JP2012150530A - Portable electronic apparatus, control method thereof, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a portable electronic apparatus having a security function, when a third party other than a possessor operates it, invalidating the operation without requiring a complicated operation of a user.SOLUTION: The portable electronic apparatus extracts information notably representing features (an operation manner and proclivity) of a possessor's operation as an authentication key in a personal authentication and compiles database with such operation defined as feature information. When an operation significantly violating the feature information, the portable electronic apparatus is automatically locked to forbid a subsequent operation. Consequently, as long as the possessor himself/herself uses it, the portable electronic apparatus is not locked and requires no complicated operation, however, when a third party other than the possessor operates it, the portable electronic apparatus is locked to prevent the spread of a damage due to the loss of the portable electronic apparatus.

Description

  The present invention relates to a portable electronic device, a control method thereof, and a program. In particular, the present invention relates to a portable electronic device having a security function.

  In recent years, portable electronic devices such as mobile phones, PHS (Personal Handyphone System), PDA (Personal Digital Assistants) and the like have become widespread. ing. Moreover, the performance improvement of these portable electronic devices is remarkable, and the function which can be implement | achieved with a portable electronic device is increasing greatly with the performance improvement. Such functions include services related to electronic money and money-related services such as online banking. In addition, a large amount of personal information is included in mail exchanged in a portable electronic device, and such information requires very high confidentiality.

  On the other hand, although there are many users who carry and carry portable electronic devices regardless of whether they are indoors or outdoors, the possibility of losing the portable electronic devices increases accordingly. As mentioned above, if a portable electronic device that can enjoy money-related services is lost and acquired by a malicious third party, economic damage such as the use of electronic money or fraudulent impersonation is assumed. Is done. Furthermore, there may be situations where information that you do not want others to know is leaked.

  Therefore, protection of portable electronic devices with passwords, services to search for lost portable electronic devices from remote locations, a function to lock when a certain time has passed or when the portable electronic device is closed, biometric authentication using a fingerprint sensor, etc. There is a security function that prohibits third parties other than the owner from using the portable electronic device.

  Here, Patent Literature 1 discloses a technique that employs a user ID and randomly input random hit data as a key for personal authentication. That is, it is a technique for storing user characteristics from random hit data and authenticating the user based on the registered ID and the characteristics of the random hit data.

JP 2010-140379 A

  The following analysis has been made from the viewpoint of the present invention.

  As described above, considering the important functions of the portable electronic device, a security function that prohibits the use of the portable electronic device by a third party other than the owner is indispensable. However, there are many users who recognize the importance of security functions but have not enabled these functions.

  The reason is that many users think that the usability of the portable electronic device is deteriorated when the security function is enabled. For example, when a user wants to use a portable electronic device that is locked again, many users think that inputting a password for unlocking is troublesome. Then, even if the password is protected immediately after the purchase of the portable electronic device, the password protection is finally canceled before use.

  As described above, some security functions in portable electronic devices require complicated operations, and users who dislike complicated operations do not often activate the security functions. As a result, the damage caused when the portable electronic device is lost increases.

  As described above, there are problems to be solved in the prior art.

  In one aspect of the present invention, there is a demand for a portable electronic device, a control method thereof, and a program that disable operation when a third party other than the owner operates without requiring a complicated operation from the user. .

  According to a first aspect of the present invention, an operation unit that receives an operation by a user, a personal authentication control unit that extracts feature information that can be used as an authentication key in personal authentication from an operation performed by the user, and the feature information The personal authentication control unit compares the feature information extracted from the operation performed by the user with the feature information stored in the feature information storage unit, A portable electronic device is provided that disables the operation from the operation unit when it is determined whether or not the user performing the operation is the owner and it is determined that a third party other than the owner is operating. The

  According to a second aspect of the present invention, an operation unit that accepts an operation by a user, a personal authentication control unit that extracts feature information that can be used as an authentication key in personal authentication from an operation performed by the user, and the feature information A feature information storage unit that stores the feature information storage unit, comprising: comparing the feature information extracted by the personal authentication control unit with the feature information stored in the feature information storage unit; If it is determined that a third party other than the owner is operating from the result of the determination step and the determination step of determining whether or not the user performing the operation is the owner, an operation from the operation unit is performed. There is provided a method of controlling a portable electronic device including an operation prohibiting step for disabling.

