KR20180107455A - Photograph Sliding Pass - Google Patents

Abstract

The present invention discloses a user authentication method which sets a password and inputs the password by using a picture image. The user authentication method according to the present invention utilizes emotional factor such as memories, feeling and experiences of a user with respect to the picture, so that the user can conveniently and interestingly use. The user authentication method comprises the following steps of: setting a password input screen; setting a password input position; setting a sliding pass; and generating user authentication information by using the password input screen, the password input position and the sliding pass.

Description

Photo Sliding Pass

The present invention relates to a user authentication method, and more particularly, to a user authentication method and a computer program for a photo sliding path for setting and inputting a password using a photo image to perform a user authentication process.

The use of numbers, letters, and patterns as passwords is not only difficult for users to remember passwords, but also because they are vulnerable to hacking such as ambient exposure and can not reflect interests, tastes, or emotions. A graphical user authentication (GUA) system has been studied. However, the technology has not yet been activated because of the high security and easy-to-use technology.

The reason why password authentication can not be implemented by using photograph images so far is that the structure of the photographic image itself is not formed by a clear line but is connected to a smooth connection surface without a precise boundary line, This is because you can not specify a point or pixel exactly.

Especially, since there are a lot of small pixels in a high-resolution photograph, there is a problem that even if a specific point is designated, the position can not be accurately confirmed again.

FIG. 1 shows an example of a photographed image enlarged in order to view the structure of pixels constituting a photographic image. FIG. 1 (a) shows a part of an image enlarged (b) ) An image of a graphic image composed of pixels like an image is shown.

Because the digital image is made up of faces, the monitor exposes that image with a very small number of pixels that are joined together on a small plane. More than three million pixels are usually used to represent a common photographic image, and the higher the number of pixels, the higher the resolution of the image. Therefore, after selecting a specific point out of 3 million pixels that are not visible in the photograph, the point can not be accurately reselected.

In order to use a graphic image such as a photograph, a character, or a picture as a password, it is necessary to set a specific value on the graphic image and to confirm the authenticity with the same value by comparing the newly inputted value with the set value. I can not use it as a password for a photographic image that has to store it, and be able to select or assign the same value at any time, but with a myriad of choices that can not be specified.

As an alternative to this, a method using a grid password system (FIG. 2 (a)) has been proposed in which a zone is constantly divided on a photograph and a password is set by selecting this zone. 2 is a diagram for explaining a method of setting a password by selecting a specific area of a photographic image according to the related art.

However, this method reveals the inconvenience and limitations of the use, such that the point to be selected in the photograph is located on the dividing line (21), and several selection points are located in one partition (22).

To overcome this problem, a method of setting a touch point as a password (Fig. 2 (b)) has been developed. However, this user authentication method is the biggest weakness that the user can set as a point of interest (POI) in the photograph, and the user can not set the point of interest It is vulnerable to predictive attack and low security because everyone can guess the point almost exactly.

When researching and developing photo passwords, it is predicted that the number of pixels that can be selected at the time of setting the selection point is greatly increased, so that the security is greatly improved compared to the character passwords that must be selected within a limited number. However, Points of interest) were very limited.

In addition, as shown in FIG. 2 (b), when a plurality of major portions (such as eyes, nose, and lips) which are points of interest of a photograph are located in a narrow region, There is a problem in that a pass-point can not be freely set at a desired location.

Therefore, when the range of the touch area is widened, there are few points of interest to be selected, and security is poor due to easy prediction. If the range of the touch area is narrowed, it is inconvenient to touch the point of interest accurately. Use was not activated.

In reality, the user authentication using a picture (which is prior to Windows 8 using character password authentication) installed on Windows 10 can be easily predicted by a third party on the photographic image selected as a password screen, ) Is not as diverse as I think it is, so it is vulnerable to speculative attacks.

Accordingly, in general, a password authentication method using a graphic or photo image can not be used only as a method of listing multiple pictures, characters, icons, and selecting one or more of them as in the case of Facebook (FIG. 3) (Facebook uses a way to list and find face photos).

3 is a diagram for explaining a method of processing password authentication by selection of a graphic image according to the related art. However, this method is also vulnerable to ambient exposure and speculative attack.

In recent years, the drag and drop method, which has developed this grid method and is resistant to exposure and key logging, has been adopted for user authentication of mobile phone unlocking and PINTECH.

Unlocking the recently released smartphone 'drag and drop' is a way to select specific graphic images listed on the grid and then drag them to match specific locations, making them cumbersome and difficult to use, It is also difficult to use it on the small screen and it is inconvenient to use it immediately.

On the other hand, the emergence of IoT (Internet of Things) realizing wearable devices such as smart watches and smart bands, Smart Home, and connected car technologies that measure, store and utilize personal health information and activity information in real time The unlocking and user authentication of a portable terminal serving as a device for controlling, adjusting, and controlling the mobile terminal becomes increasingly important.

In addition, unlike previous desktop PC passwords, which are only used in certain places, the user authentication that is performed in the portable terminal can be used anytime and anywhere without any restriction. Therefore, security and security such as instant use and easy user authentication are prevented. Is becoming more important, but it does not go far beyond the conventional passwords that use letters or patterns that are particularly vulnerable to ambient exposure.

