In general, when a user joins membership of a specific Internet site or purchases merchandise on an Internet shopping site, the user needs to let his or her real name authenticated and input much personal information. Along with the development of the Internet, numerous sites exist on the Internet. In Korea alone, hundreds of thousands of sites come and go. If an Internet user is prompted to input the user's real name and resident registration number each time the user signs up to a new site, the user's personal information is at the risk of leakage and malicious abuse in many ways by a number of hacking programs prevalent on the Internet.
To prevent information leakage, server systems typically adopt security policies that allow only authenticated users to access the systems. For example, a typical server system assigns an Identifier (ID) and a password to each user. Later, the server system requests input of the ID and password of the user to thereby authenticate the user. That is, the user transmits authentication information which is the ID and password to the server through his or her terminal and the server authenticates the user for access by comparing the received authentication information with pre-registered authentication information.
As more and more smart phones and tablet PCs have been used, individual users tend to possess a plurality of devices. An agreement on access to a specific account is rarely made between such devices. Even though a user uses the same account through different devices, the user should perform an authentication procedure by inputting an ID and a password each time the user switches from one device to another. Especially as devices and platforms get diverse, when a specific service is used through a plurality of devices and platforms, account registration and access authentication are required for each device or platform, which increases user inconvenience.
To mitigate user inconvenience, personal information such as an ID and a password can be stored in the form of cookie information in each device. However, the cookie information may be applied only within a specific application and is vulnerable to hacking. Therefore, the risk of leakage of the personal information is high.