WO2014165865A2 - Method and apparatus of authenticating user - Google Patents

Method and apparatus of authenticating user Download PDF

Info

Publication number
WO2014165865A2
WO2014165865A2 PCT/US2014/034818 US2014034818W WO2014165865A2 WO 2014165865 A2 WO2014165865 A2 WO 2014165865A2 US 2014034818 W US2014034818 W US 2014034818W WO 2014165865 A2 WO2014165865 A2 WO 2014165865A2
Authority
WO
WIPO (PCT)
Prior art keywords
string
data
numbers
text
authentication
Prior art date
Application number
PCT/US2014/034818
Other languages
French (fr)
Other versions
WO2014165865A3 (en
Inventor
Kiyoung Kim
Junhyuk YUN
Original Assignee
Ahnlab, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ahnlab, Inc. filed Critical Ahnlab, Inc.
Publication of WO2014165865A2 publication Critical patent/WO2014165865A2/en
Publication of WO2014165865A3 publication Critical patent/WO2014165865A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/40User authentication by quorum, i.e. whereby two or more security principals are required
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation

Definitions

  • the present technology relates to a method and apparatus of authenticating a user and an apparatus for performing the same, and more particularly, to a method and apparatus of authenticating a normal user using string data including text or numbers .
  • user authentication for electronic commerce on the Internet or joining membership is essential and various methods thereof are used.
  • user authenticating methods there is a user authenticating method using string data including text or numbers.
  • the string data including a series of text and/or numbers is displayed on a screen of a user terminal such that a user inputs read information, and a normal user is authenticated based on whether the inputted information is identical to the text data.
  • the string data may be created randomly or inputted or provided by a user.
  • the string data may be displayed in the form of text with excellent legibility such as print letters on the user terminal, since illegal actions using automatic recognition utilizing electronic equipment such as a computer and a malicious use thereof are happened frequently, legibility of the string data is intentionally reduced by a computer to improve security.
  • a typical case of reducing legibility of the string data by computing is to output string data not in the form of text but an image.
  • a first one is to enlarge and output some text or numbers enabling a user to distinguish the enlarged text or numbers from the remaining text or numbers and a user should input the distinguished text or numbers for the user authentication; and a second one is to distort text in an image.
  • the first method has still high legibility of the string data by computing and cannot block malicious use effectively.
  • the second method makes legibility of the string data too inferior so that a normal user is obstructed to the normal use Especially, when the string data are not input or provided by a user but are randomly created, the legibility of the inputted string data is more inferior and hinders the normal user authentication.
  • the present technology provides 1) a method of authenticating a user by making the thickness of some of the text or numbers of string data to include text or numbers different from that of the remaining text or numbers to enable a user to distinguish the outputted text or numbers from the remaining text or numbers such that legibility of the outputted text or numbers by computing is inferior but legibility thereof by a human is not excessively inferior, and 2) an apparatus for performing the same.
  • the present technology provides 1) a method of authenticating a user using string data including all of the information inputted or provided by a user and newly created information to prevent legibility of the string data from being excessively inferior and 2) an apparatus for performing the same .
  • the technical subjects of the present invention are not limited to the foregoing technical subjects, and there may be other technical subjects.
  • a method of authenticating a user including: receiving a first string of data including text or numbers; determining a second string of data including text or numbers to be used for authentication; creating a third string of data including at least some of the first string of data and at least some of the second string of data; outputting an image file or a sound file in which some text or numbers of the third string of data are distinguished from the remaining text or numbers of the third string of data; receiving data for authentication corresponding to some text or numbers; and processing the authentication based on a compared result of the data for authentication with the third string of data.
  • said determining a second string of data comprises extracting the second string of data from a verification result of validity of the first string of data.
  • said outputting an image file or a sound file comprises selecting some text or numbers randomly.
  • said outputting an image file or a sound file comprises outputting the image file in which the thickness of some text or numbers is made different from that of the remaining text or numbers to distinguish between them.
  • said outputting an image file or a sound file comprises outputting the sound file in which a sound volume of some text or numbers is made different from that of the remaining text or numbers to distinguish between them.
  • a method of authenticating a user including: creating a string of data including text or numbers to be used for authentication; outputting some text or numbers of the string of data by making the thickness of some text or numbers different from the remaining text or numbers to distinguish; receiving data for authentication corresponding to some text or numbers; and processing the authentication based on a compared result of the inputted data for authentication with the string of data.
  • said outputting some text or numbers comprises selecting some text or numbers randomly.
  • a user authentication apparatus including: a data input unit configured to receive a first string of data including text or numbers and data for authentication; a string-determining unit configured to determine a second string of data including text or numbers to be used for authentication; a string generation unit configured to create a third string of data including at least some of the first string of data and at least some of the second string of data; a string output unit configured to output an image file or a sound file in which some text or numbers of the third string of data are distinguished from the remaining text or numbers of the third string of data; and an authentication processing unit configured to process authentication based on a compared result of the data for authentication inputted to correspond to some text or numbers with the third string of data.
  • the string-determining unit is configured to extract the second string of data from the verification result of the validity of the first string of data.
  • the string output unit is configured to select some text or numbers randomly.
  • the string output unit is configured to output an image file in which the thickness of some of the text or numbers is made different from that of the remaining text or numbers to distinguish between them.
  • the string output unit is configured to output a sound file in which the sound volume of some text or numbers is made different from that of the remaining text or numbers to distinguish between them.
  • a user authentication apparatus including: a string generation unit configured to create a string of data including text or numbers to be used for authentication; a string output unit configured to make the thickness of some of the text or numbers of the string of data different from that of the remaining text or numbers of the string of data and output some text or numbers of the string data with a different thickness to distinguish between them; a data input unit configured to receive data for authentication corresponding to some text or numbers; and an authentication processing unit configured to process authentication based on a compared result of the inputted data for authentication with the string data.
  • the string output unit is configured to select some text or numbers randomly.
  • some text or numbers of the string data including text and numbers are outputted with a thickness different from that of the remaining text or numbers to enable a user to distinguish the outputted text or numbers so that legibility of the outputted text or numbers by computing are inferior and legibility thereof by a human is prevented from being too inferior .
  • string data including all of information inputted or provided by a user and newly created information is used for the user authentication to prevent the legibility by a human from being excessively inferior.
  • Authentication information is irregularly (randomly) selected based on trade information inputted by a user and verification information to provide image file or sound file so that legibility or audibility by human is increased to prevent unnecessary erroneous trade caused by an erroneous input.
