WO2012020885A1 - An authentication method using two communication terminals - Google Patents
An authentication method using two communication terminals Download PDFInfo
- Publication number
- WO2012020885A1 WO2012020885A1 PCT/KR2010/007132 KR2010007132W WO2012020885A1 WO 2012020885 A1 WO2012020885 A1 WO 2012020885A1 KR 2010007132 W KR2010007132 W KR 2010007132W WO 2012020885 A1 WO2012020885 A1 WO 2012020885A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- input information
- communication terminal
- data
- information data
- personal information
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/42—User authentication using separate channels for security data
- G06F21/43—User authentication using separate channels for security data wireless channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
Definitions
- the present invention relates to an authentication method using two communication terminals; and, more particularly, to an authentication method using two communication terminals for preventing hacking of personal information corresponding to a registration ID, a registration password, a Resident Registration Number, an account number and the like to enter when logging-in a particular site or using an internet banking and an electronic commerce using the communication terminal.
- malicious hackers may use a key logger program for the purpose of leakage of the personal information
- the key logger program was pre-installed in user's computer and structured such that important personal information such as the ID, the password, the Resident Registration Number, and the account number for the user to enter via an input apparatus is recorded in log and then transferred to the hacker in a predetermined time. Therefore, if such malicious program has been installed into the user's computer by the hacker, sensitive personal information may be leaked itself when using the internet banking.
- the hacker can analyze the keyboard hacking protection program which has been pre-installed in the user's computer. The hacker can falsify and neutralize the keyboard hacking protection program executed in the user's computer through such analysis.
- the present invention is contemplated to resolve the problems mentioned-above, and an object of the present invention is directed to preventing input information data related to personal information from being leaked by replacing the input information data to enter via an input apparatus of a communication terminal with temporary information data, when a user intends to access a particular website thorough the communication terminal and enter the input information data related to the personal information.
- One embodiment of the present invention is directed to providing authentication method using two communication terminals, performed by a personal information safety server, comprising steps of (a) receiving and storing an input information data to be entered from a first communication terminal to an access server and generating a temporary data corresponding to the received input information data to transfer it to the first communication terminal; (b) searching the input information data corresponding to the temporary data if receiving the temporary data from the access server, which the second communication terminal receives from a user and transfers to the access server; and (c) transferring the searched input information data to the access server.
- it stores the temporary data in association with the input information data if generating the temporary data corresponding to the input information data.
- the input information data is a registration ID or a registration password corresponding to login information pre-registered in the access server, or a personal information data such as a Resident Registration Number, an account number, and a card number to be directly entered by the user via the communication terminal.
- the authentication method using two communication terminals comprising steps of (a)receiving a temporary data issued to a first communication terminal by a personal information safety server to correspond to an input information data from a second communication terminal; (b) transferring the temporary data to the personal information safety server and sending a request to search the input information data corresponding to the temporary data; (c) receiving the input information data corresponding to the temporary data from the personal information safety server; and (d) processing the input information data received from the personal information safety server as the input information data which must be entered from the second communication terminal.
- the personal information safety server is operatively integrated into the access server.
- the input information data is a registration ID or a registration password corresponding to login information pre-registered in the access server, or a personal information data such as a Resident Registration Number, an account number, and a card number to be entered by the user via the communication terminal.
- An authentication method using two communication terminals comprising steps of (a) a first communication terminal receiving, from a user, an input information data which must be entered into an access server through a second communication terminal and transferring it to a personal information safety server; (b) the personal information safety server generating a temporary data corresponding to the input information data and transferring it to the first communication terminal; (c) the second communication terminal receiving the temporary data from the user and transferring it to the access server; (d) the access server sending a request to search the input information data corresponding to the received temporary data and transferring the temporary data to the personal information safety server; (e) the personal information safety server searching the input information data corresponding to the received temporary data and transferring it to the access server; and (f) the access server processing the input information data received from the personal information safety server as the input information data which must be entered from the second communication terminal.
- the personal information safety serer stores the temporary data in association with the input information data if the temporary data corresponding to the input information data is generated.
- the input information data is a registration ID or a registration password corresponding to login information pre-registered in the access server, or a personal information data such as a Resident Registration Number, an account number, and a card number to be entered by the user via the communication terminal.
