WO2011136464A1 - Système de saisie sécurisée de mot de passe utilisant une valeur de décalage d'une touche de mot de passe et son procédé de saisie sécurisée de mot de passe - Google Patents

Système de saisie sécurisée de mot de passe utilisant une valeur de décalage d'une touche de mot de passe et son procédé de saisie sécurisée de mot de passe Download PDF

Info

Publication number
WO2011136464A1
WO2011136464A1 PCT/KR2011/000677 KR2011000677W WO2011136464A1 WO 2011136464 A1 WO2011136464 A1 WO 2011136464A1 KR 2011000677 W KR2011000677 W KR 2011000677W WO 2011136464 A1 WO2011136464 A1 WO 2011136464A1
Authority
WO
WIPO (PCT)
Prior art keywords
password
input
key
authentication
user
Prior art date
Application number
PCT/KR2011/000677
Other languages
English (en)
Korean (ko)
Inventor
안규철
안윤하
Original Assignee
주식회사 에이케이씨에스
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 에이케이씨에스 filed Critical 주식회사 에이케이씨에스
Priority to US13/695,014 priority Critical patent/US8826406B2/en
Priority to JP2013507864A priority patent/JP5764203B2/ja
Priority to CN201180031614.0A priority patent/CN103039063B/zh
Priority claimed from KR1020110009541A external-priority patent/KR101132368B1/ko
Publication of WO2011136464A1 publication Critical patent/WO2011136464A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Definitions

