JP6227379B2 - Wearable device and authentication method - Google Patents

Description

  The present invention relates to a technique for using a wearable device for authentication.

  There is a technology that uses a wearable device for authentication. For example, in Patent Document 1, when a band-type biometric authentication device performs biometric authentication, it turns on an authentication completion flag indicating a state in which authentication is completed, and outputs a permission signal that permits the use of an external device, A technique is described in which the authentication completion flag is turned off when the biometric authentication device is removed.

JP 2007-313295 A

In addition to the band type device described in Patent Document 1, there are various types of wearable devices such as a spectacle type, a necklace type, a ring type, and a hat type. Among them, the wearing time is long. Some people use it by removing it from time to time and wearing it again because it gets tired and dirty. In the technique of Patent Document 1, when such a wearable device is attached or detached, the authentication completion flag is turned off each time, and authentication (biometric authentication in this technique) is required again, which is inconvenient.
Accordingly, an object of the present invention is to improve the convenience of authentication using a wearable device.

In order to achieve the above object, the present invention provides a storage unit for storing information, a mounting unit for mounting the device on a user, and a determination for determining whether the device is mounted on the user by the mounting unit. If means and a situation where a host device is determined to be attached to the user, a first authenticated information indicating that authentication after completion of the user is stored in the storage means, the device itself is mounted If the determination that the device is attached and the determination that the device is not attached are repeated more than a predetermined number of times before a predetermined time elapses after the determination that the device is not attached , the authentication from the storage means A storage control unit that deletes the completed information, and a process for performing the second authentication based on the authenticated information and substituting the first authentication when the authenticated information is stored in the storage unit. Do Providing a wearable device and a physical means.

The present invention also includes a storage unit that stores information, a mounting unit that causes the user to mount the device, a determination unit that determines whether the device is mounted on the user by the mounting unit, If it is determined that the user is worn, the authenticated information indicating that the first authentication of the user has been completed is stored in the storage means, and it is determined that the own device is not worn. And storage control for deleting the authenticated information from the storage unit when a deletion condition for deleting the authenticated information is satisfied depending on the type of the device or the mounting unit. A wearer comprising: means; and processing means for performing processing for performing second authentication that substitutes for the first authentication based on the authenticated information when the authenticated information is stored in the storage means Providing Le device.
The present invention also includes a storage unit that stores information, a mounting unit that causes the user to mount the device, a determination unit that determines whether the device is mounted on the user by the mounting unit, In a state where it is determined that the user is worn, the authenticated information indicating that the first authentication of the user has been completed is stored in the storage means, and it is determined that the own device is not worn. And when the deletion condition for deleting the authenticated information is different depending on the method for the determination to be performed by the determination means, the authentication is completed from the storage means. Storage control means for deleting information, and processing for causing the second authentication to replace the first authentication based on the authenticated information when the authenticated information is stored in the storage means Processing hand Providing a wearable device comprising a and.

In addition, a storage unit that stores information, a mounting unit that causes the user to mount the device, a determination unit that determines whether the device is mounted on the user by the mounting unit, and the device that is mounted on the user In the state where it is determined that the first authentication of the user has been completed, the storage unit stores authenticated information indicating that the first authentication of the user has been completed, and it is determined that it is not determined that the own device is not installed. In addition, when the deletion conditions for deleting the authenticated information satisfy different deletion conditions depending on the reliability required for the first authentication, the authenticated information is stored from the storage unit. And a process for performing a process for causing the second authentication to replace the first authentication based on the authenticated information when the authenticated information is stored in the storage means. Means To provide a wearable device to obtain.
The present invention also includes a storage unit that stores information, a mounting unit that causes the user to mount the device, a determination unit that determines whether the device is mounted on the user by the mounting unit, In a state where it is determined that the user is worn, the authenticated information indicating that the first authentication of the user has been completed is stored in the storage means, and it is determined that the own device is not worn. The storage means when it is determined that the authentication information is deleted and a deletion condition for deleting the authenticated information is satisfied, and when a predetermined time elapses after it is determined that the own apparatus is mounted. A storage control unit that deletes the authenticated information from the storage unit, and the second authentication that replaces the first authentication based on the authenticated information when the authenticated information is stored in the storage unit. Process Providing a wearable device and a physical means.

According to the present invention, a wearable device comprising a storage unit for storing information and a mounting unit for mounting the device on a user determines whether the device is mounted on the user by the mounting unit. And when the wearable device is in a state where it is determined that the user device is worn by the user, the storage means stores authenticated information indicating that the first authentication of the user has been completed. When the determination that the device is mounted and the determination that the device is not mounted is repeated more than a predetermined number of times after a predetermined time elapses after it is determined that the device is not mounted. A storage control step for deleting the authenticated information from the means, and the wearable device, when the authenticated information is stored in the storage means, based on the authenticated information. And and a processing step of performing processing for performing a second authentication to replace the first authentication provides an authentication method.
According to the present invention, a wearable device comprising a storage unit for storing information and a mounting unit for mounting the device on a user determines whether the device is mounted on the user by the mounting unit. And when the wearable device is in a state where it is determined that the user device is worn by the user, the storage means stores authenticated information indicating that the first authentication of the user has been completed. The storage means when it is determined that the apparatus is not attached and the deletion condition for deleting the authenticated information is different depending on the type of the own apparatus or the attachment means. A storage control step for deleting the authenticated information from the storage device, and the wearable device, when the authenticated information is stored in the storage means, based on the authenticated information and It provides an authentication method and a processing step of performing processing for performing a second authentication to replace the serial first authentication.

According to the present invention, a wearable device comprising a storage unit for storing information and a mounting unit for mounting the device on a user determines whether the device is mounted on the user by the mounting unit. when the wearable device, if the self apparatus is a state that is determined to be attached to the user, stores the first authentication completion information indicating that authentication after completion of the user in the storage means, the own When it is determined that it is not determined that the device is not mounted, and the deletion condition for deleting the authenticated information is satisfied depending on the determination method in the determination step. The storage control step of deleting the authenticated information from the storage means, and the wearable device, when the authenticated information is stored in the storage means, It provides an authentication method and a processing step of performing processing for performing a second authentication and replacing the first authentication based on the authentication completion information.
According to the present invention, a wearable device comprising a storage unit for storing information and a mounting unit for mounting the device on a user determines whether the device is mounted on the user by the mounting unit. And when the wearable device is in a state where it is determined that the user device is worn by the user, the storage means stores authenticated information indicating that the first authentication of the user has been completed. It is determined that it is not determined that the device is not attached, and there are deletion conditions for deleting the authenticated information, and there are different deletion conditions depending on the degree of reliability required for the first authentication. A storage control step for deleting the authenticated information from the storage means when satisfied, and when the wearable device stores the authenticated information in the storage means. It provides an authentication method and a processing step of performing processing for performing a second authentication and replacing the first authentication based on the authenticated information.
According to the present invention, a wearable device comprising a storage unit for storing information and a mounting unit for mounting the device on a user determines whether the device is mounted on the user by the mounting unit. And when the wearable device is in a state where it is determined that the user device is worn by the user, the storage means stores authenticated information indicating that the first authentication of the user has been completed. When it is determined that it is not determined that the device is not mounted and the deletion condition for deleting the authenticated information is satisfied, and a predetermined time after it is determined that the device is mounted A storage control step of deleting the authenticated information from the storage means, and when the wearable device stores the authenticated information in the storage means. It provides an authentication method and a processing step of performing processing for performing a second authentication and replacing the first authentication based on the authentication completion information.

  ADVANTAGE OF THE INVENTION According to this invention, the convenience of the authentication using a wearable apparatus can be improved.