  • FIG. 1 is a schematic diagram of an electronic commerce authentication system including a user authentication apparatus in accordance with an embodiment of the present invention
  • FIG. 2 is a detailed block diagram of a user authentication apparatus in accordance with a first embodiment of the present invention
  • FIG. 3 is a sequential diagram of a method of authenticating a user performed by a user authentication apparatus in accordance with the first embodiment of the present invention
  • FIG. 4 is an illustrative view showing an example of an image file for authentication outputted by a user terminal by a user authentication apparatus and a user authentication method according to an embodiment of the present . invention
  • FIG. 5 is a detailed block diagram of a user authentication apparatus in accordance with a second embodiment of the present invention.
  • FIG. 6 is a flowchart illustrating a method of authenticating a user performed by a user authenticating apparatus in accordance with the second embodiment of the present invention.
  • FIG. 1 is a schematic diagram illustrating an electronic commerce authentication system including a user authentication apparatus in accordance with an embodiment of the present invention .
  • the electronic commerce authentication system is configured such that an electronic commerce server 30 including or associated with a user authentication apparatus 100 may be connected to a user terminal 10 via a communication network 20.
  • the user authentication apparatus 100 is configured to receive information inputted or provided to the user terminal 10 by a user via the communication network 20, create new information for the authentication, and use string data including all of information transmitted from the user authentication apparatus 100 and newly created information for the user authentication.
  • the string data for the user authentication is reproduced after transmission to the user terminal 10 via the communication network 20.
  • the user authentication apparatus 100 receives read information or inputted information via the communication network 20 and processes authentication for a normal user based on results of comparing the read information or inputted information with string data when a user inputs the read information to the user terminal 10.
  • FIG. 2 shows Detailed configuration of the user authentication apparatus 100 in accordance with the first embodiment of the present invention.
  • FIG. 3 shows a sequential diagram illustrating a method of authenticating a user in accordance with the first embodiment of the present invention .
  • the user authentication apparatus is configured to output an image file for authentication in which the thickness of some text or numbers of string data including text or numbers is made different from that of the remaining text or numbers to distinguish between them, receive information read or inputted by a user via the communication network 20, and process the authentication for a normal user based on results of comparing the read information with the string data when a user inputs the read information, to the user terminal 10 after the user terminal 10 receives the image file for authentication via the communication network 20 and reproduces the received image file on a screen.
  • the user authentication apparatus in accordance with a second embodiment is distinguished from that of the first embodiment by indicating a reference number 00' in FIG. 5.
  • FIG. 6 shows a method of authenticating a user in accordance with the second embodiment of the present invention.
  • FIG. 2 is a detailed block diagram of a user authentication apparatus 100 in accordance with a first embodiment of the present invention.
  • the user authentication apparatus 100 includes a data input unit 110, a string-determining unit 120, a string generation unit 130, a text output unit 140, and an authentication processor 150.
  • the data input unit 110 receives first string of data including text or numbers from the user terminal 10 via the communication network 20.
  • the data input unit 110 also receives data for authentication corresponding to string data for authentication reproduced by the user terminal 10 via the communication network 20 when the data for authentication is inputted to the user terminal 10.
  • the string-determining unit 120 determines second string of data including text or numbers to be used for authentication.
  • the string-determining unit 120 may extract the second string of data from verification results of validation for the first string of data.
  • the string generation unit 130 creates third string of data including at least some of the first string of data and at least some of the second string of data.
  • the text output unit 140 outputs string data for authentication in which some text or some numbers of the third string of data are distinguished from the remaining text or the remaining numbers of the third string data as an image file or a sound file.
  • the text output unit 140 may select some text or some numbers randomly and may create an image file or a sound file such that the selected text or numbers are distinguished from the remaining text or numbers.
  • the image file or the sound file may be created by making the thickness of the some text or the some numbers different from those of the remaining text or the remaining numbers. Otherwise, the image file or the sound file may be created by making sound volume of the some text or the some numbers different from that of the remaining text or the remaining numbers.
  • the authentication processor 150 receives the read data or inputted data via the communication network 20 and processes authentication for a normal user based on compared results of the received data with the third string data.
  • FIG. 3 is a sequential diagram of a method of authenticating a user performed by a user authentication apparatus 100 in accordance with the first embodiment of the present invention.
  • the method of authenticating a user includes receiving first string data including text or numbers (Block S201 to S205) , determining second string data including text or numbers to be used for authentication from verification results of validation of the first string data (Block S207 to S209) , creating third string data including at least some of the first string data and at least some of the second string data (Block S211), selecting some text or some numbers of the third string data randomly and outputting an image file or a sound file in which the selected some text or the selected some numbers are distinguished from the remaining text or the remaining numbers (Block S213) , receiving data for authentication corresponding to the some text or the some numbers (Block S215 to S225) , and processing authentication based on comparing results of the input data for authentication with the third string data (Block S227 to S233)
  • the image file created from the third string data may be displayed such that some text or some numbers are thicker than the remaining text or the remaining numbers, as an example indicated by a reference number '300' of FIG. 4.
  • the sound file created from the third string data may be expressed such that sound volumes of the some text or the some numbers are louder than the remaining text or the remaining numbers.
  • the input string data is transmitted to the electronic commerce server 30 via the communication network 20 (Block S203) and the first string data is inputted to the data input unit 110 of the user authentication apparatus 100 (Block S205) .
  • a user may input 'Sample 12410111' as the first string data based on account information of an account number 12410111 of Sample bank.
  • the string-determining unit 120 of the user authentication apparatus 100 determines the second string data including text or numbers to be used for authentication from the verification results of validation of the first string data at S207.
  • the string-determining unit 120 may perform verification for data validation through a banking server (not shown) for the account number and may determine 'Thomson' as the second string data in accordance with the verification results for data validation when an account holder of the account number 1240111 is 'Thomson'.
  • the string generation unit 130 creates the third string data including at least some of the first string data and at least some of the second string data (Block S211) .
  • the string generation unit 130 may create 'Sample 12410111 Thomson' as the third string data.
  • the authentication output unit 140 selects some text or numbers of the third string data randomly and outputs an image file or a sound file in which the selected some text or numbers are distinguished from the remaining text or numbers (Block S213) .
  • the authentication output unit 140 may output an image of 'Sample 12410111 Thomson' in which some text or numbers selected from 'Sample 12410111 Thomson' are made thicker to distinguish.
  • the authentication unit 140 may create and output a sound file in which the some text or numbers have a louder sound volume instead of making the some text or numbers thicker .