- the input information data related to the personal information can prevent from being leaked by replacing the input information data to enter via the input apparatus of the communication terminal with the temporary data when the user accesses the particular website via the communication terminal and enters the input information data related to the personal information.
- Fig. 1 is a structural drawing of an authentication system using two communication terminals according to an embodiment of the present invention.
- Fig. 2 is a flow diagram of an authentication method using two communication terminals according to an embodiment of the present invention.
- Fig. 1 is a structural drawing of an authentication system using two communication terminals according to an embodiment of the present invention.
- a first communication terminal 200 is installed with a dedicated program for temporary data requests and transfers the input information data to a personal information safety server 400 when the input information data is entered via the dedicated program for temporary data requests.
- the first communication terminal 200 receives and displays the temporary data corresponding to the input information data from the personal information safety server 400.
- the dedicated program for temporary data requests is not installed in the first communication terminal 200, it is possible to get the temporary data by accessing a particular website which issues the temporary data via the web browser.
- the input information data may be a registration ID or a registration password corresponding to the login information which has been already registered in the certain website, or the personal information data such as a Resident Registration Number, an account number, and a card number which must be directly entered by the user via the communication terminal.
- the personal information safety server 400 If the personal information safety server 400 receives the input information data from the first communication terminal 200, the personal information safety server 400 generates the temporary data corresponding to the input information data to transfer it to the first communication terminal 200 and store it in association with the input information data.
- the temporary data can be set to be used only once or any given times in accordance with user's setting.
- the temporary data when transferring the temporary data generated in the personal information safety server 400 to the first communication terminal 200 in a case of pre-setting the time that the temporary data must be entered, the temporary data can be determined as an efficient data only if the temporary data transferred to the first communication terminal 200 via an access server 300 is transferred to the personal information safety server 400 within a prescribed time.
- the second communication terminal 100 is connected with the access server 300 to transfer the temporary data to the access server 300 if the temporary data is entered from the user.
- the temporary data which is transferred to the access server 300 by the second communication server 100 corresponds to the input information data which must be entered to the access server 300.
- the second communication terminal 100 and the first communication terminal 200 of the present invention can be applied to any device capable of wired or non-wired communication such as internet, Wi-Fi, infrared communication, including a computer capable of wired or non-wired communication, a smart mobile device, 2G or 3G hand-held device, and a notebook.
- a device capable of wired or non-wired communication such as internet, Wi-Fi, infrared communication, including a computer capable of wired or non-wired communication, a smart mobile device, 2G or 3G hand-held device, and a notebook.
- the access server 300 If the access server 300 receives the temporary data from the second communication terminal 100, it transfers the temporary data to the personal information safety server 400 in order to send a request to search the input information data corresponding to the temporary data.
- the access server 300 receives the input information data corresponding to the temporary data from the personal information safety server 400 and then processes it as the input information data which must be entered by the user via the second communication terminal 100.
- connection sever 300 and the personal information safety server 400 are provided separately in the embodiment of the present invention, the personal information safety server 400 may be operatively integrated into the access server 300.
- the access server 300 receives the input information data from the first communication terminal 200, and generates the temporary data corresponding to the received input information data to transfer it to the first communication terminal 200 and store it in association with the input information data.
- the access server 300 can directly search the input informationcorresponding to the temporary data without a need of requesting the personal information safety server 400 to search the input information data corresponding to the temporary data.
- the access server 300 processes the searched input information data as the input information data which must be entered from the second communication terminal 100.
- Fig. 2 is a flow diagram of an authentication method using two communication terminals according to an embodiment of the present invention.
- the second communication terminal 100 enters the temporary data instead of the registration password in order to login to the access server 300.
- the registration password is entered into the first communication terminal 200 at a step S201 and transferred to the personal information safety server 400 at a step S202.
- the personal information safety server 400 receives the registration password from the first communication terminal 200, the temporary password is generated for the received registration password and stored in association with the registration password at a step S203.
- the personal information safety server 400 transfers the generated temporary password to the first communication terminal 200 at a step S204.
- the first communication terminal 200 receives the temporary password from the personal information safety server 400, it displays the temporary password on a screen.
- the second communication terminal 100 receives the registration ID and the temporary password from the user at a step S205 and transfers the registration ID and the temporary password to the access server 300 at a step S206.
