JP2000293491A - Information terminal machine - Google Patents

Abstract

PROBLEM TO BE SOLVED: To enable identification in spite of secular changes of biometric data by improving the security at the time of access to a system by matching generated matching data against identification data and performing identification. SOLUTION: A control part 11 generates matching data on a fingerprint, a voiceprint, and a sign to be matched against the identification data that biometric data on a fingerprint, a voiceprint, and a sign stored on an IC card 30 by using fingerprint, voiceprint, and sign data read out by biosensors 18 to 20. Then the control part 11 matches the generated matching data on the fingerprint, voiceprint, and sign against respective identification data on fingerprints, voiceprints, and signs to identify the very person according to whether or not the number of matches is larger a specific number. The control part 11 registers the read identification data on the IC card when the term of validity stored on the IC card 30 is not within the term of validity of the biometric data.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to an information terminal for performing personal authentication based on biometric data of fingerprints, voiceprints and signatures having personal authentication data.

[0002]

2. Description of the Related Art Conventionally, in a system requiring security, in order to access a file, a database, or the like, a person who is permitted to access must input a password from an information terminal.

[0003] A bank ATM system will be described as a system requiring security. In a bank ATM system, when a depositor withdraws a deposit from an ATM terminal, a pin number (PIN) of 4 is used.
It was necessary to enter a three-digit password and perform personal authentication.

In recent years, personal authentication when accessing a system requiring security has been performed based on biometric data such as fingerprints, irises, and bills, in addition to the above-mentioned personal identification numbers.

[0005]

As the personal authentication when accessing the above-described system requiring security,
If a PIN is used, the PIN
Often, a number that is easily remembered and easily remembered, such as the birthday of the person or family, the telephone number of the house, and the car number, is used.

Therefore, when a credit card, a cash card, or the like is lost, a personal identification number is easily specified due to the birthday of the person or family who lost the card. There was a problem that would.

When using biometric information such as fingerprints, irises, bills, voices, faces, and voice prints, which have become popular in recent years, as personal authentication when accessing an OA system requiring security, the following method is used. Has problems.

For example, when a fingerprint is used for personal authentication, if the registered finger is damaged or grows and the thickness of the finger changes, personal authentication cannot be performed.
When a voice print is used, personal authentication cannot be performed when the voice changes. Further, when the face is used, when the makeup method is changed, personal identification cannot be performed.

Accordingly, the present invention has been made in view of the above problems,
An object of the present invention is to provide an information terminal capable of improving security when accessing a system using a plurality of pieces of biometric data and performing personal authentication with respect to aging of the biometric data.

[0010]

In order to achieve the above-mentioned object, the invention according to the first aspect of the present invention provides a method for storing one or a plurality of biometric data, which are stored in an IC card, comprising management data and personal identification data. An information terminal for reading and performing personal authentication based on the read biometric data, comprising: verification data generation means for generating verification data for verification with the personal authentication data; and verification data generated by the verification data generation means. And personal authentication determination means for comparing the personal authentication data with the personal authentication data to determine whether or not the user is the user.

[0011] The invention according to claim 2 is provided with storage means for storing one or a plurality of biometric data comprising management data and personal authentication data, and the biometric data stored in the storage means is provided. An information terminal for performing personal authentication based on the verification data, comprising: verification data generating means for generating verification data for verification with the personal authentication data; verification data generated by the verification data generation means; and verification of the personal authentication data. Personal authentication determining means for determining whether or not the user is the user.

The invention described in claim 3 is the first or second invention.
In the described invention, the biometric data is
It should be of the type for fingerprints, voiceprints, signatures, etc.

The invention according to claim 4 is the first or second invention.
In the invention described in the above, the management data has validity period data for which the personal authentication is valid, and based on the validity period data, whether the present time to perform the personal authentication is within the validity period in which the personal authentication can be performed. And a validity period determining means for determining whether or not it is valid.

According to a fifth aspect of the present invention, in the fourth aspect of the present invention, if the validity period determining means determines that the current time to be authenticated is out of the validity period in which the user can be authenticated, the reading is performed. A re-registration unit for re-registering the biometric data.

