KR20170015038A - System and method for user authentication using mobile number and personal information - Google Patents

Abstract

The present invention relates to a user authentication system using a mobile phone number and personal information and a method thereof. The user authentication system using a mobile phone number and personal information according to the present invention includes the steps of: enabling a user authentication system to receive a user authentication request from a user terminal of a user; enabling the user authentication system to connect a call to a mobile terminal of the user; enabling the user authentication system to receive first user check information; and performing authentication of the user. Accordingly, the present invention can easily log in an online service by using the mobile phone number and the personal information without ID/PW for login.

Description

Technical Field [0001] The present invention relates to a system and method for authenticating a user using a mobile phone number and personal information,

The present invention relates to a system and method for authenticating a user, and more particularly, to a system and method for authenticating a user using his / her mobile phone number and pre-registered personal information to transmit a predetermined service (for example, login, ID / password search, (E.g., authentication), and to re-register the mobile phone number of the user when the mobile phone number is changed.

Recently, wired / wireless communication network has been developed and various online services such as online commerce and internet banking have been provided as computers and internet have been spread to each household. Because of the nature of these services, it is very important that they authenticate themselves to ensure that the user has the right to use the service.

Conventionally, an ID / PW-based method for authenticating a legitimate user based on whether or not an ID and a password (P / W) registered in advance have been correctly input is mainly used. However, this method uses personal information of a user obtained through an incorrect path (ID) or a password can be illegally obtained by using the service, or a packet sniffing or keystroke interceptor or phishing, which is relatively widely spread on the network, And the password could be hacked. Further, in the case where the ID / PW registered in advance is lost or forgotten, there is a disadvantage that a very complicated procedure is required to search for an ID / PW that can not be logged in or has been forgotten.

The present invention has been made in view of the above problems, and it is an object of the present invention to provide a method and system for authenticating a user using a mobile phone number and registered personal information, And to provide a system and method for re-registering a changed number.

According to an aspect of the present invention, there is provided a method of authenticating a person, comprising the steps of: receiving a user authentication request including a user's mobile phone number from a user terminal of the user; Connecting the phone call to the mobile terminal of the user using the mobile phone number included in the mobile phone number authentication request, Wherein the first identity verification information for the user includes information corresponding to at least a part of the user's personal information registered in advance with the user's previously registered mobile phone number, , The first identification information of the user received via the telephone call is stored in the pre- Performing authentication of the user with respect to the user based on whether or not the user's personal information matches a portion corresponding to the first identification information of the user, wherein the authentication method comprises the steps of: If the registered mobile telephone number and the mobile telephone number of the user included in the user authentication request are different from each other, the first personal identification information and the user's personal name including the changed mobile telephone number of the user included in the user authentication request Transmitting a request to the communication company system corresponding to the changed mobile phone number to confirm whether the changed mobile phone number is the name of the user; and when the changed mobile phone number is confirmed by the user's name, The mobile phone number is changed to the changed mobile phone number included in the authentication request And re-registering the authentication information.

In one embodiment, the authentication request further includes second identification information for the user, the first identification information for the user being information corresponding to at least a part of the user's personal information registered in advance, The first identification information, the second identification information, and the changed mobile phone number to the communication company system corresponding to the changed mobile phone number, And checking whether the changed mobile phone number is the name of the user.

In one embodiment, the user authentication request further includes second identification information for the user, which is information corresponding to at least a part of the personal information of the user registered in advance, and performs authentication of the user , The step of determining whether the first identification information of the user received via the telephone call matches the portion corresponding to the first identification information of the user registered in advance with the identification information of the user, Performing the authentication of the user based on whether the second identification information of the user included in the user matches the portion of the personal information of the user registered in advance corresponding to the second identification information .

In one embodiment, the authentication method further includes the step of transmitting the one-time authentication information to the user terminal so that the one-time authentication information corresponding to the authentication request is output to the user terminal, Further comprising the step of receiving the one-time authentication information from the mobile terminal through the call, wherein the first identity verification information of the user received through the phone call is the first identity of the user The step of authenticating the user based on whether or not the user identity information matches the information corresponding to the information includes the step of authenticating the first identity information of the user, And whether the one-time authentication information is correctly received from the mobile terminal It can include base to perform identity authentication on the user.

In one embodiment, the authentication method of the present invention is such that the authentication system transmits the one-time authentication information to the mobile terminal through the telephone call so that the one-time authentication information corresponding to the authentication request is output to the mobile terminal Further comprising receiving the one-time authentication information from the user terminal, wherein the first authentication information includes a first identification information of the user received via the telephone call and a second identification information of the user, The step of authenticating the user may include determining whether the first identity verification information of the user matches the first identity verification information among the personal information of the user registered in advance and whether the one-time authentication information is correctly received from the user terminal And performing authentication of the user with respect to the user .

In one embodiment, the personal information of the user registered in advance may include at least one of the user's name, date of birth, resident registration number, payment means information, wire telephone number, sex, email address, and address.

In one embodiment, the authentication method further includes receiving a secret code from the user terminal of the user or the mobile terminal of the user, wherein performing authentication of the user includes: 1 < / RTI > whether or not the personal identification information matches the first personal identification information of the user registered in advance, and whether or not the secret code received from the user terminal or the mobile terminal is a pre- And performing authentication of the user based on whether or not the user authentication is coincident with the authentication result.

In one embodiment, the pre-registered secret code of the user may include at least one of the credit card password of the user and the financial account password of the user.

In one embodiment, the authentication method further comprises: when the authentication of the user is successful, logging into the account of the user or transmitting a login ID and password corresponding to the account of the user to the user terminal or the mobile terminal .

According to another aspect of the present invention, there is provided a method for authenticating a user, comprising the steps of: receiving a user authentication request including a user's mobile phone number from a user terminal of the user; Connecting the telephone call to the mobile terminal of the user by using the mobile telephone number included in the request, and the personal authentication system further comprises a step of transmitting, from the mobile terminal through the connected telephone call, Receiving first identity verification information for a user, wherein the first identity verification information for the user includes at least one of a user's first mobile phone number, Information, a secret code from the user terminal of the user or the mobile terminal of the user Wherein the first identification information of the user matches with the first identification information of the user registered in advance and the first identification information of the user is stored in the secret information received from the user terminal of the user or the mobile terminal of the user And performing authentication of the user based on whether or not the code matches the previously registered user's pre-registered secret code.

According to another aspect of the present invention, there is provided a computer program installed in a data processing apparatus and stored in a recording medium for performing the above-described method.

According to another aspect of the present invention, there is provided a personal authentication system comprising a processor, a memory storing a program, and the program, when executed by the processor, causes the authentication system to perform the method A self-certification system is provided.

According to another aspect of the present invention, there is provided a personal authentication system comprising: a personal authentication request receiving module for receiving a personal authentication request including a user's mobile phone number from a user terminal of a user; A telephone call module for connecting a telephone call to the mobile terminal of the user by using the number, and first identification information for the user requesting authentication of the user through the user terminal from the mobile terminal through the connected telephone call Wherein the first identity verification information for the user corresponds to at least a part of the personal information of the user previously registered with the user's previously registered mobile phone number, The first personal identification information of the user received through the personal information management server The first mobile telephone number of the user registered in advance and the first mobile telephone number of the user registered in the user authentication request, When the mobile telephone numbers of the users are different from each other, transmits a confirmation request of the user's name including the first identification information and the changed mobile telephone number of the user included in the user authentication request to the communication company system corresponding to the changed mobile telephone number A name confirmation module for confirming whether or not the changed mobile phone number is the name of the user, and, if the changed mobile phone number is confirmed by the user's name, the mobile phone number of the user is included in the user authentication request And a re-registration module for re-registering the changed mobile phone number The identity authentication system is provided.