- the access server 300 If the access server 300 receives the registration ID and the temporary password from the second communication terminal 100, it transfers the received temporary password to the personal information safety server 400 at a step S207 and then sends a request to search the registration password for the transferred temporary password.
- the personal information safety server 400 If the personal information safety server 400 receives the temporary password from the access server 300, it searches the registration password corresponding to the received temporary password at a step S208 and transfers the searched registration password to the access server 300 at a step S209.
- the access server 300 receives the registration password from the personal information safety server 400, the access server processes it as the registration password which must be entered from the second communication terminal 100.
- the access server 300 determines whether the registration password of the registration ID received from the second communication terminal 100 matches with the registration password received from the personal information safety server 400 at a step S210.
- the access server 300 allows logging in of the registration ID at a step S211 if the registration password of the registration ID received from the second communication terminal 100 matches with the registration password received from the personal information safety server 400.
- the second communication terminal 100 can be also used upon entering the personal information such as the Resident Registration Number, the account number, and the card number into the access server 300.
- Resident Registration Number is entered into the access server 300 via the second communication terminal 100.
- the first communication terminal 200 receives the Resident Registration Number from the user and then transfer the received Resident Registration Number to the personal information safety server 400.
- the personal information safety server 400 receives the Resident Registration Number from the first communication terminal 200, it generates the temporary data corresponding to the Resident Registration Number and transfers the generated temporary data to the first communication terminal 200.
- the first communication terminal 200 receives and displays the temporary data from the personal information safety server 400.
- the second terminal 100 receives the temporary data issued to the first communication terminal 200 instead of the Resident Registration Number from the user, it transfers the entered temporary data to the access server 300.
- the access server 300 If the access server 300 receives the temporary data instead of the Resident Registration Number from the second communication terminal 100, it transfers the received temporary data to the personal information safety server 400 and requests the Resident Registration Number corresponding to the temporary data.
- the personal information safety server 400 If the personal information safety server 400 receives the temporary data from the access server 300, it searches the Resident Registration Number corresponding to the received temporary data and then transfers the searched Resident Registration Number to the access server 300.
- the access server 300 receives the Resident Registration Number from the personal information safety server 400, it processes it as the Resident Registration Number which must be entered by the user via the second communication terminal 100.
Abstract
Provided is an authentication method using two communication terminals comprising steps of (a) a first communication terminal receiving, from a user, an input information data which must be entered into an access server through a second communication terminal and transferring it to a personal information safety server; (b) the personal information safety server generating a temporary data corresponding to the input information data and transferring it to the first communication terminal; (c) the second communication terminal receiving the temporary data from the user and transferring it to the access server; (d) the access server sending a request to search the input information data corresponding to the received temporary data and transferring the temporary data to the personal information safety server; (e) the personal information safety server searching the input information data corresponding to the received temporary data and transferring it to the access server; and (f) the access server processing the input information data received from the personal information safety server as the input information data which must be entered from the second communication terminal.
Description
The present invention relates to an authentication method using two communication terminals; and, more particularly, to an authentication method using two communication terminals for preventing hacking of personal information corresponding to a registration ID, a registration password, a Resident Registration Number, an account number and the like to enter when logging-in a particular site or using an internet banking and an electronic commerce using the communication terminal.
Although, these days, there exist positive features that an industrial structure has been reorganized due to the remarkable development of IT technology and an improvement of business efficiency has been caused, it is the actual circumstance that a fear of exposure of secrete information to others is accompanied since the personal information such as the ID, the password, the Resident Registration Number, and the account number must be entered when intending to use various fields such as an authentication site, the internet banking, and the electronic commerce.
As the personal information is exposed to hackers and treated illegally by the hackers, damage cases thereof have a tendency of increasing increasingly and methods of prohibiting them have been developed in various phases.
As an example, malicious hackers may use a key logger program for the purpose of leakage of the personal information, and the key logger program was pre-installed in user's computer and structured such that important personal information such as the ID, the password, the Resident Registration Number, and the account number for the user to enter via an input apparatus is recorded in log and then transferred to the hacker in a predetermined time. Therefore, if such malicious program has been installed into the user's computer by the hacker, sensitive personal information may be leaked itself when using the internet banking.
Although the user can install a key-board hacking protection program to prevent hacking of the input apparatus, the hacker can analyze the keyboard hacking protection program which has been pre-installed in the user's computer. The hacker can falsify and neutralize the keyboard hacking protection program executed in the user's computer through such analysis.
