KR20160128686A - System and Method for Dual Certification by using Dual Channel - Google Patents

System and Method for Dual Certification by using Dual Channel Download PDF

Info

Publication number
KR20160128686A
KR20160128686A KR1020150060418A KR20150060418A KR20160128686A KR 20160128686 A KR20160128686 A KR 20160128686A KR 1020150060418 A KR1020150060418 A KR 1020150060418A KR 20150060418 A KR20150060418 A KR 20150060418A KR 20160128686 A KR20160128686 A KR 20160128686A
Authority
KR
South Korea
Prior art keywords
communication number
text message
telephone network
received
communication
Prior art date
Application number
KR1020150060418A
Other languages
Korean (ko)
Inventor
김원혁
Original Assignee
주식회사 이츠모아
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 이츠모아 filed Critical 주식회사 이츠모아
Priority to KR1020150060418A priority Critical patent/KR20160128686A/en
Publication of KR20160128686A publication Critical patent/KR20160128686A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/021Terminal devices adapted for Wireless Local Loop operation

Abstract

The present invention relates to a dual authentication method using a dual channel, and more particularly, to a method for executing a dual authentication method using a dual channel, (H) (communication number) is generated by hashing the communication number of the terminal and then transmitted through the telephone network including the H (communication number) in the designated area on the text message structure via the telephone network, A first step of verifying a calling number verified or corrected through the telephone network in a process of transmitting and receiving a text message via a telephone network and H (communication number) included in a received text message; A second step of mapping and storing the communication number of the wireless terminal through the data network; A fourth step of firstly checking a calling number matched with a communication number received through the data network among the calling number extracted and stored from the text message received through the telephone network, A fifth step of generating H '(communication number) by hashing the communication number received through the data network if the communication number of the received text message matches the calling number of the text message received through the telephone network; A sixth step of comparing H '(communication number) received and hashed with H (communication number) received through a text message of the private telephone network and verifying whether the H (communication number) is matched; Matches the calling number of the received text message and matches the H (communication number) received through the text message of the telephone network, the communication number received through the data network And a seventh step of generating the authentication result authenticate the validity.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a dual-

The present invention relates to a method and apparatus for receiving H (communication number) hash of a communication number from an app of a wireless terminal through a text message of a telephone network among a telephone network (= first channel) and a data network A network interworking authentication for receiving a communication number transmitted from an app of a wireless terminal through a data network and authenticating a communication number received through a data network using a calling number of a text message received through a telephone network, And a hash authentication (= second authentication) for decrypting and authenticating H (communication number) received through a text message of the telephone network through a data network.

In order to perform integrity verification or hacking detection of the installed application after downloading and installing an application through a data network to a wireless terminal such as a smart phone that accesses the phone network and the data network, And so on.

In the case of a conventional smart phone, an SMS authentication number-based authentication method for sending and receiving an SMS authentication number and authenticating it, or a communication company DB-based authentication method for referring to information established in a communication company DB, And a method of securing a communication number is adopted.

In particular, in the conventional SMS authentication number-based authentication method, a telephone number is inputted through an application or extracted from a USIM (Universal Subscriber Identity Module) and transmitted, and then an SMS including an authentication number is transmitted from the server to the corresponding telephone number When an authentication number is inputted from an app of a phone number and transmitted, the phone number entered and transmitted by the app is recognized as a phone number of an actual wireless terminal. If the wireless terminal is already hacked or modulated, an SMS authentication number is included The mobile terminal has a problem that it can be easily stolen even if it is not a real wireless terminal.

In addition, the authentication method based on the communication company DB is a method of extracting various unique information of the wireless terminal from the application and providing it as a subscribed communication company, thereby authenticating whether or not to match the information secured in the DB of the communication company. Herein, most of the unique information of the wireless terminal is recorded in the USIM. Some smart phones (e.g., Apple's iPhone, etc.) can not authenticate the DB based on the carrier by blocking USIM access through the application It has a problem.

Recently, a revised telecommunication business law has been promulgated in order to verify / correct the origination / alteration of the SMS origination number by the telecommunication company and to block / correct it. Accordingly, even if the wireless terminal sending the SMS has already been hacked or tampered with or tampered with the origination number of the SMS, the SMS can be prevented from reaching the destination by the communication company, or the possibility of correcting the calling number by the communication company Lt; / RTI >

In order to solve the above problem, an object of the present invention is to provide a wireless terminal that hashes a communication number in an app of a wireless terminal through a text message of a telephone network among a telephone network (= first channel) and a data network H (communication number), receives the communication number transmitted from the app of the wireless terminal through the data network, and authenticates the communication number received through the data network using the calling number of the text message received through the telephone network (= Second authentication) for decrypting and authenticating H (communication number) received through a network interworking authentication (= first authentication) and a text message of a telephone network through a data network.

A dual authentication method using a dual channel according to the present invention is a method executed by a server that communicates with a wireless terminal that multiple accesses to a telephone network and a data network, the method comprising: receiving, from an application installed in the wireless terminal, (H) (communication number) is generated by hashing the communication number of the communication network and then transmitted through the telephone network including the H (communication number) in a designated area on the text message structure via the telephone network, A first step of verifying a calling number verified or corrected through the telephone network in a process of transmitting and receiving a text message via a telephone network and H (communication number) included in a text message; A third step of receiving the communication number of the wireless terminal from the application of the wireless terminal via the data network, A fourth step of firstly checking a calling number matched with a communication number received through the data network among a calling number extracted and stored from a text message received through the telephone network; And generating a H '(communication number) by hashing the communication number received through the data network if the calling number of the text message received through the telephone network is matched, A second step of comparing the received H (communication number) with the H (communication number) received through the text message of the private telephone network and verifying whether the H (communication number) is matched; Matching the calling number of the received text message and matching the H (communication number) received through the text message of the telephone network, the validity of the communication number received through the data network A and a seventh step of generating the certificate authentication result.

