The present application claims priority, under 35 U.S.C. § 119, from Korean Patent Application No. 10-2015-0094815 filed on Jul. 2, 2015, in the Korean Intellectual Property Office, the entire contents of which are hereby incorporated by reference.
1. Field
Apparatuses and methods consistent with exemplary embodiments relate to a user device, and more particularly, relate to a user device, a method for setting a password thereof, and an operating method for setting and verifying a password thereof.
2. Related Art
User devices include electronic devices such as mobile electronic devices, such as tablet Personal computers (PCs), smart phones, and laptop computers, and desktop computers. With the development of electronic communication technologies, user devices may have a fast communication speed and may transmit or receive a large amount of data. Smart phones among the user devices have been developed into intelligent terminals that perform general computer functions, internet communication functions and information retrieval functions.
Users of smart phones may directly connect to the Internet using a wireless communications and may connect with the Internet in various ways using several browsing programs. Moreover, users of smart phones may directly develop applications or may install various applications through the Internet. Users of smart phones may share applications between smart phones having the same operating system (OS).
As applications are implemented to work with the internet of things (IoT) or wearable devices, users may more conveniently use various applications. Particularly, users may also use applications, such as banking applications for security is important.
To more securely use these applications, users set a password for each of the applications when using the applications. Users set a password of some digits or more and include special characters in the password. However, if someone other than the user knows a user's password for an application, they may log into other devices with the user's information and may use the corresponding application.
Exemplary embodiments of the inventive concept provide a user device which may more securely execute a corresponding application, a method for setting a password thereof, and an operating method for setting and verifying a password thereof.
According to an aspect of an exemplary embodiment, a method for setting a password for operating an application of a user device is provided. The method may include requesting the user device to input a password of the application and requesting the user device to select device binding information (DBI) of the user device to associate with the password.
The DBI may be unique user information stored in the user device. The DBI may be obtained from one or more of contact information, a photo, an e-mail, a file, or an address. The DBI may be matched with all or some of characters of the password.
According to an aspect of another exemplary embodiment, a method for operating an application of a user device is provided. The method may include setting a password of the application by requesting the user device to input the password and requesting the user device to select device binding information (DBI) of the user device to associate with the password and verifying the password to operate the application in which the password is set.
According to an aspect of another exemplary embodiment, a user device is provided. The user device may include a wireless internet unit configured to communicate with the outside to execute an application, an operating system configured to provide an environment to execute the application, a memory configured to save a password of the application, and an input and output interface unit configured to input the password. The application may set the password of the application by requesting the user device to input the password and requesting the user device to select device binding information (DBI) of the user device to associate with the password.
According to an aspect of another exemplary embodiment, a method for setting a password for operating an application of a user device is provided. The method includes: receiving a password of the application; selecting device binding information (DBI) of the user device, the DBI being unique user information stored in the device; and binding the DBI with the password.
The above and other objects and features will become apparent from the following description with reference to the following figures, wherein like reference numerals refer to like parts throughout the various figures unless otherwise specified, and wherein
Hereinafter, exemplary embodiments of the inventive concept will be described in detail with reference to the accompanying drawings so that they may be easily practiced and understood by those skilled in the art to which the inventive concept pertains.
Each of the user devices may save a computer program for performing a specific task or various applications. As applications are implemented to work with the Internet of things (IoT) or a wearable device, a user may execute more convenient, various applications. For example, the user may perform a task such as an account transfer without visiting a bank by using a banking application through a smart phone.
Each of the user devices may set a password to more securely use this application. For example, to use a banking application, the user inputs a password of some digits or more, changes arrangement of characters for inputting a password, or includes special characters or numbers in a password. However, if others know the password of an application of the user in this case, they may log in to other devices with a name of the user and may execute the corresponding application.
Referring to
The user device according to an exemplary embodiment of the inventive concept may set a password in various ways to securely use the application. For example, according to an exemplary embodiment of the inventive concept, the user device may use its device binding information (DBI) when setting a password. Therefore, according to an exemplary embodiment of the inventive concept, although others know a password of an application of a user, unless they have unique user information, they may not log in to the application with a name of the user and may not use the corresponding application.
The wireless internet unit 110 may wirelessly connect the user device 100 to the Internet. The user device 100 may receive and transmit data with an external device, such as another user device or a server computer, through the wireless internet unit 110.