Subsequently, there is a limitation to the method of pre-installing the keyboard secret program to prevent from hacking.
The present invention is contemplated to resolve the problems mentioned-above, and an object of the present invention is directed to preventing input information data related to personal information from being leaked by replacing the input information data to enter via an input apparatus of a communication terminal with temporary information data, when a user intends to access a particular website thorough the communication terminal and enter the input information data related to the personal information.
One embodiment of the present invention is directed to providing authentication method using two communication terminals, performed by a personal information safety server, comprising steps of (a) receiving and storing an input information data to be entered from a first communication terminal to an access server and generating a temporary data corresponding to the received input information data to transfer it to the first communication terminal; (b) searching the input information data corresponding to the temporary data if receiving the temporary data from the access server, which the second communication terminal receives from a user and transfers to the access server; and (c) transferring the searched input information data to the access server.
Preferably, it stores the temporary data in association with the input information data if generating the temporary data corresponding to the input information data.
Preferably, the input information data is a registration ID or a registration password corresponding to login information pre-registered in the access server, or a personal information data such as a Resident Registration Number, an account number, and a card number to be directly entered by the user via the communication terminal.
The authentication method using two communication terminals, performed by an access server, comprising steps of (a)receiving a temporary data issued to a first communication terminal by a personal information safety server to correspond to an input information data from a second communication terminal; (b) transferring the temporary data to the personal information safety server and sending a request to search the input information data corresponding to the temporary data; (c) receiving the input information data corresponding to the temporary data from the personal information safety server; and (d) processing the input information data received from the personal information safety server as the input information data which must be entered from the second communication terminal.
Preferably, the personal information safety server is operatively integrated into the access server.
Preferably, the input information data is a registration ID or a registration password corresponding to login information pre-registered in the access server, or a personal information data such as a Resident Registration Number, an account number, and a card number to be entered by the user via the communication terminal.
An authentication method using two communication terminals, comprising steps of (a) a first communication terminal receiving, from a user, an input information data which must be entered into an access server through a second communication terminal and transferring it to a personal information safety server; (b) the personal information safety server generating a temporary data corresponding to the input information data and transferring it to the first communication terminal; (c) the second communication terminal receiving the temporary data from the user and transferring it to the access server; (d) the access server sending a request to search the input information data corresponding to the received temporary data and transferring the temporary data to the personal information safety server; (e) the personal information safety server searching the input information data corresponding to the received temporary data and transferring it to the access server; and (f) the access server processing the input information data received from the personal information safety server as the input information data which must be entered from the second communication terminal.
Preferably, the personal information safety serer stores the temporary data in association with the input information data if the temporary data corresponding to the input information data is generated.
Preferably, the input information data is a registration ID or a registration password corresponding to login information pre-registered in the access server, or a personal information data such as a Resident Registration Number, an account number, and a card number to be entered by the user via the communication terminal.
According to the present invention, there is an advantage in that the input information data related to the personal information can prevent from being leaked by replacing the input information data to enter via the input apparatus of the communication terminal with the temporary data when the user accesses the particular website via the communication terminal and enters the input information data related to the personal information.
Fig. 1 is a structural drawing of an authentication system using two communication terminals according to an embodiment of the present invention.
Fig. 2 is a flow diagram of an authentication method using two communication terminals according to an embodiment of the present invention.
The advantages, features and aspects of the invention will become apparent from the following description of the embodiments with reference to the accompanying drawings, which is set forth hereinafter.
Fig. 1 is a structural drawing of an authentication system using two communication terminals according to an embodiment of the present invention.
A first communication terminal 200 is installed with a dedicated program for temporary data requests and transfers the input information data to a personal information safety server 400 when the input information data is entered via the dedicated program for temporary data requests.
Further, the first communication terminal 200 receives and displays the temporary data corresponding to the input information data from the personal information safety server 400.
If the dedicated program for temporary data requests is not installed in the first communication terminal 200, it is possible to get the temporary data by accessing a particular website which issues the temporary data via the web browser.
Herein, the input information data may be a registration ID or a registration password corresponding to the login information which has been already registered in the certain website, or the personal information data such as a Resident Registration Number, an account number, and a card number which must be directly entered by the user via the communication terminal.