In the dual authentication method using a dual channel according to the present invention, the communication number includes at least one of a telephone number key input through an application of the wireless terminal, and a telephone number extracted from a USIM of the wireless terminal .

In the dual authentication method using a dual channel according to the present invention, the communication number may include at least one of a Universal Unique Identifier (UUID) assigned to an app of the wireless terminal, an ICCID (Universal Subscriber Identity Module) recorded in a Universal Subscriber Identity Module An Integrated Circuit Card Identifier, an International Mobile Station Identity (ISMI), and an International Mobile Equipment Identity (IMEI).

In the dual authentication method using a dual channel according to the present invention, the app of the wireless terminal includes a message sending function via the telephone network, and transmits H (communication number) information through a telephone network using the built- And transmits the text message including the text message.

In the dual authentication method using a dual channel according to the present invention, an app of the wireless terminal is interlocked with a message sending function provided in the wireless terminal, and is linked to a message sending function of the wireless terminal, Number) of the text message.

In the dual authentication method using a dual channel according to the present invention, an app of the wireless terminal is controlled so that a message sending interface for sending a text message including the H (communication number) is not displayed on the screen .

In the dual authentication method using a dual channel according to the present invention, when a message sending interface for sending a text message is displayed on the screen, the app of the wireless terminal includes the message in the text message by a user operation on the message sending interface (Communication number) to be edited is not edited or changed.

In the dual authentication method using a dual channel according to the present invention, the application of the wireless terminal casts H (communication number) to a specified digit and includes it in a designated area of the text message.

In the dual authentication method using a dual channel according to the present invention, the H (communication number) may be at least one of a body area of the text message, a hidden area of the text message, and a spare area of the text message Area. ≪ / RTI >

In the dual authentication method using dual channels according to the present invention, the text message is selectively received when the validity of the origination number is verified or corrected through the telephone network.

In the dual authentication method using a dual channel according to the present invention, the first step may further include restoring H (communication number) included in a designated area of the text message in a binary manner.

The dual authentication method using a dual channel according to the present invention is characterized in that the first step further comprises a step of verifying the integrity of the H (communication number).

In the dual authentication method using a dual channel according to the present invention, the second step may include: setting an effective time of the calling number and H (communication number) stored in the mapping step; and, when the valid time has elapsed, And erasing the number and the H (communication number).

The dual authentication method using a dual channel according to the present invention is characterized by further comprising an eighth step of storing the authenticated communication number in a designated storage medium.

Meanwhile, a dual authentication system using a dual channel according to the present invention is implemented through a server communicating with a wireless terminal that is multi-connected to a telephone network and a data network, the system comprising: (H) (communication number) is generated by hashing the communication number of the wireless terminal and then transmitted through the telephone network including the H (communication number) in a designated area on the text message structure via the telephone network, A first channel checking unit for verifying the calling number verified or corrected through the telephone network in the process of transmitting and receiving a text message via H (communication number) included in the received text message, A first channel mapping unit for mapping and storing a communication channel (communication number) of the wireless terminal, A first authentication processing unit for firstly checking a calling number matched with a communication number received through the data network among a calling number extracted from a text message received through the telephone network, A channel interworking decoding unit for generating a H '(communication number) by hashing the communication number received through the data network if the communication number received through the data network matches the calling number of the text message received through the telephone network, A second authentication processing unit for comparing the H (communication number) received and hashed through the data network with the H (communication number) received through the text message of the public telephone network and verifying whether the H (communication number) is matched, Is matched with the calling number of the text message received through the telephone network, and at the same time, the H (communication number) received through the text message of the telephone network, If, includes an authentication result processing unit for generating an authentication result to authenticate the validity of the communication number received through the data network.

According to the present invention, a wireless interworking authentication and a hash authentication are performed in duplicate using a telephone network and a data network in which a wireless terminal is multi-connected without using a DB of a communication company to which the wireless terminal subscribes, There is an advantage that the number can be accurately identified and authenticated.

1 is a diagram illustrating a dual authentication system using a dual channel according to an embodiment of the present invention.
2 is a diagram illustrating a functional configuration of a wireless terminal and an application 245 according to an embodiment of the present invention.
3 is a diagram illustrating a process of providing a communication number through a telephone network according to an embodiment of the present invention.
FIG. 4 is a diagram illustrating a process of providing a communication number through a data network and performing network authentication and hash authentication according to an embodiment of the present invention.

1 is a diagram illustrating a dual authentication system using a dual channel according to an embodiment of the present invention.

More specifically, FIG. 1 shows a communication number of an application of the wireless terminal 200 through a text message of a telephone network among a telephone network (= first channel) and a data network (= second channel) Receives the hash H (communication number), receives the communication number transmitted from the app of the wireless terminal 200 through the data network, and receives the communication number transmitted through the data network using the calling number of the text message received through the telephone network (First authentication) for authenticating the communication number and H '(communication number) hash of the communication number received through the data network are authenticated through H (communication number) received through the text message of the telephone network 1 is a block diagram illustrating a system configuration in which a hash authentication (= second authentication) is performed to authenticate a communication number of the wireless terminal 200. As shown in FIG. 1 and FIG. / RTI > and / or < RTI ID = 0.0 > It is to be understood that the invention is not limited to the particular embodiments set forth herein, but may be varied in many ways (e.g., some of the components may be omitted, or broken down, or combined) The technical features thereof are not limited only by the method shown in FIG.