  • the present invention relates to a password safe input system and a password safe input method, and more particularly, a password safe input for ensuring safe use of a user password by receiving a safe password from a user and performing password authentication with a key shift value of an actual password.
  • the system and password safe input method are particularly, a password safe input for ensuring safe use of a user password by receiving a safe password from a user and performing password authentication with a key shift value of an actual password.
  • a password authentication method is used as a general method for user authentication.
  • the password authentication method stores the password input by the user as an initial setting and compares the safety password input from the user with the previously stored password whenever necessary, and determines that the password authentication is successful.
  • the password has various exposure possibilities.
  • a third party can watch the user's password entry process and find out the password.
  • the hacking program may find out the password by hacking the password keyed in the user terminal. It is also possible for a hacking program to steal a password from data in network communication to find out the password.
  • a password can be used without any limitation as long as a third party finds out the user's password. Even if the password entered from the user is encrypted to enhance security, the third party can hack the encryption method applied to the password to decrypt the password. Therefore, even if a user's password is exposed to a third party, a password authentication method is required so that the third party cannot use the obtained password.
  • the present invention has been created under the recognition of the prior art as described above, and by arranging different key arrangements for each password input instance and receiving a secure password that is relocated from the actual password, the actual password is protected even if the safety password is exposed to a third party. It is to provide a password safe input system and a password safe input method.
  • a password setting module for receiving and storing the actual password by the initial setting from the user;
  • An input window generating module for generating an input window in which key buttons are randomly arranged for each instance of a password input;
  • a password input module for receiving a key of a changed security password by applying the same moving distance to the key position of the actual password in the input window displayed on the screen;
  • a password authentication module that determines a password authentication as a success when comparing the key shift value of the pre-stored actual password with the key shift value of the safety password input from the user based on the input window.
  • the password security input system configured in a network environment, the password setting module for receiving and storing the actual password by the initial setting from the user terminal; An input window generating module for generating an input window in which key buttons are randomly arranged for each instance of a password input and transmitting the generated input window to a user terminal; A password input module for receiving a key of a changed security password by applying the same moving distance to the key position of the actual password of the input window after the input window is displayed on the screen of the user terminal; And a password authentication module including a password authentication module for determining password authentication as a result of comparing the key shift value of the pre-stored real password with the key shift value of the safety password input from the user based on the input window. do.
  • the input window includes a key button including at least one of numeric keys, character keys, and image keys.
  • the key shift value may include a first key button (x1, y1) and a second key button (x2, y2) continuously input in a password with respect to the key buttons arranged on the x-axis and the y-axis. ) Is the moving coordinate values (x2-x1, y2-y1).
  • n-1 key shift values obtained from two consecutively inputted keys are generated.
  • the input window generating module may generate n input windows in which key buttons are randomly arranged differently for each individual digit input, Whenever a digit's safety password is entered, it can be switched to a unique input window.
  • the password input module may further receive an arbitrary key irrelevant to the movement value of the key coordinates of the actual password.
  • the password authentication module when receiving the safety password key of the individual digits from the user, the password is secure input, characterized in that to guide the input of the safety password from the beginning when the authentication of the safety password fails to authenticate the safety password system.
  • the password security input system of a network environment further includes a user terminal receiving an input window from the authentication server and displaying the input window on the screen, and transmitting a security password input from the user to the authentication server to request authentication.
  • the user terminal is a password to perform authentication by receiving a safety password instead of the actual password in a stand-alone environment (stand-alone) environment
  • a safe input method comprising the steps of: (a) receiving an actual password by initial setting from a user and storing the same in an internal memory; (b) generating an input window in which key buttons are randomly arranged for each instance of a password input; (c) after the generated input window is displayed on the screen, receiving the key of the changed security password by applying the same moving distance to the key position of the actual password in the input window; And (d) comparing the key shift value of the pre-stored real password with the key shift value of the safety password input from the user based on the input window, and determining the password authentication as success.
  • the user is provided with an input window in which the positions of the key buttons are mixed each time, and inputs a one-time safety password, so that the user can safely maintain the actual password even if the safety password is leaked to a third party.
  • 1 to 3 are exemplary diagrams of a password using a key shift value according to an embodiment of the present invention.
  • FIG. 4 is a schematic configuration diagram of a password security input system in a stand-alone environment according to an embodiment of the present invention.
  • FIG. 5 is a schematic configuration diagram of a password security input system of a network environment according to another embodiment of the present invention.