  • the image file or sound file created and outputted as described above is transmitted via the electronic commerce server 30 and the communication network 20 (Block S215), is inputted to the user terminal (Block S217), and is reproduced by the user terminal 10 (Block S219) .
  • a user recognizes an image Sample 12410111 Thomson' in which the some text or numbers are thicker or a sound in which the some text or numbers are louder.
  • an image in which the some text or numbers are thicker and a sound in which the some text or numbers are louder may be provided together.
  • a user recognizes the some text or numbers distinguished from the remaining text or numbers from the reproduced information and inputs data for authentication corresponding to the recognized information (Block S221).
  • the data for authentication inputted by a user is transmitted via the communication network 20 by the user terminal 10 (Block S223) and is inputted to the data input unit 110 of the user authentication apparatus 100 (Block S225) .
  • the authentication processor 150 compares the data for authentication inputted at Block S225 with the third string data created at Block S211 (Block S227) and processes authentication based on the compared result (Block S229) . For example, if the some text or numbers randomly selected from the third string data at Block S213 are identical to the data for authentication inputted at Block S221, the authentication processor 150 authenticates a user as a normal user.
  • the authenticated result is then transmitted via the communication network 20 by the user authentication apparatus 100 (Block S231) and the user terminal 10 received the authenticated result outputs the authenticated result as an image or a sound such that a user may recognize the authenticated result (Block S233) .
  • the third string data can be created without the second string data but only the first string data in step S211.
  • the number of the some text or numbers randomly selected may be increased to provide equality of security.
  • FIG. 5 is a detailed block diagram of a user authentication apparatus 400 in accordance with a second embodiment of the present invention.
  • the user authentication apparatus 400 includes a data input unit 410, a string generation unit 420, a string output unit 430, and an authentication processing unit 440.
  • the data input unit 410 receives string data including text or numbers to be used for authentication from the user terminal 10 via the communication network 20 and data for authentication corresponding to the string data for authentication reproduced by the user terminal 10 via the communication network 20 when the data for authentication is inputted to the user terminal 10.
  • the string generation unit 420 selects at least some of the string data and creates string data for authentication.
  • the string output unit 430 outputs an image file in which the thickness of some text or numbers of the string data for authentication is made different from the remaining text or numbers to distinguish.
  • the authentication processing unit 440 receives the read data or inputted data via the communication network 20 and processes authentication for a normal user based on compared results of the received data with the string data for authentication.
  • FIG. 6 is a flowchart illustrating a method of authenticating a user performed by the user authenticating apparatus 400 in accordance with the second embodiment of the present invention.
  • the method of authenticating a user includes receiving string data including text or numbers (Block S501) , creating string data for authentication including at least some of the string data randomly selected from the string data (Block S503), outputting an image file in which the thickness of the some text or numbers randomly selected from the string data for authentication are made different from the remaining text or numbers to distinguish between them (Block S505) , receiving data for authentication corresponding to the some text or numbers (Block S507), and processing authentication based on comparing results of the input data for authentication with the string data for authentication (Block S509 to S513) .
  • the input string data is transmitted to the electronic commerce server 30 via the communication network 20 and the string data is inputted to the data input unit 410 of the user authentication apparatus 400.
  • a user may input Sample 12410111 Thomson' as the first string data based on the account information of an account number 12410111 and an account holder Thomson of Sample bank.
  • the string generation unit 420 of the user authentication apparatus 400 selects some text or numbers from the string data randomly (Block S501) and creates the string data for authentication to be used for authentication (Block S503) .
  • the string generation unit 420 may not receive the string data from the user terminal 10 but may create the string data for authentication directly.
  • the string output unit 430 outputs an image file in which the randomly-selected some text or numbers are distinguished from the remaining text or numbers (Block S505) .
  • the string output unit 430 may output an image file of ' 'Sample 12410111 Thomson' in which some text or numbers of ⁇ Sample 12410111 Thomson' are selected and made thicker to distinguish.
  • the created and outputted image file is inputted to the user terminal 10 via the electronic commerce server 30 and the communication network 20 and is reproduced by the user terminal 10.
  • a user recognizes the image in which the some text or numbers of , Sample 12410111 Thomson' are thicker as illustrated in FIG. 4. Then, a user identifies the some text or numbers distinguished from the remaining text or numbers from the reproduced information and inputs data for authentication corresponding to the identified information.
  • the data for authentication inputted by a user is transmitted via the communication network 20 by the user terminal 10 and is inputted to the data input unit 410 of the user authentication apparatus 400 (Block S507).
  • the authentication processing unit 440 compares the data for authentication inputted in step S507 with the string data created in step S503 (Block S509) and processes the authentication based on the compared result (Block S511). For example, the authentication processing unit 440 may authenticate a normal user when the some text or numbers randomly selected at Block S502 are identical to the data for authentication inputted at Block S507.
  • the authenticated result is outputted by the authentication processing unit 440 (Block S513) , the authenticated result is transmitted via the communication network 20 by the user authentication apparatus 400 and the user terminal 10 received the same may output the authenticated result as an image such that a user may recognize the authenticated result.
  • the computer program instructions in order to implement functions in specific manner, may be stored in a memory useable or readable by a computer aiming for a computer or other programmable data processing apparatus, the instruction stored in the memory useable or readable by a computer may produce manufacturing items including an instruction device for performing functions described in the respective blocks of the block diagrams and in the respective steps of the sequence diagram.
  • the computer program instructions may be loaded in a computer or other programmable data processing apparatus, instructions, a series of processing steps of which is executed in a computer or other programmable data processing apparatus to create processes executed by a computer to operate a computer or other programmable data processing apparatus, may provide steps for executing functions described in the respective blocks of the block diagrams and the respective sequences of the sequence diagram.
  • the respective blocks or the respective sequences may indicate modules, segments, or some of codes including at least one executable instruction for executing a specific logical function ( s ) .
  • functions described in the blocks or the sequences may run out of order. For example, two successive blocks and sequences may be substantially executed simultaneously or often in reverse order according to corresponding functions.
  • ⁇ method of authenticating a user includes receiving a first string of data including text or numbers; determining a second string of data including text or numbers to be used for authentication; creating a third string of data including at least some of the first string of data and at least some of the second string of data; outputting an image file or a sound file in which the some text or numbers of the third string of data are distinguished from the remaining text or numbers of the third string of data; receiving data for authentication corresponding to the some text or numbers; and processing authentication based on a compared result of the data for authentication with the third string of data.
  • a decision step could be carried out by a decision-making unit in a processor by implementing a decision algorithm.
  • this decision-making unit can exist physically or effectively, for example in a computer's processor when carrying out the aforesaid decision algorithm.
  • the above analysis is to be applied to other steps described herein .