  According to a third aspect of the present invention, an operation unit that accepts an operation by a user, a personal authentication control unit that extracts feature information that can be used as an authentication key in personal authentication from an operation performed by the user, and the feature information And a feature information storage unit that stores the feature information stored in the feature information storage unit and the feature information extracted by the personal authentication control unit. And determining whether the user performing the operation is the owner or not, and determining from the result of the determination process that a third party other than the owner is operating, An operation prohibiting process for disabling operation from the unit is provided.

  According to each aspect of the present invention, when a third party other than the owner performs an operation without requesting a complicated operation to the user, a portable electronic device that disables the operation, a control method thereof, and a program, Provided.

It is a figure for demonstrating the outline | summary of this invention. It is a figure which shows the internal structure of the portable electronic device of the 1st Embodiment of this invention. 3 is a flowchart of processing when locking the mobile electronic device in the mobile electronic device shown in FIG. 2. FIG. 3 is a diagram illustrating an example of content of feature information registered in a feature information database in the portable electronic device illustrated in FIG. 2. It is a figure which shows an example of the change of the user recognition value in the portable electronic device shown in FIG.

  First, the outline of the present invention will be described with reference to FIG. Note that the reference numerals of the drawings attached to this summary are attached to the respective elements for convenience as an example for facilitating understanding, and are not intended to limit the present invention to the illustrated embodiment.

  As described above, the security function is very important in the portable electronic device, but there are many users who require complicated operations, and there are many users who use the portable electronic device without enabling the security function.

  Therefore, as shown in FIG. 1, an operation unit that accepts an operation by the user, a personal authentication control unit that extracts feature information that can be used as an authentication key in personal authentication from the operation performed by the user, and the feature information are stored. A portable electronic device including a feature information storage unit is provided.

  Here, characteristic information that can be used as an authentication key in personal authentication will be described. The portable electronic device is rarely operated by a person other than the owner, and after a certain period of time, a specific operation is repeatedly performed as long as the owner performs the operation. This specific operation is closely related to the owner, and can be said to be an operation that remarkably represents the characteristics of the operation (how to operate, habit) of the owner. For this reason, a strong guess that only the owner performs such a specific operation works and it can be used as an authentication key in personal authentication. Therefore, the following description will be made by assuming that the information extracted from the operation performed on the portable electronic device by the user and significantly representing the feature of the operation of the owner is “feature information”.

  The personal authentication control unit extracts feature information from the operation of the portable electronic device shown in FIG. 1 each time the user operates the portable electronic device. Thereafter, the feature information storage unit is inquired, and the feature information extracted from the operation performed by the user is compared with the feature information stored in the feature information storage unit. As a result of comparison, if it is far from the content registered in the feature information storage unit, it is determined that a third party other than the owner is operating, and the operation of the portable electronic device is prohibited.

  As described above, in the portable electronic device, the feature information extracted from the user's operation is made into a database, and a portable electronic device that automatically locks when an operation that greatly violates the feature information is performed is provided. As a result, as long as the owner himself / herself is using it, it will not be locked, and it will be automatically locked when operated by a third party other than the owner, increasing the damage caused by loss of the portable electronic device. Can be prevented.

[First Embodiment]
Next, the first embodiment of the present invention will be described in more detail with reference to the drawings. FIG. 2 is a diagram illustrating an internal configuration of the portable electronic device 1 according to the present embodiment. A portable electronic device 1 shown in FIG. 2 includes an operation unit 10, a display unit 20, a control unit 30, and a feature information database 40.

  The operation unit 10 corresponds to an operation key, a touch panel, or the like, and the user operates the portable electronic device 1 with the operation unit 10.

  The display unit 20 displays information necessary for the user to operate, such as the contents of mail and the menu of the mobile electronic device 1.

  The control unit 30 controls the operation unit 10 and the display unit 20.

  The control unit 30 includes a personal authentication control unit 301. The personal authentication control unit 301 extracts the feature information from the operation performed on the portable electronic device 1 by the user.