Biometric authentication, which has emerged as an alternative to this, is advantageous in that authentication is easy and there is no surrounding exposure when inputting. However, since it is unique physical information of an individual that can not be replaced because there is only one leak, , Identity theft, and other social crushing and abuse problems. In fact, millions of fingerprint information leaked by public institutions in the US could be a serious social problem because of the leakage of hacking information. It was revealed.

As an alternative to this, a graphic image password (GIP) technique has been studied for a long period of time together with biometric authentication, but the graphic image password methods according to the prior art mainly use only the external features of the photographs of the form, It does not maximize security using graphic images because it does not utilize the emotional elements hidden in photographs such as user's feelings, memories, habits, learning, knowledge, experience and emotions. We have not been able to provide users with sex or interest, so we have not got as much attention as biometric authentication, and technological advancement is lagging behind.

It is an object of the present invention to provide a new user authentication method capable of satisfying user convenience and password security by using a photograph as a graphic image.

It is another object of the present invention to provide a user authentication method that allows a user to conveniently and easily use an emotional element such as a user's memory, experience, and feeling of a photographic image.

In addition, since the present invention can utilize an aesthetic element, a design, a constitutive element, and an emotional element, which are merely possessed by a graphic image, it is possible to design a password input screen having a hard and hard feeling composed mainly of functions in a colorful, interesting, It is aimed not only to be able to use the user authentication function but also to extend the functionality such as photo albums, terminal screen decoration, advertisement utilization and so on, thereby improving user satisfaction and terminal usability.

According to another aspect of the present invention, there is provided a method of authenticating a user using a photo sliding pass, the method comprising: setting a password input screen as one or more photo images selected by a user; An interest point setting step of setting a position selected by the user on a photo image set as a password input screen to a password input position; A sliding pass setting step of receiving a sliding password at the password input position from the user; And an authentication information generating step of generating authentication information for the user by combining the password input screen, the password input location, and the input sliding path.

The point of interest setting step may include setting an area selected by the user as a password input position among the areas obtained by dividing the photo image set as the password input screen into a predetermined number.

The sliding path setting step may include a step of recognizing a direction in which the user slides after touching and setting a sliding in a corresponding direction as a sliding path corresponding to the password input position.

The user authentication method may further include displaying a plurality of password setting areas on the photo image set as the password input screen and providing an area selection icon, Moving or touching one of the plurality of password setting areas to one of the plurality of password setting areas, the area selection icon is moved or the password setting area that is touched is determined as a password input position.

The sliding path setting step may include inputting one of a leftward sliding, an upward sliding, a rightward sliding, a downward sliding, or a diagonal sliding between the directions as a sliding password.

The step of setting the sliding pass may further comprise the step of separately setting a Quick Sliding Password to allow user authentication to be completed with one sliding pass input from one password input screen even when a plurality of password input screens are set .

The user authentication method may further include setting a number of dummy images requiring a random touch at a random position after inputting a sliding pass in one or more photo images set as the password input screen.

A user authentication method using a photo sliding pass according to another embodiment of the present invention includes a photo image confirmation step of determining whether a photo image selected by a user from among a plurality of photo images displayed on a user terminal is a photo image set as a password input screen Wow; An interest point confirmation step of determining whether the selected sliding image is input at a predetermined password input position with respect to the password input screen when the selected photo image is a password input screen and the user inputs a sliding path on the selected photo image Wow; A sliding path checking step of determining whether the sliding path is identical to a predetermined sliding path with respect to the password input screen when the sliding path is inputted at a predetermined password input position; And determining that the user authentication is successful if the sliding path is the same as the predetermined sliding path.

In the user authentication method, when all of the plurality of photo images displayed on the user terminal are selected, when inputting the sliding pass on all the password input screens set in the user authentication information is not completed, the sliding pass input is prohibited and only image browsing And providing a password lock screen.

The user authentication method may further include unlocking the password input so that the password input is resumed when a photo image corresponding to the preset password unlock screen is selected and a password unlocking method is input at a predetermined input position on the corresponding photo image .

According to the present invention, it is possible to provide a user authentication method that can be easily and memorably used by a user by utilizing emotional elements that are not exposed in appearance, such as memories, experiences, and feelings of the users of photographs.

In addition, according to the present invention, the primary security is set only by the user selecting a picture to be used as the password input screen among the plurality of pictures, and the secondary security is set by selecting the points of interest for each picture again. Graphic Image Password system has a security problem because it blocks the guessing attack due to easy point of interest prediction, which is a fundamental problem. Therefore, it is almost impossible for a third party to predict a password.

In addition, according to the present invention, since the sliding password corresponding to each password input screen is selected from among various sliding motions, tertiary security is set, security is further improved, and key logging can be prevented because sliding motion is used.

In addition, according to the present invention, by using the dummy image, a fourth party security can be set so that a third party can hardly predict which password is set in which photo.

According to the present invention, since the shape of the password input screen is different for each user, even if the password input scene is exposed, it is difficult for the third party to confirm the input screen and the input position.

In addition, according to the present invention, a user can promptly and intuitively input a password while viewing a picture without deliberately memorizing the password. This makes it possible to use passwords without any educational background, nationality, or knowledge, such as children, elderly or resident aliens. When a photograph is used as a character in a graphic image, it is advantageous to create intimacy and can be used as a promotional or advertising medium .