In one embodiment, the identity authentication request further includes second identity verification information for the user, the first identity verification information being information corresponding to at least a part of the personal information of the user registered in advance, The second identification information, the second identification information, and the changed mobile phone number to the communication company system corresponding to the changed mobile phone number to determine whether the changed mobile phone number is the user's name Can be confirmed.

In one embodiment, the personal authentication request further includes second identification information for the user, the information being information corresponding to at least a part of the personal information of the user registered in advance, Whether or not the first identification information of the user received through the first authentication unit matches the first identification information of the user registered in advance and the second identification information of the user included in the identification request, It is possible to perform the authentication of the user based on whether the identification information matches the portion corresponding to the second identification information of the user registered in advance.

The one-time authentication information module transmits the one-time authentication information to the user terminal so that one-time authentication information corresponding to the user authentication request is output to the user terminal. Further comprising a one-time authentication information receiving module for receiving the one-time authentication information from the mobile terminal, wherein the control module transmits the one-time authentication information to the mobile terminal, And whether or not the one-time authentication information is correctly received from the mobile terminal.

The one-time authentication information module transmits the one-time authentication information to the mobile terminal through the telephone call so that one-time authentication information corresponding to the authentication request is output to the mobile terminal. Further comprising a one-time authentication information receiving module for receiving the one-time authentication information from the user terminal, wherein the control module is configured to transmit the one-time authentication information from the user terminal to the one- And authenticate the user based on whether the one-time authentication information is correctly received from the user terminal.

In one embodiment, the authentication system further includes a secret code receiving module for receiving a secret code from the user terminal of the user or the mobile terminal of the user, wherein the control module includes: Whether or not the secret code received from the user terminal or the mobile terminal coincides with the first identification information of the user registered in advance and whether or not the secret code received from the user terminal or the mobile terminal matches the previously registered user's registered secret code Authentication of the user can be performed based on the authentication information.

In one embodiment, the authentication system of the present invention may be configured such that when the authentication of the user is successful, the user authentication system logs in the account of the user or transmits a login ID and a password corresponding to the account of the user to the user terminal or the mobile terminal And a login module for performing authentication.

According to another aspect of the present invention, there is provided a personal authentication system comprising: a personal authentication request receiving module for receiving a personal authentication request including a mobile phone number of a user from a user terminal of a user; A telephone call module for connecting a telephone call to the mobile terminal of the user using the mobile telephone number included in the first telephone number, a first telephone terminal for requesting authentication of the user via the telephone terminal from the mobile terminal via the user terminal, A personal identification information receiving module for receiving personal identification information, wherein the first identification information for the user includes information corresponding to at least a part of the personal information of the user registered in advance with the user's previously registered mobile phone number , A secret code from the user terminal of the user or the mobile terminal of the user The personal identification information of the user and whether or not the first identification information of the user matches the first identification information of the user registered in advance and the first identification information of the user is received from the user terminal or the mobile terminal of the user And a control module for performing authentication of the user based on whether or not the secret code coincides with the previously registered user's previously registered secret code.

According to an embodiment of the present invention, the user's mobile phone number plays a role similar to the ID in the conventional ID / PW-based personal authentication, and the first identification information input through the mobile phone number is similar to the PW can do. However, according to the technical idea of the present invention, the user can easily log in to the online service using his / her mobile phone number and personal information, which is easily memorized by him / herself. If the user loses or does not remember the ID / PW for login It is easy to log in to the online service.

In addition, since the mobile phone number and personal information for authenticating the user to the user are not transmitted through one channel but transmitted through different channels (for example, the Internet and mobile communication network), the effect of enhancing security can be improved have.

Particularly, since personal information of a user finally used in authentication of the user is input through a mobile terminal possessed by the user, that is, through a single registered personal channel, an extremely high level of security can be secured.

Also, it is possible to provide a technical idea that allows a party requesting authentication information about a user via a mobile communication network to check whether the authentication authority is a legitimate authentication authority. That is, according to an embodiment of the present invention, the user is notified of the identification information of the organization that will request the authentication information through the mobile communication network, so that the user requests the authentication information without providing the identification information It is possible to block the child.

In addition, according to the embodiment of the present invention, it is possible to provide a technical idea that the changed mobile telephone number can be easily changed when the mobile telephone number of the user is changed. That is, according to the embodiment of the present invention, even if the mobile telephone number of the user is changed, the user can perform the personal authentication according to the technical idea of the present invention by using the changed mobile telephone number.

Further, according to the technical idea of the present invention, since a user who is close to a user (for example, a family) can temporarily occupy the mobile terminal of the user and know all the personal information of the user, There may be risks. In order to prevent such a case, additional authentication is performed using information (e.g., a credit card password or an account password) that is only known to the user, thereby authenticating the user by using only information previously registered on the authentication side There is an effect that can be.

BRIEF DESCRIPTION OF THE DRAWINGS A brief description of each drawing is provided to more fully understand the drawings recited in the description of the invention.
FIG. 1 is a conceptual illustration of a personal authentication system according to an embodiment of the present invention.
2 is a block diagram for explaining a schematic configuration of a personal authentication system according to an embodiment of the present invention.
3 is a diagram for explaining the flow of the authentication method according to the embodiment of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS The present invention is capable of various modifications and various embodiments, and specific embodiments are illustrated in the drawings and described in detail in the detailed description. It is to be understood, however, that the invention is not to be limited to the specific embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.

The terms first, second, etc. may be used to describe various components, but the components should not be limited by the terms. The terms are used only for the purpose of distinguishing one component from another.

The terminology used in this application is used only to describe a specific embodiment and is not intended to limit the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise.

In this specification, the terms "comprises" or "having" and the like refer to the presence of stated features, integers, steps, operations, elements, components, or combinations thereof, But do not preclude the presence or addition of features, numbers, steps, operations, components, parts, or combinations thereof.

Also, in this specification, when any one element 'transmits' data to another element, the element may transmit the data directly to the other element, or may be transmitted through at least one other element And may transmit the data to the other component. Conversely, when one element 'directly transmits' data to another element, it means that the data is transmitted to the other element without passing through another element in the element.

Hereinafter, the present invention will be described in detail with reference to the embodiments of the present invention with reference to the accompanying drawings. Like reference symbols in the drawings denote like elements.

FIG. 1 is a conceptual illustration of a personal authentication system according to an embodiment of the present invention.

Referring to FIG. 1, a personal authentication system 100 may be provided to implement a personal authentication method according to an embodiment of the present invention.

The identity authentication system 100 can receive the authentication request from the user terminal 210. [ The user terminal 210 may send a login request to the service providing system 300 providing a predetermined online service (e.g., online settlement, online shopping mall, online community, SNS, etc.) The user authentication system 100 transmits a user authentication request to a user who uses the user terminal 210 together with or in response to a query request for a login ID / password (P / W) As shown in FIG. That is, the user using the user terminal 210 can log in to the service providing system 300 or acquire account information (i.e., ID / PW) for logging in the service providing system 300 The authentication system 100 can be used.