  A portable electronic device usually has one kitchen per person, and it can be said that the time for the owner to operate the portable electronic device 1 is overwhelmingly long. Accordingly, there are operations of the portable electronic device 1 that depend only on a specific user, such as a timing of pressing a button for each user and a frequently visited WEB site. Therefore, such an operation (characteristic information) depending on a specific user is adopted as an authentication key in personal authentication. The personal authentication control unit 301 extracts feature information from an operation on the mobile electronic device 1 and verifies the content.

  Examples of feature information that can be adopted as an authentication key in personal authentication include an operation procedure after waking up in the morning, a speed of pressing a button when creating a mail or a mode of using a predictive conversion function, a site browsing procedure, and the like. The operation procedure after waking up in the morning is a procedure of browsing a specific site after the alarm function of the portable electronic device 1 is stopped, and then confirming an incoming mail. In addition, the site browsing procedure may be a transition from a desktop menu or a site browsing using a bookmark. Further, how to operate the menu of the portable electronic device 1 can be an authentication key. For example, whether the target menu is called using a shortcut, the browsing time of each menu item (whether the menu is moved quickly or the contents are slowly checked), and the like.

  The personal authentication control unit 301 holds a user recognition value for identifying a user who is operating the mobile electronic device 1. A specific method of using the user recognition value will be described later.

  The feature information database 40 is a database for storing feature information obtained from an operation performed on the portable electronic device 1 by the user, and corresponds to the above-described feature information storage unit. The feature information extracted by the personal authentication control unit 301 is stored in the feature information database 40.

  When the portable electronic device 1 is shipped from the factory and first obtained by the user, nothing is registered in the feature information database 40. After the purchase of the portable electronic device 1, what the personal authentication control unit 301 identifies as a characteristic operation is accumulated in the feature information database 40 as an authentication key (feature information) in personal authentication for a certain period. Further, each feature information has a weight, and a large weight is given to an operation frequently performed during a period in which data is stored in the feature information database 40. As a result, it can be said that the feature information (operation) having a large weight significantly represents the operation of the mobile electronic device 1 by a specific user.

  Next, the operation of the mobile electronic device 1 will be described with reference to FIG. FIG. 3 is a flowchart of processing relating to extraction of feature information and protection of the portable electronic device 1 based on the feature information. This process is always performed while the portable electronic device 1 is operating.

  In step S01, the control unit 30 inputs an operation performed via the operation unit 10 to the personal authentication control unit 301. The personal authentication control unit 301 extracts feature information from the operation input from the control unit 30 and inquires of the feature information database 40 whether or not the extracted feature information is registered in the feature information database 40.

  In step S02, the feature information database 40 is searched for an inquiry received from the personal authentication control unit 301. Thereafter, the feature information database 40 returns a query result to the personal authentication control unit 301. If the inquiry (feature information) received from the personal authentication control unit 301 is not registered in the feature information database 40 as a result of the search, the process proceeds to step S03. If the inquiry (feature information) received from the personal authentication control unit 301 is registered in the feature information database 40 as a result of the search, the process proceeds to step S04. However, even if the feature information is already registered, if there is a difference between the registered content and the registered content, a request for registration of the difference is made from the personal authentication control unit 301 to the feature information database 40.

  In step S03, the feature information inquired to the feature information database 40 in step S01 is registered in the feature information database 40. Then, the process proceeds to step S06.

  In step S04, the feature information extracted from the user's operation is compared with the feature information registered in the feature information database 40. Comparison of feature information is performed in the personal authentication control unit 301. In the personal authentication control unit 301, the operation performed on the portable electronic device 1 is compared with the contents registered in the feature information database 40, and the operation is performed by the owner or the third party other than the owner. Judge whether the tripartite has done.

  FIG. 4 is a diagram showing the contents of feature information registered in the feature information database 40. For example, if the operation performed by the user is related to character input, the items in the first and second lines in FIG. Next, if the comparison target feature information relates to the character input speed, the contents of the first line in FIG. 4 are confirmed. Furthermore, if the input speed of the character is 60 characters / minute, it matches the content registered in the feature information database 40, so that the operating user can be determined to be the owner.

  However, if the character input speed is 30 characters / minute, it is far from the content registered in the feature information database 40, so that the operating user is determined to be a third party other than the owner. When the feature information extracted from the user's operation and the content registered in the feature information database 40 are compared, even if the content does not completely match, if the content is within a certain range, the owner's It is also possible to make adjustments such as determining operation.

