1. Field of the Invention
The present invention relates to a security authentication system for a membership login of an online website and a method thereof, and more particularly, a security authentication system for a membership login of an online website capable of ensuring a safe membership login without having to directly entering a membership ID and a password for a membership login of a certain online website on a user terminal being used in association with a smartphone for a private or public purpose, and a method thereof.
2. Discussion of Related Art
In general, log-in represents an authentication process in which a user accesses a multiple user system through a network and enters authentication information that is previously registered on a terminal, such as an identification (ID) and a password, and the ID and the password are verified, so that the user is authenticated to use the system, thereby allowing the user to perform a task on the system.
Such a login process is widely used to verify a user in various systems connected through a network. Currently, the login process is achieved as a user accesses a certain online website on a terminal provided with a web browser and manually transmits login information for using the online web site, that is, a user identification and a password, to a web server through the terminal, so that a user authentication is granted.
With the recent development of computer and information communication, people of various sections obtain desired information by accessing an online website that provides various types of information on the Internet, and most online websites require a membership login to use the corresponding information.
Accordingly, users enter private information, such as a name, a social security number, an address, an e-mail address, and a phone number according to a membership sign-in procedure and a sign-in form that are required in the online website, and also set a unique identification and password for login to the online website. Therefore, when a user visits an online website where the user has signed and which is operated based on a membership system, the user logins to the website through the previously established ID and password of the user to use information provided by the online website.
However, such a method has a risk in that once a user accesses a website in an online game room, a hacker may appropriate the ID and password of the user through a cracking of a PC in the game room or by using an illegal program that combines an ID and a password.
In order to remove such a risk, various types of security authentication methods have been developed. Korean Unexamined Patent Publication No. 10-2002-0096258 (a method of authentication for the Internet) discloses a method of authenticating a user by entering iris image information of a user. To this end, a system used in the prior art requires a private terminal provided with a function to transmit iris information, and a network service provider is also required to have a database (DB) to store iris information of users in a server.
However, the conventional system and method concern a primary authentication of a user who desires access to an online website or desires payment on the Internet, which fails to deal with a situation where an unauthorized user accesses through an ID of an authorized user, and such a conventional system and method are not available to a general user who does not have a terminal for transmitting iris image information.