The figure which shows an example of the whole structure of the authentication system of 1st Embodiment. The figure which shows an example of the hardware constitutions of a wearable apparatus The figure which shows an example of a function structure of a wearable apparatus Sequence diagram showing an example of operation of each device in user authentication processing The sequence diagram which shows an example of other operation | movement of each apparatus in a user authentication process Flow chart showing an example of operation of wearable device in user authentication processing The figure which shows an example of a function structure of the wearable apparatus of a modification The figure which shows an example of the hardware constitutions of the wearable apparatus of a modification The figure which shows an example of the hardware constitutions of the wearable apparatus of a modification

[1] First Embodiment [1-1] Overall Configuration FIG. 1 is a diagram illustrating an example of the overall configuration of an authentication system according to a first embodiment. In this example, an authentication system 1 including a wearable device 10, a first authentication device 20, a second authentication device 30, and a network 2 to which these devices are connected is shown. The network 2 is a system that performs communication including the Internet, a mobile communication network, and the like, and mediates exchange of data between devices connected to the system.

  The second authentication device 30 is a computer that authenticates that the user corresponding to the user information is the user when the user information corresponding to the user is transmitted via the network 2. This authentication is hereinafter referred to as “user authentication”. The user information is, for example, identification information for identifying the user, biometric information representing the characteristics of the user's biological body, and the like. As the identification information, a user ID (IDentification) assigned to the user by a service using authentication, a manufacturing number assigned to the device used by the user, or the like is used. As biometric information, fingerprint information indicating the shape of a fingerprint, voiceprint information indicating a voiceprint pattern, retina information indicating a retina pattern, or the like is used.

  In the present embodiment, the second authentication device 30 stores user information for each user in advance, and the stored user information matches the transmitted user information with a level that is determined or higher. If there is, it authenticates that the user is the principal. For example, in the case of a user ID, the second authentication device 30 determines that the user ID matches only when it matches 100%, and in the case of fingerprint information, the second authentication device 30 determines that the user ID matches even if it matches 95% or more instead of 100%. . In this embodiment, the second authentication device 30 performs authentication based on user identification information (hereinafter referred to as “identification information authentication”) and authentication based on user biometric information (hereinafter referred to as “biometric authentication”). Do as.

  When the second authentication device 30 authenticates that the user is the user, that is, when the user authentication is performed, the user authentication is completed in a service providing device (not shown) that provides services to the authenticated user. Notify that. Thereby, the service is provided from the service providing apparatus to the user. Further, when biometric authentication is performed out of user authentication, the second authentication device 30 transmits information indicating that the user's biometric authentication has been completed (hereinafter referred to as “authenticated information”) to the first authentication device 20. .

  The first authentication device 20 is a computer that acquires user information and transmits it to the second authentication device 30 via the network 2. The first authentication device 20 includes, for example, a communication unit that performs wireless communication conforming to NFC (Near Field Communication), and a reading unit that reads biometric information of the user. For example, the first authentication device 20 performs wireless communication by wireless communication means to acquire identification information, and transmits the acquired identification information to the second authentication device 30 as user information. In addition, the first authentication device 20 transmits the biometric information read by the reading unit to the second authentication device 30 as user information. In addition, when the authenticated information is transmitted from the second authenticating device 30, the first authenticating device 20 transmits the received authenticated information to the wearable device 10.

  The wearable device 10 is a computer that is used by being worn by a user. The wearable device 10 has, for example, a shape such as a bracelet, a necklace, a ring, glasses, a hat, a belt, and clothes. Like the first authentication device 20, the wearable device 10 includes a communication unit that performs NFC-compliant wireless communication. In this embodiment, the wearable device 10 stores identification information such as a user ID, wirelessly communicates with the first authentication device 20, and transmits the stored identification information to the first authentication device 20. Further, when the authenticated information is transmitted from the first authentication device 20, the wearable device 10 stores the received authenticated information. The authentication system 1 performs authentication based on this authenticated information and substitutes for biometric authentication (hereinafter referred to as “alternative authentication”). Details of the alternative authentication will be described later. Biometric authentication is an example of “first authentication” in the present invention, and alternative authentication is an example of “second authentication” in the present invention.

[1-2] Hardware Configuration FIG. 2 is a diagram illustrating an example of a hardware configuration of the wearable device 10. The wearable device 10 is a computer including a control unit 11, a storage unit 12, a communication unit 13, a mounting unit 14, and a sensor unit 15. The control unit 11 includes a CPU (Central Processing Unit), a ROM (Read Only Memory), a RAM (Random Access Memory), and a real time clock. The CPU is stored in the ROM or the storage unit 12 using the RAM as a work area. The operation of each part is controlled by executing a program. The real time clock calculates the current date and time and notifies the CPU.

  The storage unit 12 includes a flash memory and the like, and is a storage unit that stores information. The storage unit 12 stores information such as data and programs used by the control unit 11 for control. The storage unit 12 stores the identification information and the authenticated information described above. The communication unit 13 includes a communication circuit for performing wireless communication compliant with NFC, and is a communication unit that performs wireless communication with the first authentication device 20, for example. The mounting unit 14 is a mounting unit that allows the user to mount the device. For example, if the own device is a bracelet type or a ring type, the mounting portion 14 is a ring part of the housing of the own device, and if the own device is a necklace type or a glasses type, It is the part that is hung on the head and supports the device itself. Moreover, if the mounting part 14 is a hat type, a belt type, and a clothes type | mold, it will be a part which supports an own apparatus, when it wears on a user's body.

  The sensor unit 15 includes a sensor that outputs data (hereinafter referred to as “determination data”) used to determine whether or not the own device is mounted on the user by the mounting unit 14. The sensor unit 15 includes, for example, a proximity sensor that detects the proximity of the user. The determination data in this case is data indicating whether or not there is an object close to the proximity sensor. In addition, for example, when the wearable device 10 is a bracelet type or a necklace type and includes a mounting portion 14 that is worn by the user by closing the clasp, the sensor unit 15 detects opening / closing of the clasp. It has an open / close sensor. The determination data in this case is data indicating whether or not the clasp is closed.

  In addition to the sensors described above, the sensor unit 15 includes a temperature sensor that detects the user's body temperature, an optical sensor that detects whether or not the user's body is blocking ambient light, and the device itself is pressed against the user's body. It may have a pressure sensor for detecting whether there is a pulse, a pulse sensor for detecting a user's pulse, a sweat sensor for detecting a component of the user's sweat, and the like. In short, the sensor unit 15 may have any sensor as long as the sensor unit 15 can be used to determine whether or not the device is attached to the user. The sensor unit 15 is not limited to one sensor, and may include a plurality of sensors.

  The sensor unit 15 is provided in the wearable device 10 so as to be disposed at a position where information that the sensor should detect when the wearable device 10 is worn by a user. For example, if the sensor unit 15 includes a proximity sensor, the sensor unit 15 is provided so that the proximity sensor faces the user's body when the apparatus is mounted, and the sensor unit 15 includes a temperature sensor. The temperature sensor is provided at a position where the body temperature of the user can be detected when the user apparatus is mounted. The sensor unit 15 outputs, for example, a predetermined time interval (such as every second or every 10 seconds), a predetermined time (such as a start time every minute), or when requested by the control unit 11 or the like. The determined data is supplied to the control unit 11.

[1-3] Functional Configuration The wearable device 10 performs user authentication processing for authenticating that the user wearing the device is the person himself / herself based on the above hardware configuration. The control unit 11 executes the program stored in the storage unit 12 to control each unit, thereby realizing the functions described below.
FIG. 3 is a diagram illustrating an example of a functional configuration of the wearable device 10. The wearable device 10 includes a determination unit 101, a storage control unit 102, and a processing unit 103.