  • FIG. 6 is a schematic flowchart of a password security input method of a stand-alone environment according to an embodiment of the present invention.
  • FIG. 7 is a schematic flowchart of a password security input method of a network environment according to another embodiment of the present invention.
  • FIG. 1 illustrates a password input screen according to an embodiment of the present invention.
  • key buttons having a size of 3 * 4 are arranged.
  • key buttons are arranged in a sequence of numbers.
  • key buttons are randomly arranged for each instance of a password input.
  • the user's actual password is a four-digit '* 123'
  • a user may request an authentication by inputting an actual password, which may be stolen by a third party.
  • the user inputs a key button of a password (secure password) which is located at the same distance from the key button of the actual password, not the actual password. That is, in one embodiment of the present invention, the user presses the security password '8265' by applying the key movement distance ⁇ 1, 1> to the key button position of the actual password, rather than inputting the actual password '* 123'.
  • the input of the safety password '8265' is completed by the user pressing the '8' key button 105, the '2' key button 106, the '6' key button 107, and the '5' key button 108. .
  • the key movement distance ⁇ 1, 1> means the movement of one space to the right of the x-axis and one space to the y-axis.
  • move 1 space to the right of the x axis ⁇ 1, 0> refers to the number '5' key button by the rolling method
  • move one space to the top of the y axis ⁇ 0, 1> indicates the '#' key button by the rolling method. Therefore, when the key movement distance ⁇ 1, 1> is applied to the number '6' key button, the number '9' button is moved.
  • the user is authenticated by inputting the security password '8265', not the actual password.
  • this secure password is successful in password authentication only in the input window 11 of this instance. Therefore, even if the third party hacks the security password '8265', the next password input window randomly shuffles the arrangement position of the key button, and the authentication of the hacked password fails because it is not an actual password.
  • FIG. 2 illustrates a moving value of a key button in the example of inputting a password of FIG. 1.
  • the user's actual password is "* 123" 4 digits
  • the movement values of the first key button and the second key button which are continuously input are (1,0), '1' and '2' between '*' and '1'. (1,1) and (1,0) between '2' and '3'. That is, in the n-digit password, there are n-1 shift values between two consecutive key buttons.
  • the user inputs the safety password "8265" by applying the moving distance ⁇ 1, 1> to protect his actual password.
  • the moving coordinate values between two consecutive key buttons are (1,0) between '8' and '2', (1,1) between '2' and '6', '6' and '5' Is between (1,0).
  • the actual password and the password (safe password) input by the user have the same moving coordinate values (1,0), (1,1), (1,0) between two consecutive key buttons. .
  • the moving coordinate value between two consecutive key buttons of the actual password and two consecutive key buttons of the security password Compare the moving coordinate values between. If the comparison result is matched, it is determined that the authentication is successful.
  • the actual password of the user is '* 123'.
  • the user can arbitrarily apply the moving value. If the user applies the travel distance ⁇ 2, 0> to the actual password, the user's safety password is '0 * 82'. In the case of the safety password '0 * 82', the shift values (1,0), (1,1) and (1,0) are maintained between two consecutive key buttons so that the safety password '0 * 82' is the actual password. Has three moving values equal to.
  • the user may arbitrarily apply the moving distances ⁇ a, b> to protect his actual password. Accordingly, the user can select any key button among all 11 key buttons except for the actual password '*' when the first digit password is input. That is, when the user arbitrarily determines the first digit password, the shift value is equally applied to the next digit password. For example, if the user inputs '5' instead of '*' in the first digit of the actual password, the moving distance ⁇ 1, 2> is determined. If the moving distance ⁇ 1, 2> is applied to the actual password, the user must enter '5' and successively enter '4 # 9' as the safety password before the authentication of this password can succeed.
  • a user is presented with an input window of a randomly mixed key button for each individual instance of a password input, and an arbitrary moving distance ⁇ a, b> is applied from a position of an actual password key button of the input window. You can enter a secure password to protect your actual password from hacking by third parties.
  • FIG. 4 shows a schematic configuration of a password secure input system 1 in a stand-alone environment according to one embodiment of the invention.
  • stand-alone means that the user device 3 can independently perform password input and authentication processing without mutual communication with other devices.
  • Examples of such a stand-alone user device 3 include wired / wireless information communication terminals or ATM devices (cash machines) such as computer terminals (eg, desktops, laptops, etc.), mobile communication terminals, and other portable terminals. , Door locks, smart TVs, and the like.
  • the user device 3 only needs to be an electric or electronic device having a processor and a memory, and the type of the user device 3 is not limited to the above description.
  • An example of a password input method in a stand-alone environment is a case in which the screen lock is released only when the user password authentication is successful in the mobile communication terminal or when the user password authentication is successful in the TV. That is, the user device 3 is a method of receiving and authenticating a password alone.
  • the user device 3 is a password setting module 31 which initially receives a real password from a user, and an input window generating module for generating an input window in which key buttons are randomly arranged for each input instance of a password. 32, a password input module 33 for receiving a safety password from the user through an input window displayed on the screen, and a password authentication module 34 for authenticating the safety password input by the user.
  • the password setting module 31 receives the actual password from the user and stores it in the internal memory of the user device 3. Passwords can be stored encrypted.
  • the password setting module 31 receives a password composed of a plurality of keys from the user.
