KR20150131436A - System and method for verifying certification of user, and nfc tag - Google Patents

System and method for verifying certification of user, and nfc tag Download PDF

Info

Publication number
KR20150131436A
KR20150131436A KR1020140057790A KR20140057790A KR20150131436A KR 20150131436 A KR20150131436 A KR 20150131436A KR 1020140057790 A KR1020140057790 A KR 1020140057790A KR 20140057790 A KR20140057790 A KR 20140057790A KR 20150131436 A KR20150131436 A KR 20150131436A
Authority
KR
South Korea
Prior art keywords
authentication
user
terminal
credential
mobile terminal
Prior art date
Application number
KR1020140057790A
Other languages
Korean (ko)
Inventor
이동근
Original Assignee
(주)바이너리소프트
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)바이너리소프트 filed Critical (주)바이너리소프트
Priority to KR1020140057790A priority Critical patent/KR20150131436A/en
Publication of KR20150131436A publication Critical patent/KR20150131436A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/077Constructional details, e.g. mounting of circuits in the carrier
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Hardware Design (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention relates to a user authentication system and method, and an NFC tag. According to one embodiment of the present invention, an NFC tag that stores an authentication credential registered with an authentication server; A service for providing the mobile terminal information received together with the user authentication request from the connected user terminal to the authentication server, requesting the user credential authentication, and providing the service according to the authentication result from the authentication server Providing terminal; An authentication server for requesting a credential for authentication from a mobile terminal according to a user credential authentication request, receiving a credential for authentication from a mobile terminal to perform credential authentication, and providing an authentication result to the service providing terminal; And a mobile terminal for receiving a credential for authentication from an NFC tag by NFC communication according to a request of the authentication server and submitting the authentication credential to the authentication server. Also, a user authentication method and an NFC tag are proposed.

Description

SYSTEM AND METHOD FOR USER AUTHENTICATION AND SYSTEM AND METHOD FOR VERIFYING CERTIFICATION OF USER AND NFC TAG,

The present invention relates to a user authentication system and method, and an NFC tag. More particularly, the present invention relates to a user authentication system and method for performing credential authentication using an NFC tag, and to an NFC tag used in such a user authentication system.

As the communication environment such as the Internet develops, electronic financial transactions or electronic commerce using the Internet are becoming active. However, it is not easy to identify yourself because electronic financial transactions or e-commerce transactions are carried out online. Accordingly, there is a case where the user is authenticated using the ID and password registered by the user confirmed for the user authentication. However, if stored in the terminal device by automatic setting or the like, the ID and the password are exposed There may be security problems.

In order to compensate for the vulnerability of such user authentication, two-channel authentication or multi-factor user authentication is being performed. For example, the two-channel method is a method of inputting an ID and a password in a user terminal and performing authentication through an OTP (One Time Password) of the mobile terminal. Since a plurality of devices are used, However, even in this case, information hacking or backdoor installation may be possible in both the user terminal and the mobile terminal in which the Internet communication is performed. Also, using multiple credentials (authentication factors), such as passwords and public certificates, or passwords, authenticated certificates and OTPs, or passwords and biometric information, rather than using a single credential, such as a password, . In this case, multiple authentication credentials are required, so that any one of them can stop the transaction in case of inconsistency and increase the security strength according to the weight of the authentication factor. However, due to the increase in the number of factories owned by users, it may cause inconveniences such as storage problems. In addition, in the case of a public certificate, a security problem is caused by storing it in a user terminal, or in case of using it in a storage medium such as a USB, it is necessary to connect to a user terminal. Hence, a security problem occurs when a user terminal is hacked or a back door is installed .

Korean Registered Patent No. 10-1218807 (registered on December 28, 2012)

SUMMARY OF THE INVENTION The present invention has been made to solve the above-mentioned problems, and it is an object of the present invention to provide an authentication method and an authentication method in which an authentication credential is stored in an NFC tag separate from a device capable of Internet communication, A user authentication system and method with improved portability, and an NFC tag used in a user authentication system.