The system of the present invention includes a wireless terminal 200 that accesses a telephone network and a data network, a wireless terminal 200 that receives an H (communication number) hash of a communication number from an app of the wireless terminal 200 through a text message of the telephone network, A network interworking authentication for receiving the communication number transmitted from the app of the wireless terminal 200 through the network and authenticating the communication number received through the data network using the calling number of the text message received through the telephone network Authentication for performing hash authentication (= second authentication) for authenticating H '(communication number) hash of the communication number received through the data network through H (communication number) received through a text message of the telephone network And the server 100. The authentication server 100 may be implemented as a single server or a combination of a plurality of servers.

The wireless terminal 200 is a general term of a terminal which can be connected to a telephone network and a data network among the terminals used by the user. The wireless terminal 200 may include a smart phone, which is preferably connectable to the telephone network and the data network.

According to the embodiment of the present invention, the wireless terminal 200 downloads and installs an application to perform a public authentication using a dual channel from a designated application providing server, and the application installed in the wireless terminal 200 And performs a dual authentication procedure using a dedicated channel according to the present invention when executing (or executing before communication number authentication through an application).

The application of the wireless terminal 200 displays an interface for receiving a key input of the communication number of the corresponding wireless terminal 200 when the application is executed for the first time (or before execution of the communication number authentication through the application), receives the key from the user Or a USIM (Universal Subscriber Identity Module) mounted / detached to / from the corresponding wireless terminal 200.

According to the embodiment of the present invention, the communication number includes at least one of a telephone number keyed in through an app of the mobile terminal 200 and a telephone number extracted from a USIM of the mobile terminal 200, A Universal Circuit Identifier (ICCID) recorded in a Universal Subscriber Identity Module (USIM) of the wireless terminal 200, an International Mobile Station (ISMI) Identity, and International Mobile Equipment Identity (IMEI). Meanwhile, the communication number may further include registration information (or a part of registration information) registered in the storage medium 155 including the user's personal information (e.g., name, date of birth, etc.) The present invention is not limited thereto.

When the communication number is input / extracted, the app of the wireless terminal 200 generates H (communication number) by hashing the communication number with a specified hash algorithm.

According to the first message sending method of the present invention, the application of the wireless terminal 200 may embed a message sending function via the telephone network. In this case, the application of the wireless terminal 200 may include a built- (Communication number) is included in a designated area on the text message structure via the telephone network, and then a text message including H (communication number) can be sent through the telephone network to which the wireless terminal 200 is connected have.

According to the second message sending method of the present invention, an app of the wireless terminal 200 can be linked with a message sending function provided in the wireless terminal 200. In this case, (H) (communication number) is included in a designated area on a text message structure via the telephone network in conjunction with a message sending function of the wireless terminal 200, and then, in cooperation with the message sending function of the wireless terminal 200, (Communication number) through the telephone network to which the mobile terminal 200 is connected.

According to an embodiment of the present invention, the H (communication number) may be included in at least one of a text area of the text message, a hidden area of the text message, and a spare area of the text message.

When the application of the wireless terminal 200 sends a text message including the H (communication number) through the telephone network, the application of the wireless terminal 200 sends a text message including the H (communication number) You can control the message sending interface from being displayed on the screen. For example, in the case of the first message sending method, the application of the wireless terminal 200 may omit displaying the interface of the built-in message sending function.

Meanwhile, when a message sending interface is displayed on the screen in order to send a text message through the telephone network, the application of the wireless terminal 200 transmits H (communication number) included in the text message by a user operation on the message sending interface, Can be controlled so as not to be edited or changed. For example, the application of the wireless terminal 200 interrupts the touch input of a specific area (for example, a keyboard display area) of the message sending interface, and the H (communication number) included in the text message is edited It can be controlled so as not to be changed.

According to the method of the present invention, the text message sent through the telephone network is composed of a text-based specialized structure, or an area to be inserted with the H (communication number) in the text message structure is encoded with a digit . ≪ / RTI > In this case, the application of the wireless terminal 200 may cast the H (communication number) to a digit corresponding to the specified encoding rule and include it in a designated area of the text message.

A text message sent through a telephone network by using a built-in message sending function in the application of the wireless terminal 200 or in conjunction with a message sending function of the wireless terminal 200 is transmitted to the designated message server 160 via the telephone network, Or is received by an authentication server 100 that performs authentication procedures in accordance with the present invention.

According to the method of the present invention, a device included in the telephone network via the text message verifies whether the calling number included in the text message matches the actual telephone number of the mobile terminal 200 (e.g., (E.g., matching the calling number included in the text message with the telephone number managed by the communication company with respect to the mobile terminal 200), and the calling number included in the text message corresponds to the actual telephone number of the mobile terminal 200 And if it is matched, the text message can be normally transmitted. If the calling number included in the text message does not match the actual telephone number of the wireless terminal 200, the device on the telephone network discards the text message or transmits the calling number of the text message to the wireless terminal 200 200) to the actual number of the telephone number.

1, the authentication server 100 generates an H (communication number) having a hash of the communication number of the wireless terminal 200 from an application of the wireless terminal 200, (H) (communication number) included in the text message received via the telephone network and the text message via the telephone network when the H (communication number) is included in the designated area on the message structure and is transmitted through the telephone network And a first channel checking unit 110 for verifying the calling number verified / corrected through the telephone network. The mobile terminal 200 is also provided with a first channel checking unit 110 for checking whether a text message including the H (communication number) And a message receiving unit 105 for receiving the message.

According to the first message transmission / reception method of the present invention, the text message including the H (communication number) hashish from the app of the wireless terminal 200 is transmitted to the authentication server 100, and the message receiving unit 105 receives the text message transmitted via the telephone network. Preferably, the message receiving unit 105 may selectively receive a text message verifying / correcting the validity of the origination number through the telephone network.

