Generally, a user authentication method is classified into a knowledge-based method, an ownership-based method, and a characteristic-based method. The knowledge-based method includes an identification (ID)/password as a representative example. The ownership-based method refers to directly presenting ID information of a medium that a user owns, such as a one-time password device (OTP) or an accredited certificate. The characteristic-based method refers to a method of performing authentication based on user characteristics. The characteristic-based method includes fingerprint recognition, iris recognition, voice recognition, etc., for example.
Such user authentication methods have been applied to diverse devices and have come into wide use. For example, in case of a mobile device such as a mobile phone, a user is able to set a password such as inputting certain numbers or drawing a certain pattern. In this case, the mobile device determines whether the user is entitled to use the mobile device based on the input password.
However, in the user authentication method, a security vulnerability issue has been identified. For example, in case of pattern recognition, a password may be tracked based on a user trace which remains in a screen.
In addition, a user is inconvenienced by releasing a lock state of a mobile device several times, even though the user is entitled to use the mobile device.
Furthermore, the method also has another security vulnerability issue that exposes detailed information in a very private area such as a short message service (SMS).
The above information is presented as background information only to assist with an understanding of the present disclosure. No determination has been made, and no assertion is made, as to whether any of the above might be applicable as prior art with regard to the present disclosure.