JP2010165323A - Biometric authentication method and system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent leakage of biological information data, and secure safe and quick authentication and control authentication strength under the control of an authentication management organization. <P>SOLUTION: A conversion code management server 103 manages a conversion code for converting biological information data, and outputs extracted biological information data that is converted based on the conversion code, as converted biological information data for registration upon registration of the biological information. A converted biological information database management server 104 stores and manages the converted biological information data for registration. The biometric authentication server 102 receives the extracted biological information data as biological information data for collation upon collation of the biological information, performs conversion on the basis of the conversion code managed in the conversion code management server 103, outputs the converted biological information data for collation, and collates the converted biological information data for collation with the converted biological information data for registration managed by the converted biological information database management server 104. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The disclosed technology relates to a biometric authentication technology.

  Accompanying the expansion of commercial use of computer networks, there is a need for identity verification techniques for data access, payment, slip delivery, etc. on the network. As one of identity verification techniques, personal authentication techniques using biometric information have begun to spread. By using the biometric information unique to each person for personal authentication, the biometric information of each individual cannot be held by anyone other than the person, so that it is ensured that the person is the person. As personal authentication technology using biometric information, there are so-called biometric authentication technologies for fingerprints, irises, blood vessel patterns, voiceprints, retinas, faces, and the like.

  Biometric authentication technology, unlike passwords and possessions, has the feature that it is difficult to impersonate the person. On the other hand, measuring personal biometric information that cannot be changed and using it for authentication has a great impact when the biometric information for authentication is stolen or leaked when the master key is always used.

  FIG. 32 is a configuration diagram of a conventional general biometric information registration system. The biometric information acquisition unit 3201 acquires biometric information for user registration through the sensor. Next, the feature information extraction unit 3202 extracts feature information from the acquired biometric information, and outputs the feature information data as biometric information data. Next, the encryption unit 3203 encrypts the biometric information data. Then, the registration unit 3204 registers the encrypted biometric information data in the database using user ID information (hereinafter simply referred to as “ID”) input by the user as a key.

  FIG. 33 is a configuration diagram of a conventional general biometric information matching system. The biometric information acquisition unit for verification 3301 acquires biometric information for user verification through the sensor. Next, the feature information extraction unit 3302 extracts the feature information from the acquired biometric information for collation, and outputs the data of the feature information as biometric information data for collation. On the other hand, the registered biometric information acquisition unit 3303 extracts the registered biometric information data registered by the user from the database using the ID input by the user as a key. Next, the encrypted data decryption processing unit 3304 decrypts the original unencrypted biometric information data for registration from the encrypted biometric information data. Subsequently, the collation processing unit 3305 executes a process of collating the biometric information data for collation extracted by the feature information extraction unit 3302 and the biometric information data for registration decrypted by the encrypted data decryption processing unit 3304, The similarity between the two is calculated. Then, the coincidence / non-coincidence confirmation unit 3306 determines that the authentication has been established when the value of the similarity score is equal to or higher than a predetermined value, and particularly notifies a login system or a door lock control system (not shown).

FIG. 34 is a configuration diagram of a conventional general client / server type biometric information registration system based on the biometric information registration system shown in FIG.
The client 3401 is a computer or an entrance / exit system used by the user. The client includes a biological information sensor 3404, a numeric keypad 3405, a biological information acquisition unit 3406, and a biological information extraction unit 3407. In the client 3401, the user first inputs an ID using the numeric keypad 3405 or the like. At the same time, the biological information acquisition unit 3406 acquires the biological information of the user through the biological information sensor 3404. Next, the biometric information extraction unit 3407 extracts biometric information data for registration from the biometric information. The client 3401 transmits the biometric information data for registration and the user ID input from the numeric keypad 3405 or the like to the biometric authentication server 3402. Here, the biological information data is the biological information acquisition unit 34.
The biometric information acquired in 06 may be directly converted into data, or may be data obtained by extracting feature information from the biometric information as shown in FIG.

  The biometric authentication server 3402 is a server computer that performs biometric authentication, and includes a write processing unit 3408. In the biometric authentication server 3402, the write processing unit 3408 transmits the user ID and registration biometric information data received from the client 3401 to the biometric information database management server 3403 after encrypting it as necessary.

  The biometric information database management server 3403 is a server that manages the biometric information database 3409, and may be the same server computer as the biometric authentication server 3402 or may be a separate server computer. Upon receiving the user ID and registration biometric information data from the biometric authentication server 3402, the biometric information database management server 3403 registers the biometric information data for registration in the biometric information database 3409 using the ID as a key.

  FIG. 35 is a configuration diagram of a conventional general client / server type biometric information matching system based on the biometric information matching system shown in FIG. In FIG. 35, the same server apparatus as in FIG. 34, and the same number are assigned to the same parts.

  When performing authentication, the user inputs an ID using the numeric keypad 3405 or the like on the client 3401. At the same time, the biological information acquisition unit 3406 acquires the biological information of the user through the biological information sensor 3404. Next, the biometric information extraction unit 3407 extracts biometric information data for verification from the biometric information. The client 3401 transmits the biometric information data for verification and the user ID input from the numeric keypad 3405 to the biometric authentication server 3402.

  The biometric authentication server 3402 includes an authentication processing unit 3501 in addition to the write processing unit 3408 shown in FIG. This authentication processing unit 3501 corresponds to the matching processing unit 3305 and the match / mismatch confirmation unit 3306 in FIG. Upon receiving the user ID and biometric data for verification from the client 3401, the authentication processing unit 3501 transmits the ID to the biometric information database management server 3403.

  When receiving the ID from the biometric authentication server 3402, the biometric information database management server 3403 searches the biometric information database 3409 using the ID as a key, and extracts biometric data for registration of the user corresponding to the ID. Then, the server 3403 transmits the biometric information data for registration to the biometric authentication server 3402 together with the ID.

  Upon receipt of the ID and biometric information data for registration from the biometric information database management server 3403, the authentication processing unit 3501 of the biometric authentication server 3402 performs decryption processing on the biometric information data for registration as necessary. Then, the authentication processing unit 3501 executes a process of collating the biometric information data for registration with the biometric information data for matching corresponding to the ID received from the client 3401, calculating the similarity between the two, Authenticate based on the degree value.

  In the conventional general client-server type biometric authentication system described above, the authentication processing unit 3501 keeps the biometric information data as raw data or decrypts the encryption applied to the biometric information data on the memory. In addition, the verification authentication process was executed. In addition, as the biometric information data, raw biometric information or primary ten-key feature information in which the original biometric information is easily inferred is used.

A biometric information registration / collation system as shown in FIG. 36 and FIG. 37 is known as an improved system of the above-described conventional general client / server type biometric authentication system.

  FIG. 36 is a configuration diagram of a conventional client / server type biometric information registration system with a biometric information conversion function. In FIG. 36, the same server apparatus as in FIG. 34, and the same number are assigned to parts that perform the same processing.

  In the configuration of FIG. 36, when the biometric information data is registered, the biometric information conversion unit 3601 in the client 3401 is extracted by the biometric information extraction unit 3407 without registering the biometric information data for registration as it is. Convert biometric data for registration once. The client 3401 transmits the converted biometric information data for registration to the biometric authentication server 3402 together with the ID.

  In the biometric authentication server 3402, the writing processing unit 3602 transmits the user ID and the converted biometric data for registration received from the client 3401 to the converted biometric information database management server 3603.

Then, the converted biometric information database management server 3603 registers the converted biometric information data for registration in the converted biometric information database 3604 using the ID as a key.
FIG. 37 is a block diagram of a conventional client / server type biometric information matching system with biometric information conversion function corresponding to FIG. In FIG. 37, the same number is attached | subjected to the part which performs the same server apparatus and the same process as the case of FIG. 34 or FIG.

  In the configuration of FIG. 37, even when authentication is performed, when biometric information data is acquired by the client 3401, the biometric information conversion unit 3601 in the client 3401 is not registered in the form of matching biometric information data as it is. The biometric information data for verification extracted by the biometric information extraction unit 3407 is once converted. Then, the client 3401 transmits the converted biometric data for verification together with the ID to the biometric authentication server 3402.

