Search

EP-4742066-A1 - ACCESS AUTHENTICATION METHOD USING SNS LINKAGE AND A DEVICE USING THE SAME

EP4742066A1EP 4742066 A1EP4742066 A1EP 4742066A1EP-4742066-A1

Abstract

An access authentication method using SNS linkage and a device using the same are disclosed. According to one embodiment, a method for access authentication of a terminal comprises acquiring identification information of a control device from the control device, performing login for a user of the terminal to an authentication server, and acquiring user identification information of the terminal from the authentication server according to the login, generating authentication data based on the identification information of the control device and the user identification information, and transmitting the authentication data to a server that performs user authentication for the user of the terminal, wherein the server being different from the authentication server.

Inventors

  • LEE, JONG KEUN
  • JANG, SEUNG JIN
  • KYUNG, JAE HYUN
  • KIM, MYUNG KOOK

Assignees

  • Suprema Inc.

Dates

Publication Date
20260513
Application Date
20250521

Claims (10)

  1. A method for access authentication of a terminal, comprising: acquiring identification information of a control device from the control device; performing login for a user of the terminal to an authentication server, and acquiring user identification information of the terminal from the authentication server according to the login; generating authentication data based on the identification information of the control device and the user identification information; and transmitting the authentication data to a server that performs user authentication for the user of the terminal, wherein the server being different from the authentication server.
  2. The method of claim 1, wherein the acquiring identification information of a control device from the control device comprises: scanning a QR code displayed on the control device; acquiring a QR code payload from the QR code; and acquiring the identification information of the control device from the QR code payload.
  3. The method of claim 1, wherein the user identification information includes at least one of a mobile phone number of the terminal, a name of the user, an email address of the user, and SNS identification information of the user of the terminal.
  4. The method of claim 1, wherein the acquiring user identification information of the terminal from the authentication server comprises: acquiring an access token from the authentication server according to the login; and acquiring the user identification information based on the access token.
  5. The method of claim 4, wherein the acquiring user identification information of the terminal from the authentication server comprises acquiring the user identification information of the terminal from the authentication server through a browser of the terminal, and wherein the transmitting the authentication data comprises transmitting the authentication data to the server through the browser.
  6. The method of claim 5, further comprising: storing at least one of the access token or the user identification information in the browser or an access authentication application.
  7. The method of claim 4, wherein the acquiring user identification information of the terminal from the authentication server comprises acquiring the user identification information of the terminal from the authentication server through an access authentication application of the terminal, and wherein the transmitting the authentication data comprises transmitting the authentication data to the server through the access authentication application.
  8. The method of claim 7, further comprising: receiving an installation inducement message for the access authentication application from the server; and installing the access authentication application on the terminal according to the installation inducement message.
  9. A non-transitory computer-readable recording medium having recorded thereon a program for performing the method of any one of claims 1 to 8.
  10. A server, comprising: a communication module; and at least one processor, wherein the at least one processor: acquires authentication data from a terminal, wherein the authentication data is based on identification information of a control device controlling a certain security area and user identification information of the terminal, and the user identification information is acquired by the terminal from an authentication server that is different from the server, performs user authentication on whether the user is allowed to access the certain security area, transmits a result of the user authentication to the control device, acquires a reverification result of the user authentication result from the control device, and determines whether the user is allowed to access the certain security area based on the reverification result.

Description

CROSS-REFERENCE TO RELATED APPLICATION(S) This application is based on and claims priority under 35 U.S.C. § 119 to Korean Patent Application No. 10-2024-0160240, filed on November 12, 2024, and Korean Patent Application No. 10-2024-0184880, filed on December 12, 2024, in the Korean Intellectual Property Office, the disclosure of which is herein incorporated by reference in its entirety. BACKGROUND FIELD The present invention relates to an access authentication method using SNS linkage and a device using the same. DESCRIPTION OF RELATED ART In the field of performing user authentication to manage access to buildings or specific areas, payment processing, and use of specific devices, technology utilizing user terminals to improve convenience is being used. In such technology, while user terminals were traditionally implemented as card keys, they are gradually expanding to terminals such as smartphones that users carry. However, the time required to acquire information necessary for user authentication on the terminal may take longer compared to traditional card keys, and accordingly, users may experience inconvenience feeling delays, and several security issues may arise. Recently, efforts to solve these problems continue. SUMMARY An object to be achieved by the disclosure is to provide a control method that reduces the time required for user authentication. In addition, another object to be achieved by the disclosure is to provide a control method for enhancing security during user authentication. The objects to be achieved by the disclosure are not limited to those mentioned above, and other objects that are not mentioned above may be clearly understood to those skilled in the art based on the descriptions provided below and the accompanying drawings. According to an embodiment, a method for access authentication of a terminal, comprises: acquiring identification information of a control device from the control device; performing login for a user of the terminal to an authentication server, and acquiring user identification information of the terminal from the authentication server according to the login; generating authentication data based on the identification information of the control device and the user identification information; and transmitting the authentication data to a server that performs user authentication for the user of the terminal, wherein the server being different from the authentication server. The acquiring identification information of a control device from the control device comprises: scanning a QR code displayed on the control device; acquiring a QR code payload from the QR code; and acquiring the identification information of the control device from the QR code payload. The user identification information includes at least one of a mobile phone number of the terminal, a name of the user, an email address of the user, and SNS identification information of the user of the terminal. The acquiring user identification information of the terminal from the authentication server comprises: acquiring an access token from the authentication server according to the login; and acquiring the user identification information based on the access token. The acquiring user identification information of the terminal from the authentication server comprises acquiring the user identification information of the terminal from the authentication server through a browser of the terminal, and wherein the transmitting the authentication data comprises transmitting the authentication data to the server through the browser. The method comprises storing at least one of the access token or the user identification information in the browser or an access authentication application. The acquiring user identification information of the terminal from the authentication server comprises acquiring the user identification information of the terminal from the authentication server through an access authentication application of the terminal, and wherein the transmitting the authentication data comprises transmitting the authentication data to the server through the access authentication application. The method comprises: receiving an installation inducement message for the access authentication application from the server; and installing the access authentication application on the terminal according to the installation inducement message. According to an embodiment, a method for access authentication of a server, comprises: acquiring authentication data from a terminal, wherein the authentication data is based on identification information of a control device controlling a certain security area and user identification information of the terminal, and the user identification information is acquired by the terminal from an authentication server that is different from the server; performing user authentication on whether the user is allowed to access the certain security area; transmitting a result of the user authenti