According to an aspect of the present invention, there is provided an NFC tag storing an authentication credential registered in an authentication server. A service for providing the mobile terminal information received together with the user authentication request from the connected user terminal to the authentication server, requesting the user credential authentication, and providing the service according to the authentication result from the authentication server Providing terminal; An authentication server for requesting a credential for authentication from a mobile terminal according to a user credential authentication request, receiving a credential for authentication from a mobile terminal to perform credential authentication, and providing an authentication result to the service providing terminal; And a mobile terminal for receiving a credential for authentication from an NFC tag by NFC communication according to a request of the authentication server and submitting the authentication credential to the authentication server.

In this case, in one example, the mobile terminal may be a communication terminal that has not undergone ownership confirmation of the user during the authentication process of the user requesting the service.

In addition, in one example, the authentication credentials stored in the NFC tag are encrypted information, and the authentication server can decrypt the encrypted authentication credentials submitted from the mobile terminal to perform authentication.

In another example, the user authentication system may further include a user terminal requesting user authentication to the connected service providing terminal, providing the mobile terminal information upon user authentication request, and receiving a service according to the authentication result from the service providing terminal have.

In yet another example, the mobile terminal may be the same terminal as the user terminal.

In order to solve the above-mentioned problem, according to another aspect of the present invention, there is provided a method of authenticating an authentication method comprising: registering an authentication credential stored in an NFC tag in an authentication server; Receiving, at a service providing terminal, mobile terminal information and a user authentication request from a connected user terminal; Requesting a credential submission to a mobile terminal provided from a service providing terminal according to a request of a service providing terminal at an authentication server; Communicating with an NFC tag in response to a credential submission request, receiving a credential for authentication and submitting a credential for authentication to an authentication server; And a step of providing an authentication result using the authentication credential in the authentication server to provide the authentication result to the service providing terminal and providing the service to the user terminal according to the authentication result in the service providing terminal .

At this time, in one example, the user authentication process for receiving the user authentication request, requesting the credential submission, and submitting the authentication credential may be omitted from the process of confirming the ownership of the authentication requesting user for the mobile terminal.

Also, in one example, the authentication credential stored in the NFC tag is encrypted information. In the course of performing authentication using the authentication credential, the authentication server decrypts the encrypted authentication credential submitted from the mobile terminal Authentication can be performed.

According to another example, the user terminal connected to the service providing terminal may be a terminal separate from the mobile terminal submitting the authentication credential.

In yet another example, the user terminal connected to the service providing terminal may be the same terminal as the mobile terminal submitting the authentication credential.

According to another aspect of the present invention, there is provided an NFC tag used in embodiments of a user authentication system according to an aspect of the present invention, the authentication credential A memory unit for storing the image data; An NFC communication unit for performing NFC communication with a mobile terminal of the user authentication system; And a control unit for controlling the NFC communication unit to provide an authentication credential stored in the memory unit to the NFC communication unit in response to the request for providing the authentication credential from the mobile terminal received through the NFC communication unit.

In this case, in one example, the NFC tag may be a passive tag that receives power from a mobile terminal via a NFC communication unit, together with a request signal for providing a credential for authentication, or may be an active tag that further includes a power supply unit for supplying power. .

According to one embodiment of the present invention, an authentication credential is stored in an NFC tag separate from a device capable of Internet communication, and a credential for authentication stored in an NFC tag is submitted to a mobile terminal, Can be improved.

Further, according to one example, the credentials stored in the NFC tag are not directly stored in the user terminal or the mobile terminal, thereby improving the security.

It is apparent that various effects not directly referred to in accordance with various embodiments of the present invention can be derived by those of ordinary skill in the art from the various configurations according to the embodiments of the present invention.

