Various embodiments of the present invention may be configured such that the encrypted biometric information is previously stored in a device (e.g., a smart card, a communication terminal, or the like) possessed or possessed by the user based on the public key certificate, (Primary user authentication). In addition, a public key certificate matching the encrypted biometric information is used for user authentication (secondary user authentication) for transaction approval or the like performed by the service providing server. Further, embodiments of the present invention employ additional authentication factors for enhancing the security of the primary / secondary user authentication, such as One Time Password, Keystroke, Dynamic signature, and location information. Further, other embodiments of the present invention apply an authentication mechanism composed of a primary user authentication and a secondary user authentication in controlling access to IoT devices.
展开▼
