| 主权项 |
1. A method of generating a One-Time Password (OTP) performed by a user terminal including a processor, the method comprising:
receiving, by the processor, user secret information that is input according to execution of a process of providing an OTP; requesting, by the processor, the user verification apparatus to authenticate the received user secret information; receiving, by the processor, a challenge value from the user verification apparatus; generating, by the processor, a response value using the received challenge value and the user secret information; transmitting, by the processor, the generated response value to the user verification apparatus; and generating, by the processor, an OTP using at least one of the user secret information, the challenge value and the response value when the user secret information is authenticated by verifying of an effectiveness of the response value in the user verification apparatus, wherein the user verification apparatus is configured to store a user secret information verification value corresponding to identification information of the process that is set while the process of providing the OTP is installed in the user terminal, and store the challenge value and the response value that are used while the user secret information is authenticated, and wherein the user verification apparatus is configured to verify effectiveness of the OTP based on the identification information of the process, which is transmitted as the generated OTP is input to an online service that needs to authenticate a user, and the OTP. |