1 is a schematic diagram showing a user authentication system according to an embodiment of the present invention.
2 is a schematic diagram showing a user authentication system according to another embodiment of the present invention.
3 is a schematic block diagram illustrating an NFC tag according to an embodiment of the present invention.
4 is a flowchart schematically illustrating a user authentication method according to another embodiment of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is a block diagram showing the configuration of a first embodiment of the present invention; Fig. In the description, the same reference numerals denote the same components, and a detailed description may be omitted for the sake of understanding of the present invention to those skilled in the art.

As used herein, unless an element is referred to as being 'direct' in connection, combination, or placement with other elements, it is to be understood that not only are there forms of being 'directly connected, They may also be present in the form of being connected, bonded or disposed.

It should be noted that, even though a singular expression is described in this specification, it can be used as a concept representing the entire constitution unless it is contrary to, or obviously different from, or inconsistent with the concept of the invention. It is to be understood that the phrases "including", "having", "having", "comprising", etc. in this specification are intended to be additionally or interchangeable with one or more other elements or combinations thereof.

First, a user authentication system according to one aspect of the present invention will be described with reference to the drawings.

FIG. 1 is a schematic diagram showing a user authentication system according to an embodiment of the present invention, and FIG. 2 is a schematic diagram showing a user authentication system according to another embodiment of the present invention.

1 and 2, a user authentication system according to an exemplary embodiment of the present invention includes an NFC tag 10, a service providing terminal 30, an authentication server 50 and mobile terminals 70 and 80 . Let's look at each configuration in detail.

Referring to FIGS. 1 and 2, the NFC tag 10 stores the authentication credentials registered in the authentication server 50. The NFC tag 10 performs Near Field Communication (NFC) with the mobile terminals 70 and 80. At this time, the NFC tag 10 receives a request for providing a credential for authentication from the mobile terminals 70 and 80 and transmits an authentication credential stored in the mobile terminals 70 and 80.

For example, the authentication credentials stored in the NFC tag 10 may be encrypted information. At this time, the authentication server 50 decrypts the encrypted authentication credentials received from the mobile terminals 70 and 80 and performs authentication.

For example, in one example, the NFC tag 10 may be a passive tag that is powered by power supplied with a credential provision request signal from the mobile terminal 70, 80. Alternatively, the NFC tag 10 may be an active tag having its own power source.

For example, the NFC tag 10 may be attached to a mobile terminal 70, 80 as a separate entity, for example, in a sticker manner to a user terminal 20, 80 or in a separate portable means (purse or portable device) Lt; / RTI > Alternatively, the NFC tag 10 may be a portable device itself separate from the mobile terminals 70 and 80, or integrated with the portable device. For example, it may be an IC card itself or an IC card. At this time, the IC card can be carried on a purse, a portable device cover, or the like. In general, it is not a problem whether the mobile terminal 70 or 80 is owned by the user. However, when the NFC tag 10 is attached to the mobile terminal 70 or 80, 70, and 80 may be user-owned terminals. If the NFC tag 10 is an IC card or another type of portable device, it is not a matter of ownership of the mobile terminal 70, 80 itself.

Next, the service providing terminal 30 will be described in detail with reference to FIG. 1 and / or FIG. The service providing terminal 30 receives the user authentication request from the connected user terminals 20 and 80 in the user authentication process for providing the service to the terminal providing the service according to the request of the user. For example, referring to FIG. 1, the user terminal 20 may be a terminal separate from the mobile terminal 70 described below, or may be a user terminal 80 and a mobile terminal (80) may be the same terminal. For example, a user authentication request from the user terminal 20, 80 to the service providing terminal 30 may include a login process to the service providing terminal 30 of the user terminal 20, 80 or may be performed without a separate login process. For example, the user authentication process using the NFC tag 10 may be performed in combination with the login process of the user terminal 20, 80. [ The service providing terminal 30 may receive the mobile terminal information when receiving the user authentication request from the user terminal 20 or 80. [ For example, at this time, the mobile terminal information may be information about a communication terminal that has not undergone ownership verification of a user requesting user authentication. In other words, it may not be the mobile terminal 70 or 80 owned by the user.