[1-3-1] Determination Unit 101
The determination unit 101 is an example of a unit that determines whether or not the own apparatus is mounted on the user by the mounting unit 14. If the sensor unit 15 includes a proximity sensor, the determination unit 101 determines that the device is attached to the user when the proximity sensor outputs determination data indicating the proximity of the object. In addition, if the sensor unit 15 has an open / close sensor, the determination unit 101 is attached to the user when the open / close sensor outputs determination data indicating that the clasp is closed. It is determined that

  The determination means 101 stores a range of values of determination data indicating that the apparatus is attached to the user, regardless of the type of sensor the sensor unit 15 has. If the determination data indicates a value within the range, it is determined that the user apparatus is attached to the user. The determination unit 101 makes a determination at a predetermined time interval or a predetermined time, and also makes a determination when authenticated information is transmitted from the first authentication device 20 to the own device. The determination unit 101 supplies result data indicating the result of the determination made to the storage control unit 102.

[1-3-2] Storage control unit 102
[1-3-2-1] Storage of Authenticated Information The storage control unit 102 is in a state where the determination unit 101 determines that the own device is mounted on the user (hereinafter referred to as “mounted state”). This is an example of means for storing in the storage unit 12 authenticated information about the user, that is, information indicating that the user has been biometrically authenticated. When the authenticated information is transmitted from the first authentication device 20 to the wearable device 10, the determination unit 101 performs determination as described above and supplies the result data to the storage control unit 102.

  At this time, when the result data indicating the determination result that the own device is attached is supplied, the storage control unit 102 determines that the device is in the attached state, stores the authenticated information in the storage unit 12, and When the result data indicating the determination result that the device is not attached is supplied, the received authenticated information is discarded without being stored in the storage unit 12. Such abandonment of authenticated information is performed, for example, when the user performs biometric authentication with the wearable device 10 removed.

  Note that when the determination unit 101 makes frequent determinations at intervals of, for example, every second, the next determination is performed immediately after receiving the authenticated information. It does not have to be done. In this case, the storage control unit 102 is supplied with the result data indicating the determination result that the own device is not mounted after the result data indicating the determination result that the own device is mounted is supplied from the determination unit 101. It is determined that it is always in a wearing state during a period until it is attached, and it is determined that it is not in a wearing state during other periods, and authentication information is stored or discarded.

[1-3-2-2] Deletion of Authenticated Information Further, the storage control unit 102 determines that the own device is not attached by the determination unit 101 and deletes the above-described authenticated information. If the condition is satisfied, the authenticated information is deleted from the storage unit 12. This determination is also a determination for determining whether or not to delete the authenticated information, and is hereinafter referred to as “deletion determination”. The storage control unit 102 performs the deletion determination every time result data is supplied from the determination unit 101. After storing the authenticated information, the storage control unit 102 determines whether or not the deletion condition is satisfied when the result data indicating that the apparatus is not attached is supplied. In the present embodiment, the storage control unit 102 uses the first and second deletion conditions.

  The storage control unit 102 determines that the first deletion condition is satisfied when a predetermined time has elapsed since the determination unit 101 determined that the device itself is not attached. This time is a time for allowing the authenticated information not to be deleted even if the wearable device 10 is not worn by the user, and is hereinafter referred to as an “allowable time”. If the allowable time is, for example, 1 minute, the storage control means 102 keeps storing the authenticated information without deleting it until one minute has passed after it is determined for the first time that its own device is not attached. When one minute has passed, the authenticated information is deleted. Further, the storage control means 102 returns to the state where the deletion determination is not performed if the result data indicating that the own apparatus is mounted again is supplied before one minute elapses.

  A user wearing the wearable device 10 may remove the wearable device 10 for a while for reasons such as removing fatigue due to wearing or removing dirt from the wearable device 10. At this time, even if the authenticated information is always deleted even if the wearable device 10 is not attached, biometric authentication is required again each time, which is inconvenient for the user. When the deletion determination using the first deletion condition is performed, the authenticated information is deleted when the wearable device 10 worn by the user is removed and then attached again before the allowable time elapses. Therefore, the convenience of the user can be improved as compared with the case where the authenticated information is not deleted using the first deletion condition.

  Further, the storage control unit 102 determines that the determination unit 101 has not been mounted and determines that the determination unit 101 has not mounted the device until the above-described allowable time elapses. When the determination is repeated a predetermined number of times or more, it is determined that the second deletion condition is satisfied. This number of times represents the number of times that the wearable device 10 has been determined to be detached, and is hereinafter referred to as “desorption determination number”. For example, if the permissible time is 1 minute and the number of attachment / detachment determinations is 5, the storage control means 102 determines whether or not the device itself is not attached for the first time, even after 1 minute has passed. If the determination of wearing is repeated five times or more, the authenticated information is deleted.

  When the user normally uses the wearable device 10, the attachment / detachment is hardly repeated, and the attachment / detachment determination is hardly repeated. For example, when the user removes the wearable device 10 and carries it in a bag or the like, for example, the proximity sensor repeats whether or not the proximity sensor detects the proximity of the object in the bag. There is a case. If such repetition continues, the wearable device 10 that is not worn by the user continues to store the authenticated information indefinitely, and as a result, the risk of other users performing user authentication using the wearable device 10 increases. Since the deletion determination using the second deletion condition is performed, the authenticated information can be deleted when the determination of desorption is repeated, and the authenticated information is deleted using the second deletion condition. Compared to the case where there is no user authentication, it is possible to make it difficult for other users to perform user authentication.

[1-3-3] Processing means 103
When the authenticated information is stored in the storage unit 12, the processing unit 103 performs the above-described alternative authentication, that is, a process for performing authentication based on the authenticated information and substituting biometric authentication (hereinafter referred to as “alternative authentication”). It is an example of a means for performing “processing”. For example, if the authenticated information is stored in the storage unit 12 when the wearable device 10 and the first authentication device 20 are close to a distance where wireless communication can be performed, the processing unit 103 stores the authenticated information as the first information. The process transmitted to the authentication device 20 is performed as an alternative authentication process. The first authentication device 20 transmits the received authenticated information to the second authentication device 30, and when the second authentication device 30 receives the authenticated information, the user indicated by the received authenticated information is the principal. Certify.

  In addition to the alternative authentication process, the processing unit 103 performs a process for performing the above-described identification information authentication, that is, authentication based on the identification information stored in the storage unit 12 (hereinafter referred to as “identification information authentication process”). I do. As in the alternative authentication process described above, the processing unit 103 uses the first authentication device to store the identification information stored in the storage unit 12 when the wearable device 10 and the first authentication device 20 approach a distance that allows wireless communication. The process transmitted to 20 is performed as the identification information authentication process. The second authentication device 30 performs identification information authentication based on the identification information transferred by the first authentication device 20.

  When the second authentication device 30 performs alternative authentication and identification information authentication as described above, for example, the authentication is completed for a service providing device that provides a service to a user who has completed biometric authentication and identification information authentication. Notify me. As a result, a service that requires biometric authentication and identification information authentication is provided to a user who has undergone alternative authentication and identification information authentication. Further, by performing identification information authentication in addition to biometric authentication or alternative authentication, for example, even if another person uses the wearable device 10 in which the user identification information is stored, the authenticated information can be stored. Since the identification information is not information for identifying itself, user authentication is not performed during biometric authentication or alternative authentication. As described above, the processing unit 103 performs the identification information authentication process, thereby preventing other people from performing user authentication using the wearable device 10.

  Further, the processing unit 103 does not perform the alternative authentication process in a state where the determination unit 101 determines that the own device is not mounted (hereinafter referred to as “non-mounted state”). When the storage control unit 102 performs the deletion determination as described above, if the deletion condition is not satisfied even in the non-arrival state, the authenticated information is stored in the storage unit 12. In this case, when the processing unit 103 performs the alternative authentication process, for example, another person performs user authentication using the wearable device 10 during a period from when the user removes the wearable device 10 until the authenticated information is deleted. Can be done. By preventing the alternative authentication process from being performed when the processing unit 103 is not attached, it is possible to make it difficult for another person to perform user authentication as compared with the case where the alternative authentication process is performed even when the processor 103 is not attached.