The first channel checking unit 110 extracts an H (communication number) included in a designated area of the text message received through the message receiver 105, and transmits the H (communication number) to the telephone network in the process of transmitting and receiving a text message via the telephone network. And extracts the verified / corrected calling number.

According to the second message transmission / reception method of the present invention, the text message including the H (communication number) hashed from the app of the wireless terminal 200 is transmitted to the designated message server The message server 160 extracts an H (communication number) included in a designated area of the text message, and transmits the verified / corrected (registered) message to the message server 160 through the telephone network in the process of transmitting and receiving a text message via the telephone network The first channel identification unit 110 extracts a calling number from the message server 160 and transmits the extracted calling number to the authentication server 100. The first channel identification unit 110 identifies the H (communication number) included in the text message, Can be provided.

Referring to FIG. 1, the authentication server 100 may restore the H (communication number) extracted from the text message received via the telephone network to binary and / or verify the integrity of H (communication number) And a first channel verifying unit 115.

According to the embodiment of the present invention, the H (communication number) included in the text message can be cast in a designated binary and included in a designated area of the text message. The H (communication number) extracted from the designated area can be reversed and the original binary H (communication number) generated by the app of the wireless terminal 200 can be restored.

According to the embodiment of the present invention, when the H (communication number) included in the text message (or restored to binary) includes an integrity verification value for discriminating whether it is modulated by a user operation in the process of sending a text message , The first channel verifying unit 115 may verify the integrity of the H (communication number) using the integrity verification value included in the H (communication number).

Referring to FIG. 1, the authentication server 100 includes a first channel mapping unit 120 for mapping the origination number of the text message and the H (communication number) extracted from the text message.

The first channel mapping unit 120 maps the H (communication number) extracted (or binary-converted or integrity-verified) from the text message and the calling number of the text message and stores the mapping.

When the calling number and the H (communication number) are mapped and stored, the first channel mapping unit 120 sets the effective time of the mapped stored calling number and H (communication number), and confirms whether or not the effective time is reached . If the effective time is reached, the first channel mapping unit 120 cancels the mapped calling number and H (communication number). The message server 160 (or the authentication server 100), which receives the text message, transmits the text message to the wireless terminal 200 via the telephone network, Therefore, the transmission delay of the text message does not occur or is minimized on the path for transmitting the text message. After the text message is transmitted from the wireless terminal 200, the procedure for transmitting the communication number through the data network is performed by the wireless terminal 200), the first channel mapping unit 120 may set the valid time as short as possible (for example, 5 seconds) to block the intervention space of the third party.

The application of the wireless terminal 200 sends a text message including H (communication number) through the telephone network, and then transmits a text message including a data network (for example, a packet-based data network of a mobile communication network, (Wireless LAN) or the like) through the Internet.

1, the authentication server 100 includes a second channel receiving unit 125 receiving a communication number of the wireless terminal 200 from the application of the wireless terminal 200 via the data network, A first authentication processing unit 130 for firstly checking a calling number matched with a communication number received through the data network among the calling number extracted and stored from the text message received through the telephone network, If the communication number matches the calling number of the text message received via the telephone network, the mobile communication terminal confirms H (communication number) mapped to the calling number and hashes the communication number received through the data network to obtain H '(communication number) A second authentication procedure unit 140 for comparing the H (communication number) hash of the communication number received through the data network with the H (communication number) and verifying that the H (communication number) is matched secondarily, And a control unit The communication number received through the telephone network is matched with the calling number of the text message received through the telephone network and the validity of the communication number received through the data network is matched with the H (communication number) received through the text message of the telephone network And an authentication result processing unit 145 for generating an authenticated result. The information registration unit 150 stores the authenticated communication number in a designated storage medium 155.

The second channel receiver 125 receives the communication number transmitted from the app of the mobile terminal 200 via the data network connected to the mobile terminal 200 that has sent the text message including the H (communication number) .

According to the embodiment of the present invention, the application of the wireless terminal 200 may encrypt the communication number through a predetermined security protocol and transmit the communication number. In this case, the first channel receiver may transmit the encrypted communication The number can be decoded.

When the communication number is received from the application of the wireless terminal 200 via the data network, the first authentication procedure unit 130 may map the received communication number through the first channel mapping unit 120 through the received communication number, And a set of H (communication number) is inquired and the originating number matched with the communication number is checked first.

If the communication number received through the data network and the calling number of the text message received through the telephone network are first identified as matched, the channel interworking decoder hashs the communication number received through the data network, (Communication number).

When the communication number received through the data network is hashed to generate H '(communication number), the second authentication procedure unit 140 transmits the H (communication number) received through the text message of the telephone network, H '(communication number), and secondarily confirms whether the first authenticated communication number received through the data network matches the H (communication number) received through the text message of the telephone network.

If the communication number received through the data network is first matched with the originating number of the text message received through the telephone network, and it is determined that the communication number is secondarily matched with the H (communication number) received through the text message of the telephone network The authentication result processing unit 145 generates an authentication result of authenticating the validity of the communication number received through the data network.

Preferably, the authentication result processing unit 145 may provide the generated authentication result to an application of the wireless terminal 200, and the application of the wireless terminal 200 displays the authentication result.

Meanwhile, when the validity of the communication number received through the data network is authenticated, the information register 150 stores the authenticated communication number in the designated storage medium 155.

2 is a diagram illustrating a functional configuration of a wireless terminal and an application 245 according to an embodiment of the present invention.