The service providing terminal 30 provides the mobile terminal information received together with the user authentication request from the user terminals 20 and 80 to the authentication server 50 and requests the authentication server 50 to perform the user credential authentication do. For example, the user authentication request may be a user authentication request for identity verification in an electronic financial transaction or electronic commerce. The service providing terminal 30 provides a service requested by the user terminals 20 and 80 when authentication is completed according to the authentication result received from the authentication server 50 after requesting the user credential authentication to the authentication server 50. [ For example, when the authentication result authentication is completed, the service providing terminal 30 provides the service to the user terminals 20 and 80, and if not, the unauthenticated result can be provided to the user terminals 20 and 80.

For example, the service provided by the service providing terminal 30 may be an electronic financial transaction service or an electronic commercial transaction service. For example, it may be a financial transaction service over the Internet or a commerce service over the Internet.

Next, an authentication server 50 will be described with reference to FIG. 1 and / or 2. The authentication server 50 requests the mobile terminals 70 and 80 to submit the authentication credentials in response to the user credential authentication request of the service providing terminal 30. For example, at this time, the authentication server 50 may not pass the process of confirming ownership of the user requesting the user authentication to the service providing terminal 30 which is the mobile terminal 70 or 80. That is, the mobile terminals 70 and 80 need not be owned by the user who requested the user authentication. The authentication server 50 receives authentication credentials from the mobile terminals 70 and 80 and performs credential authentication. For example, the authentication server 50 can authenticate the user by comparing the credential information stored in the DB (not shown) and the authentication credential information submitted from the mobile terminals 70 and 80, for example. The authentication server 50 that has performed the credential authentication provides the authentication result to the service providing terminal 30.

For example, the authentication credential stored in the NFC tag 10 may be encrypted information. At this time, the authentication server 50 decrypts the encrypted authentication credentials submitted from the mobile terminals 70 and 80, Can be performed.

Next, the mobile terminals 70 and 80 will be described in detail with reference to FIG. 1 and / or 2. The mobile terminals 70 and 80 receive a request for authentication credentials from the authentication server 50. The mobile terminals 70 and 80 perform NFC communication with the NFC tag 10 by NFC communication at the request of the authentication server 50. For example, at this time, in one example, the mobile terminal 70, 80 may wirelessly transmit power to the passive NFC tag 10 during NFC communication. The mobile terminals 70 and 80 receive the authentication credentials from the NFC tag 10 and submit the authentication credentials to the authentication server 50. [ At this time, the authentication server 50 can authenticate the user by using the submitted authentication credential.

For example, the mobile terminals 70 and 80 may be portable and internet communication terminals such as smart phones. For example, as shown in FIG. 1, the mobile terminal 70 may be a separate terminal from the user terminal 20, or the mobile terminal 80 may be connected to the same terminal 80 as the user terminal 80, Lt; / RTI >

For example, in one example, the mobile terminal 70, 80 may be a communication terminal that has not undergone ownership confirmation by the user in the authentication process of the user requesting the service to the service providing terminal 30. [ That is, even if there is no confirmation as to whether the user is owned, the authentication credential is received from the NFC tag 10 authoring the authentication credential and the mobile terminals 70 and 80 through the NFC communication, You can perform your identity verification.

Next, a user authentication system according to another example will be described with reference to FIG. Referring to FIG. 1, the user authentication system further includes a user terminal 20 that is separate from the mobile terminal 70. At this time, the user terminal 20 requests user authentication to the connected service providing terminal 30. The user terminal 20 may provide the mobile terminal information to the service providing terminal 30 in response to a user authentication request, for example, according to a user input. In accordance with the user authentication request in the user terminal 20, acquires the authentication credential by communication with the NFC tag 10 through the mobile terminal 70 different from the user terminal 20 and transmits the authentication credential to the authentication server 50 By submitting it, user authentication can be performed. At this time, the mobile terminal 70 need not be the owning terminal of the user performing the user authentication request. The user terminal 20 can receive a service from the service providing terminal 30 according to the authentication result. For example, the user terminal 20 may be, but is not limited to, a desktop PC, a notebook PC, a tablet PC, an Internet enabled mobile communication terminal, and the like.