In addition, according to the present invention, by setting a Quick Sliding Pass, a user can quickly open a terminal or use a user authentication immediately. When applied to wearable products or IoT products, it is possible to increase user friendliness, reliability of products and completeness of products while maintaining exposure prevention and security.

In addition, when the password is locked due to a password guessing attack by another person, the image browsing function is operated without displaying the fact that the password is locked, so that the other person can not recognize that the password is locked, It is possible to effectively prevent speculative attacks.

In addition, it allows you to set passwords for familiar graphic images such as characters, as well as pictures taken by yourself, so that it is not as difficult or unreliable as existing password input methods, it is used naturally even in front of many people, Can be personalized and originally decorated.

FIG. 1 is an example of a photographed image enlarged to show a structure of a pixel constituting a photographic image.
2 is a diagram for explaining a method of setting a password by selecting a specific area of a photo according to the related art.
3 is a diagram for explaining a method of processing password authentication by graphic image selection according to the related art.
4 is a flowchart illustrating a method of setting a photo sliding path by a user authentication method according to an embodiment of the present invention.
FIG. 5 illustrates a screen for setting a password using a photograph according to an embodiment of the present invention.
6 to 8 illustrate a password setting screen using a password setting icon according to an embodiment of the present invention.
FIG. 9 shows examples of the sliding pass according to an embodiment of the present invention.
10 is a flowchart illustrating a method of inputting a photo sliding path by a user authentication method according to an embodiment of the present invention.
FIG. 11 illustrates a screen for inputting a photo sliding path using a photograph according to an embodiment of the present invention.
FIG. 12 illustrates a screen when a user authentication using a photograph fails.
13 is a view for explaining a dummy image according to an embodiment of the present invention.
14 is a view for explaining a quick sliding pass according to an embodiment of the present invention.

The terms used in this specification will be briefly described and the present invention will be described in detail.

While the present invention has been described in connection with what is presently considered to be the most practical and preferred embodiment, it is to be understood that the invention is not limited to the disclosed embodiments. Also, in certain cases, there may be a term selected arbitrarily by the applicant, in which case the meaning thereof will be described in detail in the description of the corresponding invention. Therefore, the term used in the present invention should be defined based on the meaning of the term, not on the name of a simple term, but on the entire contents of the present invention.

When an element is referred to as "including" an element throughout the specification, it is to be understood that the element may include other elements as well, without departing from the spirit or scope of the present invention. The term " means ", "part "," module ", etc. in the specification means units for processing at least one function or operation, Lt; / RTI >

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art can easily carry out the present invention. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.

The user authentication method using the photo sliding path according to the present invention can be performed by a computing system having a processor, a memory, and an input / output device.

For example, the present invention can be applied to a user authentication procedure required to log in or unlock a user terminal such as a smart phone, a tablet PC, a notebook computer, and a desktop, that is, a password setting process and a password input process.

The present invention can also be applied to a user authentication procedure for accessing a server through a user terminal in a system in which a user terminal and a server are linked through a network.

At this time, the network may be various types of wired / wireless communication networks such as an Internet network, an intranet, a mobile communication network, and the like.

In particular, a remote terminal connected through a network is a means for communicating with a user authentication system and inputting a password, and is a means for inputting a password, which may be a smart phone, a tablet PC, a notebook computer, a personal computer, a smart TV, a game machine, Such as a digital door lock of a doorway that can be opened, an automatic teller machine (ATM) connected to a network, an automated unmanned banking machine, and a complaint document issuer.

In addition, the remote terminal may be an Internet of Things (IoT) product such as an electric appliance, a gas boiler, a power switch, and a speaker capable of wired / wireless communication.

Alternatively, the remote terminal may be an IoT controller that is connected to a wireless communication network and controls various IoT products by a short-range wireless communication method such as Bluetooth or Zigbee, a connected car, a home robot, Or a wearable product such as a smart watch.

In addition, it may be in the form of a mobile device such as a smart phone or tablet computer interlocked with various IoT products.

In addition, if the above definition is satisfied, there is no restriction on the type of hardware.

4 is a flowchart illustrating a method of setting a photo sliding path by a user authentication method according to an embodiment of the present invention.

According to the present invention, a user can select one or a plurality of photo images stored in the terminal as a password input screen, and set a point of interest and a corresponding sliding path for each selected photo image.

In the present invention, the photo image used as the password input screen is not limited to a photograph captured by a camera, but also a captured image such as a character, a cartoon, a sketch, a drawing, an animation or a video, an illustration, Graphics images may also be included.

Also, a graphic image that can be used as a password input screen can be retrieved from a photo storage folder in a user terminal such as a smart phone, downloaded from an external server, scanned, drawn, or directly photographed.

The screen in which a user browses an image for setting a password or entering a password may be implemented in various forms and is not limited to this method. For example, it is possible to arrange image icons in a checkerboard shape, scroll left or right or up and down to move the page and select a desired image, arrange the images in a circular or cylindrical shape, To display an image and to view the next or previous image as a sliding input.

Referring to FIG. 4, in the image setting step S40, one or more images selected by the user are set as a password input screen.