  The biometric authentication server 3402 includes an authentication processing unit 3701 in addition to the write processing unit 3602 shown in FIG. Upon receiving the user ID and the converted biometric data for verification from the client 3401, the authentication processing unit 3701 transmits the ID to the converted biometric information database management server 3603.

  When the converted biometric information database management server 3603 receives the ID from the biometric authentication server 3402, the converted biometric information database 3604 is searched using the ID as a key, and the converted biometric information data for the user corresponding to the ID is converted. To extract. Then, the server 3603 transmits the converted biometric information data for registration to the biometric authentication server 3402 together with the ID.

  The authentication processing unit 3701 of the biometric authentication server 3402 collates the converted biometric data for registration from the converted biometric information database management server 3603 with the converted biometric data for verification corresponding to the ID from the client 3401. Execute the process. Then, the authentication processing unit 3701 calculates the similarity between the two, and performs authentication based on the similarity value.

  Here, if the converted biometric data for registration is stolen from the biometric authentication server 3402 or the converted biometric information database management server 3603, when the biometric information is re-registered by the user in the system of FIG. The user inputs the changed conversion code from the numeric keypad 3405. As a result, at the time of re-registration of biometric information, the conversion format (conversion parameters, etc.) in the biometric information conversion unit 3601 is changed. By such a method, impersonation by data stolen in the past is prevented.

  In this case, the conversion algorithm, conversion table, parameters, and the like in the biometric information conversion unit 3601 are managed by the user who is the biometric information data provider, and are directly extracted from the biometric information or the biometric information to the registration manager. Biological information data such as feature information is not passed. Thereby, abuse of biometric information by a malicious server administrator and protection of privacy are realized.

Japanese Unexamined Patent Publication No. 2000-11176

  However, in the first prior art shown in FIGS. 34 and 35, when a malicious server administrator steals raw biometric information data by, for example, a memory dump operation on the server, or a large amount of biometric information data leaks from the server. However, when the cipher is broken, a big problem occurs. In other words, since biometric data is often easily inferred from biometric information, it is difficult to use the biometric information itself, and it is impossible to deal with it simply by re-registering the biometric information. Was. In addition, it is expected that a user who has leaked information hesitates to use the same kind of biometric authentication in another system.

  On the other hand, in the second prior art shown in FIGS. 36 and 37, the biological information is not stolen by a malicious server administrator in a direct form. However, when the converted biometric data for registration is stolen, the user must be prompted to change the conversion format in the biometric information conversion unit 3601 in the client 3401. This is the same as when the user himself / herself has to change the password if the password is stolen in the case of the conventional normal authentication method using a simple password. Therefore, the second prior art essentially includes the problems of the normal authentication method.

  In other words, in the second conventional technique, when the converted biometric information data for registration is stolen, the user must wait for the user to change the biometric information conversion format, and the authentication management organization quickly authenticates. There was a problem that it was difficult to protect.

  In the second prior art, authentication strength control (expiration date / strength, such as periodically changing the conversion format of biometric information or changing to a more complex one such as a combination of a plurality of conversion formats). In the case of direct management), it was necessary to explicitly encourage users to make changes. This is still the same problem that the security of authentication cannot be controlled unless the user is explicitly prompted to use a more complicated password in the normal authentication method. It was difficult to do.

  In particular, when there are a plurality of users who use the client, it is necessary to have a plurality of conversion keys (or conversion codes) for performing biometric information conversion processing individually, and the conversion keys must be managed by the user himself / herself. . Therefore, the control of the authentication strength depends on whether the user properly manages the conversion key. Further, the user must always carry the conversion key, and when the conversion key is forgotten or lost, it is difficult for the user to control the authentication management organization. Furthermore, it has a problem that it is unsuitable for services using public terminal devices such as ATMs.

In order to solve the above problems, it is easy to install a biometric information conversion unit on the biometric authentication server side instead of the client side so that the conversion format can be changed by the authentication management organization side. . In that case, however, there is a possibility that information regarding the conversion format together with the converted biometric data for registration may be stolen as a set by a malicious server administrator, in which case it can be impersonated by data stolen in the past. The security of authentication cannot be maintained.

  The problem to be solved by the disclosed technology is to prevent leakage of biometric information data itself, and to quickly ensure the safety of authentication and control the authentication strength led by the authentication management organization.

In order to solve the above problems, the disclosed technology includes the following configuration.
The conversion code management step manages a conversion code for converting the biological information data.
The conversion registration processing step outputs converted biometric information data for registration obtained by converting the biometric information data for registration input at the time of biometric information registration based on the conversion code.

The converted biometric information data management step records and manages the converted biometric information data for registration.
Then, the conversion verification processing step outputs the converted biometric data for verification that has been converted based on the conversion code from the biometric data for verification input at the time of biometric information verification, The converted biometric information data for registration is collated.

  According to the disclosed technology, the biometric information data is converted according to the conversion code managed by the conversion code management step, and the registration processing by the conversion registration processing step or the verification processing by the conversion verification processing step is performed. As a result, when biometric information data is stolen or leaked, the conversion code for conversion processing is quickly changed at the initiative of the authentication organization, either collectively or individually for each user ID, under the control of the conversion code management step. Even if the encryption processing of the stolen / leaked biometric information is decrypted, reuse can be prevented.

  Moreover, even if there is one malicious system administrator by managing the conversion code management step, the converted biometric information data management step, etc. separately from the conversion registration processing step and the conversion verification processing step, It becomes possible to prevent all information necessary for abuse of the biological information data from being obtained.

It is a block diagram of the biometric information registration system part in 1st Embodiment of a biometric information authentication system. It is a block diagram of the biometric information collation system part in 1st Embodiment of a biometric information authentication system. It is explanatory drawing of the re-registration process at the time of the biometric information leak in 1st Embodiment of a biometric information authentication system. It is a figure which shows the example of conversion by the pattern conversion (deformation) process of biometric information data. It is a figure which shows the example of a conversion registration by the pattern conversion (deformation) process by vein data. It is a figure which shows the example of collation by the pattern conversion process by vein data. It is a figure which shows the example of conversion by the random function conversion process of biometric information data. It is a figure which shows the example of conversion registration by the random function conversion process in vein data. It is a figure which shows the collation example (the 1) by the random function conversion process in vein data. It is a figure which shows the collation example (the 2) by the random function conversion process in vein data. It is a figure which shows the example of conversion by the coordinate system conversion process of biometric information data. It is a figure which shows the example of a conversion by the pattern conversion (deformation) process + random function conversion process of biometric information data. It is a figure which shows the example of a conversion registration by the pattern conversion (deformation) process + random function conversion process in vein data. It is a figure which shows the collation example (the 1) by the pattern conversion (deformation) process + random function conversion process in vein data. It is a figure which shows the collation example (the 2) by the pattern conversion (deformation) process + random function conversion process in vein data. It is a figure which shows the example of the conversion code database in the combination system of a some conversion process. It is a figure which shows the example of the pattern conversion process by which conversion intensity | strength is changed with the quality of biometric information data. It is a figure which shows the example of the random function conversion process by which conversion strength is changed with the quality of biometric information data. It is a figure which shows the 1st structural example of a biometric information data leak detection means. It is a figure which shows the 2nd structural example of a biometric information data leak detection means. It is a block diagram of 2nd Embodiment of a biometric information authentication system. It is a block diagram of 3rd Embodiment of a biometric information authentication system. It is a block diagram of the biometric information registration system part in 4th Embodiment of a biometric information authentication system. It is a block diagram of the biometric information collation system part in 4th Embodiment of a biometric information authentication system. It is a block diagram of the biometric information registration system part in 5th Embodiment of a biometric information authentication system. It is a block diagram of the biometric information collation system part in 5th Embodiment of a biometric information authentication system. It is a figure which shows the structural example of the conversion code production | generation / check process part which performs the generation management of a conversion code. It is a block diagram of 6th Embodiment of a biometric information authentication system. It is a block diagram of 7th Embodiment of a biometric information authentication system. It is a figure which shows the example collated using the biometric information data for registration by conversion with a different conversion code for every date (day of the week). It is a hardware block diagram which implement | achieves each embodiment. It is a block diagram of the conventional general biometric information registration processing system. It is a block diagram of the conventional general biometric information collation system. It is a block diagram of the conventional general client server type | mold biometric information registration system. It is a block diagram of the conventional general client server type | mold biometric information collation system. It is a block diagram of the conventional client server type biometric information registration system with a biometric information conversion function. It is a block diagram of the conventional client server type biometric information collation system with a biometric information conversion function.