Meanwhile, an account for the user may be generated in advance in the service providing system 300. When the account of the user is created, the mobile phone number and personal information of the user may be registered in advance. That is, the user may register the mobile telephone number of his / her mobile terminal 220 and the personal information of the user in advance in the service providing system 300 before performing the user authentication.

The personal information of the user includes at least one of the name, date of birth, resident registration number, financial account information, payment means information (for example, credit card number, check card number, password, etc.), wire telephone number, gender, And may include at least one. It is needless to say that the personal information of the user may include any information depending on the user.

The mobile phone number and the personal information registered in advance in the service providing system 300 may be later used by the identity authentication system 100 for identity authentication. That is, the personal authentication system 100 can acquire, from the service providing system 300, previously registered personal information necessary for personal authentication.

1, the authentication system 100 may be implemented as a separate system separate from the service providing system 300. According to an embodiment of the present invention, the authentication system 100 may include the service providing system 300 As shown in FIG. In the former case, the service providing system 300 and the authentication system 100 may be connected to each other via a network to transmit / receive various information and / or data necessary to implement the technical idea of the present invention. In the latter case, the identity authentication system 100 may be a subsystem of the service providing system 300 or a combination of software and hardware installed in the service providing system 300.

The user terminal 210 may be used to include any type of data processing device (e.g., laptop, desktop, mobile terminal, set-top box, etc.) capable of requesting authentication to the identity authentication system 100 have.

The identity authentication system 100 can be any type of data processing system (e.g., a predetermined web site, web page, two-way broadcast, etc.) that can be accessed by the terminal 210 and can receive an authentication request .

In one embodiment, when the user wants to use an online payment, a predetermined merchant system (not shown) may exist between the user terminal 210 and the user authentication system 100, The system 100 can receive the authentication request from the merchant system. That is, the merchant system can receive the authentication request together with the payment request through the terminal 210 of the user, and can transmit the authentication request to the authentication system 100 of the user.

The authentication request may be performed through a predetermined wired / wireless data communication network, i.e., a first communication channel (e.g., Internet, as shown in FIG. 1).

The user authentication request may include a mobile phone number (for example, a mobile phone number, a USIM number, etc.) of the mobile terminal 220 of the user input by the user terminal 210. That is, the user can input his or her mobile phone number (mobile phone number, USIM number, etc.) while requesting authentication of the user through his / her terminal 210. The mobile phone number may be the phone number of the mobile terminal 220 used by the user requesting authentication.

Meanwhile, the identity authentication system 100 may perform a predetermined process for identity authentication using the mobile phone number of the mobile terminal 220 received according to the technical idea of the present invention. To this end, the identity authentication system 100 may request the first mobile terminal 220 to use the first identity verification information to be used for identity authentication, using the mobile phone number. And may receive the identity verification information from the mobile terminal 220. At this time, the identity authentication system 100 may request information required for authentication through a second communication channel (for example, a mobile communication network as shown in FIG. 1) different from the first communication channel.

The identity verification information may be information corresponding to at least a part of the personal information of the user registered in advance. For example, if the mobile telephone number, the name, and the date of birth of the user are registered in advance in the identity authentication system 100, the identity information may be a name and / or a date of birth. Or the identity information may be part of the name and / or date of birth.

In one embodiment, the identity authentication system 100 may include a predetermined Auto Response System (ARS) to connect a phone call with the mobile terminal 220, And can receive the identity verification information through the ARS. According to an embodiment, the identity authentication system 100 may implement the technical idea of the present invention by being connected to a predetermined ARS and controlling the ARS.

That is, in one embodiment, the identity authentication system 100 can perform an ARS call to the mobile terminal 220 corresponding to the mobile phone number, and when an ARS call, that is, a phone call is connected, (I.e., first identity verification information). For example, the identity authentication system 100 may extract a mobile phone number included in the received authentication request and output the extracted mobile phone number to a predetermined ARS. Then, the ARS may connect a wireless call to the mobile terminal 220. In other words, a call can be made. Then, the ARS can request information (e.g., first identity verification information) required for authentication of the user from the mobile terminal 220. [ When the user inputs the first identity verification information in response to the request, the identity authentication system 100 can receive the information input from the ARS system and perform authentication using the same. More specifically, the identity authentication system 100 is configured to allow the first identity verification information of the user received through the telephone call to match the first identity verification information of the user, The authentication of the user can be performed. For example, the identity authentication system 100 may request the user to input his / her date of birth and / or name corresponding to the mobile phone number through the mobile phone 220, Authentication of the user can be performed by comparing the date of birth and / or the name of the user inputted by the user and received via the telephone call with the information previously registered in the DB.

As described above, when the information necessary for the authentication of the user is inputted through the telephone call as in the above-described embodiment of the present invention, it is not necessary to install a predetermined IC chip or other software for the user authentication in the mobile terminal 220 . Therefore, a conventional service such as a 2G phone or the like can be utilized.

Meanwhile, the mobile terminal 220 may be a computing device including a mobile phone, a smart phone, a tablet PC, and a PDA (Personal Digital Assistant), and may be a wireless computing device including a handheld device having a wireless connection function, Or may be a processing device coupled to a wireless modem.

Meanwhile, according to an embodiment, the authentication request may further include identity verification information. Hereinafter, the identity verification information included in the authentication request is referred to as the second identity verification information in order to distinguish the identity verification information included in the authentication request from the first identity verification information.

The second identity information may be information corresponding to at least a part of the personal information of the user previously registered in the identity authentication system 100. For example, if the mobile telephone number, the name, and the date of birth of the user are registered in advance in the identity authentication system 100, the identity information may be a name and / or a date of birth. Or the identity information may be part of the name and / or date of birth.

The user authentication system 100 may provide a predetermined UI for a user to input his or her mobile phone number and / or second identification information, the user terminal 210 displays a provided UI, The user may enter the mobile phone number and / or the second identity information on the provided UI.

In one embodiment, the second identity information may be used to primarily determine whether the user who made the identity authentication request is a valid user corresponding to the mobile phone number. More specifically, the identity authentication system 100 uses the mobile phone number when the second identity verification information matches with a portion corresponding to the second identity verification information among the personal information of the user previously registered A telephone call can be connected to the mobile terminal of the user, and the first identity verification information can be received through the telephone call connected as described above, and authentication can be performed using the first identity verification information. For example, when the identity authentication system 100 receives a user authentication request including the mobile phone number and the user's date of birth and / or name corresponding thereto, the user authentication system 100 determines whether the user's date of birth and / Or whether or not the name matches the previously registered information.

In another embodiment, the identity authentication system 100 may perform identity authentication based on the combination of the first identity verification information and the second identity verification information. More specifically, the identity authentication system 100 may be configured such that the first identity verification information of the user received via the telephone call matches with a portion of the personal information of the previously registered user corresponding to the first identity verification information Based on whether or not the second identification information of the user included in the authentication request is identical to the portion corresponding to the second identification information of the previously registered user, You can perform authentication for yourself.