The user can load and display the photographic images in the photo storage box of the terminal device and use one or more photographic images as the password input screen. The third party can not distinguish which one of these pictures is used as the password input screen, so it is difficult to predict and hack the password. For the third party, the picture browsing screen serves only as a photo album for browsing the picture.

Since the user directly selects the password input screen from among the photographs acquired or held by the user, the result of using the recognition information, the emotion information, and the knowledge information, which are one of the characteristics of the photographic image, can enhance security.

In the point of interest setting step S42, the position selected by the user on the image set as the password input screen is set as the password input position.

The password input position is a point of interest in which a user wishes to input a password, and does not represent any one pixel of the image but represents an area including a plurality of pixels.

In order to set the point of interest, the picture corresponding to the password input screen is divided into a plurality of blocks, and the user can select one block.

When a user selects a specific picture or intentionally selects a specific part of a picture, a photograph or a specific location that already includes the information experienced or learned is selected. At this time, the user's memories (memories, experiences, associations, , Learning, etc.). Thus, the owner of the terminal can instantly and intuitively judge the photographs and points of interest selected by him or her, and can memorize long without any effort, but it is difficult for other users to find out or memorize them.

 In particular, even if the same objects are photographed at the same position and time at the same time with the same photographing equipment, the images captured by the photographer are different from each other, which is a characteristic of the photographs in which sensitivity, knowledge, experience, Since it is the characteristic of the image of the photograph that can detect the dog of the dog immediately, security and convenience can be increased together. In addition, since each of the plurality of photographs can additionally set points of interest, safety is ensured.

Convenience is simple when password is used, but convenience is poor when safety is low and safety is high. According to the present invention, it is possible to simultaneously solve the problem of convenience and safety, which are characteristics of password and dilemma.

It is especially beneficial in that it is the only password that is vulnerable to exposure, such as a text password, while solving the problem that one of the biggest problems of biometrics authentication is lost or damaged physical information, hacking password can not be freely replaced or replaced.

In the sliding path setting step S44, a sliding password is input from the user to the password input position. According to an embodiment, instead of receiving a sliding path from a user, a predetermined sliding path predetermined as a sliding path may be used. For example, 'left slide' for moving between photographs can be used as a sliding pass.

When the password input position is selected by the block division method, the user can set the sliding pass by inputting the sliding password starting from the block selected by the user.

In the authentication information generation step S46, authentication information for the user is generated by combining the set password input screen, the password input position, and the information about the sliding pass.

In the user authentication information, one password input screen, information on a password input position and a sliding pass corresponding thereto can be stored. When a plurality of photographic images are used, a plurality of password input screens and a password input position And information on the sliding path.

When a plurality of password input screens are set, the user can set a password by selecting a password input screen, setting a password input position, and inputting a sliding pass several times.

On the other hand, since a large number of photographic images may be stored in the user terminal, inputting a password through a screen listing all photographic images may be inconvenient to use. Accordingly, once the user selects one or a plurality of password input screens, the user authentication screen can be configured by selecting a predetermined number of photo images other than the photo image (s) corresponding to the password input screen.

For example, if a user selects two pictures as a password input screen, ten different pictures can be arbitrarily selected, and a total of twelve pictures can be arranged on the lock screen of the user terminal. At this time, the two pictures selected as the password input screen will be inserted in any of 12 pictures. In this case, the pictures for the two input screens can be continuously arranged at the top in consideration of the convenience. However, considering the security for the exposure and the prediction, N different pictures can be arranged between the two input screen pictures, The order of the N pictures used in the present invention may be changed or rearranged dynamically according to the user's intention or during use. The user can input the password while rotating the twelve photographs.

The user can set the number of pictures to be included in the lock screen or select the pictures to set the configuration of the terminal's lock screen as desired. That is, besides the picture (s) corresponding to the password input screen, a favorite picture can be selected to constitute a lock screen, thereby functioning as a photo album which can be viewed even in a locked state. At this time, if the convenience of the user is prioritized, the arrangement of the input screen can be arranged toward the front side or the number of the layout photographs can be reduced.

Especially, you can set your favorite or familiar graphic images such as characters, cartoons, illustrations, works, as well as family photographs, trips, scenery photographs, celebrity photos taken by oneself, so you do not have a sense of rejection. It can be used naturally because it can not be stolen, and it can customize the lock screen and password input screen of the terminal to be unique and original according to the user's taste.

When applied to a wearable product, a product utilizing IoT technology, or a device that controls it, it is possible to utilize intuitive and quick access while maintaining exposure and security regardless of the place or the surrounding environment, And the utilization of design such as the UI of the product is increased, so that the differentiation and completeness of the product are enhanced.

FIG. 5 illustrates a screen for setting a sliding pass using a photograph according to an embodiment of the present invention.

The user selects a password input screen on which a password is to be set while viewing and rotating a plurality of pictures. In the example of FIG. 5, the two pictures 50 and 51 are selected as the password input screen and the password is set, and the three pictures 52, 53 and 54 are pictures without password setting.

When the user then tries to touch the photos 50 and 51 having the password setting at the time of browsing the images for the password input, the touch position and the sliding path are analyzed to determine whether they are the same as the set password, , And if the user touches a picture 52, 53, 54 without a password, the next picture will be displayed and displayed without performing a separate password check procedure.

