User authentication system and user authentication method
First Claim
1. A user authentication system comprising:
- a user terminal for entering information data for user authentication;
a mobile phone provided with a camera and decoding a code input from the camera;
a password issuing unit for generating a one-time password; and
a service providing unit for providing service to the user terminal and conducting operations for user authentication, which are connected to each other, wherein, when the user accesses the system via the user terminal, the service providing unit generates an encoded code with connection information of the password issuing unit contained therein; and
sends the code to the user terminal, wherein the mobile phone decodes the code displayed on the user terminal; and
accesses the password issuing unit using the connection information, wherein the password issuing unit generates a random one-time password; and
sends the one-time password to the service providing unit and also to the mobile phone accessing the password issuing unit, wherein the user terminal obtains the one-time password displayed on the mobile phone and user identification information for identifying the user; and
sends the one-time password and the user identification information as data of authentication information to the service providing unit, and wherein the service providing unit determines whether the one-time password sent from the user terminal is identical with the one-time password sent from the password issuing unit or not; and
, if both the two passwords are determined to be identical, the service providing unit permits the access of the user via the user terminal.
1 Assignment
0 Petitions
Accused Products
Abstract
A user authentication system capable of maintaining high-level security and of reducing a user'"'"'s load of operations necessary for login is provided. The user authentication system includes a user terminal, a mobile phone, a password issuing unit, and a service providing unit. When a user accesses the system via the user terminal, the service providing unit encodes connection information of the password issuing unit into a code, and sends the encoded code to the user terminal. The mobile phone decodes the code displayed on the user terminal, and accesses the password issuing unit using the connection information. The password issuing unit generates a one-time password, and sends the one-time password to the service providing unit and also to the mobile phone. The user terminal sends the one-time password displayed on the mobile phone and user identification information to the service providing unit. When the service providing unit determines that the two one-time passwords each sent from the user terminal and the password issuing unit are identical, the service providing unit permits the access of the user via the user terminal.
-
Citations
10 Claims
-
1. A user authentication system comprising:
- a user terminal for entering information data for user authentication;
a mobile phone provided with a camera and decoding a code input from the camera;
a password issuing unit for generating a one-time password; and
a service providing unit for providing service to the user terminal and conducting operations for user authentication, which are connected to each other,wherein, when the user accesses the system via the user terminal, the service providing unit generates an encoded code with connection information of the password issuing unit contained therein; and
sends the code to the user terminal,wherein the mobile phone decodes the code displayed on the user terminal; and
accesses the password issuing unit using the connection information,wherein the password issuing unit generates a random one-time password; and
sends the one-time password to the service providing unit and also to the mobile phone accessing the password issuing unit,wherein the user terminal obtains the one-time password displayed on the mobile phone and user identification information for identifying the user; and
sends the one-time password and the user identification information as data of authentication information to the service providing unit, andwherein the service providing unit determines whether the one-time password sent from the user terminal is identical with the one-time password sent from the password issuing unit or not; and
, if both the two passwords are determined to be identical, the service providing unit permits the access of the user via the user terminal. - View Dependent Claims (2, 3, 4, 5)
- a user terminal for entering information data for user authentication;
-
6. A user authentication method in a user authentication system comprising:
- a user terminal for entering information data for user authentication;
a mobile phone provided with a camera and decoding a code inputted from the camera;
a password issuing unit for generating a one-time password; and
a service providing unit for providing service to the user terminal and conducting operations for user authentication, which are connected to each other, the user authentication method comprising;
(a) the step in which, when the user accesses the system via the user terminal, the service providing unit generates an encoded code with connection information of the password issuing unit contained therein; and
sends the code to the user terminal,(b) the step in which the mobile phone obtains and decodes the code displayed on the user terminal; and
accesses the password issuing unit using the connection information,(c) the step in which the password issuing unit generates a random one-time password; and
sends the one-time password to the service providing unit and also to the mobile phone accessing the password issuing unit,(d) the step in which the user terminal obtains the one-time password displayed on the mobile phone and user identification information for identifying the user; and
sends the one-time password and the user identification information as the authentication information to the service providing unit, and(e) the step in which the service providing unit compares the one-time password sent from the user terminal with the one-time password sent from the password issuing unit; and
, when the two one-time passwords are identical, the service providing unit permits the access of the user via the user terminal. - View Dependent Claims (7, 8, 9, 10)
- a user terminal for entering information data for user authentication;
Specification