Another example of the user authentication system will be described with reference to FIG. In this case, in the user authentication system, the mobile terminal 80 may be the same terminal as the user terminal 80. For example, at this time, there is no need to confirm whether the mobile terminal 80 is owned by the user.

Next, an NFC tag according to another aspect of the present invention will be described with reference to the drawings. At this time, the NFC tag in the embodiments of the user authentication system according to the above-described one aspect and FIGS. 1 and 2 can be referred to, and redundant explanations can be omitted.

3 is a schematic block diagram illustrating an NFC tag according to an embodiment of the present invention.

1 and 2, an NFC tag 10 according to an exemplary embodiment of the present invention is an NFC tag 10 used in a user authentication system according to the above-described embodiments of the present invention. Referring to FIG. 3, the NFC tag 10 includes a memory unit 13, an NFC communication unit 11, and a control unit 15.

The memory unit 13 of the NFC tag 10 stores an authentication credential. For example, the authentication credential stored in the memory unit 13 is a credential registered in the authentication server 50 of Fig. 1 and / or 2, for example. For example, the NFC tag 10 is issued from the entity that manages the authentication server 50, and when the user makes a registration request of the NFC tag 10 to the authentication server 50, The registration in the authentication server 50 can be completed for the stored authentication credentials.

For example, the authentication credential stored in the memory unit 13 may be encrypted information. At this time, the decrypting means for the encrypted authentication credential may be provided in the authentication server 50 of Figs. 1 and 2.

Referring to FIG. 3, the NFC communication unit 11 performs NFC communication with the mobile terminals 70 and 80 of the user authentication system of FIGS. 1 and / or 2, for example. NFC communication is one of radio frequency identification (RFID) communication technologies, for example, a contactless communication technology using a frequency band of 13.56 MHz.

Next, referring to FIG. 3, in response to a credential provision request signal received from the mobile terminals 70 and 80 of FIGS. 1 and 2 through the NFC communication unit 11 of the control unit 15 of the NFC tag 10, And to provide the authentication credentials stored in the memory unit 13 to the NFC communication unit 11. [

In this case, in one example, the NFC tag 10 may be a passive tag that receives power from the mobile terminals 70 and 80 together with a request signal for providing authentication credentials through the NFC communication unit 11 and operates by receiving power.

Or, in other applications, the NFC tag 10 may also be an active tag. That is, the NFC tag 10 may further include a power supply unit (not shown) for supplying power to the NFC communication unit 11, the memory unit 13, and the control unit 15.

For example, the NFC tag 10 may be attached to a mobile terminal 70, 80 as a separate entity, for example, in a sticker manner to a user terminal 20, 80 or in a separate portable means (purse or portable device) Lt; / RTI > Alternatively, the NFC tag 10 may be a portable device itself separate from the mobile terminals 70 and 80, or integrated with the portable device. For example, it may be an IC card itself or an IC card. In the case of an IC card, it may be carried in a wallet or a portable device case.

Next, a user authentication method according to another aspect of the present invention will be described with reference to the drawings. At this time, embodiments of the user authentication system according to the above-described one aspect and FIGS. 1, 2 and 3 can be referred to, and redundant explanations can be omitted.

4 is a flowchart schematically illustrating a user authentication method according to another embodiment of the present invention.

Referring to FIG. 4, the user authentication method according to one example includes a credential registration step S100, a user authentication requesting step S300, a credential submission requesting step S500, an authentication credential submission step S700, Authentication and service providing step (S900). Let's look at each configuration in detail.

4, in the credential registration step S100, the authentication server 50 registers a credential for authentication stored in the NFC tag 10. For example, the user who has issued the NFC tag 10 registers the NFC tag 10 in the authentication server 50, so that the authentication credential stored in the NFC tag 10 can be registered in the authentication server 50 . For example, at this time, the authentication credentials stored in the NFC tag 10 may be encrypted information.