The invention according to claim 6 is the first or second invention.
In the invention described in the above, the management data includes data such as a validity period during which personal authentication is valid, the number of times of authentication, a previous authentication date, an average authentication interval date, and the like. When the authentication is determined, the management data updating means for updating the data of the number of authentications, the previous authentication date and the average authentication interval date in the management data is provided.

In the present invention, the personal authentication judging means performs the personal authentication using the plurality of collation data generated by the collation data generating means, so that the security of the system can be enhanced.

In particular, in the present invention, since the biometric data is of a type for a fingerprint, a voiceprint, and a signature, personal authentication can be performed for the fingerprint, the voiceprint, and the signature.

Further, according to the present invention, the validity period determining means determines whether or not the current time to be authenticated is within the validity period for authenticating the user based on the validity period of the biometric data. Safety can be increased.

Further, according to the present invention, if the current time to be authenticated by the validity period determining means is outside the validity period in which the personal authentication can be performed, the biometric data read by the reregistering means is reregistered. Personal authentication can be performed for aging of metric data.

Further, according to the present invention, when the user is authenticated, the management data such as the number of times of authentication of the biometric data, the previous authentication date and the average interval date are updated. It can be stored.

[0021]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS An embodiment of an information terminal according to the present invention will be described below with reference to the drawings.

FIG. 1 is a block diagram showing the configuration of an embodiment of an information terminal 1 according to the present invention.

The information terminal 1 of this embodiment is connected to a host computer via a communication line, and uses, for example, a fingerprint, a voiceprint, and a signature as personal authentication when accessing an OA system. , System memory 12, input unit 13, display unit 14, communication unit 15
, A work memory 16, an IC card read / write (R / W) unit 17, and biosensors 18, 19, and 20.
, An image memory 21 and an audio memory 22.

The control unit 11 performs overall control of the terminal 1 itself based on an operation system and a user program stored in the system memory 12.
The system memory 12 stores an operation system and a user program.

In particular, the control unit 11 includes a biosensor 18,
Using fingerprints, voices, and signature data read by 19 and 20, fingerprints to be collated with personal authentication data contained in fingerprint, voice, and signature biometric data (described later) stored in an IC card 30 described later. Voiceprint and signature collation data are generated.

The collation data of these fingerprints, voiceprints, and signatures is obtained from the characteristic points of the fingerprints, voiceprints, and signature data read by the biosensors 18, 19, and 20. A branch point is generated as a feature point.In the case of a voiceprint, a characteristic voice spectrum of a voice is generated as a feature point.In the case of a sign, a pen pressure and a unique shape point are generated as a feature point. You.

The control unit 11 checks the generated fingerprint, voiceprint, and signature verification data against the fingerprint, voiceprint, and signature authentication data included in the biometric data, and determines whether the degree of coincidence is equal to or greater than a predetermined number. Thus, personal authentication is performed.

Further, the control unit 11 determines whether or not the current time to be authenticated is within the validity period in which the user can be authenticated, based on the validity period of the biometric data stored in the IC card 30. Has become.

If the current time of the user authentication is out of the validity period for the user authentication, the control unit 11
The read personal authentication data is re-registered in the IC card.

After determining that the user is the principal, the control unit 11 updates management data such as the number of times of authentication of the biometric data, the previous authentication date, and the average interval date.

The control unit 11 specifies information to be used for authentication each time personal authentication is required, for example, a finger used when performing fingerprint authentication, and a signature name when performing signature authentication. Can be.

The input unit 13 includes, for example, a keyboard or the like, and is designed to designate a finger, a voice, and a signature required in the personal authentication process described later.

The display unit 14 displays usage information, for example, processing guide information, for a person using this terminal, and the communication unit 15 transmits and receives data to and from a host computer.

The work memory 16 temporarily stores biometric data and mutual authentication data, which will be described later, read from the IC card 30, and also has fingerprint collation data, voiceprint collation data, and signature collation, which will be described later, formed by the control unit 11. This is to temporarily store data.

IC card read / write unit (R / W) 1
Numeral 7 reads out the biometric data and the mutual authentication data from the IC card 30, stores the read biometric data and the mutual authentication data in the work memory 16, and reads the biometric data and the mutual authentication data stored in the IC card 30. The mutual authentication data is updated.

The biosensor 18 is composed of, for example, a CCD camera, converts a fingerprint consisting of a read analog signal into a digital signal, and stores the fingerprint data of the converted digital signal in the image memory 20.