[1-4] Operation The authentication system 1 performs the above-described user authentication process based on the above configuration. The operation of each device in the user authentication process will be described with reference to FIG. 4, FIG. 5, and FIG.
FIG. 4 is a sequence diagram illustrating an example of the operation of each device in the user authentication process. FIG. 4 shows an example of the operation when biometric authentication is performed. That is, in the example of FIG. 4, the wearable device 10 does not store authenticated information. The user authentication process is started when the wearable device 10 attached to the user approaches a distance that allows communication with the first authentication device 20. The wearable device 10 is assumed to be continuously worn by the user while the operation shown in FIG. 4 is being performed.

  First, when NFC communication with the wearable device 10 becomes possible, the first authentication device 20 transmits request data for requesting transmission of identification information to the wearable device 10 (step S11). When receiving the request data, wearable device 10 transmits the stored identification information to first authentication device 20 (step S12). Step S12 is an operation performed by the processing means 103. When receiving the identification information, the first authentication device 20 transmits the received identification information to the second authentication device 30 (step S13). Upon receiving the identification information, the second authentication device 30 performs identification information authentication based on the received identification information (step S14).

  Next, when the user performs an operation that causes the reading means of the first authentication device 20 to read the biological information, the first authentication device 20 reads the biological information from the user's body (step S21). The first authentication device 20 transmits the read biometric information to the second authentication device 30 (step S22), and the second authentication device 30 performs biometric authentication based on the received biometric information (step S23). The second authentication device 30 that has performed biometric authentication transmits the authenticated information to the first authentication device 20 (step S24), and the first authentication device 20 transmits the received authenticated information to the wearable device 10 (step S24). S25). The wearable device 10 stores the authenticated information received in step S25 in the storage unit (step S26). Steps S25 and S26 are operations performed by the storage control means 102. The second authentication device 30 performs identification information authentication in step S14 and biometric authentication in step S23, so that user authentication is completed. For example, the second authentication device 30 notifies the above-described service providing device that user authentication has been completed. (Step S31).

  FIG. 5 is a sequence diagram illustrating an example of another operation of each apparatus in the user authentication process. FIG. 5 shows an example of the operation when alternative authentication is performed. That is, in the example of FIG. 5, the wearable device 10 stores the authenticated information. It is assumed that the wearable device 10 continues to be worn by the user even during the operation shown in FIG. In this example, first, step S11 (transmission of request data) shown in FIG. 4 is performed. Next, when the wearable device 10 receives the request data, it transmits the stored identification information and authenticated information to the first authentication device 20 (step S41). Step S41 is an operation performed by the processing means 103. When receiving the identification information and the authenticated information, the first authentication device 20 transmits the received information to the second authentication device 30 (step S42). When receiving the identification information and the authenticated information, the second authentication device 30 performs identification information authentication and alternative authentication based on the received information (step S43). Since the user authentication is thereby completed, the second authentication device 30 performs the operation of step S31 (notification of user authentication) as in the example of FIG.

  FIG. 6 is a flowchart showing an example of the operation of the wearable device 10 in the user authentication process. The operation illustrated in FIG. 6 is started when the wearable device 10 is turned on, and is repeatedly performed while power is supplied. Wearable device 10 first determines whether or not its own device is worn by the user (step S51). Step S52 is an operation performed by the determination unit 101. If it is determined that the wearable device 10 is attached (YES), then the wearable device 10 determines whether or not the request data from the first authentication device 20 has been received (step S52). If it is determined (YES), the identification information is transmitted to the first authentication device 20 (step S53).

  Subsequently, wearable device 10 determines whether or not the device itself stores the authenticated information (step S54). If the wearable device 10 determines that the information is stored in step S54 (YES), the wearable device 10 transmits the authenticated information to the first authentication device 20 (step S55), and returns to step S51 to perform the operation. Wearable device 10 receives authenticated information when it is determined in step S52 that request data has not been received (NO), or when it has been determined in step S54 that authenticated information has not been stored (NO). It is determined whether or not it has been done (step S61).

  When it is determined that the wearable device 10 has received (YES) in step S61, the wearable device 10 stores the received authenticated information in the storage means (step S62), and returns to step S51 to perform the operation. If wearable device 10 determines that it has not been received (NO) in step S61, it returns to step S51 and operates. Step S12 (transmission of identification information) shown in FIG. 4 represents the case where only step S53 of FIG. 6 is performed, and step S41 (transmission of identification information and authenticated information) shown in FIG. This represents a case where both steps S53 and S55 are performed. These steps are operations performed by the processing means 103. Further, steps S61 and S62 in FIG. 6 represent the operation of step S26 (storage of authenticated information) shown in FIG. 4, that is, the operation performed by the storage control means 102.

  If the wearable device 10 determines in step S51 that the device is not worn by the user (NO), the wearable device 10 determines whether the storage unit 12 authenticated information is stored (step S71). When wearable device 10 determines that it is stored in step S71 (YES), it determines whether or not the deletion condition is satisfied (step S72), and determines that it is satisfied (YES). Then, the authenticated information is deleted from the storage unit 12 (step S73). Wearable device 10 returns to step S51 when it is determined that it is not stored in step S71 (NO), when it is determined that the deletion condition is not satisfied (NO) in step S72, and after the operation of step S73 is performed. Perform the operation. Steps S71, S72, and S73 are operations performed by the storage control unit 102.

  As described above, the user wearing the wearable device 10 may remove the wearable device 10 for a while, and it is inconvenient for the user to always delete the authenticated information and require biometric authentication again each time. is there. In this embodiment, even if the wearable device 10 is no longer worn by the user, the authenticated information is not deleted while the deletion condition is not satisfied. By using a deletion condition that is not satisfied when the user removes the wearable device 10 for the above reasons, the authenticated information continues to be stored even after the wearable device 10 is mounted again, and biometric authentication is not performed. The state in which user authentication is possible by alternative authentication is continued.

  As shown in FIG. 4, when identification information authentication and biometric authentication are performed as user authentication, the user brings the wearable device 10 close to the first authentication device 20 and also reads the reading unit of the first authentication device 20. It is necessary to perform an operation to read biological information. On the other hand, as shown in FIG. 5, when identification information authentication and alternative authentication are performed as user authentication, the user only needs to bring the wearable device 10 closer to the first authentication device 20, thereby reducing labor. The According to the present embodiment, the convenience of authentication using the wearable device can be improved as compared with the case where the authenticated information is not deleted based on the deletion condition.

[2] Second Embodiment Hereinafter, a second embodiment of the present invention will be described focusing on differences from the first embodiment. In the first embodiment, the first and second deletion conditions determined using a predetermined time or a predetermined number of times are used. When these deletion conditions are used in a plurality of wearable devices 10, a common deletion condition is used in any wearable device 10 unless a user or a service provider changes a predetermined time or a predetermined number of times for each device. Will be. In the second embodiment, different deletion conditions are used depending on the wearable device 10 without requiring the user or the service provider to take such trouble. Below, the 3rd, 4th, and 5th deletion conditions which are such deletion conditions are explained.