  • the input window generating module 32 generates an input window in which key buttons are uniquely mixed with each input instance according to the defined size and shape of the input window and key buttons, and displays the input window on the screen.
  • the input window generating module 32 may generate an input window in which a key button in which letters, numbers, images, special keys, and emoticons are arbitrarily combined is arranged. Therefore, the input window may have a different size and shape than the input window illustrated in FIGS. 1 to 3.
  • the input window generating module 32 may generate and display different input windows for each key button input in accordance with the password input policy. For example, if the password is 8 digits, it is possible to provide a total of eight different input windows to receive the key button of the security password of the individual digits. The first and second digits can be entered with an English letter key, and the remaining six digits can be entered with a numeric key. On the other hand, if the safety password is input through eight input windows, password authentication should be performed eight independent password authentication based on the key button disposed in each of the eight input windows.
  • the password input module 33 receives a key button of a security password from a user through an input window displayed on the screen.
  • the password input module 33 may receive a selection input of a key button through a screen touch method or an arrow button located on a keypad.
  • the password input module 33 may be modified to further receive an arbitrary key (mismatched key) that is not related to the moving value of the key coordinate of the actual password.
  • an arbitrary key mismatched key
  • the digit of the password is fixed to four digits in FIGS. 1 to 3, when an arbitrary key insertion method is applied, five or more digits including an arbitrary key are input from the user as a security password.
  • a random key is one in which the user intentionally enters an inconsistent key to protect the actual password. That is, in FIG. 2, instead of entering the password '8265', the user inputs' 8? 265 ', '82 ??? 65' or '? 8265?'.
  • ? Refers to an arbitrary key and may be inserted at any position of the secure password.
  • the third party may be mistaken that the password consists of five digits when the third party obtains '8? 265'. It can also confuse third parties with varying lengths of passwords each time, further enhancing the security of passwords. However, if any key insertion method is applied, even if any one digit fails to be authenticated during password authentication, the authentication is not judged to be failed, and the next digit is transferred. If the key buttons of the '8265' are sequentially matched in the total length of the secure password, the authentication success is determined.
  • the password authentication module 34 calculates a movement value between two successive key buttons, respectively, based on the key button arrangement of the current input window, and determines whether the password matches.
  • n-1 key shift values obtained from two consecutively inputted keys are generated.
  • 1 to 3 illustrate three moving values (1, 0), (1, 1) and (1, 0) for a four-digit password.
  • the password authentication module 34 may have various authentication schemes according to the authentication policy. For example, as shown in FIGS. 1 to 3, a four-digit password is input to one input window and four digits are authenticated at once. As another example, the authentication is performed every time the one-digit security password is input in FIGS. 1 to 3, and if successful, the authentication is performed after receiving the next security password. For example, when the user inputs the first '8', the password authentication module 34 determines that authentication is successful and receives the second security password. Here, if the user enters '3' rather than '2' and the safety password authentication fails, the user is guided to re-enter the safety password from the beginning.
  • the password authentication is successful only if the user's safety password input is valid four times in a row.
  • the password authentication module 34 performs authentication for each individual digit so as to provide an input window for the next digit if it is successful.
  • it is determined that the authentication is successful if the moving values for the remaining keys and the actual password keys except for any keys that are inconsistent in the entire digit of the security password coincide with each other.
  • FIG. 5 is a schematic configuration diagram of a password safe input system 1 in a network environment according to another embodiment of the present invention.
  • the term "network environment” means that the authentication server 3 receives a safety password transmitted from the user device 3 through a wired or wireless network, performs authentication, and then responds with the authentication result to the user device 3.
  • the wired and wireless networks typically include all communication networks capable of data communication using various protocols such as mobile communication networks, wired and wireless public networks such as the Internet, and dedicated networks.
  • An example of a password input method in a network environment is when a user needs to enter an ID and password to log in to a server (eg, a homepage). For example, when accessing an Internet banking server and entering various passwords such as login and OTP number.
  • a server eg, a homepage
  • the password input method of the present invention when the password input method of the present invention is applied, the user device 3 sends a security password input from the user to the authentication server 2 to request authentication, and provides the authentication result from the authentication server 2.
  • the password security input system 1 according to another embodiment of the present invention comprises an authentication server 2 and a user device 3 connected via wired or wireless networks.
  • the configuration modules 31 to 34 of the standalone type user device illustrated in FIG. 4 perform the same function in the authentication server 2 of FIG. 5. That is, the password setting module 21, the input window generating module 22, the password input module 23 and the password authentication module 24 of the authentication server 2 of FIG. 5 have the same functions as the corresponding configuration modules of FIG. 4. Do this. Therefore, only the differences according to the client server environment will be described below.
  • the password setting module 21 receives the actual password set by the user from the user device 3 and stores it in the internal DB.