  If it is determined that the portable electronic device 1 is operated by the owner, the process proceeds to step S05. If it is determined that the portable electronic device 1 is operated by a third party other than the owner, the process proceeds to step S06.

  Step S05 is processing after it is determined that the operation performed on the portable electronic device 1 is performed by the owner, and the determination result is reflected in the user recognition value. For example, in the example of character input described above, since the weight is 0.1 (see the first line in FIG. 4), 0.1 is added to the user recognition value. Thereafter, the process proceeds to step S01, and the process is continued.

  Step S06 is processing after it is determined that the operation performed on the mobile electronic device 1 is performed by a third party other than the owner, and the determination result is reflected in the user recognition value. For example, in the example of character input described above, since the weight is 0.1 (see the first line in FIG. 4), 0.1 is subtracted from the user recognition value. Here, when the process proceeds to step 06 via step S03, it can be said that the operation performed on the mobile electronic device 1 is not registered in the feature information database 40. Therefore, it can be assumed that the operation on the portable electronic device 1 via step S03 is performed by a third party other than the owner. Therefore, also in this case, a predetermined weight is subtracted from the user recognition value. Then, the process proceeds to step S07.

  In step S07, it is determined whether the user recognition value is equal to or greater than a predetermined threshold. If it is equal to or greater than the threshold, the process proceeds to step S01 and the process is continued. If it is less than the threshold, the process proceeds to step S08.

  In step S08, the personal authentication control unit 301 prohibits (locks) the operation of the portable electronic device 1. That is, the operation performed on the mobile electronic device 1 is far from the operation indicating the characteristics of the operation of the owner accumulated so far, and is operated by a third party other than the owner. This is because the possibility is very high.

  FIG. 5 is a diagram illustrating an example of a change in the user recognition value in one day. From FIG. 5, it can be recognized that the operation of the portable electronic device 1 is performed from 1 o'clock, and the user recognition value at that time is increasing, so that the owner himself is performing the operation. However, since the user recognition value starts decreasing at 14:00, it is recognized that a third party other than the user is operating the portable electronic device 1. The third party continues to operate after 14:00. Thereafter, the portable electronic device 1 is locked when the user recognition value falls below the threshold at 22:00. Therefore, an operation by a third party after 22:00 is prohibited.

  Note that when the mobile electronic device 1 is actually locked, the user recognition value is continuously operated while the mobile electronic device 1 is powered on. An operation of locking an electronic device is conceivable. Alternatively, the start of identity authentication and the implementation of locking can be performed on a daily basis. For example, when the date changes, the user recognition value is initialized once, and if the user recognition value is less than the threshold at the end of the day, the portable electronic device 1 may be locked.

  As described above, focusing on the fact that the user who mainly operates the mobile electronic device 1 is the owner, the features of the operation of the owner himself such as the manner of operation and the habit when operating the mobile electronic device. Is stored in the feature information database 40 as an authentication key in personal authentication. When an operation far from the operation registered in the feature information database 40 is continuously performed, it is determined that a third party other than the owner is operating, and the portable electronic device 1 is locked. (Make operation impossible). As a result, when the owner of the portable electronic device 1 is operating, it is not recognized that the security function is operating, and when a third party other than the owner operates, Even if it is locked and the portable electronic device is lost, personal data can be prevented from being leaked or damaged due to unauthorized use. In other words, when the owner uses the portable electronic device, no complicated operation is required, and if the portable electronic device is lost, the operation becomes impossible and the damage is further expanded. Can be prevented.

  A part or all of the above embodiments can be described as in the following supplementary notes, but is not limited thereto.

  (Additional remark 1) The operation part which receives operation by a user, The personal authentication control part which extracts the characteristic information which can be used as an authentication key in personal authentication from the operation which a user performs, The characteristic information storage part which memorize | stores the said characteristic information The personal authentication control unit is owned by the user performing the operation by comparing the feature information extracted from the operation performed by the user with the feature information stored in the feature information storage unit. A portable electronic device that determines whether or not the user is operating, and determines that operation by a third party other than the owner is disabled.