The biosensor 19 is composed of, for example, a microphone, converts a voice composed of a read analog signal into a digital signal, and stores the converted digital signal voice data in the voice memory 22.

The biosensor 20 is, for example, a tablet or the like, and stores the sign data of the read digital signal in the image memory 21.

The image memory 21 stores fingerprint data composed of digital signals read by the biosensor 18,
It stores signature data composed of digital signals read by the biosensor 20.

The voice memory 22 stores voice data read out by the biosensor 19 and composed of digital signals.

As described above, the information terminal 1 of this embodiment uses a fingerprint, a voiceprint, and a signature as those used for personal authentication. In the personal authentication using these, the security against the OA system is used. Depending on the degree of importance, the one used is different.

As shown in FIG. 2, the information terminal 1 of this embodiment has a priority of 1 to 5 degrees, and the one having the lowest security has the lowest security. The degree is the highest priority.

By the way, the one with the lowest priority uses the finger of the index finger for fingerprint authentication, uses the pronunciation of "10" for voice authentication, and uses the pronunciation of "10" for signature authentication. The section manager's name is used.

The one with the highest priority of 5 degrees is
For fingerprint authentication, both the "thumb" and "middle finger" fingerprints are used, for voice authentication, the pronunciation of "50" is used, and for signature authentication, the "company name" is used. ing.

To facilitate the internal processing by designating the finger, voice, and signature used for personal authentication,
As shown in FIG. 3, an assignment number is specified for each.

By the way, regarding the finger, the thumb is "1",
Assignment numbers are assigned to the middle finger at "2", the little finger at "3", the ring finger at "4", and the index finger at "5".

As for the voice, the voice 50 is "1".
The voice number 40 is assigned to "2", the voice number 30 to "3", the voice number 20 to "4", and the voice number 50 to "5".

As for the signature, the assignment number is designated to the company name "1", the president name "2", the birthday "3", the section name "4", and the section manager name "5". ing.

Note that these assignment numbers have no relation to the priority.

Next, the IC card 30 from which biometric data is read by the information terminal 1 will be described.

As shown in FIG. 4, the IC card 30 includes fingerprint biometric data 310, voiceprint biometric data 410 and signature biometric data 510, and mutual authentication data 320.

The fingerprint biometric data 3 described above
10 is a priority area 31 as shown in FIG.
1, a bio type area 312, a registration date area 313, an expiration date area 314, an authentication count area 315, a previous authentication date area 316, an average interval date area 317, and a personal authentication data area 318.

The priority area 311 is composed of 1 byte, and has information for defining the priority of the finger used for personal authentication.
It consists of one byte and has information for designating the type of biosensor for reading a fingerprint.

The registration date area 313 is composed of 8 bytes and has a date when the personal authentication data is registered.
The expiration date area 314 is composed of 8 bytes and has the expiration date of the registered personal authentication data as the date.

The authentication count area 315 is composed of 4 bytes and has the number of times of authentication.
It consists of bytes and has the date of last certification.

The average interval day area 317 has an average interval of 3 bytes and has an authenticated average. The personal authentication data area 318 has 512 bytes and has fingerprint authentication data.

The biometric data 410 of the voice print and the biometric data 510 of the signature have the same configuration as the biometric data 310 of the fingerprint.

That is, the biometric data 410 of the voice print and the biometric data 510 of the signature
Are priority area 411, 511, bio-type area 412, 512, registration date area 413, 51, respectively.
3, expiration date area 414,514, authentication count area 4
15, 515, previous authentication date areas 416 and 516, average interval date areas 417 and 517, and personal authentication data areas 418 and 518.

The biometric data 410 of these voice prints and the biometric data 51 of the signature are
0 is the fingerprint biometric data 4 as described above.
Since they have the same frame configuration as 10, their detailed description is omitted.

As shown in FIG. 4B, the mutual authentication data 320 includes a card issuer ID area 321, a card validity area 322, a card type area 323, a name area 324, a birthday area 325, and an address area. 32
6, a telephone number area 327.

The card issuer ID area 321 is composed of 4 bytes and has an ID for specifying the IC card issuer. The card validity period area 322 is composed of 8 bytes and is valid when the IC card 30 can be used. And the card type area 323 consists of 4 bytes and has an IC
It has information indicating the type of the card 30.

