KR20160140188A - System and method for authenticating user using duel channel - Google Patents

Abstract

According to an embodiment of the present invention, a first device includes: a communications unit which requests user authentication to a server; a display unit which displays a first keypad including a plurality of areas; a user input unit which receives a user input of selecting at least one of the plurality of areas; and a control unit which transmits area information of the first keypad corresponding to the user input to the server, and receives an authentication result determined based on character arrangement information of a second keypad and the area information of the first keypad.

Description

[0001] SYSTEM AND METHOD FOR AUTHENTICATING USER DUAL CHANNEL USING DUAL CHANNEL [0002]

Various embodiments relate to an authentication system and method, and more particularly, to a system and method for authenticating a user using information generated in a first device and a second device.

In accordance with the development of information and communication technology, user authentication technology in web service use or terminal use is very important for security of information. In order to authenticate a user, for example, there is a method of using a password. In the process of inputting a password, there has been a problem that a security vulnerability may occur through exposure to the environment, device hacking, or network hacking.

Therefore, there is a demand for a technique that enables more convenient and secure authentication in user authentication.

Various embodiments may provide a system and method for authenticating a user using authentication information generated at a first device and authentication information generated at a second device.

As a technical means for achieving the above-mentioned technical object, a first aspect of the present disclosure is a communication system comprising: a communication unit for requesting a user authentication with a server; A display unit for displaying a first keypad including a plurality of areas; A user input for receiving a user input for selecting at least one of the plurality of regions; And a control unit for transmitting the area information of the first keypad corresponding to the user input to the server and receiving the authentication result determined based on the character arrangement information of the second keypad and the area information of the first keypad from the server A second device, and a second device.

A user input for selecting at least one of the plurality of regions according to an exemplary embodiment may be input from a user corresponding to a character array included in the second keypad displayed on the second device.

At least one of the first area and the second area of the plurality of areas included in the first keypad may be different in size and shape.

The controller may recognize a second device associated with the first device and, when the second device is recognized, display a menu for selecting dual channel authentication.

Also, a second aspect of the disclosure provides a method comprising: requesting a user authentication with a server; The method comprising: displaying a first keypad including a plurality of regions; Receiving a user input for selecting at least one of the plurality of regions; Transmitting region information of the first keypad corresponding to the user input to the server; And receiving the authentication result determined based on the character arrangement information of the second keypad and the area information of the first keypad from the server.

A user input for selecting at least one of the plurality of regions according to an exemplary embodiment may be input from a user corresponding to a character array included in the second keypad displayed on the second device.

At least one of the first region and the second region of the plurality of regions may be different in size and shape.

The method may further include recognizing a second device associated with the first device; And if the second device is recognized, displaying a menu for selecting dual channel authentication.

Further, a third aspect of the present disclosure is a storage apparatus comprising: a storage unit for storing a first password; A communication unit for receiving user authentication request from the first device and area information of the first keypad corresponding to a user input for selecting at least one of a plurality of areas included in the first keypad; And acquiring a second keypad including a character array corresponding to the user authentication request, acquiring a second password based on the received area information of the first keypad and the character array information of the second keypad And a controller for comparing the first password with the second password to determine whether to authenticate the server.

The controller may generate the second keypad in response to the user authentication request, or the communication unit may receive the second keypad from the external device.

Further, a fourth aspect of the disclosure provides a method comprising: storing a first password; Receiving a user authentication request from a first device; Obtaining a second keypad including a character array corresponding to the user authentication request; Receiving area information of the first keypad corresponding to a user input that selects at least one of a plurality of areas included in the first keypad from the first device; Obtaining a second password based on the received area information of the first keypad and the character array information of the second keypad; And comparing the first password with the second password to determine whether or not to authenticate the user.

The second keypad according to an embodiment may be generated in the server or received from an external device in response to the user authentication request.

Further, a fifth aspect of the present disclosure is a display device comprising: a display unit displaying a virtual keypad including a character array generated corresponding to a user authentication request of a first device; An image sensor for acquiring a first keypad image displayed on the first device and a control unit for controlling the virtual keypad to be overlapped and displayed on the first keypad using the first keypad image, Wherein the keypad comprises a plurality of regions in which characters are not displayed.

The virtual keypad and the first keypad according to an embodiment may have the same size and shape.

The controller may control each of the characters included in the virtual keypad to overlap and display each of the plurality of regions included in the first keypad.

The controller may control the virtual keypad to be displayed on the transparent display so that the virtual keypad overlaps the first keypad viewed through the transparent display.

Further, a sixth aspect of the present disclosure provides a method for controlling a display device, comprising: obtaining a first keypad image displayed on a first device; And displaying a virtual keypad overlaid on the first keypad using the first keypad image, wherein the first keypad includes a plurality of regions in which characters are not displayed, and the virtual keypad And a character array generated in response to the user authentication request of the first device.

The virtual keypad and the first keypad according to an embodiment may have the same size and shape.

The step of displaying the virtual keypad so as to overlap the first keypad according to an embodiment may further include displaying each of the characters included in the virtual keypad to overlap each of the plurality of areas included in the first keypad Step < / RTI >

The step of displaying the virtual keypad to overlap the first keypad according to an exemplary embodiment may include displaying the virtual keypad on the transparent display so that the virtual keypad overlaps with the first keypad viewed through the transparent display, And displaying the keypad.

Also, a seventh aspect of the present disclosure provides a server comprising: a server; A first device for requesting user authentication to the server and displaying a first keypad including a plurality of areas; And a second device for displaying a second keypad including a character array generated in response to the user authentication request, wherein the first device further comprises: And transmits the area information of the first keypad corresponding to the user input to the server, and the server receives the area information of the received first keypad and the second area of the second keypad, It is possible to provide a user authentication system that obtains a password based on character array information of a keypad and determines whether or not to authenticate based on the obtained password.