  • the input window generating module 21 generates an input window in which key buttons are uniquely mixed with each input instance according to the defined size and shape of the input window and key buttons, and transmits the generated input window to the user device 3.
  • the user device 3 displays the received input window on the screen and receives a safety password from the user.
  • the password input module 23 receives a safety password input by selecting a key button of a user through an input window displayed on the screen of the user device 3.
  • the received security password may include any key by applying any of the key insertion methods described above.
  • the password authentication module 24 calculates a moving value between two consecutive key buttons based on the arrangement of the key buttons of the input window already transmitted to the user device, and calculates and agrees a moving value between two consecutive key buttons. To judge. The password authentication result is then returned to the user device 3.
  • the password security input method using the shift value of the password key according to an embodiment of the present invention can be preferably realized through the construction of the password security system 1 described above.
  • FIG. 6 is a schematic flowchart of a password security input method of a stand-alone environment according to an embodiment of the present invention.
  • the password setting module 31 of the user device 3 receives and stores an actual password according to the initial setting from the user (S31).
  • the actual password stored in this way is referred to during authentication.
  • the password includes all numbers, letters, images, emoticons, and the like, and each password has a coordinate value relative to each other. Therefore, when n-digit passwords are set, n-1 moving coordinate values between adjacent passwords are generated based on the coordinate values of each password.
  • the coordinates include not only two-dimensional coordinates based on the x-axis and y-axis, but also three-dimensional coordinates consisting of the x-axis, the y-axis, and the z-axis.
  • the password is preferably arranged in a matrix form as shown in FIG. 1, but may be formed in another form such as a sphere.
  • the input window generating module 32 of the user device generates an input window composed of key buttons randomly arranged for each password input instance and displays the input window on the screen of the user device 3 (S32). Then, the map (or matrix) configuration (i.e., arrangement of passwords) for the input window thus generated is temporarily stored in the internal memory.
  • the map (or matrix) configuration i.e., arrangement of passwords
  • the password input module 33 receives a password from a user through the input window displayed on the screen (S33).
  • the password input module 33 receives a security password to which the key shift distance ⁇ a, b> is applied instead of the actual password from the user.
  • the safety password to which the key shift value of the present invention is applied is a one-time password that is authenticated only in the corresponding input window, the third party may not succeed even if the third party uses the hacked safety password in the next input window.
  • the password input module 33 may receive an arbitrary key input intentionally input from the user in the middle of the password input character as an optional configuration for further strengthening security (any key insertion method).
  • the password authentication module 34 When the password authentication module 34 receives a safety password from the user, the password authentication module 34 compares the moving values of two consecutive keys with respect to the actual password and the safety password based on the previously configured map configuration of the password input window, and compares them. If it is determined that the authentication is successful (S34).
  • the password authentication module 34 performs two consecutive first key buttons (x1, y1) and second key buttons (x2, y2) of the pre-stored actual password of the step (a) in the input window of step (b).
  • n-1 moving coordinate values of the actual password and the n-1 moving coordinate values of the safety password are obtained, the respective moving coordinate values are compared and judged to be successful in authentication if they match, and in case of inconsistency.
  • the password authentication module 34 may receive the safety password by one digit and perform authentication of the safety password. If the password authentication module 34 determines that authentication failed, it invalidates the previous valid authentication and guides the re-entry of the first security password. If even one digit of the secure password is determined to be an authentication failure, the previous authentication may be invalidated and restarted, thereby providing a stronger password authentication policy.
  • FIG. 7 is a schematic flowchart of a password security input method of a network environment according to another embodiment of the present invention.
  • the password setting module 21 of the authentication server 2 receives the actual password according to the initial setting of the user from the user device 3 by using a wired or wireless network and stores it in the DB (S21).
  • the input window generating module 22 generates an input window composed of key buttons randomly arranged for each password input instance and transmits the input window to the user terminal 3 (S22).
  • the user device 3 displays the received input window on the screen to guide the input of the safety password (S35), and receives a safety password to which a certain key movement value is applied instead of the actual password (S36).
  • the password input module 23 receives the safety password from the user device 3 (S23).
  • the password input module 23 receives the security password applied with the key movement distance ⁇ a, b> to the key position of the actual password.
  • n-1 moving values of two consecutive keys at n digits of the password correspond to each of the previously stored actual password and the safety password. It is determined whether the authentication is successful (S24).
  • the password authentication module 24 transmits the authentication result to the user device 3 (S25).
  • module is not used to mean a hardware distinction of the password secure input system. Therefore, a plurality of modules may be integrated into one module or one module may be divided into a plurality of modules.
  • the module may mean a hardware module, but may also mean a module of software. Therefore, it should be understood that the present invention is not particularly limited by the term module.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