The name area 324 is composed of 16 bytes and has the name of the person who uses the IC card 30. The birthday area 325 is composed of 10 bytes and has the birthday of the person who uses the IC card 30. ing.

The address area 326 is composed of 32 bytes and has the address of the person using the IC card 30. The telephone number area 327 is composed of 12 bytes and has the telephone number of the person using the IC card 30. ing.

Next, the operation of the information terminal 1 of this embodiment will be described with reference to FIGS.

The IC reader 17 uses the IC card 30
It is determined whether or not the IC card 30 has been inserted into the card read / write (R / W) unit 17 (step 110). If it is determined that the IC card 30 has not been inserted (step 110;
No), wait until the IC card 30 is inserted,
If it is determined that the card 30 is inserted (Step 110; Yes), the biometric data 310 of the fingerprint, the biometric data 410 of the voiceprint, the biometric data 510 of the signature, and the mutual authentication data of the IC card 30 are provided. 320 is read and stored in the work memory 16 (step 120).

Next, the control section 11 determines whether or not the inserted IC card 30 can be used based on the mutual authentication data 320 stored in the work memory 16 (step 130).

This determination is made as follows.

The control unit 11 determines whether the card issuer ID, the validity period of the card, and the card type registered in the mutual authentication data 320 stored in the work memory 16 are permitted. And if these are permitted, the attached I
Judge that the C card 30 can be used,
If it is determined that at least one of these is not permitted, it is determined that the attached IC card 30 cannot be used.

When the control section 11 determines that the IC card 30 mounted on the IC card read / write (R / W) section 17 cannot be used (step 13).
0; No), for example, a message "This IC card cannot be used" is displayed on the display unit 14 (step 140), the user is notified that the IC card 30 cannot be used, and the process is terminated.

On the other hand, the control unit 11
If it is determined that the IC card mounted on the write (R / W) unit 17 can be used (step 13).
0; Yes), based on the biometric data 310 stored in the work memory 16, a personal authentication process described below is performed on the fingerprint (step 150).

The control section 11 performs personal authentication processing on the fingerprint and determines whether or not the personal authentication was successful (step 170). As a result, if it was determined that the personal authentication was not possible with the fingerprint (step 170). (Step 170; No), for example, a message that “authentication is not established by fingerprint” is displayed on the display unit 14 (Step 180), the IC card user is notified, and the process is terminated.

On the other hand, when the control unit 11 determines that the personal identification has been successfully performed by the fingerprint (step 170; Ye
s), a personal authentication process using a voiceprint described later is performed (step 190).

The control section 11 performs personal authentication processing for the voiceprint, determines whether or not the personal authentication has been successful (step 210). As a result, if it is determined that the personal authentication was not possible due to the voiceprint ( (Step 210; No), for example, a message “authentication is not established due to voiceprint” is displayed on the display unit 14 (Step 220), the IC card user is notified, and the process is terminated.

On the other hand, when the control unit 11 determines that the personal authentication has been completed by the voice print (step 210; Ye
s), a personal authentication process using a signature described later is performed (step 230).

The control section 11 performs personal authentication processing on the signature and determines whether or not the personal authentication has been successful (step 250). As a result, if it is determined that the personal authentication was not possible with the signature (step 250). Step 250; N
o) For example, it is displayed on the display unit 14 as a message “authentication failed by signature” (step 260).
Notify the IC card user and end the process.

On the other hand, when the control unit 11 determines that the personal authentication has been completed by the signature (step 250; Ye
s), e.g., "Personal authentication for everything is O
K "message to the user (step 27).
0), and the process ends.

The operation of the personal identification process using the fingerprint in step 150 will be described with reference to FIG.

If it is determined that the mounted IC card is usable, the control unit 11 sets “0” in the work area N of the work memory 16 (step 15).
1) After that, for example, the display unit 14 displays "Please put a finger necessary for personal authentication by fingerprint on the sensor."

When the authenticator puts a finger on biosensor 18 based on this display (step 152), biosensor 1
8 reads the fingerprint of the placed finger (step 15)
3) The image data of the read fingerprint is stored in the image memory 2
1 is stored.

Next, the control section 11 creates fingerprint collation data having feature points as described above from the fingerprint image data stored in the image memory 21 (step 1).
54), this is stored in the work memory 16.