Abstract

A method of authenticating a user includes receiving a first string of data including text or numbers; determining a second string of data including text or numbers to be used for authentication; creating a third string of data including at least some of the first string of data and at least some of the second string of data; outputting an image file or a sound file in which the some text or numbers of the third string of data are distinguished from the remaining text or numbers of the third string of data; receiving data for authentication corresponding to the some text or numbers; and processing authentication based on a compared result of the data for authentication with the third string of data.

Description

METHOD AND APPARATUS OF AUTHENTICATING USER
CROSS-REFERENCE TO RELATED APPLICATIONS
The present application is related to and claims priority to South Korean Patent Application No. 10-2013-0025995, filed March 12, 2013, which is hereby incorporated by reference in its entirety.
TECHNICAL FIELD
The present technology relates to a method and apparatus of authenticating a user and an apparatus for performing the same, and more particularly, to a method and apparatus of authenticating a normal user using string data including text or numbers .
BACKGROUND ART
As known in the art, user authentication for electronic commerce on the Internet or joining membership is essential and various methods thereof are used. Among the user authenticating methods, there is a user authenticating method using string data including text or numbers.
In the authentication method using the string data, the string data including a series of text and/or numbers is displayed on a screen of a user terminal such that a user inputs read information, and a normal user is authenticated based on whether the inputted information is identical to the text data. The string data may be created randomly or inputted or provided by a user.
Though the string data may be displayed in the form of text with excellent legibility such as print letters on the user terminal, since illegal actions using automatic recognition utilizing electronic equipment such as a computer and a malicious use thereof are happened frequently, legibility of the string data is intentionally reduced by a computer to improve security.
A typical case of reducing legibility of the string data by computing is to output string data not in the form of text but an image.
The method of outputting string data in the form of an image brings some inferior of legibility of the string data by computing and due to this reason this method was used in the beginning .
However, recently an image processing by computing is developed so that the malicious use cannot be prevented only by the image outputting method.
Thus, in the existing art, there are some methods. A first one is to enlarge and output some text or numbers enabling a user to distinguish the enlarged text or numbers from the remaining text or numbers and a user should input the distinguished text or numbers for the user authentication; and a second one is to distort text in an image.
However, the first method has still high legibility of the string data by computing and cannot block malicious use effectively.
The second method makes legibility of the string data too inferior so that a normal user is obstructed to the normal use Especially, when the string data are not input or provided by a user but are randomly created, the legibility of the inputted string data is more inferior and hinders the normal user authentication.
DISCLOSURE
In view of the above, the present technology provides 1) a method of authenticating a user by making the thickness of some of the text or numbers of string data to include text or numbers different from that of the remaining text or numbers to enable a user to distinguish the outputted text or numbers from the remaining text or numbers such that legibility of the outputted text or numbers by computing is inferior but legibility thereof by a human is not excessively inferior, and 2) an apparatus for performing the same.
Further, the present technology provides 1) a method of authenticating a user using string data including all of the information inputted or provided by a user and newly created information to prevent legibility of the string data from being excessively inferior and 2) an apparatus for performing the same .
The technical subjects of the present invention are not limited to the foregoing technical subjects, and there may be other technical subjects.
In accordance with a first aspect of the present invention, there is provided a method of authenticating a user including: receiving a first string of data including text or numbers; determining a second string of data including text or numbers to be used for authentication; creating a third string of data including at least some of the first string of data and at least some of the second string of data; outputting an image file or a sound file in which some text or numbers of the third string of data are distinguished from the remaining text or numbers of the third string of data; receiving data for authentication corresponding to some text or numbers; and processing the authentication based on a compared result of the data for authentication with the third string of data.
Further, said determining a second string of data comprises extracting the second string of data from a verification result of validity of the first string of data.
Further, said outputting an image file or a sound file comprises selecting some text or numbers randomly.
Further, said outputting an image file or a sound file comprises outputting the image file in which the thickness of some text or numbers is made different from that of the remaining text or numbers to distinguish between them.
Further, said outputting an image file or a sound file comprises outputting the sound file in which a sound volume of some text or numbers is made different from that of the remaining text or numbers to distinguish between them.
In accordance with a second aspect of the present invention, there is provided a method of authenticating a user including: creating a string of data including text or numbers to be used for authentication; outputting some text or numbers of the string of data by making the thickness of some text or numbers different from the remaining text or numbers to distinguish; receiving data for authentication corresponding to some text or numbers; and processing the authentication based on a compared result of the inputted data for authentication with the string of data.
Further, said outputting some text or numbers comprises selecting some text or numbers randomly.
In accordance with a third aspect of the present invention, there is provided a user authentication apparatus including: a data input unit configured to receive a first string of data including text or numbers and data for authentication; a string-determining unit configured to determine a second string of data including text or numbers to be used for authentication; a string generation unit configured to create a third string of data including at least some of the first string of data and at least some of the second string of data; a string output unit configured to output an image file or a sound file in which some text or numbers of the third string of data are distinguished from the remaining text or numbers of the third string of data; and an authentication processing unit configured to process authentication based on a compared result of the data for authentication inputted to correspond to some text or numbers with the third string of data.
Further, the string-determining unit is configured to extract the second string of data from the verification result of the validity of the first string of data.
Further, the string output unit is configured to select some text or numbers randomly.
Further, the string output unit is configured to output an image file in which the thickness of some of the text or numbers is made different from that of the remaining text or numbers to distinguish between them.
Further, the string output unit is configured to output a sound file in which the sound volume of some text or numbers is made different from that of the remaining text or numbers to distinguish between them.