2 shows a function of an application 245 that sends a text message including H (communication number) hash of the communication number of the wireless terminal through the telephone network and transmits the communication number of the wireless terminal through the data network And a configuration of the wireless terminal in which the application 245 operates. Those skilled in the art will be able to refer to and / or modify the FIG. 2, However, the present invention includes all of the above-described embodiments, and the technical features of the present invention are not limited only by the method shown in FIG. Preferably, the wireless terminal of FIG. 2 may include at least one of various smartphones, tablet PCs, PDAs, and mobile phones.

2, the wireless terminal includes a control unit 205, a memory unit 240, a screen output unit 210, a user input unit 215, a sound processing unit 220, a wireless network communication unit 230, A communication unit 225, a USIM reader unit 235 and a USIM, and has a battery for power supply.

The control unit 205 is a collective term for controlling the operation of the wireless terminal, and includes at least one processor and an execution memory, and is connected to each component provided in the wireless terminal through a bus (BUS) . According to the present invention, the control unit 205 loads at least one application code included in the wireless terminal into the execution memory through the processor, and transfers the result to at least one component through the bus And controls the operation of the wireless terminal. Hereinafter, the program function configuration of the present invention will be described in the present control unit 205 for convenience.

The memory unit 240 is a general term of the non-volatile memory included in the wireless terminal. The memory unit 240 stores at least one application code executed through the control unit 205 and at least one data set used by the application code, do. The memory unit 240 basically includes a system app code and a system data set corresponding to the operating system of the wireless terminal, a communication app code and a communication data set for processing a wireless communication connection of the wireless terminal, And an application code and a data set corresponding to the program of the present invention are also stored in the memory unit 240. [

The screen output unit 210 includes a screen output unit (e.g., an LCD (Liquid Crystal Display) or the like) and a driving module for driving the screen output unit 210. The screen output unit 210 is interlocked with the control unit 205, And outputs an operation result corresponding to the output to the screen output device.

The user input unit 215 is composed of one or more user input devices (e.g., a button, a keypad, a touch pad, a touch screen interlocked with the screen output unit 210) and a drive module for driving the touch screen. And inputs a command for instructing various operations of the control unit 205 or data necessary for the operation of the control unit 205. [

The sound processing unit 220 includes a speaker and a microphone and a drive module for driving the speaker and microphone. The sound processing unit 220 decodes an operation result corresponding to a sound output from various operation results of the control unit 205, And outputs the sound signal through the speaker or the sound signal input through the microphone to the controller 205. [

The wireless network communication unit 230 collectively refers to a communication unit that connects the wireless terminal to a wireless communication network via a base station, and includes an antenna, an RF module, a baseband module, and a signal processing module for transmitting and receiving a radio frequency signal of a specific frequency band And transmits the operation result corresponding to the wireless communication among the various operation results of the control unit 205 through the wireless communication network or the data is received through the wireless communication network, (205), and performs the connection, registration, communication, and handoff procedures of the wireless communication. Preferably, the wireless network communication unit 230 includes a mobile communication structure that performs at least one of connection to a mobile communication network, location registration, call processing, call connection, data communication, and handoff according to the CDMA / WCDMA / LTE standard.

According to an embodiment of the present invention, the wireless network communication unit 230 can connect the wireless terminal to a telephone network via a switchboard of a mobile communication network and / or a message center.

According to an embodiment of the present invention, the wireless network communication unit 230 can connect the wireless terminal to a data network via a separate packet router without passing through an exchange and / or message of the mobile communication network.

The short-range network communication unit 225 collectively refers to a communication unit that connects a communication session using a radio frequency signal within a predetermined distance (for example, 10 m) as a communication medium and connects the wireless terminal to a communication network based on the communication session. The wireless terminal can be connected to the data network through a wireless LAN using at least one of Wi-Fi communication, Bluetooth communication, public wireless communication, and UWB.

The USIM reader 235 is a general term for a configuration for exchanging at least one data set with a universal subscriber identity module that is mounted or detached from the wireless terminal based on the ISO / IEC 7816 standard, Data sets are exchanged in half-duplex mode via APDU (Application Protocol Data Unit).

The USIM is an SIM type card having an IC chip conforming to the ISO / IEC 7816 standard, and includes an input / output interface including at least one contact connected to the USIM reader unit 235, And an interface circuit connected to the input / output interface for computing the application code for the IC chip or extracting (or processing) the data set according to at least one command transmitted from the wireless terminal, As shown in FIG.

According to an embodiment of the present invention, the USIM records and manages at least one of an ICCID (Integrated Circuit Card Identifier), an International Mobile Station Identity (ISMI), and an International Mobile Equipment Identity (IMEI).

2, the application 245 of the wireless terminal includes a communication number acquisition unit 250 that receives a key input or extracts a communication number of a wireless terminal from a USIM, a H (communication number) A message generating unit 260 for generating a text message included in the designated area of the hashed H (communication number), and a message generating unit 260 for generating a text message including the H And a telephone network sending unit 265 for sending a text message including the H (communication number) through the connected telephone network.

The communication number obtaining unit 250 displays an interface for receiving a key input of the communication number of the corresponding wireless terminal when the first execution of the application 245 (or the execution before the communication number authentication through the application 245) Receives the communication number as a key input, or extracts the communication number of the corresponding wireless terminal from the USIM.

According to an embodiment of the present invention, the communication number includes at least one of a telephone number input by key input and a telephone number extracted from the USIM, and includes a UUID assigned to the application 245, Lt; RTI ID = 0.0 > ICCID, ISMI, < / RTI > IMEI. Meanwhile, the communication number may further include registration information (or a part of registration information) registered in the storage medium 155 including the user's personal information (e.g., name, date of birth, etc.) The present invention is not limited thereto.