Hereinafter, embodiments will be described in detail.
FIG. 1 is a configuration diagram of a biometric information registration system portion in the first embodiment of the biometric information authentication system. This configuration is an embodiment of a client-server type biometric authentication system that performs personal authentication based on a verification result of biometric information data for verification and biometric information data for registration. The client 101 is, for example, a computer used by the user or an entry / exit system.

  In the configuration of FIG. 1, the client 101, the biometric authentication server 102, the conversion code management server 103, and the converted biometric information database management server 104 operate in cooperation. The client 101 includes a biological information acquisition unit 107 that acquires biological information from the biological information sensor 105 and a biological information extraction unit 108 that extracts biological information data from the biological information. The biometric authentication server 102 includes a conversion registration processing unit 109. The conversion code management server 103 includes a conversion code generation / check processing unit 110 and a conversion code database 111.

The biometric information registration procedure in the biometric information registration system of FIG. 1 is as follows.
In the client 101, the user first inputs an ID using the numeric keypad 106 or the like. At the same time, the biological information acquisition unit 107 acquires the user's biological information through the biological information sensor 105. Next, the biometric information extraction unit 108 extracts biometric information data for registration from the biometric information. The client 101 transmits the biometric information data for registration and the user ID input from the numeric keypad 1065 or the like to the biometric authentication server 102. At this time, the user may use the ID of the user stored in some medium such as an IC card or a magnetic card. In addition, a third party may perform ID substitution input.

In the biometric authentication server 102, the conversion registration processing unit 109 receives the user ID and biometric information data for registration from the client 101.
The conversion registration processing unit 109 transmits the received ID to the conversion code management server 103. When the conversion code management server 103 receives the ID, the conversion code generation / check processing unit 110 generates a conversion code corresponding to the ID. The processing unit 110 transmits the conversion code to the biometric authentication server 102 together with the ID, and registers the conversion code in the conversion code database 111 using the ID as a key.

  Upon receiving the ID and the conversion code from the conversion code management server 103, the conversion registration processing unit 109 of the biometric authentication server 102 converts the conversion code for the biometric information data for registration received from the client 101 corresponding to the ID. The conversion process based on is executed. As a result, the processing unit 109 generates converted biometric information data for registration. The conversion of biometric information data here will be described in detail later, but does not indicate feature extraction or encryption from biometric information. For example, irreversible deformation of biometric information data, randomization function processing, The coordinate conversion process of feature data is shown. Thereafter, the conversion registration processing unit 109 transmits the converted biometric information data for registration to the converted biometric information database management server 104.

  The converted biometric information database management server 104 is a server that manages the converted biometric information database 112. When the server 104 receives the user ID and the converted biometric data for registration from the biometric authentication server 102, the server 104 registers the biometric data for registration registered in the converted biometric information database 112 using the ID as a key.

  FIG. 2 is a configuration diagram of a biometric information matching system portion in the first embodiment of the biometric information authentication system. In FIG. 2, the same number is assigned to the same server device as in FIG. 1 and the part performing the same processing.

In the configuration of FIG. 2, the biometric authentication server 102 newly includes a conversion verification processing unit 201.
The biometric information registration procedure in the biometric information registration system of FIG. 2 is as follows.
When performing authentication, the user inputs an ID using the numeric keypad 106 or the like on the client 101. At the same time, the biological information acquisition unit 107 acquires the user's biological information through the biological information sensor 105. Next, the biometric information extraction unit 108 extracts biometric information data for verification from the biometric information. The client 101 transmits the biometric information data for collation and the user ID input from the numeric keypad 106 or the like to the biometric authentication server 102.

In the biometric authentication server 102, the conversion verification processing unit 201 receives the user ID and verification biometric information data from the client 101.
The conversion verification processing unit 201 transmits the received ID to the conversion code management server 103 and the converted biometric information database management server 104.

  In the conversion code management server 103, upon receiving the ID, the conversion code generation / check processing unit 110 searches the conversion code database 111 using the ID as a key, and extracts a conversion code corresponding to the ID. Then, the processing unit 110 transmits the conversion code to the biometric authentication server 102 together with the ID.

  When the converted biometric information database management server 104 receives an ID from the biometric authentication server 102, the converted biometric information database 112 is searched using the ID as a key, and the registered biometric information data for the user corresponding to the ID is converted. To extract. Then, the server 104 transmits the biometric information data for registration to the biometric authentication server 102 together with the ID.

  Upon receiving the ID and the conversion code from the conversion code management server 103, the conversion verification processing unit 201 of the biometric authentication server 102 converts the conversion code for the verification biometric information data received from the client 101 corresponding to the ID. The conversion process based on is executed. As a result, the processing unit 201 generates converted biometric data for verification.

  Furthermore, the conversion verification processing unit 201 performs processing for verifying the converted biometric information data for registration received from the converted biometric information database management server 104 corresponding to the ID and the biometric information data for verification. Execute. Then, the processing unit 201 calculates the similarity between the two, and performs authentication based on the similarity value.

As a specific hardware configuration in the system configuration shown in FIGS. 1 and 2 described above, any one of the following configurations 1) to 4) can be adopted.

1) The biometric authentication server 102, the conversion code management server 103, and the converted biometric information database management server 104 are configured by individual server computers and individual hard disks. 2) The biometric authentication server 102, conversion code management server 103, and converted The biometric information database management server 104 is composed of the same server computer and individual hard disks.
3) Place the biometric authentication server 102, the conversion code management server 103, and the converted biometric information database management server 104 in physically separated locations.
3) The administrator of the biometric authentication server 102, the conversion code management server 103, and the converted biometric information database management server 104 is individually set.

In the system configuration of FIGS. 1 and 2, the ID registered in the converted biometric information database management server 104 may be an ID that is not associated with personal information on social life, such as a bank account number or credit card number. Is possible.

Further, in the system configuration of FIGS. 1 and 2, the conversion code may be configured by a plurality of data instead of one data, or may be handled as a conversion table on a matrix.
The re-registration process of biometric information data after the conversion-registered biometric information data or conversion code is found to be stolen or leaked in the system configuration of FIGS. 1 and 2 will be described using the explanatory diagram of FIG. In FIG. 3, the same number is assigned to the same server device and the same process as in FIG. 1.

  In the client 101, the user inputs an ID using the numeric keypad 106 or the like. At the same time, the biological information acquisition unit 107 acquires the user's biological information through the biological information sensor 105. Next, the biometric information extraction unit 108 extracts bioinformation data for re-registration from the biometric information. The client 101 transmits the re-registration biometric information data and the user ID input from the numeric keypad 1065 or the like to the biometric authentication server 102.

In the biometric authentication server 102, the conversion registration processing unit 109 receives the user ID and re-registration biometric information data from the client 101.
The conversion registration processing unit 109 transmits the received ID to the conversion code management server 103. When the conversion code management server 103 receives the ID, the conversion code generation / check processing unit 110 generates a new conversion code corresponding to the ID, and transmits the conversion code to the biometric authentication server 102 together with the ID. To do. Also, the processing unit 109 searches the conversion code database 111 using the ID as a key, replaces the old conversion code on the searched record with the newly generated conversion code, and re-registers it.

  When the conversion registration processing unit 109 of the biometric authentication server 102 receives the ID and the newly generated conversion code from the conversion code management server 103, the biometric information data for re-registration received from the client 101 corresponding to the ID. On the other hand, a reconversion process based on the new conversion code is executed. As a result, the processing unit 109 generates reconverted biometric information data for registration. Thereafter, the conversion registration processing unit 109 transmits the reconverted biometric information data for registration to the converted biometric information database management server 104.