In accordance with a fourth aspect of the present invention, there is provided a user authentication apparatus including: a string generation unit configured to create a string of data including text or numbers to be used for authentication; a string output unit configured to make the thickness of some of the text or numbers of the string of data different from that of the remaining text or numbers of the string of data and output some text or numbers of the string data with a different thickness to distinguish between them; a data input unit configured to receive data for authentication corresponding to some text or numbers; and an authentication processing unit configured to process authentication based on a compared result of the inputted data for authentication with the string data.
Further, the string output unit is configured to select some text or numbers randomly.
EFFECTS
In accordance with one or more embodiments of the present invention, some text or numbers of the string data including text and numbers are outputted with a thickness different from that of the remaining text or numbers to enable a user to distinguish the outputted text or numbers so that legibility of the outputted text or numbers by computing are inferior and legibility thereof by a human is prevented from being too inferior .
Moreover, string data including all of information inputted or provided by a user and newly created information is used for the user authentication to prevent the legibility by a human from being excessively inferior.
Thus, attacks by memory hacking or estimation of trade information can be defended so that high reliability for electronic commerce can be provided. Authentication information is irregularly (randomly) selected based on trade information inputted by a user and verification information to provide image file or sound file so that legibility or audibility by human is increased to prevent unnecessary erroneous trade caused by an erroneous input. DESCRIPTION OF DRAWINGS
FIG. 1 is a schematic diagram of an electronic commerce authentication system including a user authentication apparatus in accordance with an embodiment of the present invention;
FIG. 2 is a detailed block diagram of a user authentication apparatus in accordance with a first embodiment of the present invention;
FIG. 3 is a sequential diagram of a method of authenticating a user performed by a user authentication apparatus in accordance with the first embodiment of the present invention;
FIG. 4 is an illustrative view showing an example of an image file for authentication outputted by a user terminal by a user authentication apparatus and a user authentication method according to an embodiment of the present . invention;
FIG. 5 is a detailed block diagram of a user authentication apparatus in accordance with a second embodiment of the present invention; and
FIG. 6 is a flowchart illustrating a method of authenticating a user performed by a user authenticating apparatus in accordance with the second embodiment of the present invention.
BEST MODE
The advantages and features of exemplary embodiments the present invention and methods of accomplishing them will be clearly understood from the following description of the embodiments taken in conjunction with the accompanying drawings. However, the present invention is not limited to those embodiments and may be implemented in various forms. It should be noted that the embodiments are provided to make a full disclosure and also to allow those skilled in the art to know the full scope of the present invention. Therefore, the present invention will be defined only by the scope of the appended claims.
In the following description, well-known functions or constitutions will not be described in detail if they would unnecessarily obscure the embodiments of the invention. Further, the terminologies to be described below are defined in consideration of functions in the invention and may vary depending on a user's or operator's intention or practice. Accordingly, the definition may be made on a basis of the content throughout the specification.
FIG. 1 is a schematic diagram illustrating an electronic commerce authentication system including a user authentication apparatus in accordance with an embodiment of the present invention .
As illustrated, the electronic commerce authentication system is configured such that an electronic commerce server 30 including or associated with a user authentication apparatus 100 may be connected to a user terminal 10 via a communication network 20. In accordance with a first embodiment of the present invention, the user authentication apparatus 100 is configured to receive information inputted or provided to the user terminal 10 by a user via the communication network 20, create new information for the authentication, and use string data including all of information transmitted from the user authentication apparatus 100 and newly created information for the user authentication. The string data for the user authentication is reproduced after transmission to the user terminal 10 via the communication network 20. The user authentication apparatus 100 receives read information or inputted information via the communication network 20 and processes authentication for a normal user based on results of comparing the read information or inputted information with string data when a user inputs the read information to the user terminal 10.
Detailed configuration of the user authentication apparatus 100 in accordance with the first embodiment of the present invention is shown in FIG. 2 while FIG. 3 shows a sequential diagram illustrating a method of authenticating a user in accordance with the first embodiment of the present invention .
Meanwhile, in accordance with a second embodiment of the present invention, the user authentication apparatus is configured to output an image file for authentication in which the thickness of some text or numbers of string data including text or numbers is made different from that of the remaining text or numbers to distinguish between them, receive information read or inputted by a user via the communication network 20, and process the authentication for a normal user based on results of comparing the read information with the string data when a user inputs the read information, to the user terminal 10 after the user terminal 10 receives the image file for authentication via the communication network 20 and reproduces the received image file on a screen. The user authentication apparatus in accordance with a second embodiment is distinguished from that of the first embodiment by indicating a reference number 00' in FIG. 5. FIG. 6 shows a method of authenticating a user in accordance with the second embodiment of the present invention.
Hereinafter, the first embodiment and the second embodiment of the present invention will be separately described.
<First Embodiment>
FIG. 2 is a detailed block diagram of a user authentication apparatus 100 in accordance with a first embodiment of the present invention.
As illustrated, the user authentication apparatus 100 includes a data input unit 110, a string-determining unit 120, a string generation unit 130, a text output unit 140, and an authentication processor 150.
The data input unit 110 receives first string of data including text or numbers from the user terminal 10 via the communication network 20. The data input unit 110 also receives data for authentication corresponding to string data for authentication reproduced by the user terminal 10 via the communication network 20 when the data for authentication is inputted to the user terminal 10.
The string-determining unit 120 determines second string of data including text or numbers to be used for authentication. The string-determining unit 120 may extract the second string of data from verification results of validation for the first string of data.
The string generation unit 130 creates third string of data including at least some of the first string of data and at least some of the second string of data.
The text output unit 140 outputs string data for authentication in which some text or some numbers of the third string of data are distinguished from the remaining text or the remaining numbers of the third string data as an image file or a sound file. The text output unit 140 may select some text or some numbers randomly and may create an image file or a sound file such that the selected text or numbers are distinguished from the remaining text or numbers. The image file or the sound file may be created by making the thickness of the some text or the some numbers different from those of the remaining text or the remaining numbers. Otherwise, the image file or the sound file may be created by making sound volume of the some text or the some numbers different from that of the remaining text or the remaining numbers.