Subsequently, the controller 11 controls the work memory 16
Biometric data 310 stored in the fingerprint
Is read (step 155), and it is determined whether or not the current time is within the expiration date in the expiration date area 314 (step 156).

The control unit 11 determines that the current time is the expiration date area 3
If it is determined that the time is not within the validity period (step 156; No), it is determined that authentication is not possible (step 1).
57), the personal identification process using the fingerprint is terminated, and if it is determined that the current time is within the validity period (step 1)
56; Yes), the personal identification data of the fingerprint in the personal identification data area 318 is collated with the fingerprint collation data (step 158).

Thereafter, the control unit 11 determines whether or not the degree of coincidence between the fingerprint authentication data and the fingerprint collation data is greater than a predetermined number (step 159).

If the control unit 11 determines that the degree of coincidence between the fingerprint authentication data and the fingerprint collation data is less than a predetermined number (step 159; No), the work memory 16
It is determined whether or not the work area N is equal to or larger than “n” (step 160).

If the control section 11 determines that the work area N of the work memory 16 is smaller than “n” (step 160; No), the control section 11 newly sets the value of “n” in the work area N to “n”.
+1 "is set (step 161), and the process proceeds to step 152 to continue the same processing as described above.

On the other hand, if the control section 11 determines that the work area N of the work memory 16 is equal to or larger than “n” (step 160; Yes), it determines that the authentication is not possible (step 162) and uses the fingerprint to identify the person. The authentication processing ends.

In step 159, the control section 11
If it is determined that the degree of coincidence between the fingerprint authentication data and the fingerprint collation data is greater than a predetermined number (step 159; Y
es), it is determined that the authentication is permitted (step 16)
3).

Thereafter, the control unit 11 transmits the authentication count area 315 of the biometric data 310 of the fingerprint, the previous authentication date area 316O and the average interval date area 317 via the IC card read / write (R / W) unit 17. The value obtained by adding 1 to the number of times of authentication, the date of the current time of authentication, and the value of the newly calculated average interval date are written, and the biometric data 310 is updated (step 164). The process ends.

The operation of the personal authentication process based on the voiceprint in step 190 will be described with reference to FIG.

When the personal authentication by the fingerprint is permitted, the control unit 11 sets "0" in the work area N of the work memory 16 (step 191), and for example, "speaks the voice necessary for the personal authentication by voice. Please "on the display unit 14.

When the authenticator pronounces the biosensor 19 based on the display (step 192), the biosensor 19 reads the voice (step 193), and stores the read voice data in the voice memory 22.

Next, the control section 11 creates voiceprint collation data having feature points as described above from the audio data stored in the audio memory 22 (step 19).
4) Store this in the work memory 16.

Subsequently, the control unit 11 controls the work memory 16
Is read out of the biometric data 410 stored in the expiration date area (step 195), and it is determined whether or not it is within the expiration date stored in the expiration date area 414 (step 196).

If the control unit 11 determines that it is not within the expiration date in the expiration date area 414 (step 1).
96; No), it is determined that authentication is not possible (step 197),
If the authentication process using the voice print is completed, and if it is determined that the current time is within the expiration date in the expiration date area 414 (step 196; Yes), the identity of the voice print in the authentication data area 418 of the biometric data 410 is determined. The authentication data and the voiceprint collation data are collated (step 198).

The control unit 11 determines whether or not the degree of coincidence between the voice print personal authentication data and the voice print collation data is greater than a predetermined number (step 199).

If the control unit 11 determines that the degree of coincidence between the voiceprint personal authentication data and the voiceprint collation data is smaller than a predetermined number (step 199; No), the work memory 16
It is determined whether the work area N is equal to or larger than “k” (step 200).

When the control section 11 determines that the work area N of the work memory 16 is smaller than “k” (Step 200; No), the control section 11 newly adds the value of “k” of the work area N to “k”.
+1 "is set (step 201), and the process proceeds to step 192 to continue the same processing as described above.

On the other hand, if the control section 11 determines that the work area N of the work memory 16 is equal to or larger than “k” (step 200; Yes), it determines that authentication is not possible (step 202) and uses the voiceprint. The personal authentication processing ends.