  When the converted biometric information database management server 104 receives the user ID and the reconverted biometric data for registration from the biometric authentication server 102, the converted biometric information database management server 104 searches the converted biometric information database 112 using the ID as a key. Then, the server 104 replaces the old converted biometric information data for registration registered in the retrieved record with the newly received reconverted biometric information data for registration.

  With the configuration of the first embodiment in FIG. 1 or FIG. 2, biometric information data is converted according to the conversion code managed by the conversion code management server 103, and registration / collation processing is performed. As a result, when biometric information data is stolen or leaked, the conversion code for the conversion process is quickly changed individually or individually for each user ID, and the biometric information that has been stolen or leaked is encrypted. Even if it is done, it is possible to prevent reuse.

  In addition, since the biometric authentication server 102, the conversion code management server 103, and the converted biometric information database management server 104 are managed separately, even if there is one malicious system administrator, the biometric information data is stored. It has a feature that it is difficult to reuse because all information necessary for abuse cannot be obtained.

  An example of conversion of biometric information data in the conversion registration processing unit 109 in FIG. 1 or the conversion collation processing unit 201 in FIG. 2 is shown in FIG. In this example, pattern conversion (deformation) is performed as conversion processing of biological information data. For this conversion, a pattern conversion code is used as the conversion code in FIG. 1, and pattern conversion (deformation) is performed based on this code. This conversion example is characterized in that it is difficult to analogize the biometric information data before deformation and has irreversibility.

FIG. 5 shows an example of conversion registration based on FIG. 4 in the conversion registration processing unit 109 of FIG. 1 by the pattern conversion (deformation) processing (S501) when the biological information data is vein data.
FIG. 6 shows an example of conversion verification based on FIG. 4 in the conversion verification processing unit 201 of FIG. 2 by pattern conversion processing on vein data. In this example, pattern conversion processing using a pattern conversion code is performed on the biometric information data for verification (S601), and the converted biometric information data for verification and the converted biometric information data for registration are verified. (S602). In this way, the matching process is performed in a state where it is converted. The unit of pattern conversion is not limited to one dot, but can be applied in a block unit of a plurality of dots. In the case of 1 dot, smoother conversion can be performed.

  FIG. 7 shows another conversion example of the biometric information data in the conversion registration processing unit 109 in FIG. 1 or the conversion collation processing unit 201 in FIG. In this example, as the biometric information data conversion process, the biometric information data is converted by a random function in a predetermined unit (pattern block or pixel unit). For this conversion, a randomized table is used as the conversion code in FIG. As a result, the biometric information data for randomized registration is obtained as the converted biometric information data for registration in FIG. The unit of randomization is not limited to 1 dot, but can be applied in units of blocks. In the case of 1 dot, the analogy is the most difficult.

FIG. 8 shows an example of conversion registration based on FIG. 7 in the conversion registration processing unit 109 of FIG. 1 by random function conversion processing (S801) in units of one dot with vein data.
FIG. 9 shows an example of collation (part 1) based on FIG. 6 in the conversion collation processing unit 201 in FIG. 2 by random function conversion processing in units of one dot in vein data. In this example, the biometric information data for verification is randomized for each predetermined unit by the random function conversion process (S901), and the randomized biometric information data for verification and the biometric data for randomization registration for each randomized area. The information data is collated (S902). This collation process is repeated for each predetermined unit (S903). In this case, correction of positional deviation and enlargement / reduction is performed in advance so that the collation positions of the two do not deviate.

  Further, FIG. 10 shows a collation example (part 2) based on FIG. 6 in the conversion collation processing unit 201 in FIG. 2 by the random function conversion processing in units of one dot in vein data. In this example, conversion processing using an inverse random function is performed on the biometric information data for randomization registration in a predetermined unit in which the data is randomized (S1001). Then, for each randomized region, the derandomized biometric information data for registration is collated with the biometric information data for verification received from the client 101 (S1002). This collation process is repeated for each predetermined unit (S1003). In this case, since all of the biometric information data data for randomized registration is not derandomized at a time, it is possible to prevent all the biometric information data for registration from being derandomized and expanded on the memory. Leakage of biometric information data itself is prevented. In this example, the present invention can be applied even if there is a positional deviation between the biometric information data for registration and the biometric information data for verification.

  In FIG. 9 or FIG. 10, for each randomization unit linked to the collation processing in the conversion collation processing unit 201 in FIG. 2 without the randomization table that is the conversion code being sent collectively from the conversion code management server 103. By sending the randomized table, it is possible to prevent the biometric authentication server 102 of FIG.

  FIG. 11 shows still another conversion example of the biometric information data in the conversion registration processing unit 109 in FIG. 1 or the conversion matching processing unit 201 in FIG. In this example, coordinate system conversion is used as conversion processing of biometric information data. If the encoded feature information unique to the biometric information can be extracted, for example, the feature point coordinates in fingerprint authentication and the one-dimensional iris pattern (0: none / 1: present) in iris authentication, coordinate conversion is performed. It is possible to use. Further, in the face image, it is possible to provide a reference coordinate system for each part (eyes, nose, mouth).

  FIG. 12 shows still another example of conversion of biometric information data in the conversion registration processing unit 109 of FIG. 1 or the conversion collation processing unit 201 of FIG. In this example, the biometric information data conversion process is implemented by combining the pattern conversion process shown in FIG. 4 and the random function conversion process shown in FIG. The combined use of the two methods has the advantage of irreversibility due to pattern conversion (deformation) and the advantage that only part of the biometric data data for registration is simultaneously developed in the memory in the biometric authentication server 102 at the time of collation by randomization. Both can be satisfied.

  FIG. 13 shows an example of conversion registration based on FIG. 13 in the conversion registration processing unit 109 of FIG. 1 by a pattern conversion process (S1301) in the unit of one dot in vein data + random function conversion process (S1302).

  Further, FIG. 14 shows a collation example (part 1) based on FIG. 13 in the conversion collation processing unit 201 in FIG. 2 by one-dot pattern conversion processing + random function conversion processing in vein data. This example is a combination of FIG. 5 and FIG. After the biometric information data for collation is subjected to pattern conversion (S1401), random function conversion is performed for each predetermined unit (S1402), and the randomized biometric information data for collation and randomization registration for each randomized area The biometric information data is collated (S1403). This collation process is repeated for each predetermined unit (S1404).

  Further, FIG. 15 shows a collation example (part 2) based on FIG. 13 in the conversion collation processing unit 201 in FIG. 2 by the pattern conversion process in units of one dot in the vein data + random function conversion process. This example is a combination of FIG. 6 and FIG. That is, in this example, conversion processing using an inverse random function is performed on the biometric information data for randomization registration in a predetermined unit in which the data is randomized (S1501). On the other hand, the biometric information data for verification is subjected to pattern conversion (S1502). Then, for each randomized region, the derandomized biometric information data for registration and the biometric information data for matching subjected to pattern conversion are collated (S1503). This collation process is repeated for each predetermined unit (S1504).

  In both FIG. 14 and FIG. 15, since the matching is performed at least in the pattern-converted area, the resistance to leakage is strong. The configuration shown in FIG. 14 is more resistant to leakage because collation is further performed in a randomized region, but the configuration shown in FIG. 15 has higher stability against misalignment and the like.

  FIG. 16 is a diagram illustrating an example of the conversion code database 111 in the conversion code management server 103 in FIG. 1 when a combination method of a plurality of conversion processes is employed. As described above, the database 111 manages conversion codes for each conversion process for each user ID. For example, when both pattern conversion (deformation) processing and random function conversion processing are combined as described above, two types of conversion codes are managed for each ID.

  FIG. 17 is a diagram illustrating a processing example of the conversion registration processing unit 109 in FIG. 1 by pattern conversion processing (see FIGS. 4 and 5 and the like) including means for performing quality determination of biometric information data for registration. Biometric data with high quality values has less noise on the biometric information and is easy to collate. Therefore, even if the strength of transformation (size of deformation) is increased (making analogy of the original biometric information more difficult), the authentication performance of the user is degraded. It is assumed that the impact on Therefore, in FIG. 17, quality determination is performed on the registration biometric information data (S1701), the conversion strength is determined corresponding to the quality value obtained as a result (S1702), and the conversion code management of FIG. A pattern conversion code is selected in the server 103 (S1703). Then, biometric information data for registration is newly acquired, and pattern conversion processing using the selected pattern conversion code is executed (S1704), and converted biometric information data for registration is obtained.