[2-1] Third Deletion Condition The storage control unit 102 deletes the authenticated information using a deletion condition that differs depending on the type of the own device or the type of the mounting unit 14 as the third deletion condition. The type of own device, that is, the wearable device 10 is a type such as the above-described bracelet type, ring type, necklace type, glasses type, hat type, belt type, or clothes type. For example, the storage control unit 102 uses, as the third deletion condition, the allowable time in the first deletion condition set as the allowable time according to the type of the device itself. As the allowable time according to the type of the device itself, for example, the time for the user to perform some work such as removing the wearable device 10 and wiping sweat or removing dirt (hereinafter referred to as “working time”. Here, 10 seconds). And the time required for detaching the wearable device 10 is determined. Specific examples are 10 seconds + 2 seconds = 12 seconds for glasses and hats, 10 seconds + 4 seconds = 14 seconds for bracelets, rings and necklaces, and 10 seconds + 10 seconds for belts. = 20 seconds, and in the case of clothes, 10 seconds + 30 seconds = 40 seconds.

  For example, if 12 seconds which is the shortest allowable time has elapsed in any type of wearable device 10, if the authenticated information is deleted, the authenticated information is always deleted once removed from the clothes-type wearable device 10. End up. On the other hand, in any type of wearable device 10, if the authenticated information is deleted when the maximum allowable time of 40 seconds elapses, the wearable device 10 can be easily attached and detached like a glasses-type device. Even after the working time is removed, the time of 30 seconds or more remains after the time when the device is removed and the time when it must be mounted again. The longer the remaining time is, the greater the risk that another person will use wearable device 10 to perform user authentication including alternative authentication. When the third deletion condition is used, the time when the wearable device 10 can be used by the user or another person when the wearable device 10 is attached / detached can be determined according to the type of the device. While maintaining convenience, it is possible to make it difficult for another person to perform user authentication.

  Examples of the type of the mounting portion 14 when the wearable device 10 is a bracelet type include a fixed type that does not deform the ring portion, a deformation type that freely deforms the ring portion, and an elastic type that has elasticity in the ring portion. is there. For example, the storage control unit 102 uses, as the third deletion condition, the number of desorption determinations in the second deletion condition set as the number of desorption determinations according to the type of the mounting unit 14. As the number of attachment / detachment determinations according to the type of the mounting part 14, for example, a fixed number of times is 2 times, an elastic type is 4 times, and a deformed type is 6 times.

  The repetition of the attachment / detachment determination in the bag as described above is unlikely to occur because the casings of the own apparatus do not come close to each other in the fixed type. On the other hand, if the type is a deformation type, the housings of the own apparatus easily approach each other, so that it is easy to repeat the attachment / detachment determination. For this reason, if the number of attachment / detachment determinations is determined to be the largest number of 6 in the above example for any type of attachment unit 14, the deletion condition is difficult to be satisfied when the attachment unit 14 is a standard type, and the authenticated information is It becomes difficult to be deleted.

  On the other hand, while the user is wiping off the dirt on the wearable device 10, there is a possibility that repeated attachment / detachment determinations may occur due to the housings of the own device sticking to or away from each other. For this reason, if the number of attachment / detachment determinations is determined to be the smallest two times in the above example for any type of attachment unit 14, the wearable device 10 is intended to be attached immediately by the user when the attachment unit 14 is a modified type. While wiping, the deletion condition may be satisfied and the authenticated information may be deleted.

When the third deletion condition is used, the number of attachment / detachment determinations can be determined for each type of the attachment unit 14 according to the likelihood of repetition of the attachment / detachment determination. In the wearable device 10 including any type of attachment unit 14 Thus, it is possible to prevent user authentication by others from being performed while maintaining user convenience.
In the above example, the allowable time according to the type of the own device and the number of attachment / detachment determinations according to the type of the mounting unit 14 are used, but these may be reversed, or the type of the own device (the mounting unit 14). Both the allowable time and the number of desorption determinations depending on the type) may be used.

[2-2] Fourth Deletion Condition The storage control unit 102 deletes the authenticated information by using a different deletion condition as the fourth deletion condition depending on how the determination unit 101 performs the determination. The method of determining by the determining unit 101 is, for example, a method according to the type of the sensor included in the sensor unit 15, that is, a proximity sensor, an open / close sensor, a temperature sensor, a light sensor, a pressure sensor, a pulse sensor, a sweat sensor, and the like. Hereinafter, it is simply referred to as “determination method”. For example, the storage control unit 102 uses the allowable time in the first deletion condition as the allowable time according to the determination method as the fourth deletion condition.

  As the allowable time according to the determination method, for example, the response of the sensor used in each determination method to the above-described work time (time for performing some work on the wearable device 10; 10 seconds as in the above example) The time added according to the characteristic is determined. For example, the time corresponding to the response characteristic is shorter as the response is faster. Specifically, if the sensor used is a pressure sensor, an optical sensor, or an open / close sensor, 10 seconds + 2 seconds = 12 seconds, if the sensor is a proximity sensor, a sweat sensor, 10 seconds + 6 seconds = 16 seconds, a temperature sensor, a pulse sensor In this case, it is determined that 10 seconds + 10 seconds = 20 seconds. In this example, it is assumed that the pressure sensor, the optical sensor, the open / close sensor> the proximity sensor, the sweat sensor> the temperature sensor, and the pulse sensor are in order from the highest response speed.

  For example, if 12 seconds which is the shortest permissible time has passed in any determination method and the authenticated information is to be deleted, if a sensor with a slow response speed such as a temperature sensor is used, the device once removed When it is worn again, it takes time for the temperature sensor to detect the body temperature and determine that it has been worn, so that an allowable time may elapse before that. On the other hand, if the authenticated information is deleted when 20 seconds which is the longest allowable time has passed in any determination method, and a sensor capable of detecting pressure immediately such as a pressure sensor is used, the working time Even if is removed, a longer time remains until the allowable time elapses. The longer the remaining time is, the greater the risk that another person will use wearable device 10 to perform user authentication including alternative authentication. When the fourth deletion condition is used, the wearable device 10 can be determined according to the determination method when the wearable device 10 can be used by the user or another person when the wearable device 10 is attached or detached. While maintaining user convenience, it is possible to make it difficult for a user to be authenticated by another person.

[2-3] Fifth Deletion Condition The storage control unit 102 deletes the authenticated information using a different deletion condition as the fifth deletion condition depending on the degree of reliability required for user authentication. The reliability required for user authentication is represented by, for example, the level of confidentiality of information handled by user authentication. The higher the confidentiality of such information, the higher the reliability required for user authentication. Get higher. The information handled by user authentication is, for example, information handled in the service provided by the service providing apparatus described above. As an example, information handled by a service including buying and selling is more confidential than information handled by a service that only searches for information. For example, the storage control unit 102 uses, as the fifth deletion condition, the allowable time in the first deletion condition that is an allowable time corresponding to the level of confidentiality of information.

  As the allowable time according to the level of confidentiality, for example, a time obtained by adding the time corresponding to the level of confidentiality to the above-described working time (10 seconds as in the above example) is determined. As a specific example, the confidentiality is divided into three stages of “high”, “medium”, and “low”. When the confidentiality is “high”, 10 seconds + 5 seconds = 15 seconds, and “medium” Is defined as 10 seconds + 10 seconds = 20 seconds, and in the case of “low”, 10 seconds + 20 seconds = 30 seconds. Information indicating the high reliability required for user authentication, such as information indicating the high level of confidentiality, is hereinafter referred to as “reliability information”. That is, the information indicating the high level of secrecy is an example of reliability information.

  The reliability information is stored in the second authentication device 30 in association with the user identification information, for example, and the reliability required for user authentication in the service provided to the user identified by the identification information is determined. As shown. The second authentication device 30 transmits reliability information associated with the identification information transmitted from the wearable device 10 toward the wearable device 10 together with the authenticated information. The wearable device 10 stores the reliability information together with the authenticated information and uses it for the determination of the fifth deletion condition.

In the example described above, the higher the confidentiality of the information handled by the user authentication, the easier it is for the authenticated information to be deleted, and the user authentication by others can be made difficult.
In addition to the confidentiality of the above information, the reliability information includes, for example, the social recognition level of the company that provides the service, the size of the user, the social status of the main user, the ability to transmit information about those users, etc. It may be information indicating the degree of reliability required for user authentication according to the above.