When a user selects a desired photo image 50 as a password input screen, a layer displayed by dividing the corresponding photo image into N regions is created and displayed on the screen. In the example of FIG. 5, it can be seen that it is divided into six regions.

The number of the six regions for dividing the photograph at this time is an example for explanation. The number of the divided regions is not limited, and the number of divided regions may be smaller or smaller considering the size of the terminal screen, the style of the photograph, Can be adjusted to a large extent.

When the user touches one area in the layer and selects the area, the corresponding area is set as the password input position, and information about the corresponding area is stored. The sliding of the user starting from the touch point is set and stored as the sliding path.

In the example of FIG. 5, since the user touches the area No. 3 in the picture 50 selected as the password input screen and inputs the sliding in the left direction, the information about the picture 50 and the area No. 3 The direction sliding pass will be stored as the user authentication information.

5, the user additionally selects the other picture 51 as the password input screen, touches the area 2, and performs the left sliding. Therefore, the information about the picture, the password input position information corresponding to the area 2, The sliding path information will also be stored as the authentication information of this user.

In addition, the user sets a password for the second password input screen 51 after setting the password for the first password input screen 50, and information on the password setting order can also be stored as the user authentication information. In this case, when requesting the user authentication by inputting the password, the user must authenticate the user by inputting the sliding pass in the order of the third area of the first password input screen 50 => the second area of the second password input screen 51 If you enter a password with different order, the user authentication will fail.

As another embodiment, a method of separately displaying an area for browsing an image on the screen of the terminal and an area for setting a password may be used.

The user can drag a desired photo from the image browsing area and drop it in the password setting area and then input a sliding pass at a specific position in the password setting area to set a password input position and a sliding pass for the photograph. You can also adjust the order of the imported photos in the password setting area by dragging and dropping.

In this case, when the user selects to complete the password setting, the user who sets the picture (s) in the password setting area as the password input screen, sets the touch position of each picture as the password input position, and sets the input sliding path as the password Authentication information is generated. The order of pictures may also be set in a password input order and stored as user authentication information.

In another embodiment, a screen for selecting a desired photo (s) from among the photos stored in the terminal and a screen for setting a password for the selected photo (s) may be separately provided.

In this case, when the user rotates the picture and selects one or more pictures to be used as the password input screen, the picture (s) selected as the password input screen is displayed on the password setting screen when moving to the password setting screen. You can set a password.

6 to 8 illustrate a password setting screen using a password setting icon according to an embodiment of the present invention.

6, when browsing pictures and selecting one as a password input screen, (a) a layer obtained by dividing a selected photo image into a plurality of areas may be displayed on the photo image, but a password setting icon and a setting completion icon may be displayed together May be displayed (b). The password setting icon may be provided as an icon including a number indicating the number of the password, and the setting completion icon may be provided as an icon including characters indicating input or completion (e.g., E, Enter).

When the user moves the password setting icon to a desired position and touches or clicks the setting completion icon to select (c) the point of interest of the user is set and a predetermined sliding (e.g., leftward sliding) is set as the corresponding sliding pass .

After setting the password, the layer information, the password setting icon, and the setting completion icon disappear and only the original photo image is left (d). When a user enters a password, the user browses the picture while (d) the corresponding picture is displayed as shown in the screen. If the user touches a predetermined point of interest and slides leftward, the password is recognized as being input. It seems to be turning.

This is a device for preventing a third observer from recognizing a password input screen and a password input position. Generally, when browsing a picture, a left or an upward direction sliding is mainly used. Therefore, a sliding pass ), The third party can not know whether the user is viewing the photo album or inputting the password even when viewing the input scene, thereby protecting the password from the surrounding exposure.

In the embodiment of Fig. 7, a plurality of password setting icons may be arranged in the layer generated corresponding to the password input screen, so that the user can select a desired one of the icons. In this case, since a large number of points of interest candidates can be set on the photographic image, security can be further enhanced by increasing the number of cases while giving convenience of password selection.

On the other hand, at the time of disposing the password setting icon, it is possible to analyze the photo image using a predetermined algorithm to determine a point on the photograph that is meaningful for the user to memorize, and then place the password setting icon for each coordinate of each determined point.

For example, it is possible to determine whether a face of a person is displayed on the image through graphical image analysis, and if there is a face of a person, the position of eyes, nose, mouth, and the like can be found from the area corresponding to the face. Alternatively, if an object or an animal is displayed on the photographic image, it may recognize the object or animal and place a password setting icon at the corresponding position. This is to allow the user to easily arrange the position of the password setting icon.

In this case, the user can touch the password setting icon at a desired position among the already set setting icons or set the password selection icon by dragging and moving the circle icon to a desired position.

In the example of Fig. 7, a white circle indicates a password setting icon, and an icon indicated by numeral 1 in (a) is a circle icon indicating that the first sliding pass is being set.

Drag the circle icon and drop it on the point of interest or touch the circle icon of the desired circle icon located at the point of interest, and the corresponding position is set as the password input position. In the example of FIG. 7 (a), it can be seen that the eye portion located on the left side of the photograph is set as the password input position, and the position value of the corresponding portion is stored as the user authentication information.