  FIG. 18 is a diagram illustrating a processing example of the conversion registration processing unit 109 in FIG. 1 by a random function conversion process (see FIGS. 7 and 8 and the like) including means for performing quality determination of biometric information data for registration. In this example, first, quality determination is performed on the raw biometric information data for registration (S1801). Next, a randomization unit indicating the fineness of random function conversion is determined corresponding to the quality value obtained as a result (S1802), and the conversion code management server 103 in FIG. 1 selects a randomization table as a conversion code. (S1803). When the quality value of the biological information data is high, a finer randomization table is selected. Then, biometric information data for registration is newly acquired, random function conversion processing using the selected randomized table is executed (S1804), and biometric information data for randomized registration is obtained.

  Next, the biometric information collation system shown in FIG. 2 includes biometric information data leakage detection means, and when biometric information leak is detected, the conversion code and biometric data for registration are updated or the conversion code is updated. It is also possible. By detecting information leakage, it is possible to stop the user ID, notify a re-registration request for biometric information data for registration, and the like.

FIG. 19 is a diagram illustrating a first configuration example of the biological information data leakage detection unit.
First, the configuration of FIG. 19A is realized, for example, in the conversion registration processing unit 109 of FIG. When the converted biometric information data for registration is transmitted to the converted biometric information database management server 104, hash function processing is performed on the converted biometric information data for registration (S1901). The hash value obtained as a result is transmitted to the converted biometric information database management server 104 together with the converted biometric information data for registration. The converted biometric information database management server 104 registers the converted biometric information data for registration + hash value in the converted biometric information database 112 (FIG. 1).

  Next, the configuration of FIG. 19B is realized, for example, in the conversion collation processing unit 201 of FIG. A hash function process is performed on the converted biometric data for verification (S1902). On the other hand, from the converted biometric information database management server 104, the hash value registered in FIG. 19A is received together with the converted biometric information data for registration corresponding to the user ID. Then, it is compared whether or not the hash value of the biometric information data for verification matches the hash value of the biometric information data for registration (S1903), and if both match, leakage is determined.

  In the configuration shown in FIGS. 19A and 19B, the biometric information data for registration and the biometric information data for verification do not completely match. Therefore, converted biometric information for registration after conversion processing is performed on them. The hash values of the data and the converted biometric data for verification do not match. Therefore, if they match, the converted biometric information data for registration and the converted biometric information data for verification are the same, and the converted biometric information for verification is the leaked biometric information for registration. That is data. In this way, leakage determination can be performed.

  In the configuration of FIG. 19B, the hash value of the converted biometric data for verification that has been used in the past is stored, and the hash value of the biometric data for conversion that has been newly input is stored. A configuration in which leakage is determined when the hash value matches can be employed. In this configuration, the system administrator can detect unauthorized use such that the biometric authentication server 102 steals past converted biometric information data and reuses it.

FIG. 20 is a diagram illustrating a second configuration example of the biological information data leakage detection unit. In this example, authentication related processing logs in the biometric authentication server 102, the conversion code management server 103, and the converted biometric information database management server 104 in FIG. 1 or 2 are acquired (S2001). Based on this, the processing time difference between the servers is measured (S2002). As a result, a singular log is extracted such that there is a shift of a predetermined time or more in the synchronization of the associated processing log in each server (S2003), and leakage is determined. In such a case, it can be considered that a malicious person, particularly a system administrator, has performed some unauthorized operation on the server. Utilizing the fact that information is managed separately on multiple servers, and if there is inconsistency in the log, the system notifies the alarm that there is a possibility of leakage or theft.

  FIG. 21 is a configuration diagram of the second embodiment of the biometric authentication system. In FIG. 21, the same numbers are assigned to parts that perform the same processing as in the configuration of the first embodiment of FIGS. 1 and 2. The configuration of FIG. 21 is different from the configurations of FIGS. 1 and 2 in that the conversion registration processing unit 109 and the conversion verification processing unit 201 are not a single biometric authentication server 102 but individual biometric authentication registration servers 2101 and biometrics, respectively. It is a point installed in the authentication verification server 2102. By separating the two servers, it is possible to set the administrator of the server involved in registration and verification as different persons.

  FIG. 22 is a configuration diagram of the third embodiment of the biometric authentication system. In FIG. 22, the same numbers are assigned to parts that perform the same processing as in the configuration of the second embodiment in FIG. 21.

  In FIG. 22, an ID conversion management server 2201 is placed between the converted biometric information database management server 104, the biometric authentication registration server 2101, and the biometric verification server 2102. By performing ID conversion by the server 2201, the converted biometric information database management server 104 estimates the personal information of the person from the ID, not the ID that leads to the identification of the user such as a credit card number or a deposit account number. The converted biometric information data for registration can be managed with an ID that cannot be used. Although the biometric information is converted and managed, it is possible to further improve safety by making it impossible to identify an individual to be managed.

  In FIG. 22, the ID conversion management server 2201 converts the user ID notified from the biometric registration server 2101 or the biometric verification server 2102 once into a biometric information data management ID uniquely associated with the user ID, The biometric information data management ID is recorded in the converted biometric information database 112 in pairs with the converted biometric data for registration.

  In this way, by allowing separation management of personal information and biometric information data, even if the converted biometric data data for registration is leaked, it is safer by not leaking it together with a meaningful user ID. Can be secured.

  23 and 24 are configuration diagrams of the fourth embodiment of the biometric authentication system, and correspond to the configurations of the first embodiment of FIGS. 1 and 2, respectively. The same number is attached | subjected to the part which performs the same process as the case of the structure of 1st Embodiment of FIG.1 and FIG.2.

  23 and 24, the biometric authentication server 102 in FIGS. 1 and 2 is not provided, and the conversion registration processing unit 109 and the conversion collation processing unit 201 are installed in the biometric authentication client 2301.

  The conversion registration processing unit 109 and the conversion verification processing unit 201 in the biometric authentication client 2301 individually communicate with the conversion code management server 103 and the converted biometric information database management server 104, thereby realizing highly secure authentication management. it can.

  In addition, since the conversion processing in the conversion registration processing unit 109 and the conversion collation processing unit 201 is not automatically performed by the user, but automatically performed based on a communication instruction from the conversion code management server 103, the authentication management organization Can manage the authentication strength of each user.

  25 and 26 are configuration diagrams of the fifth embodiment of the biometric authentication system, and correspond to the configurations of the first embodiment of FIGS. 1 and 2, respectively. The same number is attached | subjected to the part which performs the same process as the case of the structure of 1st Embodiment of FIG.1 and FIG.2.

  25 and 26, the biometric authentication server 102 and the converted biometric information database management server 104 in FIGS. 1 and 2 are not provided, and the conversion registration processing unit 109, the conversion matching processing unit 201, and the converted biometric information database 112 are provided. Is installed in the biometric client 2301.

Only the conversion code management server 103 is separated from the biometric authentication client 2501, so that safe and minimum data separation is performed.
FIG. 27 is a diagram illustrating a configuration example of the conversion code generation / check processing unit 110 in the conversion code management server 103 in the systems of the first to fifth embodiments.

  In this configuration example, when the conversion code generation / check processing unit 110 (see FIG. 1 and the like) manages the conversion code generation management number and generates the conversion code, it is unique corresponding to the system user ID or the ID. The conversion code is created based on the ID set in the above and the conversion code generation management number. The conversion code generation management number is a number for managing a history that the conversion code needs to be changed due to leakage or the like, and can be said to be a leakage generation management number.

  For example, when the hash function processing by the hash function SHA-1 is performed to generate the change code (S2701), unique data of 20 bytes is generated. This data or data generated therefrom is created as a conversion code (S2702).

