1. Field of the Invention
The present invention relates to user authentication, and more particularly, to user authentication using a graphical password or through biometrics.
2. Description of the Related Art
Conventional password-based user authentication techniques are as follows.
First, Korean Patent Application No.1999-56333 entitled “Personal Identification Number (PIN) Code System” discloses a PIN code system into which a user can input a PIN code using a key pad means provided to a security alarming apparatus, a safe, an exit/entrance gate, a PC, or an ATM. The PIN code system generally supports functions that are usually provided by using PIN codes and also enables secret commands to be executed by the PIN codes by making up a PIN of a combination of a real number and an imaginary number so that the real number constitutes a meaningful portion of the PIN and the imaginary number constitutes a meaningless portion of the PIN and inserting a specific secret command signal into the imaginary number.
Second, Korean Patent Application No. 1999-59247 discloses a method of setting or canceling a lock function for a mobile wireless phone, which involves a first process of sensing whether an associate expression input function has been selected, inputting an expression associated with a previously stored PIN, and storing the associate expression in memory and a second process of displaying a request for inputting a PIN on a screen if it is sensed that the mobile wireless phone has been turned on after being turned off in lock mode, determining whether or not the input PIN matches with the previously stored PIN, and displaying the associate expression on the screen if a wrong PIN has been input a predetermined number of times or more.
Third, Korean Patent Application No. 2000-8580 discloses a system and method for inputting a PIN on the Internet in which a user can input a PIN on the Internet by clicking a predetermined area of a picture displayed on a screen.
U.S. Pat. No. 5,559,961 entitled “Graphical Password” discloses a means for inputting a password by touching a specific portion of a picture. This means can be used as a keypad by setting a tap region on the picture.
Conventional user authentication methods based on a combination of a password and biometrics are as follows.
First, Korean Patent Application No. 2000-19152 entitled “Portable Security Authentication Apparatus and Operating Method Thereof” discloses a method of authenticating a user through biometrics such as a fingerprint or voice or through authentication of a sequential combination of passwords.
Second, Korean Patent Application No. 2000-3099 entitled “Door Lock/Unlock System Adopting Combination of Fingerprint Recognition and Password Authentication and Method of Controlling the Same” discloses a user authentication technique in which a user whose fingerprint cannot be registered and a visitor whose fingerprint has not yet been registered can be authenticated by inputting a password.
Third, Korean Patent Application No. 2000-60312 entitled “Entrance/Exit Control System and Method Adopting Fingerprint and Face Recognition” discloses a user authentication technique in which a user can be authenticated through a combination of fingerprint and face recognition or through a combination of password authentication and fingerprint and face recognition. In this user authentication technique, security can be enhanced by storing a fingerprint and face image of an unauthenticated person.
Finally, Korean Patent Application Nos. 2001-15559 and 1999-26726 disclose a door opening and shutting system based on fingerprint recognition and a method of recognizing a password of a mobile phone through voice recognition, respectively.
The above conventional user authentication techniques carry out a plurality of user authentication processes simply based on a combination of password authentication and biometrics or a combination of security key authentication and biometrics.
A conventional biometrics device that authenticates a user using, for example, a face, a fingerprint, or an iris, as an authentication key may have performance degradation because the authentication key is likely to be input into the conventional biometrics device differently all the time depending on where and how a user uses the conventional biometrics device, or because the authentication key is also likely to vary itself according to the passage of time. In addition, since a threshold value for biometrics device is variably set, in some cases, a registered person may not be authenticated while a non-registered person may be authenticated instead.
Recently, the number of people using a device into which they can input commands via a graphical user interface, such as a personal digital assistant (PDA), has been continuously increasing. Therefore, what really matters in user authentication in a PDA based on a graphical password is whether convenience, reliability, and security of user authentication can be guaranteed.
In addition, it is important to improve the inherent imperfect nature of conventional biometrics devices by organically combining graphical password authentication and biometrics into a more efficient user authentication process.