The banking application 120 may be an application program which is installed and executed on the smart phone operating system 130. The banking application 120 may provide a user interface, which may perform online financial transactions, to a user. The banking application 120 may transmit and receive data through the smart phone operating system 130 and the I/O interface unit 150.
The smart phone operating system 130 may provide an environment in which the banking application 120 may be executed. When a password of the banking application 120 is set, the memory 140 may save the set password. The memory 140 may include a volatile memory which loses data when the user device 100 is powered off and a non-volatile memory which maintains data when the user device 100 is powered off. The memory 140 may save a program, such as the banking application 120 or the smart phone operating system 130, as well as the password. The I/O interface unit 150 may be used to input a password when the password of the banking application 120 is set or verified.
In operation S110, the banking application 120 may request the user device 100 to input its password. In operation S120, a user of the user device 100 may input the password through an I/O interface unit 150 of
After inputting the password, an operation S160 of inputting device binding information (DBI) is performed. Herein, the DBI may be unique user information which is saved in a smart phone or a tablet PC of the user. The unique user information may include an image such as a photo and information such as a contact name or a contact phone number. Therefore, in
Returning again to
The password may be saved in a memory 140 of the user device 100 together with the DBI in a process below.
[Password Character+Device Binding Information]
⇒ One way encryption function
⇒ Password bound with specific user device
The DBI may be unique user information which is saved in a user device 100 of
Herein, the DBI1 to the DBI5 may be determined in an order in which photos are selected or in order of names of selected files. Alternatively, the DBI1 to the DBI5 may be determined in any order by a user. For example, the 7th photo fig7 may be selected as the DBI1, and the 2nd photo fig2 may be selected as the DBI2. The 9th photo fig9 may be selected as the DBI3, the 10th photo fig10 may be selected as the DBI4, and the 3rd photo fig3 may be selected as the DBI5.
Since the password has 5 digits, the number of cases in which the password may be set may be 31 by Equation 1 below.
5C1+5C2+5C3+5C4+5C5=5+10+10+5+1=31 Equation 1
As such, although others know a password of an application of a user, it is impossible for them to log in to the application with a name of the user and operate the corresponding application by matching the DBI with all or some of the characters of the password. When unique user information in the user device 100 is deleted, the user may set a password and DBI again.
Referring to
Referring again to
Referring to
Referring again to
In operation S360, the application may determine whether the DBI is an Mth (M is a natural number) DBI. When the DBI is not the Mth DBI, operations S340 and S350 are repeatedly performed. When the DBI is the Mth DBI, in operation S370, an operation of making a security code may be performed. The security code may be made using the password and the DBI.
In operation S380, the security code may be saved. The password, the DBI, and the security code made using the password and the DBI may be saved in a memory of the user device or a server outside the user device. For example, the security code may be saved with a ***.php file name in the user device.
The security code may be saved together with the password and the DBI. When there is a problem in a storage space, a hash value of the DBI may be saved. For example, the password and the DBI may be saved below.
(Password, device binding information)
⇒ (Password, SHA-256(device binding information))
When unique user information in the user device is deleted, the user may set and use a password again.
In operation S410, the application may request the user device to input its password. In operation S420, the password is input in response to the request for inputting the password of the application. In operation S430, the application may receive the password and may calculate a security code. The security code may be calculated using the password and DBI corresponding to respective characters of the password. In operation S440, the application may compare a previously saved security code with the calculated security code. In operation S450, as a result of the comparison, the application may notify the user device of the result of whether the passwords are identical to each other. When the passwords are different from each other, the application may notify the user of the result that the passwords are different from each other. When the passwords are identical to each other, the corresponding application is executed.
The user device according to an exemplary embodiment of the inventive concept may simply verify the password using the security code. In other words, the user device according to an exemplary embodiment of the inventive concept receives only a password in a process of verifying the password. Although receiving only the password, the user device may internally verify the password through a security code using DBI. Therefore, according to an exemplary embodiment of the inventive concept, only a user having a specific user device may execute a corresponding application.
An operating method of the user device may be classified into a password setup step, a security code saving step, and a password verification step. In the password setup step, in operation S510, the application may request the user device to input its password. In operation S520, the application may request the user device to select DBI corresponding to respective characters of the password.
In the security code saving step, in operation S530, the application may generate a security code using the password and the DBI. The generated security code may be saved in a memory of the user device. Alternatively, the generated security code may be saved in a server outside the user device.