  These conversion codes may be managed as a series of codes in the conversion code database 111 (see FIG. 1 and the like), or may be stored as parameters of a certain function f (x). These conversion codes may be stored in a reference table format. The data may be used as an index for managing a parameter group for finally generating a conversion code.

  FIG. 28 is a block diagram of a sixth embodiment of the biometric authentication system based on the configuration of FIG. This configuration is based on the configuration of the second embodiment shown in FIG. 21, but may be based on the configuration of another embodiment. The same number is attached | subjected to the part which performs the same process as the case of the structure of 2nd Embodiment of FIG.

  In the sixth embodiment, the conversion code management server 103 includes a conversion code generation management unit 2801 and a conversion code generation management number database 2802 in addition to the conversion code generation / check processing unit 110 and the conversion code database 111. The conversion code generation management unit 2801 performs the hash function processing of FIG. 27, and generates the hash information of FIG. 27 based on the conversion code generation management number and the system number recorded in the conversion code generation management number database 2802. To do. Then, the conversion code generation / check processing unit 110 generates a conversion code based on the hash information.

  With such a configuration, conversion codes corresponding to a plurality of systems can be managed. The conversion code generation management number database 2802 manages the conversion code generation management number and the system number using the user ID or an ID uniquely corresponding thereto as a key. The conversion code generation management number is updated based on the fact of leakage or the length of the management period, and the corresponding conversion code in the conversion code database 111 is also updated based on the fact.

  The conversion code generation management number database 2802 can also be configured to manage application numbers together with conversion code generation management numbers (and system numbers). The conversion code generation management unit 2801 generates hash information based on the number including the application number, and a conversion code is created based on the hash information. Since the same biometric information data is managed using individual conversion codes for each application, the security code of high security can be secured by changing the conversion code between the high security application and the low security application. it can.

  FIG. 29 is a configuration diagram of the seventh embodiment of the biometric authentication system. The same number is attached | subjected to the part which performs the same process as the case of the structure of 6th Embodiment of FIG. In this configuration, a conversion code generation management unit 2801 that performs conversion code generation management and a conversion code generation management number database 2802 are installed independently in a conversion code generation management server 2901 different from the conversion code management server 103. With this configuration, conversion code generation management and conversion code management can be assigned to different server administrators.

  FIG. 30 is a diagram illustrating an example in which collation is performed using converted biometric information data for registration using different conversion codes for each date (day of the week). In this example, a plurality of converted biometric information data for registration converted with different conversion codes for each date (day of the week) with respect to the same biometric information data for registration is converted into a biometric information database 112 that has been converted (FIG. 1, etc.). Reference) is saved. For example, the same index finger fingerprint of the same right hand is used every day, but the index finger fingerprint data converted and registered with a different conversion code for each day of the week is used in the system. By storing registration information converted with multiple conversion codes in advance, converted registered biometric information data converted with different conversion codes according to time zone, day, day of the week, and month is automatically stored inside the system. It is possible to use. Thereby, the analogy of a conversion code and a conversion algorithm can be made more difficult.

  FIG. 31 shows a computer (biometric authentication server 102, conversion code management server 103, converted biometric information database management server 104, ID conversion management server 2201, conversion code generation management) that can realize the systems of the first to seventh embodiments. 2 is a diagram illustrating an example of a hardware configuration of a server 2901, biometric authentication clients 2301, 2501, and the like.

  The computer shown in FIG. 31 includes a CPU 3101, a memory 3102, an input device 3103, an output device 3104, an external storage device 3105, a portable recording medium drive device 3106 into which a portable recording medium 3109 is inserted, and a network connection device 3107. However, they are connected to each other by a bus 3108. The configuration shown in the figure is an example of a computer that can implement the above system, and such a computer is not limited to this configuration.

  The CPU 3101 controls the entire computer. The memory 3102 is a memory such as a RAM that temporarily stores a program or data stored in the external storage device 3105 (or the portable recording medium 3109) when executing a program or updating data. The CUP 3101 performs overall control by reading the program into the memory 3102 and executing it.

  The input device 3103 includes, for example, a keyboard, a mouse, and their interface control devices. The input device 3103 detects an input operation by a user using a keyboard, a mouse, or the like, and notifies the CPU 3101 of the detection result.

The output device 3104 includes a display device, a printing device, etc. and their interface control devices. The output device 3104 outputs data sent under the control of the CPU 3101 to a display device or a printing device.

The external storage device 3105 is, for example, a hard disk storage device. Mainly used for storing various data and programs.
The portable recording medium driving device 3106 accommodates a portable recording medium 3109 such as an optical disk, SDRAM, or compact flash, and has an auxiliary role for the external storage device 3105.

The network connection device 3107 is a device for connecting, for example, a LAN (local area network) or WAN (wide area network) communication line.
The systems according to the first to seventh embodiments described above are realized by the CPU 3101 executing a program equipped with necessary functions. The program may be recorded and distributed in, for example, the external storage device 3105 or the portable recording medium 3109, or may be acquired from the network by the network connection device 3107.

  According to the embodiment described above, the biometric information data is converted according to the conversion code managed by the conversion code management server 103, and the registration processing by the conversion registration processing unit 109 in the biometric authentication server 102 or the verification processing by the conversion verification processing unit 201 is performed. Done. As a result, when biometric information data is stolen or leaked, the conversion code for conversion processing is quickly changed at the initiative of the authentication organization, either collectively or individually for each user ID, under the control of the conversion code management server 103. it can. Therefore, even if the encryption processing of the stolen / leaked biometric information is decrypted, reuse can be prevented.

  In addition, since each server is managed separately, even when there is one malicious system administrator, it is possible to prevent all information necessary for abuse of biometric information data from being obtained. It becomes possible.

In addition, since a conversion code is set for each user ID, a more secure system can be realized.
Furthermore, by performing conversion code generation management for each user ID, a more secure system can be realized.

  In addition, the biometric information data leakage detection means updates the conversion code and registration biometric information data when the biometric information leak is detected, or updates the conversion code without waiting for the change of the conversion code by the user. It will be possible to detect leaks and take prompt action.

  Leakage detection in this case can be easily detected by comparing the hash values of the converted biometric information data for registration and the converted biometric information data for verification. Alternatively, the leakage can be easily detected by detecting a synchronization error of the processing logs between the servers.

  In addition, by storing the hash value of the converted biometric data for collation used in the past and comparing it with the newly obtained hash value of the biometric data for converted collation, the system administrator or the like maliciously It is possible to detect that past verification data has been stolen and reused on the server.

When the biometric information data pattern deformation is adopted as the conversion processing in the present embodiment, it is difficult to analogize the biometric information data before the deformation, and it is characterized by irreversibility. Further, as the conversion process, the biometric information data can be prevented from being inferred from the original registration biometric information data by performing random conversion on the biometric information data in a predetermined unit (pattern block or pixel unit). Further, by combining these, it is possible to perform a deformation process having both characteristics.
In this case, by controlling the conversion code database 111 on the conversion code management server 103 to record the conversion code for each conversion method, fine control of the authentication strength is possible.

  In the present embodiment, a quality determination unit that performs quality determination of biometric information data for registration is provided. Biometric data with a high quality value has less noise and is easy to collate with biometric data. Therefore, even if the conversion strength (size of deformation) is increased (making the analogy of the original biometric information more difficult) It is assumed that there is little impact on the decline. By selecting the conversion strength corresponding to the quality value and having a conversion code corresponding to each strength, it is possible to control to select a stronger conversion when the quality value of the biological information data is high. . In addition, by determining the granularity of random conversion according to the quality value and selecting a randomization table corresponding to it, it is possible to select a finer conversion when the quality value of the biological information data is high. .

  In this embodiment, the conversion code management server 103 manages not only the conversion code but also the conversion code generation management number, so that when the biometric information data leaks, conversion of the conversion code uniformly managed by the biometric authentication system is performed. It is possible to easily update the code generation management number and generate a new conversion code. Further, by performing this generation management for each user ID, finer management becomes possible. Also, by combining conversion code generation with conversion code generation management number, user ID, system number, application number, etc., authentication strength can be managed for each usage period, for each user, for each system, and for each application. It becomes.