At this time, the NFC tag 10 is a separate entity from the mobile terminals 70 and 80, for example, carried in separate portable means, such as a purse or a portable device case, attached to the user terminal 20 or 80 in a sticker manner For example, an IC card itself or an IC card. In the case of an IC card, it may be carried in a wallet or a portable device case.

Referring to FIG. 4, in step S300, the service providing terminal 30 receives a request from the user terminal 20 or 80 of FIG. 1 and / or 2 connected to the service providing terminal 30, Information and a user authentication request. For example, when receiving the user authentication request from the service providing terminal 30, the user authentication request from the user terminal 20 or 80 includes a login process to the service providing terminal 30 of the user terminal 20 or 80 Or may be performed without a separate login process.

For example, in one example, the mobile terminal 70, 80 corresponding to the mobile terminal information received from the user terminal 20, 80 of FIG. 1 and / .

1, in one example, the user terminal 20 connected to the service providing terminal 30 is connected to the mobile terminal 70 that submits the authentication credential in the credential submission step S700, And may be a separate terminal.

2, in another example, the user terminal 80 connected to the service providing terminal 30 may receive a credential from the mobile terminal 80 (FIG. 2) for submitting a credential for authentication in the credential submission step S700 ) May be the same terminal.

4, in the credential submission request step S500, when the authentication server 50 receives a request from the service providing terminal 30, the mobile terminal 70 (80) provided from the service providing terminal 30 ) To request a credential submission. For example, at this time, the mobile terminals 70 and 80 may not pass ownership confirmation of a user requesting a user authentication.

4, in the authentication credential submission step (S700), the mobile terminals 70 and 80 communicate with the NFC tag 10 in response to the credential submission request, receive the authentication credential, And sends a credential for authentication to the server 50. For example, at this time, when the NFC tag 10 is a passive tag, the mobile terminals 70 and 80 can wirelessly transmit power in the NFC communication with the NFC tag 10.

For example, referring to FIG. 1, the mobile terminal 70 may be a communication terminal separate from the user terminal 20 that transmitted the user authentication request signal in the user authentication request step S300, or alternatively, 2, the mobile terminal 80 may be the same communication terminal as the user terminal 80 that transmitted the user authentication request signal in the user authentication request step S300.

For example, the authentication credential submission step (S700) may not require the user to confirm ownership of the mobile terminal (70, 80).

Referring to FIG. 4, in the authentication and service providing step (S900), the authentication server 50 performs authentication using the authentication credential and provides the authentication result to the service providing terminal 30. For example, in one example, when the authentication credential stored in the NFC tag 10 is encrypted information, in the course of performing authentication using the authentication credential in the authentication and service providing step (S900), the authentication server 50 May perform authentication by decrypting the encrypted authentication credentials submitted from the mobile terminals 70 and 80. [

Also, in the authentication and service providing step S900, the service providing terminal 30 provides a service to the user terminals 20 and 80 according to the authentication result. For example, when the authentication is completed, the service providing terminal 30 provides a service to the user terminals 20 and 80. When the authentication is not authenticated, the service providing terminal 30 requests the user terminals 20 and 80 to perform the unauthorized authentication or re- .

For example, the service provided in the authentication and service providing step S900 or the service requested from the user terminal 20 or 80 to the service providing terminal 30 in the user authentication requesting step S300 or before may be an electronic financial transaction service or electronic commerce Service.

Further, in one example, in the user authentication process of receiving a user authentication request, requesting a credential submission, and submitting a credential for authentication, the mobile terminal 70, have.

The foregoing embodiments and accompanying drawings are not intended to limit the scope of the present invention but to illustrate the present invention in order to facilitate understanding of the present invention by those skilled in the art. Embodiments in accordance with various combinations of the above-described configurations can also be implemented by those skilled in the art from the foregoing detailed description. Accordingly, various embodiments of the present invention may be embodied in various forms without departing from the essential characteristics thereof, and the scope of the present invention should be construed in accordance with the invention as set forth in the appended claims. Alternatives, and equivalents by those skilled in the art.