  (Additional remark 2) The said personal authentication control part hold | maintains the user recognition value which shows the certainty whether the user who is performing an operation is an owner, and it is judged that the operation which the user performed is operation of an owner If the first change that increases or decreases the user recognition value is performed, and the operation performed by the user is determined to be an operation of a third party other than the owner, the user recognition value is referred to as the first change. The portable electronic device which makes the 2nd change from which increase / decrease differs, and also makes operation in the said operation part impossible by comparing the said user recognition value and a predetermined threshold value.

  (Additional remark 3) The said personal authentication control part memorize | stores the said feature information extracted from the operation which the user performed for the predetermined period in the said characteristic information storage part, and the said period is the operation in the said operation part. A portable electronic device that does not make it impossible.

  (Supplementary Note 4) A portable electronic device in which the feature information storage unit stores a plurality of the feature information and weights corresponding to each of the feature information.

  (Additional remark 5) The said personal authentication control part is a portable electronic device which increases or decreases the said user recognition value according to the said weight memorize | stored in the said characteristic information storage part.

  (Additional remark 6) The operation part which receives operation by a user, The personal authentication control part which extracts the feature information which can be used as an authentication key in personal authentication from the operation which a user performs, The feature information storage part which memorize | stores the said feature information A method for controlling a portable electronic device, comprising: the feature information extracted by the personal authentication control unit and the feature information stored in the feature information storage unit; A determination step for determining whether or not the user is operating, and an operation prohibition step for disabling the operation from the operation unit when it is determined from the result of the determination step that a third party other than the owner is operating. And a method for controlling a portable electronic device.

  (Additional remark 7) The said personal authentication control part hold | maintains the user recognition value which shows the certainty whether the user who is performing an operation is an owner, and the operation performed by the user performs operation of an owner If it is determined that the user-recognized value is increased or decreased, a first change is performed. If the user-performed operation is determined to be an operation of a third party other than the owner, the user-recognized value is determined. A portable electronic device including a step of performing a second change that is different from the first change, wherein the operation prohibiting step disables an operation in the operation unit by comparing the user recognition value with a predetermined threshold value Control method.

  (Additional remark 8) The said personal authentication control part memorize | stores the said characteristic information extracted from the operation which the user performed for the predetermined period in the said characteristic information storage part, The said operation prohibition process is the said predetermined period Is a method for controlling a portable electronic device that does not disable the operation of the operation unit.

  (Supplementary Note 9) The feature information storage unit stores a plurality of feature information and weights corresponding to the feature information, and the determination step includes the weights stored in the feature information storage unit. According to the method for controlling a portable electronic device, wherein the user recognition value is increased or decreased.

  (Additional remark 10) The operation part which receives operation by a user, The personal authentication control part which extracts the characteristic information which can be used as an authentication key in personal authentication from the operation which a user performs, The characteristic information storage part which memorize | stores the said characteristic information A program that is executed by a computer that controls a portable electronic device, and compares the feature information extracted by the personal authentication control unit with the feature information stored in the feature information storage unit, and performs an operation. If it is determined that a third party other than the owner is operating from the result of the determination process and the determination process for determining whether the user who is the owner is the owner, the operation from the operation unit is disabled A program that executes an operation prohibition process.

  (Additional remark 11) The said personal authentication control part hold | maintains the user recognition value which shows the certainty of whether the user who is performing an operation is an owner, and the operation which a user performed is the operation of an owner If it is determined that the user-recognized value is increased or decreased, a first change is performed. If the user-performed operation is determined to be an operation of a third party other than the owner, the user-recognized value is determined. A program including a process for performing a second change that is different from the first change, wherein the operation prohibiting process disables an operation on the operation unit by comparing the user recognition value with a predetermined threshold.

  (Additional remark 12) The said personal authentication control part memorize | stores the said feature information extracted from the operation which the user performed for the predetermined period in the said characteristic information storage part, The said operation prohibition process is the said predetermined period Is a program that does not disable the operation of the operation unit.

  (Supplementary Note 13) The feature information storage unit stores a plurality of feature information and weights corresponding to each of the feature information, and the determination process includes the weights stored in the feature information storage unit. According to the program, the user recognition value is increased or decreased.