  In the present embodiment, the ID conversion management server 2201 converts the user ID, so that personal information and biometric information data can be managed separately. As a result, even if the converted biometric data data for registration is leaked, for example, it is possible to ensure more safety by not letting it leak simultaneously with a meaningful user ID such as a deposit account.

  In this embodiment, by holding registration information converted in advance with a plurality of conversion codes, converted registration biometric information data converted with different conversion codes according to time zone, day, day of the week, month, etc. It can be automatically used inside the system. Thereby, the analogy of a conversion code and a conversion algorithm can be made more difficult.

Regarding the above embodiments, the following additional notes are disclosed.
(Appendix 1)
A conversion code management step for managing a conversion code for converting biological information data;
A conversion registration processing step for outputting biometric information data for registration that has been converted based on the conversion code, the biometric information data for registration input at the time of registration of the biometric information;
A converted biometric information data management step for recording and managing the converted biometric information data for registration;
The biometric information data for collation obtained by converting the biometric information data for collation input at the time of collation of the biometric information based on the conversion code is output, and the biometric information data for collation and the converted biometric data for registration are output. A conversion verification processing step for verifying information data;
A biometric authentication method comprising:
(Appendix 2)
A conversion code generation management step for managing conversion code generation management information indicating the generation of conversion codes managed in the conversion registration processing step;
The conversion code management step generates or updates the conversion code based on the conversion code generation management information managed in the conversion code generation management step,
The conversion registration processing step regenerates the converted biometric information data for registration at the timing when the conversion code is generated or updated, and records it again in the converted biometric information data management step.
The biometric authentication method according to appendix 1, wherein
(Appendix 3)
The conversion code generation management step updates the conversion code generation management information when any of the converted biometric information data for registration, the converted biometric information data for verification, or the conversion code is found to have leaked The conversion code management step generates or updates the conversion code based on the updated conversion code generation management information.
The biometric authentication method according to Supplementary Note 2, wherein
(Appendix 4)
A biometric information data extraction step for obtaining biometric information of the user;
The converted biometric data for registration obtained by converting the biometric information data used for registration by the conversion code is compared with the converted biometric data for verification obtained by converting the extracted biometric information data by the conversion code. Conversion verification processing step;
A biometric authentication method comprising:
(Appendix 5)
A conversion code management step for managing a conversion code for converting biological information data for each user ID;
When the biometric information is registered, the conversion code management step generates and records a conversion code in association with the user ID acquired corresponding to the input biometric information data for registration, and based on the conversion code, Conversion registration processing step for outputting converted biometric information data for registration obtained by converting biometric information data for registration;
A converted biometric information data management step for recording and managing the converted biometric information data for registration in association with the user ID acquired corresponding to the biometric information data for registration;
Converted biometric information for collation obtained by converting the biometric information data for collation input based on the conversion code corresponding to the user ID acquired corresponding to the biometric information data for collation at the time of collation of the biometric information Data is output, and the converted biometric information data for verification is compared with the converted biometric information data for registration corresponding to the same user ID as the user ID acquired corresponding to the biometric information data for verification A conversion matching process step to
A biometric authentication method comprising:
(Appendix 6)
A conversion code generation management step of managing conversion code generation management information indicating a conversion code generation managed in the conversion registration processing step in association with the user ID;
The conversion code management step generates or updates the conversion code for each user ID based on the conversion code generation management information managed in the conversion code generation management step,
The conversion registration processing step regenerates the converted biometric information data for registration at the timing when the conversion code is generated or updated, and records it again in the converted biometric information data management step.
The biometric authentication method according to appendix 5, wherein:
(Appendix 7)
The conversion code generation management step when it is found that any of the converted registration biometric information data, the converted collation biometric information data, or the conversion code is leaked for any of the user IDs Updates the conversion code generation management information corresponding to the user ID whose leakage has been found, and the conversion code management step corresponds to the user ID whose leakage has been found based on the updated conversion code generation management information Generate or update conversion code
The biometric authentication method according to appendix 6, wherein:
(Appendix 8)
The conversion code management step includes the conversion code generation management information managed in the conversion code generation management step and the conversion ID based on the user ID or identification information uniquely set corresponding to the user ID. Is generated or updated for each user ID,
The biometric authentication method according to any one of appendix 6 or 7, characterized by the above.
(Appendix 9)
The conversion code generation management information includes a conversion code generation management number that is number information indicating a generation, and system identification information for identifying a biometric authentication system.
The biometric authentication method according to any one of appendices 2, 3, 6, 7, or 8, characterized in that:
(Appendix 10)
The conversion code generation management information further includes application identification information for identifying an application for which biometric authentication is used.
The biometric authentication method according to any one of appendices 2, 3, 6, 7, 8, or 9, characterized in that:
(Appendix 11)
The device for executing the conversion code management step, the device for executing the conversion registration processing step and the conversion collation processing step, and the device for executing the converted biometric information data management step are respectively separate devices. is there,
The biometric authentication method according to any one of appendices 1 to 3 and 5 to 10 characterized by the above. (Appendix 12)
The device on which the conversion registration processing step is executed and the device on which the conversion matching processing step is executed are separate devices, respectively.
The biometric authentication method according to any one of appendices 1 to 3 and 5 to 11, which is characterized by the above. (Appendix 13)
The conversion registration processing step and the conversion collation processing step are executed by the same or separate server computers, and receive the biological information data from a client computer used by a user.
13. The biometric authentication method according to any one of appendices 1 to 3, or 5 to 12. (Appendix 14)
Further including a biometric information data leak detection step for detecting leaks of the converted biometric data for registration or the biometric data for verification that has been converted,
When the leakage is detected, the conversion code management step regenerates the conversion code,
Based on the conversion code, the conversion registration processing step regenerates the converted biometric information data for registration, and records it again in the converted biometric information data management step.
The biometric authentication method according to any one of appendices 1 to 12, characterized in that:
(Appendix 15)
The biometric information data leak detection step calculates a hash value of the converted biometric information data for registration and a hash value of the converted biometric information data for verification, and the leak is detected when both hash values match. To detect,
15. The biometric authentication method according to appendix 14, characterized in that.
(Appendix 16)
The biometric information data leakage detection step sequentially calculates and records the hash value of the converted biometric data for verification, and the hash value calculated for the newly generated biometric data for verification is Detect the leak when it matches the recorded hash value,
The biometric authentication method according to any one of appendixes 14 and 15, characterized in that:
(Appendix 17)
The biometric information data leakage detection step obtains a processing log in the conversion code management step, the converted biometric information data management step, or the conversion collation processing step, and is synchronized with the processing log in each step for a predetermined time or more. Detecting the leak when a deviation is detected,
15. The biometric authentication method according to appendix 14, characterized in that.
(Appendix 18)
The conversion process is a pattern conversion process for transforming a pattern of the biometric information data for registration or the biometric information data for verification.
18. The biometric authentication method according to any one of appendices 1 to 17, characterized in that:
(Appendix 19)
The conversion process is a process of performing a random function conversion on the biometric information data for registration or the biometric information data for verification.
18. The biometric authentication method according to any one of appendices 1 to 17, characterized in that:
(Appendix 20)
The conversion process is a process of performing coordinate conversion on the biometric information data for registration or the biometric information data for verification.
18. The biometric authentication method according to any one of appendices 1 to 17, characterized in that:
(Appendix 21)
The conversion process is a process of performing a random function conversion on the output after performing a pattern conversion process for transforming the pattern of the biometric information data for registration or the biometric information data for verification.
18. The biometric authentication method according to any one of appendices 1 to 17, characterized in that:
(Appendix 22)
The conversion process sequentially acquires the conversion codes managed in the conversion code management step and executes the random function change for each unit for randomizing the biometric information data for registration or the biometric information data for verification. ,
22. The biometric authentication method according to any one of appendix 19 or 21, characterized in that:
(Appendix 23)
In the conversion code management step, when the conversion process is conversion by a plurality of conversion methods, the conversion codes for each conversion method are managed in pairs.
23. The biometric authentication method according to any one of appendices 1 to 22, characterized in that:
(Appendix 24)
A quality determination step of determining the quality of the biometric information data for registration;
Based on the quality determination result, a conversion code corresponding to the strength of the conversion process corresponding to the quality is selected in the conversion code management step.
24. The biometric authentication method according to any one of appendices 1 to 23, wherein:
(Appendix 25)
A quality determination step of determining the quality of the biometric information data for registration;
Based on the result of the quality determination, a randomization table corresponding to the fineness of the random function conversion corresponding to the quality is selected as the conversion code in the conversion code management step.
24. The biometric authentication method according to any one of appendices 1 to 23, wherein:
(Appendix 26)
An ID conversion step of converting the user ID;
The converted biometric information data management step manages the converted biometric information data for registration using the ID converted in the ID conversion step corresponding to the user ID.
The biometric authentication method according to any one of appendices 5 to 10, characterized in that:
(Appendix 27)
In the conversion registration processing step, the conversion processing is performed on the same registration biometric information data using the conversion code that is different for each predetermined date and time information, and a plurality of converted biometric information data for registration is obtained. To output and manage the converted biometric information data management step,
The conversion collation processing step executes the conversion process using the conversion code corresponding to the current date and time information on the biometric information data for collation, outputs the biometric information data for collation, Checking biometric information data for verification and the converted biometric information data for registration corresponding to the current date and time managed in the converted biometric information data management step,
27. The biometric authentication method according to any one of appendices 1 to 3 and 5 to 26, wherein
(Appendix 28)
A conversion code management unit for managing conversion codes for converting biological information data;
A conversion registration processing unit that outputs biometric information data for registration that has been converted based on the conversion code from biometric information data for registration that was input during registration of the biometric information;
A converted biometric information data management unit for recording and managing the converted biometric information data for registration;
The biometric information data for collation obtained by converting the biometric information data for collation input at the time of collation of the biometric information based on the conversion code is output, and the biometric information data for collation and the converted biometric data for registration are output. A conversion verification processing unit for verifying information data;
A biometric authentication system comprising:
(Appendix 29)
A conversion code management unit for managing a conversion code for converting biometric data for each user ID;
When registering the biometric information, the conversion code management unit generates and records a conversion code in association with the user ID acquired corresponding to the input biometric information data for registration, and based on the conversion code, A conversion registration processing unit for outputting converted biometric information data for registration obtained by converting biometric information data for registration;
A converted biometric information data management unit that records and manages the converted biometric information data for registration in association with the user ID acquired corresponding to the biometric information data for registration;
Converted biometric information for collation obtained by converting the biometric information data for collation input based on the conversion code corresponding to the user ID acquired corresponding to the biometric information data for collation at the time of collation of the biometric information Data is output, and the converted biometric information data for verification is compared with the converted biometric information data for registration corresponding to the same user ID as the user ID acquired corresponding to the biometric information data for verification A conversion matching processing unit to
A biometric authentication system comprising:

  The disclosed technology is based on the biometric authentication using biometric information such as voice, face, fingerprint, palm print, blood vessel pattern, iris, retina, signature, etc .. It can be used to suppress the occurrence.

DESCRIPTION OF SYMBOLS 101 Client 102 Biometric authentication server 103 Conversion code management server 104 Converted biometric information database management server 105 Biometric information sensor 106 Numeric keypad 107 Biometric information acquisition unit 108 Biometric information extraction unit 109 Conversion registration processing unit 110 Conversion code generation / check processing unit 111 Conversion Code database 112 Converted biometric information database 201 Conversion verification processing unit 2101 Biometric registration server 2102 Biometric verification server 2201 ID conversion management server 2301, 2501 Biometric client 2801 Conversion code generation management unit 2802 Conversion code generation management number database 2901 Conversion code Generation management server 3101 CPU
3102 Memory 3103 Input device 3104 Output device 3105 External storage device 3106 Portable recording medium drive device 3107 Network connection device 3108 Bus 3109 Portable recording medium

Claims (10)

A conversion code management step for managing a conversion code for converting biological information data;
A conversion registration processing step for outputting biometric information data for registration that has been converted based on the conversion code, the biometric information data for registration input at the time of registration of the biometric information;
A converted biometric information data management step for recording and managing the converted biometric information data for registration;
The biometric information data for collation obtained by converting the biometric information data for collation input at the time of collation of the biometric information based on the conversion code is output, and the biometric information data for collation and the converted biometric data for registration are output. A conversion verification processing step for verifying information data;
A biometric authentication method comprising: A conversion code generation management step for managing conversion code generation management information indicating the generation of conversion codes managed in the conversion registration processing step;
The conversion code management step generates or updates the conversion code based on the conversion code generation management information managed in the conversion code generation management step,
The conversion registration processing step regenerates the converted biometric information data for registration at the timing when the conversion code is generated or updated, and records it again in the converted biometric information data management step.
The biometric authentication method according to claim 1. The device for executing the conversion code management step, the device for executing the conversion registration processing step and the conversion collation processing step, and the device for executing the converted biometric information data management step are respectively separate devices. is there,
The biometric authentication method according to any one of claims 1 and 2. Further including a biometric information data leak detection step for detecting leaks of the converted biometric data for registration or the biometric data for verification that has been converted,
When the leakage is detected, the conversion code management step regenerates the conversion code,
Based on the conversion code, the conversion registration processing step regenerates the converted biometric information data for registration, and records it again in the converted biometric information data management step.
The biometric authentication method according to any one of claims 1 to 3. The biometric information data leak detection step calculates a hash value of the converted biometric information data for registration and a hash value of the converted biometric information data for verification, and the leak is detected when both hash values match. To detect,
The biometric authentication method according to claim 4. The biometric information data leakage detection step obtains a processing log in the conversion code management step, the converted biometric information data management step, or the conversion collation processing step, and is synchronized with the processing log in each step for a predetermined time or more. Detecting the leak when a deviation is detected,
The biometric authentication method according to claim 4. A quality determination step of determining the quality of the biometric information data for registration;
Based on the quality determination result, a conversion code corresponding to the strength of the conversion process corresponding to the quality is selected in the conversion code management step.
The biometric authentication method according to any one of claims 1 to 6, wherein: In the conversion registration processing step, the conversion processing is performed on the same registration biometric information data using the conversion code that is different for each predetermined date and time information, and a plurality of converted biometric information data for registration is obtained. To output and manage the converted biometric information data management step,
The conversion collation processing step executes the conversion process using the conversion code corresponding to the current date and time information on the biometric information data for collation, outputs the biometric information data for collation, Checking biometric information data for verification and the converted biometric information data for registration corresponding to the current date and time managed in the converted biometric information data management step,
The biometric authentication method according to any one of claims 1 to 7, wherein: A conversion code management unit for managing conversion codes for converting biological information data;
A conversion registration processing unit that outputs biometric information data for registration that has been converted based on the conversion code from biometric information data for registration that was input during registration of the biometric information;
A converted biometric information data management unit for recording and managing the converted biometric information data for registration;
The biometric information data for collation obtained by converting the biometric information data for collation input at the time of collation of the biometric information based on the conversion code is output, and the biometric information data for collation and the converted biometric data for registration are output. A conversion verification processing unit for verifying information data;
A biometric authentication system comprising: A conversion code management unit for managing a conversion code for converting biometric data for each user ID;
When registering the biometric information, the conversion code management unit generates and records a conversion code in association with the user ID acquired corresponding to the input biometric information data for registration, and based on the conversion code, A conversion registration processing unit for outputting converted biometric information data for registration obtained by converting biometric information data for registration;
A converted biometric information data management unit that records and manages the converted biometric information data for registration in association with the user ID acquired corresponding to the biometric information data for registration;
Converted biometric information for collation obtained by converting the biometric information data for collation input based on the conversion code corresponding to the user ID acquired corresponding to the biometric information data for collation at the time of collation of the biometric information Data is output, and the converted biometric information data for verification is compared with the converted biometric information data for registration corresponding to the same user ID as the user ID acquired corresponding to the biometric information data for verification A conversion matching processing unit to
A biometric authentication system comprising: