METHOD AND SYSTEM FOR AUTHENTICATION

US 20180219851A1
Filed: 03/28/2017
Published: 08/02/2018
Est. Priority Date: 04/25/2016
Status: Abandoned Application

First Claim

Patent Images

1. An authentication service system performing user authentication by using a short message service (SMS), comprising:

an authentication service component; and

a verification component,wherein the authentication service component transfers use information received as basic authentication information to the verification component, confirms an IP address which is access information of a mobile device accessed for the user authentication, and transfers the confirmed IP address of the mobile device and an SMS authentication value input from the mobile device to the verification component, andthe verification component generates the SMS authentication value to be used for authenticating the corresponding user to correspond to the transferred user information and transmits the generated SMS authentication value to a registered mobile device corresponding to the corresponding user information, confirms the IP address which a communication company allocates to the registered mobile device, and verifying whether the user authentication is appropriate according to whether the SMS authentication value transferred from the authentication service component and the generated SMS authentication value coincide with each other and whether the IP address transferred from the authentication service component and the confirmed IP address allocated by the communication company coincide with each other.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication system performing user-centered authentication may include: an authentication service component acting as an authentication procedure of an online service server; and a mobile authentication agent component acting as the authentication procedure of an access terminal which accesses the online service server. Herein, the authentication service component may confirm a mobile authentication agent component corresponding to user information input from the access terminal as basic authentication information, transmit an authentication password value to each of the confirmed mobile authentication agent component and the online service server which the access terminal intends to access, and transmit an authentication success message to the online service server when a password verification value or an authentication agreement value corresponding to the authentication password value is received from the mobile authentication agent component.

Citations

14 Claims

1. An authentication service system performing user authentication by using a short message service (SMS), comprising:
- an authentication service component; and
  
  a verification component,wherein the authentication service component transfers use information received as basic authentication information to the verification component, confirms an IP address which is access information of a mobile device accessed for the user authentication, and transfers the confirmed IP address of the mobile device and an SMS authentication value input from the mobile device to the verification component, andthe verification component generates the SMS authentication value to be used for authenticating the corresponding user to correspond to the transferred user information and transmits the generated SMS authentication value to a registered mobile device corresponding to the corresponding user information, confirms the IP address which a communication company allocates to the registered mobile device, and verifying whether the user authentication is appropriate according to whether the SMS authentication value transferred from the authentication service component and the generated SMS authentication value coincide with each other and whether the IP address transferred from the authentication service component and the confirmed IP address allocated by the communication company coincide with each other.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The authentication service system of claim 1, wherein the SMS authentication value is an authentication value generated by using all or some of the IP addresses which the communication company allocates to the registered mobile device as a seed value.
  - 3. The authentication service system of claim 1, wherein when the user authentication is executed through a mobile application installed in the mobile device of the corresponding user,the authentication service component receives a push ID of the mobile application and transfers the received push ID to the verification component, andthe verification component generates a push authentication value, transmits the push authentication value by referring to the push ID to the mobile application by means of a push message, and uses the push authentication value as an additional authentication element of a user authentication process.
  - 4. The authentication service system of claim 3, wherein the authentication service component transfers the push authentication value received from the accessed mobile device to the verification component, andthe verification component uses whether the push authentication value transferred from the authentication service component and the generated push authentication value additionally coincide with each other for verifying whether the user authentication is appropriate.
  - 5. The authentication service system of claim 1, wherein when the mobile device accessed for the user authentication and the registered mobile device receiving the SMS authentication value are different from each other,the verification component compares positional information acquired to correspond to the IP address of the accessed mobile device and positional information acquired to correspond to current GPS information of the registered mobile device with each other to verify whether the user authentication is appropriate according to whether the mobile devices are within a previously designated position range.
  - 6. The authentication service system of claim 1, wherein the authentication service component is implement in a service server associated with a service which a user intends to access or an authentication agent server that acts as an authentication procedure of the corresponding service server, andthe verification component is implemented in a communication company server or the authentication agent server.

7. An authentication system performing user-centered authentication, comprising:
- an authentication service component acting as an authentication procedure of an online service server; and
  
  a mobile authentication agent component acting as the authentication procedure of an access terminal which accesses the online service server,wherein the authentication service component confirms a mobile authentication agent component corresponding to user information input from the access terminal as basic authentication information, transmits an authentication password value to each of the confirmed mobile authentication agent component and the online service server which the access terminal intends to access, and transmits an authentication success message to the online service server when a password verification value or an authentication agreement value corresponding to the authentication password value is received from the mobile authentication agent component.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The authentication system of claim 7, wherein the authentication service component additionally transmits password valid time information regarding the authentication password value to the online service server, andthe online service server allows a graphical user interface (GUI) allowing the authentication password value and the password valid time to be displayed together through an authentication password display window to be displayed on a screen of the access terminal.
  - 9. The authentication system of claim 8, wherein the authentication service component additionally transmits the password valid time information regarding the authentication password value to the mobile authentication agent component, andthe mobile authentication agent component allows the graphical user interface (GUI) allowing the authentication password value and the password valid time to be displayed together through the authentication password display window to be displayed on the screen of an authenticator.
  - 10. The authentication system of claim 9, wherein the authentication password value is displayed in the authentication password display window by a number string or a character string and the password valid time is displayed in the authentication password display window in a time lapse bar shape to visually guide the lapse of a password valid time.
  - 11. The authentication system of claim 10, wherein the authentication service component updates and generates the authentication password value with the lapse of the password valid time and retransmits the updated and generated authentication pass word value to the online service server and the mobile authentication agent component, andthe authentication password value and the password valid time are updated and displayed in the authentication password display window with the update of the authentication password value.
  - 12. The authentication system of claim 7, wherein after service use is permitted to the online service server in association with the access terminal with the transmission of the authentication success message, when an access closing value is received from the mobile authentication agent component to the authentication service component, the authentication service component confirms whether a transmission subject of the access closing value is the registered mobile authentication agent component corresponding to a service accessor and transmits an access closing request message to the online service server when it is confirmed that the access closing value is received from the registered mobile authentication agent component.
  - 13. The authentication system of claim 7, wherein when an access blocking value is received from the mobile authentication agent component receiving the authentication password value to the authentication service component, the authentication service component confirms whether the transmission subject of the access blocking value is the registered mobile authentication agent component corresponding to the service accessor and transmits an access blocking request message to the online service server when it is confirmed that the access blocking value is received from the registered mobile authentication agent component.
  - 14. The authentication system of claim 13, wherein the authentication service component keeps related information regarding the access terminal in which the access is blocked and automatically blocks an authentication request when the authentication request of the same condition is reattempted from the access terminal in which the access is blocked.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Estorm Co., Ltd.
Original Assignee
Estorm Co., Ltd.
Inventors
WOO, Jong Hyun

Application Number

US15/540,034
Publication Number

US 20180219851A1
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/43   wireless channels

G06F 21/45   Structures or tools for the...

H04L 2209/80   Wireless

H04L 63/083   using passwords cryptograph...

H04L 63/0846   using time-dependent-passwo...

H04L 63/0853   using an additional device,...

H04L 63/0876   based on the identity of th...

H04L 63/107   wherein the security polici...

H04L 63/123   received data contents, e.g...

H04L 63/18   using different networks or...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

H04L 9/3297   involving time stamps, e.g....

H04W 12/06   Authentication

H04W 12/63   Location-dependent; Proximi...

H04W 4/14   Short messaging services, e...

METHOD AND SYSTEM FOR AUTHENTICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR AUTHENTICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links