In step 199, the control unit 11
If it is determined that the degree of coincidence between the voice print personal authentication data and the voice print collation data is greater than a predetermined number (step 199; Y
es), it is determined that the authentication is permitted (step 20)
3).

After that, the control unit 11 transmits, via the IC card read / write (R / W) unit 17, the authentication count area 415 of the biometric data 410 of the voice print, the previous authentication date area 416 and the average interval date area 417. Write the value obtained by adding 1 to the number of times of authentication, the date of this authentication, and the value of the newly calculated average interval day, respectively.
The biometric data 410 stored in the card 30 is updated (step 204), and the personal authentication process based on the voice print is completed.

The operation of the personal authentication process based on the signature in step 230 will be described with reference to FIG.

When the personal authentication based on the voiceprint is permitted, the control unit 11 sets “0” in the work area N of the work memory 16 (step 131), and fills in, for example, “signature required for personal authentication by signature. Please display. "On the display unit 14.

When the authenticator fills in the biosensor 20 based on this display (step 232), the biosensor 2
0 reads the designated signature (step 23).
3) The read signature data is stored in the image memory 21.

Next, the control section 11 creates signature collation data having feature points as described above from the signature image data stored in the image memory 21 (step 234), and stores this in the work memory 16 (step 234). To memorize.

Subsequently, the control unit 11 controls the work memory 16
Is read out (step 235), and the current time is set to the expiration date area 51.
It is determined whether or not the expiration date has been reached (step 236).

The control unit 11 determines that the current time is the expiration date area 5
14 (step 236; No), it is determined that authentication is not possible (step 2).
37), the personal authentication processing using the signature is completed, and if it is determined that the current time is within the validity period (step 236; Yes), the personal authentication data and the signature collation data of the signature in the personal authentication data area 518 are provided. Are compared (step 238).

Thereafter, control device 11 determines whether or not the degree of coincidence between the signature authentication data and the signature verification data is greater than a predetermined number (step 239).

When the control unit 11 determines that the degree of coincidence between the personal identification data of the signature and the signature verification data is smaller than a predetermined number (step 239; No), the work area N of the work memory 16 is set to “m”. It is determined whether or not this is the case (step 240).

When the control section 11 determines that the work area N of the work memory 16 is smaller than “n” (Step 240; No), the control section 11 newly sets the value of “m” in the work area N to “m”.
+1 "is set (step 241), and the flow shifts to step 232 to continue the same processing as described above.

On the other hand, if the control section 11 determines that the work area N of the work memory 16 is equal to or larger than "m" (step 240; Yes), it determines that the authentication is not possible (step 242), and signs the person. The authentication processing ends.

In step 239, the control unit 11
If it is determined that the degree of coincidence between the signature authentication data and the signature verification data is greater than a predetermined number (step 23).
9; Yes), it is determined that the authentication is permitted (step 243).

Thereafter, the control unit 11 controls the authentication number area 515 of the biometric data 510 of the signature, the previous authentication date area 516 and the average interval date area 517 via the IC card read / write (R / W) unit 17. A value obtained by adding 1 to the number of times of authentication, the date of this authentication and the value of the newly calculated average interval day are written in each of them.
The biometric data 510 of the C card 30 is updated (step 244), and the personal authentication processing ends with the signature.

In the information terminal 1 of this embodiment, the fingerprint, voiceprint, and fingerprint data read by the biosensors 18, 19, and 20 are used for fingerprint, voiceprint, and signature verification data. Since personal authentication is performed for the signature and the signature, the security level of the system can be increased.

Further, in the information terminal 1 of this embodiment,
Based on the validity period of the biometric data 310, 410, 510 stored in the IC card 30,
Since it is determined whether or not the current time of the user authentication is within the validity period of the user authentication, the security of the system can be further enhanced.

Further, in the information terminal 1 of this embodiment, if the current time to be authenticated is out of the validity period in which the user can be authenticated, the read personal authentication data is transmitted to the information terminal 1.
Since re-registration is performed in the C card 30, personal authentication can be performed for the secular change of the biometric data.

Further, in the information terminal 1 of this embodiment, if the user is authenticated by the fingerprint, voiceprint and signature, the biometric data 310, 410, 51
By updating the management data such as the number of times of authentication of 0, the previous authentication date and the average interval date, it is possible to store the management information of the person who has performed the authentication, and to grasp the identity authentication status. Can be.