[3] Modified Examples Each of the above-described embodiments is merely an example of the embodiment of the present invention, and may be modified as follows. Moreover, you may implement each embodiment mentioned above and each modification shown below, combining each as needed.

[3-1] Deletion of Authenticated Information at the Time of Wearing The storage control unit 102 may delete the authenticated information depending on the situation even when the device itself is being worn by the user. For example, the storage control unit 102 deletes the authenticated information when a predetermined time (for example, 12 hours or 24 hours) elapses after the determination unit 101 determines that the own device is mounted. Depending on the service provided by the service providing apparatus, an expiration date for user authentication may be defined. In this modification, in such a case, by setting a predetermined time as an expiration date, it is possible to make it impossible to perform alternative authentication when the expiration date of user authentication expires and to obtain biometric authentication again.

[3-2] Notification of presence or absence of authenticated information The wearable device may notify the user whether or not the authenticated information is stored.
FIG. 7 is a diagram illustrating an example of a functional configuration of the wearable device according to the present modification. In FIG. 7, a wearable device 10 a including a notification unit 104 in addition to the units illustrated in FIG. 3 is illustrated. The notification unit 104 includes, for example, a lamp, a speaker, a motor that generates vibration, and the like, for example, when the authenticated information is stored in the storage unit 12 and deleted from the storage unit 12, light, sound, vibration, and the like. And the like are generated to notify the user that the authenticated information is stored or deleted.

  According to this modification, the user can immediately know the timing at which the authenticated information is stored in the wearable device 10 after having the first authentication device 20 read the biometric information. In comparison, the time to wait until the authenticated information is stored near the first authentication device 20 can be shortened. In addition, when performing user authentication, it can be confirmed whether alternative authentication can be performed or biometric authentication must be performed. The notification unit 104 may perform notification when the user performs a predetermined operation. Thereby, the user can confirm whether or not the authenticated information is stored in the wearable device 10a when necessary.

[3-3] Communication Unit In the embodiment, the wearable device 10 includes a communication unit that performs wireless communication conforming to NFC. However, the present invention is not limited to this, and the wireless LAN (Local Area Network) or Bluetooth (registered trademark) is not limited thereto. Communication means for performing wireless communication by infrared communication or the like may be provided. Further, instead of wireless communication, for example, a communication unit that makes contact with the first authentication device 20 or performs wired communication via a connector may be provided. In short, the wearable device 10 may include any communication means as long as it can exchange authenticated information and identification information.

In addition to the communication means (hereinafter referred to as “first communication means”) that communicates with the first authentication apparatus 20, the wearable device 10 includes communication means (hereinafter referred to as “second communication means”) that directly communicates with the second authentication apparatus 30. May be provided).
FIG. 8 is a diagram illustrating an example of a hardware configuration of the wearable device according to the present modification. FIG. 8 shows a wearable device 10b including a second communication unit 16 in addition to the units shown in FIG. The second communication unit 16 includes a communication circuit for performing wireless communication or mobile communication using a wireless LAN, and performs communication with the second authentication device 30 via the network 2 illustrated in FIG. 1, for example.

  In the example of FIG. 8, the wearable device 10 can directly exchange authenticated information with the second authentication device 30, and by doing so, the user causes the first authentication device 20 to read biometric information. After that, even if the wearable device 10 and the first authentication device 20 cannot be communicated immediately away from the first authentication device 20, the authenticated information received by the second communication means is stored in the wearable device 10. be able to.

[3-4] Function of Biometric Authentication In the embodiment, the first authentication device 20 includes the reading unit that reads the biometric information, but the wearable device may include the reading unit.
FIG. 9 is a diagram illustrating an example of a hardware configuration of the wearable device according to the present modification. In FIG. 9, a wearable device 10 c including a reading unit 17 in addition to each unit illustrated in FIG. 2 is illustrated.

  The reading unit 17 is an example of a reading unit that reads the user's biological information. For example, the reading unit 17 reads biological information such as the user's fingerprint information, voiceprint information, and retina information, and supplies the read biological information to the control unit 11. The control unit 11 may transmit the supplied biometric information to the second authentication device 30 via the first authentication device 20 by the communication unit 13, or the device itself further includes the second communication unit 16 illustrated in FIG. 8. May be directly transmitted to the second authentication device 30 via the second communication unit 16. In the latter case, the authentication system may not include the first authentication device 20.

[3-5] User Authentication In the embodiment, the user is authenticated by performing identification information authentication in addition to biometric authentication. However, the present invention is not limited to this. For example, authentication using a registered password or the like is performed, or temporary authentication is performed. Authentication may be performed using a temporary password or the like that is issued automatically (for example, the wearable device acquires the temporary password by communication, and notifies the acquired temporary password by the notification unit 104 shown in FIG. 7). If the wearable device includes the reading unit 17 illustrated in FIG. 9, the user is authenticated by two types of biometric authentication, biometric authentication by the first authentication device 20 and biometric authentication by the reading unit 17. Also good. Further, the first authentication device 20 and the reading unit 17 may perform biometric authentication of a plurality of types (for example, retina and fingerprint). In any case, it is sufficient that at least one type of authentication is performed to authenticate the user.

[3-6] Types of User Authentication According to Reliability Information Among the above-described multiple types of authentication, reliability information, that is, a type of authentication according to the level of reliability required for user authentication is used as user authentication. It may be done. In the example described in the explanation of the fifth deletion condition, when “high” is stored in the wearable device 10 among the reliability information of “high”, “medium”, and “low”, the retina Three types of authentication are performed: biometric authentication by authentication, biometric authentication by fingerprint, and authentication by password. In addition, when “medium” is stored, two types of authentication, biometric authentication by fingerprint and authentication by password, are performed, and when “low” is stored, only one type of authentication by password is performed. The authentication is performed. As the number of types of authentication increases, it becomes more difficult for user authentication by another person to be performed. Therefore, according to the present modification, the higher the reliability required for user authentication, the more difficult the user authentication by another person can be performed.

In the present modification, the wearable device may include a display unit that displays an image, and may display the level of reliability indicated by the stored reliability information, or the type of user authentication required in response thereto May be displayed. Moreover, you may make it the 1st authentication apparatus 20 display those information. As a result, the user can determine the type of user authentication required.
Note that the reliability information is not only stored in the wearable device, but may be transmitted to the wearable device by the second authentication device 30 for each user authentication, for example, or both of these storage and transmission are performed. It may be broken.

  When both storage and transmission of reliability information are performed, authentication may be performed with priority on the transmitted reliability information. For example, in a service involving exchange of money, two types of authentication are normally performed based on the reliability information “medium” stored in the wearable device, and the reliability information “high” is transmitted when the amount is large. Then, three types of authentication are performed, and when the amount is small, reliability information of “low” is transmitted and only one type of authentication is performed. As a result, storing the reliability information can eliminate the need to transmit the reliability information every time authentication is performed, and can perform authentication required by the service side when necessary.

[3-7] Alternative Authentication In the embodiment, the alternative authentication is authentication that substitutes for biometric authentication, but is not limited thereto. For example, authentication that substitutes for authentication by inputting identification information such as a user ID and password to the first authentication device 20 may be used (the first authentication device 20 uses the identification information stored in the storage unit 12). May be acquired), or may be authentication that substitutes for the authentication that inputs the temporary password described above to the first authentication device 20. In any case, the alternative authentication may be authentication based on the authenticated information and replacing other authentication. The “other authentication” here is an example of the “first authentication” in the present invention, and the alternative authentication that replaces the first authentication is an example of the “second authentication” in the present invention.

[3-8] Sharing of authenticated information The authenticated information may be shared by a plurality of services. For example, when a service provider provides services A and B (for example, a service for providing information on a website and a service for performing electronic money settlement) as a plurality of services, when the user uses the service A, When the user authentication is performed and the authenticated information is stored in the wearable device, the processing means 103 can perform the authentication even when using the service B when the authenticated information is stored in the storage unit 12. The alternative authentication process based on the completed information is performed.

  When the authenticated information is shared, the reliability information described above, that is, the high reliability required for user authentication may be different for each service. For example, service A requires two types of authentication: fingerprint authentication and password authentication, and service B requires three types of authentication: retina information authentication, fingerprint information authentication, and password authentication. is there. In this case, when the service B is used in the state where the user authentication is performed when the service A is used and the authenticated information is stored, the authentication based on the fingerprint information performed in the previous user authentication and the password are used. Alternative authentication may be performed for authentication, and alternative authentication may not be performed for authentication based on unexecuted retina information, and the user may be required to perform biometric authentication by reading the retina information.

  On the other hand, when the service A is used in a state where the user authentication when the service B is used and the authenticated information is stored, the authentication by the fingerprint information and the authentication by the password in the previous user authentication are performed. Since it has been completed, only alternative authentication may be performed. The plurality of services may be provided by different service providers. In this modification, the convenience of users who use a plurality of services can be improved compared to a case where authenticated information is not shared. In addition, when the reliability required for user authentication differs between these services, unauthenticated authentication is not used as alternative authentication, thereby improving user convenience and requiring user authentication. The higher the degree of reliability, the more difficult it is to perform user authentication by others.

[3-9] Determination Unit The determination unit 101 may perform the above determination using a plurality of determination data output from a plurality of sensors. For example, the sensor unit 15 includes a proximity sensor and an open / close sensor, and the detection results of these sensors are output as determination data. The determination unit 101 is attached to the user when both the determination data indicating the proximity of the object by the proximity sensor and the determination data indicating that the clasp is closed by the open / close sensor are output. It is determined that

By using a plurality of pieces of determination data in this way, for example, when the object is on a bracelet-type wearable device having a clasp that is not worn by the user and determination data indicating the proximity of the object is output However, if the clasp is open, it can be determined that it is not attached by the determination data from the open / close sensor. On the other hand, even if the wearable device is removed with the clasp closed, it can be determined that the wearable device is not attached by the determination data from the proximity sensor.
Note that the determination unit 101 may perform the above-described determination by transmitting determination data to an external device via the communication unit and receiving determination result data indicating a result determined by the external device. Thereby, the burden of the process which the control part of a wearable apparatus performs can be reduced.

[3-10] Deletion Conditions Used for Deletion The storage control unit 102 may delete the authenticated information using any one of the first to fifth deletion conditions described in the embodiment. The authenticated information may be deleted using a combination of two or more. The storage control unit 102 also uses parameters used for determining whether or not the deletion condition is satisfied in the third to fifth deletion conditions, that is, the type of the own device, the type of the mounting unit 14, and the determination unit. One or a plurality of deletion conditions may be used in accordance with the method of determining by 101 and the level of confidentiality of information handled by user authentication. For example, the memory control means 102 performs deletion using the first and second deletion conditions if the type of the own device is a bracelet type, a ring type, a necklace type, a glasses type, or a hat type, and a belt type, a clothing type If so, the deletion is performed using only the second deletion condition.

  The bracelet type, ring type, necklace type, glasses type, and hat type all have a short time required for attachment / detachment, so even if the first deletion condition that defines the common allowable time is used, it is convenient for the user and used by others. However, in the case of a belt type or clothes type, the time required for attachment / detachment tends to be longer than other types, the convenience for the user can be reduced by shortening the allowable time according to other types. If it is lowered and lengthened according to the type of its own device, the risk of being used by other people of other types of wearable devices increases. In this way, when a certain parameter can be used with a certain deletion condition, a disadvantage can occur. By not using the parameter with the deletion condition, the disadvantage can be prevented.

[3-11] Deletion Condition In the embodiment, in any of the deletion conditions, an allowable time (a time during which the authenticated information is not deleted even if the wearable apparatus is not worn by the user) and a detachment determination count (a wearable apparatus) However, the present invention is not limited to this. For example, a pressure sensor is provided on the outer peripheral side of a ring-type wearable device, and pressure is applied from the pressure sensor after the storage control means 102 determines that the determination means 101 is not attached. If the detection result indicating no longer is output, it may be determined that the deletion condition is satisfied and the authenticated information may be deleted.

  In this case, if the user holds the outer peripheral side of the wearable device, removes it from the finger, wipes the wearable device while holding the outer peripheral side, and fits the finger again, the deleted information is not satisfied and the authenticated information is continuously stored. Become. It should be noted that, even with other types of wearable devices such as glasses, the same deletion condition can be used by providing a pressure sensor in a place where the user is likely to grip when the wearable device is removed. In this way, even if the physical quantity that can determine whether or not the user continues to have the wearable device is detected by the sensor, the storage control unit 102 determines that the deletion condition is satisfied when the physical quantity is no longer detected. Good.

  In addition, in a wearable device provided with an open / close sensor that detects whether or not a hinge of a spectacle is folded, for example, after the storage control unit 102 determines that the wearing is not performed by the determination unit 101 When the detection result indicating that the hinge is folded is output by the open / close sensor, it may be determined that the deletion condition is satisfied and the authenticated information may be deleted. In this case, even if the user removes the wearable device from the head, if the hinge is not folded, the deletion condition is not satisfied and the authenticated information is continuously stored. The hinges of the glasses are easy to fold when closing the glasses.

  In this way, the sensor detects a physical quantity that can determine whether or not the wearable device has been brought into a state, and the storage control unit 102 determines that the deletion condition is satisfied when the physical quantity is detected. Also good. Examples of such physical quantities include, for example, light quantity detected by an optical sensor (when the light quantity is 0, it can be judged that the box or chase has been completed), and bending sensors whose resistance values change when bent are provided at several places on the belt. Curvature values indicating the curvatures of a plurality of places that are output in the case of any of them (when any curvature value exceeds a threshold value, it can be determined that it has been wound several times).

  Alternatively, pressure sensors may be provided at the upper and lower portions of the lens, and it may be determined that the deletion condition has been satisfied when the pressure sensor outputs a detection result indicating that pressure has been applied. In this case, the deletion condition is not satisfied if the wearable device is mounted or if the lens has a portion other than the top and bottom of the lens (where the pressure sensor is provided). However, if the wearable device is placed on a desk, the pressure sensor Pressure is applied to satisfy the deletion condition. In this way, a physical quantity that can determine whether the wearable device is placed on a desk or the like is detected by a sensor, and the storage control unit 102 determines that the deletion condition is satisfied when the physical quantity is detected. Also good.

  Also, a temperature sensor and a sweat sensor are provided where the finger touches when the wearable device is held, and the deletion condition is satisfied when the memory control means 102 changes the body temperature and the sweat component detected therefrom. You may decide that Since it is extremely unlikely that the body temperature and sweat components match between the user and the other person, the deletion condition is satisfied in this case when the wearable device is handed over to the other person. In this way, even when the wearable device detects a physical quantity that can be determined whether or not the user has passed it to another person, the sensor detects the physical quantity, and the storage control unit 102 determines that the deletion condition is satisfied when the physical quantity is detected. Good. In this case, the accuracy of the determination can be improved as the types of physical quantities used for the determination are increased.

  In addition, for example, a pressure sensor is provided on the inner peripheral side of a ring-type or bracelet-type wearable device, and the pressure value output by the pressure sensor when the user wears the wearable device is stored, and storage control is performed. The means 102 may determine that the deletion condition is satisfied when a pressure having a different value is detected. In this case, when the wearable device is worn by another person whose finger or wrist has a different thickness, the deletion condition is satisfied and the authenticated information is deleted. In addition, not only a pressure sensor but the temperature sensor, sweat sensor, bending sensor, etc. which were mentioned above may be used together, and the difference between a user and others may be judged. In this way, the physical quantity that can determine whether or not the person wearing the wearable device is a user is detected by the sensor, and the storage control means 102 is worn by another person who is not the user, based on the physical quantity. May be determined that the deletion condition is satisfied.

[3-12] Category of Invention The present invention can be understood as a wearable device and an authentication system including the wearable device. The present invention can also be understood as an authentication method for realizing processing performed by the wearable device, the first authentication device, and the second authentication device. The process here is, for example, the user authentication process shown in FIG. The present invention can also be understood as a program for causing a computer such as a wearable device to function as each unit shown in FIG. This program may be provided in the form of a recording medium such as an optical disk storing the program, or may be provided in the form of being downloaded to a computer via a network such as the Internet, and making it available for installation. You may do.

DESCRIPTION OF SYMBOLS 1 ... Authentication system, 2 ... Network, 10 ... Wearable apparatus, 20 ... 1st authentication apparatus, 30 ... 2nd authentication apparatus, 11 ... Control part, 12 ... Memory | storage part, 13 ... Communication part, 14 ... Mounting part, 15 ... Sensor unit 16 ... second communication unit 17 ... reading unit 101 ... determination unit 102 ... storage control unit 103 ... processing unit 104 ... notification unit

Claims (10)

Storage means for storing information;
Wearing means for causing the user to wear the device;
Determining means for determining whether the user apparatus is attached to the user by the attaching means ;
When it is determined that the user's own device is attached to the user, authenticated information indicating that the first authentication of the user has been completed is stored in the storage means, and the user's device is not attached. If the determination that the device is mounted and the determination that the device is not mounted are repeated more than a predetermined number of times before the predetermined time elapses after the determination, the authenticated information is stored from the storage means. Storage control means to be deleted;
A wearable device comprising: processing means for performing processing for performing second authentication instead of the first authentication based on the authenticated information when the authenticated information is stored in the storage means. Storage means for storing information;
Wearing means for causing the user to wear the device;
Determining means for determining whether the user apparatus is attached to the user by the attaching means ;
When it is determined that the user's own device is attached to the user, authenticated information indicating that the first authentication of the user has been completed is stored in the storage means, and the user's device is not attached. Delete the authenticated information from the storage unit when it is determined and a deletion condition for deleting the authenticated information is satisfied depending on the type of the device or the mounting unit. Storage control means for
A wearable device comprising: processing means for performing processing for performing second authentication instead of the first authentication based on the authenticated information when the authenticated information is stored in the storage means. Storage means for storing information;
Wearing means for causing the user to wear the device;
Determining means for determining whether the user apparatus is attached to the user by the attaching means ;
When it is determined that the user's own device is attached to the user, authenticated information indicating that the first authentication of the user has been completed is stored in the storage means, and the user's device is not attached. When it is determined that it has not been determined, and the deletion condition for deleting the authenticated information is different depending on the method by which the determination unit performs the determination, from the storage unit Storage control means for deleting the authenticated information;
A wearable device comprising: processing means for performing processing for performing second authentication instead of the first authentication based on the authenticated information when the authenticated information is stored in the storage means. Storage means for storing information;
Wearing means for causing the user to wear the device;
Determining means for determining whether the user apparatus is attached to the user by the attaching means ;
When it is determined that the user's own device is attached to the user, authenticated information indicating that the first authentication of the user has been completed is stored in the storage means, and the user's device is not attached. When it is determined that the determination is not made and the deletion condition for deleting the authenticated information is different depending on the reliability required for the first authentication, Storage control means for deleting the authenticated information from the storage means;
A wearable device comprising: processing means for performing processing for performing second authentication instead of the first authentication based on the authenticated information when the authenticated information is stored in the storage means. Storage means for storing information;
Wearing means for causing the user to wear the device;
Determining means for determining whether the user apparatus is attached to the user by the attaching means ;
When it is determined that the user's own device is attached to the user, authenticated information indicating that the first authentication of the user has been completed is stored in the storage means, and the user's device is not attached. When it is determined that it has not been determined, and when a deletion condition for deleting the authenticated information is satisfied, and when a predetermined time has elapsed since it was determined that the device is mounted , Storage control means for deleting the authenticated information from the storage means;
A wearable device comprising: processing means for performing processing for performing second authentication instead of the first authentication based on the authenticated information when the authenticated information is stored in the storage means. A determination step of determining whether or not the wearable device including a storage unit that stores information and a mounting unit that causes the user to mount the device is determined by the mounting unit;
The wearable device, if the self apparatus is a state that is determined to be attached to the user, a first authenticated information indicating that authentication after completion of the user is stored in the storage means, the device itself When the determination that the device is mounted and the determination that the device is not mounted are repeated more than a predetermined number of times after a predetermined time elapses after it is determined that the device is not mounted , from the storage unit A storage control step for deleting the authenticated information;
A process step of performing a process for causing the wearable device to perform a second authentication based on the authenticated information and substituting the first authentication when the authenticated information is stored in the storage unit; An authentication method provided. A determination step of determining whether or not the wearable device including a storage unit that stores information and a mounting unit that causes the user to mount the device is determined by the mounting unit;
The wearable device, if the self apparatus is a state that is determined to be attached to the user, a first authenticated information indicating that authentication after completion of the user is stored in the storage means, the device itself When it is determined that the device is not mounted and a deletion condition for deleting the authenticated information is satisfied depending on the type of the own device or the mounting unit , the storage unit A storage control step for deleting the authenticated information;
A process step of performing a process for causing the wearable device to perform a second authentication based on the authenticated information and substituting the first authentication when the authenticated information is stored in the storage unit; An authentication method provided. A determination step of determining whether or not the wearable device including a storage unit that stores information and a mounting unit that causes the user to mount the device is determined by the mounting unit;
The wearable device, if the self apparatus is a state that is determined to be attached to the user, a first authenticated information indicating that authentication after completion of the user is stored in the storage means, the device itself When it is determined that it is not determined that it is not attached, and the deletion condition for deleting the authenticated information is different depending on the determination method in the determination step , A storage control step of deleting the authenticated information from the storage means;
A process step of performing a process for causing the wearable device to perform a second authentication based on the authenticated information and substituting the first authentication when the authenticated information is stored in the storage unit; An authentication method provided. A determination step of determining whether or not the wearable device including a storage unit that stores information and a mounting unit that causes the user to mount the device is determined by the mounting unit;
The wearable device, if the self apparatus is a state that is determined to be attached to the user, a first authenticated information indicating that authentication after completion of the user is stored in the storage means, the device itself It is determined that it is not determined that it is not attached, and a deletion condition for deleting the authenticated information is satisfied depending on the high reliability required for the first authentication. A storage control step for deleting the authenticated information from the storage means,
A process step of performing a process for causing the wearable device to perform a second authentication based on the authenticated information and substituting the first authentication when the authenticated information is stored in the storage unit; An authentication method provided. A determination step of determining whether or not the wearable device including a storage unit that stores information and a mounting unit that causes the user to mount the device is determined by the mounting unit;
The wearable device, if the self apparatus is a state that is determined to be attached to the user, a first authenticated information indicating that authentication after completion of the user is stored in the storage means, the device itself When it is determined that it is not determined that the device is not mounted and the deletion condition for deleting the authenticated information is satisfied, and a predetermined time has elapsed since it is determined that the device is mounted And a storage control step for deleting the authenticated information from the storage means,
A process step of performing a process for causing the wearable device to perform a second authentication based on the authenticated information and substituting the first authentication when the authenticated information is stored in the storage unit; An authentication method provided.

Images