In the password verification step, in operation S540, the application may request the user device to input a password. In operation S550, the application may receive the password and may verify a security code. The application may calculate a security code and may compare the calculated security code with a previously saved security code. When the passwords are different from each other, the application may notify the user of the result that the passwords are different from each other. When the passwords are identical to each other, the corresponding application may be executed.
The user device according to an exemplary embodiment of the inventive concept may use DBI when setting a password. Therefore, others know a password of the user, unless they do not have unique user information, they may not use a corresponding application by logging in to the application with a name of the user. Also, the user device according to an exemplary embodiment of the inventive concept may simply verify the password using the security code. In other words, although receiving only a password, the user device according to an exemplary embodiment of the inventive concept may verify the password through a security code using DBI.
While the inventive concept has been described with reference to exemplary embodiments, it will be apparent to those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the inventive concept. Therefore, it should be understood that the above embodiments are not limiting, but illustrative.
Number | Date | Country | Kind |
---|---|---|---|
10-2015-0094815 | Jul 2015 | KR | national |
Number | Name | Date | Kind |
---|---|---|---|
6970827 | Zeltzer | Nov 2005 | B2 |
7178025 | Scheidt | Feb 2007 | B2 |
7353536 | Morris | Apr 2008 | B1 |
7653818 | Serpa | Jan 2010 | B2 |
7679133 | Son et al. | Mar 2010 | B2 |
8214892 | Cohen et al. | Jul 2012 | B2 |
8347103 | Jones et al. | Jan 2013 | B2 |
8392975 | Raghunath | Mar 2013 | B1 |
8499342 | MacWan | Jul 2013 | B1 |
8553466 | Han et al. | Oct 2013 | B2 |
8558790 | Kim | Oct 2013 | B2 |
8559235 | Yoon et al. | Oct 2013 | B2 |
8654587 | Yoon et al. | Feb 2014 | B2 |
8732477 | Osborn et al. | May 2014 | B2 |
8881251 | Hilger | Nov 2014 | B1 |
8938797 | Bedworth | Jan 2015 | B2 |
8997177 | Yudkin et al. | Mar 2015 | B2 |
9037993 | McLean | May 2015 | B2 |
9246686 | Holland | Jan 2016 | B1 |
20030182232 | Zeltzer | Sep 2003 | A1 |
20080092216 | Kawano | Apr 2008 | A1 |
20080235772 | Janzen | Sep 2008 | A1 |
20080313721 | Corella | Dec 2008 | A1 |
20080320310 | Florencio | Dec 2008 | A1 |
20090037986 | Baker | Feb 2009 | A1 |
20090077653 | Osborn et al. | Mar 2009 | A1 |
20090121271 | Son et al. | May 2009 | A1 |
20090143052 | Bates | Jun 2009 | A1 |
20100180336 | Jones et al. | Jul 2010 | A1 |
20100239087 | Chaisson | Sep 2010 | A1 |
20100287382 | Gyorffy | Nov 2010 | A1 |
20110016520 | Cohen et al. | Jan 2011 | A1 |
20110202982 | Alexander et al. | Aug 2011 | A1 |
20110216603 | Han et al. | Sep 2011 | A1 |
20110233648 | Seol et al. | Sep 2011 | A1 |
20120051143 | Yoon et al. | Mar 2012 | A1 |
20120066505 | Brown | Mar 2012 | A1 |
20120110498 | McLean | May 2012 | A1 |
20130021249 | Bedworth | Jan 2013 | A1 |
20130138968 | Yudkin et al. | May 2013 | A1 |
20130232437 | Kim | Sep 2013 | A1 |
20130279262 | Yoon et al. | Oct 2013 | A1 |
20140223550 | Nagar | Aug 2014 | A1 |
20140310805 | Kandekar | Oct 2014 | A1 |
20140359734 | Natividad | Dec 2014 | A1 |
20140380508 | Cao | Dec 2014 | A1 |
20150249658 | Lee | Sep 2015 | A1 |
20150287432 | Nakano | Oct 2015 | A1 |
20160381009 | Liou | Dec 2016 | A1 |
Number | Date | Country |
---|---|---|
10-1381799 | Apr 2014 | KR |
Number | Date | Country | |
---|---|---|---|
20170006015 A1 | Jan 2017 | US |