WO2012115403A3 - Location information-based authentication system and method - Google Patents

Location information-based authentication system and method Download PDF

Info

Publication number
WO2012115403A3
WO2012115403A3 PCT/KR2012/001239 KR2012001239W WO2012115403A3 WO 2012115403 A3 WO2012115403 A3 WO 2012115403A3 KR 2012001239 W KR2012001239 W KR 2012001239W WO 2012115403 A3 WO2012115403 A3 WO 2012115403A3
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
authentication key
location information
mobile communication
communication terminal
Prior art date
Application number
PCT/KR2012/001239
Other languages
French (fr)
Korean (ko)
Other versions
WO2012115403A2 (en
Inventor
정영석
안병현
황재연
Original Assignee
(주)잉카인터넷
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020110016302A external-priority patent/KR101197213B1/en
Application filed by (주)잉카인터넷 filed Critical (주)잉카인터넷
Publication of WO2012115403A2 publication Critical patent/WO2012115403A2/en
Publication of WO2012115403A3 publication Critical patent/WO2012115403A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/029Location-based management or tracking services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information

Abstract

The present invention relates to a location information-based authentication system and method, which authenticate a user by comparing the location of a preregistered mobile communication terminal of the user and the location of a computer terminal that is currently being accessed by the user. The location information-based authentication system according to the present invention is an end entity authentication system comprising a computer device that performs primary authentication through the communication with an online service system, and a mobile communication terminal that performs secondary authentication. The authentication system of the present invention comprises: a device registration unit, which registers end entity information required for the secondary authentication and a mobile communication terminal matching the end entity information; and a one-time authentication processing unit, including a location verification portion which verifies, with the end entity information, the location information of the primarily authenticated computer device and the location information of the mobile communication terminal matching the end entity information, an authentication key generating portion which generates a one-time authentication key, an authentication key issuing portion which issues the one-time authentication key to the mobile communication terminal the location information of which is verified, and an authentication key verification portion which takes, as an input, the one-time authentication key inputted to the primarily authenticated computer device, and compares the issued one-time authentication key and the inputted one-time authentication key.
PCT/KR2012/001239 2011-02-24 2012-02-20 Location information-based authentication system and method WO2012115403A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020110016302A KR101197213B1 (en) 2011-01-19 2011-02-24 Authentication system and method based by positioning information
KR10-2011-0016302 2011-02-24

Publications (2)

Publication Number Publication Date
WO2012115403A2 WO2012115403A2 (en) 2012-08-30
WO2012115403A3 true WO2012115403A3 (en) 2012-12-27

Family

ID=46721532

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2012/001239 WO2012115403A2 (en) 2011-02-24 2012-02-20 Location information-based authentication system and method

Country Status (1)

Country Link
WO (1) WO2012115403A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106385415A (en) * 2016-09-14 2017-02-08 广东欧珀移动通信有限公司 Information safety control method, device and terminal

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101462784B1 (en) * 2013-05-29 2014-12-04 황운규 System of auto-changing password and method of auto-changing password for authentication type equipment therefor

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002101091A (en) * 2000-09-22 2002-04-05 Hitachi Information Systems Ltd User authentication method and user authentication program
KR20030076764A (en) * 2002-03-21 2003-09-29 주식회사 핑거 An entity authentication via the internet and a method for opening on-line share account using this
KR20050081296A (en) * 2004-02-13 2005-08-19 엘지전자 주식회사 Method for internet approval in personal computer
KR20080013234A (en) * 2006-08-08 2008-02-13 엔에이치엔(주) Method of certification using portable memory device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002101091A (en) * 2000-09-22 2002-04-05 Hitachi Information Systems Ltd User authentication method and user authentication program
KR20030076764A (en) * 2002-03-21 2003-09-29 주식회사 핑거 An entity authentication via the internet and a method for opening on-line share account using this
KR20050081296A (en) * 2004-02-13 2005-08-19 엘지전자 주식회사 Method for internet approval in personal computer
KR20080013234A (en) * 2006-08-08 2008-02-13 엔에이치엔(주) Method of certification using portable memory device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106385415A (en) * 2016-09-14 2017-02-08 广东欧珀移动通信有限公司 Information safety control method, device and terminal

Also Published As

Publication number Publication date
WO2012115403A2 (en) 2012-08-30

Similar Documents

Publication Publication Date Title
WO2016175914A3 (en) Transaction signing utilizing asymmetric cryptography
WO2012068078A3 (en) System and method for transaction authentication using a mobile communication device
WO2011146678A3 (en) Method and device for conducting trusted remote payment transactions
WO2012142045A3 (en) Multiple tokenization for authentication
GB2492614B (en) System and method for authenticating a payment transaction
GB201105765D0 (en) Payment system
MX2017001090A (en) Wireless key management for authentication.
US20170068960A1 (en) Web based payment service providing apparatus, method, system, and non-transitory computer readable storage medium storing computer program recorded thereon
GB2505601A (en) Credential authentication methods and systems
WO2013062459A3 (en) Method and arrangement for secure transactions between mobile terminals
WO2013120026A3 (en) Enabling secure access to a discovered location server for a mobile device
WO2010064128A3 (en) Secure transaction authentication
MY183308A (en) Authorization of transactions
IN2013MU03727A (en)
PH12016501866B1 (en) Systems and methods for identity validation and verification
MX355189B (en) User authentication.
FI20115313A0 (en) Authentication method and system
WO2014041381A3 (en) Application system for mobile payment and method for providing and using mobile means for payment
WO2012099330A3 (en) System and method for issuing an authentication key for authenticating a user in a cpns environment
PH12019501975A1 (en) Method and apparatus for user authentication based on a feature information
WO2013056783A8 (en) Mobile terminal, transaction terminal, and method for carrying out a transaction at a transaction terminal by means of a mobile terminal
CN103914772A (en) Wireless authentication method, system and device for mobile payment
PH12014502072A1 (en) Method and system using a cyber id to provide secure transactions
WO2014013434A3 (en) A method and a system for facilitating credit based transactions
EA201590133A1 (en) SYSTEM AND METHOD FOR MOBILE APPLICATIONS

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12749707

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12749707

Country of ref document: EP

Kind code of ref document: A2