When a user inputs read information to the user terminal 10 after the user terminal 10 received the image file or the sound file as the string data for authentication outputted by the text output unit 140 and reproduced the received file, the authentication processor 150 receives the read data or inputted data via the communication network 20 and processes authentication for a normal user based on compared results of the received data with the third string data.
FIG. 3 is a sequential diagram of a method of authenticating a user performed by a user authentication apparatus 100 in accordance with the first embodiment of the present invention.
As illustrated, the method of authenticating a user includes receiving first string data including text or numbers (Block S201 to S205) , determining second string data including text or numbers to be used for authentication from verification results of validation of the first string data (Block S207 to S209) , creating third string data including at least some of the first string data and at least some of the second string data (Block S211), selecting some text or some numbers of the third string data randomly and outputting an image file or a sound file in which the selected some text or the selected some numbers are distinguished from the remaining text or the remaining numbers (Block S213) , receiving data for authentication corresponding to the some text or the some numbers (Block S215 to S225) , and processing authentication based on comparing results of the input data for authentication with the third string data (Block S227 to S233)
The image file created from the third string data may be displayed such that some text or some numbers are thicker than the remaining text or the remaining numbers, as an example indicated by a reference number '300' of FIG. 4. The sound file created from the third string data may be expressed such that sound volumes of the some text or the some numbers are louder than the remaining text or the remaining numbers.
Hereinafter, the method of authenticating a user performed by the user authentication apparatus 100 in accordance with the first embodiment of the present invention will be described in detail with reference to FIGS. 1 to 4.
First, when a user inputs the first string data including text or numbers using an interface of the user terminal 10 (Block S201) , the input string data is transmitted to the electronic commerce server 30 via the communication network 20 (Block S203) and the first string data is inputted to the data input unit 110 of the user authentication apparatus 100 (Block S205) . For example, a user may input 'Sample 12410111' as the first string data based on account information of an account number 12410111 of Sample bank.
At Block S209, the string-determining unit 120 of the user authentication apparatus 100 determines the second string data including text or numbers to be used for authentication from the verification results of validation of the first string data at S207. For example, the string-determining unit 120 may perform verification for data validation through a banking server (not shown) for the account number and may determine 'Thomson' as the second string data in accordance with the verification results for data validation when an account holder of the account number 1240111 is 'Thomson'.
After that, the string generation unit 130 creates the third string data including at least some of the first string data and at least some of the second string data (Block S211) . For example, the string generation unit 130 may create 'Sample 12410111 Thomson' as the third string data.
Next, the authentication output unit 140 selects some text or numbers of the third string data randomly and outputs an image file or a sound file in which the selected some text or numbers are distinguished from the remaining text or numbers (Block S213) . For example, the authentication output unit 140, as illustrated in FIG. 4, may output an image of 'Sample 12410111 Thomson' in which some text or numbers selected from 'Sample 12410111 Thomson' are made thicker to distinguish. The authentication unit 140 may create and output a sound file in which the some text or numbers have a louder sound volume instead of making the some text or numbers thicker .
The image file or sound file created and outputted as described above is transmitted via the electronic commerce server 30 and the communication network 20 (Block S215), is inputted to the user terminal (Block S217), and is reproduced by the user terminal 10 (Block S219) . In this case, as illustrated in FIG. 4, a user recognizes an image Sample 12410111 Thomson' in which the some text or numbers are thicker or a sound in which the some text or numbers are louder. For example, for the blind and partially sighted people, an image in which the some text or numbers are thicker and a sound in which the some text or numbers are louder may be provided together. Then, a user recognizes the some text or numbers distinguished from the remaining text or numbers from the reproduced information and inputs data for authentication corresponding to the recognized information (Block S221).
Subsequently, the data for authentication inputted by a user is transmitted via the communication network 20 by the user terminal 10 (Block S223) and is inputted to the data input unit 110 of the user authentication apparatus 100 (Block S225) .
Next, the authentication processor 150 compares the data for authentication inputted at Block S225 with the third string data created at Block S211 (Block S227) and processes authentication based on the compared result (Block S229) . For example, if the some text or numbers randomly selected from the third string data at Block S213 are identical to the data for authentication inputted at Block S221, the authentication processor 150 authenticates a user as a normal user.
The authenticated result is then transmitted via the communication network 20 by the user authentication apparatus 100 (Block S231) and the user terminal 10 received the authenticated result outputs the authenticated result as an image or a sound such that a user may recognize the authenticated result (Block S233) .
Meanwhile, even if Block S207 is excluded or included in the first embodiment, the third string data can be created without the second string data but only the first string data in step S211. In this case, the number of the some text or numbers randomly selected may be increased to provide equality of security.
<Second Embodiment>
FIG. 5 is a detailed block diagram of a user authentication apparatus 400 in accordance with a second embodiment of the present invention.
As illustrated, the user authentication apparatus 400 includes a data input unit 410, a string generation unit 420, a string output unit 430, and an authentication processing unit 440.
The data input unit 410 receives string data including text or numbers to be used for authentication from the user terminal 10 via the communication network 20 and data for authentication corresponding to the string data for authentication reproduced by the user terminal 10 via the communication network 20 when the data for authentication is inputted to the user terminal 10.
The string generation unit 420 selects at least some of the string data and creates string data for authentication.
The string output unit 430 outputs an image file in which the thickness of some text or numbers of the string data for authentication is made different from the remaining text or numbers to distinguish.
When a user inputs read information to the user terminal 10 after the user terminal 10 received the image file as the string data for authentication outputted by the string output unit 430 and reproduced the received file, the authentication processing unit 440 receives the read data or inputted data via the communication network 20 and processes authentication for a normal user based on compared results of the received data with the string data for authentication.
FIG. 6 is a flowchart illustrating a method of authenticating a user performed by the user authenticating apparatus 400 in accordance with the second embodiment of the present invention.