When the communication number is input / extracted, the communication number hash unit 255 generates H (communication number) by hashing the communication number through a specified hash algorithm.

According to the first message sending method of the present invention, the application 245 may include a message sending function via the telephone network. In this case, the message generating unit 260 may send a message And the telephone network sending unit 265 generates a text message to be transmitted through the telephone network by including the H (communication number) in a designated area on the text message structure via the telephone network 245, And can transmit a text message including H (communication number) through the telephone network to which the wireless terminal is connected.

According to the second message sending method of the present invention, the application 245 can interoperate with the message sending function provided in the wireless terminal. In this case, the message generating unit 260 transmits the message sending function of the wireless terminal, And generates a text message to be transmitted through the telephone network by including the H (communication number) in a designated area on the text message structure via the telephone network, and the telephone network sending unit 265 interlocks with the message sending function of the wireless terminal The mobile terminal can send a text message including H (communication number) through the telephone network connected thereto.

According to an embodiment of the present invention, the message generating unit 260 may generate the H (communication) information in at least one or a combination of two or more of a text area of the text message, a hidden area of the text message, Number).

When sending a text message including the H (communication number) through the telephone network, the telephone network sending unit 265 transmits a text message including the H (communication number) Can be controlled. For example, in the case of the first message sending method, the telephone network sending unit 265 may omit displaying the interface of the built-in message sending function.

Meanwhile, when a message sending interface is displayed on the screen to send a text message through the telephone network, the telephone network sending unit 265 transmits the H (communication number) included in the text message by the user operation to the message sending interface Edited, or changed. For example, the telephone network sending unit 265 interrupts the touch input of a specific area (for example, a keyboard display area) of the message sending interface, and when H (communication number) included in the text message is edited or changed .

According to the method of the present invention, the text message sent through the telephone network is composed of a text-based specialized structure, or an area to be inserted with the H (communication number) in the text message structure is encoded with a digit . ≪ / RTI > In this case, the telephone network sending unit 265 may cast the H (communication number) to a digit corresponding to the designated encoding rule and include the H (communication number) in a designated area of the text message.

The text message sent through the telephone network is received by the designated message server via the telephone network or by the authentication server performing the authentication procedure according to the present invention.

According to an embodiment of the present invention, a device provided in a telephone network via the text message verifies whether the calling number included in the text message matches the actual telephone number of the mobile terminal (e.g., When the calling number included in the text message is matched with the actual telephone number of the wireless terminal, the text message is normally transmitted to the wireless terminal, . If the calling number included in the text message does not match the actual telephone number of the wireless terminal, the device on the telephone network discards the text message or transmits the calling number of the text message to the actual telephone number of the wireless terminal And the like.

Referring to FIG. 2, an application 245 of the wireless terminal includes an information checking unit 270 for checking a communication number to be transmitted through a data network, an authentication server 270 for identifying a communication number through a data network to which the wireless terminal is connected, And an authentication result display unit 280 for receiving and displaying the authentication result obtained by verifying the validity of the communication number from the authentication server.

After a text message including the H (communication number) is transmitted through the telephone network connected to the wireless terminal through the telephone network sending unit 265, the information checking unit 270 checks the communication number to be transmitted through the data network Check.

According to an embodiment of the present invention, a communication number to be transmitted through the data network includes a pre-hash communication number of an H (communication number) included in a text message transmitted through the telephone network, Or one or more pieces of registration information to be registered in a designated storage medium 155 including payment means information.

When the communication number to be transmitted through the data network is confirmed, the data network transmission unit 275 transmits the communication data to the wireless network through the short distance network communication unit 225 and the wireless network communication unit 230, And transmits the communication number to the designated authentication server through the data network.

According to an embodiment of the present invention, the data network transmitter 275 may encrypt the communication number through a predetermined security protocol and transmit the encrypted communication number. In this case, the authentication server transmits the encrypted communication number through the security protocol It can be decoded.

The authentication server receives H (communication number) having hashed the communication number from the application 245 of the wireless terminal through the text message of the telephone network and receives the communication number transmitted from the app 245 of the wireless terminal through the data network (= First authentication) for authenticating the communication number received through the data network using the origination number of the text message received through the telephone network, and H '(hash) the hash of the communication number received through the data network (Second authentication) for authenticating a user through a communication network (H) (communication number) received through a text message of a telephone network, and the communication number received through the data network is a character received through the telephone network And generates and transmits an authentication result of authenticating the validity of the communication number when the authentication result is matched with the originating number of the message and matches the H (communication number) received through the text message of the telephone network, 280 receives and displays the authentication result through a data network connected to the wireless terminal.

3 is a diagram illustrating a process of providing a communication number through a telephone network according to an embodiment of the present invention.

In more detail, FIG. 3 shows H (communication number) having been generated by hashing the communication number in the application 245 of the wireless terminal 200, And the H (communication number) of the text message is mapped and stored. Referring to FIG. 3 and / or modified by the person skilled in the art, It is to be understood that the present invention is not limited to the above-described embodiments, and various changes and modifications may be made without departing from the scope of the present invention. The technical characteristics are not limited only by the method shown in FIG.

Referring to FIG. 3, an application 245 of the wireless terminal 200 receives a key for inputting a communication number of the corresponding wireless terminal 200 or extracts it from a USIM (300), hashes the communication number, (H) (communication number) (305).

If the H (communication number) is generated, the application 245 of the wireless terminal 200 transmits the generated H (communication number) to the designated area on the text message structure via the telephone network (310), and transmits a text message including the H (communication number) through the telephone network to which the wireless terminal 200 is connected (315).