If the personal information safety server 400 receives the input information data from the first communication terminal 200, the personal information safety server 400 generates the temporary data corresponding to the input information data to transfer it to the first communication terminal 200 and store it in association with the input information data.
Herein, the temporary data can be set to be used only once or any given times in accordance with user's setting.
Further, when transferring the temporary data generated in the personal information safety server 400 to the first communication terminal 200 in a case of pre-setting the time that the temporary data must be entered, the temporary data can be determined as an efficient data only if the temporary data transferred to the first communication terminal 200 via an access server 300 is transferred to the personal information safety server 400 within a prescribed time.
The second communication terminal 100 is connected with the access server 300 to transfer the temporary data to the access server 300 if the temporary data is entered from the user.
Herein, the temporary data which is transferred to the access server 300 by the second communication server 100 corresponds to the input information data which must be entered to the access server 300.
Meanwhile, the second communication terminal 100 and the first communication terminal 200 of the present invention can be applied to any device capable of wired or non-wired communication such as internet, Wi-Fi, infrared communication, including a computer capable of wired or non-wired communication, a smart mobile device, 2G or 3G hand-held device, and a notebook.
If the access server 300 receives the temporary data from the second communication terminal 100, it transfers the temporary data to the personal information safety server 400 in order to send a request to search the input information data corresponding to the temporary data.
The access server 300 receives the input information data corresponding to the temporary data from the personal information safety server 400 and then processes it as the input information data which must be entered by the user via the second communication terminal 100.
Although it is described that the connection sever 300 and the personal information safety server 400 are provided separately in the embodiment of the present invention, the personal information safety server 400 may be operatively integrated into the access server 300.
In this case, the access server 300 receives the input information data from the first communication terminal 200, and generates the temporary data corresponding to the received input information data to transfer it to the first communication terminal 200 and store it in association with the input information data.
If the access server 300 receives the temporary data from the second communication terminal 100, the access server 300 can directly search the input informationcorresponding to the temporary data without a need of requesting the personal information safety server 400 to search the input information data corresponding to the temporary data.
The access server 300 processes the searched input information data as the input information data which must be entered from the second communication terminal 100.
Fig. 2 is a flow diagram of an authentication method using two communication terminals according to an embodiment of the present invention.
Referring to Fig. 2, it will be described now on an example that the second communication terminal 100 enters the temporary data instead of the registration password in order to login to the access server 300.
When the user enters the registration password into the first communication terminal 200 for logging in to the access server 300 via the second communication terminal 100, the registration password is entered into the first communication terminal 200 at a step S201 and transferred to the personal information safety server 400 at a step S202.
If the personal information safety server 400 receives the registration password from the first communication terminal 200, the temporary password is generated for the received registration password and stored in association with the registration password at a step S203.
The personal information safety server 400 transfers the generated temporary password to the first communication terminal 200 at a step S204.
If the first communication terminal 200 receives the temporary password from the personal information safety server 400, it displays the temporary password on a screen.
If the user enters the registration ID pre-registered in the access server 300 and the temporary password issued to the first communication terminal 200 instead of the registration password in order to login to the access server 300, the second communication terminal 100 receives the registration ID and the temporary password from the user at a step S205 and transfers the registration ID and the temporary password to the access server 300 at a step S206.
If the access server 300 receives the registration ID and the temporary password from the second communication terminal 100, it transfers the received temporary password to the personal information safety server 400 at a step S207 and then sends a request to search the registration password for the transferred temporary password.
If the personal information safety server 400 receives the temporary password from the access server 300, it searches the registration password corresponding to the received temporary password at a step S208 and transfers the searched registration password to the access server 300 at a step S209.
If the access server 300 receives the registration password from the personal information safety server 400, the access server processes it as the registration password which must be entered from the second communication terminal 100.
Therefore, the access server 300 determines whether the registration password of the registration ID received from the second communication terminal 100 matches with the registration password received from the personal information safety server 400 at a step S210.
The access server 300 allows logging in of the registration ID at a step S211 if the registration password of the registration ID received from the second communication terminal 100 matches with the registration password received from the personal information safety server 400.
Although it has been described on the example in which the second communication terminal 100 enters the login information into the access server 300, the second communication terminal 100 can be also used upon entering the personal information such as the Resident Registration Number, the account number, and the card number into the access server 300.