As illustrated, the method of authenticating a user includes receiving string data including text or numbers (Block S501) , creating string data for authentication including at least some of the string data randomly selected from the string data (Block S503), outputting an image file in which the thickness of the some text or numbers randomly selected from the string data for authentication are made different from the remaining text or numbers to distinguish between them (Block S505) , receiving data for authentication corresponding to the some text or numbers (Block S507), and processing authentication based on comparing results of the input data for authentication with the string data for authentication (Block S509 to S513) .
Hereinafter, the method of authenticating a user performed by the user authentication apparatus 400 in accordance with the second embodiment of the present invention will be described in detail with reference to FIGS. 1 and 4 to 6.
First, when a user inputs string data including text or numbers using an interface of the user terminal 10, the input string data is transmitted to the electronic commerce server 30 via the communication network 20 and the string data is inputted to the data input unit 410 of the user authentication apparatus 400. For example, a user may input Sample 12410111 Thomson' as the first string data based on the account information of an account number 12410111 and an account holder Thomson of Sample bank.
Then, the string generation unit 420 of the user authentication apparatus 400 selects some text or numbers from the string data randomly (Block S501) and creates the string data for authentication to be used for authentication (Block S503) . In this case, the string generation unit 420 may not receive the string data from the user terminal 10 but may create the string data for authentication directly.
Next, the string output unit 430 outputs an image file in which the randomly-selected some text or numbers are distinguished from the remaining text or numbers (Block S505) . For example, the string output unit 430, as illustrated in FIG 4, may output an image file of ''Sample 12410111 Thomson' in which some text or numbers of ^Sample 12410111 Thomson' are selected and made thicker to distinguish.
The created and outputted image file is inputted to the user terminal 10 via the electronic commerce server 30 and the communication network 20 and is reproduced by the user terminal 10. In this case, a user recognizes the image in which the some text or numbers of ,Sample 12410111 Thomson' are thicker as illustrated in FIG. 4. Then, a user identifies the some text or numbers distinguished from the remaining text or numbers from the reproduced information and inputs data for authentication corresponding to the identified information.
After that, the data for authentication inputted by a user is transmitted via the communication network 20 by the user terminal 10 and is inputted to the data input unit 410 of the user authentication apparatus 400 (Block S507).
Next, the authentication processing unit 440 compares the data for authentication inputted in step S507 with the string data created in step S503 (Block S509) and processes the authentication based on the compared result (Block S511). For example, the authentication processing unit 440 may authenticate a normal user when the some text or numbers randomly selected at Block S502 are identical to the data for authentication inputted at Block S507.
When the authenticated result is outputted by the authentication processing unit 440 (Block S513) , the authenticated result is transmitted via the communication network 20 by the user authentication apparatus 400 and the user terminal 10 received the same may output the authenticated result as an image such that a user may recognize the authenticated result.
The combinations of each step in respective blocks of block diagrams and a sequence diagram attached herein may be carried out by computer program instructions. Since the computer program instructions may be loaded in processors of a general purpose computer, a special purpose computer, or other programmable data processing apparatus, the instructions, carried out by the processor of the computer or other programmable data processing apparatus, create devices for performing functions described in the respective blocks of the block diagrams or in the respective steps of the sequence diagram. Since the computer program instructions, in order to implement functions in specific manner, may be stored in a memory useable or readable by a computer aiming for a computer or other programmable data processing apparatus, the instruction stored in the memory useable or readable by a computer may produce manufacturing items including an instruction device for performing functions described in the respective blocks of the block diagrams and in the respective steps of the sequence diagram. Since the computer program instructions may be loaded in a computer or other programmable data processing apparatus, instructions, a series of processing steps of which is executed in a computer or other programmable data processing apparatus to create processes executed by a computer to operate a computer or other programmable data processing apparatus, may provide steps for executing functions described in the respective blocks of the block diagrams and the respective sequences of the sequence diagram.
Moreover, the respective blocks or the respective sequences may indicate modules, segments, or some of codes including at least one executable instruction for executing a specific logical function ( s ) . In several alternative embodiments, is noticed that functions described in the blocks or the sequences may run out of order. For example, two successive blocks and sequences may be substantially executed simultaneously or often in reverse order according to corresponding functions.
The explanation as set forth above is merely described a technical idea of the exemplary embodiments of the present invention, and it will be understood by those skilled in the art to which this invention belongs that various changes and modifications may be made without departing from the scope of the essential characteristics of the embodiments of the present invention. Therefore, the exemplary embodiments disclosed herein are not used to limit the technical idea of the present invention, but to explain the present invention, and the scope of the technical idea of the present invention is not limited to these embodiments. Therefore, the scope of the present invention should be construed as defined in the following claims and changes, modifications and equivalents that fall within the technical idea of the present invention are intended to be embraced by the scope of the claims of the present invention.
All elements, parts and steps described herein are preferably included. It is to be understood that any of these elements, parts and steps may be replaced by other elements, parts and steps or deleted altogether as will be obvious to those skilled in the art.
This writing discloses at least the following. Ά method of authenticating a user includes receiving a first string of data including text or numbers; determining a second string of data including text or numbers to be used for authentication; creating a third string of data including at least some of the first string of data and at least some of the second string of data; outputting an image file or a sound file in which the some text or numbers of the third string of data are distinguished from the remaining text or numbers of the third string of data; receiving data for authentication corresponding to the some text or numbers; and processing authentication based on a compared result of the data for authentication with the third string of data.
The person skilled in the art will understand that the method steps mentioned in this description may be carried out by hardware including but not limited to processors; input devices comprising at least keyboards, mouse, scanners, cameras; output devices comprising at least monitors, printers
The method steps are to be carried out with the appropriate devices when needed. For example, a decision step could be carried out by a decision-making unit in a processor by implementing a decision algorithm. The person skilled in the art will understand that this decision-making unit can exist physically or effectively, for example in a computer's processor when carrying out the aforesaid decision algorithm. The above analysis is to be applied to other steps described herein .