The authentication server 100 (or the message server 160) receives the text message including the H (communication number) via the telephone network 320 and transmits the verification number of the verified / corrected text message through the telephone network to the authentication server 100 And extracts H (communication number) included in the text message (325).

If the origination number and H (communication number) are extracted through the text message received through the telephone network, the authentication server 100 maps the extracted origination number to H (communication number) , The calling number and H (communication number) stored in the mapping are used for network interworking authentication and hash authentication.

Meanwhile, the authentication server 100 sets an effective time to the mapped stored calling number and H (communication number) (335), and determines whether the valid time has passed (340). If the set valid time elapses, the authentication server 100 deletes the mapped stored origination number and H (communication number) (345).

FIG. 4 is a diagram illustrating a process of providing a communication number through a data network, performing a network interworking authentication and a hash authentication according to an embodiment of the present invention.

4 illustrates an example of a case where the application 245 of the wireless terminal 200 provides the communication number through the data network and the authentication server 100 transmits the received character via the telephone network through the process shown in FIG. And a hash authentication process for the communication number received through the data network using the origination number and the H (communication number) of the message, sequentially and in a manner similar to that of the related art. If it is a person skilled in the art, referring to and / or modifying FIG. 4, various methods of providing a communication number through the data network and performing network interworking authentication and hash authentication (for example, some steps are omitted, or It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. Features are not limited.

Referring to FIG. 4, the application 245 of the wireless terminal 200 transmits a text message including H (communication number) via the telephone network through the process shown in FIG. 3, (400) through the data network of FIG.

The application 245 of the wireless terminal 200 encrypts the communication number according to a predetermined security protocol and transmits the encrypted communication number to the authentication server 100 through the data network 405, The communication number is received (410), and the encrypted communication number is decrypted according to the specified security protocol (415).

3, the authentication server 100 performs a network interworking-based communication number authentication procedure for first checking a calling number matched with a communication number received through the data network among the mapped calling number stored in the FIG. 3 process (420).

If the communication number received through the data network does not match the calling number of the text message received through the telephone network, the authentication server 100 authenticates the application 245 of the wireless terminal 200 through the data network And the application 245 of the wireless terminal 200 receives and outputs an authentication error through the data network (425).

Meanwhile, if the communication number received through the data network matches the calling number of the text message received through the telephone network and the first authentication of the network interworking-based communication number is successful, the authentication server 100 transmits the communication number (H) (communication number) mapped with the matched calling number (430), and H '(communication number) is generated by hashing the communication number received through the data network (435).

When the H '(communication number) is generated, the authentication server 100 compares the H (communication number) received through the telephone network with the H' (communication number) hash of the communication number received through the data network Based hash-based communication number authentication procedure for performing a second check to see if it is matched (440).

If the H (communication number) hash of the communication number received through the data network and the H (communication number) received through the text message of the telephone network do not match, the authentication server 100 transmits Transmits an authentication error to the application 245 of the wireless terminal 200, and the application 245 of the wireless terminal 200 receives and outputs an authentication error through the data network (445).

Meanwhile, the communication number received through the data network is matched with the calling number of the text message received through the telephone network, and is matched with the H (communication number) received through the text message of the telephone network, If the authentication is successful, the authentication server 100 generates an authentication result of authenticating the validity of the communication number received through the data network 450, stores the authenticated communication number in the designated storage medium 155 (455), and transmits a result of verifying the validity of the communication number to the application (245) of the wireless terminal (200) through the data network (460). The application 245 of the wireless terminal 200 receives and outputs the authentication result obtained by authenticating the validity of the communication number from the authentication server 100 through the data network (step 465).

100: Authentication server 105:
110: first channel verifying unit 115: first channel verifying unit
120: first channel mapping unit 125: second channel reception unit
130: first authentication procedure unit 135: channel interworking hash unit
140: second authentication processing unit 145: authentication result processing unit
150: information register 155: storage medium
160: message server 200: wireless terminal

Claims (15)