It will be hereinafter described considering an example that the Resident Registration Number is entered into the access server 300 via the second communication terminal 100.
In a case that the user must access the access server 300 via the second communication terminal 100 and enter the Resident Registration Number, the first communication terminal 200 receives the Resident Registration Number from the user and then transfer the received Resident Registration Number to the personal information safety server 400.
If the personal information safety server 400 receives the Resident Registration Number from the first communication terminal 200, it generates the temporary data corresponding to the Resident Registration Number and transfers the generated temporary data to the first communication terminal 200.
The first communication terminal 200 receives and displays the temporary data from the personal information safety server 400.
If the second terminal 100 receives the temporary data issued to the first communication terminal 200 instead of the Resident Registration Number from the user, it transfers the entered temporary data to the access server 300.
If the access server 300 receives the temporary data instead of the Resident Registration Number from the second communication terminal 100, it transfers the received temporary data to the personal information safety server 400 and requests the Resident Registration Number corresponding to the temporary data.
If the personal information safety server 400 receives the temporary data from the access server 300, it searches the Resident Registration Number corresponding to the received temporary data and then transfers the searched Resident Registration Number to the access server 300.
If the access server 300 receives the Resident Registration Number from the personal information safety server 400, it processes it as the Resident Registration Number which must be entered by the user via the second communication terminal 100.
In a case that the user must access the access server 300 to enter the personal information using the second communication terminal 100, he doesn't have to enter the personal information directly via the second communication terminal 100. Therefore, it is possible to prevent the personal information from being leaked even in hacking of the input device or images.
While the present invention has been described with respect to the specific embodiments, it will be apparent to those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention as defined in the following claims.
Claims (9)
- An authentication method using two communication terminals, performed by a personal information safety server, comprising steps of:(a) receiving and storing an input information data to be entered from a first communication terminal to an access server and generating a temporary data corresponding to the received input information data to transfer it to the first communication terminal;(b) searching the input information data corresponding to the temporary data if receiving the temporary data from the access server, which the second communication terminal receives from a user and transfers to the access server; and(c) transferring the searched input information data to the access server.
- The authentication method using two communication terminals of claim 1, further comprising a step of storing the temporary data in association with the input information data if generating the temporary data corresponding to the input information data.
- The authentication method using two communication terminals of claim 1, wherein the input information data is a registration ID or a registration password corresponding to a login information pre-registered in the access server, or a personal information data such as a Resident Registration Number, an account number, and a card number to be directly entered by the user via the communication terminal.
- The authentication method using two communication terminals, performed by an access server, comprising steps of:(a) receiving a temporary data issued to a first communication terminal by a personal information safety server to correspond to an input information data from a second communication terminal;(b) transferring the temporary data to the personal information safety server and sending a request to search the input information data corresponding to the temporary data;(c) receiving the input information data corresponding to the temporary data from the personal information safety server; and(d) processing the input information data received from the personal information safety server as the input information data which must be entered from the second communication terminal.
- The authentication method using two communication terminals of claim 4, wherein the personal information safety server is operatively integrated into the access server.
- The authentication method using two communication terminals of claims 4, wherein the input information data is a registration ID or a registration password corresponding to a login information pre-registered in the access server, or a personal information data such as a Resident Registration Number, an account number, and a card number to be entered by the user via the communication terminal.
- An authentication method using two communication terminals, comprising steps of:(a) a first communication terminal receiving, from a user, an input information data which must be entered into an access server through a second communication terminal and transferring it to a personal information safety server;(b) the personal information safety server generating a temporary data corresponding to the input information data and transferring it to the first communication terminal;(c) the second communication terminal receiving the temporary data from the user and transferring it to the access server;(d) the access server sending a request to search the input information data corresponding to the received temporary data and transferring the temporary data to the personal information safety server;(e) the personal information safety server searching the input information data corresponding to the received temporary data and transferring it to the access server; and(f) the access server processing the input information data received from the personal information safety server as the input information data which must be entered from the second communication terminal.
- The authentication method using two communication terminals of claim 7, wherein the personal information safety serer stores the temporary data in association with the input information data if the temporary data corresponding to the input information data is generated.