In addition, as shown in the example photograph of FIG. 7 (b), one or more passwords may be set for one photograph in the same manner as described above. The numbers in the circle icons indicate the password setting order, and the order information at this time is also stored as the user authentication information.

Fig. 7 (c) shows a case in which character images are used instead of a photo image, and four characters (right eye => left ear => left hand => belly button) are sequentially And a password is set.

As in the above case, it is possible to set a plurality of passwords in one graphic image. The password setting procedure at this time is displayed in the number sequence in the circle icon, and the order information is also stored as the user authentication information.

7 (c), when the character image is used in a wearable device such as a smart watch or an IoT-applied product, the UI (user interface) design can be expanded to enhance the product design and interior effect, In terms of utilizing the screen, it can be utilized as an advertisement.

8 shows an example in which two pictures are set as a password input screen. After setting a password in one picture as shown in (a), set the password in the same way for other pictures as shown in (b). At this time, the numbers in the circle icons indicate the password setting order, and the order information is also stored as the user authentication information. (c) and (d) are examples of input screens using character images instead of photo images.

The arrows included in the circle icon indicate the direction of the corresponding sliding path, and the kind of sliding direction can be set by rotating the circle icon. In the example of FIGS. 7 and 8, the leftward sliding is set as the sliding path. However, when the sliding in the other direction is to be set as the sliding path, the arrow may be dragged in a desired direction and rotated.

When the area to be designated as the point of interest is small or is located at one part, and the circle icon is not raised well or the area is overlapped, or the point of interest is spread over the dividing line, the corresponding image is enlarged and moved up, You can then specify the point of interest you want.

As another example, each of the setting positions can be slid (touch-and-swipe) at the time of password input. However, if there are many password settings in one input screen as shown in FIG. 7 (c) As shown in FIG. 7 (d), or by quickly dragging a pattern according to the order of the setting icons as shown in FIG. 7 (d) and touching the setting position.

In the case of using the user authentication by drawing the pattern as described above, since the existing pattern password is always located at the same position of the touch point, it is necessary to discard the familiar pattern and use a new pattern when replacing the password. However, If the character is changed to another character, the touch points of the eyes, nose, mouth, hands, feet, and the like are changed. Therefore, the patterns of the patterns naturally change as 710 -> 720, and the passwords are changed.

If a simple touch is used without using sliding of the sliding pass, the sliding direction can be omitted by touching the circular part of the circle icon for a long time, and the sliding pass can be set only by touch input instead of swiping. This can improve the user's convenience in inputting a password when a plurality of points of interest are set as a password on one graphic image.

FIG. 9 shows examples of the sliding pass according to an embodiment of the present invention.

In the present invention, since a method of inputting a password while browsing a graphic image such as a photograph, a character, a picture, or the like is used, basically, by using a sliding which can call up the next image, for example, a leftward sliding, You may not know that you are typing. In this case, an interested point (password setting position) on the graphic image is touched and swept to the left as shown in FIG. 9A.

According to the embodiment, it is possible to set different sliding passes for each password input screen.

In the embodiment using the password setting icon, the user may touch and drag the circle icon over the desired point of interest and then rotate the arrow direction of the circle icon to set the desired sliding direction. At this time, as shown in FIGS. 9 (b) and 9 (c), one of the leftward sliding, the rightward sliding, the upward sliding, the downward sliding, and the diagonal sliding between the respective directions can be selected.

Since the direction of sliding after touch can be set to 8 directions, security can be improved more than when using only sliding to the left. That is, even if only one sliding pass is set, it is necessary to find a pre-selected password input picture among a plurality of pictures. After finding the correct input position among the plurality of points of interest again, I have to find the direction. However, the user who is aware of this can intuitively use the quick sliding pass immediately, but it can increase security and effectively prevent exposure and guessing attacks.

In the case of directly inputting a sliding path without using an icon, if a user touches a point of interest and then slides in a desired direction, the sliding is analyzed to determine in which direction the sliding is performed.

In particular, since the sliding which occurs simultaneously after the touch is set to eight directions, it can not be discriminated by the screen capture, so that it is possible to effectively prevent hacking using key logging or screen capture.

10 is a flowchart illustrating a method of inputting a password by a user authentication method according to an embodiment of the present invention.

In the image checking step S100, it is judged whether the image selected by the user among the plurality of images displayed on the user terminal is the image set as the password input screen. When the password input is for opening a terminal in a locked state, a user interface is provided for browsing a plurality of images on the lock screen. The user rotates the images here and enters the sliding path at the point of interest when the password input screen appears.

At the point of interest confirmation step S102, when the selected image is a password input screen and the user inputs the sliding on the selected image, it is determined whether the input sliding is inputted at the preset password input position with respect to the password input screen.

In the sliding pass checking step S104, if the sliding is inputted at the predetermined password input position, it is determined whether or not the sliding is the same as the predetermined sliding pass with respect to the password input screen.

In the authentication processing step S106, if the input sliding is equal to the preset sliding path, it is determined that the user authentication is successful.

FIG. 11 illustrates a screen for inputting a password using one of graphic images according to an embodiment of the present invention.