CLAIMS What is claimed is: 1. A method executed via a server communicating with a wireless terminal that multiple accesses to a telephone network and a data network,
(H) (communication number) is generated by hashing the communication number of the wireless terminal in an application installed and installed in the wireless terminal, and then the H (communication number) is included in a designated area on the text message structure via the telephone network (Communication number) included in a text message received via the telephone network and a verification number verified or corrected through the telephone network in the process of transmitting and receiving a text message via the telephone network, Stage 1;
A second step of mapping and storing the extracted origination number and H (communication number);
A third step of receiving a communication number of the wireless terminal from an app of the wireless terminal via the data network;
A first step of checking a calling number matched with a communication number received through the data network among the calling number extracted and stored from the text message received through the telephone network;
A fifth step of generating H '(communication number) by hashing the communication number received through the data network if the communication number received through the data network matches the calling number of the text message received through the telephone network;
A sixth step of comparing H '(communication number) received and hashed through the data network with H (communication number) received through a text message of the private telephone network and checking whether the H (communication number) is matched; And
The communication number received through the data network is matched with the calling number of the text message received through the telephone network, and if the communication number is matched with the H (communication number) received through the text message of the telephone network, And a seventh step of generating an authentication result of validating the validity of the communication number. The communication system according to claim 1,
A telephone number input through the application of the wireless terminal,
And a telephone number extracted from a USIM of the wireless terminal. 3. The communication system according to claim 2,
A UUID (Universal Unique Identifier) assigned to an app of the wireless terminal,
(ICCID), an International Mobile Station Identity (ISCI), and an International Mobile Equipment Identity (IMEI) recorded in a Universal Subscriber Identity Module (USIM) of the mobile terminal. Two - way authentication using channel. The mobile terminal of claim 1,
Wherein a message sending function via the telephone network is built in, and a text message including H (communication number) is transmitted through a telephone network using the built-in message sending function. The mobile terminal of claim 1,
Wherein the mobile terminal transmits a text message including a communication number (H) through a telephone network in cooperation with a message sending function provided in the wireless terminal and in cooperation with a message sending function of the wireless terminal, . The mobile terminal of claim 1,
And a message sending interface for sending a text message including the H (communication number) is not displayed on the screen. The mobile terminal of claim 1,
If you display a message sending interface that sends text messages,
Wherein the control unit controls so that H (communication number) included in the text message is not edited or changed by a user operation on the message sending interface. The mobile terminal of claim 1,
H (communication number) is cast to a specified digit and included in a designated area of the text message. The method according to claim 1, wherein the H (communication number)
A text area of the text message,
A hidden area of the text message,
Wherein the second message is included in at least one of the spare areas of the text message or in a combination of two or more of the spare messages. The method of claim 1,
And when the validity of the origination number is verified or corrected through the telephone network, the dual authentication method using dual channel. 2. The method according to claim 1,
And restoring, by binary, H (communication number) included in the designated area of the text message. 2. The method according to claim 1,
Further comprising the step of verifying the integrity of the H (communication number). 2. The method according to claim 1,
Setting an effective time of the mapped stored origination number and H (communication number); And
And clearing the mapped stored origination number and H (communication number) when the valid time has elapsed. The method according to claim 1,
And storing the authenticated communication number in a designated storage medium. ≪ RTI ID = 0.0 > [10] < / RTI > A system implemented through a server communicating with a wireless terminal that multiple accesses both a telephone network and a data network,
(H) (communication number) is generated by hashing the communication number of the wireless terminal in an application installed and installed in the wireless terminal, and then the H (communication number) is included in a designated area on the text message structure via the telephone network (Communication number) included in a text message received via the telephone network and a verification number verified or corrected through the telephone network in the process of transmitting and receiving a text message via the telephone network, 1 channel confirmation unit;
A first channel mapping unit for mapping and storing the extracted origination number and H (communication number);
A second channel receiver for receiving a communication number of the wireless terminal from an app of the wireless terminal via the data network;
A first authentication procedure unit for first checking a calling number matched with a communication number received through the data network among a calling number extracted and stored from a text message received through the telephone network;
A channel interworking decoding unit for generating a H '(communication number) by hashing the communication number received through the data network if the communication number received through the data network matches the calling number of the text message received through the telephone network, ;
A second authentication procedure unit which compares H (communication number) received and hashed through the data network with H (communication number) received through a text message of the private telephone network and secondarily verifies whether the H (communication number) is matched; And
The communication number received through the data network is matched with the calling number of the text message received through the telephone network, and if the communication number is matched with the H (communication number) received through the text message of the telephone network, And an authentication result processing unit for generating an authentication result in which the validity of the communication number is authenticated.
KR1020150060418A 2015-04-29 2015-04-29 System and Method for Dual Certification by using Dual Channel KR20160128686A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150060418A KR20160128686A (en) 2015-04-29 2015-04-29 System and Method for Dual Certification by using Dual Channel

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150060418A KR20160128686A (en) 2015-04-29 2015-04-29 System and Method for Dual Certification by using Dual Channel

Publications (1)

Publication Number Publication Date
KR20160128686A true KR20160128686A (en) 2016-11-08

Family

ID=57528098

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150060418A KR20160128686A (en) 2015-04-29 2015-04-29 System and Method for Dual Certification by using Dual Channel

Country Status (1)

Country Link
KR (1) KR20160128686A (en)

Similar Documents

Publication Publication Date Title
CN108471610B (en) Bluetooth connection control system
KR20160143333A (en) Method for Double Certification by using Double Channel
CN105227537A (en) Method for authenticating user identity, terminal and service end
EP3376421A1 (en) Method for authenticating a user and corresponding device, first and second servers and system
KR20130018061A (en) Method and system for operating one time code by using connectionless network seed
KR101482321B1 (en) Method for Substituting Password of Certificate by using Biometrics
US11076282B2 (en) Telecommunications apparatus with a radio-linked smart card
CN107690667A (en) Use the payment system and its method for user's non-repudiation of user terminal
US9648495B2 (en) Method and device for transmitting a verification request to an identification module
KR20150004955A (en) Method for Providing Authentication Code by using End-To-End Authentication between USIM and Server
KR101603476B1 (en) Method for Dual Certification by using Dual Channel
KR20160124336A (en) Method for Providing Electronic Signature by using Secure Operating System
KR20160128686A (en) System and Method for Dual Certification by using Dual Channel
KR20150065996A (en) Method for providing safety login based on one time code by using user's card
KR20150000081A (en) Method for Providing One Time Code by using End-To-End Authentication between Card and Server
KR20190047557A (en) Earphone Device for Providing OTP by using Asynchronous Local Area Radio Communication
KR101505735B1 (en) Method for Authenticating Near Field Communication Card by using Time Verification
KR101777043B1 (en) Method for Generating Electronic Signature based on Asynchronous Local Area Radio Communication
KR20150057885A (en) Method for Updating Encryption Key between Card and Device
KR20160143336A (en) Method for Dual Authentication using Dual Channel
KR20160143335A (en) System and Method for Dual Certification based Dual Channel
KR101505734B1 (en) Method for Authenticating Near Field Communication Card by using Time Verification
KR101704249B1 (en) Method for Controlling Integrated Circuit Chip by using Distributed Processing
KR20160143337A (en) System and Method for Double Certification by using Double Channel
KR101592070B1 (en) Method for Security Relaying by using Code Image

Legal Events

Date Code Title Description
N231 Notification of change of applicant