Claims

1. A method of authenticating a user comprising:
receiving a first string of data including text or numbers;
determining a second string of data including text or numbers to be used for authentication;
creating a third string of data including at least some of the first string of data and at least some of the second string of data;
outputting an image file or a sound file in which some text or numbers of the third string of data are distinguished from the remaining text or numbers of the third string of data; receiving data for authentication corresponding to the some text or numbers; and
processing the authentication based on a compared result of the data for authentication with the third string of data.
2. The method of claim 1, wherein said determining a second string data comprises extracting the second string data from a verification result of validity of the first string of data.
3. The method of claim 1, wherein said outputting an image file or a sound file comprises selecting the some text or numbers randomly.
4. The method of claim 1, wherein said outputting an image file or a sound file comprises outputting the image file in which the thickness of the some of the text or numbers is made different from that of the remaining text or numbers to distinguish between them.
5. The method of claim 1, wherein said outputting an image file or a sound file comprises outputting the sound file in which a sound volume of the some text or numbers is made different from that of the remaining text or numbers to distinguish between them.
6. A method of authenticating a user comprising:
creating string data including text or numbers to be used for authentication;
outputting some text or numbers of the string data by making the thickness of some text or numbers different from those of the remaining text or numbers to distinguish;
receiving data for authentication corresponding to the some text or numbers; and
processing authentication based on a compared result of the inputted data for authentication with the string of data.
7. The method of claim 6, wherein said outputting some text or numbers comprises selecting the some text or numbers selected randomly.
8. A user authentication apparatus comprising:
a data input unit configured to receive a first string of data including text or numbers and data for authentication; a string-determining unit configured to determine a second string of data including text or numbers to be used for authentication;
a string generation unit configured to create third string of data including at least some of the first string of data and at least some of the second string of data;
a string output unit configured to output an image file or a sound file in which some text or numbers of the third string of data are distinguished from the remaining text or numbers of the third string of data; and
an authentication processing unit configured to process authentication based on a compared result of the data for authentication inputted to correspond to the some text or numbers with the third string of data.
9. The user authentication apparatus of claim 8, wherein the string-determining unit is configured to extract the second string of data from the verification result of the validity of the first string of data.
10. The user authentication apparatus of claim 8, wherein the string output unit is configured to select the some text or numbers randomly.
11. The user authentication apparatus of claim 8, wherein the string output unit is configured to output an image file in which the thickness of the some text or numbers is different from that of the remaining text or numbers to distinguish between them.
12. The user authentication apparatus of claim 8, wherein the string output unit is configured to output a sound file in which the sound volume of the some text or numbers is different from that of the remaining text or numbers to distinguish between them.
13. A user authentication apparatus comprising:
a string generation unit configured to create a string of data including text or numbers to be used for authentication; a string output unit configured to make the thickness of some text or numbers of the string of data different from that of the remaining text or numbers of the string of data and output the some text or numbers of the string of data with a different thickness to distinguish between them;
a data input unit configured to receive data for authentication corresponding to the some text or numbers; and an authentication processing unit configured to process authentication based on a compared result of the inputted data for authentication with the string of data.
14. The user authentication apparatus of claim 13, wherein the string output unit is configured to select the some text or numbers randomly.
PCT/US2014/034818 2013-03-12 2014-04-21 Method and apparatus of authenticating user WO2014165865A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020130025995A KR101444666B1 (en) 2013-03-12 2013-03-12 User authentification method and apparatus
KR10-2013-0025995 2013-03-12

Publications (2)

Publication Number Publication Date
WO2014165865A2 true WO2014165865A2 (en) 2014-10-09
WO2014165865A3 WO2014165865A3 (en) 2014-12-04

Family

ID=51659370

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2014/034818 WO2014165865A2 (en) 2013-03-12 2014-04-21 Method and apparatus of authenticating user

Country Status (2)

Country Link
KR (1) KR101444666B1 (en)
WO (1) WO2014165865A2 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102652936B1 (en) * 2021-07-20 2024-03-28 주식회사 케이티앤지 Aerosol generating system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070005500A1 (en) * 2005-06-20 2007-01-04 Microsoft Corporation Secure online transactions using a captcha image as a watermark
US20090094687A1 (en) * 2007-10-03 2009-04-09 Ebay Inc. System and methods for key challenge validation
US20100095350A1 (en) * 2008-10-15 2010-04-15 Towson University Universally usable human-interaction proof
US20120167204A1 (en) * 2010-12-22 2012-06-28 Yahoo! Inc Isolation tool for user assistance in solving a captcha test

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070005500A1 (en) * 2005-06-20 2007-01-04 Microsoft Corporation Secure online transactions using a captcha image as a watermark
US20090094687A1 (en) * 2007-10-03 2009-04-09 Ebay Inc. System and methods for key challenge validation
US20100095350A1 (en) * 2008-10-15 2010-04-15 Towson University Universally usable human-interaction proof
US20120167204A1 (en) * 2010-12-22 2012-06-28 Yahoo! Inc Isolation tool for user assistance in solving a captcha test

Also Published As

Publication number Publication date
KR20140111748A (en) 2014-09-22
WO2014165865A3 (en) 2014-12-04
KR101444666B1 (en) 2014-10-01

Similar Documents

Publication Publication Date Title
US10599912B2 (en) Analysis of reflections of projected light in varying colors, brightness, patterns, and sequences for liveness detection in biometric systems
US10198783B2 (en) Dynamic digital watermark
Yu et al. EvoPass: Evolvable graphical password against shoulder-surfing attacks
US20210076212A1 (en) Recognizing users with mobile application access patterns learned from dynamic data
US7913292B2 (en) Identification and visualization of trusted user interface objects
CN114144781A (en) Identity verification and management system
US9430627B2 (en) Method and system for enforced biometric authentication
US10044725B2 (en) Controlling access to online resources using device validations
US10404723B1 (en) Method and system for detecting credential stealing attacks
US9426328B2 (en) Dynamic digital watermark
US9355237B2 (en) User verification using touch and eye tracking
US20160026862A1 (en) Eye reflected content for verification of user liveliness
US10275684B2 (en) Authentication method and apparatus, and method and apparatus for training a recognizer
CN106357411A (en) Identity verification method and device
SE1650416A1 (en) Secure storage of fingerprint related elements
CN106330915A (en) Voice verification processing method and device
Lone et al. A novel OTP based tripartite authentication scheme
EP3528151A1 (en) Method and apparatus for user authentication
US20160125239A1 (en) Systems And Methods For Secure Iris Imaging
WO2014165865A2 (en) Method and apparatus of authenticating user
CN111046804A (en) Living body detection method, living body detection device, electronic equipment and readable storage medium
JPWO2018066426A1 (en) Fake web page discrimination device, fake web page discrimination system, fake web page discrimination method and fake web page discrimination program
WO2016023289A1 (en) Mobile terminal screen unlocking method and apparatus and storage medium
CN105847216A (en) Identity authentication method and device
CN109214212A (en) Information leakage protection method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14779989

Country of ref document: EP

Kind code of ref document: A2

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 23.12.2015)

122 Ep: pct application non-entry in european phase

Ref document number: 14779989

Country of ref document: EP

Kind code of ref document: A2