- The authentication method using two communication terminals of claim 7, wherein the input information data is a registration ID or a registration password corresponding to a login information pre-registered in the access server, or a personal information data such as a Resident Registration Number, an account number, and a card number to be entered by the user via the communication terminal.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020100077893A KR101019617B1 (en) | 2010-08-12 | 2010-08-12 | Personal information delivering method using two communication terminals |
KR10-2010-0077893 | 2010-08-12 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2012020885A1 true WO2012020885A1 (en) | 2012-02-16 |
Family
ID=43938433
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2010/007132 WO2012020885A1 (en) | 2010-08-12 | 2010-10-18 | An authentication method using two communication terminals |
Country Status (2)
Country | Link |
---|---|
KR (1) | KR101019617B1 (en) |
WO (1) | WO2012020885A1 (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20020086168A (en) * | 2001-05-11 | 2002-11-18 | 허성구 | The Disposable Random Password User Authentication Method & System Using Mobile Phone |
JP2009230601A (en) * | 2008-03-25 | 2009-10-08 | Nomura Research Institute Ltd | Communication system, communication method, authentication device, authentication method, and authentication program |
KR20100038990A (en) * | 2008-10-07 | 2010-04-15 | 조영미 | Apparatus and method of secrity authenticate in network authenticate system |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100563544B1 (en) | 2005-07-25 | 2006-03-27 | (주) 호미인터랙티브 | Method for authenticating a user with one-time password |
-
2010
- 2010-08-12 KR KR1020100077893A patent/KR101019617B1/en not_active IP Right Cessation
- 2010-10-18 WO PCT/KR2010/007132 patent/WO2012020885A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20020086168A (en) * | 2001-05-11 | 2002-11-18 | 허성구 | The Disposable Random Password User Authentication Method & System Using Mobile Phone |
JP2009230601A (en) * | 2008-03-25 | 2009-10-08 | Nomura Research Institute Ltd | Communication system, communication method, authentication device, authentication method, and authentication program |
KR20100038990A (en) * | 2008-10-07 | 2010-04-15 | 조영미 | Apparatus and method of secrity authenticate in network authenticate system |
Also Published As
Publication number | Publication date |
---|---|
KR101019617B1 (en) | 2011-03-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2014104777A2 (en) | System and method for safe login, and apparatus therefor | |
WO2011118871A1 (en) | Authentication method and system using portable terminal | |
WO2013141602A1 (en) | Authentication method and system for same | |
WO2017057899A1 (en) | Integrated authentication system for authentication using single-use random numbers | |
WO2018056601A1 (en) | Device and method for blocking ransomware using contents file access control | |
CN103621009B (en) | For the methods, devices and systems based on the open mark of credible platform certification | |
WO2018182126A1 (en) | System and method for authenticating safe software | |
WO2014027859A1 (en) | Device and method for processing transaction request in processing environment of trust zone | |
WO2012144849A2 (en) | Access authentication method for multiple devices and platforms | |
WO2018124856A1 (en) | Method and terminal for authenticating user by utilizing mobile id by means of blockchain database, and server utilizing method and terminal | |
WO2013100419A1 (en) | System and method for controlling applet access | |
WO2018026109A1 (en) | Method, server and computer-readable recording medium for deciding on gate access permission by means of network | |
WO2014104539A1 (en) | Method and apparatus for managing passcode | |
WO2018139858A1 (en) | Apparatus and method for secure personal information retrieval | |
WO2018169150A1 (en) | Locked screen-based user authentication system and method | |
WO2014175704A1 (en) | Iris certification system for website login and personal information security and method therefor | |
WO2015105289A1 (en) | User security authentication system and method therefor in internet environment | |
WO2014061897A1 (en) | Method for implementing login confirmation and authorization service using mobile user terminal | |
WO2016064127A1 (en) | System and method for mobile cross-authentication | |
WO2010068057A1 (en) | Apparatus for managing identity data and method thereof | |
WO2018026108A1 (en) | Method, authorized terminal and computer-readable recording medium for deciding on gate access permission by means of network | |
WO2015099287A1 (en) | Method for authenticating user by using one-time password, and device therefor | |
WO2011065768A2 (en) | Method for protecting application and method for executing application using the same | |
WO2016064040A1 (en) | User terminal using signature information to detect whether application program has been tampered and method for tamper detection using the user terminal | |
WO2012020885A1 (en) | An authentication method using two communication terminals |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 10855952 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 12/06/2013) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 10855952 Country of ref document: EP Kind code of ref document: A1 |