In the information terminal 1 of this embodiment described above, fingerprints, voices, and signatures are used as biosensors.
It may be about a handprint or a face shape.

In the information terminal 1 of this embodiment described above, the biometric data 3
10, 410, and 510 are read, and based on the read biometric data 310, 410, and 510, personal authentication is performed for fingerprints, voiceprints, and signatures. Instead, as shown in FIG. The personal authentication database 23 having the biometric data 310, 410, 510 may be incorporated.

[0119]

According to the present invention, the following effects can be obtained.

(1) According to the first or second aspect of the present invention, the personal authentication judging means performs the personal authentication using the plurality of collation data generated by the collation data generating means, so that the security of the system is enhanced. be able to.

(2) According to the third aspect of the present invention, since the biometric data is of a type for a fingerprint, a voiceprint, and a signature, personal authentication can be performed for the fingerprint, the voiceprint, and the signature.

(3) According to the invention described in claim 4, the validity period determining means determines whether or not the current time to be authenticated is within the validity period for personal authentication based on the validity period of the biometric data. Thus, the security of the system can be further enhanced.

(4) In the invention according to claim 5, when the current time to be authenticated by the validity period determining means is outside the validity period in which the personal authentication can be performed, the biometric data read by the re-registration means is reproduced. Because I will register
Personal authentication can be performed for the secular change of biometric data.

(5) According to the invention described in claim 6, when the user is authenticated, the management data such as the number of times of authentication of the biometric data, the previous authentication date and the average interval date are updated. It is possible to grasp the personal authentication status of a person.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a configuration of an embodiment of an information terminal according to the present invention.

FIG. 2 is a diagram showing a security level of authentication data.

FIG. 3 is a diagram showing an assignment number of each authentication data.

FIG. 4 is a block diagram showing a configuration of information stored in the IC card in FIG. 1;

FIG. 5 is a flowchart showing the operation of the information terminal of this embodiment.

FIG. 6 is a flowchart showing an operation in step 150 in FIG. 5;

FIG. 7 is a flowchart showing the operation in step 190 in FIG. 5;

8 is a flowchart showing the operation in step 230 in FIG.

FIG. 9 is a block diagram showing a configuration of another embodiment of the information terminal according to the present invention.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Information terminal 11 Control part 12 System memory 13 Input part 14 Display part 15 Communication part 16 Work memory 17 IC card read / write (R / W) part 18 Biosensor 19 Biosensor 20 Biosensor 21 Image memory 22 Voice memory 23 Principal Authentication database 30 IC card 310, 410, 510 Biometric data 320 Mutual authentication data

Claims (6)

[Claims] An information terminal for reading one or a plurality of biometric data comprising management data and personal authentication data stored in an IC card and performing personal authentication based on the read biometric data. A collation data generating means for generating collation data for collating with the personal authentication data; collating the collation data generated by the collation data generating means with the personal authentication data to determine whether or not the user is the principal; An information terminal, comprising: personal authentication determination means. 2. A storage means for storing single or plural biometric data comprising management data and personal authentication data, and performing personal authentication based on the biometric data stored in the storage means. An information terminal, comprising: a verification data generation unit that generates verification data for verification with the personal authentication data; and a verification data generated by the verification data generation unit; An information terminal, comprising: personal authentication determining means for determining whether or not the information is authenticated. 3. The information terminal according to claim 1, wherein the biometric data is of a type such as a fingerprint, a voiceprint, and a signature. 4. The management data includes validity period data for which the personal authentication is valid. Based on the validity period data, whether the current time at which the personal authentication is to be performed is within the validity period in which the personal authentication can be performed. 3. The information terminal according to claim 1, further comprising a validity period determining means for determining whether the information terminal is valid or not. 5. A re-registration unit for re-registering the read biometric data when the validity period determination unit determines that the current time to be authenticated is outside the validity period for authenticating the user. The information terminal according to claim 4, characterized in that: 6. The management data includes data such as a validity period during which personal authentication is valid, the number of authentications, a previous authentication date, an average authentication interval date, and the like. 3. The information terminal according to claim 1, further comprising: a management data updating unit configured to update data of the number of times of authentication, last authentication date, and average authentication interval date in the management data when the authentication is determined. Machine.