The example of FIG. 11 is an example of inputting a password for unlocking a user terminal. (Graphic image) corresponding to the password input screen set by the user on the lock screen to be displayed on the screen of the terminal, and then sliding in the left direction at the password input position to input a sliding pass (a) The authentication processing module compares the presence or absence of a touch, the touch position, the direction of movement in sliding, the number and the number of the password input screen with the user authentication information, and determines whether or not the authentication is successful. If the authentication is successful, the user terminal is unlocked and the user terminal is opened as shown in (b).

In the conventional password input screen, a user interface such as a button for inputting a password is displayed or a pattern input screen is displayed. That is, the password input key is always exposed, and a screen of the same shape is provided to everybody, and it is susceptible to a guessing attack or exposure of a third party, for example, guessing a password by fingerprint or finger position alone.

On the other hand, in the user input method according to the present invention, a user interface for inputting a password is not displayed except when a password is set. That is, a password is input on the same screen as a general image browsing screen. Since each graphic image held by each user is different from each other, a password input screen is different for each user, and a password input screen or a picture of a photo album is distinguished I can not. Therefore, exposure or guessing attacks are prevented.

Fig. 12 illustrates a screen when a user authentication using a photograph fails.

When viewing a picture set as a password input screen while browsing a picture on a lock screen, if a left slide (110) is performed at a position other than a preset password input position, it is determined that the password is inconsistent, In the next picture, if you enter the left slide (110) at an arbitrary position, it goes to the next picture. That is, it is judged that the password input is failed or the user input error, and only the picture browsing is continued.

If the password input position and the sliding path are not input correctly in the picture set as the password input screen, the normal image browsing is continued. At this time, if all browsable pictures are checked It is judged as a hacking attempt and automatically enters a password lock state.

In this locked state, the password input is prohibited, but unlike the existing passwords, no particular indication such as 'hacking warning', 'input error', 'password re-input' Therefore, the third party can not recognize that the terminal is in the locked state, and even if the user attempts to input any password again, the user can continue viewing the arranged image. In other words, when a lock state is not known, a guessing attack is continuously attempted on a lock screen, and as a result, no prediction can be made, effectively preventing a guessing attack.

The lock release screen, lock release position, and lock release method that can release the lock when the password is locked can be set by the user when setting the password. When a specific method is input at a specific position in a specific picture, the password lock state is released and the password can be set to be in a state where it can be re-entered. One or a plurality of pictures can be selected on the lock release screen, and a lock release position and a lock release method can be set for each picture.

For example, it is possible to set the password lock state to be released by touching the right middle portion of a specific picture or a specific point of interest of the picture three times consecutively or by touching a specific position or a specific point of interest for a long time. When the password lock is released, the user can resume the password input.

On the other hand, if you rotate all the photos, you can enter the password before the rotation is over. That is, when the user passes over the password in the password input screen, the user can input the sliding password at the password input position when the user moves back to the password input screen in the reverse order. This is a device for minimizing inconvenience caused by mistakes or illusions of the user.

The above password lock setting can be easily set to one rotation, but the lock setting may be operated after N photographs or after a specific photograph by the user.

When a password is set for a plurality of pictures, steps 100, 102, and 104 are performed for each picture, and whether or not the sliding password is input in the correct sliding direction at the correct position for all the password input screens, It is determined whether or not the password has been input in accordance with the password setting order and it is determined whether or not the authentication is successful.

In the lock screen of the user terminal, a plurality of photographs may be displayed one by one in the form of a slide show, or the user may rotate the photographs back and forth and read the photographs in a sliding manner. That is, in the basic state, the screen of the terminal acts like a digital frame.

When a user displays a picture set as a password input screen while browsing a picture, a user can input a password by touching or clicking on a position set as a password input position in the picture and selecting a sliding pass to input the selected picture . At this time, since the confirmation of the input screen and the touching and sliding operation of the input position occur instantaneously, it is impossible to know the password even if the third party is watching by the side.

If a plurality of password input screens are set, the user continues to browse the image and finds the next password input screen. In the next password input screen, the user touches or clicks the position set as the password input position, do.

If the user terminal determines that the correct sliding pass is input to the correct password input position on all the password input screens set by the user, the user terminal performs subsequent processing when the user authentication is successful. Subsequent processing means unlocking the user terminal or allowing the use of a particular service for the purpose of user authentication.

13 is a view for explaining a dummy image according to an embodiment of the present invention.

According to an embodiment of the present invention, a 'touch camouflage image' may be set in addition to one or a plurality of password input windows. The touch camouflage image is a type of dummy image. It is a photo image that can be browsed only after successful user authentication by inputting a sliding pass in one or more pictures set as a password input screen. (Hereinafter referred to as " dummy image ").

Referring to FIG. 13, if a user enters a sliding path in a password input screen in which a first picture is displayed, the terminal is not immediately opened even if the user authentication is successful, but if the user moves anywhere in the dummy image, Can be open.

At this time, the number of dummy images to be arranged can be used from 1, and the number can be set by the user without limitation.

That is, the user authenticates the user at the correct position on the password input screen, and swipes the arbitrary position without any thought in the displayed screen to open the terminal device. However, the third party watching the touch screen Is the actual password input screen and it is confused which part is the input position.

By using the touch camouflage image, it becomes difficult for the third person to know more which picture image is the password input screen and where the point of interest is.