L'invention concerne un système de saisie sécurisée de mot de passe qui effectue l'authentification par saisie d'une touche de mot de passe sécurisé obtenue en appliquant une valeur de décalage à une touche de mot de passe réel, et son procédé de saisie sécurisée de mot de passe. Conformément à la présente invention, un système de saisie sécurisée de mot de passe est configuré de manière à comporter un terminal utilisateur comprenant : un module de définition de mot de passe destiné à recevoir et à stocker un mot de passe réel saisi pendant la configuration initiale effectuée par un utilisateur, un module générateur de fenêtre de saisie destiné à générer une fenêtre de saisie dans laquelle des boutons de touches sont disposés aléatoirement chaque fois qu'un mot de passe est saisi ; un module de saisie de mot de passe destiné à recevoir des touches d'un mot de passe sécurisé dont la position est modifiée par application d'une même distance de décalage aux positions de touches du mot de passe réel, dans la fenêtre de saisie affichée sur un écran ; et un module d'authentification de mot de passe destiné à comparer une valeur de décalage de touche du mot de passe réel ayant été préalablement stockée à une valeur de décalage de touche d'un mot de passe sécurisé saisi par un utilisateur sur la base de la fenêtre de saisie, et à déterminer que l'authentification du mot de passe a réussi lorsque les deux valeurs de décalage de touches sont identiques. Conformément à la présente invention, même si un mot de passe sécurisé est exposé à une tierce personne, l'utilisateur peut conserver le mot de passe réel sans s'en préoccuper.
PCT/KR2011/000677 2010-04-26 2011-01-31 Système de saisie sécurisée de mot de passe utilisant une valeur de décalage d'une touche de mot de passe et son procédé de saisie sécurisée de mot de passe WO2011136464A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US13/695,014 US8826406B2 (en) 2010-04-26 2011-01-31 Password security input system using shift value of password key and password security input method thereof
JP2013507864A JP5764203B2 (ja) 2010-04-26 2011-01-31 パスワードキーの移動値を利用するパスワード安全入力システム及びそのパスワード安全入力方法
CN201180031614.0A CN103039063B (zh) 2010-04-26 2011-01-31 使用密码键的移值的密码安全输入系统和密码安全输入方法

