And
And a control unit for controlling the NFC communication unit to provide the authentication credential stored in the memory unit to the NFC communication unit in response to a request for providing the authentication credential from the mobile terminal received through the NFC communication unit.
Wherein the NFC tag is an active tag that is a passive tag that operates by receiving power from the mobile terminal together with the authentication credential provision request signal through the NFC communication unit or a power supply unit that supplies power. NFC tags.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020140057790A KR20150131436A (en) | 2014-05-14 | 2014-05-14 | System and method for verifying certification of user, and nfc tag |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020140057790A KR20150131436A (en) | 2014-05-14 | 2014-05-14 | System and method for verifying certification of user, and nfc tag |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150138272A Division KR20150135160A (en) | 2015-09-30 | 2015-09-30 | System and method for verifying certification of user, and nfc tag |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20150131436A true KR20150131436A (en) | 2015-11-25 |
Family
ID=54845274
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020140057790A KR20150131436A (en) | 2014-05-14 | 2014-05-14 | System and method for verifying certification of user, and nfc tag |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20150131436A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106779662A (en) * | 2016-11-18 | 2017-05-31 | 深圳怡化电脑股份有限公司 | The processing method and financial terminal of a kind of financial business |
WO2019050085A1 (en) * | 2017-09-05 | 2019-03-14 | 주식회사 와이키키소프트 | Integrated authentication method and authentication system which use wearable terminal connected to mobile terminal |
WO2020116975A1 (en) * | 2018-12-05 | 2020-06-11 | 주식회사 후본 | Access security system using security card and mobile terminal, and security method for same |
CN115345268A (en) * | 2022-08-18 | 2022-11-15 | 芯电智联(北京)科技有限公司 | Data processing method of NFC label connected with light emitting diode |
-
2014
- 2014-05-14 KR KR1020140057790A patent/KR20150131436A/en not_active Application Discontinuation
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106779662A (en) * | 2016-11-18 | 2017-05-31 | 深圳怡化电脑股份有限公司 | The processing method and financial terminal of a kind of financial business |
WO2019050085A1 (en) * | 2017-09-05 | 2019-03-14 | 주식회사 와이키키소프트 | Integrated authentication method and authentication system which use wearable terminal connected to mobile terminal |
WO2020116975A1 (en) * | 2018-12-05 | 2020-06-11 | 주식회사 후본 | Access security system using security card and mobile terminal, and security method for same |
CN115345268A (en) * | 2022-08-18 | 2022-11-15 | 芯电智联(北京)科技有限公司 | Data processing method of NFC label connected with light emitting diode |
CN115345268B (en) * | 2022-08-18 | 2023-04-11 | 芯电智联(北京)科技有限公司 | Data processing method of NFC label connected with light emitting diode |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220201477A1 (en) | Anonymous authentication and remote wireless token access | |
KR102242218B1 (en) | User authentication method and apparatus, and wearable device registration method and apparatus | |
US10084782B2 (en) | Authenticator centralization and protection | |
US9647840B2 (en) | Method for producing a soft token, computer program product and service computer system | |
CN204948095U (en) | Authenticate device and the mutual system guaranteeing between application program and user | |
US10432620B2 (en) | Biometric authentication | |
US20110185181A1 (en) | Network authentication method and device for implementing the same | |
US20170068960A1 (en) | Web based payment service providing apparatus, method, system, and non-transitory computer readable storage medium storing computer program recorded thereon | |
US11539399B2 (en) | System and method for smart card based hardware root of trust on mobile platforms using near field communications | |
KR101210260B1 (en) | OTP certification device | |
JP2019106199A (en) | Management of transaction with security protection between electronic device and service provider | |
US9294474B1 (en) | Verification based on input comprising captured images, captured audio and tracked eye movement | |
CN107730240B (en) | Multi-factor multi-channel ID authentication and transaction control and multi-option payment system and method | |
JP6419660B2 (en) | Secret information setting method, secret information setting system, and secret information setting device | |
WO2019026038A1 (en) | System and method for authenticating a transaction | |
KR20150131436A (en) | System and method for verifying certification of user, and nfc tag | |
KR101603963B1 (en) | Authentication method using fingerprint information and certification number, user terminal and financial institution server | |
US11972419B2 (en) | Method for authenticating payment data, corresponding devices and programs | |
KR20150135160A (en) | System and method for verifying certification of user, and nfc tag | |
KR102193696B1 (en) | Method for Providing Safety Login based on One Time Code by using User’s Card | |
KR20110005612A (en) | System and method for managing otp using biometric, otp device and recording medium | |
KR20110005615A (en) | System and method for managing wireless otp using user's media, wireless terminal and recording medium | |
KR20110029033A (en) | System and method for issueing public certificate of attestation using usim information and recording medium | |
KR20110005616A (en) | System and method for managing wireless otp using biometric, wireless terminal and recording medium | |
US20230100465A1 (en) | User authenitication system using physical card, and method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
A107 | Divisional application of patent | ||
E601 | Decision to refuse application |