10: NFC tag 11: NFC communication unit
13: memory unit 15: control unit
20; User terminal 30: Service providing terminal
50: authentication server 70: mobile terminal
80: User terminal and mobile terminal

Claims (12)

An NFC tag for storing an authentication credential registered in the authentication server;
The mobile terminal receives the user authentication request from the connected user terminal, provides the mobile terminal information received together with the user authentication request to the authentication server, requests the user credential authentication, and transmits the service according to the authentication result from the authentication server. A service providing terminal provided;
Requesting the authentication credential from the mobile terminal according to the user credential authentication request, receiving the authentication credential from the mobile terminal, performing credential authentication, and providing authentication result to the service providing terminal server; And
And a mobile terminal for receiving the authentication credential from the NFC tag by NFC communication according to a request of the authentication server and submitting the authentication credential to the authentication server.
In claim 1,
Wherein the mobile terminal is a communication terminal that has not undergone ownership verification by the user during the authentication process of the user requesting the service.
In claim 1,
Wherein the authentication credential stored in the NFC tag is encrypted information,
Wherein the authentication server decrypts the encrypted authentication credentials received from the mobile terminal and performs authentication.
The method according to any one of claims 1 to 3,
Further comprising a user terminal requesting user authentication to the connected service providing terminal, providing the mobile terminal information upon the user authentication request, and receiving the service from the service providing terminal according to the authentication result. Authentication system.
The method according to any one of claims 1 to 3,
Wherein the mobile terminal is the same terminal as the user terminal.
Registering an authentication credential stored in the NFC tag in the authentication server;
Receiving, at a service providing terminal, mobile terminal information and a user authentication request from a connected user terminal;
Requesting a credential submission from the service providing terminal to the mobile terminal provided by the service providing terminal at the request of the service providing terminal;
Communicating with the NFC tag in response to the credential submission request and submitting the authentication credential to the authentication server and submitting the authentication credential to the authentication server;
Performing authentication using the authentication credential in the authentication server to provide an authentication result to the service providing terminal and providing the service to the user terminal in accordance with the authentication result in the service providing terminal User authentication method.
In claim 6,
Wherein the user authentication process is not performed in the user authentication process of receiving the user authentication request, requesting the credential submission, and submitting the authentication credential.
In claim 6,
Wherein the authentication credential stored in the NFC tag is encrypted information,
Wherein the authentication server decrypts the encrypted authentication credential received from the mobile terminal and performs authentication in the course of performing the authentication using the authentication credential.
The method according to any one of claims 6 to 8,
Wherein the user terminal connected to the service providing terminal is a terminal separate from the mobile terminal that submits the authentication credential.
The method according to any one of claims 6 to 8,
Wherein the user terminal connected to the service providing terminal is the same terminal as the mobile terminal that submits the authentication credential.
An NFC tag used in a user authentication system according to any one of claims 1 to 3,
A memory unit for storing authentication credentials;
An NFC communication unit for performing NFC communication with the mobile terminal of the user authentication system; And
And a control unit for controlling the NFC communication unit to provide the authentication credential stored in the memory unit to the NFC communication unit in response to a request for providing the authentication credential from the mobile terminal received through the NFC communication unit.
In claim 11,
Wherein the NFC tag is an active tag that is a passive tag that operates by receiving power from the mobile terminal together with the authentication credential provision request signal through the NFC communication unit or a power supply unit that supplies power. NFC tags.
KR1020140057790A 2014-05-14 2014-05-14 System and method for verifying certification of user, and nfc tag KR20150131436A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020140057790A KR20150131436A (en) 2014-05-14 2014-05-14 System and method for verifying certification of user, and nfc tag

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020140057790A KR20150131436A (en) 2014-05-14 2014-05-14 System and method for verifying certification of user, and nfc tag

Related Child Applications (1)