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR20100038326 2010-04-26
KR10-2010-0038326 2010-04-26
KR1020110009541A KR101132368B1 (ko) 2010-04-26 2011-01-31 비밀번호 키의 이동값을 이용하는 비밀번호 안전 입력 시스템 및 그 비밀번호 안전 입력 방법
KR10-2011-0009541 2011-01-31

Publications (1)

Publication Number Publication Date
WO2011136464A1 true WO2011136464A1 (fr) 2011-11-03

Family

ID=44861726

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2011/000677 WO2011136464A1 (fr) 2010-04-26 2011-01-31 Système de saisie sécurisée de mot de passe utilisant une valeur de décalage d'une touche de mot de passe et son procédé de saisie sécurisée de mot de passe

Country Status (1)

Country Link
WO (1) WO2011136464A1 (fr)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014048712A (ja) * 2012-08-29 2014-03-17 Nec Personal Computers Ltd 入力情報認証装置および装置のプログラム
JP2014102722A (ja) * 2012-11-21 2014-06-05 Nec Personal Computers Ltd 入力情報認証装置及びプログラム
EP3050013A1 (fr) * 2013-09-30 2016-08-03 Square, Inc. Interface d'utilisateur à saisie de code sécurisée
EP3050014A1 (fr) * 2013-09-30 2016-08-03 Square, Inc. Interface de brouillage d'introduction de mot de passe
US9773240B1 (en) 2013-09-13 2017-09-26 Square, Inc. Fake sensor input for passcode entry security
US9928501B1 (en) 2013-10-09 2018-03-27 Square, Inc. Secure passcode entry docking station
US10083442B1 (en) 2012-06-12 2018-09-25 Square, Inc. Software PIN entry

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020076044A1 (en) * 2001-11-16 2002-06-20 Paul Pires Method of and system for encrypting messages, generating encryption keys and producing secure session keys
KR20020074475A (ko) * 2000-11-11 2002-09-30 쓰리윈닷컴 주식회사 비밀 정보 입력 방법 및 장치
KR20040056273A (ko) * 2002-12-23 2004-06-30 신화식 랜덤하게 배열된 자판을 이용하여 비밀번호를 입력하기위한 무인 단말기 및 잠금장치와 그 장치들을 이용한비밀번호 입력방법
KR20040091494A (ko) * 2003-04-22 2004-10-28 장행곤 비밀번호 입력 방법

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20020074475A (ko) * 2000-11-11 2002-09-30 쓰리윈닷컴 주식회사 비밀 정보 입력 방법 및 장치
US20020076044A1 (en) * 2001-11-16 2002-06-20 Paul Pires Method of and system for encrypting messages, generating encryption keys and producing secure session keys
KR20040056273A (ko) * 2002-12-23 2004-06-30 신화식 랜덤하게 배열된 자판을 이용하여 비밀번호를 입력하기위한 무인 단말기 및 잠금장치와 그 장치들을 이용한비밀번호 입력방법
KR20040091494A (ko) * 2003-04-22 2004-10-28 장행곤 비밀번호 입력 방법

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11823186B2 (en) 2012-06-12 2023-11-21 Block, Inc. Secure wireless card reader
US10515363B2 (en) 2012-06-12 2019-12-24 Square, Inc. Software PIN entry
US10185957B2 (en) 2012-06-12 2019-01-22 Square, Inc. Software pin entry
US10083442B1 (en) 2012-06-12 2018-09-25 Square, Inc. Software PIN entry
JP2014048712A (ja) * 2012-08-29 2014-03-17 Nec Personal Computers Ltd 入力情報認証装置および装置のプログラム
JP2014102722A (ja) * 2012-11-21 2014-06-05 Nec Personal Computers Ltd 入力情報認証装置及びプログラム
US9773240B1 (en) 2013-09-13 2017-09-26 Square, Inc. Fake sensor input for passcode entry security
EP3050014A4 (fr) * 2013-09-30 2017-04-05 Square, Inc. Interface de brouillage d'introduction de mot de passe
EP3050013A4 (fr) * 2013-09-30 2017-04-05 Square, Inc. Interface d'utilisateur à saisie de code sécurisée
EP3050014A1 (fr) * 2013-09-30 2016-08-03 Square, Inc. Interface de brouillage d'introduction de mot de passe
US10540657B2 (en) 2013-09-30 2020-01-21 Square, Inc. Secure passcode entry user interface
EP3050013A1 (fr) * 2013-09-30 2016-08-03 Square, Inc. Interface d'utilisateur à saisie de code sécurisée
US9928501B1 (en) 2013-10-09 2018-03-27 Square, Inc. Secure passcode entry docking station