1 is a diagram illustrating an authentication system, in accordance with one embodiment.
2 is a flow diagram of a method for performing user authentication using a first device, according to one embodiment.
3 is a diagram illustrating an authentication system in a case where a second keypad including a character array is generated in a server according to an embodiment.
4 is a diagram illustrating an authentication system when a second keypad including a character array is created in a second device, according to one embodiment.
5 is a flow diagram of a method by which a server performs user authentication, according to one embodiment.
6 is a diagram illustrating a system for performing user authentication using a first device when an augmented reality is used, according to an embodiment.
7 is a diagram illustrating a system for performing user authentication using a first device when an augmented reality is not used, according to an embodiment.
8 is a diagram illustrating another example of at least one of the size and the shape between the first keypad and the second keypad, according to an embodiment.
9 is a diagram illustrating another example of at least one of a plurality of areas included in the first keypad according to an embodiment.
FIG. 10 is a diagram illustrating an example of notifying a user whether dual channel authentication is used according to an embodiment.
11 is a diagram illustrating an authentication system for transmitting a second keypad from a first device to a second device, according to an embodiment.
FIG. 12 is a diagram illustrating an example in which whether or not the PIP (Picture In Picture) display of the second keypad is determined according to the control of the first device or a predetermined period of time according to an embodiment.
13 is a diagram illustrating an example of changing the character arrangement included in the second keypad according to an embodiment.
14 is a flowchart illustrating a method for authenticating a user using an authentication system including an OTP (One Time Password) device according to an embodiment.
Figures 15 and 16 are block diagrams of a first device, according to one embodiment.
17 is a block diagram of a server, in accordance with one embodiment.
18 is a block diagram of a second device, according to one embodiment.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings, which will be readily apparent to those skilled in the art. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.

Throughout the specification, when a part is referred to as being "connected" to another part, it includes not only "directly connected" but also "electrically connected" with another part in between . Also, when an element is referred to as "comprising ", it means that it can include other elements as well, without departing from the other elements unless specifically stated otherwise.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.

≪ 1 >

1 is a diagram illustrating an authentication system, in accordance with one embodiment.

Referring to FIG. 1, an authentication system may include a first device 1000, a second device 2000, and a server 3000.

Referring to FIG. 1, the server 3000 may perform communication with the first device 1000 and the second device 2000. The first device 1000 and the second device 2000 can communicate with each other. For example, the first device 1000 can transmit or receive data and the like with the second device 2000 using short-range communication. In this case, the short-range communication may include a Wi-Fi scheme, an NFC scheme, a Bluetooth scheme, an infrared scheme, a Zigbee scheme, and the like, but is not limited thereto. Also, the first device 1000 and the server 3000, the second device 2000, and the server 3000 may be connected to each other via a network, and the network may be a local area network (LAN), a wide area network Such as a wired network such as a Wide Area Network (WAN) or a Value Added Network (VAN), or a mobile radio communication network or a satellite communication network.

The server 3000 may receive a user authentication request from the first device 1000. A user authentication request means a procedure that demonstrates that the user is entitled to a fair use that is accessible to a specific network, system, and so on. Specifically, it is a procedure for inputting a user ID and a password to a device having a communication function and a data processing function. However, it is not limited thereto.

When the first device 1000 requests user authentication to the server 3000, the first device 1000 may display the first keypad. The first keypad may include a plurality of areas, and the plurality of areas may be empty areas where characters are not displayed. At least one of the first region and the second region of the plurality of regions may be different in size and shape.

Also, the second device 2000 can display the second keypad. Also, the second device 2000 can display the second keypad. At this time, the second keypad may include a character array generated in response to the user authentication request. A second keypad containing a character array may be generated at the server 3000 and transmitted to the second device 2000. Alternatively, a second keypad comprising a character array may be generated in the second device 2000. When a second keypad including a character array is generated in the second device 2000, the second device 2000 can transmit the generated character array to the server 3000. [

The character array can include Hangul, alphabets, kanji, numbers, punctuation, and the like. The character array can be generated each time a user authentication is requested or can be generated by a user's request. Alternatively, the character array may be generated at a predetermined cycle. According to one embodiment, the character array may be a one-time character array. A one-time character array means a character array that is unpredictable and has a random number that does not have periodicity and regularity. The character array information of the second keypad may be position coordinates corresponding to each character displayed on the second keypad, and the like. However, it is not limited thereto.

The first device 1000 may receive a user input that selects at least one of a plurality of areas included in the first keypad. At this time, the user input may be an input corresponding to a character array included in the second keypad displayed on the second device 2000. For example, the user can view the character array included in the second keypad and select an area corresponding to each of the characters included in the password among the plurality of areas of the first keypad. At this time, the user input may be a touch input or an input for pressing a button, but the present invention is not limited thereto.

The first device 1000 can transmit the area information of the first keypad corresponding to the received user input to the server 3000. [ For example, the area information of the first keypad may include the location coordinates of the area where the user input is received, the order of the input, or the time information. However, it is not limited thereto.

The server 3000 can acquire the password inputted by the user based on the area information of the first keypad and the character array information of the second keypad. The server 3000 can compare the password input by the user with the pre-stored password to determine whether or not the first device user is authenticated.

The server 3000 receives the user authentication request from the first device 1000 and the area information of the first keypad corresponding to the user input for selecting at least one of the plurality of areas included in the first keypad, From the keypad 2000, the character array information of the second keypad. The server 3000 obtains the second password based on the area information of the first keypad and the character array information of the second keypad. Also, the server 3000 can compare the first password and the second password to determine whether or not to authenticate. The server 3000 may store the first password.

The first device 1000 may request the server 3000 to authenticate the user. When the first device 1000 requests the server 3000 to authenticate the user, the first device 1000 can display the first keypad. In addition, the first device 1000 may receive a user input for selecting at least one of a plurality of areas of the first keypad, and may transmit the corresponding area information of the first keypad to the server 3000. Also, the first device 1000 can receive from the server 3000 the authentication result determined based on the character arrangement information of the second keypad and the area information of the first keypad.

And the second device 2000 can display the second keypad. Also, the second device 2000 may transmit the character array information of the second keypad to the server 3000. [ The second keypad may include a character array generated in response to the user authentication.

The first device 1000 may be a smart phone, a tablet PC, a PC, a smart TV, a mobile phone, a PDA (personal digital assistant), a laptop, a media player, a micro server, , Navigation, kiosks, MP3 players, digital cameras, and other mobile or non-mobile computing devices. In addition, the first device 1000 may include various devices capable of receiving a touch input, such as an electronic board, a touch table, and the like. Further, the first device 1000 may be a clock having a communication function and a data processing function, but is not limited thereto.

Meanwhile, the second device 2000 may be a device having a communication function and a data processing function. For example, the second device 2000 may be a smart phone, a tablet PC, a PC, a smart TV, a mobile phone, a personal digital assistant (PDA), a laptop, a media player, , Digital broadcast terminals, navigation, kiosks, MP3 players, digital cameras, and other mobile or non-mobile computing devices.

In addition, the second device 2000 may include a head mounted display (HMD) 2010 that can be mounted on the head. For example, the head-mounted display (HMD) may include, but is not limited to, glasses, helmets, hats, and the like. The second device 2000 according to one embodiment may include but is not limited to a smart watch 2020, a band, a ring, a necklace, a bracelet, a shoe, an earring, a hair band, clothes, gloves, .

The second device 2000 according to one embodiment may be a single device or a combination of a plurality of devices. For example, in the present specification, the second device 2000 may be embodied as one piece of glasses or a combination of two or more pieces of equipment such as a pair of glasses and a ring, a pair of glasses and a watch, a pair of glasses and a thimble.

If the second device 2000 according to an embodiment is an HMD device, the second device 2000 may provide the second keypad with a virtual keypad. 2 device 2000 can display a virtual keypad in the form of Augmented Reality (AR).

In addition, the second device 2000 may be an OTP (One Time Password) device which is a user authentication method using a randomly generated one-time password or a device capable of performing other functions in addition to the OTP function.

2,

2 is a flow diagram of a method for performing user authentication using a first device 1000, according to one embodiment.

In step S200, the first device 1000 requests the server 3000 to authenticate the user. A user authentication request means a procedure that demonstrates that the user is entitled to a fair use that is accessible to a specific network, system, and so on. Specifically, it is a procedure for inputting a user ID and a password to a device having a communication function and a data processing function. However, it is not limited thereto.

In step S210, the first device 1000 displays a first keypad including a plurality of areas. The first keypad may include a plurality of regions for receiving user input. The plurality of areas may be empty areas where no characters are displayed. At least one of the first region and the second region of the plurality of regions may be different in size and shape. In addition, the first device 1000 may display a figure including a line separating the regions on the screen of the first device 1000.

The first keypad may be generated by the first device 1000, the second device 2000, or the server 3000. According to one embodiment, the first device 1000 may receive a first keypad generated by the second device 2000 or the server 3000.

In step S220, the first device 1000 may receive a user input that selects at least one of a plurality of areas of the first keypad. Specifically, the user can select a region corresponding to a first password value shared between the user and the server by using the character array information of the second keypad.

In step S230, the first device 1000 may transmit the area information of the first keypad corresponding to the user input to the server 3000. [

In step S240, the first device 1000 can receive from the server 3000 the authentication result determined based on the character array information of the second keypad and the area information of the first keypad corresponding to the user input.

3,

3 is a diagram illustrating an authentication system when a second keypad including a character array is generated in the server 3000, according to an embodiment.

In step S300, the server 3000 stores the first password. The first password may be pre-shared by the user. Also, the first password may include, but is not limited to, Hangul, alphabets, Chinese characters, numbers, punctuation marks, and the like.

In step S302, the server 3000 receives a user authentication request from the first device 1000. [ A user authentication request means a procedure that demonstrates that the user is entitled to a fair use that is accessible to a specific network, system, and so on. Specifically, it is a procedure for inputting a user ID and a password to a device having a communication function and a data processing function. However, it is not limited thereto.

In step S304, the server 3000 acquires a second keypad including a character array in response to the user authentication request. In step S306, the server 3000 transmits the acquired character array information of the acquired second keypad to the second device 2000. In step S308, the second device 2000 displays a second keypad including character array information received from the server 3000. [

In step S310, the first device 1000 displays the first keypad. The first keypad may include a plurality of areas, and the plurality of areas may be empty areas where characters are not displayed. At least one of the first region and the second region of the plurality of regions may be different in size and shape. In addition, the first device 1000 may display a figure including a line separating the regions on the screen of the first device 1000.

In step S312, the first device 1000 receives a user input for selecting at least one of a plurality of areas included in the first keypad.

In step S314, the server 3000 receives area information of the first keypad corresponding to a user input for selecting at least one of a plurality of areas included in the first keypad from the first device 1000. [ The area information of the first keypad may be information corresponding to the reception of a user input for selecting at least one of a plurality of areas of the first keypad. For example, the area information of the first keypad may include the location coordinates of the area where the user input is received, the order of the input, or the time information. However, it is not limited thereto.

In step S316, the server 3000 obtains the second password based on the area information of the first keypad and the character array information of the second keypad. According to one embodiment, the area information of the first keypad may include the location coordinates of the area where the user input is received and the input order. The character array information of the second keypad may be position coordinates corresponding to each character displayed on the second keypad. However, it is not limited thereto.

According to one embodiment, the server 3000 determines the area of the second keypad corresponding to the area of the first keypad on which the user input is received, based on the position coordinates of the area where the user input is received, The character included can be determined as a character corresponding to the user input. In addition, according to one embodiment, the server 3000 can determine the posterior relationship of the characters corresponding to the user input by using the input order of the area where the user input included in the area information of the first keypad is received have.

In step S318, the server 3000 compares the first password and the second password to determine whether to authenticate. According to one embodiment, it is possible to compare whether the first password value and the second password value are the same.

In step S320, the first device 1000 receives the authentication result from the server 3000. [

<Fig. 4>

4 is a diagram illustrating an authentication system when a second keypad including a character array is created in the second device 2000, according to an embodiment.

In step S400, the server 3000 stores the first password. The first password may be pre-shared by the user. Also, the first password may include, but is not limited to, Hangul, alphabets, Chinese characters, numbers, punctuation marks, and the like.

In step S402, the server 3000 receives a user authentication request from the first device 1000. [

In step S404, the second device 2000 receives a request for generating a second keypad including a character array corresponding to the user authentication request from the server 3000. [

In step S406, the second device 2000 may acquire a second keypad including a character array, corresponding to a second keypad creation request including a character array of the server 3000. [ According to one embodiment, the second device 2000 may be identical to the manner in which the server 3000 obtains a second keypad including a character array, in response to a user authentication request, at step S304.

In step S408, the second device 2000 transmits the acquired character array information of the acquired second keypad to the server 3000. [ In step S410, the second device 2000 displays a second keypad including the obtained character array information.

In step S412, the first device 1000 displays the first keypad.

In step S414, the first device 1000 receives a user input for selecting at least one of a plurality of areas included in the first keypad.

In step S416, the server 3000 receives the area information of the first keypad corresponding to the user input for selecting at least one of the plurality of areas included in the first keypad from the first device 1000. [

In step S418, the server 3000 obtains the second password based on the area information of the first keypad and the character array information of the second keypad.

In step S420, the server 3000 compares the first password with the second password to determine whether to authenticate. According to one embodiment, it is possible to compare whether the first password value and the second password value are the same.

In step S422, the first device 1000 receives the authentication result from the server 3000. [

Steps S412 to S422 correspond to steps S310 to S320 of FIG. 3, respectively, which are described in detail in FIG. 3, and a detailed description thereof will be omitted.

5,

5 is a flow diagram of a method by which server 3000 performs user authentication, according to one embodiment.

In step S500, the server 3000 stores the first password. The first password may be pre-shared by the user. Also, the first password may include, but is not limited to, Hangul, alphabets, Chinese characters, numbers, punctuation marks, and the like.

In step S510, the server 3000 receives a user authentication request from the first device 1000. [

In step S520, the server 3000 acquires a second keypad including a character array in response to the user authentication request.

In step S530, the server 3000 receives area information of the first keypad corresponding to a user input for selecting at least one of a plurality of areas included in the first keypad, from the first device 1000. [ The area information of the first keypad may be information corresponding to the reception of a user input for selecting at least one of a plurality of areas of the first keypad.

In step S540, the server 3000 obtains the second password based on the area information of the first keypad and the character array information of the second keypad.

In step S550, the server 3000 compares the first password and the second password to determine whether to authenticate. According to one embodiment, it is possible to compare whether the first password value and the second password value are the same.

In step S560, the server 3000 transmits the authentication result to the first device 1000. [

6,

6 is a diagram illustrating a system for performing user authentication using the first device 1000 when an augmented reality is used, according to an embodiment.

And the second device 2000 can display the second keypad. The second keypad may include a character array generated in response to a user authentication request of the first device. When the second device 2000 is an HMD device according to an embodiment, the second keypad may be a virtual keypad.

The second device 2000 may acquire a first keypad image displayed on the first device. Also, the second device 2000 may display the virtual keypad to overlap the first keypad using the first keypad image. In addition, the first keypad may include a plurality of regions where characters are not displayed.

When a virtual keypad is provided in the form of an augmented reality, according to an embodiment, the virtual keypad and the first keypad 600 may have the same size and shape. However, it is not limited thereto.

Also, in case of providing a virtual keypad in the form of an augmented reality, the second device 2000, in accordance with an embodiment, each of the characters included in the virtual keypad is divided into a plurality of areas included in the first keypad Can be displayed so as to overlap with each other. However, it is not limited thereto.

In addition, when providing a virtual keypad in the form of an augmented reality, the second device 2000 displays a virtual keypad on the transparent display so that a virtual keypad overlaps the first keypad observed through the transparent display Can be displayed. However, it is not limited thereto.

6 (a) is a diagram illustrating an example in which the first keypad 600 is displayed on the first device 1000. In FIG. Referring to FIG. 6 (a), the first keypad 600 includes a plurality of areas for receiving user input. The plurality of areas may be empty areas where no characters are displayed. Each of the plurality of regions may be different from each other in at least one of size and shape. In addition, the first device 1000 may display a figure including a line separating the regions on the screen of the first device 1000.

6B is a diagram illustrating an example of user input to the first keypad 600 on the first device 1000 using characters included in a plurality of areas of the second keypad 700. [ According to one embodiment, the first keypad 600 and the second keypad 700 are the same in size and shape. Each of the plurality of areas of the second keypad 700 including the character array may correspond to each of a plurality of areas of the first keypad 600 on which characters are not displayed.

6 (b), when the first keypad 600 and the second keypad 700 are expressed in the form of a 3 × 3 matrix, the first keypad 600 and the second keypad 700, respectively, 1 region 622 of the first keypad 600 and the (1,1) region 602 of the second keypad 700 correspond to each other and the (1,2) region 624 of the first keypad 600 and the second keypad 700 (1,2) region 604 of the first keypad 600 correspond to each other and the (1,3) region 626 of the first keypad 600 and the (1,3) region 606 of the second keypad 700 correspond to each other Respectively. The (2, 1) area 628 of the first keypad 600 and the (2, 1) area 608 of the second keypad 700 correspond to each other. 2 region 630 of the first keypad 600 correspond to the (2, 2) region 610 of the second keypad 700 and the (2, 3) region 632 of the first keypad 600 and the (2, 3) region 612 correspond to each other. The (3,1) area 634 of the first keypad 600 and the (3,1) area 614 of the second keypad 700 correspond to each other, 2 region 636 of the first keypad 600 and the (3, 2) region 616 of the second keypad 700 correspond to each other and the (3,3) region 638 of the first keypad 600 and the (3, 3) region 618 of FIG.

For example, in order to input the number 6, the user can input the number (3,3) of the first keypad 600 corresponding to the area (3,3) 618 in which the number 6 of the second keypad 700 is displayed, Area 638. &lt; / RTI &gt;

The correspondence relationship between the areas of the first keypad 600 and the second keypad 700 can be realized in various different forms and is not limited to the embodiments described herein. In addition, the first keypad 600 and the second keypad 700 may be symmetrical in size and shape. That is, the first keypad 600 and the second keypad 700 are not limited to the same size and shape.

7,

7 is a diagram illustrating a system for performing user authentication using the first device 1000 when an augmented reality is not used, according to an embodiment.

7 (a) is a diagram illustrating an example in which the first keypad 600 is displayed on the first device 1000. This has been described in detail with reference to FIG. 6 (a), and a detailed description thereof will be omitted.

7B is a diagram showing an example in which a second device (e.g., smart watch 2020) displays a second keypad 700. [ Referring to FIG. 7 (b), the second keypad 700 may be displayed on the second device 2020 screen. The second keypad 700 may be displayed in the form of a Picture In Picture (PIP) and is not limited to the embodiments described herein.

7C is a diagram illustrating an example of user input to the first keypad 600 on the first device 1000 using characters included in a plurality of areas of the second keypad 700. [ According to one embodiment, the first keypad 600 and the second keypad 700 are the same in size and shape. Each of the plurality of areas of the second keypad 700 including the character array may correspond to each of a plurality of areas of the first keypad 600 on which characters are not displayed.

For example, as shown in FIGS. 7B and 7C, when the first keypad 600 and the second keypad 700 are respectively expressed in the form of a 3 × 3 matrix, the first keypad 600 The (1, 1) area 722 of the first keypad 600 corresponds to the (1,1) area 702 of the second keypad 700 and the (1,2) region 704 of the second keypad 700 correspond to each other and the (1,3) region 726 of the first keypad 600 and the (1,3) region 726 of the second keypad 700 correspond to ) Area 706 correspond to each other. The (2, 1) area 728 of the first keypad 600 and the (2, 1) area 708 of the second keypad 700 correspond to each other, 2 region 730 of the first keypad 600 correspond to the (2, 2) region 710 of the second keypad 700 and the (2,3) region 732 of the first keypad 600 and the (2, 3) region 712 correspond to each other. The (3,1) area 734 of the first keypad 600 and the (3,1) area 714 of the second keypad 700 correspond to each other, 3 region 738 of the first keypad 600 and the third keypad 700 of the second keypad 700 correspond to each other, (3, 3) region 718 of FIG.

For example, in order to input the number 5, the user can select the (3,2) key of the first keypad 600 corresponding to the (3,2) area 716 in which the number 5 of the second keypad 700 is displayed, Area 736 can be pressed.

The correspondence relationship between the areas of the first keypad 600 and the second keypad 700 can be realized in various different forms and is not limited to the embodiments described herein. In addition, the first keypad 600 and the second keypad 700 may be symmetrical in size and shape. That is, the first keypad 600 and the second keypad 700 are not limited to the same size and shape.

8,

FIG. 8 is a view illustrating another example of at least one of the size and the shape between the first keypad 600 and the second keypad 700, according to an embodiment.

The correspondence relationship between the areas of the first keypad 600 and the second keypad 700 can be realized in various different forms and is not limited to the embodiments described herein. In addition, the first keypad 600 and the second keypad 700 may be symmetrical in size and shape. That is, the first keypad 600 and the second keypad 700 are not limited to the same size and shape.

As described in FIGS. 6 (b) and 7 (c), when expressed in the form of a 3 × 3 matrix according to one embodiment, and the respective regions correspond to their relative positions, (1,1) region 804 of the first keypad 700 and the (1,1) region 802 of the second keypad 700 are different in size and shape, and the other components are the same. In the case of shape, it may include case of the same shape or a case where the length of some lines is different, or a case where the shape itself is different from other polygons. However, it is not limited thereto.

9,

FIG. 9 is a diagram illustrating another example of at least one of the sizes and shapes among a plurality of areas included in the first keypad 600 according to an embodiment.

For example, at least one of the first area and the second area of the plurality of areas included in the first keypad 600 may be different in size and shape. (2,3) region 902 and (3,3) region 904 of the first keypad 600 are different in size and shape when expressed in the form of a 3 × 3 matrix according to an embodiment, The other components are the same. In the case of shape, it may include case of the same shape or a case where the length of some lines is different, or a case where the shape itself is different from other polygons. However, it is not limited thereto.

<Fig. 10>

FIG. 10 is a diagram illustrating an example of notifying a user whether dual channel authentication is used according to an embodiment.

According to one embodiment, the first device 1000 recognizes the second device 2000 associated with the first device 1000 and, if the second device 2000 is recognized, can select dual channel authentication Menu can be displayed.

As shown in FIG. 10A, when the first device 1000 and the second device 2000 are connected through a network, the first device 1000 determines whether dual channel authentication is used or not in the first device 1000 A menu screen 1002 for asking can be displayed on the screen. The menu screen 1002 may be displayed in the form of a PIP and is not limited to the embodiments described herein.

10B is a diagram illustrating an operation when a cancel button is input on the menu screen 1002 asking whether to use the dual channel authentication. If cancel is entered, the first device 1000 may display a menu screen 1004 asking whether general authentication is to be used.

10 (c), when the first device 1000 and the second device 2000 are not connected through a network, the first device 1000 is different from the first device 1000 shown in FIG. 10 (a) It is possible to display a menu screen 1004 asking whether to use the general authentication without displaying the menu screen 1002 asking whether or not to use the channel authentication.

11)

11 is a diagram illustrating an authentication system for transmitting a second keypad from a first device 1000 to a second device 2000, according to an embodiment.

In step S1100, the server 3000 stores the first password. The first password may be pre-shared by the user. Also, the first password may include, but is not limited to, Hangul, alphabets, Chinese characters, numbers, punctuation marks, and the like.

In step S1102, the server 3000 may receive a user authentication request from the first device 1000. [

According to one embodiment, the second device can communicate with the server via the first device. In step S1106, the first device 1000 can confirm whether or not the second device 2000 can communicate with each other. If the two devices are connected to each other via the network in step S1108, a menu screen for inquiring whether to use the dual channel authentication can be displayed.

In step S1110, the server 3000 can acquire the second keypad.

In step S1112, the server 3000 may transmit the encrypted second keypad information to the first device 1000. [ The first device 1000 can transmit the encrypted second keypad information to the second device 2000 in step S1114.

The second device 2000 may display a second keypad including the character array information received from the first device 1000 in step S1116. According to one embodiment, the second device 2000 may decrypt the encrypted second keypad information received from the first device 1000. [ Also, the second device 2000 can display the decrypted second keypad.

The second keypad may be generated by the second device 2000 or the server 3000. According to one embodiment, the second keypad may be generated by the server 3000 and then received. In addition, the second keypad may be generated in the server 3000, transmitted to the first device 1000, and then received. The second device 2000 can receive the encrypted second keypad information when the second device 2000 is generated in the server 3000 and then transmitted to the first device 1000. [

When the second device 2000 receives the encrypted second keypad information, the first device 1000 or the server 3000 transmits the encryption key information for decrypting the encrypted second keypad information to the second device 2000, Lt; / RTI &gt; The second device 2000 may receive the encrypted second keypad information and the encryption key information, and may decrypt the received second keypad information using the received encryption key information.

According to an exemplary embodiment, the encryption key information may include at least one of information on an encryption method, information on parameters that need to be set between devices for encryption and decryption, and the like. The encryption key information is not limited to the above example, The necessary information can be included in the process.

Steps S1118 to S1128 correspond to steps S310 to S320 of FIG. 3, respectively, which are described in detail with reference to FIG. 3, and a detailed description thereof will be omitted.

12,

FIG. 12 is a diagram illustrating an example in which the PIP display state of the second keypad is determined according to the control of the first device 1000 or a predetermined time elapse according to an embodiment.

Referring to FIG. 12, a second device (e.g., smart watch 2020) may display a second keypad 700 according to an embodiment in a PIP format. When the first device 1000 and the second device 2020 are connected through a network, the first device 1000 may display a screen 1204 asking whether to remove the PIP. At this time, when the user inputs the OK button 1206, the second device 2020 may not display the second keypad 700. [ On the other hand, when the user inputs the cancel button 1208, the second device 2020 can maintain the display of the second keypad.

The second device 2020 may not display the second keypad 700 when a predetermined time has elapsed since the second keypad 700 was displayed on the second device 2020. [

13,

13 is a diagram illustrating an example of changing the character arrangement included in the second keypad according to an embodiment.

Referring to FIG. 13 (a), the second device 2000 may display a menu screen 1302 for inquiring whether to change the character arrangement of the second keypad.

The second keypad includes a one-time character array and can change the character arrangement of the second keypad by user input. For example, when the user inputs an OK button 1304, the second device 2020 can change the character arrangement of the second keypad. For example, the second device 2020 may generate a character array different from the displayed character array and display the generated character array on the second keypad 700 (FIG. 13B). Alternatively, the second device 2020 may request the server 3000 to generate a character array, receive the character array generated by the server 3000, and display the character array on the second keypad 700.

 On the other hand, when the user inputs the cancel button 1306, the character arrangement of the second keypad remains unchanged.

<Fig. 14>

14 is a flowchart illustrating a method for authenticating a user using an authentication system including an OTP (One Time Password) device according to an embodiment.

According to one embodiment, the second device 2000 may be a device capable of performing other functions in addition to the OTP device or the OTP function. An OTP device is a device that generates a character array that is a random number, and may, according to one embodiment, generate a first password at an OTP device.

In step S1402, the OTP device, which is an embodiment of the second device 2000, registers the OTP device in the server 3000. [ Specifically, the second device 2000 may transmit to the server 3000 information necessary for registering the OTP device such as a user ID and an OTP serial number. In addition, the second device 2000 may transmit the first password to the server 3000. [

In step S1404, the server 3000 receives a user authentication request from the first device 1000. [ A user authentication request means a procedure that demonstrates that the user is entitled to a fair use that is accessible to a specific network, system, and so on. Specifically, it is a procedure for inputting a user ID and a password to a device having a communication function and a data processing function. However, it is not limited thereto.

In step S1406, the server 3000 acquires a second keypad including a character array in response to the user authentication request. According to one embodiment, the server 3000 may acquire a second keypad by additionally using time information corresponding to a user authentication request, a first password, and the like.

In step S1408, the second device 2000 receives the OTP generation request of the user.

In step S1410, the second device 2000 acquires the second keypad corresponding to the OTP generation request of the user. According to one embodiment, the second device 2000 may acquire the second keypad by additionally using the time information corresponding to the OTP generation request, the first password, and the like. At this time, the second keypad acquired by the second device 2000 is the same as the second keypad acquired by the server 3000 in step S1406. According to one embodiment, the second keypad obtained in the second device 2000 is a keypad in which the time information corresponding to the OTP generation request in the second device 2000 corresponds to the user authentication request in the server 3000 The same keypad as the second keypad acquired by the server 3000 may be acquired if the time information is within a predetermined range.

In step S1412, the second device 2000 displays the second keypad obtained in step S1410.

In step S1416, the first device 1000 displays the first keypad.

In step S1418, the first device 1000 may receive a user input for selecting at least one of a plurality of areas included in the first keypad. At this time, the user input may be an input corresponding to a character array included in the second keypad displayed on the second device 2000. According to one embodiment, the first password can be pre-stored in the server. Also, according to one embodiment, the first password generated at the server can be transmitted to the OTP device, and the OTP device can display the first password. The user can view the character array included in the second keypad and select an area corresponding to each of the characters included in the password displayed in the OTP device among the plurality of areas of the first keypad. At this time, the user input may be a touch input or an input for pressing a button, but the present invention is not limited thereto.

Steps S1420 to S1426 correspond to steps S314 to S320 of FIG. 3, respectively, which are described in detail with reference to FIG. 3, and a detailed description thereof will be omitted.

15 and 16,

Figures 15 and 16 are block diagrams of a first device 1000, according to one embodiment.

Referring to FIG. 15, a first device 1000 according to an embodiment may include a control unit 1300, a user input unit 1100, a communication unit 1500, and a display unit 1210. However, not all of the components shown in Fig. 15 are essential components of the first device 1000. [ The first device 1000 may be implemented by more components than the components shown in Fig. 15, or the first device 1000 may be implemented by fewer components than those shown in Fig.

16, the first device 1000 according to one embodiment includes an output unit 1200, a control unit 1300, a display unit 1210, and a communication unit 1500 in addition to a user input unit 1100, a display unit 1210, and a communication unit 1500. [ A sensing unit 1400, an A / V input unit 1600, and a storage unit 1700.

Control unit 1300 typically controls the overall operation of device 1000. For example, the control unit 1300 may include a user input unit 1100, an output unit 1200, a sensing unit 1400, a communication unit 1500, and an A / V input unit (not shown) by executing programs stored in the storage unit 1700 1600) and the like can be generally controlled.

The control unit 1300 stores a signal or data input from the outside of the display device, a RAM used as a storage area corresponding to various operations performed in the display device, and a control program for controlling the display device A ROM, and a processor.

The control unit 1300 can transmit the area information corresponding to the user input to the server 3000 and control the server 3000 to receive the authentication result determined based on the character information and the area information of the second keypad.

The user input unit 1100 means means for the user to input data for controlling the first device 1000. For example, the user input unit 1100 may include a key pad, a dome switch, a touch pad (contact type capacitance type, pressure type resistive type, infrared ray detection type, surface ultrasonic wave conduction type, A tension measuring method, a piezo effect method, etc.), a jog wheel, a jog switch, and the like, but is not limited thereto.

The user input unit 1100 may receive a user input that selects at least one of a plurality of areas of the first keypad.

The output unit 1200 may output an audio signal or a video signal or a vibration signal and the output unit 1200 may include a display unit 1210, an acoustic output unit 1220, and a vibration motor 1230 have.

The display unit 1210 displays and outputs the information processed by the first device 1000. For example, the display unit 1210 may display a first keypad including a plurality of areas.

Meanwhile, when the display unit 1210 and the touch pad have a layer structure and are configured as a touch screen, the display unit 1210 can be used as an input device in addition to the output device. The display unit 1210 may be a liquid crystal display, a thin film transistor-liquid crystal display, an organic light-emitting diode, a flexible display, a three-dimensional display A 3D display, and an electrophoretic display. According to an embodiment of the first device 1000, the first device 1000 may include two or more display units 1210. At this time, the two or more display units 1210 may be arranged to face each other using a hinge.

The audio output unit 1220 outputs audio data received from the communication unit 1500 or stored in the storage unit 1700. The sound output unit 1220 outputs sound signals related to functions (e.g., call signal reception sound, message reception sound, and notification sound) performed in the first device 1000. The sound output unit 1220 may include a speaker, a buzzer, and the like.

The vibration motor 1230 can output a vibration signal. For example, the vibration motor 1230 may output a vibration signal corresponding to an output of audio data or video data (e.g., a call signal reception tone, a message reception tone, etc.). In addition, the vibration motor 1230 may output a vibration signal when a touch is input to the touch screen.

The sensing unit 1400 may sense the state of the first device 1000 or the state around the first device 1000 and may transmit the sensed information to the control unit 1300.

The sensing unit 1400 includes an image sensor 1410, an acceleration sensor 1420, an on / humidity sensor 1430, an infrared sensor 1440, a gyroscope sensor 1450, a position sensor But it is not limited to at least one of a pressure sensor 1460, an air pressure sensor 1470, a proximity sensor 1480, a depth sensor 1490, and a magnetic sensor 1495.

The communication unit 1500 may include one or more components that allow communication between the first device 1000 and the second device 2000 or between the device 1000 and the server 3000. For example, the communication unit 1500 may include a local communication unit 1510, a mobile communication unit 1520, and a broadcast receiving unit 1530.

The short-range wireless communication unit 1510 includes a Bluetooth communication unit, a BLE (Bluetooth Low Energy) communication unit, a Near Field Communication unit, a WLAN communication unit, a Zigbee communication unit, IrDA, an infrared data association) communication unit, a WFD (Wi-Fi Direct) communication unit, an UWB (ultra wideband) communication unit, an Ant + communication unit, and the like.

The mobile communication unit 1520 transmits and receives radio signals to and from at least one of the base station, the external terminal, and the server 3000 on the mobile communication network. Here, the wireless signal may include various types of data depending on a voice call signal, a video call signal, or a text / multimedia message transmission / reception.

The broadcast receiving unit 1530 receives broadcast signals and / or broadcast-related information from outside through a broadcast channel. The broadcast channel may include a satellite channel and a terrestrial channel. The device 1000 may not include the broadcast receiver 1530 according to an embodiment.

In addition, the communication unit 1500 requests user authentication to the server 3000, transmits the area information corresponding to the user input, receives the authentication result determined based on the area information corresponding to the user input from the server 3000 can do.

The A / V (Audio / Video) input unit 1600 is for inputting an audio signal or a video signal, and may include a camera 1610, a microphone 1620, and the like. The camera 1610 can obtain image frames such as still images or moving images through the image sensor 1410 in a video communication mode or a shooting mode. The image captured through the image sensor 1410 can be processed through the control unit 1300 or a separate image processing unit (not shown).

The image frame processed by the camera 1610 may be stored in the storage unit 1700 or may be transmitted to the outside through the communication unit 1500. More than one camera 1610 may be provided according to the configuration of the terminal.

The microphone 1620 receives an external acoustic signal and processes it as electrical voice data. For example, the microphone 1620 may receive acoustic signals from an external device or speaker. The microphone 1620 may use various noise reduction algorithms for eliminating noise generated in receiving an external sound signal.

The storage unit 1700 may store a program for processing and controlling the control unit 1300 and may store data input to or output from the first device 1000. [

The storage unit 1700 may be a flash memory type, a hard disk type, a multimedia card micro type, a card type memory (for example, SD or XD memory) (Random Access Memory) SRAM (Static Random Access Memory), ROM (Read Only Memory), EEPROM (Electrically Erasable Programmable Read-Only Memory), PROM (Programmable Read-Only Memory) A disk, and / or an optical disk.

Programs stored in the storage unit 1700 can be classified into a plurality of modules according to their functions. For example, the programs can be classified into a UI module 1710, a touch screen module 1720, a notification module 1730, have.

The UI module 1710 can provide a specialized UI, a GUI, and the like that are interlocked with the device 1000 for each application. The touch screen module 1720 senses a touch gesture on the user's touch screen and can transmit information on the touch gesture to the control unit 1300. [ The touch screen module 1720 according to one embodiment can recognize and analyze the touch code. The touch screen module 1720 may be configured as separate hardware including a controller.

Various sensors may be provided in or near the touch screen to sense the touch or near touch of the touch screen. An example of a sensor for sensing the touch of the touch screen is a tactile sensor. A tactile sensor is a sensor that detects the contact of a specific object with a degree or more that a person feels. The tactile sensor can detect various information such as the roughness of the contact surface, the rigidity of the contact object, and the temperature of the contact point.

In addition, a proximity sensor is an example of a sensor for sensing the touch of the touch screen.

The proximity sensor refers to a sensor that detects the presence or absence of an object approaching a predetermined detection surface or a nearby object without mechanical contact using the force of an electromagnetic field or infrared rays. Examples of proximity sensors include a transmission type photoelectric sensor, a direct reflection type photoelectric sensor, a mirror reflection type photoelectric sensor, a high frequency oscillation type proximity sensor, a capacitive proximity sensor, a magnetic proximity sensor, and an infrared proximity sensor. The user's touch gestures can include tap, touch & hold, double tap, drag, panning, flick, drag and drop, swipe, and the like.

The notification module 1730 may generate a signal for notifying the occurrence of an event of the first device 1000. Examples of events generated in the first device 1000 include call signal reception, message reception, key signal input, schedule notification, and the like. The notification module 1730 may output a notification signal in the form of a video signal through the display unit 1210 or may output a notification signal in the form of an audio signal through the sound output unit 1220, It is possible to output a notification signal in the form of a vibration signal.

<Fig. 17>

17 is a block diagram of a server 3000, in accordance with one embodiment.

Referring to FIG. 17, a server 3000 according to an embodiment includes at least one control unit 1750, a communication unit 1760, and a storage unit 1770.

The communication unit 1760 can receive the user authentication request and the area information from the first device 1000 and can transmit the user authentication result to the first device 1000. [ In addition, the communication unit 1760 transmits / receives information necessary for acquiring the second keypad to / from the second device 2000.

The control unit 1750 typically controls the overall operation of the server 3000. For example, the control unit 1750 can control the communication unit 1760 by executing the programs stored in the storage unit 1770.

The control unit 1750 stores a signal or data input from the outside of the display device, a RAM used as a storage area corresponding to various operations performed in the display device, and a control program for controlling the display device A ROM, and a processor.

The control unit 1750 obtains the second keypad including the character array in response to the user authentication request and transmits the area information of the first keypad received from the first device 1000 and the area information of the first keypad received from the second device 2000 The second password can be obtained based on the character array information of the second keypad. In addition, the controller 1750 may compare the second password with the first password to determine whether to authenticate.

The storage unit 1770 stores the first password and stores information necessary for user authentication.

18,

18 is a block diagram of a second device 2000, according to one embodiment.

Referring to FIG. 18, a second device 2000 according to an embodiment includes at least one display portion 1800, a control portion 1810, and an image sensor 1820.

The display unit 1800 displays information processed in the second device 2000. The display unit 1800 may display the second keypad corresponding to the user authentication request of the first device 1000. [ The second keypad may include a character array. The second keypad may include a virtual keypad.

The control unit 1810 typically controls the overall operation of the second device 2000. For example, the control unit 1810 can control the display unit 1800 and the image sensor 1820.

The control unit 1810 stores a signal or data input from the outside of the display device, a RAM used as a storage area corresponding to various jobs performed in the display device, and a control program for controlling the display device A ROM, and a processor.

In addition, the controller 1810 may control the virtual keypad to be overlapped on the first keypad using the first keypad image.

The image sensor 1820 can acquire the first keypad image of the first device 1000. [

May also be implemented in the form of a recording medium including instructions executable by a computer, such as program modules, being executed by a computer, in accordance with one embodiment. Computer readable media can be any available media that can be accessed by a computer and includes both volatile and nonvolatile media, removable and non-removable media. In addition, the computer-readable medium can include both computer storage media and communication media. Computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Communication media typically includes any information delivery media, including computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave, or other transport mechanism.

Also, in this specification, the term &quot; part &quot; may be a hardware component such as a processor or a circuit, and / or a software component executed by a hardware component such as a processor.

It will be understood by those skilled in the art that the foregoing description of the present invention is for illustrative purposes only and that those of ordinary skill in the art can readily understand that various changes and modifications may be made without departing from the spirit or essential characteristics of the present invention. will be. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive.

The scope of the present invention is defined by the appended claims rather than the detailed description and all changes or modifications derived from the meaning and scope of the claims and their equivalents are to be construed as being included within the scope of the present invention do.

1000: first device
2000: Second device
3000: Server

Claims (21)

A communication unit for requesting user authentication to the server;
A display unit for displaying a first keypad including a plurality of areas;
A user input for receiving a user input for selecting at least one of the plurality of regions; And
A control unit for transmitting the area information of the first keypad corresponding to the user input to the server and receiving the authentication result determined based on the character arrangement information of the second keypad and the area information of the first keypad,
And a second device. The method according to claim 1,
Wherein a user input for selecting at least one of the plurality of areas is input from a user corresponding to a character array included in the second keypad displayed on the second device. The method according to claim 1,
Wherein at least one of a size and a shape of the first area and the second area of the plurality of areas included in the first keypad is different. The method according to claim 1,
Wherein,
Wherein the first device recognizes a second device associated with the first device, and if the second device is recognized, displays a menu that allows the user to select dual channel authentication. A user authentication method using a first device,
Requesting user authentication with the server;
The method comprising: displaying a first keypad including a plurality of regions;
Receiving a user input for selecting at least one of the plurality of regions;
Transmitting region information of the first keypad corresponding to the user input to the server; And
Receiving from the server an authentication result determined based on character arrangement information of a second keypad and area information of the first keypad;
And a user authentication method. 6. The method of claim 5,
Wherein a user input for selecting at least one of the plurality of areas is input from a user corresponding to a character array included in the second keypad displayed on the second device. 6. The method of claim 5,
Wherein at least one of size and shape of the first area and the second area of the plurality of areas included in the first keypad is different. 6. The method of claim 5,
The method comprises:
Recognizing a second device associated with the first device; And
And if the second device is recognized, displaying a menu for selecting dual channel authentication. A storage unit for storing a first password;
A communication unit for receiving user authentication request from the first device and area information of the first keypad corresponding to a user input for selecting at least one of a plurality of areas included in the first keypad; And
Acquiring a second keypad including a character array corresponding to the user authentication request, acquiring a second password based on the received area information of the first keypad and character array information of the second keypad,
A controller for comparing the first password with the second password to determine whether to authenticate the first password;
. 10. The method of claim 9,
Wherein,
Generating the second keypad in response to the user authentication request,
Wherein,
And receives the second keypad from an external device. In a method of authenticating a user of a server,
Storing a first password;
Receiving a user authentication request from a first device;
Obtaining a second keypad including a character array corresponding to the user authentication request;
Receiving area information of the first keypad corresponding to a user input that selects at least one of a plurality of areas included in the first keypad from the first device;
Obtaining a second password based on the received area information of the first keypad and the character array information of the second keypad; And
Comparing the first password with the second password to determine whether to authenticate the user;
And a user authentication method. 11. The method of claim 10,
Wherein the second keypad comprises:
In response to the user authentication request,
A server,
The user authentication method being received from an external device. A display unit displaying a virtual keypad including a character array generated in response to a user authentication request of the first device;
An image sensor for acquiring a first keypad image displayed on the first device; And
A control unit for controlling the virtual keypad to be overlapped with the first keypad using the first keypad image;
Lt; / RTI &gt;
Wherein the first keypad comprises a plurality of regions in which no characters are displayed. 14. The method of claim 13,
Wherein the virtual keypad and the first keypad are the same in size and shape. 14. The method of claim 13,
Wherein,
And controls each of the characters included in the virtual keypad to be overlapped and displayed in each of a plurality of areas included in the first keypad. 14. The method of claim 13,
Wherein,
And controls the virtual keypad to be displayed on the transparent display so that the virtual keypad overlaps with the first keypad viewed through the transparent display. A user authentication method using a second device,
Obtaining a first keypad image displayed on the first device; And
Displaying the virtual keypad to overlap the first keypad using the first keypad image;
Lt; / RTI &gt;
Wherein the first keypad includes a plurality of areas in which characters are not displayed,
Wherein the virtual keypad comprises a character array generated in response to a user authentication request of the first device. 18. The method of claim 17,
Wherein the virtual keypad and the first keypad have the same size and shape. 18. The method of claim 17,
Wherein the step of displaying the virtual keypad so as to overlap the first keypad comprises:
And displaying each of characters included in the virtual keypad to overlap each of a plurality of areas included in the first keypad. 18. The method of claim 17,
Wherein the step of displaying the virtual keypad so as to overlap the first keypad comprises:
And displaying the virtual keypad on the transparent display such that the virtual keypad overlaps the first keypad viewed through the transparent display. In a user authentication system,
server;
A first device for requesting user authentication to the server and displaying a first keypad including a plurality of areas; And
A second device for displaying a second keypad including a character array generated corresponding to the user authentication request;
Lt; / RTI &gt;
Wherein the first device receives a user input for selecting at least one of the plurality of areas corresponding to a character array included in the second keypad, and receives area information of the first keypad corresponding to the user input Server,
Wherein the server obtains a password based on the received area information of the first keypad and the character array information of the second keypad and determines whether or not to authenticate based on the obtained password.

Images