Application Number Title Priority Date Filing Date
KR1020150138272A Division KR20150135160A (en) 2015-09-30 2015-09-30 System and method for verifying certification of user, and nfc tag

Publications (1)

Publication Number Publication Date
KR20150131436A true KR20150131436A (en) 2015-11-25

Family

ID=54845274

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020140057790A KR20150131436A (en) 2014-05-14 2014-05-14 System and method for verifying certification of user, and nfc tag

Country Status (1)

Country Link
KR (1) KR20150131436A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106779662A (en) * 2016-11-18 2017-05-31 深圳怡化电脑股份有限公司 The processing method and financial terminal of a kind of financial business
WO2019050085A1 (en) * 2017-09-05 2019-03-14 주식회사 와이키키소프트 Integrated authentication method and authentication system which use wearable terminal connected to mobile terminal
WO2020116975A1 (en) * 2018-12-05 2020-06-11 주식회사 후본 Access security system using security card and mobile terminal, and security method for same
CN115345268A (en) * 2022-08-18 2022-11-15 芯电智联(北京)科技有限公司 Data processing method of NFC label connected with light emitting diode

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106779662A (en) * 2016-11-18 2017-05-31 深圳怡化电脑股份有限公司 The processing method and financial terminal of a kind of financial business
WO2019050085A1 (en) * 2017-09-05 2019-03-14 주식회사 와이키키소프트 Integrated authentication method and authentication system which use wearable terminal connected to mobile terminal
WO2020116975A1 (en) * 2018-12-05 2020-06-11 주식회사 후본 Access security system using security card and mobile terminal, and security method for same
CN115345268A (en) * 2022-08-18 2022-11-15 芯电智联(北京)科技有限公司 Data processing method of NFC label connected with light emitting diode
CN115345268B (en) * 2022-08-18 2023-04-11 芯电智联(北京)科技有限公司 Data processing method of NFC label connected with light emitting diode

Similar Documents

Publication Publication Date Title
US20220201477A1 (en) Anonymous authentication and remote wireless token access
KR102242218B1 (en) User authentication method and apparatus, and wearable device registration method and apparatus
US10084782B2 (en) Authenticator centralization and protection
US9647840B2 (en) Method for producing a soft token, computer program product and service computer system
CN204948095U (en) Authenticate device and the mutual system guaranteeing between application program and user
US10432620B2 (en) Biometric authentication
US20110185181A1 (en) Network authentication method and device for implementing the same
US20170068960A1 (en) Web based payment service providing apparatus, method, system, and non-transitory computer readable storage medium storing computer program recorded thereon
US11539399B2 (en) System and method for smart card based hardware root of trust on mobile platforms using near field communications
KR101210260B1 (en) OTP certification device
JP2019106199A (en) Management of transaction with security protection between electronic device and service provider
US9294474B1 (en) Verification based on input comprising captured images, captured audio and tracked eye movement
CN107730240B (en) Multi-factor multi-channel ID authentication and transaction control and multi-option payment system and method
JP6419660B2 (en) Secret information setting method, secret information setting system, and secret information setting device
WO2019026038A1 (en) System and method for authenticating a transaction
KR20150131436A (en) System and method for verifying certification of user, and nfc tag
KR101603963B1 (en) Authentication method using fingerprint information and certification number, user terminal and financial institution server
US11972419B2 (en) Method for authenticating payment data, corresponding devices and programs
KR20150135160A (en) System and method for verifying certification of user, and nfc tag
KR102193696B1 (en) Method for Providing Safety Login based on One Time Code by using User’s Card
KR20110005612A (en) System and method for managing otp using biometric, otp device and recording medium
KR20110005615A (en) System and method for managing wireless otp using user's media, wireless terminal and recording medium
KR20110029033A (en) System and method for issueing public certificate of attestation using usim information and recording medium
KR20110005616A (en) System and method for managing wireless otp using biometric, wireless terminal and recording medium
US20230100465A1 (en) User authenitication system using physical card, and method thereof

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
A107 Divisional application of patent
E601 Decision to refuse application