According to the technical idea of the present invention, the mobile telephone number of the user is similar to the ID in the conventional ID / PW-based personal authentication, and the first identification information input through the mobile telephone number is PW It can play a similar role. However, according to the technical idea of the present invention as described above, the user can easily log in the online service using his / her mobile phone number and personal information, which is easy for him / her to remember, Even if you do not remember, you can easily log in to online services.

On the other hand, the personal information of the user may be information that is close to the user or easily known by the family. Therefore, the identity authentication system 100 may further use secret code information known only to the user to enhance security. In more detail, the identity authentication system 100 may provide a predetermined UI for allowing a user to input a secret code, the user terminal 210 displays a provided UI, You can enter a secret code. The secret code may include at least one of the credit card password of the user and the financial account password of the user. In this case, the UI provided by the principal authentication system 100 may include the credit card number or the financial account number of the user, and the user may use the credit card number included in the provided UI or the secret number corresponding to the financial account number You can enter the code. The entered secret code may be transmitted to the identity authentication system 100 and used for identity authentication. That is, the identity authentication system 100 can further determine whether the secret code received from the user terminal 210 in the identity authentication process matches the previously registered user's registered secret code.

Meanwhile, according to an embodiment, the secret code may be input through the mobile terminal 220 of the user. In this case, the identity authentication system 100 transmits a guidance voice (e.g., 'Enter the password of your credit card number XXXX-XXXX-XXXX') for guiding the input of the secret code to the mobile phone through the telephone call. Etc.), and the user can input the secret code according to the announcement voice.

Meanwhile, according to an embodiment of the present invention, the identity authentication system 100 may provide a technical idea to authenticate the user to the user before receiving the identification information required for the authentication through the mobile terminal 220 have. That is, according to one embodiment of the present invention, the identity authentication system 100 can confirm to the user that the identity authentication system 100 is a proper identity authentication authority.

To this end, in one embodiment, the identity authentication system 100 first causes predetermined system identification information to be output to the user terminal 210, and then inputs identification information required for authentication through the mobile terminal 220 The same system identification information may be output to the mobile terminal 220. [

For example, the identity authentication system 100 may cause the user terminal 210 to output the calling number of the ARS call. Then, when the identity authentication system 100 connects an ARS call to the mobile terminal 220 of the user, the calling number of the ARS call may be output to the mobile terminal 220 of the user. Therefore, the user can confirm that the subject who intends to connect the ARS call to his or her mobile terminal 220 is the identity authentication system 100.

The system identification information is not necessarily the originating number. The identity authentication system 100 may transmit a predetermined notification message (for example, a notification message of a mobile communication company's lettering service) to be output to the mobile terminal 220 when the ARS call is connected through the mobile terminal 220 And display it on the user terminal 210. In this case, the guidance statement may be changed every time.

Meanwhile, the identity authentication system 100 may further use one-time authentication information (e.g., OTP (One Time Password)) to further enhance security.

In one embodiment, the identity authentication system 100 may transmit the one-time authentication information to the user terminal 210 and verify whether the transmitted one-time authentication information is returned through the mobile terminal 220, It is also possible to transmit the one-time authentication information to the mobile terminal 220 and to verify whether the transmitted one-time authentication information is returned through the user terminal 220. [

That is, in one embodiment, the identity authentication system 100 may allow the user terminal 210 which transmitted the identity authentication request to receive the one-time authentication information corresponding to the identity authentication request. Then, the user terminal 210 can display the received one-time authentication information so that the user can recognize the one-time authentication information. Then, the identity authentication system 100 may further determine whether or not the same information as the one-time authentication information transmitted to the user terminal 210 is received from the mobile terminal 220, thereby further enhancing the security. That is, by using the one-time authentication information, it is possible to verify that the user who made the authentication request through the user terminal 210 has the mobile terminal 220.

In another embodiment, the identity authentication system 100 may send one-time authentication information to the mobile terminal 220 via a telephone call. In this case, the mobile terminal 220 can output the received one-time authentication information. Then, the identity authentication system 100 can further determine whether or not the same information as the one-time authentication information transmitted to the mobile terminal 220 is received from the user terminal 210.

On the other hand, in one embodiment, the one-time authentication information may be issued by the identity authentication system 100. In this case, the identity authentication system 100 can issue the one-time authentication information to the user terminal 210 upon receiving the authentication request from the user terminal 210.

In one embodiment, the one-time authentication information may be issued by another server at the request of the identity authentication system 100. In this case, the server issuing the one-time authentication information may send the one- To the terminal (210). Then, the user terminal 210 can display the received one-time authentication information so that the user can recognize the one-time authentication information.

In another embodiment, the one-time authentication information is issued by another server at the request of the principal authentication system 100, but a server (for example, the card company system 300) issuing the one-time authentication information And may transmit the one-time authentication information to the identity authentication system 100. In this case, the entity that transmits the issued one-time authentication information to the user terminal 210 may be the identity authentication system 100.

The one-time authentication information may be a value that is written once and discarded. That is, the one-time authentication information may be used for authentication of the user corresponding to the user terminal 210. Once the one-time authentication information is used for authentication of the user, the one-time authentication information is discarded and not used again I can not.

Meanwhile, there may be a case where the user changes his / her mobile terminal to another mobile terminal having a new mobile phone number or changes the mobile phone number of the mobile terminal to a new mobile phone number. In this case, the identity authentication system 100 according to the embodiment of the present invention can provide a technical idea that allows the user to change the mobile phone number previously registered in the service providing system 300 to the changed mobile phone number have. Accordingly, the user can change the previously registered mobile phone number to another mobile phone number and re-register to carry out the identity authentication using the new mobile phone number and the personal information.

In one embodiment, the procedure for changing the mobile telephone number may be initiated by a personal authentication request sent from the user terminal 210 of the user. That is, if the mobile telephone number (pre-registered mobile telephone number) previously registered before the user requests the authentication of the user is different from the mobile telephone number (modified mobile telephone number) included in the user authentication request, The authentication system 100 may first perform the mobile phone number change procedure before performing the authentication procedure.

In the present embodiment, the identity authentication system 100 is configured to transmit the first identity verification information (if the second identity verification information is included in the identity verification request, the first identity verification information and the second identity verification information are " And can compare the mobile telephone number of the user registered in advance in the service providing system 100 with the mobile telephone number included in the user authentication request. If the mobile phone number of the user registered in advance is different from the mobile phone number included in the user authentication request, the authentication system 100 may perform the mobile phone number change procedure. That is, when the mobile telephone number of the user registered in advance and the mobile telephone number of the user included in the user authentication request are different from each other, the identity authentication system 100 checks the first identity verification information, And transmits the confirmation request of the user's name including the changed mobile phone number of the user included in the authentication request to the communication company system 400 corresponding to the changed mobile phone number, If the changed mobile phone number is confirmed by the user's name, the mobile phone number of the user is changed to the changed mobile phone number included in the user authentication request, You can register.

In the present embodiment, the first identity verification information (information in which the first identity verification information and the second identity verification information are combined when the second identity verification information is included in the identity authentication request) And may include a minimum amount of information to specify. For example, if the first identification information (the second identification information is included in the identification request, the first identification information and the second identification information are combined) A resident registration number, or payment information of the user (for example, a credit card number, etc.). Also, the first company identification information (information in which the first identification information and the second identification information are combined when the second identification information is included in the identification request) is transmitted to the communication company system 400 And may further include information required to confirm the name of the changed mobile telephone number. For example, the first personal identification information (information in which the first personal identification information and the second personal identification information are combined when the second personal identification information is included in the personal identification request) includes a date of birth, sex, You can include more names.