Similar Documents

Publication Publication Date Title
KR101132368B1 (ko) 비밀번호 키의 이동값을 이용하는 비밀번호 안전 입력 시스템 및 그 비밀번호 안전 입력 방법
WO2011136464A1 (fr) Système de saisie sécurisée de mot de passe utilisant une valeur de décalage d'une touche de mot de passe et son procédé de saisie sécurisée de mot de passe
US20190260748A1 (en) Securing a transaction performed from a non-secure terminal
WO2013157864A1 (fr) Procédé d'authentification d'utilisateur à l'aide d'une icône combinée à un motif d'entrée, et dispositif d'entrée de mot de passe
WO2011118871A1 (fr) Procédé d'authentification et système utilisant un terminal mobile
US8752147B2 (en) System and method for two-factor user authentication
US20050193208A1 (en) User authentication
WO2017057899A1 (fr) Système d'authentification intégré pour authentification grâce à des nombres aléatoires à usage unique
WO2017043717A1 (fr) Procédé d'authentification biométrique d'un utilisateur
KR20140009038A (ko) 패스워드의 연속 인증을 이용하는 패스워드 인증 시스템 및 패스워드 인증 방법
WO2017065576A1 (fr) Procédé et système d'authentification d'utilisateur faisant appel à un clavier variable
WO2020032351A1 (fr) Procédé permettant d'établir une identité numérique anonyme
WO2014112695A1 (fr) Système pour sécuriser un dispositif électronique grâce à une authentification à deux facteurs et procédé pour sécuriser un dispositif électronique l'utilisant
WO2020159328A1 (fr) Procédé et appareil de traitement d'informations d'authentification et terminal utilisateur comprenant un appareil de procédé de traitement d'informations d'authentification
WO2012074275A2 (fr) Appareil d'authentification d'utilisateur pour un usage sécurisé de l'internet, procédé d'authentification d'utilisateur pour un usage sécurisé de l'internet et support enregistré l'enregistrant
WO2017052277A1 (fr) Procédé et système d'authentification d'identité utilisant un pavé numérique variable
WO2014181952A1 (fr) Dispositif et procédé pour l'authentification sur la base d'une valeur de position
WO2015034160A1 (fr) Procédé d'authentification de mot de passe à l'aide de mémoire définie par l'utilisateur
WO2014011001A1 (fr) Système et procédé d'authentification par mot de passe utilisant une authentification par mots de passe consécutifs
WO2021049681A1 (fr) Dispositif électronique permettant d'effectuer une authentification se basant sur un serveur en nuage, et procédé de commande pour celui-ci
WO2015053438A9 (fr) Procédé et appareil de génération de mot de passe utilisant un ensemble d'intervalles de confiance sur la base d'informations biométriques
WO2017183799A1 (fr) Appareil de vérification de données, et procédé de vérification de données l'utilisant
WO2012128478A2 (fr) Système et procédé d'authentification sur base d'une image
KR101981992B1 (ko) 가상 키패드를 이용한 사용자 인증 방법 및 장치
KR20080011362A (ko) 그래픽 오티피의 해킹 방지 방법

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201180031614.0

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11775170

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2013507864

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 13695014

Country of ref document: US

122 Ep: pct application non-entry in european phase

Ref document number: 11775170

Country of ref document: EP

Kind code of ref document: A1