JP2023126410A - User authentication system and mobile terminal - Google Patents

Abstract

To provide a technique for improving safety when performing user authentication on a mobile terminal by using an auxiliary authentication device.SOLUTION: A user authentication system 100 of the present invention includes: a body device 200 including an authentication code transmission request unit that generates an authentication code transmission request including a first value and transmits it to an authentication device 300, a collation unit 272 that determines that authentication is successful when an authentication code transmitted from the authentication device 300 in response to the authentication code transmission request is included in a collation authentication code generated according to the first value, and an unlocking unit 273 that enables a predetermined function when the collation unit 272 determines that the authentication is successful; and the authentication device 300 including an authentication code reply unit that generates the authentication code according to the first value included in the authentication code transmission request and returns it to the body device 200.SELECTED DRAWING: Figure 5

Description

The present invention relates to user authentication technology for information processing devices such as mobile terminals. In particular, the present invention relates to user authentication technology using an auxiliary authentication device.

Security protection technology that restricts the use of information processing devices such as mobile terminals by others,
Some use an auxiliary authentication device other than a mobile terminal. For example, Patent Document 1 states, ``A portable terminal device that performs wireless communication with another wireless communication device has a storage device that stores identification information of a specific wireless communication device registered in advance, and a storage device that stores identification information of a specific wireless communication device registered in advance. The control means includes a wireless communication means for receiving a signal transmitted from the wireless communication device and a control means.The control means also acquires identification information included in the signal received by the wireless communication means, and stores the identification information in the storage means. A technology is disclosed in which a specific function of a mobile terminal device is enabled when the identification information matches the identified identification information (summary excerpt).

Japanese Patent Application Publication No. 2005-130008

According to the technique disclosed in Patent Document 1, it is possible to prevent the risk of a portable terminal device being used by another person who does not have a specific wireless communication device, without performing complicated operations. However, information for authentication, for example, the identification information of the specific wireless communication device described above, is transmitted and received wirelessly. Interception, eavesdropping, etc. of this information are not taken into account.

The present invention has been made in view of the above circumstances, and an object of the present invention is to provide a technique for improving the safety when performing user authentication on a mobile terminal using an auxiliary authentication device.

The present invention provides a user authentication system for authenticating a user of the main device, comprising a main device and an authentication device that communicates with the main device, wherein the main device is configured to perform a Authentication source information having a plurality of pairs of one value and a second value associated with the first value is stored, and the first value is extracted from the authentication source information based on a predetermined rule. , the second value stored in the authentication source information in association with the selected first value is set as a verification authentication code, and an authentication code transmission request including the selected first value is sent. generate,
The authentication code transmission request is sent to the authentication device, and the authentication device stores biometric information of the holder of the authentication device obtained in advance before authentication as verification biometric information, and transmits it from the main device. receives the authentication code transmission request, stores the authentication source information, acquires the biometric information in response to the authentication code transmission request, performs biometric authentication using the verification biometric information, and If biometric authentication is successful, the second value stored in the authentication source information in association with the first value is generated as an authentication code, the authentication code is sent to the main body device, and the second value is stored in the authentication source information in association with the first value. If the authentication code sent from the authentication device includes the verification authentication code, the device determines that the authentication is successful, and when it determines that the authentication is successful, it enables a predetermined function and determines that the authentication is successful. If not, a predetermined function is not enabled and a display indicating that authentication is not determined to be successful is displayed.

According to the present invention, safety is improved when performing user authentication on a mobile terminal using an auxiliary authentication device. Problems, configurations, and effects other than those described above will be made clear by the following description of the embodiments.

FIG. 1 is an overall diagram of a user authentication system according to a first embodiment. FIG. 2 is a hardware configuration diagram of the main device of the first embodiment. FIG. 2 is a functional block diagram of the main device of the first embodiment. (a) is a hardware configuration diagram of the authentication device of the first embodiment, and (b) is a functional block diagram of the authentication device of the first embodiment. It is a flowchart of user authentication processing of a first embodiment. (a) shows an example of the authentication source information of the first embodiment, (b) shows an example of the authentication code transmission request of the first embodiment, and (c) shows the authentication of the first embodiment. FIG. 3 is an explanatory diagram for explaining each example of a code. (a) is a hardware configuration diagram of an authentication device according to a second embodiment, and (b) is a functional block diagram of an authentication device according to a second embodiment. It is a flowchart of user authentication processing of a second embodiment. (a) shows an example of the authentication source information of the second embodiment, (b) shows an example of the authentication code transmission request of the second embodiment, and (c) and (d) show the second example of the authentication code transmission request. FIG. 3 is an explanatory diagram for explaining examples of authentication codes according to the embodiment. It is a functional block diagram of the main body device of a third embodiment. (a) is a hardware configuration diagram of an authentication device according to a third embodiment, and (b) is a functional block diagram of an authentication device according to a third embodiment. It is a flowchart of user authentication processing of a third embodiment. (a) is an explanatory diagram for explaining an example of the action history of the third embodiment, and (b) is an example of the normal action range of a modification of the third embodiment. It is a flowchart of action history collection processing and authentication processing of a modification of the third embodiment. (a) is a functional block diagram of the main device of the fourth embodiment, and (b) is a functional block diagram of the authentication device of the fourth embodiment. (a) is a flowchart of the initialization process of the fourth embodiment, and (b) is a flowchart of a modified example of the initialization process of the fourth embodiment. FIG. 7 is an explanatory diagram for explaining an example of a variable output wireless communication device according to a modification of the fourth embodiment. It is a flowchart of the user authentication process of the modification of this invention. It is a flowchart of user authentication processing of another modification of the present invention.

Embodiments of the present invention will be described below with reference to the drawings. Hereinafter, in this specification, parts having the same functions will be denoted by the same reference numerals unless otherwise specified, and repeated description will be omitted.

<<First embodiment>>
First, an overview of the first embodiment of the present invention will be explained. FIG. 1 is a diagram for explaining an overview of a user authentication system 100 of this embodiment.

User authentication system 100 includes a main device 200 and an authentication device 300. The authentication device 300 is an auxiliary authentication device used to authenticate the user of the main device 200. That is, in this embodiment, specific functions of the main device 200 can be used only by the user who holds the authentication device 300.

Generally, when using the authentication device 300, which is such an auxiliary authentication device, the authentication code is transmitted and received with the main device 200 by wireless communication. Furthermore, the safety of the communication is not taken into account. Therefore, once the authentication code is intercepted, the authentication device 300
Even a person who does not own the main device 200 can use the functions of the main device 200. In this embodiment, in order to avoid this, the authentication code sent from the authentication device 300 to the main device 200 is changed every time, thereby increasing the confidentiality of the authentication code and increasing the safety during transmission and reception.

The user authentication system 100 of this embodiment that implements the above processing will be described below.

[Main device]
First, the main device 200 will be explained. The main device 200 is an information processing apparatus having a wireless communication function and an information processing function. Examples include mobile phones, smartphones, tablet terminals, wearable terminals such as watches and head-mounted displays, feature phones, and other portable digital devices.

FIG. 2 shows the hardware configuration of the main device 200. As shown in this figure, the main device 200 includes a CPU (Central Processing Unit) 201, a system bus 202, a storage device 210, a communication processor 220, an expansion I/F 227, an operation device 230, and a video processor. 240, audio processor 250, and sensor 26
0.

The CPU 201 is a microprocessor unit that controls the entire main device 200. The system bus 202 is a data communication path for transmitting and receiving data between the CPU 201 and each operating block within the main device 200.

The storage device 210 includes a ROM (Read Only Memory) 211 and a RAM (
Random Access Memory) 212 and storage 213.

The ROM 211 is a memory in which basic operating programs such as an operating system and other operating programs are stored. As the ROM 211, for example, an EEPROM (E
Electrically Erasable and Programmable Re
A rewritable ROM such as an ad only memory or a flash ROM is used.

The storage 213 stores operation programs and operation setting values for the main device 200, as well as various programs and various data necessary for realizing each function of this embodiment.

The storage 213 retains stored information even when power is not supplied to the main device 200 from the outside. Therefore, the storage 213 includes, for example, a flash ROM, an SSD (Solid State Drive), and an HDD (Hard State Drive).
Devices such as sk Drive) are used.

The RAM 212 is a work area for executing basic operation programs and other operation programs.

ROM211 and RAM212 may be integrally configured with CPU201. Furthermore, the ROM 211 may not have an independent configuration as shown in FIG. 2, but may use a part of the storage area within the storage 213. That is, by using a partial area of the storage 213, R
All or part of the functions of OM211 may be replaced.

Note that each operating program stored in the ROM 211 and the storage 213 can be updated and functionally expanded, for example, by download processing from each distribution server on the network.

The communication processor 220 is a LAN (Local Area Network) communication device 221
, a telephone network communication device 222 , a wired communication device 223 , a close proximity wireless communication device 224 , and a wireless communication device 225 .

The LAN communication device 221 is connected to a network via an access point (AP) device through a wireless connection such as Wi-Fi (registered trademark), and sends and receives data to and from other devices on the network.

The telephone network communication device 222 performs telephone calls and transmits and receives data through wireless communication with a base station of a mobile telephone communication network.

The wired communication device 223 transmits and receives data to and from other devices near the main device 200 using a wired connection means such as a USB (Universal Serial Bus).

The close proximity wireless communicator 224 transmits and receives data through wireless communication with other devices including the close proximity wireless communicator. The close proximity wireless communication device 224, for example, uses near field communication (NFC).
It is an I/F for field communication (NFC), and realizes two-way communication between devices equipped with NFC chips over an extremely short distance of a few centimeters to about one meter. For example, it corresponds to a service using a non-contact IC chip such as electronic money installed in the main device 200.

The wireless communication device 225 transmits and receives data by wireless communication with other devices including the wireless communication device. For example, Bluetooth (registered trademark) or the like enables simple exchange of information using radio waves between information devices located at a distance of several meters to several tens of meters.

The LAN communication device 221, the telephone network communication device 222, the wired communication device 223, the close proximity wireless communication device 224, and the wireless communication device 225 each include an encoding circuit, a decoding circuit, an antenna, and the like.
Furthermore, the communication processor 220 may further include a communication device that implements infrared communication and other communication devices.

The expansion I/F 227 is a group of interfaces for expanding the functions of the main device 200. This embodiment includes a video/audio I/F, an operating device I/F, a memory I/F, and the like.
The video/audio I/F inputs video signals/audio signals from an external video/audio output device, outputs video signals/audio signals to the external video/audio input device, and so on. External operating devices such as a keyboard are connected via an operating device I/F. The memory I/F connects a memory card or other memory medium to transmit and receive data.

The operating device 230 inputs operating instructions to the main device 200. In this embodiment, a touch panel arranged overlapping the display 241 and operation keys arranged with button switches are provided. Note that only one of them may be used. Further, the main device 200 may be operated using a keyboard or the like connected to the expansion I/F 227. Further, the main device 200 may be operated using a separate portable information terminal device connected by wired communication or wireless communication. Further, the display 241 may have a touch panel function.

Video processor 240 includes a display 241, an image signal processor 242, and a camera 243.

The display 241 is, for example, a display device such as a liquid crystal panel, and displays the image data processed by the image signal processor 242 and provides it to the user of the main device 200. The image signal processor 242 includes a video RAM (not shown), and the display 241 is driven based on image data input to the video RAM. In addition, the image signal processor 24
2. If necessary, format conversion, menu and other OSD (On-Screen
Display) Performs signal superimposition processing, etc. The camera 243 is a CCD (Charge-
Coupled Device) and CMOS (Complementary Metal
This is a photographing device that acquires surroundings and objects as image data by converting light input from a lens into electrical signals using an electronic device such as an Oxide Semiconductor (Oxide Semiconductor) sensor.

Audio processor 250 includes a speaker 251, an audio signal processor 252, and a microphone 253. The speaker 251 provides the user of the main device 200 with the audio signal processed by the audio signal processor 252. The microphone 253 converts the user's voice and the like into audio data and inputs it.

The sensor 260 is a group of sensors for detecting the state of the main device 200. In this embodiment, for example, a GPS (Global Positioning System) receiver 261, a gyro sensor 262, a geomagnetic sensor 263, an acceleration sensor 264, an illuminance sensor 265, a proximity sensor 266, and a biological information sensor 267 are provided. Be prepared.

These sensor groups detect the position, inclination, direction, movement, and surrounding brightness of the main device 200, the user's biological information, and the like. In addition, the main device 200 may include an atmospheric pressure sensor, etc.
It may further include a pressure sensor and other sensors. Note that the position information is obtained from the GPS receiver 261.
Obtained by In places where GPS radio waves are difficult to reach, the LAN communication device 221 allows Wi-
It may be acquired using the position information of the AP device of Fi, or similarly, it may be acquired by the telephone network communication device 222 using a position information acquisition method using base station position information and propagation delay of telephone communication radio waves. . Moreover, these sensor groups do not necessarily need to be provided with all of them.

Note that the configuration example of the main device 200 shown in FIG. 2 includes many configurations that are not essential to this embodiment, but even a configuration that does not include these does not impair the effects of this embodiment. . Furthermore, configurations not shown may be further added, such as a digital broadcast reception function and an electronic money payment function.

[Functional configuration of main device]
The functions realized by the main device 200 will be explained using FIG. 3. As described above, when the user attempts to execute a predetermined function, the main device 200 of this embodiment requests user authentication from the authentication device, and if the authentication is successful, enables the execution of the function. .

In order to realize this, the main device 200 includes an authentication code transmission request generation section 271, a verification section 272, a lock release section 273, a transmission/reception section 274, and an operation control section 275.

Note that these functions are performed when the CPU 201 transfers the program stored in the ROM 211 to the RAM.
212 as an execution program 291 and execute it. For this reason, FIG. 3 shows functions realized by programs stored in the ROM 211.

In addition, the storage 213 (main body storage unit) includes authentication source information 2 as reference information 280.
81, an authentication code generation algorithm 282, and a transmission request generation algorithm 283 are stored. These data are stored in storage 213 in advance. When each of the above functions is executed, the CPU 201 saves and uses these data in the temporary storage area 292 of the RAM 212. Further, the temporary storage area of the RAM 212 stores data generated during the execution of each program stored in the ROM 211, data obtained as a result of execution, and the like.

The transmitter/receiver 274 is connected to the communication processor 220 or the expansion I/F 227, such as a USB
/F controls data transmission and reception with external devices.

The authentication code transmission request generation unit 271 generates an authentication code transmission request that requests the authentication device 300 to transmit an authentication code. The authentication code transmission request is generated, for example, when an instruction to execute a function set to require authentication (authentication required function) is received prior to execution. This authentication code transmission request is generated according to the transmission request generation algorithm 283. At this time, a different authentication code is generated for each request.

The generated authentication code transmission request is transmitted to the authentication device 300 via the transmission/reception unit 274. That is, the authentication code transmission request generation section 271 and the transmission/reception section 274 function as an authentication code transmission request section.

The verification unit 272 verifies the validity of the authentication code returned from the authentication device 300 in response to the authentication code transmission request. In this embodiment, the authentication code transmission request and authentication source information 281
A verification code is generated using the authentication code generation algorithm 282 and the authentication code generation algorithm 282. Then, the generated verification authentication code is compared (verified) with the returned authentication code to determine its validity. For example, if the authentication code transmitted from the authentication device 300 matches the verification authentication code, it is determined that the authentication is successful.

When the verification unit 272 determines that the authentication code is valid, the lock release unit 273 makes the authentication required function executable (valid).

The operation control unit 275 controls each unit of the main device 200 so as to implement the authentication required function that is permitted to be executed by the lock release unit 273. It also functions as a reception unit that receives various instructions via the operating device 230.

[Hardware configuration of authentication device]
Next, the authentication device 300 will be explained. The authentication device 300 is the main device 2
A user who is permitted to operate 00 holds the authentication code, generates an authentication code in response to a request from the main device 200, and sends it back.

The hardware configuration of the authentication device 300 that realizes this is shown in FIG. 4(a). As shown in this figure, the authentication device 300 includes a CPU 301, a system bus 302, and a storage device 3.
10 and a communication processor 320.

CPU 301 is a microprocessor unit that controls the overall operation of authentication device 300. The system bus 302 is a data communication path for transmitting and receiving data between the CPU 301 and each operational block within the authentication device 300.

The storage device 310 includes a ROM 311, a RAM 312, and a storage 313.
These basically have the same functions and configuration as the configuration of the main device 200 with the same name.

The communication processor 320 includes a wired communication device 323, a close proximity wireless communication device 324, and a wireless communication device 32.
5. These also basically have the same functions and configuration as the configuration of the main device 200 with the same name.

Note that the authentication device 300 may otherwise have the same configuration as the main device 200. For example, it may further include an expansion I/F 227. In addition, the main device 200
It may have all the hardware configurations.

[Functional configuration of authentication device]
Next, the functions realized by the authentication device 300 will be explained using FIG. 4(b). As described above, the authentication device 300 of this embodiment returns an authentication code in response to a request from the main device 200.

To achieve this, the authentication device 300 includes an authentication code generation section 371 and a transmitting/receiving section 3.
72. These functions execute programs stored in the ROM 311 by the CPU 30.
1 is expanded into the RAM 312 as an execution program 391 and executed.

The storage 313 (authentication storage unit) also contains authentication source information 2 as reference information 380.
81 and an authentication code generation algorithm 282. These data are copies of data with the same name provided in the main device 200.

When each of the above functions is executed, the CPU 301 saves and uses these data in the temporary storage area 392 of the RAM 312. In addition, the temporary storage area of RAM312 includes ROM3
Each program stored in 11, data generated during execution, data obtained as a result of execution, etc. are stored.

The transmission/reception unit 372 controls transmission and reception of data with an external device via the communication processor 320.

Upon receiving an authentication code transmission request from the main device 200 via the transmitter/receiver 372, the authentication code generator 371 generates an authentication code. The authentication code is generated using the information included in the authentication code transmission request, the authentication source information 281, and the authentication code generation algorithm 282. The generation method is the same as the method by which the verification section 272 of the main device 200 generates the verification code.

The generated authentication code is sent back to the main device 200 via the transmitter/receiver 372. That is, the authentication code generating section 371 and the transmitting/receiving section 372 function as an authentication code replying section.

[Flow of user authentication process]
Next, the flow of user authentication processing in this embodiment will be explained. FIG. 5 is a processing flow of user authentication processing in this embodiment. This process is started, for example, upon receipt of an instruction to execute the authentication-required function described above.

First, the transmitting/receiving unit 274 of the main device 200 requests the authentication device 300 to start communication (step S1101).

Upon receiving the communication start request, the transmitter/receiver 372 of the authentication device 300 receives the communication start request (step S12).
01, S1202), and performs communication establishment processing with the requesting device (main device 200) (Steps S1203, S1102).

The communication may be established, for example, by continuously polling from the authentication device 300 side, detecting the main device 200 that has come within a predetermined range, and establishing two-way communication.

The authentication device 300 remains in a waiting state until communication is established (step S12).
04). On the other hand, on the main device 200 side, if communication is not established after transmitting the communication start request (step S1103), if it is within a predetermined time, the process returns to step S1101 and requests the communication start request again.

On the other hand, if the predetermined time has elapsed, it is determined that the time has expired (step S1104), and the collation unit 2
72, it is determined that the authentication has failed. In this case, the matching unit 272 sets the authentication failure flag (
Step S1105), the process ends.

When bidirectional communication is established (steps S1204, S1103), first, the main device 2
The authentication code transmission request generation unit 271 of 00 generates an authentication code transmission request (step S1
110), and transmits to the authentication device 300 (step S1111).

On the authentication device 300 side, when the transmitter/receiver 372 receives the authentication code transmission request (step S1205), the authentication code generator 371 generates an authentication code (step S12).
06). Then, the transmitting/receiving unit 372 transmits the generated authentication code to the main device 200 (step S1207).

When the transmitter/receiver 274 of the main device 200 receives the authentication code (step S1112
), the verification unit 272 determines its validity (step S1113). Here, as described above, it is determined whether the verification code matches the verification authentication code generated in advance. If it matches, the matching unit 27
2 determines that the authentication is successful, sets an authentication success flag (step S1114), and ends the process.

On the other hand, if they do not match, the matching unit 272 determines that the authentication has failed, and moves to step S1105.

Note that the authentication failure flag and the authentication success flag are each stored in the temporary storage area 292.

Further, when the above-described user authentication process is completed and the authentication success flag is set, the lock release unit 273 unlocks the authentication required function that has been instructed to be executed, and makes it usable. Specifically, it accepts instructions from the user regarding the function.

Note that in the user authentication process of this embodiment, the main device 200 and the authentication device 30
Transmission and reception of data to and from 0 is performed, for example, by wireless communication using wireless communication devices 225 and 325.

Next, the authentication code transmission request generation process in step S1110 and step S120
6, the authentication code generation process will be explained.

First, the authentication source information 281, authentication code generation algorithm 282, and transmission request generation algorithm 283 used at this time will be explained.

The authentication source information 281 of this embodiment stores a first value and a second value different from the first value in association with each other. When the first value is specified, the second value registered in association is returned. At this time, a different first value is specified for each authentication code transmission request. As a result, a different authentication code will be returned each time.

FIG. 6(a) is an example of the authentication source information 281 of this embodiment. As shown in this figure, the authentication source information 281 includes an address 281a that is a first value, and a code 281b that is a second value that corresponds to each address 281a. In this embodiment, this address 281a is specified in the authentication code transmission request. Then, the code 281b registered in association with the designated address 281a is set as the authentication code.

In this embodiment, the main device 200 transmits one or more addresses 281a as an authentication code transmission request 285, as shown in FIG. 6(b). Then, the authentication device 300 generates the corresponding code 281b as the authentication code 286, as shown in FIG. 6(c).

The transmission request generation algorithm 283 defines a generation method (rule) of information to be transmitted as the authentication code transmission request 285. In this embodiment, a method for determining the address 281a of the authentication source information 281 to be included in the authentication code transmission request 285 is defined. For example, the last digit of the time indicated by the clock when the authentication code transmission request is generated is used, or a random number generated by a random number generator or the like is used. It is assumed that the main device 200 includes a random number generator. Note that, as shown in FIG. 6(b), when multiple addresses 281a are included in the authentication code transmission request 285,
The order may also be specified.

The transmission request generation algorithm 283 is not limited to the above. It is sufficient that a different address 281a or a different set of addresses 281a is set each time an authentication code transmission request is generated. Further, the transmission request generation algorithm 283 may be set and changed arbitrarily by the user.

The authentication code transmission request generation unit 271 specifies the address 281a of the authentication source information 281 according to the transmission request generation algorithm 283. Then, an authentication code transmission request 285 is generated using the specified address 281a. Further, the information on the specified address 281a is stored in the matching unit 272.
Also output to.

The authentication code generation algorithm 282 defines the generation method (rule) of the authentication code 286. In this embodiment, a process of extracting a code registered in the authentication source information 281 in association with the address 281a included in the authentication code transmission request 285 and generating it as an authentication code is registered.

The authentication code generation unit 371 extracts the code corresponding to the address 281a included in the authentication code transmission request 285 from the authentication source information 281 according to the authentication code generation algorithm 282, and generates it as the authentication code 286.

For example, when using the authentication source information 281 shown in FIG. 6(a), the authentication code transmission request 28
Assume that 2, 5, 7, and 9 are designated as addresses 281a in 5, as shown in FIG. 6(b). In this case, as shown in FIG. 6(c), the authentication code 286 includes 8, f, g, and 2.
is generated and sent back.

As explained above, the user authentication system 100 of this embodiment has the main device 200
and an authentication device 300. The main device 200 includes an authentication code transmission request unit that generates an authentication code transmission request including a predetermined first value and transmits the generated authentication code transmission request to the authentication device 300; generate an authentication code for verification,
If the authentication code transmitted from the authentication device 300 in response to the authentication code transmission request is included in the generated verification authentication code, the verification unit 272 determines that the authentication is successful; and if the verification unit 272 determines that the authentication is successful, It includes a lock release section 273 that enables a predetermined function. Further, the authentication device 300 generates an authentication code according to the first value included in the authentication code transmission request, and sends it back to the main device 200.

At this time, the main device 200 and the authentication device 300 have authentication source information 281 having a plurality of sets of a first value and a second value associated with the first value, and authentication source information 281 An authentication code generation algorithm 282 that generates an authentication code from . Then, the authentication code transmission request section selects the first value from the authentication source information 281 according to a predetermined rule, and the authentication code reply section selects the first value from the authentication source information 281 in accordance with the transmitted first value. The second value stored in the second value is generated as an authentication code.

In this way, according to this embodiment, a different authentication code is returned each time an authentication code is requested. Therefore, even if the returned authentication code is intercepted or tapped, the authentication code will not be used at the next authentication. Therefore, the auxiliary authentication device (authentication device 30
0) to perform authentication on the mobile terminal (main device 200), high security can be obtained.

<Modified example>
Note that the authentication code generation algorithm 282 may be a function. In this case, the authentication source information 281 may not be provided. For example, the authentication code transmission request generation unit 271 includes the variable of the function in the authentication code transmission request and transmits the authentication code transmission request. The variables are generated according to the transmission request generation algorithm 283, for example.

In this case, the verification unit 272 uses the value returned by the function according to the variable as the verification authentication code. Further, the authentication code generation unit 371 also returns a value returned by the function as the authentication code 286 according to the transmitted variable.

Further, to generate the authentication code, a function such as a token that outputs a different authentication code each time may be used. For tokens, different authentication codes are automatically generated depending on, for example, the timing or number of authentication code transmission requests. In this case, the authentication code generation algorithm is shared between the main device 200 and the authentication device 300.

Moreover, each code of the authentication source information 281 is not limited to one alphanumeric character. multiple characters,
It may be a string of numbers, symbols, etc.

By applying these modifications, the confidentiality of transmitted and received data is further improved.

<<Second embodiment>>
Next, a second embodiment of the present invention will be described. In this embodiment, the authentication device side further takes into account the result of person authentication, generates an authentication code, and sends it back.

The overall configuration of the user authentication system 100 of this embodiment is basically the same as that of the first embodiment. The present embodiment will be described below, focusing on the configuration that is different from the first embodiment.

In this embodiment, when communication is established between the main device 200 and the authentication device 300, the main device 200 transmits an authentication code transmission request 285 to the authentication device 300, as in the first embodiment. Upon receiving the authentication code transmission request 285, the authentication device 300 authenticates the user holding the authentication device 300, takes into account the success or failure of the authentication, generates an authentication code 286, and sends it back.

[Main device]
Regarding the main device 200 of this embodiment, the hardware configuration and functional blocks,
Both are similar to the first embodiment.

However, as described later, the authentication device 300 performs personal authentication. The result is then added to the returned authentication code 286. Therefore, the authentication source information 28 of this embodiment
1 and the authentication code generation algorithm 282, information that can distinguish whether the personal authentication is successful or unsuccessful is added.

The collation unit 272 uses the authentication source information 281 and the authentication code generation algorithm 282 to generate a verification code. However, the verification unit 272 generates the verification code for verification so that the verification code returned when the user authentication is successful and the authentication code returned when the user authentication fails are distinguishable. Note that the verification unit 272 may create only the authentication code that is returned when the person authentication is successful.

For example, if the verification code matches the verification code of the verification code returned when the user authentication fails, the verification unit 272 notifies the operation control unit 275 of the same. The operation control unit 275 may be configured to display, for example, a message on the display 241 indicating that the legitimate authentication device 300 is held by an unauthorized holder.

[Authentication device]
The authentication device 300 of this embodiment will be explained. Authentication device 300 of this embodiment
Now, as described above, perform personal authentication. For this reason, the authentication device 300 of this embodiment:
Equipped with functions and configuration for personal authentication.

FIG. 7(a) is a hardware configuration diagram of the authentication device 300 of this embodiment. As shown in this figure, the authentication device 300 of this embodiment is different from the authentication device 300 of the first embodiment.
In addition to the above configuration, a biological information sensor 367 is further provided.

The biological information sensor 367 is a sensor that collects biological information. For example, authentication device 3
When 00 is a wristwatch-type wearable terminal, it may be a pulse wave sensor or a heartbeat sensor. In addition, an imaging device such as a camera that photographs fingerprints, veins, irises, etc. may be used. In addition,
The biometric information sensor 367 functions as a biometric information acquisition unit together with a biometric authentication unit 373 described below.

FIG. 7(b) is a functional block diagram of the authentication device 300 of this embodiment. As shown in this figure, the authentication device 300 of this embodiment further includes a biometric authentication section 373 in addition to the configuration of the first embodiment. That is, the ROM 311 includes a program that implements the biometric authentication section 373.

In addition, the reference information 380 of the storage 313 includes a valid user of the authentication device 300 (
The biometric information of the holder) is further registered as verification biometric information 383. The verification biometric information 383 is acquired in advance when a legitimate holder holds the authentication device 300.
For example, in the case of a wristwatch-type terminal, when the terminal is first worn, the biological information sensor 367 acquires pulse waves or heartbeats for a predetermined period of time (for example, 10 seconds, 1 minute, etc.). Then, the obtained result is stored in the storage 313 as biometric information for verification 383.

The biometric authentication unit 373 of this embodiment sends the authentication code transmission request 28 via the transmission/reception unit 372.
5, the biological information of the holder is acquired at that point. The biological information is acquired via the biological information sensor 367. Then, the acquired biometric information is compared with the biometric information for comparison 383, and the comparison result is output to the authentication code generation section 371.

The authentication code generation unit 371 generates an authentication code 286 by taking the verification result into consideration.
A specific example will be described later.

The flow of user authentication processing according to this embodiment will be explained below. FIG. 8 is a processing flow of user authentication processing according to this embodiment. Note that explanations of parts similar to those in the first embodiment will be omitted.

When bidirectional communication is established (steps S1204, S1103), the authentication code transmission request generation unit 271 of the main device 200 generates an authentication code transmission request 285 (step S1
110), and transmits to the authentication device 300 (step S1111).

On the authentication device 300 side, when the transmission/reception unit 372 receives the authentication code transmission request 285 (step S1205), the biometric authentication unit 373 performs personal authentication (step S2201).
. Here, biometric information is collected for a predetermined period. Biometric information is collected by biometric information sensor 367. Then, the acquired biometric information is compared with the biometric information for verification 383. and,
The comparison result is output to the authentication code generation section 371.

The authentication code generation unit 371 generates an authentication code (step S2202), and sends the authentication code to the transmitting/receiving unit 3.
72 transmits the generated authentication code to the main device 200 (step S1207).
. A specific example of the authentication code generated here will be described later.

When the transmitter/receiver 274 of the main device 200 receives the authentication code (step S1112
), the verification unit 272 determines its validity (step S1113). Also in this embodiment, a match with a pre-generated verification code is determined. If they match, the matching unit 272
determines that the authentication is successful, sets an authentication success flag (step S1114), and ends the process.

On the other hand, if they do not match, the matching unit 272 determines that the authentication has failed, and moves to step S1105.

Note that when the above-described user authentication process is completed and the authentication success flag is set, the lock release unit 273 unlocks the authentication required function that has been instructed to be executed, and makes it usable. Specifically, it accepts instructions from the user regarding the function.

Next, a specific example of the authentication code generated in this embodiment will be explained. First, a specific example of the authentication source information 281 prepared in this embodiment will be described. The authentication source information 281 of this embodiment stores, in association with the first value, a second value to be returned when the personal authentication is successful, and a third value to be returned when the personal authentication has failed. Ru.

FIG. 9A shows an example of the authentication source information 281 of this embodiment. As shown in this figure, the authentication source information 281 includes an address 281a that is a first value, a code 1 (281b) that is a second value corresponding to each address 281a, and a code that is a third value. 2 (281c).
Note that the second value is a value to be returned when the personal authentication is successful, and the third value is a value to be returned when the personal authentication has failed.

Also in this embodiment, the information that the main device 200 transmits as the authentication code transmission request 285 is one or more addresses 281a. Then, the authentication device 300 generates and returns a corresponding code 1 (281b) or code 2 (281c) as the authentication code 286 depending on whether the person authentication is successful or not.

In this embodiment, the verification unit 272 of the main device 200 may generate an authentication code using code 1 (281b) that is returned when the user authentication is successful, as the authentication code for comparison.

For example, when using the authentication source information 281 shown in FIG. 9(a), the authentication code transmission request 28
Assume that 2, 5, 7, and 9 are designated as addresses 281a in 5, as shown in FIG. 9(b). In this case, if biometric authentication is successful, an authentication code 286 containing 8, f, g, and 2 is generated and sent back, as shown in FIG. 9(c). On the other hand, if biometric authentication fails, as shown in FIG. 9(d), an authentication code 286 containing t, 4, 2, and g is generated and sent back.

As explained above, in this embodiment, in addition to the configuration of the first embodiment, the authentication device 300 performs biometric authentication of the holder, and generates an authentication code including the result of the success or failure of the biometric authentication. , has a configuration for replying.

Therefore, according to the present embodiment, the main device 200 can also know whether or not the user authentication in the authentication device 300 has been successful. That is, the main device 200 can determine not only whether the authentication device 300 is legitimate, but also whether it is held by a legitimate user, according to the returned authentication code.

Therefore, according to the present embodiment, for example, even if the authentication device 300 is legitimate, if the holder is not the legitimate holder, it is possible to understand the circumstances such as loss or theft of the authentication device 300. Since such a determination can be made, security can be ensured even if the authentication device 300 is lost or stolen.

In this way, according to the present embodiment, it is possible to provide a highly secure user authentication system while maintaining high security during transmission and reception.

Note that in this embodiment as well, various modifications are possible as in the first embodiment.

<Modified example>
In addition, when the authentication device 300 succeeds in authenticating the person, the history is stored on the authentication device 300.
It may be configured to be held on the 0 side. In this embodiment, as described above, each time an authentication code transmission request is received, the authentication device 300 performs user authentication. At this time, success or failure is stored in the storage 313 in association with the time when the authentication was performed.

The authentication code 286 may be configured to be returned in a manner that allows it to be determined whether the user authentication has been successful a predetermined number of times in a row or the case where the user authentication has been successful only intermittently.

For example, as shown in FIG. 9A, a fourth value (code 3 (281d)) is further stored as the authentication source information 281 in association with the first value. Then, if the user authentication is successively successful, the second value is returned, and if the user authentication is only successful intermittently, the fourth value is sent back.

Thereby, the main device 200 side can grasp the situation, such as whether the authentication device 300 is not separated from the body of the original holder, or whether it has been separated even once. If the situation is suspicious, such as when personal authentication is frequently unsuccessful, security may be strengthened by, for example, requesting further input of a PIN code.

<<Third embodiment>>
Next, a third embodiment of the present invention will be described. In this embodiment, both the main device 200 and the authentication device 300 record the behavior history of the holder. If the behavior histories of both parties match, it is considered that the identity authentication has been successful.

The user authentication system 100 of this embodiment basically has the same configuration as the first embodiment. The present embodiment will be described below, focusing on the configuration that is different from the first embodiment.

[Main device]
The hardware configuration of the main device 200 of this embodiment is basically the same as that of the first embodiment. However, the functions realized by the main device 200 are different. FIG. 10 shows functional blocks of the main device 200 of this embodiment.

As shown in this figure, the main device 200 of this embodiment includes a position information acquisition section 277 in addition to the configuration of the first embodiment. Specifically, a program that implements the position information acquisition unit 277 is stored in the ROM 211, and the CPU 201 loads this program into the RAM 212 and executes it, thereby realizing the function of the position information acquisition unit 277.

The position information acquisition unit 277 acquires current position information via the GPS receiver 261, for example. The acquired location information is stored in the action history 28 in the storage 213 in association with the acquired time.
Store as 4. In this embodiment, this action history 284 is used as the source information for authentication.

The transmission request generation algorithm 283 of this embodiment is defined, for example, to specify the time period (period) of the action history 284 to be sent back. The authentication code generation algorithm 282 is defined to extract location information in a specified time period (period) from the action history 284.

Further, the verification unit 272 of the main device extracts the behavior history (location information) for the period specified by the authentication code transmission request 285 from the behavior history 284, and generates an authentication code for verification.

[Authentication device]
Next, the authentication device 300 of this embodiment will be explained. FIG. 11A is a hardware configuration diagram of the authentication device 300 of this embodiment. As shown in this figure, the authentication device 300 of this embodiment includes a GPS receiver 361 in addition to the configuration of the first embodiment.

FIG. 11(b) is a functional block diagram of the authentication device 300 of this embodiment. As shown in this figure, the authentication device 300 of this embodiment includes a position information acquisition section 374 in addition to the configuration of the first embodiment. Furthermore, the storage 313 further includes an action history 384 that registers the acquired position information in association with time.

When the authentication device 300 is powered on, the location information acquisition unit 374 of this embodiment calculates its own location information at predetermined time intervals according to the GPS signal received by the GPS receiver 361. Then, the calculation result is stored in the storage 313 as an action history 384 in association with the time.

The authentication code generation unit 371 of this embodiment extracts the behavior history (location information) for the period specified by the authentication code transmission request 285 from the behavior history 384 and uses it as an authentication code.

Note that in this embodiment, the main device 200 and the authentication device 300 share location information.
It is desirable to acquire them synchronously and at the same intervals. However, if this is difficult, the authentication code generation unit 371 determines the acquisition times closest to the start and end points of the period specified in the authentication code transmission request 285, extracts the position information between the two acquisition times, and authenticates. The code is 286.

Furthermore, the matching unit 272 may be configured to set a predetermined tolerance range during the verification, and determine a match if it is within the tolerance range.

The flow of user authentication processing according to this embodiment will be explained below. FIG. 12 is a processing flow of user authentication processing according to this embodiment. Note that explanations of parts similar to those in the first embodiment will be omitted.

When bidirectional communication is established (steps S1204, S1103), the authentication code transmission request generation unit 271 of the main device 200 generates an action history transmission request as the authentication code transmission request 285 (step S3110), and transmits it to the authentication device 300. (Step S311
1). Here, a period to be extracted from the action history 284 is specified.

When the transmitter/receiver 372 of the authentication device 300 receives the action history transmission request (step S
3201), the authentication code generation unit 371 of the authentication device 300 extracts the behavior history (location information) for the specified period from the behavior history 384 held in the storage 313 (step S3203), and generates the authentication code 286. . Then, the transmitting/receiving unit 372 transmits the generated authentication code 286 (action history) to the main device 200 (step S3204).

When the transmitter/receiver 274 of the main device 200 receives the authentication code (step S3102
), the verification unit 272 determines its validity (step S3103). Here, it is determined whether the verification code matches the verification code generated in advance. In this embodiment, depending on the timing of location information collection, the transmitted authentication code and the verification authentication code may not completely match. Therefore, as described above, a predetermined tolerance range may be provided to determine whether or not they match.

If they match, the matching unit 272 determines that the authentication is successful, sets an authentication success flag (step S1114), and ends the process.

On the other hand, if they do not match, the matching unit 272 determines that the authentication has failed, and moves to step S1105.

Here, an example of the action history 284, 384 of this embodiment will be shown. Here, Fig. 13(a
), an example of the action history 284 is shown as a representative example. As shown in this figure, action history 28
4, latitude and longitude information is registered as position information 284b in association with time 284a.
FIG. 13A shows an example in which position information 284b is registered every minute, for example.

For example, if the action history transmission request requests location information from 8:00 to 10:00 on November 1, 2017, the authentication code generation unit 371 transmits the location information corresponding to this period to the action history 380.
4 and set it as the authentication code 286. Note that the location information used as the authentication code does not need to use all digits in consideration of accuracy.

According to this embodiment, both the main device 200 and the authentication device 300 accumulate their position information as action history. Then, the action history for a predetermined period is received from the authentication device 300 as an authentication code.

In this embodiment as well, since the authentication code that is transmitted is different for each authentication, the security when transmitting and receiving the authentication code is high, as in each of the above embodiments. Furthermore, in this embodiment, there is no need for the main device 200 and the authentication device 300 to share authentication source information in advance. For this reason,
Since there is no data transmission/reception for sharing this authentication source information, a more secure user authentication system can be obtained.

Note that in this embodiment as well, various modifications are possible as in the first embodiment.

<Modified example>
Further, in this embodiment, both the main device 200 and the authentication device 300 constantly acquire position information and record it as an action history, but the method is not limited to this method. for example,
The execution of the authentication process may be controlled depending on whether the location where the specific process is performed is within the normal range of action or deviates from the normal range of action.

For example, on the main device 200 side, the action range is specified from the collected position information based on the track record of successful authentication processing accompanying the identification processing.

In this modification, for example, as shown in FIG. 13(b), each time the verification unit 272 determines that the authentication is successful, it associates it with the location information 284c at the time of the authentication, and determines that the authentication was successful. The number of times (number of successful authentications) 284d is stored. The position information 284c is acquired by the position information acquisition unit 374 and stored in the action history 284. That is, the location information 284c uses information specified by latitude and longitude.

Then, the collation unit 272 determines a position where the number of times of successful authentication 284d is equal to or greater than a predetermined number of times as an authentication result position. Furthermore, the range specified by the position information 284c corresponding to this authentication record position is defined as a normal action range 284e. In addition, in FIG. 13(b), for example, a position where the number of successful authentications 284d is 10 or more is set as an authentication performance position. Then, information on this normal action range 284e, that is, position information 284c of the normal action range 284e and number of successful authentications 284d, is stored in the storage 213 instead of the action history 284. Note that here, positions that differ within the allowable range are considered to be the same position.

The verification unit 272 determines whether the position of the main device 200 at the time of authentication is within the normal action range 284e. If the action is within the normal action range 284e and the specific process is not an important process, authentication by the authentication device 300 is omitted; if the action is outside the normal action range 284e or the specific process is an important process, authentication by the authentication device 300 is omitted. , the authentication device 300 executes authentication.

Here, the important specific process is, for example, when the specific process is a payment process, a payment process for a predetermined amount or more.

In addition, in the main device 200, the action history 284 is associated with the process and stored in the storage 200.
13 may be stored.

Further, the normal action range 284e is not limited to the range specified by the authentication record position. A range less than a predetermined distance from the authentication record position may be set as the normal action range 284e.

FIG. 14 shows the flow of action history collection processing and authentication processing in this modification. As shown in this figure, the position information acquisition unit 277 determines whether the process performed by the operation control unit 275 is a specific process (step S3301). If it is not a specific process, execute the process (step S33
09), ends.

On the other hand, if it is a specific process, position information is acquired (step S3302). Then, the operation control unit 275 further determines whether the specific process is an important process (step S3303).
), if the process is important, authentication processing is performed (step S3305). If the authentication is successful (step S3306), the matching unit 272 associates the acquired location information with the specific process and the acquisition time, stores it as the action history 284 (step S3307), and executes the specific process. (Step S3309). At this time, the same action history 2 is also applied to the authentication device 300.
84 (normal action range 284e) may be stored.

On the other hand, if the authentication is unsuccessful (step S3306), the operation control unit 275 displays an error (step S3308) and ends the process.

If it is determined in step S3303 that the specific process is not an important process (step S3303), the matching unit 272 determines that the position of the main device 200 is within the normal action range 284.
It is determined whether or not e (step S3304). If it is determined that it is not the normal action range 284e, the process moves to step S3305 where authentication processing is performed. On the other hand, if it is determined that it is the normal action range 284e, the process is executed (step S3309) and ends.

For example, the specific process may be a payment process at a store. With this configuration, the location information of the store that the user frequents is registered in advance. If payment processing is performed at a store other than the one registered in advance, the lock will not be automatically released. Therefore, high security can be achieved not only in data transmission and reception but also in processing execution.

Note that the action history 284 for each process may be registered in association with a time period. Further, the third embodiment may be combined with the first or second embodiment.

In addition, in this modification, the authentication device 300 sets the authentication performance history (
The same data as 284c, 284d) may be accumulated, and the authentication code transmission request may request transmission of past authentication performance history (284c, 284d). In this case, the verification unit 272 determines that the authentication history (284c, 284d) of the authentication device 300 returned in response to the request is the same as the authentication history (284c, 284d) recorded in the main device 200. The validity of the holder of the authentication device 300 is determined based on whether or not the authentication device 300 is authenticated.

<<Fourth embodiment>>
Next, a fourth embodiment of the present invention will be described. Prior to the user authentication processing described in each of the above embodiments, it is necessary to perform initial settings to transmit information necessary for the user authentication processing, such as authentication source information, from the main device 200 to the authentication device 300. In this embodiment, safety during this initial setting is enhanced.

In the first, second, and third embodiments described above, as an initial setting, the authentication source information 281 and/or the authentication code generation algorithm 282 are set in the main device 200 and sent to the authentication device 300. . Further, each time there is a change, the main device 200 sends the change to the authentication device 300. That is, each time the authentication source information 281 and/or the authentication code generation algorithm 282 are newly set or updated, initial settings are made to be shared between the main device 200 and the authentication device 300.

In each of the embodiments described above, the information transmitted from the main device 200 to the authentication device 300 at the time of initial setting is different. Here, the explanation will be based on the first embodiment, focusing on the configurations that are different from the first embodiment.

The hardware configurations of the main device 200 and the authentication device 300 of this embodiment are basically the same as those of the first embodiment.

[Main device]
The functional blocks of the main device 200 of this embodiment are shown in FIG. 15(a). As shown in this figure, the main device 200 of this embodiment includes an initial setting section 278 in addition to the configuration of the first embodiment.

The initial setting unit 278 transmits the authentication source information 281 and the authentication code generation algorithm 282 set in the main device 200 to the authentication device 300 at the time of initial setting. When transmitting, the initial setting unit 278 selects a communication means with a short range or wired communication instead of the transmission means normally used for transmitting and receiving data with the authentication device 300.

Note that the authentication source information 281 and the authentication code generation algorithm 282 are registered in the storage 213 in advance by the user of the main device 200. Upon receiving an initial setting instruction from a user, the initial setting unit 278 of this embodiment selects a communication means at the time of initial setting and performs initial setting processing.

As the communication means, the most secure communication means among the communication means that can communicate between the main device 200 and the authentication device 300 is selected. For example, wired communication using the wired communication device 223 is selected. Furthermore, in the case of wireless communication, wireless communication with the shortest reach is selected, such as wireless communication using the close proximity wireless communication device 224, for example.

The priority order of these selections is, for example, set in advance and held in the storage 213 or the like.
Note that the configuration may be such that the user instructs the communication device to be used each time.

In addition, when wired communication is selected, the initial setting unit 278 prompts the user to connect the main device 200.
A message prompting a wired connection between the authentication device 300 and the authentication device 300 may be displayed on the display 241.

In addition, if the authentication device 300 side is equipped with a USB I/F, the U of the main device 200
The SBI/F and the USB I/F of the authentication device 300 may be connected with a USB cable to perform data transfer.

FIG. 15(b) is a functional block diagram of the authentication device 300 of this embodiment. As shown in this figure, in addition to the configuration of the first embodiment, an initial setting section 375 is provided.

The initial setting unit 375 sets the authentication source information 281 and the authentication code generation algorithm 282 to
Performs processing when receiving data from the main device 200. In this embodiment, the main device 200
A communication means corresponding to the communication means set by is set as a receiving means, and information from the main device 200 is received.

FIG. 16(a) is a flow diagram for explaining the flow of processing at the time of initial setting of this embodiment. It is assumed that at the start of this process, the authentication source information 281 and the authentication code generation algorithm 282 are registered in the main device 200. Further, this process is started upon receiving an instruction to start initial settings from the holder of the main device 200.

First, the initial setting unit 278 of the main device 200 selects a communication means (step S4
101). Then, an initial setting request is sent to the authentication device 300, requesting establishment of communication using the selected communication means (step S4102).

When the authentication device 300 receives a communication establishment request as an initial setting request (step S
4201), the initial setting unit 375 performs processing to establish communication using the requested communication means, and establishes communication using the communication means (step S4202).

When communication is established, the initial setting unit 278 transfers the authentication source information 281 and the authentication code generation algorithm 282 from the main device 200 to the authentication device 300 using the communication means.
Initial settings are made to send the data to (step S4103).

The initial setting unit 375 performs initial settings to save the transmitted authentication source information 281 and authentication code generation algorithm 282 in the storage 313 (step S4203). Then, the initial setting section 375 notifies the initial setting section 278 that the storage has been completed, and finishes the initial setting.

After completing the initial settings, the initial setting unit 278 and the initial setting unit 375 each return the communication means of their own devices to the normally used communication means (steps S4104, S4204), and end the process.

Note that, as shown in FIG. 16(b), normal communication means are used until communication is established, such as sending an initial setting request (steps S4301 and S4401), and after communication is established, a communication means is selected (step S4101, S4202) may be configured.

As explained above, in this embodiment, the possibility of leakage is increased during initial settings, that is, when the authentication source information 281, which is the source of authentication code generation, is shared between the main device 200 and the authentication device 300. Send and receive data using low-level communication methods. Therefore, a more secure user authentication system can be realized.

<Modified example>
In addition, in this embodiment, in each of the above embodiments, the wireless communication device 22 used during user authentication processing is
Although communication means other than 5 are selected to increase safety, the present invention is not limited to this.

For example, if the output of the wireless communication device 225 is variable, the output may be lowered during initial processing than during normal times such as during user authentication processing.

FIG. 17 shows a configuration example of the variable output wireless communication device 225. The wireless communication device 225 includes a signal processor 225a, a variable resistor 225b, an output device 225c, and an antenna 225d.

For example, during initial setting, the initial setting unit 278 issues an instruction to the wireless communication device 225 to reduce the output. For example, the resistance value of the variable resistor 225b is increased to suppress the output. Further, when the initial setting is completed, the initial setting unit 278 issues an instruction to the wireless communication device 225 to return the resistance value of the variable resistor 225b to the original value.

Further, according to this embodiment, the authentication source information 281 and the authentication code generation algorithm 28
After sharing 2, user authentication may be performed using either the method of the first embodiment or the second embodiment.

Note that during initial processing, the authentication source information 281 and the authentication code generation algorithm 282 may be encrypted using a public key and transmitted from the main device 200 to the authentication device 300.

<Modified example>
Note that in each of the embodiments described above, the function of authenticating using the authentication device 300 is not particularly limited, except for the identification process of the modification of the third embodiment. For example, the user authentication processing in each of the embodiments described above may be used for authentication when the screen of the main device 200 is unlocked, or may be used for authentication when a specific predetermined application is executed.

<Modified example>
Further, for example, the main device 200 may be configured to include a plurality of user authentication means and use them together. FIG. 18 shows an example of the processing flow in this case. Here, the first authentication process unlocks the screen, the second authentication process authenticates a specific process, and if the second authentication process fails, the third authentication process is performed as a backup. This will be explained using an example. Note that the screen lock state is a state in which the main device 200 is in a standby state and does not accept anything other than authentication operations.

First, the operation control unit 275 performs a first authentication process (step S5101), and if the authentication is successful (step S5102), the lock release unit 273 unlocks the screen of the main device 200 (step S5103). Note that in the case of authentication failure, the process is either terminated or the process returns to step S5101 to perform authentication again.

When the screen lock is released and an operation instruction is received from the user via the display 241 (step S5104), the operation control unit 275 determines whether or not the instruction is for a predetermined specific process (step S5104). S5105). At this time, if the process is specific, the operation control unit 275 performs the second authentication process (step S5106). On the other hand, if the process is not specific, the process is executed as is (step S5108), and the process ends.

If the second authentication is successful (step S5107), the process moves to step S5108 and the process is executed.

On the other hand, if the second authentication fails, the operation control unit 275 displays an error message on the display 241 and also displays a message prompting the third authentication (step S5111). If authentication is established in this third authentication (step S5112; Yes), step S510
8 and executes the process. On the other hand, if the authentication is not successful even in this third authentication (
If Step S5112; No), the operation control unit 275 displays an error (Step S5112; No).
113), the process ends.

Note that in this modification, different authentication means are used for the first authentication, the second authentication, and the third authentication, respectively. At this time, user authentication using the authentication device 300 may be used for any of the first authentication, second authentication, and third authentication.

For example, for the first authentication, authentication that directly uses biometric information such as a fingerprint, vein, or iris is applied, and for the second authentication, user authentication that uses the authentication device 300 of each of the above embodiments is applied, Authentication means such as input of a PIN code (password) may be applied to the third authentication.

For example, in the case of the modification of the third embodiment described with reference to FIG. 14, if the user attempts to perform payment processing at a store other than the store he or she frequents, authentication will fail and the lock will not be released. In such a case, as shown in this figure, if you prepare a third authentication method to be used when authentication fails with the user authentication means of this embodiment, even if you are a new store, you will not have to know the password. You can process payments as long as you are available. In other words, convenience and safety can be achieved in a well-balanced manner.

Further, the configuration may be such that the user can set what kind of authentication means to use for each of the first authentication, second authentication, and third authentication.

Further, if the main device 200 can use a plurality of authentication means, it may be configured to perform a plurality of authentications in a specific process. Then, the process may be configured to be executed only when all of the executed authentications are successful. Furthermore, the process may be configured to be executed when at least one of the multiple authentications performed is successful.

Further, a specific process that is executed only when all authentications are successful using a plurality of authentication means is, for example, a payment process. Further, the number of authentications used may be changed depending on the payment amount of the payment process. That is, as the payment amount increases, the number of authentication means used also increases.

<Modified example>
Furthermore, communication establishment processing may be periodically attempted between the main device 200 and the authentication device 300. As shown in FIG. 19, the operation control unit 275 periodically performs step S110.
Attempt communication establishment processing starting from 1. If communication establishment fails, the authentication failure flag is not only set, but also the time at which communication establishment could not be established is recorded (step S5).
201; non-established time accumulation).

In step S1103, even if communication is established, before generating an authentication code transmission request, the collation unit 272 checks the past communication non-establishment period (step S5202).
). At this time, for example, it is determined whether or not there is a period in which communication is not established continuously for a predetermined period.

If there is a period in which communication is not established continuously for a predetermined period or longer, even if communication is established, it is determined that authentication has failed and the process moves to step S1105. On the other hand, in step S5202, if the communication non-establishment period is less than or equal to the predetermined time, the user authentication process of each of the above embodiments is performed as is (step S5203).

<Modified example>
In each of the above embodiments, the authentication device 300 serves as an auxiliary authentication device for the main device 200.
is used, but is not limited to this. For example, the authentication device 300 also uses the main device 2.
It may have the same functions as 00. Then, the configuration may be such that mutual authentication is performed between the main device 200 and the authentication device 300.

For example, when the two devices are a smartphone and a wearable terminal, the smartphone functions as the main device 200 and the wearable terminal functions as the authentication device 300 when the smartphone executes a specific process. Furthermore, when a specific process is executed with a wearable terminal, the wearable terminal functions as the main device 200 and the smartphone functions as the authentication device 300.

<Modified example>
Furthermore, in each of the above embodiments, one authentication device 3 is provided for one main body device 200.
00 has been described as an example, but the present invention is not limited to this. 1 main device 2
00, a plurality of authentication devices 300 may be provided. In this case, each of the plurality of authentication devices 300 includes authentication source information 281 and/or authentication code generation algorithm 282 provided in the main device 200. Then, authentication may be considered successful only when the authentication codes from all authentication devices 300 match. On the other hand, if the authentication codes from at least one authentication device 300 match, the authentication may be considered successful.

Note that the present invention is not limited to the above-described embodiments, and includes various modifications.
For example, the embodiments described above are for explaining the present invention in an easy-to-understand manner, and are not necessarily limited to those having all the configurations described. Furthermore, it is possible to replace a part of the configuration of one embodiment with the configuration of another embodiment, and it is also possible to add the configuration of another embodiment to the configuration of one embodiment. Furthermore, it is possible to add, delete, or replace some of the configurations of each embodiment with other configurations.

Further, each of the above-mentioned configurations, functions, processing units, processing means, etc. may be partially or entirely realized in hardware by designing, for example, an integrated circuit. Furthermore, each of the above configurations, functions, etc. may be realized by software by a processor interpreting and executing a program for realizing each function. Information such as programs, tables, files, etc. that implement each function can be stored in a memory, a recording device such as a hard disk, an SSD (Solid State Drive), or a recording medium such as an IC card, an SD card, or a DVD.

Further, the control lines and information lines are shown to be necessary for explanation purposes, and not all control lines and information lines are necessarily shown in the product. In reality, almost all components may be considered to be interconnected.

100: User authentication system,
200: Main device, 201: CPU, 202: System bus, 210: Storage device,
211: ROM, 212: RAM, 213: Storage, 220: Communication processor, 221:
LAN communication device, 222: Telephone network communication device, 223: Wired communication device, 224: Proximity wireless communication device,
225: Wireless communication device, 225a: Signal processor, 225b: Variable resistor, 225c: Output device,
225d: antenna, 227: expansion I/F, 230: controller, 240: video processor, 241: display, 242: image signal processor, 243: camera, 250: audio processor, 251: speaker, 252: audio signal processor, 253: Mike,
260: sensor, 261: GPS receiver, 262: gyro sensor, 263: geomagnetic sensor, 264: acceleration sensor, 265: illuminance sensor, 266: proximity sensor, 267: biological information sensor,
271: Authentication code transmission request generation unit, 272: Verification unit, 273: Lock release unit, 274
: Transmission/reception unit, 275: Operation control unit, 277: Position information acquisition unit, 278: Initial setting unit, 28
0: Reference information, 281: Authentication source information, 281a: Address, 281b: Code (1), 28
1c: Code 2, 281d: Code 3, 282: Authentication code generation algorithm, 283:
Transmission request generation algorithm, 284: action history, 284a: time, 284b: location information,
284c: Location information, 284d: Number of successful authentications, 285: Authentication code transmission request, 286:
Authentication code, 291: Execution program, 292: Temporary storage area,
300: Authentication device, 301: CPU, 302: System bus, 310: Storage device,
311: ROM, 312: RAM, 313: Storage, 320: Communication processor, 323:
Wired communication device, 324: Proximity wireless communication device, 325: Wireless communication device, 361: GPS receiver, 3
67: Biometric information sensor, 371: Authentication code generation unit, 372: Transmission/reception unit, 373: Biometric authentication unit, 374: Location information acquisition unit, 375: Initial setting unit, 380: Reference information, 383: Biometric information for verification, 384 : Action history, 391: Execution program, 392: Temporary storage area

The present invention provides a user authentication system for authenticating a user of the main device, comprising a main device and an authentication device that communicates with the main device, wherein the main device is configured to perform a Authentication source information having a plurality of pairs of one value and a second value associated with the first value is stored, and the first value is extracted from the authentication source information based on a predetermined rule. , the second value stored in the authentication source information in association with the selected first value is set as a verification authentication code, and an authentication code transmission request including the selected first value is sent. generate,
The authentication code transmission request is sent to the authentication device, and the authentication device stores biometric information of the holder of the authentication device obtained in advance before authentication as verification biometric information, and transmits it from the main device. receives the authentication code transmission request, stores the authentication source information, acquires the biometric information in response to the authentication code transmission request, performs biometric authentication using the verification biometric information, and If biometric authentication is successful, the second value stored in the authentication source information in association with the first value is generated as an authentication code, the authentication code is sent to the main body device, and the second value is stored in the authentication source information in association with the first value. If the authentication code sent from the authentication device includes the verification authentication code, the device determines that the authentication is successful, and when it determines that the authentication is successful, it enables a predetermined function and determines that the authentication is successful. If not, the authentication code transmission request is transmitted to the authentication device every time a predetermined time elapses .

Claims (16)

A user authentication system for authenticating a user of the main device, comprising a main device and an authentication device that communicates with the main device,
The main device is
storing authentication source information having a plurality of pairs of a first value selected for each transmission and a second value associated with the first value;
selecting the first value from the authentication source information based on a predetermined rule;
The second value stored in the authentication source information in association with the selected first value is a verification authentication code,
generate an authentication code transmission request including the selected first value;
transmitting the authentication code transmission request to the authentication device;
The authentication device is
Storing biometric information of the holder of the authentication device obtained in advance before authentication as biometric information for verification,
receiving the authentication code transmission request transmitted from the main device;
storing the authentication source information;
In response to the authentication code transmission request, acquire the biometric information and perform biometric authentication using the verification biometric information,
If the biometric authentication is successful, generating the second value stored in the authentication source information in association with the first value as an authentication code;
transmitting the authentication code to the main device;
The main device is
If the authentication code transmitted from the authentication device includes the verification authentication code, it is determined that the authentication is successful;
If it is determined that the authentication is successful, enable the predetermined function,
A user authentication system characterized in that when authentication is not determined to be successful, a predetermined function is not enabled and a display indicating that authentication is not determined to be successful is displayed. The user authentication system according to claim 1,
A user authentication system, wherein the authentication device is a wearable terminal. The user authentication system according to claim 1,
The main device is
A variable output wireless communication device,
An initial setting section;
The initial setting unit transmits the authentication source information to the authentication device via the wireless communication device before transmitting the authentication code transmission request to the authentication device, and when transmitting the authentication source information, . A user authentication system, wherein the output of the wireless communication device is lower than the output when transmitting the authentication code transmission request. The user authentication system according to claim 1,
A user authentication system characterized in that the predetermined function is a payment function. The user authentication system according to claim 1,
The main device is
a first authentication unit that performs a first authentication different from authentication using the authentication device;
further comprising a reception section for receiving operating instructions;
The main device further enables reception of the operation instruction via the reception unit if authentication by the first authentication unit is successful;
The user authentication system is characterized in that when the operation instruction for executing the predetermined function is received via the reception unit, the authentication code transmission request is generated. The user authentication system according to claim 1,
The main device is
further comprising a second authentication unit that performs a second authentication different from authentication using the authentication device,
The user authentication system, wherein the second authentication unit executes the second authentication when the authentication is not determined to be successful. The user authentication system according to claim 1,
The main device includes a transmitting/receiving unit that establishes the communication with the authentication device;
further comprising a main body storage unit that stores a non-establishment period that is a period in which the transmission and reception unit was unable to establish the communication,
A user authentication system characterized in that the main device does not generate the authentication code transmission request when the accumulated non-establishment period exceeds a predetermined period. A mobile terminal,
an authentication code transmission request unit that generates an authentication code transmission request including the first value selected for each transmission and transmits it to a second device that communicates with the mobile terminal;
a verification unit that determines that authentication is successful when the verification code transmitted from the second device in response to the verification code transmission request is included in the verification verification code generated in accordance with the first value;
a canceling unit that enables a predetermined function when the verification unit determines that the authentication is successful;
When receiving the authentication code transmission request from the second device, generating the authentication code according to the first value included in the authentication code transmission request, and sending the authentication code back to the second device. Department and
a storage unit that stores authentication source information having a plurality of sets of the first value and a second value associated with the first value;
a biometric information acquisition unit that obtains biometric information of a holder who holds the mobile terminal;
Equipped with a biometric authentication section,
The authentication code transmission request unit selects the first value from the authentication source information according to a predetermined rule,
The verification unit sets the second value stored in the authentication source information in association with the first value selected by the authentication code transmission request unit as the verification authentication code,
The storage unit further stores the biometric information acquired in advance before authentication as verification biometric information,
In response to the authentication code transmission request, the biometric authentication unit acquires the biometric information, performs biometric authentication using the verification biometric information, and outputs the result to the authentication code generation unit,
The authentication code generation unit generates, as the authentication code, the second value stored in the authentication source information in association with the first value, if the biometric authentication is successful;
The release part is
If the verification unit determines that the authentication is successful, enable a predetermined function,
If the verification unit does not determine that the authentication is successful, a predetermined function is not enabled and a display indicating that the authentication is not determined to be successful is displayed.
Mobile device. A mobile terminal according to claim 8, wherein the mobile terminal is a wearable terminal. 9. The mobile terminal according to claim 8,
A variable output wireless communication device,
An initial setting section;
Before transmitting the authentication code transmission request to the second device, the initial setting section transmits the authentication source information to the second device via the wireless communication device, and transmits the authentication source information to the second device via the wireless communication device. A mobile terminal characterized in that when transmitting the authentication code transmission request, the output of the wireless communication device is lower than the output when transmitting the authentication code transmission request. 9. The mobile terminal according to claim 8,
The mobile terminal characterized in that the predetermined function is a payment function. 9. The mobile terminal according to claim 8,
a first authentication unit that performs a first authentication different from authentication using the second device;
further comprising a reception section for receiving operating instructions;
If the authentication by the first authentication unit is successful, the operation instruction can be accepted via the reception unit,
The mobile terminal is characterized in that when the operation instruction for executing the predetermined function is received via the reception unit, the mobile terminal generates the authentication code transmission request. 9. The mobile terminal according to claim 8,
further comprising a second authentication unit that performs a second authentication different from authentication using the second device,
The mobile terminal, wherein the second authentication unit executes the second authentication when the authentication is not determined to be successful. 9. The mobile terminal according to claim 8,
a transmitting/receiving unit that establishes the communication with the second device;
further comprising a main body storage unit that stores a non-establishment period that is a period in which the transmission and reception unit was unable to establish the communication,
The mobile terminal is characterized in that the authentication code transmission request unit does not generate the authentication code transmission request when the accumulated non-establishment period exceeds a predetermined period. The user authentication system according to claim 1,
Each of the first values of the authentication source information is further associated with a third value different from the second value,
User authentication characterized in that, when the biometric authentication fails, the authentication device uses the third value stored in the authentication source information in association with the first value as the authentication code. system. 9. The mobile terminal according to claim 8,
Each of the first values of the authentication source information is further associated with a third value different from the second value,
The mobile phone characterized in that, when the biometric authentication fails, the authentication code generation unit sets the third value stored in the authentication source information in association with the first value as the authentication code. terminal.

Images