Meanwhile, the user authentication request may include communication company information (e.g., SKT, KT, LG, etc.) corresponding to the changed mobile phone number.

In another embodiment, the procedure for changing the mobile telephone number may be initiated by a mobile telephone number change request sent from the user terminal 210 of the user. The mobile phone number change request may include the changed mobile phone number of the user. The identity authentication system 100 transmits the first identity verification information and the changed mobile phone number of the user to the communication company system 400 corresponding to the changed mobile phone number in response to the phone number change request, It is possible to confirm whether or not the mobile telephone number is the name of the user. If the changed mobile telephone number is confirmed by the user's name, the mobile telephone number of the user is changed to the changed mobile telephone number included in the telephone number change request Change and re-register.

2 is a block diagram for explaining a schematic configuration of a personal authentication system according to an embodiment of the present invention. 2, the personal authentication system 100 includes a personal information acquisition module 110, a personal authentication request reception module 120, a telephone call module 130, a personal identification information reception module 140, Module 150, a secret code receiving module 155, a one-time authentication information module 160, a one-time authentication information receiving module 170, a login module 180, a phone number change request receiving module 185, 190, and a change module 195. According to an embodiment of the present invention, some of the above-mentioned components may not necessarily correspond to components necessary for implementation of the present invention. Also, according to an embodiment, It goes without saying that more components may be included.

The identity authentication system 100 may include hardware resources and / or software necessary for implementing the technical idea of the present invention, and it means one physical component or one device no. That is, the identity authentication system 100 may mean a logical combination of hardware and / or software provided to implement the technical idea of the present invention. If necessary, The present invention may be embodied as a set of logical structures for realizing the technical idea of the present invention. Also, the identity authentication system 100 may mean a set of configurations separately implemented for each function or role for implementing the technical idea of the present invention. For example, the personal information acquisition module 110, the personal authentication request reception module 120, the telephone call module 130, the personal identification information reception module 140, the control module 150, the secret code reception module 155 The one-time authentication information module 160, the one-time authentication information receiving module 170, the login module 180 and / or the telephone number change request receiving module 185, the name confirmation module 190, and the change module 195 May be located in different physical devices, or may be located in the same physical device. The personal information acquisition module 110, the personal authentication request reception module 120, the telephone call module 130, the personal identification information reception module 140, the control module 150, Module 155, a one-time authentication information module 160, a one-time authentication information receiving module 170, a login module 180, a phone number change request receiving module 185, a name confirmation module 190, and / 195 may also be located in different physical devices, and configurations located in different physical devices may be combined with each other to implement each of the modules.

In this specification, a module may mean a functional and structural combination of hardware for carrying out the technical idea of the present invention and software for driving the hardware. For example, the module may refer to a logical unit of a predetermined code and a hardware resource for executing the predetermined code, and it does not necessarily mean a physically connected code or a kind of hardware But can be easily deduced to the average expert in the field of the present invention.

The control module 150 may control the other components included in the authentication system 100 such as the personal information acquisition module 110, the authentication request receiving module 120, the phone call module 130, The authentication information receiving module 140, the secret code receiving module 155, the one-time authentication information module 160, the one-time authentication information receiving module 170, the login module 180 and / The name verification module 190, the modification module 195, and the like).

The user can send a user authentication request through the user terminal 210 of the user for authentication, and the user authentication request receiving module 120 receives the user authentication request from the user terminal 210 of the user .

The identity request may include the mobile phone number of the user.

The personal information acquisition module 110 can acquire the personal information of the user.

The personal information of the user may be information DB registered in the DB provided in the authentication system 100 or the DB provided in the service providing system 300 in which the user wants to log in.

According to an embodiment, the personal information acquisition module 110 receives personal information of a user corresponding to a mobile phone number included in the personal authentication request from the service providing system 100 or the personal authentication system 100 The DB rotor can be extracted.

In this specification, a DB (DataBase) may be implemented by at least one table, and may further include a separate DBMS (Database Management System) for searching, storing, and managing information stored in the DB It is possible. In addition, all data storage media and data structures that can be implemented in various ways such as a linked-list, a tree, a relational database, and the like can be stored in the pattern DB 130, Can be used to mean including.

The personal information of the user may include at least one of the user's name, date of birth, resident registration number, payment means information (for example, credit card number, check card number, etc.), wire telephone number, sex, have.

The phone call module 130 may connect the phone call to the mobile terminal 220 of the user using the mobile phone number included in the authentication request.

In one embodiment, the telephone call module 130 may attempt to establish a call connection to the mobile telephone number, and the mobile terminal 220 may connect the telephone call by accepting the call connection.

On the other hand, there may be cases where a phone call can not be connected depending on the situation of the user. For example, if the mobile terminal 220 does not receive a call for a predetermined timeout period or refuses a call connection and the call connection is unsuccessful, it may be inappropriate to repeatedly connect the phone call. Therefore, another embodiment of the present invention can provide another technical idea that can perform identity verification even when the user does not answer the telephone. For this, if the mobile terminal 220 does not receive a call or refuses a call connection for a predetermined timeout period and the call connection is unsuccessful, the phone call module 130 may send a callback message to the mobile phone number have. Then, the user can select the callback message transmitted to the user terminal 210 when the user is in a state of performing the authentication. The callback message may include a telephone number (i.e., a caller ID) of the ARS included in or connected to the identity authentication system 100. Therefore, when the user selects the callback message, the telephone call can be connected to the ARS.

Meanwhile, the telephone call module 130 may attempt to connect a telephone call to the mobile telephone number, and then transmit the call back message to the mobile telephone number if a telephone call is not connected. However, according to another embodiment, Authentication may be performed using a back message.

The identity verification information receiving module 140 may receive the first identity verification information for the user who requested the authentication of the user through the user terminal 210 from the mobile terminal 220 through the phone call connected thereto.

The first identity verification information for the user may be information corresponding to at least a part of the personal information of the user registered in advance. For example, when the user's mobile phone number, date of birth, credit card number, etc. are registered in advance, the first identification information may be a date of birth and / or a credit card number. Or the first identity verification information may be part of the date of birth and / or part of the credit card number.

If the first identity verification information is numerical information (e.g., date of birth, etc.), the identity verification information receiving module 140 may receive a number in the DTMF tone.

Meanwhile, when the first identification information is input in the form of a voice signal, the first identification information receiving module 140 may recognize the first identification information from the voice signal through voice recognition.

The control module 150 determines whether or not the first identification information of the user received via the telephone call matches with a portion corresponding to the first identification information of the user registered in advance The user authentication can be performed. For example, when the first identification information is information corresponding to the date of birth, the control module 150 stores the date of birth of the user, which the user inputs via the mobile phone 220 and receives via the telephone call, It is possible to compare the date of birth with the date of birth.

