1. Field of the Invention
The present invention relates to an authentication system and method. More particularly, the present invention relates to security authentication system and method for preventing the leak of user information and authenticating a user.
2. Description of the Related Art
Internet has become a must in a present-day life, and Internet services such as electronic commerce, Internet banking, and online game, are prevalently used. To use the Internet service, a user generally needs to join as a member of the corresponding service and pass through user authentication to use the corresponding service. The user authentication is performed in a manner that the user inputs his/her identification (ID) and password in a web browser of a user terminal, the ID and the password are transmitted to a server, and the server confirms the ID and the password.
Crimes which install a hacking tool in other user terminals, extract and user ID and password by stealth are increasing. An example of the hacking tool is a browser helper object (BHO). The BHO, which was originally invented to extend the functionality of the web browser, supports functions not provided by the web browser. Most BHOs are used as spyware, adware, and hacking against its original purpose. Particularly, the BHO is used to intercept user authentication information transmitted from the user terminal to the server in the process of the user authentication. Another example of the hacking tool is a key logger. The key logger steals keyboard information input by the user and leaks out the information.
To prevent the hacking by the hacking tools, many security programs are under development. Most security programs find and remove the hacking tools in the user terminal or encrypt the user authentication information to avoid the hacking. It is not easy for the user to select and install his/her proper or desired security program among various security programs.