When setting the password, the user can select which image to be dummy image, or N images can be automatically set as a dummy image. Also, although the dummy image is used after the success in the input screen, it can be used to disguise the input screen even before the input screen, and the number and type of the dummy image are changed dynamically at each use so that the third person can not be more aware can do.

The dummy image may be set to be used or unused depending on the user's selection.

On the other hand, in the example of FIG. 13, a layer in which a divided area is displayed on the photograph of the password input screen is displayed for the sake of understanding. In the actual password input process, only the photo image is displayed, It can not be known whether or not it is an input screen.

FIG. 14 is a view for explaining a quick sliding pass according to an embodiment of the present invention.

According to an embodiment of the present invention, since one of the sliding in the left direction and the right direction as well as the sliding in the eight directions can be set as the sliding path, the security is further enhanced. Therefore, it is possible to use a quick password that allows user authentication to be completed by one sliding pass.

Referring to FIG. 14, a picture displayed on the first screen is a password input screen, and a quick sliding pass is set for the corresponding picture image. That is, when slanting slanting in the north-west direction is set as the quick sliding pass, slid sliding in the northwest direction from the password input position causes the quick password input to be recognized and the authentication succeeds immediately, and the terminal is opened as shown in the second screen.

According to the present invention, since the password input screen is different for each user and only a plurality of photo images are successively listed, it is difficult for a third party to find a password set password among a plurality of pictures, and a dummy image is additionally used In this case, the user does not need to worry about it, so that it becomes easy to use. At the same time, even if the input screen and the operation are exposed, the user can not know the password input image or the input position.

In addition, when the password setting is completed, only the pictures are displayed on the lock screen, and since the buttons related to the password setting, and any display and interface are not displayed at all, there is no difference from the photo album and the third party can only view the pictures.

In addition, even if a third party tries to input a password, if the user does not input the correct sliding password at the correct position by searching for all the password input screens set by the user until the photos are rotated and returned to their original positions, a password lock ). When the password is locked, only the picture can be viewed on the screen.

The method according to an embodiment of the present invention can be implemented in the form of a program command which can be executed through various computer means and recorded in a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions recorded on the medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks, and magnetic tape; optical media such as CD-ROMs and DVDs; magnetic media such as floppy disks; Includes hardware devices specifically configured to store and execute program instructions such as magneto-optical media and ROM, RAM, flash memory, and the like. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, It belongs to the scope of right.

Claims (12)

A photo image setting step of setting one or more photo images selected by the user as a password input screen;
An interest point setting step of setting a position selected by the user on a photo image set as a password input screen to a password input position;
A sliding pass setting step of receiving a sliding password at the password input position from the user;
And an authentication information generating step of generating authentication information for the user by combining the password input screen, the password input location, and the input sliding path. The method according to claim 1,
Wherein the point of interest setting step comprises:
And setting an area selected by the user as a password input location among the areas of the predetermined number of photo images set as the password input screen. The method according to claim 1,
The sliding path setting step may include:
And recognizing a direction in which the user has slid and setting a sliding in a corresponding direction as a sliding path corresponding to the password input position. The method according to claim 1,
Further comprising displaying a plurality of password setting areas on the photo image set as the password input screen and providing an area selection icon,
Wherein the point of interest setting step comprises:
The user may touch the area selection icon or move the area selection icon to one of the plurality of password setting areas to determine the password setting area as the password input area by touching or moving the area selection icon Wherein the user is authenticated by the user. The method according to claim 1,
The sliding path setting step may include:
The method comprising the steps of: inputting one of a leftward sliding, an upward sliding, a rightward sliding, a downward sliding, or a diagonal sliding between directions in a sliding path. The method according to claim 1,
The sliding path setting step may include:
Further comprising the step of separately setting a quick sliding path for completing user authentication from one password input screen to one sliding password input even when a plurality of password input screens are set User authentication method. The method according to claim 1,
Further comprising setting a number of dummy images requiring a random touch before or after inputting a sliding pass in at least one photograph image set as the password input screen. A computer program recorded on a recording medium for executing a user authentication method using the photo sliding pass of any one of claims 1 to 7. A photo image checking step of judging whether a photo image selected by the user among the plurality of photo images displayed on the user terminal is a photo image set as a password input screen;
An interest point confirmation step of determining whether the selected sliding image is input at a predetermined password input position with respect to the password input screen when the selected photo image is a password input screen and the user inputs a sliding path on the selected photo image Wow;
A sliding path checking step of determining whether the sliding path is the same as a predetermined sliding path with respect to the password input screen when the sliding path is inputted at a preset password input position;
And determining that the user authentication is successful if the sliding path is the same as the predetermined sliding path. 10. The method of claim 9,
If all of the plurality of photographic images displayed on the user terminal are selected or the sliding pass input on all the password input screens set in the user authentication information is not completed while reaching a specific photo image, The method of claim 1, further comprising the step of providing a password lock screen that can be used only for a user. 11. The method of claim 10,
Further comprising the step of unlocking to allow the password input to resume when a photo image corresponding to a pre-established password unlock screen is selected and a password unlocking method is input at a predetermined input location on the photo image, A user authentication method using a pass. A computer program recorded on a recording medium for executing a user authentication method using the photo sliding pass of any one of claims 9 to 11.

Images