  It should be noted that the disclosures of the above patent documents and the like are incorporated herein by reference. Within the scope of the entire disclosure (including claims) of the present invention, the embodiment can be changed and adjusted based on the basic technical concept. Various combinations and selections of various disclosed elements are possible within the scope of the claims of the present invention. That is, the present invention of course includes various variations and modifications that could be made by those skilled in the art according to the entire disclosure including the claims and the technical idea. For example, research on techniques for specifying a user by personal operation (behavior) has been actively conducted, and even a non-finger operation can lock a portable electronic device from an operation that can be specified by the user.

DESCRIPTION OF SYMBOLS 1 Portable electronic device 10 Operation part 20 Display part 30 Control part 40 Feature information database 301 Personal authentication control part

Claims (10)

An operation unit that accepts user operations;
A personal authentication control unit that extracts feature information that can be used as an authentication key in personal authentication from operations performed by the user;
A feature information storage unit for storing the feature information;
With
The personal authentication control unit compares the feature information extracted from the operation performed by the user with the feature information stored in the feature information storage unit to determine whether the user performing the operation is the owner. The portable electronic device is characterized in that when it is determined that a third party other than the owner is operating, the operation from the operation unit is disabled.   The personal authentication control unit holds a user recognition value indicating whether or not the user performing the operation is the owner, and recognizes the user if the operation performed by the user is determined to be the operation of the owner If the first change to increase or decrease the value is performed and it is determined that the operation performed by the user is an operation of a third party other than the owner, the user recognition value is different from the first change. The portable electronic device according to claim 1, wherein the operation of the operation unit is disabled by making a change of 2 and comparing the user recognition value with a predetermined threshold.   The personal authentication control unit stores the feature information extracted from an operation performed by a user for a predetermined period in the feature information storage unit, and the operation in the operation unit is disabled during the predetermined period. The portable electronic device according to claim 1 or 2.   The portable electronic device according to any one of claims 1 to 3, wherein the feature information storage unit stores a plurality of the feature information and weights corresponding to the feature information.   The portable electronic device according to claim 4, wherein the personal authentication control unit increases or decreases the user recognition value according to the weight stored in the feature information storage unit. An operation unit that accepts user operations;
A personal authentication control unit that extracts feature information that can be used as an authentication key in personal authentication from operations performed by the user;
A feature information storage unit for storing the feature information;
A method for controlling a portable electronic device comprising:
A determination step of comparing the feature information extracted by the personal authentication control unit with the feature information stored in the feature information storage unit and determining whether the user performing the operation is the owner;
When it is determined from the result of the determination step that a third party other than the owner is operating, an operation prohibition step for disabling operation from the operation unit,
A method for controlling a portable electronic device, comprising: The personal authentication control unit holds a user recognition value indicating whether or not the user performing the operation is the owner,
The determination step performs a first change to increase or decrease the user recognition value if it is determined that the operation performed by the user is an operation of the owner, and the operation performed by the user is a third party other than the owner. If it is determined that the operation is, the user recognition value includes a step of performing a second change that is different from the first change.
The method of controlling a portable electronic device according to claim 6, wherein the operation prohibiting step disables an operation on the operation unit by comparing the user recognition value with a predetermined threshold value. The personal authentication control unit stores the feature information extracted from an operation performed by a user for a predetermined period in the feature information storage unit,
The method of controlling a portable electronic device according to claim 6 or 7, wherein the operation prohibiting step does not disable the operation of the operation unit during the predetermined period. The feature information storage unit stores a plurality of the feature information and weights corresponding to the feature information,
The method of controlling a portable electronic device according to any one of claims 6 to 8, wherein the determining step increases or decreases the user recognition value according to the weight stored in the feature information storage unit. An operation unit that accepts user operations;
A personal authentication control unit that extracts feature information that can be used as an authentication key in personal authentication from operations performed by the user;
A feature information storage unit for storing the feature information;
A program for causing a computer to control a portable electronic device comprising:
A determination process for comparing the feature information extracted by the personal authentication control unit with the feature information stored in the feature information storage unit and determining whether the user performing the operation is an owner;
When it is determined that a third party other than the owner is operating from the result of the determination process, an operation prohibition process that disables the operation from the operation unit;
A program that executes.

Images