Meanwhile, according to an embodiment of the present invention, the identity authentication system 100 may first verify whether the mobile telephone number is valid before connecting a telephone call to the mobile terminal 220. [ To this end, the identity authentication request may further include second identity verification information. The second identity information may be information corresponding to at least a part of the personal information of the user previously registered in the identity authentication system 100. For example, if the mobile telephone number and the date of birth of the user are registered in advance in the identity authentication system 100, the identity information may be a date of birth. Or the identity information may be part of the date of birth.

Meanwhile, in the present embodiment, the phone call module 130 determines whether or not the second identity verification information included in the identity authentication request matches with a portion corresponding to the second identity verification information among the personal information of the user, The user can connect the telephone call to the mobile terminal of the user using the mobile telephone number. In more detail, the telephone call module 130 matches the portion of the personal information of the user corresponding to the mobile telephone number included in the user authentication request, corresponding to the second identification information, with the second identification information Or not.

According to the embodiment of the present invention, when a user erroneously inputs a mobile phone number due to a mistake such as a typo, an incorrect phone call connection can be prevented.

The identity authentication system 100 may further use a secret code to further enhance security. The control module 150 may further include a secret code receiving module 155 for receiving a secret code from the user terminal 210 of the user or the mobile terminal 220 of the user, Whether or not the personal identification information matches with the first personal identification information of the user registered in advance and the secret code received from the user terminal or the mobile terminal is registered in advance with the registered user's registered secret code And perform authentication of the user with respect to the user.

The pre-registered secret code of the user may be a code previously registered in the principal authentication system 100 or the service providing system 300. The pre-registered secret code of the user may include at least one of the credit card password of the user and the financial account password of the user. For example, the pre-registered secret code may be a credit card password of the user in the case of a credit card company system in the service providing system 300. If the service providing system 300 is a financial system, It can be a financial account password.

Meanwhile, the identity authentication system 100 may further use one-time authentication information (e.g., OTP) to further enhance security.

In one embodiment, the identity authentication system 100 may send the one-time authentication information to the user terminal 210 and verify whether the transmitted one-time authentication information is returned through the mobile terminal 220. [

For this, the one-time authentication information module 160 may issue the one-time authentication information corresponding to the authentication request or obtain the one-time authentication information issued by the predetermined issuance server. The one-time authentication information module 160 may transmit the one-time authentication information to the user terminal 210 so that the one-time authentication information is output to the user terminal 210. [

Meanwhile, the one-time authentication information receiving module 170 may receive the one-time authentication information from the mobile terminal 220 through the telephone call connected by the telephone call module 130, May further perform authentication of the user by considering whether the one-time authentication information is correctly received from the mobile terminal. That is, the control module 150 determines whether the one-time authentication information transmitted by the one-time authentication information module 160 to the user terminal 150 matches the one-time authentication information received by the one-time authentication information receiving module 170 And if it does not match, it can be judged that the identity authentication has failed.

According to an embodiment, the identity authentication system 100 may transmit the one-time authentication information to the mobile terminal 220 and verify whether the transmitted one-time authentication information is returned through the user terminal 220. [

To this end, the one-time authentication information module 160 transmits the one-time authentication information to the mobile terminal 220 through the telephone call so that the one-time authentication information corresponding to the authentication request is output to the mobile terminal 220 .

The one-time authentication information receiving module 170 may receive the one-time authentication information from the user terminal 210, and the control module 150 determines whether the one-time authentication information is correctly received from the user terminal 210 And can perform authentication of the user with respect to the user.

According to an embodiment, the control module 150 may perform authentication using only the one-time authentication information, or may perform authentication using the one-time authentication information and the first identification information.

Meanwhile, the identity authentication system 100 according to an embodiment of the present invention can be used for login to a predetermined service providing system 300 or ID / PW search.

The login module 180 may log in to the account of the user when the authentication of the user is successful, or may log in to the user terminal 210 or the mobile terminal 220, ID and password can be transmitted.

Meanwhile, there may be a case where the user changes his / her mobile terminal to another mobile terminal having a new mobile phone number or changes the mobile phone number of the mobile terminal to a new mobile phone number. In this case, the identity authentication system 100 according to the embodiment of the present invention can provide a technical idea that allows the user to change the mobile phone number previously registered in the service providing system 300 to the changed mobile phone number have.

For this, the identity authentication system 100 may further include a name verification module 190 and a modification module 195, as shown in FIG.

The control module 150 specifies the user based on the first identification information received by the identification information receiving module 140 and transmits the identification information of the user registered in the service providing system 100, Number and the mobile phone number included in the authentication request.

If the second authentication information is included in the authentication request, the control module 150 determines whether the first authentication information is included in the first authentication information and the second authentication information included in the first authentication request, And compares the pre-registered mobile phone number of the user previously registered in the service providing system 100 with the mobile phone number included in the user authentication request.

The first identity verification information (information in which the first identity verification information and the second identity verification information are combined when the second identity verification information is included in the identity authentication request) includes a minimum identity Information. For example, if the first identification information (the second identification information is included in the identification request, the first identification information and the second identification information are combined) A resident registration number, or payment information of the user (for example, a credit card number, etc.). Also, the first company identification information (information in which the first identification information and the second identification information are combined when the second identification information is included in the identification request) is transmitted to the communication company system 400 And may further include information required to confirm the name of the changed mobile telephone number. For example, the first personal identification information (information in which the first personal identification information and the second personal identification information are combined when the second personal identification information is included in the personal identification request) includes a date of birth, sex, You can include more names.

In step S360, the change module 195 determines whether the changed mobile phone number is the user's name based on the confirmation result of the communication company system 400 responding. If the changed mobile phone number is confirmed by the user's name, the mobile phone number of the user can be changed to the changed mobile phone number included in the user authentication request and re-registered in the service system 300.

If the name registration mobile phone number of the user registered in advance and the mobile phone number of the user included in the user authentication request are different from each other, the name confirmation module 190 checks the first identification information (if the first identification information The first identification information is combined with the first identification information and the second identification information if the first identification information is included in the identification request, and the second identification information includes the changed mobile phone number of the user included in the identification request And may transmit the request to the communication company system corresponding to the changed mobile telephone number. Then, the communication company system 400 can confirm whether the changed mobile phone number is the user's name and respond to the confirmation result in response to the request for confirmation of the name of the user, It is possible to confirm whether the changed mobile phone number is the name of the user.

Meanwhile, when the changed mobile phone number is confirmed by the user's name, the change module 195 can change the mobile phone number of the user to the changed mobile phone number included in the user authentication request and re-register have.

Also, the control module may perform the above-described personal authentication procedure when the changed mobile phone number is confirmed by the user's name.

As described above, according to the technical idea of the present invention, even when the mobile telephone number of the user is changed, the user can be authenticated. That is, even if the mobile telephone number of the user is changed, the user can receive the authentication service in the same manner as before the change.

3 is a flow chart illustrating a method of authenticating a principal according to an embodiment of the present invention.

3, the mobile phone number of the user and the personal information of the user may be registered in advance in the personal authentication system 100 or a predetermined service provision system 300 interlocked with the personal authentication system (S100 ).

Then, in order to authenticate the user, the user can transmit a user authentication request to the user authentication system 100 using the user terminal 210 (S120). At this time, the user authentication request may include the mobile phone number of the user and second identification information.

The identity authentication system 100 can obtain the user's previously registered personal information corresponding to the mobile phone number.

Meanwhile, the identity authentication system 100 issues the one-time authentication information (S130) and transmits it to the user terminal 210 (S140). Then, the user terminal 210 can display (display) the one-time authentication information so that the user can confirm the one-time authentication information (S150).

Also, the identity authentication system 100 may connect a phone call to the mobile terminal 220 of the user using the mobile phone number included in the identity authentication request (S160).

The identity authentication system 100 may request the user to input the first identity verification information and the one-time authentication information corresponding to at least a part of the personal information of the user registered in advance through the connected phone call (S170)

The user can respond to the first identity verification information and the one-time authentication information through the mobile terminal 220 (S180).

The authentication system 100 may request the user terminal 210 to input a secret code (S190), input the secret code using the user terminal 210 of the user, 210 may transmit the secret code entered by the user to the identity authentication system 100 (S200).

On the other hand, the identity authentication system 100 identifies the user based on the first identity verification information and the second identity verification information, identifies the user as a pre-registered mobile phone number of the user previously registered in the service providing system 100 And the mobile phone number included in the authentication request may match (S210).

If the mobile telephone number of the user registered in advance is the same as the mobile telephone number included in the user authentication request, the identity authentication system 100 can perform authentication (S220). That is, the identity authentication system 100 determines whether or not the first identity verification information of the user matches with a portion corresponding to the first identity verification information among the personal information of the previously registered user, Whether the second identification information of the user matches the portion of the personal information of the user previously registered corresponding to the second identification information of the user, the one-time authentication information received from the mobile terminal to the user terminal It is possible to perform the identity authentication by judging whether or not it matches the transmitted one-time authentication information, and whether the secret code received from the user terminal matches the previously registered user's previously registered secret code.

If the mobile phone number of the user registered in advance is different from the mobile phone number included in the user authentication request, the authentication system 100 may perform the mobile phone number change procedure. That is, when the previously registered mobile phone number of the user is different from the mobile phone number of the user included in the user authentication request, the identity authentication system 100 may transmit the first identity verification information, The user identification information and the changed mobile phone number of the user included in the user authentication request are transmitted to the communication company system 400 corresponding to the changed mobile phone number to check whether the changed mobile phone number is the name of the user (S230)

Then, the communication company system 400 can confirm whether the changed mobile phone number is the name of the user, and reply the confirmation result (S240).

Also, the identity authentication system 100 determines whether the changed mobile phone number is the user's name (S250) based on the confirmation result of the communication company system 400 responding, and if the changed mobile phone number is the user's The mobile phone number of the user can be changed to the changed mobile phone number included in the user authentication request and re-registered in the service system 300 (270).

Thereafter, the principal authentication system 100 may perform authentication (S280).

If the authentication of the user is successful, the user authentication system 210 can transmit the login ID / PW of the user to the user terminal 210, if the user authentication method is performed for the purpose of finding the ID / PW (S290, S300). Of course, when the identity authentication system 210 is performed for the purpose of login, the identity authentication system 210 can perform login.

On the other hand, according to an embodiment, the identity authentication system 100 may include a processor and a memory for storing a program executed by the processor. The processor may include a single-core CPU or a multi-core CPU. The memory may include high speed random access memory and may include non-volatile memory such as one or more magnetic disk storage devices, flash memory devices, or other non-volatile solid state memory devices. Access to the memory by the processor and other components can be controlled by the memory controller. Here, when the program is executed by a processor, the program can cause the authentication system 100 according to the present embodiment to perform the above-described authentication method.

Meanwhile, the authentication method according to the embodiment of the present invention can be implemented in a computer-readable program command form and stored in a computer-readable recording medium. The control program and the target program according to the embodiment of the present invention And can be stored in a computer-readable recording medium. A computer-readable recording medium includes all kinds of recording apparatuses in which data that can be read by a computer system is stored.

Program instructions to be recorded on a recording medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of software.

Examples of the computer-readable recording medium include magnetic media such as a hard disk, a floppy disk and a magnetic tape, optical media such as CD-ROM and DVD, a floptical disk, And hardware devices that are specially configured to store and execute program instructions such as magneto-optical media and ROM, RAM, flash memory, and the like. The above-mentioned medium may also be a transmission medium such as a light or metal wire, wave guide, etc., including a carrier wave for transmitting a signal designating a program command, a data structure and the like. The computer readable recording medium may also be distributed over a networked computer system so that computer readable code can be stored and executed in a distributed manner.

Examples of program instructions include machine language code such as those produced by a compiler, as well as devices for processing information electronically using an interpreter or the like, for example, a high-level language code that can be executed by a computer.

The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

It will be understood by those skilled in the art that the foregoing description of the present invention is for illustrative purposes only and that those of ordinary skill in the art can readily understand that various changes and modifications may be made without departing from the spirit or essential characteristics of the present invention. will be. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. For example, each component described as a single entity may be distributed and implemented, and components described as being distributed may also be implemented in a combined form.

It is intended that the present invention covers the modifications and variations of this invention provided they come within the scope of the appended claims and their equivalents. .

Claims (20)

As an authentication method,
The identity authentication system comprising: receiving a user authentication request including a mobile phone number of the user from a user terminal of the user;
Wherein the identity authentication system comprises: connecting a phone call to the mobile terminal of the user using the mobile phone number included in the identity authentication request;
Wherein the identity authentication system comprises: receiving first identity verification information for the user requesting authentication of the user through the user terminal from the mobile terminal through the connected phone call, wherein the first identity verification information for the user Is information corresponding to at least a part of the personal information of the user registered in advance with the previously registered mobile phone number of the user;
Wherein the first identification information of the user received via the telephone call matches the first identification information of the user registered in advance with the portion corresponding to the first identification information of the user, , ≪ / RTI >
In the authentication method,
When the pre-registered mobile telephone number of the user previously registered and the mobile telephone number of the user included in the user authentication request are different from each other, the first personal identification information and the changed mobile telephone number of the user included in the user authentication request Transmitting a name confirmation request including a number to the communication company system corresponding to the changed mobile phone number to confirm whether the changed mobile phone number is the name of the user; And
And changing the mobile phone number of the user to the changed mobile phone number included in the user authentication request and re-registering the changed mobile phone number if the changed mobile phone number is confirmed by the user's name.
The method according to claim 1,
The self-
Further comprising second identification information for the user which is information corresponding to at least a part of the personal information of the user registered in advance,
Wherein the step of verifying whether the changed mobile telephone number is the user's name comprises:
And transmits the confirmation request of the user's name including the first identification information, the second identification information, and the changed mobile phone number to the communication company system corresponding to the changed mobile phone number, Authenticating the user.
The method according to claim 1,
The self-
Further comprising second identification information for the user which is information corresponding to at least a part of the personal information of the user registered in advance,
The step of authenticating the user includes:
Whether or not the first identification information of the user received via the telephone call matches with a portion corresponding to the first identification information of the user registered in advance, Authenticating the user based on whether the second identification information of the user matches the portion corresponding to the second identification information of the user registered in advance with the user Authentication method.
The method according to claim 1,
In the authentication method,
Transmitting the one-time authentication information to the user terminal so that the one-time authentication information corresponding to the user authentication request is output to the user terminal; And
Further comprising receiving the one-time authentication information from the mobile terminal via the connected telephone call,
Authentication of the user based on whether the first identification information of the user received through the telephone call matches with a portion corresponding to the first identification information of the user registered in advance The step of performing,
Based on whether or not the first identification information of the user matches the first identification information of the user registered in advance and whether the one-time identification information is received from the mobile terminal correctly, And performing authentication of the user.
The method according to claim 1,
In the authentication method,
Transmitting the one-time authentication information to the mobile terminal through the telephone call so that the one-time authentication information corresponding to the authentication request is output to the mobile terminal; And
Further comprising receiving the one-time authentication information from the user terminal,
The step of authenticating the user based on the first identification information of the user received via the telephone call and the personal information of the user registered in advance includes the steps of:
Based on whether the first identification information of the user matches the first identification information of the user registered in advance and whether the one-time identification information is received from the user terminal correctly, And performing authentication of the user.
The method according to claim 1,
The personal information of the user, which is registered in advance,
A personal identification number, payment means information, a wire telephone number, a sex, an e-mail address, and an address of the user.
The method according to claim 1,
In the authentication method,
Further comprising receiving a secret code from the user terminal of the user or the mobile terminal of the user,
The step of authenticating the user includes:
Whether or not the first identification information of the user matches with the first identification information of the user registered in advance and the identification code of the user who has previously registered the secret code received from the user terminal or the mobile terminal Authenticating the user based on whether or not the user authentication code matches the pre-registration secret code.
8. The method of claim 7,
The pre-registered secret code of the user,
A credit card password of the user, and a financial account password of the user.
The method according to claim 1,
In the authentication method,
When the authentication of the user is successful,
And log-in to the account of the user, or transmitting a login ID and a password corresponding to the account of the user to the user terminal or the mobile terminal.
As an authentication method,
The identity authentication system comprising: receiving a user authentication request including a mobile phone number of the user from a user terminal of the user;
Wherein the identity authentication system comprises: connecting a phone call to the mobile terminal of the user using the mobile phone number included in the identity authentication request;
Wherein the identity authentication system comprises: receiving first identity verification information for the user requesting authentication of the user through the user terminal from the mobile terminal through the connected phone call, wherein the first identity verification information for the user Is information corresponding to at least a part of the personal information of the user registered in advance with the previously registered mobile phone number of the user;
Receiving a secret code from the user terminal of the user or the mobile terminal of the user; And
Whether or not the first identification information of the user matches with the first identification information of the user registered in advance and the secret code received from the user terminal of the user or the mobile terminal of the user are registered in advance Authenticating the user based on whether or not the user's original registered secret code matches the previously registered user's registered secret code.
A computer program installed in a data processing apparatus and stored in a recording medium for performing the method according to any one of claims 1 to 10.
As a personal authentication system,
A processor;
A memory storing a program,
Wherein the program causes the principal authentication system to perform the method according to any one of claims 1 to 10 when executed by the processor.
As a personal authentication system,
A personal authentication request receiving module for receiving a personal authentication request including a mobile phone number of the user from a user terminal of the user;
A telephone call module for connecting a telephone call to the mobile terminal of the user using the mobile telephone number included in the authentication request;
And a first identity verification module for receiving first identity verification information for the user requesting authentication of the user through the user terminal from the mobile terminal through the connected phone call, The information corresponding to at least a part of the personal information of the user registered in advance with the user's previously registered mobile phone number;
Wherein the first identification information of the user received via the telephone call matches the first identification information of the user registered in advance with the portion corresponding to the first identification information of the user, A control module for executing the control module;
When the pre-registered mobile telephone number of the user previously registered and the mobile telephone number of the user included in the user authentication request are different from each other, the first personal identification information and the changed mobile phone number of the user included in the user authentication request A name confirmation module for transmitting a confirmation request for the name of the user including the number to the communication company system corresponding to the changed mobile phone number to confirm whether the changed mobile phone number is the name of the user; And
And a change module for changing the mobile phone number of the user to the changed mobile phone number included in the user authentication request and re-registering, when the changed mobile phone number is confirmed by the user's name.
14. The method of claim 13,
The self-
Further comprising second identification information for the user which is information corresponding to at least a part of the personal information of the user registered in advance,
Wherein the name confirmation module comprises:
And transmits the confirmation request of the user's name including the first identification information, the second identification information, and the changed mobile phone number to the communication company system corresponding to the changed mobile phone number, The identity verification system which confirms whether or not it is.
14. The method of claim 13,
The self-
Further comprising second identification information for the user which is information corresponding to at least a part of the personal information of the user registered in advance,
The control module includes:
Whether or not the first identification information of the user received via the telephone call matches with a portion corresponding to the first identification information of the user registered in advance, Authenticating the user with respect to the user based on whether the second identification information of the user matches the portion corresponding to the second identification information of the user registered in advance.
14. The method of claim 13,
The authentication system of claim 1,
A one-time authentication information module for transmitting the one-time authentication information to the user terminal so that the one-time authentication information corresponding to the authentication request is output to the user terminal; And
And a one-time authentication information receiving module for receiving the one-time authentication information from the mobile terminal via the connected phone call,
The control module includes:
Based on whether or not the first identification information of the user matches the first identification information of the user registered in advance and whether the one-time identification information is received from the mobile terminal correctly, A self-certification system that performs self-certification.
14. The method of claim 13,
The authentication system of claim 1,
A one-time authentication information module for transmitting the one-time authentication information to the mobile terminal through the telephone call so that the one-time authentication information corresponding to the authentication request is output to the mobile terminal; And
Further comprising a one-time authentication information receiving module for receiving the one-time authentication information from the user terminal,
The control module includes:
Based on whether the first identification information of the user matches the first identification information of the user registered in advance and whether the one-time identification information is received from the user terminal correctly, A self-certification system that performs self-certification.
14. The method of claim 13,
The authentication system of claim 1,
Further comprising a secret code receiving module for receiving a secret code from the user terminal of the user or the mobile terminal of the user,
The control module includes:
Whether or not the first identification information of the user matches with the first identification information of the user registered in advance and the identification code of the user who has previously registered the secret code received from the user terminal or the mobile terminal And performs authentication of the user with respect to the user based on whether or not the authentication information matches the pre-registered secret code.
14. The method of claim 13,
The authentication system of claim 1,
And a login module for logging in to the account of the user or for transmitting a login ID and password corresponding to the account of the user to the user terminal or the mobile terminal when the authentication of the user is successful.
As a personal authentication system,
A personal authentication request receiving module for receiving a personal authentication request including a mobile phone number of the user from a user terminal of the user;
The authentication system of claim 1, further comprising: a phone call module for connecting a phone call to the mobile terminal of the user using the mobile phone number included in the authentication request;
And a first identity verification module for receiving first identity verification information for the user requesting authentication of the user through the user terminal from the mobile terminal through the connected phone call, The information corresponding to at least a part of the personal information of the user registered in advance with the user's previously registered mobile phone number;
A secret code receiving module for receiving a secret code from the user terminal of the user or the mobile terminal of the user; And
Whether or not the first identification information of the user matches with the first identification information of the user registered in advance and the secret code received from the user terminal of the user or the mobile terminal of the user are registered in advance Authenticating the user based on whether or not the user's first registered secret code matches the pre-registered secret code of the user.

Images